From 0b740bc85b4c99a8dfba9247617d35094d0fcbad Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 18 Jan 2023 17:02:52 +0800 Subject: [PATCH 0001/1674] TLS 1.3: SRV: Check ticket_flags in kex mode determination When determining the key exchange mode, ticket_flags should be checked so that the server won't select the kex mode that is forbidden from session ticket. Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index ef90f69a2..26ef0f915 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -980,6 +980,16 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_check_psk_key_exchange(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + if (ssl->handshake->resume) { + if (!mbedtls_ssl_session_get_ticket_flags( + ssl->session_negotiate, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK)) { + return 0; + } + } +#endif + return mbedtls_ssl_conf_tls13_psk_enabled(ssl) && mbedtls_ssl_tls13_psk_enabled(ssl) && ssl_tls13_client_hello_has_exts_for_psk_key_exchange(ssl); @@ -993,6 +1003,16 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_check_psk_ephemeral_key_exchange(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + if (ssl->handshake->resume) { + if (!mbedtls_ssl_session_get_ticket_flags( + ssl->session_negotiate, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL)) { + return 0; + } + } +#endif + return mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(ssl) && mbedtls_ssl_tls13_psk_ephemeral_enabled(ssl) && ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange(ssl); From f8e50a9607f4ad0236424495a98aee9e84bb4c3e Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 18 Jan 2023 17:07:19 +0800 Subject: [PATCH 0002/1674] TLS 1.3: SRV: Validate kex modes when parsing psk On resumption, after the psk identity is matched, we should check if psk and/or psk_ephemeral, which are allowed by session ticket, are valid to be selected. Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 30 ++++++++++++++++++++++-------- 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 26ef0f915..858a7a364 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -104,6 +104,10 @@ static int ssl_tls13_parse_key_exchange_modes_ext(mbedtls_ssl_context *ssl, #define SSL_TLS1_3_OFFERED_PSK_MATCH 0 #if defined(MBEDTLS_SSL_SESSION_TICKETS) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_check_psk_key_exchange(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_check_psk_ephemeral_key_exchange(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_offered_psks_check_identity_match_ticket( @@ -115,6 +119,8 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *ticket_buffer; + unsigned int ticket_flags; + unsigned int key_exchanges; #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t now; uint64_t age_in_s; @@ -169,14 +175,22 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( * * We regard the ticket with incompatible key exchange modes as not match. */ - ret = MBEDTLS_ERR_ERROR_GENERIC_ERROR; - MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, - session->ticket_flags); - if (mbedtls_ssl_tls13_check_kex_modes( - ssl, - mbedtls_ssl_session_get_ticket_flags( - session, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL))) { + MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags); + ticket_flags = mbedtls_ssl_session_get_ticket_flags( + session, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); + + key_exchanges = 0; + if ((ticket_flags & MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION) && + ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) { + key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; + } + if ((ticket_flags & MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION) && + ssl_tls13_check_psk_key_exchange(ssl)) { + key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; + } + + if (key_exchanges == 0) { + ret = MBEDTLS_ERR_ERROR_GENERIC_ERROR; MBEDTLS_SSL_DEBUG_MSG(3, ("No suitable key exchange mode")); goto exit; } From dadeb20383956f6b8654fce1501ab2d572f09058 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 18 Jan 2023 17:32:34 +0800 Subject: [PATCH 0003/1674] TLS 1.3: SRV: Don't select ephemeral mode on resumption Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 858a7a364..90869d6c3 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -982,7 +982,8 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_check_ephemeral_key_exchange(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) - return mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl) && + return !ssl->handshake->resume && + mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl) && ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange(ssl); #else ((void) ssl); From 1cc613476891740fb8e497f15f65b11e2d53aada Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 17 Jan 2023 12:14:58 +0800 Subject: [PATCH 0004/1674] Add addition options to detect the correct kex mode Signed-off-by: Pengyu Lv --- tests/opt-testcases/tls13-misc.sh | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index 821a37bf3..ab45a39ff 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -349,7 +349,8 @@ run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk." \ 0 \ -c "Pre-configured PSK number = 1" \ -S "No suitable key exchange mode" \ - -s "found matched identity" + -s "found matched identity" \ + -s "key exchange mode: psk$" requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ @@ -377,7 +378,8 @@ run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk_all." \ 0 \ -c "Pre-configured PSK number = 1" \ -S "No suitable key exchange mode" \ - -s "found matched identity" + -s "found matched identity" \ + -s "key exchange mode: psk$" requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ @@ -421,7 +423,8 @@ run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk_ephemera 0 \ -c "Pre-configured PSK number = 1" \ -S "No suitable key exchange mode" \ - -s "found matched identity" + -s "found matched identity" \ + -s "key exchange mode: psk_ephemeral" requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ @@ -433,7 +436,8 @@ run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_ephemeral/psk_all." \ 0 \ -c "Pre-configured PSK number = 1" \ -S "No suitable key exchange mode" \ - -s "found matched identity" + -s "found matched identity" \ + -s "key exchange mode: psk_ephemeral" requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ @@ -463,7 +467,8 @@ run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk." \ 0 \ -c "Pre-configured PSK number = 1" \ -S "No suitable key exchange mode" \ - -s "found matched identity" + -s "found matched identity" \ + -s "key exchange mode: psk$" requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ @@ -476,7 +481,8 @@ run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_ephemeral." \ 0 \ -c "Pre-configured PSK number = 1" \ -S "No suitable key exchange mode" \ - -s "found matched identity" + -s "found matched identity" \ + -s "key exchange mode: psk_ephemeral" requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ @@ -489,5 +495,6 @@ run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_all." \ 0 \ -c "Pre-configured PSK number = 1" \ -S "No suitable key exchange mode" \ - -s "found matched identity" + -s "found matched identity" \ + -s "key exchange mode: psk_ephemeral" From 766796839b91defb7e362565876bd2845a98425c Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 2 Feb 2023 15:04:27 +0800 Subject: [PATCH 0005/1674] Revert "TLS 1.3: SRV: Validate kex modes when parsing psk" This reverts commit f8e50a9607f4ad0236424495a98aee9e84bb4c3e. Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 30 ++++++++---------------------- 1 file changed, 8 insertions(+), 22 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 90869d6c3..6f8973e73 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -104,10 +104,6 @@ static int ssl_tls13_parse_key_exchange_modes_ext(mbedtls_ssl_context *ssl, #define SSL_TLS1_3_OFFERED_PSK_MATCH 0 #if defined(MBEDTLS_SSL_SESSION_TICKETS) -MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_check_psk_key_exchange(mbedtls_ssl_context *ssl); -MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_check_psk_ephemeral_key_exchange(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_offered_psks_check_identity_match_ticket( @@ -119,8 +115,6 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *ticket_buffer; - unsigned int ticket_flags; - unsigned int key_exchanges; #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t now; uint64_t age_in_s; @@ -175,22 +169,14 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( * * We regard the ticket with incompatible key exchange modes as not match. */ - MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags); - ticket_flags = mbedtls_ssl_session_get_ticket_flags( - session, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); - - key_exchanges = 0; - if ((ticket_flags & MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION) && - ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) { - key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; - } - if ((ticket_flags & MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION) && - ssl_tls13_check_psk_key_exchange(ssl)) { - key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; - } - - if (key_exchanges == 0) { - ret = MBEDTLS_ERR_ERROR_GENERIC_ERROR; + ret = MBEDTLS_ERR_ERROR_GENERIC_ERROR; + MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, + session->ticket_flags); + if (mbedtls_ssl_tls13_check_kex_modes( + ssl, + mbedtls_ssl_session_get_ticket_flags( + session, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL))) { MBEDTLS_SSL_DEBUG_MSG(3, ("No suitable key exchange mode")); goto exit; } From 306a01da4d69e6462c84fa54077b33702a95d84e Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 2 Feb 2023 16:35:47 +0800 Subject: [PATCH 0006/1674] refactor: move ticket_flags check into a function Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 48 +++++++++++++++++++++----------------- 1 file changed, 26 insertions(+), 22 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 6f8973e73..f82393303 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -964,6 +964,26 @@ static int ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange( } #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED */ +#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_check_psk_mode_allowed_by_ticket(mbedtls_ssl_context *ssl, + unsigned int kex_mode) +{ +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + if (ssl->handshake->resume) { + if (!mbedtls_ssl_session_get_ticket_flags( + ssl->session_negotiate, kex_mode)) { + return 0; + } + } +#else + ((void) ssl); + ((void) kex_mode); +#endif + return 1; +} +#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */ + MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_check_ephemeral_key_exchange(mbedtls_ssl_context *ssl) { @@ -981,17 +1001,9 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_check_psk_key_exchange(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - if (ssl->handshake->resume) { - if (!mbedtls_ssl_session_get_ticket_flags( - ssl->session_negotiate, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK)) { - return 0; - } - } -#endif - - return mbedtls_ssl_conf_tls13_psk_enabled(ssl) && + return ssl_tls13_check_psk_mode_allowed_by_ticket( + ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK) && + mbedtls_ssl_conf_tls13_psk_enabled(ssl) && mbedtls_ssl_tls13_psk_enabled(ssl) && ssl_tls13_client_hello_has_exts_for_psk_key_exchange(ssl); #else @@ -1004,17 +1016,9 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_check_psk_ephemeral_key_exchange(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - if (ssl->handshake->resume) { - if (!mbedtls_ssl_session_get_ticket_flags( - ssl->session_negotiate, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL)) { - return 0; - } - } -#endif - - return mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(ssl) && + return ssl_tls13_check_psk_mode_allowed_by_ticket( + ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL) && + mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(ssl) && mbedtls_ssl_tls13_psk_ephemeral_enabled(ssl) && ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange(ssl); #else From 52ad33304019dad602ea78c23bb7e7a5d0404764 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 14 Feb 2023 14:32:37 +0800 Subject: [PATCH 0007/1674] simplify helper function name Rename ssl_tls13_check_psk_mode_allowed_by_ticket to ssl_tls13_ticket_permission_check Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index f82393303..7bf32c689 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -966,8 +966,8 @@ static int ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange( #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_check_psk_mode_allowed_by_ticket(mbedtls_ssl_context *ssl, - unsigned int kex_mode) +static int ssl_tls13_ticket_permission_check(mbedtls_ssl_context *ssl, + unsigned int kex_mode) { #if defined(MBEDTLS_SSL_SESSION_TICKETS) if (ssl->handshake->resume) { @@ -1001,7 +1001,7 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_check_psk_key_exchange(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) - return ssl_tls13_check_psk_mode_allowed_by_ticket( + return ssl_tls13_ticket_permission_check( ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK) && mbedtls_ssl_conf_tls13_psk_enabled(ssl) && mbedtls_ssl_tls13_psk_enabled(ssl) && @@ -1016,7 +1016,7 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_check_psk_ephemeral_key_exchange(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) - return ssl_tls13_check_psk_mode_allowed_by_ticket( + return ssl_tls13_ticket_permission_check( ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL) && mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(ssl) && mbedtls_ssl_tls13_psk_ephemeral_enabled(ssl) && From 5ad8ca2a5fb0769409aa47b8c9c5b781c83e7444 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Jun 2023 19:49:18 +0200 Subject: [PATCH 0008/1674] Legacy-to-PSA transition guide Covers most modules, but missing most of ecp, ecdh and dhm. Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 1059 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1059 insertions(+) create mode 100644 docs/psa-transition.md diff --git a/docs/psa-transition.md b/docs/psa-transition.md new file mode 100644 index 000000000..24facffa6 --- /dev/null +++ b/docs/psa-transition.md @@ -0,0 +1,1059 @@ +# Transitioning to the PSA API + +> I have code written for `mbedtls_` cryptography APIs. How do I migrate to `psa_` APIs? + +## Introduction + +Mbed TLS is gradually moving from legacy `mbedtls_xxx` APIs to newer `psa_xxx` APIs for cryptography. Note that this only concerns cryptography APIs, not X.509 or SSL/TLS APIs. + +This guide is intended to help migrate existing applications that use Mbed TLS for cryptography. It aims to cover common use cases, but cannot cover all possible scenarios. + +### Suggested reading + +This document is long, but you probably don't need to read all of it. You should start with the following sections: + +1. [Where can I find documentation?](#where-can-i-find-documentation) +2. [General considerations](#general-considerations) + +Then use the [summary of API modules](#summary-of-api-modules), the table of contents or a text search to locate the sections that interest you, based on what legacy interfaces your code is currently using. + +### Where can I find documentation? + +**Tutorial**: See the [getting started guide](https://mbed-tls.readthedocs.io/en/latest/getting_started/psa/). + +**Reference**: The [PSA Crypto API specification](https://arm-software.github.io/psa-api/crypto/) is available online. Mbed TLS implements a large subset of the specification which is documented in the [`psa/crypto*.h` headers](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto_8h/). + +### Additional resources + +* [Mbed TLS open issues](https://github.com/Mbed-TLS/mbedtls/issues) +* [PSA API open issues](https://github.com/ARM-software/psa-api/issues) (not just cryptography APIs) +* [Mbed TLS mailing list](https://lists.trustedfirmware.org/mailman3/lists/mbed-tls.lists.trustedfirmware.org/) + +### Why change the API? + +* Mbed TLS APIs are traditionally very transparent: the caller can access internal fields of operations. This is less true in the 3.x major version than before, but still the case to some extent. This offers applications some flexibility, but it removes flexibility from the implementation. For example, it is hard to support hardware acceleration, because the API constrains how the data must be represented. PSA APIs were designed to be more opaque, giving more freedom to the implementation. +* Mbed TLS legacy APIs require key material to be present in the application memory. The PSA Crypto API natively supports operations on keys stored in an external [location](https://arm-software.github.io/psa-api/crypto/1.1/api/keys/lifetimes.html#c.psa_key_location_t) (secure enclave, secure element, HSM, etc.). +* PSA APIs have [consistent conventions ](https://arm-software.github.io/psa-api/crypto/1.1/overview/conventions.html#parameter-conventions) which many legacy APIs in Mbed TLS do not follow. For example, many legacy cryptography functions require the caller to know how large an output buffer needs to be based on the selected algorithm, whereas in the PSA API, all buffer arguments have a well-defined size and those sizes are checked. +* Mbed TLS legacy APIs require passing around a random generator argument where needed. This has historically been problematic with functions that were created without a RNG argument but later needed one as part of a security countermeasure. The PSA crypto subsystem maintains a global random generator, resolving this problem. + +### Migration timeline + +* Mbed TLS 2.15.0 (Nov 2018): first release with a draft implementation of the PSA API. +* Mbed TLS 2.18.0 (Jun 2019): The PSA API is available in the default build. +* Mbed TLS 3.1.0 (Dec 2021): TLS 1.3 support is the first major feature that requires the PSA API. +* Mbed TLS 4.0.0 (2024?): X.509 and TLS require the PSA API. Removal of some legacy crypto APIs. +* Mbed TLS 5.0.0 (??): Removal of the remaining non-PSA crypto APIs. + +## General considerations + +### Configuration of the PSA subsystem + +To make the PSA API available, make sure that the configuration option [`MBEDTLS_PSA_CRYPTO_C`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#c.MBEDTLS_PSA_CRYPTO_C) is enabled (it is enabled in the default configuration). + +You should probably enable [`MBEDTLS_USE_PSA_CRYPTO`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#mbedtls__config_8h_1a70fd7b97d5f11170546583f2095942a6) as well (it is disabled by default). This option causes the PK, X.509 and TLS modules to use PSA crypto under the hood. Some functions that facilitate the transition are only available when `MBEDTLS_USE_PSA_CRYPTO` is enabled. + +By default, the PSA crypto API offers a similar set of cryptographic mechanisms as those offered by the legacy API. The PSA crypto API also has its own configuration mechanism; see “[Cryptographic mechanism availability](#cryptographic-mechanism-availability)”. + +### Header files + +Applications only need to include a single header file: +``` +#include +``` + +### General application layout + +Before any cryptographic operation, call [`psa_crypto_init`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__initialization/#group__initialization_1ga2de150803fc2f7dc6101d5af7e921dd9) and check that it succeeds. (A failure indicates an abnormal system state from which most applications cannot recover.) + +If you wish to free all resources associated with PSA cryptography, call [`mbedtls_psa_crypto_free`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__extra_8h/#_CPPv423mbedtls_psa_crypto_freev). + +The PSA subsystem has an internal random generator. As a consequence, you do not need to instantiate one manually (no need to create an `mbedtls_entropy_context` and a `mbedtls_xxx_drbg_context`). + +### Error codes + +Mbed TLS functions return a status of type `int`: 0 for success (or, occasionally, a positive value which is the output length), or a negative value `MBEDTLS_ERR_xxx` indicating an error. + +PSA functions return a status of type [`psa_status_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__error/#group__error_1ga05676e70ba5c6a7565aff3c36677c1f9): `PSA_SUCCESS == 0` for success, or a negative value [`PSA_ERROR_xxx`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__error/) indicating an error. + +## Summary of API modules + +| Header | Function prefix | PSA equivalent | +| ------ | --------------- | -------------- | +| `aes.h` | `mbedtls_aes_` | [Symmetric encryption](#symmetric-encryption) | +| `aria.h` | `mbedtls_aria_` | [Symmetric encryption](#symmetric-encryption) | +| `asn1.h` | `mbedtls_asn1_` | No change (not a crypto API) | +| `asn1write.h` | `mbedtls_asn1write_` | No change (not a crypto API) | +| `base64.h` | `mbedtls_base64_` | [PK format support interfaces](#pk-format-support-interfaces) | +| `bignum.h` | `mbedtls_bignum_` | None (no low-level arithmetic) | +| `build_info.h` | `MBEDTLS_` | No change (not a crypto API) | +| `camellia.h` | `mbedtls_camellia_` | [Symmetric encryption](#symmetric-encryption) | +| `ccm.h` | `mbedtls_ccm_` | [Symmetric encryption](#symmetric-encryption), [Authenticated cipher operations](#authenticated-cipher-operations) | +| `chacha20.h` | `mbedtls_chacha20_` | [Symmetric encryption](#symmetric-encryption) | +| `chachapoly.h` | `mbedtls_chachapoly_` | [Symmetric encryption](#symmetric-encryption) | +| `check_config.h` | N/A | No public APIs (internal support header) | +| `cipher.h` | `mbedtls_cipher_` | [Symmetric encryption](#symmetric-encryption) | +| `cmac.h` | `mbedtls_cmac_` | [Hashes and MAC](#hashes-and-mac), [MAC calculation](#mac-calculation) | +| `compat-2.x.h` | various | None (transitional APIs) | +| `config_psa.h` | N/A | No public APIs (internal support header) | +| `constant_time.h` | `mbedtls_constant_time_` | [Constant-time functions](#constant-time-functions) | +| `ctr_drbg.h` | `mbedtls_ctr_drbg_` | [Random generation interface](#random-generation-interface), [Deterministic pseudorandom generation](#deterministic-pseudorandom-generation) | +| `debug.h` | `mbedtls_debug_` | No change (not a crypto API) | +| `des.h` | `mbedtls_des_` | [Symmetric encryption](#symmetric-encryption) | +| `dhm.h` | `mbedtls_dhm_` | [Asymmetric cryptography](#asymmetric-cryptography) | +| `ecdh.h` | `mbedtls_ecdh_` | [Asymmetric cryptography](#asymmetric-cryptography) | +| `ecdsa.h` | `mbedtls_ecdsa_` | [Asymmetric cryptography](#asymmetric-cryptography) | +| `ecjpake.h` | `mbedtls_ecjpake_` | [EC-JPAKE](#ec-jpake) | +| `ecp.h` | `mbedtls_ecp_` | [Asymmetric cryptography](#asymmetric-cryptography) | +| `entropy.h` | `mbedtls_entropy_` | [Random generation interface](#random-generation-interface), [Entropy sources](#entropy-sources) | +| `error.h` | `mbedtls_error_` | [Error messages](#error-messages) | +| `gcm.h` | `mbedtls_gcm_` | [Symmetric encryption](#symmetric-encryption), [Authenticated cipher operations](#authenticated-cipher-operations) | +| `hkdf.h` | `mbedtls_hkdf_` | [HKDF](#hkdf) | +| `hmac_drbg.h` | `mbedtls_hmac_drbg_` | [Random generation interface](#random-generation-interface), [Deterministic pseudorandom generation](#deterministic-pseudorandom-generation) | +| `lms.h` | `mbedtls_lms_` | No migration path yet | +| `mbedtls_config.h` | `MBEDTLS_` | [Compile-time configuration](#compile-time-configuration) | +| `md.h` | `mbedtls_md_` | [Hashes and MAC](#hashes-and-mac) | +| `md5.h` | `mbedtls_md5_` | [Hashes and MAC](#hashes-and-mac) | +| `memory_buffer_alloc.h` | `mbedtls_memory_buffer_alloc_` | No change (not a crypto API) | +| `net_sockets.h` | `mbedtls_net_` | No change (not a crypto API) | +| `nist_kw.h` | `mbedtls_nist_kw_` | No migration path yet | +| `oid.h` | `mbedtls_oid_` | [PK format support interfaces](#pk-format-support-interfaces) | +| `pem.h` | `mbedtls_pem_` | [PK format support interfaces](#pk-format-support-interfaces) | +| `pk.h` | `mbedtls_pk_` | [Asymmetric cryptography](#asymmetric-cryptography) | +| `pkcs5.h` | `mbedtls_pkcs5_` | [PKCS#5 module](#pkcs5-module) | +| `pkcs7.h` | `mbedtls_pkcs7_` | No change (not a crypto API) | +| `pkcs12.h` | `mbedtls_pkcs12_` | [PKCS#12 module](#pkcs12-module) | +| `platform.h` | `mbedtls_platform_` | No change (not a crypto API) | +| `platform_time.h` | `mbedtls_platform_time_` | No change (not a crypto API) | +| `platform_util.h` | `mbedtls_platform_util_` | No change (not a crypto API) | +| `poly1305.h` | `mbedtls_poly1305_` | None (but there is Chacha20-Poly1305 [AEAD](#symmetric-encryption)) | +| `private_access.h` | N/A | No public APIs (internal support header) | +| `psa_util.h` | `mbedtls_psa_` | No public APIs (internal support header) | +| `ripemd160.h` | `mbedtls_ripemd160_` | [Hashes and MAC](#hashes-and-mac) | +| `rsa.h` | `mbedtls_rsa_` | [Asymmetric cryptography](#asymmetric-cryptography) | +| `sha1.h` | `mbedtls_sha1_` | [Hashes and MAC](#hashes-and-mac) | +| `sha3.h` | `mbedtls_sha3_` | [Hashes and MAC](#hashes-and-mac) | +| `sha256.h` | `mbedtls_sha256_` | [Hashes and MAC](#hashes-and-mac) | +| `sha512.h` | `mbedtls_sha512_` | [Hashes and MAC](#hashes-and-mac) | +| `ssl.h` | `mbedtls_ssl_` | No change (not a crypto API) | +| `ssl_cache.h` | `mbedtls_ssl_cache_` | No change (not a crypto API) | +| `ssl_ciphersuites.h` | `mbedtls_ssl_ciphersuites_` | No change (not a crypto API) | +| `ssl_cookie.h` | `mbedtls_ssl_cookie_` | No change (not a crypto API) | +| `ssl_ticket.h` | `mbedtls_ssl_ticket_` | No change (not a crypto API) | +| `threading.h` | `mbedtls_threading_` | No change (not a crypto API) | +| `timing.h` | `mbedtls_timing_` | No change (not a crypto API) | +| `version.h` | `mbedtls_version_` | No change (not a crypto API) | +| `x509.h` | `mbedtls_x509` | No change (not a crypto API) | +| `x509_crl.h` | `mbedtls_x509` | No change (not a crypto API) | +| `x509_crt.h` | `mbedtls_x509` | No change (not a crypto API) | +| `x509_csr.h` | `mbedtls_x509` | No change (not a crypto API) | + +## Compile-time configuration + +### Cryptographic mechanism availability + +**This section only applies if `MBEDTLS_PSA_CRYPTO_CONFIG` is enabled.** This option is disabled in the default configuration. + +When the configuration option [`MBEDTLS_PSA_CRYPTO_CONFIG`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#mbedtls__config_8h_1a5aca5ddcffb586acad82f9aef26db056) is enabled, the cryptographic mechanisms available through the PSA API are determined by the contents of the header file `"psa/crypto_config.h"`. You can override the file location with the macro [`MBEDTLS_PSA_CRYPTO_CONFIG_FILE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#mbedtls__config_8h_1a25f7e358caa101570cb9519705c2b873), and you can set [`MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#mbedtls__config_8h_1abd1870cc0d2681183a3018a7247cb137) to the path of an additional file (similar to `MBEDTLS_CONFIG_FILE` and `MBEDTLS_USER_CONFIG_FILE` for legacy configuration symbols). + +The availability of cryptographic mechanisms in the PSA API is based on a systematic pattern: + +* To make `PSA_ALG_aaa` available, enable `PSA_WANT_ALG_aaa`. + For parametrized algorithms, there is a `PSA_WANT_` symbols both for the main macro and for each argument. For example, to make `PSA_ALG_HMAC(PSA_ALG_SHA_256)` available, enable both `PSA_WANT_ALG_HMAC` and `PSA_WANT_ALG_SHA_256`. + +* To make `PSA_KEY_TYPE_ttt` available, enable `PSA_WANT_KEY_TYPE_ttt`. + + As an exception, starting in Mbed TLS 3.5.0, for key pair types, the feature selection is more fine-grained, with an additional suffix: + * `PSA_KEY_TYPE_xxx_USE` enables support for operations with a key of that type (for enabled algorithms). This is automatically enabled if any key creation method (`IMPORT`, `GENERATE` or `DERIVE`) is enabled. + * `PSA_KEY_TYPE_xxx_IMPORT` enables support for `psa_import_key` to import a key of that type. + * `PSA_KEY_TYPE_xxx_GENERATE` enables support for `psa_generate_key` to randomly generate a key of that type. + * `PSA_KEY_TYPE_xxx_DERIVE` enables support for `psa_key_derivation_output_key` to deterministically derive a key of that type. + * `PSA_KEY_TYPE_xxx_EXPORT` enables support for `psa_export_key` to export a key of that type. + + Enabling any support for a key pair type automatically enables support for the corresponding public key type, as well as support for `psa_export_public_key` on the private key. + +* To make `PSA_ECC_FAMILY_fff` available for size sss, enable `PSA_WANT_ECC_fff_sss`. + +Note that all `PSA_WANT_xxx` symbols must be set to a nonzero value. In particular, setting `PSA_WANT_xxx` to an empty value may not be handled consistently. + +For example, the following configuration enables hashing with SHA-256, AEAD with AES-GCM, signature with deterministic ECDSA using SHA-256 on the curve secp256r1 using a randomly generated key as well as the corresponding verification, and ECDH key exchange on secp256r1 and Curve25519. + +``` +#define PSA_WANT_ALG_SHA_256 1 + +#define PSA_WANT_KEY_TYPE_AES 1 +#define PSA_WANT_ALG_GCM 1 + +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 +// ^^ In Mbed TLS <= 3.4, enable PSA_WANT_KEY_TYPE_ECC_KEY_PAIR instead +// ^^ implicitly enables PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_USE, PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +#define PSA_WANT_ECC_SECP_R1_256 1 // secp256r1 (suitable for ECDSA and ECDH) +#define PSA_WANT_ECC_MONTGOMERY_255 1 // Curve25519 (suitable for ECDH) +#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 +#define PSA_WANT_ALG_ECDH +``` + +If a mechanism is not enabled by `PSA_WANT_xxx`, Mbed TLS will often not include it, to reduce the size of the compiled library. However, this is not guaranteed: a mechanism that is not explicitly requested can be enabled because it is a dependency of another configuration option, because it is used internally, or because the granularity is not fine enough to distinguish between it and another mechanism that is requested. + +Under the hood, `PSA_WANT_xxx` enables the necessary legacy modules. Note that if a mechanism has a PSA accelerator driver, the corresponding legacy module is typically not needed. Thus applications that use a cryptographic mechanism both through the legacy API and through the PSA API need to explicitly enable both the `PSA_WANT_xxx` symbols and the `MBEDTLS_xxx` symbols. + +## Miscellaneous support modules + +### Error messages + +At the time of writing, there is no equivalent to the error messages provided by `mbedtls_strerror`. However, you can use the companion program `programs/psa/psa_constant_names` to convert various numbers (`psa_status_t`, `psa_algorithm_t`, `psa_key_type_t`, `psa_ecc_family_t`, `psa_dh_family_t`, `psa_key_usage_t`) to their input representation. The conversion doesn't depend on the library configuration or the target platform, so you can use a native build of this program even if you cross-compile your application. + +``` +$ programs/psa/psa_constant_names error -138 +PSA_ERROR_BUFFER_TOO_SMALL +$ programs/psa/psa_constant_names type 0x7112 +PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1) +$ programs/psa/psa_constant_names alg 0x06000609 +PSA_ALG_ECDSA(PSA_ALG_SHA_256) +``` + +The other functions in `error.h` are specific to the construction of Mbed TLS error code and are not relevant to the PSA API. PSA error codes are never the combination of multiple codes. + +### Constant-time functions + +The PSA API does not have an equivalent to the timing-side-channel-resistance utility functions in `constant_time.h`. Continue using `constant_time.h` as needed. + +Note that the PSA API does include features that reduce the need for `mbedtls_ct_memcmp`: + +* To compare a MAC with a reference value, use `psa_mac_verify` rather of `psa_mac_compute` followed by `mbedtls_ct_memcmp`, or use `psa_mac_verify_setup` and `psa_mac_verify_finish` in the multi-part case. See “[MAC calculation](#mac-calculation)”. +* The AEAD decryption functions take care of verifying the tag. See “[Authenticated cipher operations](#authenticated-cipher-operations)”. + +## Symmetric encryption + +All PSA APIs have algorithm agility, where the functions depend only on the nature of the operation and the choice of a specific algorithm comes from an argument. There is no special API for a particular block cipher (`aes.h`, `aria.h`, `camellia.h`, `des.h`), a particular block cipher mode (`ccm.h`, `gcm.h`) or a particular stream cipher (`chacha20.h`, `chachapoly.h`). To migrate code using those low-level modules, please follow the recommendations in the following sections, using the same principles as the corresponding `cipher.h` API. + +### Cipher mechanism selection + +Instead of `mbedtls_cipher_id_t` (`MBEDTLS_CIPHER_ID_xxx` constants), `mbedtls_cipher_type_t` (`MBEDTLS_CIPHER_base_size_mode` constants), `mbedtls_cipher_mode_t` (`MBEDTLS_CIPHER_MODE_xxx` constants) and `mbedtls_cipher_padding_t` (`MBEDTLS_CIPHER_PADDING_xxx` constants), use the [`PSA_KEY_TYPE_xxx` and `PSA_ALG_xxx` constants](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/). + +For modes that are based on a block cipher, the key type encodes the choice of block cipher: +[`PSA_KEY_TYPE_AES`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga6ee54579dcf278c677eda4bb1a29575e), +[`PSA_KEY_TYPE_ARIA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#c.PSA_KEY_TYPE_ARIA), +[`PSA_KEY_TYPE_CAMELLIA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad8e5da742343fd5519f9d8a630c2ed81), +[`PSA_KEY_TYPE_DES`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga577562bfbbc691c820d55ec308333138). +The algorithm encodes the mode and if relevant the padding type: + +* Unauthenticated cipher modes: + [`PSA_ALG_CTR`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad318309706a769cffdc64e4c7e06b2e9), + [`PSA_ALG_CFB`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0088c933e01d671f263a9a1f177cb5bc), + [`PSA_ALG_OFB`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gae96bb421fa634c6fa8f571f0112f1ddb), + [`PSA_ALG_XTS`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaa722c0e426a797fd6d99623f59748125), + [`PSA_ALG_ECB_NO_PADDING`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab8f0609cd0f12cccc9c950fd5a81a0e3), + [`PSA_ALG_CBC_NO_PADDING`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gacb332d72716958880ee7f97d8365ae66), + [`PSA_ALG_CBC_PKCS7`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaef50d2e9716eb6d476046608e4e0c78c), + [`PSA_ALG_CCM_STAR_NO_TAG`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga89627bb27ec3ce642853ab8554a88572). +* Other padding modes, which are obsolete, are not available in the PSA API. If you need them, handle the padding in your application code and use the `NO_PADDING` algorithm. +* AEAD modes: + [`PSA_ALG_CCM`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2c0e7d21f1b2df5e76bcb4a8f84273c), + [`PSA_ALG_GCM`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0d7d02b15aaae490d38277d99f1c637c). +* KW/KWP modes are not available in the PSA API at the time of writing. + +For the ChaCha20 unauthenticated cipher, use [`PSA_KEY_TYPE_CHACHA20`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga901548883b3bce56cc21c3a22cf8d93c) with [`PSA_ALG_STREAM_CIPHER`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad98c105198f7428f7d1dffcb2cd398cd). +For the Chacha20+Poly1305 AEAD, use [`PSA_KEY_TYPE_CHACHA20`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga901548883b3bce56cc21c3a22cf8d93c) with [`PSA_ALG_CHACHA20_POLY1305`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga1fec55093541640a71bdd022d4adfb9c) + +### Cipher mechanism availability + +For each key type value `PSA_KEY_TYPE_xxx`, the symbol `PSA_WANT_KEY_TYPE_xxx` is defined with a nonzero value if the library is built with support for that key type. For each algorithm value `PSA_ALG_yyy`, the symbol `PSA_WANT_ALG_yyy` is defined with a nonzero value if the library is built with support for that algorithm. Note that for a mechanism to be supported, both the key type and the algorithm must be supported. + +For example, to test if AES-CBC-PKCS7 is supported, in the legacy API, you could write: +``` +#if defined(MBEDTLS_AES_C) && \ + defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_CIPHER_PADDING_PKCS7) +``` +The equivalent in the PSA API is +``` +#if PSA_WANT_KEY_TYPE_AES && PSA_WANT_ALG_CBC_PKCS7 +``` + +### Cipher metadata + +Both APIs express key sizes in bits. Note however that in the PSA API, the size of a _buffer_ is always expressed in bytes, even if that buffer contains a key. + +The following table lists corresponding PSA macros for maximum-size macros that take all supported algorithms into account. + +| Legacy macro | PSA macro | +| ------------ | --------- | +| `MBEDTLS_MAX_IV_LENGTH` | [`PSA_CIPHER_IV_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_IV_MAX_SIZE), [`PSA_AEAD_NONCE_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1ac2a332765ba4ccfc24935d6f7f48fcc7) | +| `MBEDTLS_MAX_BLOCK_LENGTH` | [`PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE) | +| `MBEDTLS_MAX_KEY_LENGTH` | no equivalent| + +There is no equivalent to the type `mbedtls_cipher_info_t` and the functions `mbedtls_cipher_info_from_type` and `mbedtls_cipher_info_from_values` in the PSA API because it is unnecessary. All macros and functions operate directly on key type values (`psa_key_type_t`, `PSA_KEY_TYPE_xxx` constants) and algorithm values (`psa_algorithm_t`, `PSA_ALG_xxx` constants). + +| Legacy function | PSA macro | +| --------------- | --------- | +| `mbedtls_cipher_info_get_iv_size` | [`PSA_CIPHER_IV_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_IV_LENGTH), [`PSA_AEAD_NONCE_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_NONCE_LENGTH) | +| `mbedtls_cipher_info_get_block_size` | not available (use specific macros for the IV, nonce or tag length) | + +The following features have no PSA equivalent: + +* `mbedtls_cipher_list`: the PSA API does not currently have a discovery mechanism for cryptographic mechanisms, but one may be added in the future. +* `mbedtls_cipher_info_has_variable_key_bitlen`, `mbedtls_cipher_info_has_variable_iv_size`: the PSA API does not currently have such mechanism for high-level metadata information. +* `mbedtls_cipher_info_from_string`: there is no equivalent of Mbed TLS's lookup based on a (nonstandard) name. + +### Cipher key management + +The legacy API and the PSA API have a different organization of operations in several respects: + +* In the legacy API, each operation object contains the necessary key material. In the PSA API, an operation object contains a reference to a key object. To perform a cryptographic operation, you must create a key object first. However, for a one-shot operation, you do not need an operation object, just a single function call. +* The legacy API uses the same interface for authenticated and non-authenticated ciphers, while the PSA API has separate functions. +* The legacy API uses the same functions for encryption and decryption, while the PSA API has separate functions where applicable. + +Here is an overview of the lifecycle of a key object. + +1. First define the attributes of the key by filling a [`psa_key_attributes_t` structure](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga0ec645e1fdafe59d591104451ebf5680). You need to set the following parameters: + * Call [`psa_set_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga6857ef0ecb3fa844d4536939d9c64025) to set the key type to the desired `PSA_KEY_TYPE_xxx` value (see “[Cipher mechanism selection](#cipher-mechanism-selection)”). + * Call [`psa_set_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaf61683ac87f87687a40262b5afbfa018) to set the key's size in bits. This is optional with `psa_import_key`, which determines the key size from the length of the key material. + * Call [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to set the algorithm to the desired `PSA_ALG_xxx` value (see “[Cipher mechanism selection](#cipher-mechanism-selection)”). By design, the same key cannot be used with multiple algorithms. + * Call [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de) to enable at least [`PSA_KEY_USAGE_ENCRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_ENCRYPT) or [`PSA_KEY_USAGE_DECRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_DECRYPT), depending on which direction you want to use the key in. To allow both directions, use the flag mask `PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT`. The same policy flags cover authenticated and non-authenticated encryption/decryption. +2. Call one of the key creation functions, passing the attributes defined in the previous step, to get an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t) to the key object. + * Use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) to directly import key material. + * If the key is randomly generated, use [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5). + * If the key is derived from other material (for example from a key exchange), use the [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) and create the key with [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1). +3. Call the functions in the following sections to perform operations on the key. The same key object can be used in multiple operations. +4. To free the resources used by the key object, call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) after all operations with that key are finished. + +### Unauthenticated cipher operations + +Recall the flow of an unauthenticated cipher operation in the legacy Mbed TLS cipher API: + +1. Create a cipher context of type `mbedtls_cipher_context_t` and initialize it with `mbedtls_cipher_init`. +2. Establish the operation parameters (algorithm, key, mode) with `mbedtls_cipher_setup`, `mbedtls_cipher_setkey` (or `mbedtls_cipher_setup_psa`), `mbedtls_cipher_set_padding_mode` if applicable. +3. Set the IV with `mbedtls_cipher_set_iv` (except for ECB which does not use an IV). +4. For a one-shot operation, call `mbedtls_cipher_crypt`. To pass the input in multiple parts, call `mbedtls_cipher_update` as many times as necessary followed by `mbedtls_cipher_finish`. +5. Finally free the resources associated with the operation object by calling `mbedtls_cipher_free`. + +For a one-shot operation (where the whole plaintext or ciphertext is passed as a single input), the equivalent flow with the PSA API is to call a single function: + +* [`psa_cipher_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga61f02fbfa681c2659546eca52277dbf1) to perform encryption with a random IV of the default size (indicated by [`PSA_CIPHER_IV_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_IV_LENGTH)). (To encrypt with a specified IV, use the multi-part API described below.) You can use the macro [`PSA_CIPHER_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. +* [`psa_cipher_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gab3593f5f14d8c0431dd306d80929215e) to perform decryption with a specified IV. You can use the macro [`PSA_CIPHER_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. + +For a multi-part operation, the equivalent flow with the PSA API is as follows: + +1. Create an operation object of type [`psa_cipher_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga1399de29db657e3737bb09927aae51fa) and zero-initialize it (or use the corresponding `INIT` macro). +2. Select the key and algorithm with [`psa_cipher_encrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga587374c0eb8137a572f8e2fc409bb2b4) or [`psa_cipher_decrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gaa4ba3a167066eaef2ea49abc5dcd1d4b) depending on the desired direction. +3. When encrypting with a random IV, use [`psa_cipher_generate_iv`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga29fd7d32a5729226a2f73e7b6487bd8a). When encrypting with a chosen IV, or when decrypting, set the IV with [`psa_cipher_set_iv`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga9caddac1a429a5032d6d4a907fb70ba1). Skip this step with ECB since it does not use an IV. +4. Call [`psa_cipher_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gac3ca27ac6682917c48247d01fd96cd0f) as many times as needed. You can use [`PSA_CIPHER_UPDATE_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_UPDATE_OUTPUT_SIZE) or [`PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1ab1f6598efd6a7dc56e7ad7e34719eb32) to determine the size of the output buffer. +5. Call [`psa_cipher_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga1dcb58b8befe23f8a4d7a1d49c99249b) to obtain the last part of the output. You can use [`PSA_CIPHER_FINISH_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_FINISH_OUTPUT_SIZE) or [`PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE) to determine the size of the output buffer. + +If you need to interrupt the operation after calling the setup function without calling the finish function, call [`psa_cipher_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gaad482cdca2098bca0620596aaa02eaa4). + +### Authenticated cipher operations + +Recall the flow of an authenticated cipher operation in the legacy Mbed TLS cipher API (or similar flows in the `chachapoly`, `ccm` and `gcm` modules): + +1. Create a cipher context of type `mbedtls_cipher_context_t` and initialize it with `mbedtls_cipher_init`. +2. Establish the operation parameters (algorithm, key, mode) with `mbedtls_cipher_setup`, `mbedtls_cipher_setkey` (or `mbedtls_cipher_setup_psa`), `mbedtls_cipher_set_padding_mode` if applicable. +3. Set the nonce with `mbedtls_cipher_set_iv` (or the `starts` function for low-level modules). For CCM, which requires direct use of the `ccm` module, also call `mbedtls_ccm_set_lengths` to set the length of the additional data and of the plaintext. +4. Call `mbedtls_cipher_update_ad` to pass the unencrypted additional data. +5. Call `mbedtls_cipher_update` as many times as necessary to pass the input plaintext or ciphertext. +6. Call `mbedtls_cipher_finish` to obtain the last part of the output. Then call `mbedtls_cipher_write_tag` (when encrypting) or `mbedtls_cipher_check_tag` (when decrypting) to process the authentication tag. +7. Finally free the resources associated with the operation object by calling `mbedtls_cipher_free`. + +Steps 3–6 can be replaced by a single call to `mbedtls_cipher_auth_encrypt_ext` or `mbedtls_cipher_auth_decrypt_ext` for a one-shot operation (where the whole plaintext or ciphertext is passed as a single input). + +For a one-shot operation, the PSA API allows you to call a single function: + +* [`psa_aead_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae72e1eb3c2da3ebd843bb9c8db8df509) to perform authenticated encryption with a random nonce of the default size (indicated by [`PSA_AEAD_NONCE_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_NONCE_LENGTH)), with the authentication tag written at the end of the output. (To encrypt with a specified nonce, or to separate the tag from the rest of the ciphertext, use the multi-part API described below.) You can use the macro [`PSA_AEAD_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE) or [`PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. +* [`psa_aead_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae799f6196a22d50c216c947e0320d3ba) to perform authenticated decryption of a ciphertext with the authentication tag at the end. (If the tag is separate, use the multi-part API described below.) You can use the macro [`PSA_AEAD_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE) or [`PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. + +For a multi-part operation, the equivalent flow with the PSA API is as follows: + +1. Create an operation object of type [`psa_aead_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga14f6a01afbaa8c5b3d8c5d345cbaa3ed) and zero-initialize it (or use the corresponding `INIT` macro). +2. Select the key and algorithm with [`psa_aead_encrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga2732c40ce8f3619d41359a329e9b46c4) or [`psa_aead_decrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gaaa5c5018e67a7a6514b7e76b9a14de26) depending on the desired direction. +3. When encrypting with a random nonce, use [`psa_aead_generate_nonce`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga5799df1c555efd35970b65be51cb07d1). When encrypting with a chosen nonce, or when decrypting, set the nonce with [`psa_aead_set_nonce`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga59132751a6f843d038924cb217b5e13b). If the algorithm is CCM, you must also call [`psa_aead_set_lengths`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gad3431e28d05002c2a7b0760610176050) before or after setting the nonce (for other algorithms, this is permitted but not needed). +4. Call [`psa_aead_update_ad`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga6d0eed03f832e5c9c91cb8adf2882569) as many times as needed. +5. Call [`psa_aead_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gaf6d49864951ca42136b4a9b71ea26e5c) as many times as needed. You can use [`PSA_AEAD_UPDATE_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_UPDATE_OUTPUT_SIZE) or [`PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE) to determine the size of the output buffer. +6. Finally: + * When encrypting, call [`psa_aead_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga759791bbe1763b377c3b5447641f1fc8) to obtain the last part of the ciphertext and the authentication tag. You can use [`PSA_AEAD_FINISH_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_FINISH_OUTPUT_SIZE) or [`PSA_AEAD_FINISH_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_FINISH_OUTPUT_MAX_SIZE) to determine the size of the output buffer. + * When decrypting, call [`psa_aead_verify`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae0280e2e61a185b893c36d858453f0d0) to obtain the last part of the plaintext and check the authentication tag. You can use [`PSA_AEAD_VERIFY_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_VERIFY_OUTPUT_SIZE) or [`PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE) to determine the size of the output buffer. + +If you need to interrupt the operation after calling the setup function without calling the finish or verify function, call [`psa_aead_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae8a5f93d92318c8f592ee9fbb9d36ba0). + +### Miscellaneous cipher operation management + +The equivalent of `mbedtls_cipher_reset` is to call [`psa_cipher_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gaad482cdca2098bca0620596aaa02eaa4) or [`psa_aead_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae8a5f93d92318c8f592ee9fbb9d36ba0). Note that you must set the key again with a setup function: the PSA API does not have a special way to reuse an operation object with the same key. + +There is no equivalent for the `mbedtls_cipher_get_xxx` functions to extract information from an ongoing PSA cipher or AEAD operation. Applications that need this information will need to save it from the key and operation parameters. + +## Hashes and MAC + +The PSA API groups functions by purpose rather than by underlying primitive: there is a MAC API (equivalent to `md.h` for HMAC, and `cmac.h` for CMAC) and a hash API (equivalent to `md.h` for hashing). There is no special API for a particular hash algorithm (`md5.h`, `sha1.h`, `sha256.h`, `sha512.h`, `sha3.h`). To migrate code using those low-level modules, please follow the recommendations in the following section, using the same principles as the corresponding `md.h` API. + +The PSA API does have a direct interface for the AES-CMAC-PRF-128 from RFC 4615 at the time of writing. You can calculate it using the interface to AES-CMAC. + +### Hash mechanism selection + +The equivalent to `mbedtls_md_type_t` and `MBEDTLS_MD` constants is the type `psa_algorithm_t` and `PSA_ALG_xxx` constants (the type encompasses all categories of cryptographic algorithms, not just hashes). PSA offers a similar selection of algorithms, but note that SHA-1 and SHA-2 are spelled slightly differently. + +| Mbed TLS constant | PSA constant | +| ---------------------- | ------------------- | +| `MBEDTLS_MD_MD5` | `PSA_ALG_MD5` | +| `MBEDTLS_MD_SHA1` | `PSA_ALG_SHA_1` | +| `MBEDTLS_MD_SHA224` | `PSA_ALG_SHA_224` | +| `MBEDTLS_MD_SHA256` | `PSA_ALG_SHA_256` | +| `MBEDTLS_MD_SHA384` | `PSA_ALG_SHA_384` | +| `MBEDTLS_MD_SHA512` | `PSA_ALG_SHA_512` | +| `MBEDTLS_MD_RIPEMD160` | `PSA_ALG_RIPEMD160` | +| `MBEDTLS_MD_SHA3_224` | `PSA_ALG_SHA3_224` | +| `MBEDTLS_MD_SHA3_256` | `PSA_ALG_SHA3_256` | +| `MBEDTLS_MD_SHA3_384` | `PSA_ALG_SHA3_384` | +| `MBEDTLS_MD_SHA3_512` | `PSA_ALG_SHA3_512` | + +### MAC mechanism selection + +PSA Crypto has a generic API with the same functions for all MAC mechanisms. The mechanism is determined by a combination of an algorithm value of type [`psa_algorithm_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2e4d47f1300d73c2f829a6d99252d69) and a key type value of type [`psa_key_type_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga63fce6880ca5933b5d6baa257febf1f6). + +* For HMAC, the algorithm is [`PSA_ALG_HMAC`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga70f397425684b3efcde1e0e34c28261f)`(hash)` where `hash` is the underlying hash algorithm (see “[Hash mechanism selection](#hash-mechanism-selection)”), + for example `PSA_ALG_HMAC(PSA_ALG_SHA_256)` for HMAC-SHA-256. + The key type is [`PSA_KEY_TYPE_HMAC`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_KEY_TYPE_HMAC) regardless of the hash algorithm. +* For CMAC, the algorithm is [`PSA_ALG_CMAC`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_CMAC) regardless of the underlying block cipher. The key type determines the block cipher: + [`PSA_KEY_TYPE_AES`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga6ee54579dcf278c677eda4bb1a29575e), + [`PSA_KEY_TYPE_ARIA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#c.PSA_KEY_TYPE_ARIA), + [`PSA_KEY_TYPE_CAMELLIA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad8e5da742343fd5519f9d8a630c2ed81) or + [`PSA_KEY_TYPE_DES`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga577562bfbbc691c820d55ec308333138). + +### Hash and MAC mechanism availability + +For each key type value `PSA_KEY_TYPE_xxx`, the symbol `PSA_WANT_KEY_TYPE_xxx` is defined with a nonzero value if the library is built with support for that key type. For each algorithm value `PSA_ALG_yyy`, the symbol `PSA_WANT_ALG_yyy` is defined with a nonzero value if the library is built with support for that algorithm. For a compound mechanism, all parts must be supported. In particular, for HMAC, all three of `PSA_WANT_KEY_TYPE_HMAC`, `PSA_WANT_ALG_HMAC` and the underlying hash must be enabled. (A configuration with only one of `PSA_WANT_KEY_TYPE_HMAC` and `PSA_WANT_ALG_HMAC` is technically possible but not useful.) + +For example, to test if HMAC-SHA-256 is supported, in the legacy API, you could write: +``` +#if defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) +``` +The equivalent in the PSA API is +``` +#if PSA_WANT_KEY_TYPE_HMAC && PSA_WANT_ALG_HMAC && PSA_WANT_ALG_SHA_256 +``` + +To test if AES-CMAC is supported, in the legacy API, you could write: +``` +if defined(MBEDTLS_AES_C) && defined(MBEDTLS_CMAC_C) +``` +The equivalent in the PSA API is +``` +#if PSA_WANT_KEY_TYPE_AES && PSA_WANT_ALG_CMAC +``` + +### Hash algorithm metadata + +There is no equivalent to the type `mbedtls_md_info_t` and the functions `mbedtls_md_info_from_type` and `mbedtls_md_get_type` in the PSA API because it is unnecessary. All macros and functions operate directly on algorithm (`psa_algorithm_t`, `PSA_ALG_xxx` constants). + +| Legacy macro | PSA macro | +| ------------ | --------- | +| `MBEDTLS_MD_MAX_SIZE` | [`PSA_HASH_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_HASH_MAX_SIZE) | +| `MBEDTLS_MD_MAX_BLOCK_SIZE` | [`PSA_HMAC_MAX_HASH_BLOCK_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_HMAC_MAX_HASH_BLOCK_SIZE) | +| `mbedtls_md_get_size` | [`PSA_HASH_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_HASH_LENGTH) | +| `mbedtls_md_get_size_from_type` | [`PSA_HASH_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_HASH_LENGTH) | + +The following features have no PSA equivalent: + +* `mbedtls_md_list`: the PSA API does not currently have a discovery mechanism for cryptographic mechanisms, but one may be added in the future. +* `mbedtls_md_info_from_ctx` +* `mbedtls_cipher_info_from_string`, `mbedtls_md_get_name`: there is no equivalent of Mbed TLS's lookup based on a (nonstandard) name. + +### Hash calculation + +The equivalent of `mbedtls_md` for a one-shot hash calculation is [`psa_hash_compute`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1gac69f7f19d96a56c28cf3799d11b12156). In addition, to compare the hash of a message with an expected value, you can call [`psa_hash_compare`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga0c08f4797bec96b886c8c8d7acc2a553) instead of `mbedtls_md` followed by `memcmp` or a constant-time equivalent. + +For a multi-part hash calculation, the legacy process is as follows: + +1. Create a digest context of type `mbedtls_md_context_t` and initialize it with `mbedtls_md_init`. +2. Call `mbedtls_md_setup` to select the hash algorithm, with `hmac=0`. Then call `mbedtls_md_starts` to start the hash operation. +3. Call `mbedtls_md_update` as many times as necessary. +4. Call `mbedtls_md_finish`. If verifying the hash against an expected value, compare the result with the expected value. +5. Finally free the resources associated with the operation object by calling `mbedtls_md_free`. + +The equivalent process in the PSA API is as follows: + +1. Create an operation object of type [`psa_hash_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga3c4205d2ce66c4095fc5c78c25273fab) and zero-initialize it (or use the corresponding `INIT` macro). +2. Call [`psa_hash_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga8d72896cf70fc4d514c5c6b978912515) to specify the algorithm. +3. Call [`psa_hash_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga65b16ef97d7f650899b7db4b7d1112ff) as many times as necessary. +4. To obtain the hash, call [`psa_hash_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga4795fd06a0067b0adcd92e9627b8c97e). Alternatively, to verify the hash against an expected value, call [`psa_hash_verify`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga7be923c5700c9c70ef77ee9b76d1a5c0). + +If you need to interrupt the operation after calling the setup function without calling the finish or verify function, call [`psa_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1gab0b4d5f9912a615559497a467b532928). + +There is no equivalent to `mbedtls_md_file` in the PSA API. Load the file data and calculate its hash. + +### MAC key management + +The legacy API and the PSA API have a different organization of operations in several respects: + +* In the legacy API, each operation object contains the necessary key material. In the PSA API, an operation object contains a reference to a key object. To perform a cryptographic operation, you must create a key object first. However, for a one-shot operation, you do not need an operation object, just a single function call. +* The legacy API uses the same interface for authenticated and non-authenticated ciphers, while the PSA API has separate functions. +* The legacy API uses the same functions for encryption and decryption, while the PSA API has separate functions where applicable. + +Here is an overview of the lifecycle of a key object. + +1. First define the attributes of the key by filling a [`psa_key_attributes_t` structure](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga0ec645e1fdafe59d591104451ebf5680). You need to set the following parameters: + * Call [`psa_set_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga6857ef0ecb3fa844d4536939d9c64025) to set the key type to the desired `PSA_KEY_TYPE_xxx` value (see “[Cipher mechanism selection](#cipher-mechanism-selection)”). + * Call [`psa_set_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaf61683ac87f87687a40262b5afbfa018) to set the key's size in bits. This is optional with `psa_import_key`, which determines the key size from the length of the key material. + * Call [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to set the algorithm to the desired `PSA_ALG_xxx` value (see “[Cipher mechanism selection](#cipher-mechanism-selection)”). By design, the same key cannot be used with multiple algorithms. + * Call [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de) to enable at least [`PSA_KEY_USAGE_SIGN_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_SIGN_MESSAGE) to calculate a MAC or [`PSA_KEY_USAGE_VERIFY_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_VERIFY_MESSAGE) to verify the MAC of a message. To allow both directions, use the flag mask `PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE`. +2. Call one of the key creation functions, passing the attributes defined in the previous step, to get an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t) to the key object. + * Use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) to directly import key material. + * If the key is randomly generated, use [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5). + * If the key is derived from other material (for example from a key exchange), use the [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) and create the key with [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1). +3. Call the functions in the following sections to perform operations on the key. The same key object can be used in multiple operations. +4. To free the resources used by the key object, call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) after all operations with that key are finished. + +### MAC calculation + +The process for a HMAC operation in the legacy API is as follows: + +1. Create a digest context of type `mbedtls_md_context_t` and initialize it with `mbedtls_md_init`. +2. Call `mbedtls_md_setup` to select the hash algorithm, with `hmac=1`. Then call `mbedtls_md_hmac_starts` to set the key. +3. Call `mbedtls_md_hmac_update` as many times as necessary. +4. Call `mbedtls_md_hmac_finish`. If verifying the MAC against an expected value, compare the result with the expected value. Note that this comparison should be in constant time to avoid a side channel vulnerability, for example using `mbedtls_ct_memcmp`. +5. Finally free the resources associated with the operation object by calling `mbedtls_md_free`. + +The process for a CMAC operation in the legacy API is as follows: + +1. Create a cipher context of type `mbedtls_cipher_context_t` and initialize it with `mbedtls_cipher_init`. +2. Call `mbedtls_cipher_setup` to select the block cipher. Then call `mbedtls_md_cmac_starts` to set the key. +3. Call `mbedtls_cipher_cmac_update` as many times as necessary. +4. Call `mbedtls_cipher_cmac_finish`. If verifying the MAC against an expected value, compare the result with the expected value. Note that this comparison should be in constant time to avoid a side channel vulnerability, for example using `mbedtls_ct_memcmp`. +5. Finally free the resources associated with the operation object by calling `mbedtls_cipher_free`. + +The process in the PSA API to calculate a MAC is as follows: + +1. Create an operation object of type [`psa_mac_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga78f0838b0c4e3db28b26355624d4bd37) and zero-initialize it (or use the corresponding `INIT` macro). +2. Call [`psa_mac_sign_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga03bc3e3c0b7e55b20d2a238e418d46cd) to specify the algorithm and the key. See “[MAC key management](#mac-key-management)” for how to obtain a key identifier. +3. Call [`psa_mac_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga5560af371497babefe03c9da4e8a1c05) as many times as necessary. +4. To obtain the MAC, call [`psa_mac_sign_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gac22bc0125580c96724a09226cfbc97f2). + +To verify a MAC against an expected value, use the following process instead: + +1. Create an operation object of type [`psa_mac_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga78f0838b0c4e3db28b26355624d4bd37) and zero-initialize it (or use the corresponding `INIT` macro). +2. Call [`psa_mac_verify_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga08ae327fcbc5f8e201172fe11e536984) to specify the algorithm and the key. See “[MAC key management](#mac-key-management)” for how to obtain a key identifier. +3. Call [`psa_mac_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1ga5560af371497babefe03c9da4e8a1c05) as many times as necessary. +4. To verify the MAC against an expected value, call [`psa_mac_verify_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gac92b2930d6728e1be4d011c05d485822). + +If you need to interrupt the operation after calling the setup function without calling the finish function, call [`psa_mac_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gacd8dd54855ba1bc0a03f104f252884fd). + +The PSA API also offers functions for a one-shot MAC calculation, similar to `mbedtls_cipher_cmac`: + +* [`psa_mac_compute`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gabf02ebd3595ea15436967092b5d52878) to calculate the MAC of a buffer in memory. +* [`psa_mac_verify`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gaf6988545df5d5e2466c34d753443b15a) to verify the MAC of a buffer in memory against an expected value. + +In both cases, see “[MAC key management](#mac-key-management)” for how to obtain a key identifier. + +### Miscellaneous hash or MAC operation management + +The equivalent of `mbedtls_md_reset`, `mbedtls_md_hmac_reset` or `mbedtls_cmac_reset` is to call [`psa_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1gab0b4d5f9912a615559497a467b532928) or [`psa_mac_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gacd8dd54855ba1bc0a03f104f252884fd). Note that you must call a setup function to specify the algorithm and the key (for MAC) again, and they can be different ones. + +The equivalent of `mbedtls_md_clone` to clone a hash operation is [`psa_hash_clone`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__hash/#group__hash_1ga39673348f3302b4646bd780034a5aeda). A PSA MAC operation cannot be cloned. + +## Key derivation + +### HKDF + +PSA Crypto provides access to HKDF, HKDF-Extract and HKDF-Expand via its [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/). This is a generic interface using an operation object with one function call for each input and one function call for each output. + +1. Create an operation object of type [`psa_key_derivation_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga5f099b63799a0959c3d46718c86c2609) and zero-initialize it (or use the corresponding `INIT` macro). +2. Call [`psa_key_derivation_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gac0b6a76e45cceb1862752bf041701859) to select the algorithm, which is a value of type [`psa_algorithm_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2e4d47f1300d73c2f829a6d99252d69). For HKDF and variants, use one of the macros [`PSA_ALG_HKDF`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_HKDF), [`PSA_ALG_HKDF_EXTRACT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_HKDF_EXTRACT) or [`PSA_ALG_HKDF_EXPAND`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_HKDF_EXPAND) with the [hash algorithm](#hash-mechanism-selection) passed as an argument. For example `PSA_ALG_HKDF(PSA_ALG_SHA_256)` selects HKDF-SHA-256. +3. Call [`psa_key_derivation_input_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga8fd934dfb0ca45cbf89542ef2a5494c2) on each of the inputs in the order listed below. (Use [`psa_key_derivation_input_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gab2d7ce8705dd8e4a093f4b8a21a0c15a) instead for an input that is a PSA key object.) The input step value for each step is as follows: + 1. [`PSA_KEY_DERIVATION_INPUT_SALT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1gab62757fb125243562c3947a752470d4a) for the salt used during the extraction step. Omit this step for HKDF-Expand. For HKDF, you may omit this step if the salt is empty. + 2. [`PSA_KEY_DERIVATION_INPUT_SECRET`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1ga0ddfbe764baba995c402b1b0ef59392e) for the secret input. + 3. [`PSA_KEY_DERIVATION_INPUT_INFO`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1gacef8df989e09c769233f4b779acb5b7d) for the info string used during the expansion step. Omit this step for HKDF-Extract. +4. Call [`psa_key_derivation_output_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga06b7eb34a2fa88965f68e3d023fa12b9) to obtain the output of the derivation. You may call this function more than once to retrieve the output in successive chunks. Use [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1) instead if you want to use a chunk as a PSA key. +5. Call [`psa_key_derivation_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) to free the resources associated with the key derivation object. + +### PKCS#5 module + +Applications currently using `mbedtls_pkcs5_pbkdf2_hmac` or `mbedtls_pkcs5_pbkdf2_hmac_ext` can switch to the PSA key derivation API for PBKDF2 (not yet implemented at the time of writing, scheduled to be released in Mbed TLS 3.5). This is a generic interface using an operation object with one function call for each input and one function call for each output. + +1. Create an operation object of type [`psa_key_derivation_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga5f099b63799a0959c3d46718c86c2609) and zero-initialize it (or use the corresponding `INIT` macro). +2. Call [`psa_key_derivation_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gac0b6a76e45cceb1862752bf041701859) to select the algorithm, which is a value of type [`psa_algorithm_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2e4d47f1300d73c2f829a6d99252d69). For PBKDF2-HMAC, select `PSA_ALG_PBKDF2_HMAC(hash)` where `hash` is the underlying hash algorithm (see “[Hash mechanism selection](#hash-mechanism-selection)”). +3. Call `psa_key_derivation_input_cost` with the step `PSA_KEY_DERIVATION_INPUT_COST` to select the iteration count. +4. Call [`psa_key_derivation_input_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga8fd934dfb0ca45cbf89542ef2a5494c2) on each of the inputs in the order listed below. (Use [`psa_key_derivation_input_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gab2d7ce8705dd8e4a093f4b8a21a0c15a) instead for an input that is a PSA key object.) The input step value for each step is as follows: + 1. [`PSA_KEY_DERIVATION_INPUT_SALT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1gab62757fb125243562c3947a752470d4a) for the salt used during the extraction step. You may repeat this step to pass the salt in pieces (for example a salt and a pepper). + 2. [`PSA_KEY_DERIVATION_INPUT_SECRET`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1ga0ddfbe764baba995c402b1b0ef59392e) for the password. +5. Call [`psa_key_derivation_output_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga06b7eb34a2fa88965f68e3d023fa12b9) to obtain the output of the derivation. You may call this function more than once to retrieve the output in successive chunks. + Use [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1) instead if you want to use a chunk as a PSA key. + If you want to verify the output against an expected value (for authentication, rather than to derive key material), call `psa_key_derivation_verify_bytes` or `psa_key_derivation_verify_key` instead of `psa_key_derivation_output_bytes`. +6. Call [`psa_key_derivation_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) to free the resources associated with the key derivation object. + +The function `mbedtls_pkcs5_pbes2` is only inteded as a support function to parse encrypted private keys in the PK module. It has no PSA equivalent. + +### PKCS#12 module + +The functions `mbedtls_pkcs12_derivation` and `mbedtls_pkcs12_pbes2` are only intended as supports function to parse encrypted private keys in the PK module. They have no PSA equivalent. + +## Random generation + +### Random generation interface + +The PSA subsystem has an internal random generator. As a consequence, you do not need to instantiate one manually, so most applications using PSA crypto do not need the interfaces from `entropy.h`, `ctr_drbg.` and `hmac_drbg.h`. + +The PSA API uses its internal random generator to generate keys (`psa_generate_key`), nonces for encryption (`psa_cipher_generate_iv`, `psa_cipher_encrypt`, `psa_aead_generate_nonce`, `psa_aead_encrypt`, `psa_asymmetric_encrypt`), and other random material as needed. If you need random data for some other purposes, call [`psa_generate_random`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5). + +### Entropy sources + +Unless explicitly configured otherwise, the PSA random generator uses the default entropy sources configured through the legacy interface (`MBEDTLS_ENTROPY_xxx` symbols). Its set of sources is equivalent to an entropy object configured with `mbedtls_entropy_init`. + +A future version of Mbed TLS will include a PSA interface for configuring entropy sources. This is likely to replace the legacy interface in Mbed TLS 4.0. + +### Deterministic pseudorandom generation + +The PSA API does not have a dedicated interface for pseudorandom generation. The [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) can serve a similar purpose in some applications, but it does not offer CTR\_DRBG or HMAC\_DRBG. If you need these algorithms, keep using `ctr_drbg.h` and `hmac_drbg.h`, but note that they may be removed from the public API in Mbed TLS 4.0. + +## Asymmetric cryptography + +The PSA API supports RSA (see “[RSA mechanism selection](#rsa-mechanism-selection)”), elliptic curve cryptography (see “[ECC mechanism selection](#elliptic-curve-mechanism-selection)” and “[EC-JPAKE](#ec-jpake)”) and finite-field Diffie-Hellman (see “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)”). + +### Key lifecycle for asymmetric cryptography + +In the PSA API, keys are referenced by an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t). +(Some documentation references [`mbedtls_svc_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv420mbedtls_svc_key_id_t); the two types are identical except when the library is configured for use in a multi-client cryptography service.) +The PSA key identifier tends to play the same role as a `mbedtls_pk_context`, `mbedtls_rsa_context` or `mbedtls_ecp_keypair` structure in the legacy API; however there are major differences in the way the two APIs can be used to create keys or to obtain information about a key. + +Here is an overview of the lifecycle of a PSA key object. + +1. First define the attributes of the key by filling a [`psa_key_attributes_t` structure](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga0ec645e1fdafe59d591104451ebf5680). You need to set the following parameters: + * Call [`psa_set_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga6857ef0ecb3fa844d4536939d9c64025) to set the key type to the desired `PSA_KEY_TYPE_xxx` value (see “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” and “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)”). + * Call [`psa_set_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaf61683ac87f87687a40262b5afbfa018) to set the key's conceptual size in bits. This is optional with `psa_import_key`, which determines the key size from the length of the key material. + * Call [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to set the algorithm to the desired `PSA_ALG_xxx` value (see “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” and “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)” as well as “[Public-key cryptography policies](#public-key-cryptography-policies)”). + * Call [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de) to enable the desired usage types (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). +2. Call one of the key creation functions, passing the attributes defined in the previous step, to get an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t) to the key object. + * Use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) to directly import key material. + * If the key is randomly generated, use [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5). + * If the key is derived from other material (for example from a key exchange), use the [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) and create the key with [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1). +3. Call the functions in the following sections to perform operations on the key. The same key object can be used in multiple operations. +4. To free the resources used by the key object, call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) after all operations with that key are finished. + +### Public-key cryptography policies + +A key's policy indicates what algorithm(s) it can be used with (usage algorithm policy) and what operations are permitted (usage flags). + +The following table lists the relevant usage flags for asymmetric cryptography. You can pass an bitwise-or of those flags to [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de). + +| Usage | Flag | +| ----- | ---- | +| export public key | 0 (always permitted) | +| export private key | [`PSA_KEY_USAGE_EXPORT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga7dddccdd1303176e87a4d20c87b589ed) | +| Sign a message directly | [`PSA_KEY_USAGE_SIGN_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga552117ac92b79500cae87d4e65a85c54) | +| Sign an already-calculated hash | at least one of [`PSA_KEY_USAGE_SIGN_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga552117ac92b79500cae87d4e65a85c54) or [`PSA_KEY_USAGE_SIGN_HASH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga552117ac92b79500cae87d4e65a85c54) | +| Verify a message directly | [`PSA_KEY_USAGE_VERIFY_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gabea7ec4173f4f943110329ac2953b2b1) | +| Verify an already-calculated hash | at least one of [`PSA_KEY_USAGE_VERIFY_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gabea7ec4173f4f943110329ac2953b2b1) or [`PSA_KEY_USAGE_VERIFY_HASH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gafadf131ef2182045e3483d03aadaa1bd) | +| Encryption | [`PSA_KEY_USAGE_`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga75153b296d045d529d97203a6a995dad) | +| Decryption | [`PSA_KEY_USAGE_`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gac3f2d2e5983db1edde9f142ca9bf8e6a) | +| Key agreement | [`PSA_KEY_USAGE_DERIVE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gaf19022acc5ef23cf12477f632b48a0b2) | + +The sections “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” and “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)” cover the available algorithm values for each key type. Normally, a key can only be used with a single algorithm, following standard good practice. However, there are two ways to relax this requirement. + +* Many signature algorithms encode a hash algorithm. Sometimes the same key may need to be used to sign messages with multiple different hashes. In an algorithm policy, you can use [`PSA_ALG_ANY_HASH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_ANY_HASH) instead of a hash algorithm value to allow the key to be used with any hash. For example, `psa_set_key_algorithm(&attributes, PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH))` allows the key to be used with RSASSA-PSS, with different hash algorithhms in each operation. +* In addition to the algorithm (or wildcard) selected with [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98), you can use [`psa_set_key_enrollment_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaffa134b74aa52aa3ed9397fcab4005aa) to permit a second algorithm (or wildcard). This is intended for scenarios where a key is normally used with a single algorithm, but needs to be used with a different algorithm for enrollment (such as an ECDH key for which an ECDSA proof-of-possession is also required). + +### Asymmetric cryptographic mechanisms + +#### RSA mechanism selection + +The PK types `MBEDTLS_PK_RSA`, `MBEDTLS_PK_RSASSA_PSS` and `MBEDTLS_PK_RSA_ALT` correspond to RSA key types in the PSA API. In the PSA API, key pairs and public keys are separate object types. +See “[RSA-ALT interface](#rsa-alt-interface)” for more information about `MBEDTLS_PK_RSA_ALT`. + +The PSA API uses policies and algorithm parameters rather than key types to distinguish between `MBEDTLS_PK_RSA` and `MBEDTLS_PK_RSASSA_PSS`. The algorithm selection also replaces the use of `mbedtls_rsa_set_padding` on an `mbedtls_rsa_context` object. See the list of algorithms below and the signature and encryption sections for more information. + +An RSA public key has the type [`PSA_KEY_TYPE_RSA_PUBLIC_KEY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga9ba0878f56c8bcd1995ac017a74f513b). + +An RSA key pair has the type [`PSA_KEY_TYPE_RSA_KEY_PAIR`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga11745b110166e927e2abeabc7d532051). A key with this type can be used both for private-key and public-key operations (there is no separate key type for a private key without the corresponding public key). +You can always use a private key for operations on the corresponding public key (as long as the policy permits it). + +The following cryptographic algorithms work with RSA keys: + +* PKCS#1v1.5 RSA signature: [`PSA_ALG_RSA_PKCS1V15_SIGN`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga702ff75385a6ae7d4247033f479439af), [`PSA_ALG_RSA_PKCS1V15_SIGN_RAW`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga4215e2a78dcf834e9a625927faa2a817). +* PKCS#1v1.5 RSA encryption: [`PSA_ALG_RSA_PKCS1V15_CRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga4c540d3abe43fb9abcb94f2bc51acef9). +* PKCS#1 RSASSA-PSS signature: [`PSA_ALG_RSA_PSS`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga62152bf4cb4bf6aace5e1be8f143564d), [`PSA_ALG_RSA_PSS_ANY_SALT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga9b7355a2cd6bde88177634d539127f2b). +* PKCS#1 RSAES-OAEP encryption: [`PSA_ALG_RSA_OAEP`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaa1235dc3fdd9839c6c1b1a9857344c76). + +#### Elliptic curve mechanism selection + +The PK types `MBEDTLS_PK_ECKEY`, `MBEDTLS_PK_ECKEY_DH` and `MBEDTLS_PK_ECDSA` correspond to RSA key types in the PSA API. In the PSA API, key pairs and public keys are separate object types. The PSA API uses policies and algorithm parameters rather than key types to distinguish between the PK EC types. + +An ECC public key has the type [`PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad54c03d3b47020e571a72cd01d978cf2) where `curve` is a curve family identifier. + +An ECC key pair has the type [`PSA_KEY_TYPE_ECC_KEY_PAIR(curve)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0b6f5d4d5037c54ffa850d8059c32df0) where `curve` is a curve family identifier. A key with this type can be used both for private-key and public-key operations (there is no separate key type for a private key without the corresponding public key). +You can always use a private key for operations on the corresponding public key (as long as the policy permits it). + +A curve is fully determined by a curve family identifier and the private key size in bits. The following table gives the correspondence between legacy and PSA elliptic curve designations. + +| Mbed TLS legacy curve identifier | PSA curve family | Curve bit-size | +| -------------------------------- | ---------------- | -------------- | +| `MBEDTLS_ECP_DP_SECP192R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 192 | +| `MBEDTLS_ECP_DP_SECP224R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 224 | +| `MBEDTLS_ECP_DP_SECP256R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 256 | +| `MBEDTLS_ECP_DP_SECP384R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 384 | +| `MBEDTLS_ECP_DP_SECP521R1` | [`PSA_ECC_FAMILY_SECP_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 521 | +| `MBEDTLS_ECP_DP_BP256R1` | [`PSA_ECC_FAMILY_BRAINPOOL_P_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac1643f1baf38b30d07c20a6eac697f15) | 256 | +| `MBEDTLS_ECP_DP_BP384R1` | [`PSA_ECC_FAMILY_BRAINPOOL_P_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac1643f1baf38b30d07c20a6eac697f15) | 384 | +| `MBEDTLS_ECP_DP_BP512R1` | [`PSA_ECC_FAMILY_BRAINPOOL_P_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac1643f1baf38b30d07c20a6eac697f15) | 512 | +| `MBEDTLS_ECP_DP_CURVE25519` | [`PSA_ECC_FAMILY_MONTGOMERY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga1f624c5cdaf25b21287af33024e1aff8) | 255 | +| `MBEDTLS_ECP_DP_SECP192K1` | [`PSA_ECC_FAMILY_SECP_K1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 192 | +| `MBEDTLS_ECP_DP_SECP224K1` | not supported | 224 | +| `MBEDTLS_ECP_DP_SECP256K1` | [`PSA_ECC_FAMILY_SECP_K1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 256 | +| `MBEDTLS_ECP_DP_CURVE448` | [`PSA_ECC_FAMILY_MONTGOMERY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga1f624c5cdaf25b21287af33024e1aff8) | 448 | + +The following cryptographic algorithms work with ECC keys: + +* ECDH key agreement (including X25519 and X448): [`PSA_ALG_ECDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab2dbcf71b63785e7dd7b54a100edee43). +* ECDSA: [`PSA_ALG_ECDSA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7e3ce9f514a227d5ba5d8318870452e3), [`PSA_ALG_ECDSA_ANY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga51d6b6044a62e33cae0cf64bfc3b22a4), [`PSA_ALG_DETERMINISTIC_ECDSA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga11da566bcd341661c8de921e2ca5ed03). + +#### Diffie-Hellman mechanism selection + +A finite-field Diffie-Hellman public key has the type [`PSA_KEY_TYPE_DH_PUBLIC_KEY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaa22f0f2ea89b929f2fadc19890cc5d5c). + +A finite-field Diffie-Hellman key pair has the type [`PSA_KEY_TYPE_DH_KEY_PAIR`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab4f857c4cd56f5fe65ded421e61bcc8c). A key with this type can be used both for private-key and public-key operations (there is no separate key type for a private key without the corresponding public key). + +The PSA API only supports Diffie-Hellman with predefined groups. A group is fully determined by a group family identifier and the public key size in bits. + +| Mbed TLS DH group P value | PSA DH group family | Bit-size | +| ------------------------- | ------------------- | -------- | +| `MBEDTLS_DHM_RFC7919_FFDHE2048_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 2048 | +| `MBEDTLS_DHM_RFC7919_FFDHE3072_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 3072 | +| `MBEDTLS_DHM_RFC7919_FFDHE4096_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 4096 | +| `MBEDTLS_DHM_RFC7919_FFDHE6144_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 6144 | +| `MBEDTLS_DHM_RFC7919_FFDHE8192_P_BIN` | [`PSA_DH_FAMILY_RFC7919`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7be917e67fe4a567fb36864035822ff7) | 8192 | + +A finite-field Diffie-Hellman key can be used for key agreement with the algorithm [`PSA_ALG_FFDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0ebbb6f93a05b6511e6f108ffd2d1eb4). + +### Creating keys for asymmetric cryptography + +The easiest way to create a key pair object is by randomly generating it with [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5). Compared with the low-level functions from the legacy API (`mbedtls_rsa_gen_key`, `mbedtls_ecp_gen_privkey`, `mbedtls_ecp_gen_keypair`, `mbedtls_ecp_gen_keypair_base`, `mbedtls_ecdsa_genkey`), this directly creates an object that can be used with high-level APIs, but removes some of the flexibility. Note that if you want to export the generated private key, you must pass the flag [`PSA_KEY_USAGE_EXPORT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga7dddccdd1303176e87a4d20c87b589ed) to [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de); exporting the public key with [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) is always permitted. + +For RSA keys, `psa_generate_key` always uses 65537 as the public exponent. If you need a different public exponent, use the legacy interface to create the key then import it as described in “[Importing legacy keys via the PK module](#importing-legacy-keys-via-the-pk-module)”. + +To create a key object from existing material, use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b). While this function has the same basic goal as the PK parse functions (`mbedtls_pk_parse_key`, `mbedtls_pk_parse_public_key`, `mbedtls_pk_parse_subpubkey`), it is limited to a single format that just contains the number(s) that make up the key, with very little metadata. This format is a substring of the formats accepted by the PK functions (except for finite-field Diffie-Hellman which the PK module does not support). The table below summarizes the PSA import/export format for key pairs and public keys; see the documentation of [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) and [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) for more details. + +| Key type | PSA import/export format | +| -------- | ------------------------ | +| RSA key pair | PKCS#1 RSAPrivateKey DER encoding (including both private exponent and CRT parameters) | +| RSA public key | PKCS#1 RSAPublicKey DER encoding | +| ECC key pair | Fixed-length private value (not containing the public key) | +| ECC public key (Weierstrass curve) | Fixed-length uncompressed point | +| ECC public key (Montgomery curve) | Fixed-length public value | +| FFDH key pair | Fixed-length private value (not containing the public key) | +| FFDH public key | Fixed-length public value | + +There is no equivalent of `mbedtls_pk_parse_keyfile` and `mbedtls_pk_parse_public_keyfile`. Either call the legacy function or load the file data manually. + +A future extension of the PSA API will support other import formats. Until those are implemented, see the following subsections for ways to use the PK module for key parsing and construct a PSA key object from the PK object. + +#### Importing legacy keys via the PK module + +You can use glue functions in the PK module to create a key object using the legacy API, then import that object into the PSA subsystem. This is useful for use cases that the PSA API does not currently cover, such as: + +* Parsing a key in a format with metadata without knowing its type ahead of time. +* Importing a key which you have in the form of a list of numbers, rather than the binary encoding required by `psa_import_key`. +* Importing a key with less information than what the PSA API needs, for example an ECC public key in compressed format, an RSA private key without the private exponent, or an RSA private key without the CRT parameters. +* Generating an RSA key with $e \ne 65537$. + +#### Importing a PK key by wrapping + +If you have a PK object, you can call `mbedtls_pk_wrap_as_opaque` to create a PSA key object with the same key material. (This function is only present in builds with `MBEDTLS_USE_PSA_CRYPTO` enabled. It is experimental and [will likely be replaced by a slightly different interface in a future version of Mbed TLS](https://github.com/Mbed-TLS/mbedtls/issues/7760)) This function automatically determines the PSA key type, and lets you specify the usage policy (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). Once you've called this function, you can destroy the PK object. This function calls `psa_import_key` internally; call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) to destroy the PSA key object once your application no longer needs it. Common scenarios where this flow is useful are: + +* You have working code that's calling `mbedtls_pk_parse_key`, `mbedtls_pk_parse_public_key`, `mbedtls_pk_parse_subpubkey`, `mbedtls_pk_parse_keyfile` or `mbedtls_pk_parse_public_keyfile` to create a PK object. +* You have working code that's using the `rsa.h` or `ecp.h` API to create a key object, and there is no PSA equivalent. + +You can use this flow to import an RSA key via a `mbedtls_rsa_context` object or an ECC key via a `mbedtls_ecp_keypair` object: + +1. Call `mbedtls_pk_init` then `mbedtls_pk_setup` to set up a PK context for the desired key type (`MBEDTLS_PK_RSA` or `MBEDTLS_PK_ECKEY`). +2. Call `mbedtls_pk_rsa` or `mbedtls_pk_ec` to obtain the underlying low-level context. +3. Call `mbedtls_rsa_xxx` or `mbedtls_ecp_xxx` functions to construct the desired key. For example: + * `mbedtls_rsa_import` or `mbedtls_rsa_import_raw` followed by `mbedtls_rsa_complete` to create an RSA private key without all the parameters required by the PSA API. + * `mbedtls_rsa_gen_key` to generate an RSA private key with a custom public exponent. +4. Call `mbedtls_pk_wrap_as_opaque` as described above to create a corresponding PSA key object. +5. Call `mbedtls_pk_free` to free the resources associated with the PK object. + +#### Importing a PK key by export-import + +This section explains how to export a PK object in the PSA import format. The process depends on the key type. You can use `mbedtls_pk_get_type` or `mbedtls_pk_can_do` to distinguish between RSA and ECC keys. The snippets below assume that the key is in an `mbedtls_pk_context pk`, and omit error checking. + +For an RSA private key: + +``` +unsigned char buf[PSA_EXPORT_KEY_PAIR_MAX_SIZE]; +size_t length = mbedtls_pk_write_key_der(&pk, buf, sizeof(buf)); +psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; +psa_set_key_attributes(&attributes, PSA_KEY_TYPE_RSA_KEY_PAIR); +psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_... | ...); +psa_set_key_algorithm(&attributes, PSA_ALGORITHM_...); +psa_key_id_t key_id = 0; +psa_import_key(&attributes, buf + sizeof(buf) - length, length, &key_id); +mbedtls_pk_free(&pk); +``` + +For an ECC private key (a future version of Mbed TLS [will provide a function to calculate the curve family](https://github.com/Mbed-TLS/mbedtls/issues/7764)): + +``` +unsigned char buf[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)]; +size_t length = PSA_BITS_TO_BYTES(mbedtls_pk_bitlen(&pk)); +mbedtls_ecp_keypair *ec = mbedtls_pk_ec(&pk); +mbedtls_ecp_write_key(ec, buf, length); +psa_ecc_curve_t curve = ...; // need to determine the curve family manually +psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; +psa_set_key_attributes(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); +psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_... | ...); +psa_set_key_algorithm(&attributes, PSA_ALGORITHM_...); +psa_key_id_t key_id = 0; +psa_import_key(&attributes, buf, length, &key_id); +mbedtls_pk_free(&pk); +``` + +For an RSA or ECC public key: + +``` +unsigned char buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE]; +size_t length = mbedtls_pk_write_pubkey(&pk, buf, sizeof(buf)); +psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; +psa_set_key_attributes(&attributes, ...); // need to determine the type manually +psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_... | ...); +psa_set_key_algorithm(&attributes, PSA_ALGORITHM_...); +psa_key_id_t key_id = 0; +psa_import_key(&attributes, buf + sizeof(buf) - length, length, &key_id); +mbedtls_pk_free(&pk); +``` + +#### Importing an elliptic curve key from ECP + +This section explains how to use the `ecp.h` API to create an elliptic curve key in a format suitable for `psa_import_key`. + +You can use this, for example, to import an ECC key in the form of a compressed point by calling `mbedtls_ecp_point_read_binary` then following the process below. + +The following code snippet illustrates how to import a private key which is initially in an `mbedtls_ecp_keypair` object. Error checks are omitted for simplicity. A future version of Mbed TLS [will provide a function to calculate the curve family](https://github.com/Mbed-TLS/mbedtls/issues/7764). + +``` +mbedtls_ecp_keypair ec; +mbedtls_ecp_keypair_init(&ec); +// Omitted: fill ec with key material +// (the public key will not be used and does not need to be set) +unsigned char buf[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)]; +size_t length = PSA_BITS_TO_BYTES(mbedtls_pk_bitlen(&pk)); +mbedtls_ecp_write_key(&ec, buf, length); +psa_ecc_curve_t curve = ...; // need to determine the curve family manually +psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; +psa_set_key_attributes(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); +psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_... | ...); +psa_set_key_algorithm(&attributes, PSA_ALGORITHM_...); +psa_key_id_t key_id = 0; +psa_import_key(&attributes, buf, length, &key_id); +mbedtls_ecp_keypair_free(&ec); +``` +The following code snippet illustrates how to import a private key which is initially in an `mbedtls_ecp_keypair` object. Error checks are omitted for simplicity. + +``` +mbedtls_ecp_group grp; +mbedtls_ecp_group_init(&grp); +mbedtls_ecp_group_load(&grp, MBEDTLS_ECP_DP_...); +mbedtls_ecp_point pt; +mbedtls_ecp_point_init(&pt); +// Omitted: fill pt with key material +unsigned char buf[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_PUBLIC_KEY_MAX_SIZE)]; +size_t length; +mbedtls_ecp_point_write_binary(&grp, &pt, &length, buf, sizeof(buf)); +psa_ecc_curve_t curve = ...; // need to determine the curve family manually +psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; +psa_set_key_attributes(&attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)); +psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_... | ...); +psa_set_key_algorithm(&attributes, PSA_ALGORITHM_...); +psa_key_id_t key_id = 0; +psa_import_key(&attributes, buf, length, &key_id); +mbedtls_ecp_point_free(&pt); +mbedtls_ecp_group_free(&grp); +``` + +### Key pair and public key metadata + +There is no equivalent to the type `mbedtls_pk_info_t` and the functions `mbedtls_pk_info_from_type` in the PSA API because it is unnecessary. All macros and functions operate directly on key type values (`psa_key_type_t`, `PSA_KEY_TYPE_xxx` constants) and algorithm values (`psa_algorithm_t`, `PSA_ALG_xxx` constants). + +You can call [`psa_get_key_attributes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gacbbf5c11eac6cd70c87ffb936e1b9be2) to populate a structure with the attributes of a key, then functions such as [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918) and [`psa_get_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga5bee85c2164ad3d4c0d42501241eeb06) to obtain a key's type (`PSA_KEY_TYPE_xxx` value) and size (nominal size in bits). + +The bit-size from `psa_get_key_bits` is the same as the one from `mbedtls_pk_get_bitlen`. To convert to bytes as with `mbedtls_pk_get_len` or `mbedtls_rsa_get_len`, you can use the macro `PSA_BITS_TO_BYTES`; however note that the PSA API has generic macros for each related buffer size (export, signature size, etc.), so you should generally use those instead. The present document lists those macros where it explains the usage of the corresponding function. + +Most uses of `mbedtls_pk_get_type` and `mbedtls_pk_can_do` only require knowing a key's type as reported by [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918). If needed, you can also access a key's policy from its attributes, with [`psa_get_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaa1af20f142ca722222c6d98678a0c448), [`psa_get_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gac255da850a00bbed925390044f016b34) and [`psa_get_key_enrollment_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga39803b62a97198cf630854db9b53c588). The algorithm policy also conveys the padding and hash information provided by `mbedtls_rsa_get_padding_mode` and `mbedtls_rsa_get_md_alg`. + +### Exporting a public key or a key pair + +To export a PSA key pair or public key, call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf). If the key is a key pair, its policy must allow `PSA_KEY_USAGE_EXPORT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). + +To export a PSA public key or to export the public key of a PSA key pair object, call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062). This is always permitted regardless of the key's policy. + +The export format is the same format used for `psa_import_key`, described in “[Creating keys for asymmetric cryptography](#creating-keys-for-asymmetric-cryptography)” above. + +A future extension of the PSA API will support other export formats. Until those are implemented, see the following subsections for ways to use the PK module to format a PSA key. + +#### Exporting a PK key by wrapping + +You can wrap a PSA key object in a PK key context with `mbedtls_pk_setup_opaque`. This allows you to call functions such as `mbedtls_pk_write_key_der`, `mbedtls_pk_write_pubkey_der`, `mbedtls_pk_write_pubkey_pem`, `mbedtls_pk_write_key_pem` or `mbedtls_pk_write_pubkey` to export the key data in various formats. + +### Signature operations + +The equivalent of `mbedtls_pk_sign`, `mbedtls_rsa_pkcs1_sign`, `mbedtls_rsa_rsassa_pkcs1_v15_sign`, `mbedtls_rsa_rsassa_pss_sign` or `mbedtls_rsa_rsassa_pss_sign_ext` to sign an already calculated hash is [`psa_sign_hash`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga785e746a31a7b2a35ae5175c5ace3c5c). +The key must be a key pair allowing the usage `PSA_KEY_USAGE_SIGN_HASH` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). +Use [`PSA_SIGN_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_SIGN_OUTPUT_SIZE) or [`PSA_SIGNATURE_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_SIGNATURE_MAX_SIZE) (similar to `MBEDTLS_PK_SIGNATURE_MAX_SIZE`) to determine the size of the output buffer. + +The equivalent of `mbedtls_pk_verify` or `mbedtls_pk_verify_ext` to verify an already calculated hash is [`psa_verify_hash`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1gae2ffbf01e5266391aff22b101a49f5f5). +The key must be a public key or a key pair allowing the usage `PSA_KEY_USAGE_VERIFY_HASH` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). + +Generally, `psa_sign_hash` and `psa_verify_hash` require the input to have the correct length for the hash (this has historically not always been enforced in the corresponding legacy APIs). + +See also “[Restartable ECDSA signature](#restartable-ecdsa-signature)” for a restartable variant of this API. + +The PSA API also has functions [`psa_sign_message`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga963ecadae9c38c85826f9a13cf1529b9) and [`psa_verify_message`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga01c11f480b185a4268bebd013df7c14c). These functions combine the hash calculation with the signature calculation or verification. +For `psa_sign_message`, either the usage flag `PSA_KEY_USAGE_SIGN_MESSAGE` or `PSA_KEY_USAGE_SIGN_HASH` is sufficient. +For `psa_verify_message`, either the usage flag `PSA_KEY_USAGE_VERIFY_MESSAGE` or `PSA_KEY_USAGE_VERIFY_HASH` is sufficient. + +Most signature algorithms involve a hash algorithm. See “[Hash mechanism selection](#hash-mechanism-selection)”. + +The following subsections describe the PSA signature mechanisms that correspond to legacy Mbed TLS mechanisms. + +#### ECDSA signature + +In the PSA API, **the format of an ECDSA signature is the raw fixed-size format. This is different from the legacy API** which uses the ASN.1 DER format for ECDSA signatures. A future version of Mbed TLS [will provide a way to convert between the two formats](https://github.com/Mbed-TLS/mbedtls/issues/7765). + + +This is the mechanism provided by `mbedtls_pk_sign` and `mbedtls_pk_verify` for ECDSA keys, and by `mbedtls_ecdsa_sign`, `mbedtls_ecdsa_sign_det_ext`, `mbedtls_ecdsa_write_signature`, `mbedtls_ecdsa_write_signature` and `mbedtls_ecdsa_verify`, . + +The PSA API offers three algorithm constructors for ECDSA. They differ only for signature, and have exactly the same behavior for verification. + +* [`PSA_ALG_ECDSA(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7e3ce9f514a227d5ba5d8318870452e3) is a randomized ECDSA signature of a hash calculated with the algorithm `hash`. +* [`PSA_ALG_ECDSA_ANY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga51d6b6044a62e33cae0cf64bfc3b22a4) is equivalent to `PSA_ALG_ECDSA`, but does not require specifying a hash as part of the algorithm. It can only be used with `psa_sign_hash` and `psa_verify_hash`, with no constraint on the length of the hash. +* [`PSA_ALG_DETERMINISTIC_ECDSA(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga11da566bcd341661c8de921e2ca5ed03) is a deterministic ECDSA signature of a hash calculated with the algorithm `hash`. This is the same as the functionality offered by `MBEDTLS_ECDSA_DETERMINISTIC` in the legacy API. + * For `psa_sign_message` with `PSA_ALG_DETERMINISTIC_ECDSA`, the same hash algorithm is used to hash the message and to parametrize the deterministic signature generation. + +Unlike the legacy API, where `mbedtls_pk_sign` and `mbedtls_ecdsa_write_signature` automatically select deterministic ECDSA if both are available, the PSA API requires the application to select the preferred variant. ECDSA verification cannot distinguish between randomized and deterministic ECDSA (except in so far as if the same message is signed twice and the signatures are different, then at least one of the signatures is not the determinstic variant), so in most cases switching between the two is a compatible change. + +#### Restartable ECDSA signature + +There is a PSA API for interruptible public-key operations, offering similar functionality to the legacy restartable API (`mbedtls_pk_sign_restartable`, `mbedtls_pk_verify_restartable`, `mbedtls_ecdsa_sign_restartable`, `mbedtls_ecdsa_verify_restartable`, `mbedtls_ecdsa_write_signature_restartable`, `mbedtls_ecdsa_read_signature_restartable`). + +As of Mbed TLS 3.5, it is only implemented for ECDSA, for the same curves as the legacy API; this will likely be extended to ECDH in the short term. At the time of writing, no extension is planned to other curves or other algorithms. + +The flow of operations for an interruptible signature operation is as follows: + +1. Create an operation object of type [`psa_sign_hash_interruptible_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga6948d4653175b1b530a265540066a7e7) and zero-initialize it (or use the corresponding `INIT` macro). +2. Call [`psa_sign_hash_start`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga441988da830205182b3e791352537fac) with the private key object and the hash to verify. +3. Call [`psa_sign_hash_complete`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga79849aaa7004a85d2ffbc4b658a333dd) repeatedly until it returns a status other than `PSA_OPERATION_INCOMPLETE`. + +The flow of operations for an interruptible signature verification operation is as follows: + +1. Create an operation object of type [`psa_verify_hash_interruptible_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga537054cf4909ad1426331ae4ce7148bb) and zero-initialize it (or use the corresponding `INIT` macro). +2. Call [`psa_verify_hash_start`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga912eb51fb94056858f451f276ee289cb) with the private key object and the hash and signature to verify. +3. Call [`psa_verify_hash_complete`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga67fe82352bc2f8c0343e231a70a5bc7d) repeatedly until it returns a status other than `PSA_OPERATION_INCOMPLETE`. + +If you need to interrupt the operation after calling the start function without waiting for the complete function to return a success or failure status, call [`psa_sign_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1gae893a4813aa8e03bd201fe4f1bbbb403) or [`psa_verify_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga18dc9c0cc27d590c5e3b186094d90f88). + +Call [`psa_interruptible_set_max_ops`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga6d86790b31657c13705214f373af869e) to set the number of basic operations per call. This is the same unit as `mbedtls_ecp_set_max_ops`. + +#### PKCS#1 v1.5 RSA signature + +This mechanism corresponds to `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_rsa_pkcs1_sign` and `mbedtls_rsa_pkcs1_verify` for an RSA key, unless PSS has been selected with `mbedtls_rsa_set_padding` on the underlying RSA key context. This mechanism also corresponds to `mbedtls_rsa_rsassa_pkcs1_v15_sign` and `mbedtls_rsa_rsassa_pkcs1_v15_verify`. + +The PSA API has two algorithm constructors: + +* [`PSA_ALG_RSA_PKCS1V15_SIGN(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga702ff75385a6ae7d4247033f479439af) formats the hash as specified in PKCS#1. The hash algorithm corresponds to the `md_alg` parameter of the legacy functions. +* [`PSA_ALG_RSA_PKCS1V15_SIGN_RAW`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga4215e2a78dcf834e9a625927faa2a817) uses the “hash” input in lieu of a DigestInfo structure. This is the same as calling the legacy functions with `md_alg=MBEDTLS_MD_NONE`. + +#### PKCS#1 RSASSA-PSS signature + +This mechanism corresponds to `mbedtls_pk_sign_ext` and `mbedtls_pk_verify_ext` for an RSA key, as well as `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_rsa_pkcs1_sign` and `mbedtls_rsa_pkcs1_verify` if PSS has been selected on the underlying RSA context with `mbedlts_rsa_set_padding`. +It also corresponds to `mbedtls_rsa_rsassa_pss_sign` and `mbedtls_rsa_rsassa_pss_sign_ext`, `mbedtls_rsa_rsassa_pss_verify` and `mbedtls_rsa_rsassa_pss_verify_ext`. + +The PSA API has two algorithm constructors: [`PSA_ALG_RSA_PSS(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga62152bf4cb4bf6aace5e1be8f143564d) and [`PSA_ALG_RSA_PSS_ANY_SALT(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga9b7355a2cd6bde88177634d539127f2b). The hash algorithm `hash` corresponds to the `md_alg` parameter passed to the legacy API. It is used to hash the message, to create the salted hash, and for the mask generation with MGF1. The PSA API does not support using different hash algorithms for these different purposes. + +With respect to the salt length: + +* When signing, the salt is random, and the salt length is the largest possible salt length up to the hash length. This is the same as passing `MBEDTLS_RSA_SALT_LEN_ANY` as the salt length to `xxx_ext` legacy functions or using a legacy function that does not have a `saltlen` argument. +* When verifying, `PSA_ALG_RSA_PSS` requires the the salt length to the largest possible salt length up to the hash length (i.e. the same that would be used for signing). +* When verifying, `PSA_ALG_RSA_PSS_ANY_SALT` accepts any salt length. This is the same as passing `MBEDTLS_RSA_SALT_LEN_ANY` as the salt length to `xxx_ext` legacy functions or using a legacy function that does not have a `saltlen` argument. + +### Asymmetric encryption and decryption + +The equivalent of `mbedtls_pk_encrypt`, `mbedtls_rsa_pkcs1_encrypt`, `mbedtls_rsa_rsaes_pkcs1_v15_encrypt` or `mbedtls_rsa_rsaes_oaep_encrypt` to encrypt a short message (typically a symmetric key) is [`psa_asymmetric_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1gaa17f61e4ddafd1823d2c834b3706c290). +The key must be a public key allowing the usage `PSA_KEY_USAGE_ENCRYPT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). +Use the macro [`PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1a66ba3bd93e5ec52870ccc3848778bad8) or [`PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE) to determine the output buffer size. + +The equivalent of `mbedtls_pk_decrypt`, `mbedtls_rsa_pkcs1_decrypt`, `mbedtls_rsa_rsaes_pkcs1_v15_decrypt` or `mbedtls_rsa_rsaes_oaep_decrypt` to decrypt a short message (typically a symmetric key) is [`psa_asymmetric_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga4f968756f6b22aab362b598b202d83d7). +The key must be a key pair allowing the usage `PSA_KEY_USAGE_DECRYPT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). +Use the macro [`PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1a61a246f3eac41989821d982e56fea6c1) or [`PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_ASYMMETRIC_DECRYPT_OUTPUT_MAX_SIZE) to determine the output buffer size. + +The following subsections describe the PSA asymmetric encryption mechanisms that correspond to legacy Mbed TLS mechanisms. + +#### RSA PKCS#1v1.5 encryption + +This is the mechanism used by the PK functions and by `mbedtls_rsa_pkcs1_{encrypt,decrypt}` unless `mbedtls_rsa_set_padding` has been called on the underlying RSA key context. +This is also the mechanism used by `mbedtls_rsa_rsaes_pkcs1_v15_{encrypt,decrypt}`. + +The PSA algorithm is [`PSA_ALG_RSA_PKCS1V15_CRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga4c540d3abe43fb9abcb94f2bc51acef9). + +Beware that PKCS#1v1.5 decryption is subject to padding oracle attacks. Revealing when `psa_asymmetric_decrypt` returns `PSA_ERROR_INVALID_PADDING` may allow an adversary to decrypt arbitrary ciphertexts. + +#### RSA RSAES-OAEP + +This is the mechanism used by `mbedtls_rsa_rsaes_oaep_{encrypt,decrypt}`. + +The PSA algorithm is [`PSA_ALG_RSA_OAEP(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaa1235dc3fdd9839c6c1b1a9857344c76) where `hash` is a hash algorithm value (`PSA_ALG_xxx`, see “[Hash mechanism selection](#hash-mechanism-selection)”). + +As with the PK API, the mask generation is MGF1, the label is empty, and the same hash algorithm is used for MGF1 and to hash the label. The PSA API does not offer a way to choose a different label or a different hash algorithm for the label. + +### PK functionality with no PSA equivalent + +There is no PSA equivalent of the debug functionality provided by `mbedtls_pk_debug`. Use `psa_export_key` to export the key if desired. + +There is no PSA equivalent to Mbed TLS's custom key type names exposed by `mbedtls_pk_get_name`. + +The PSA API does not expose partially constructed key objects. This makes the following functions unnecessary: + +* `mbedtls_rsa_copy`, `mbedtls_ecp_copy`: a PSA key object is immutable, so the copy would have to be identical. +* `mbedtls_pk_check_pair`, `mbedtls_rsa_check_privkey`, `mbedtls_rsa_check_pubkey`, `mbedtls_rsa_check_pub_priv`,`mbedtls_ecp_check_privkey`, `mbedtls_ecp_check_pubkey`, `mbedtls_ecp_check_pub_priv`: if a key has been constructed successfully, it is guaranteed to be valid. + +### Key agreement + +_(Section not written yet)_ + + + +### Additional information about Elliptic-curve cryptography + +_(Section not written yet)_ + + + +#### ECC functionality with no PSA equivalent + +There is no PSA equivalent of `mbedtls_ecdsa_can_do` to query the capabilities of a curve at runtime. Check the documentation of each curve family to see what algorithms it supports. + +There is no PSA equivalent to the types `mbedtls_ecdsa_context` and `mbedtls_ecdsa_restart_ctx`, and to basic ECDSA context manipulation functions including `mbedtls_ecdsa_from_keypair`, because they are not needed: the PSA API does not have ECDSA-specific context types. + +### Additional information about RSA + +#### RSA-ALT interface + +Implementers of the RSA-ALT interface (`MBEDTLS_PK_RSA_ALT` pk type, `mbedtls_pk_setup_rsa_alt` setup function) should migrate to the [PSA cryptoprocessor driver interface](https://github.com/Mbed-TLS/mbedtls/blob/development/docs/psa-driver-example-and-guide.md). + +* If the purpose of the ALT interface is acceleration only: use the accelerator driver interface. This is fully transparent to application code. +* If the purpose of the ALT interface is to isolate the private key in a high-security environment: use the opaque driver interface. This is mostly transparent to user code. Code that uses a key via its key identifier does not need to know whether the key is transparent (equivalent of `MBEDTLS_PK_RSA`) or opaque (equivalent of `MBEDTLS_PK_RSA_ALT`). When creating a key, it will be transparent by default; to create an opaque key, call [`psa_set_key_lifetime`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gac03ccf09ca6d36cc3d5b43f8303db6f7) to set the key's location to the chosen location value for the driver, e.g. + ``` + psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_VOLATILE, MY_RSA_DRIVER_LOCATION)); + ``` + +The PSA subsystem uses its internal random generator both for randomized algorithms and to generate blinding value. As a consequence, none of the API functions take an RNG parameter. + +#### RSA functionality with no PSA equivalent + +The PSA API does not provide direct access to the exponentiation primitive as with `mbedtls_rsa_public` and `mbedtls_rsa_private`. If you need an RSA-based mechanism that is not supported by the PSA API, please contact us so that we can extend the API to support it. + +The PSA API does not support constructing RSA keys progressively from numbers with `mbedtls_rsa_import` or `mbedtls_rsa_import_raw` followed by `mbedtls_rsa_complete`. See “[Importing a PK key by wrapping](#importing-a-pk-key-by-wrapping)”. + +There is no direct equivalent of `mbedtls_rsa_export`, `mbedtls_rsa_export_raw` and `mbedtls_rsa_export_crt` to export some of the numbers in a key. You can export the whole key with `psa_export_key`, or with `psa_export_public_key` to export the public key from a key pair object. See also “[Exporting a public key or a key pair](#exporting-a-public-key-or-a-key-pair)”. + +### PK format support interfaces + +The interfaces in `base64.h`, `asn1.h`, `asn1write.h`, `oid.h` and `pem.h` are intended to support X.509 and key file formats. They have no PSA equivalent since they are not directly about cryptography. They remain unchanged in Mbed TLS 3.x. In the future, they are likely to move out of the cryptography part of Mbed TLS and into the public-key/X.509 part. + +## EC-JPAKE + +The PSA API exposes EC-JPAKE via the algorithm [`PSA_ALG_JPAKE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__extra_8h/#c.PSA_ALG_JPAKE) and the PAKE API functions. At the time of writing, the PAKE API is still experimental, but it should offer the same functionality as the legacy `ecjpake.h`. Please consult the documentation of your version of Mbed TLS for more information. From c7b53f3ab7cd66a0153b0d9273f13f46261408ef Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Jun 2023 21:31:53 +0200 Subject: [PATCH 0009/1674] Mention mbedtls_psa_get_random Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 24facffa6..007beca74 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -591,6 +591,11 @@ The PSA subsystem has an internal random generator. As a consequence, you do not The PSA API uses its internal random generator to generate keys (`psa_generate_key`), nonces for encryption (`psa_cipher_generate_iv`, `psa_cipher_encrypt`, `psa_aead_generate_nonce`, `psa_aead_encrypt`, `psa_asymmetric_encrypt`), and other random material as needed. If you need random data for some other purposes, call [`psa_generate_random`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5). +If your application mixes uses of the PSA crypto API and the mbedtls API and you need to pass an RNG argument to a legacy or X.509/TLS function, include the header file `` and use: + +* [`mbedtls_psa_get_random`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/psa__util_8h/#_CPPv422mbedtls_psa_get_randomPvPh6size_t) as the `f_rng` argument; +* [`MBEDTLS_PSA_RANDOM_STATE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/psa__util_8h/#c.MBEDTLS_PSA_RANDOM_STATE) as the `p_rng` argument. + ### Entropy sources Unless explicitly configured otherwise, the PSA random generator uses the default entropy sources configured through the legacy interface (`MBEDTLS_ENTROPY_xxx` symbols). Its set of sources is equivalent to an entropy object configured with `mbedtls_entropy_init`. From b33d0ac532eea27b850deb8f27d2485606816e1f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 15 Jun 2023 18:33:15 +0200 Subject: [PATCH 0010/1674] Mention self-tests Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 007beca74..34f7a74f2 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -196,6 +196,10 @@ If a mechanism is not enabled by `PSA_WANT_xxx`, Mbed TLS will often not include Under the hood, `PSA_WANT_xxx` enables the necessary legacy modules. Note that if a mechanism has a PSA accelerator driver, the corresponding legacy module is typically not needed. Thus applications that use a cryptographic mechanism both through the legacy API and through the PSA API need to explicitly enable both the `PSA_WANT_xxx` symbols and the `MBEDTLS_xxx` symbols. +### Self-tests + +There is currently [no PSA equivalent to the self-tests](https://github.com/Mbed-TLS/mbedtls/issues/7781) enabled by `MBEDTLS_SELF_TEST`. + ## Miscellaneous support modules ### Error messages From 5bd4f17e4e48cbffb38b92534ad01ad0af8a879b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 15 Jun 2023 18:33:30 +0200 Subject: [PATCH 0011/1674] Cover ECDH and DHM Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 148 +++++++++++++++++++++++++++++++++++++++-- 1 file changed, 143 insertions(+), 5 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 34f7a74f2..80abd25a4 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -712,9 +712,9 @@ The following cryptographic algorithms work with ECC keys: #### Diffie-Hellman mechanism selection -A finite-field Diffie-Hellman public key has the type [`PSA_KEY_TYPE_DH_PUBLIC_KEY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaa22f0f2ea89b929f2fadc19890cc5d5c). +A finite-field Diffie-Hellman key pair has the type [`PSA_KEY_TYPE_DH_KEY_PAIR(group)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab4f857c4cd56f5fe65ded421e61bcc8c) where `group` is a group family as explained below. -A finite-field Diffie-Hellman key pair has the type [`PSA_KEY_TYPE_DH_KEY_PAIR`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab4f857c4cd56f5fe65ded421e61bcc8c). A key with this type can be used both for private-key and public-key operations (there is no separate key type for a private key without the corresponding public key). +A finite-field Diffie-Hellman public key has the type [`PSA_KEY_TYPE_DH_PUBLIC_KEY(group)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gaa22f0f2ea89b929f2fadc19890cc5d5c) where `group` is a group family as explained below. Due to the design of the API, there is rarely a need to use Diffie-Hellman public key objects. The PSA API only supports Diffie-Hellman with predefined groups. A group is fully determined by a group family identifier and the public key size in bits. @@ -1020,9 +1020,147 @@ The PSA API does not expose partially constructed key objects. This makes the fo ### Key agreement -_(Section not written yet)_ +The PSA API has a generic interface for key agreement, covering the main use of both `ecdh.h` and `dhm.h`. - +#### Diffie-Hellman key pair management + +The PSA API manipulates keys as such, rather than via an operation context. Thus, to use Diffie-Hellman, you need to create a key object, then perform the key exchange, then destroy the key. There is no equivalent to the types `mbedtls_ecdh_context` and `mbedtls_dhm_context`. + +Here is an overview of the lifecycle of a key object. + +1. First define the attributes of the key by filling a [`psa_key_attributes_t` structure](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga0ec645e1fdafe59d591104451ebf5680). You need to set the following parameters: + * Call [`psa_set_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga6857ef0ecb3fa844d4536939d9c64025) to set the key type to the desired `PSA_KEY_TYPE_xxx` value: + * [`PSA_KEY_TYPE_DH_KEY_PAIR(group)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab4f857c4cd56f5fe65ded421e61bcc8c) for finite-field Diffie-Hellman (see “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)”). + * [`PSA_KEY_TYPE_ECC_KEY_PAIR(curve)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0b6f5d4d5037c54ffa850d8059c32df0) for elliptic-curve Diffie-Hellman (see “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)”). + * Call [`psa_set_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaf61683ac87f87687a40262b5afbfa018) to set the private key size in bits. This is optional with `psa_import_key`, which determines the key size from the length of the key material. + * Call [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to select the appropriate algorithm: + * [`PSA_ALG_ECDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab2dbcf71b63785e7dd7b54a100edee43) or [`PSA_ALG_FFDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0ebbb6f93a05b6511e6f108ffd2d1eb4) for a raw key agreement. + * [`PSA_ALG_KEY_AGREEMENT(ka, kdf)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga78bb81cffb87a635c247725eeb2a2682) if the key will be used as part of a key derivation, where: + * `ka` is either `PSA_ALG_ECDH` or `PSA_ALG_FFDH`. + * `kdf` is a key derivation algorithm. + * Call [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de) to enable at least [`PSA_KEY_USAGE_DERIVE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#c.PSA_KEY_USAGE_DERIVE). See “[Public-key cryptography policies](#public-key-cryptography-policies)” for more information. +2. Call one of the key creation functions, passing the attributes defined in the previous step, to get an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t) to the key object. + * Use [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5) to generate a random key. This is normally the case for a Diffie-Hellman key. + * Use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) to directly import key material. + * If the key is derived deterministically from other material, use the [key derivation interface](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/) and create the key with [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1). +3. Call the functions in the following sections to perform operations on the key. The same key object can be used in multiple operations. +4. To free the resources used by the key object, call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) after all operations with that key are finished. + +#### Performing a key agreement + +Call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) to obtain the public key that needs to be sent to the other party. +Use the macros [`PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE) or [`PSA_EXPORT_PUBLIC_KEY_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) to determine the size of the output buffer. + +Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) to calculate the shared secret from your private key and the other party's public key. +Use the macros [`PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE) or [`PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. + +Call [`psa_key_derivation_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga2cd5a8ac906747d3204ec442db78745f) instead of `psa_raw_key_agreement` to use the resulting shared secret as the secret input to a key derivation. See “[HKDF](#hkdf)” for an example of the key derivation interface. + +#### Translating a legacy key agreement contextless flow + +A typical flow for ECDH using the legacy API without a context object is: + +1. Initialize objects: + * `mbedtls_ecp_group grp` for the curve; + * `mbedtls_mpi our_priv` for our private key; + * `mbedtls_ecp_point our_pub` for our public key; + * `mbedtls_ecp_point their_pub` for their public key (this may be the same variable as `our_pub` if the application does not need to hold both at the same time); + * `mbedtls_mpi z` for the shared secret (this may be the same variable as `our_priv` when doing ephemeral ECDH). +2. Call `mbedtls_ecp_group_load` on `grp` to select the curve. +3. Call `mbedtls_ecdh_gen_public` on `grp`, `our_priv` (output) and `our_pub` (output) to generate a key pair and retrieve the corresponding public key. +4. Send `our_pub` to the peer. Retriev the peer's public key and import it into `their_pub`. These two actions may be performed in either order. +5. Call `mbedtls_ecdh_compute_shared` on `grp`, `z` (output), `their_pub` and `our_priv`. +6. Use the raw shared secret `z`, typically, to construct a shared key. +7. Free `grp`, `our_priv`, `our_pub`, `their_pub` and `z`. + +The corresponding flow with the PSA API is as follows: + +1. Initialize objects: + * `psa_key_id_t our_key`: a handle to our key pair; + * `psa_key_attributes_t attributes`: key attributes used in steps 2–3;; + * `our_pub`: a buffer of size [`PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, bits)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE) (where `key_type` is the value passed to `psa_set_key_size` in step 2) or [`PSA_EXPORT_PUBLIC_KEY_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) to hold our key. + * `their_pub`: a buffer of the same size, to hold the peer's key. This can be the same as `our_pub` if the application does not need to hold both at the same time; + * `shared_secret`: a buffer of size [`PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(key_type, bits)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE) or [`PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) (if not using a key derivation operation). +2. Prepare an attribute structure as desccribed in “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)”, in particular selecting the curve with `psa_set_key_type`. +3. Call [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5) on `attributes` and `our_key` (output) to generate a key pair, then [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on `our_key` and `our_pub` (output) to obtain our public key. +4. Send `our_pub` to the peer. Retriev the peer's public key and import it into `their_pub`. These two actions may be performed in either order. +5. Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) on `our_key`, `their_pub` and `shared_secret` (output). + Alternatively, call `psa_key_derivation_key_agreement` to use the shared secret directly in a key derivation operation (see “[Performing a key agreement](#performing-a-key-agreement)”). +6. Call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) on `key_id`, and free the memory buffers. + +Steps 4–5 are only performed once for ephemeral Diffie-Hellman, but repeated multiple times for static Diffie-Hellman. + +#### Translating a legacy key agreement TLS server flow + +The legacy API offers the following flow for a Diffie-Hellman key agreement in a TLS server. This flow can also be used with other protocols, on the side of the party that selects the curve or group and sends its public key first. + +1. Setup phase: + 1. Initialize a context of type `mbedtls_ecdh_context` or `mbedtls_dhm_context` with `mbedtls_ecdh_init` or `mbedtls_dhm_init`. + 2. Call `mbedtls_ecdh_setup` or `mbedtls_dhm_set_group` to select the curve or group. + 3. Call `mbedtls_ecdh_make_params` or `mbedtls_dhm_make_params` to generate our key pair and obtain a TLS ServerKeyExchange message encoding the selected curve/group and our public key. +2. Send the ServerKeyExchange message to the peer. +3. Retrieve the peer's public key. +4. Call `mbedtls_ecdh_read_public` or `mbedtls_dhm_read_public` on the peer's public key, then call `mbedtls_ecdh_calc_secret` or `mbedtls_dhm_calc_secret` to calculate the shared secret. +5. Free the context with `mbedtls_ecdh_free` or `mbedtls_dhm_free`. + +The corresponding flow with the PSA API is as follows: + +1. Setup phase: + 1. Generate an ECDH or DHM key pair with `psa_generate_key` as described in “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)”. + 2. Call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) to obtain our public key. + 3. Format a ServerKeyExchange message containing the curve/group selection and our public key. +2. Send the ServerKeyExchange message to the peer. +3. Retrieve the peer's public key. +4. Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) on `our_key`, `their_pub` and `shared_secret` (output). + Alternatively, call `psa_key_derivation_key_agreement` to use the shared secret directly in a key derivation operation (see “[Performing a key agreement](#performing-a-key-agreement)”). +5. Call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) to free the resources associated with our key pair. + +#### Translating a legacy key agreement TLS client flow + +The legacy API offers the following flow for a Diffie-Hellman key agreement in a TLS client. This flow can also be used with other protocols, on the side of the party that receives a message indicating both the choice of curve or group, and the peer's public key. + +1. Upon reception of a TLS ServerKeyExchange message received from the peer, which encodes the selected curve/group and the peer's public key: + 1. Initialize a context of type `mbedtls_ecdh_context` or `mbedtls_dhm_context` with `mbedtls_ecdh_init` or `mbedtls_dhm_init`. + 2. Call `mbedtls_ecdh_read_params` or `mbedtls_dhm_read_params` to input the data from the ServerKeyExchange message. +2. Call `mbedtls_ecdh_make_public` or `mbedtls_dh_make_public` to generate our private key and export our public key. +3. Send our public key to the peer. +4. Call `mbedtls_ecdh_calc_secret` or `mbedtls_dhm_calc_secret` to calculate the shared secret. +5. Free the context with `mbedtls_ecdh_free` or `mbedtls_dhm_free`. + +The corresponding flow with the PSA API is as follows: + +1. Upon reception of a TLS ServerKeyExchange message received from the peer, which encodes the selected curve/group and the peer's public key: + 1. Decode the select curve/group and use this to determine a PSA key type (`PSA_KEY_TYPE_ECC_KEY_PAIR(curve)` or `PSA_KEY_TYPE_DH_KEY_PAIR(group)`), a key size and an algorithm. +2. Generate an ECDH or DHM key pair with `psa_generate_key` as described in “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)”. + Call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) to obtain our public key. +3. Send our public key to the peer. +4. Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) on `our_key`, `their_pub` and `shared_secret` (output). + Alternatively, call `psa_key_derivation_key_agreement` to use the shared secret directly in a key derivation operation (see “[Performing a key agreement](#performing-a-key-agreement)”). +5. Call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) to free the resources associated with our key pair. + +#### ECDH and DHM metadata functions + +The legacy function `mbedtls_ecdh_get_params` allows the application to retrieve an `mbedtls_ecp_keypair` containing either our key pair, or the peer's public key. The PSA equivalent depends on the use case: + +* With either side, accessing the group: call [`psa_get_key_attributes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gacbbf5c11eac6cd70c87ffb936e1b9be2) on the key identifier, then [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918) and [`psa_get_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga5bee85c2164ad3d4c0d42501241eeb06) to obtain metadata about the key. +* With `MBEDTLS_ECDH_OURS`, accessing the public key: call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on PSA key identifier. +* With `MBEDTLS_ECDH_OURS`, accessing the private key: call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) on the key identifier. Note that the key policy must allow `PSA_KEY_USAGE_EXPORT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). +* With `MBEDTLS_ECDH_THEIRS`, accessing the public key (there is no private key): there is no PSA equivalent since the PSA API only uses the peer's public key to immediately calculate the shared secret. If your application needs the peer's public key for some other purpose, store it separately. + +The functions `mbedtls_dhm_get_bitlen`, `mbedtls_dhm_get_len` and `mbedtls_dhm_get_value` allow the caller to obtain metadata about the keys used for the key exchange. The PSA equivalents access the key identifier: + +* `mbedtls_dhm_get_bitlen`, `mbedtls_dhm_get_len`: call [`psa_get_key_attributes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gacbbf5c11eac6cd70c87ffb936e1b9be2) on the PSA key identifier, then [`psa_get_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga5bee85c2164ad3d4c0d42501241eeb06). +* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_X` (our private key): call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) on the key identifier. Note that the key policy must allow `PSA_KEY_USAGE_EXPORT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). +* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_GX` (our public key): call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on PSA key identifier. +* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_GY` (peer's public key): the there is no PSA equivalent since the PSA API only uses the peer's public key to immediately calculate the shared secret. If your application needs the peer's public key for some other purpose, store it separately. +* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_K` (shared secret): this is the value calculated by `psa_raw_key_agreement` or `psa_key_derivation_key_agreement`. If you need to use it multiple times (for example to derive multiple values independently), call `psa_raw_key_agreement` and make a copy. +* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_P` or `MBEDTLS_DHM_PARAM_G` (group parameters): [there is no PSA API to retrieve these values](https://github.com/Mbed-TLS/mbedtls/issues/7780). + +The PSA API for finite-field Diffie-Hellman only supports predefined groups. Therefore there is no equivalent to `mbedtls_dhm_parse_dhm`, `mbedtls_dhm_parse_dhmfile`, and the `MBEDTLS_DHM_xxx_BIN` macros. + +#### Restartable key agreement + +Restartable key agreement is not yet available through the PSA API. It will be added in a future version of the library. ### Additional information about Elliptic-curve cryptography @@ -1032,7 +1170,7 @@ _(Section not written yet)_ #### ECC functionality with no PSA equivalent -There is no PSA equivalent of `mbedtls_ecdsa_can_do` to query the capabilities of a curve at runtime. Check the documentation of each curve family to see what algorithms it supports. +There is no PSA equivalent of `mbedtls_ecdsa_can_do` and `mbedtls_ecdh_can_do` to query the capabilities of a curve at runtime. Check the documentation of each curve family to see what algorithms it supports. There is no PSA equivalent to the types `mbedtls_ecdsa_context` and `mbedtls_ecdsa_restart_ctx`, and to basic ECDSA context manipulation functions including `mbedtls_ecdsa_from_keypair`, because they are not needed: the PSA API does not have ECDSA-specific context types. From f75e65d90baeb812f303ebe6ee99553ced01396b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 15 Jun 2023 18:39:14 +0200 Subject: [PATCH 0012/1674] Rename PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_USE to ..._BASIC per https://github.com/Mbed-TLS/mbedtls/issues/7439#issuecomment-1592673401 and https://github.com/Mbed-TLS/mbedtls/pull/7774#discussion_r1230658660 State that EXPORT implies BASIC. Also fix missing `WANT_` parts. Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 80abd25a4..ed6c016e7 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -163,11 +163,11 @@ The availability of cryptographic mechanisms in the PSA API is based on a system * To make `PSA_KEY_TYPE_ttt` available, enable `PSA_WANT_KEY_TYPE_ttt`. As an exception, starting in Mbed TLS 3.5.0, for key pair types, the feature selection is more fine-grained, with an additional suffix: - * `PSA_KEY_TYPE_xxx_USE` enables support for operations with a key of that type (for enabled algorithms). This is automatically enabled if any key creation method (`IMPORT`, `GENERATE` or `DERIVE`) is enabled. - * `PSA_KEY_TYPE_xxx_IMPORT` enables support for `psa_import_key` to import a key of that type. - * `PSA_KEY_TYPE_xxx_GENERATE` enables support for `psa_generate_key` to randomly generate a key of that type. - * `PSA_KEY_TYPE_xxx_DERIVE` enables support for `psa_key_derivation_output_key` to deterministically derive a key of that type. - * `PSA_KEY_TYPE_xxx_EXPORT` enables support for `psa_export_key` to export a key of that type. + * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_BASIC` enables basic support for the key type, and in particular support for operations with a key of that type for enabled algorithms. This is automatically enabled if any of the other `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy` options is enabled. + * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_IMPORT` enables support for `psa_import_key` to import a key of that type. + * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_GENERATE` enables support for `psa_generate_key` to randomly generate a key of that type. + * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_DERIVE` enables support for `psa_key_derivation_output_key` to deterministically derive a key of that type. + * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_EXPORT` enables support for `psa_export_key` to export a key of that type. Enabling any support for a key pair type automatically enables support for the corresponding public key type, as well as support for `psa_export_public_key` on the private key. @@ -185,7 +185,7 @@ For example, the following configuration enables hashing with SHA-256, AEAD with #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 // ^^ In Mbed TLS <= 3.4, enable PSA_WANT_KEY_TYPE_ECC_KEY_PAIR instead -// ^^ implicitly enables PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_USE, PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY +// ^^ implicitly enables PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC, PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY #define PSA_WANT_ECC_SECP_R1_256 1 // secp256r1 (suitable for ECDSA and ECDH) #define PSA_WANT_ECC_MONTGOMERY_255 1 // Curve25519 (suitable for ECDH) #define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 From 379ff8754d03ca23db2413e5b5eb687ed6fd5a02 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 15 Jun 2023 21:15:21 +0200 Subject: [PATCH 0013/1674] Cover ecp.h Also correct some statements about rsa/ecp/pk check functions. Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 87 ++++++++++++++++++++++++++++++++++++++---- 1 file changed, 79 insertions(+), 8 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index ed6c016e7..c78d0e424 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -196,6 +196,12 @@ If a mechanism is not enabled by `PSA_WANT_xxx`, Mbed TLS will often not include Under the hood, `PSA_WANT_xxx` enables the necessary legacy modules. Note that if a mechanism has a PSA accelerator driver, the corresponding legacy module is typically not needed. Thus applications that use a cryptographic mechanism both through the legacy API and through the PSA API need to explicitly enable both the `PSA_WANT_xxx` symbols and the `MBEDTLS_xxx` symbols. +### Optimization options + +When PSA Crypto mechanisms are implemented by the built-in code from Mbed TLS, the legacy optimization options (e.g. `MBEDTLS_SHA256_SMALLER`, `MBEDTLS_ECP_WINDOW_SIZE`, etc.) apply to the PSA implementation as well (they invoke the same code under the hood). + +The PSA Crypto API may use accelerator drivers. In this case any options controlling the driver behavior are driver-specific. + ### Self-tests There is currently [no PSA equivalent to the self-tests](https://github.com/Mbed-TLS/mbedtls/issues/7781) enabled by `MBEDTLS_SELF_TEST`. @@ -954,7 +960,7 @@ The flow of operations for an interruptible signature verification operation is If you need to interrupt the operation after calling the start function without waiting for the complete function to return a success or failure status, call [`psa_sign_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1gae893a4813aa8e03bd201fe4f1bbbb403) or [`psa_verify_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga18dc9c0cc27d590c5e3b186094d90f88). -Call [`psa_interruptible_set_max_ops`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga6d86790b31657c13705214f373af869e) to set the number of basic operations per call. This is the same unit as `mbedtls_ecp_set_max_ops`. +Call [`psa_interruptible_set_max_ops`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga6d86790b31657c13705214f373af869e) to set the number of basic operations per call. This is the same unit as `mbedtls_ecp_set_max_ops`. You can retrieve the current value with [`psa_interruptible_get_max_ops`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga73e66a6d93f2690b626fcea20ada62b2). The value is [`PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible/#group__interruptible_1gad19c1da7f6b7d59d5873d5b68eb943d4) if operations are not restartable, which corresponds to `mbedtls_ecp_restart_is_enabled()` being false. #### PKCS#1 v1.5 RSA signature @@ -1007,17 +1013,34 @@ The PSA algorithm is [`PSA_ALG_RSA_OAEP(hash)`](https://mbed-tls.readthedocs.io/ As with the PK API, the mask generation is MGF1, the label is empty, and the same hash algorithm is used for MGF1 and to hash the label. The PSA API does not offer a way to choose a different label or a different hash algorithm for the label. +### Private-public key consistency + +There is no direct equivalent of the functions `mbedtls_rsa_check_privkey`, `mbedtls_rsa_check_pubkey`,`mbedtls_ecp_check_privkey`, `mbedtls_ecp_check_pubkey`. The PSA API performs some basic checks when it imports a key, and may perform additional checks before performing an operation if needed, so it will never perform an operation on a key that does not satisfy these checks, but the details of when the check is performed may change between versions of the library. + +The legacy API provide functions `mbedtls_pk_check_pair`, `mbedtls_rsa_check_pub_priv` and `mbedtls_ecp_check_pub_priv`, which can be used to check the consistency between a private key and a public key. To perform such a check with the PSA API, you can export the public keys; this works because the PSA representation of public keys is canonical. + +* Prepare a key object containing the private key, for example with [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b). +* Prepare a key object containing the public key, for example with [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b). +* Export both public keys with [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) (this is possible regardless of the usage policies on the keys) and compare the output. + ``` + // Error checking omitted + unsigned char pub1[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE]; + unsigned char pub2[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE]; + size_t length1, length2; + psa_export_public_key(key1, pub1, sizeof(pub1), &length1); + psa_export_public_key(key2, pub2, sizeof(pub2), &length2); + if (length1 == length2 && !memcmp(pub1, pub2, length1)) + puts("The keys match"); + else + puts("The keys do not match"); + ``` + ### PK functionality with no PSA equivalent There is no PSA equivalent of the debug functionality provided by `mbedtls_pk_debug`. Use `psa_export_key` to export the key if desired. There is no PSA equivalent to Mbed TLS's custom key type names exposed by `mbedtls_pk_get_name`. -The PSA API does not expose partially constructed key objects. This makes the following functions unnecessary: - -* `mbedtls_rsa_copy`, `mbedtls_ecp_copy`: a PSA key object is immutable, so the copy would have to be identical. -* `mbedtls_pk_check_pair`, `mbedtls_rsa_check_privkey`, `mbedtls_rsa_check_pubkey`, `mbedtls_rsa_check_pub_priv`,`mbedtls_ecp_check_privkey`, `mbedtls_ecp_check_pubkey`, `mbedtls_ecp_check_pub_priv`: if a key has been constructed successfully, it is guaranteed to be valid. - ### Key agreement The PSA API has a generic interface for key agreement, covering the main use of both `ecdh.h` and `dhm.h`. @@ -1164,9 +1187,47 @@ Restartable key agreement is not yet available through the PSA API. It will be a ### Additional information about Elliptic-curve cryptography -_(Section not written yet)_ +#### Information about a curve - +The legacy API identifies a curve by an `MBEDTLS_ECP_DP_xxx` value of type `mbedtls_ecp_group_id`. The PSA API identifies a curve by a `PSA_ECC_FAMILY_xxx` value and the private value's bit-size. See “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” for the correspondence between the two sets of values. + +There is no PSA equivalent of the `mbedtls_ecp_group` data structure (and so no equivalent to `mbedtls_ecp_group_init`, `mbedtls_ecp_group_load`, `mbedtls_ecp_group_copy` and `mbedtls_ecp_group_free`) or of the `mbedtls_ecp_curve_info` data structure (and so no equivalent to `mbedtls_ecp_curve_info_from_grp_id`) because they are not needed. All API elements identify the curve directly by its family and size. + +The bit-size used by the PSA API is the size of the private key. For most curves, the PSA bit-size, the `bit_size` field in `mbedtls_ecp_curve_info`, the `nbits` field in `mbedtls_ecp_group` and the `pbits` field in `mbedtls_ecp_group` are the same. The following table lists curves for which they are different. + +| Curve | `grp->nbits` | `grp->pbits` | `curve_info->bit_size` | PSA bit-size | +| ----- | ------------ | ------------ | ---------------------- | ------------ | +| secp224k1 | 224 | 225 | 224 | not supported | +| Curve25519 | 253 | 255 | 256 | 255 | +| Curve448 | 446 | 448 | 448 | 448 | + +There is no exact PSA equivalent of the type `mbedtls_ecp_curve_type` and the function `mbedtls_ecp_get_type`, but the curve family encodes the same information. `PSA_ECC_FAMILY_MONTGOMERY` is the only Montgomery family. All other families supported in Mbed TLS 3.4.0 are short Weierstrass families. + +There is no PSA equivalent for the following functionality: + +* The `name` field of `mbedtls_ecp_curve_info`, and the function `mbedtls_ecp_curve_info_from_name`. There is no equivalent of Mbed TLS's lookup based on a (nonstandard) name. +* The `tls_id` field of `mbedtls_ecp_curve_info`, the constant `MBEDTLS_ECP_TLS_NAMED_CURVE`, and the functions `mbedtls_ecp_curve_info_from_tls_id`, `mbedtls_ecp_tls_read_group`, `mbedtls_ecp_tls_read_group_id` and `mbedtls_ecp_tls_write_group`. The PSA crypto API does not have this dedicated support for the TLS protocol. +* Retrieving the parameters of a curve from the fields of an `mbedtls_ecp_group` structure. + +#### Information about supported curves + +The PSA API does not currently have a discovery mechanism for cryptographic mechanisms (although one may be added in the future). Thus there is no equivalent for `MBEDTLS_ECP_DP_MAX` and the functions `mbedtls_ecp_curve_list` and `mbedtls_ecp_grp_id_list`. + +The API provies macros that give the maximum supported sizes for various kinds of objects. The following table lists equivalents for `MBEDTLS_ECP_MAX_xxx` macros. + +| Legacy macro | PSA equivalent | +| ------------ | -------------- | +| `MBEDTLS_ECP_MAX_BITS` | [`PSA_VENDOR_ECC_MAX_CURVE_BITS`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_VENDOR_ECC_MAX_CURVE_BITS) | +| `MBEDTLS_ECP_MAX_BYTES` | `PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)` | +| `MBEDTLS_ECP_MAX_PT_LEN` | [`PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE) | + +#### Restartable ECC + +The PSA API supports the equivalent of restartable operations, but only for signatures at the time of writing. See “[Restartable ECDSA signature](#restartable-ecdsa-signature)”. + +There is no PSA API for elliptic curve arithmetic as such, and therefore no equivalent of `mbedtls_ecp_restart_ctx` and functions that operate on it. + +There is PSA no equivalent of the `MBEDTLS_ECP_OPS_xxx` constants. #### ECC functionality with no PSA equivalent @@ -1174,6 +1235,14 @@ There is no PSA equivalent of `mbedtls_ecdsa_can_do` and `mbedtls_ecdh_can_do` t There is no PSA equivalent to the types `mbedtls_ecdsa_context` and `mbedtls_ecdsa_restart_ctx`, and to basic ECDSA context manipulation functions including `mbedtls_ecdsa_from_keypair`, because they are not needed: the PSA API does not have ECDSA-specific context types. +#### No curve arithmetic + +The PSA API is a cryptography API, not an arithmetic API. As a consequence, there is no PSA equivalent for the ECC arithmetic functionality exposed by `ecp.h`: + +* Manipulation of point objects and input-output: the type `mbedtls_ecp_point` and functions operating on it (`mbedtls_ecp_point_xxx`, `mbedtls_ecp_copy`, `mbedtls_ecp_{set,is}_zero`, `mbedtls_ecp_tls_{read,write}_point`). Note that the PSA export format for public keys corresponds to the uncompressed point format (`MBEDTLS_ECP_PF_UNCOMPRESSED`), so [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b), [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) and [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) are equivalent to `mbedtls_ecp_point_read_binary` and `mbedtls_ecp_point_write_binary` for uncompressed points. The PSA API does not currently support compressed points, but it is likely that such support will be added in the future. +* Manipulation of key pairs as such, with a bridge to bignum arithmetic (`mbedtls_ecp_keypair` type, `mbedtls_ecp_export`). However, the PSA export format for ECC private keys used by [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b), [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) is the same as the format used by `mbedtls_ecp_read_key` and `mbedtls_ecp_write_key`. +* Elliptic curve arithmetic (`mbedtls_ecp_mul`, `mbedtls_ecp_muladd` and their restartable variants). + ### Additional information about RSA #### RSA-ALT interface @@ -1197,6 +1266,8 @@ The PSA API does not support constructing RSA keys progressively from numbers wi There is no direct equivalent of `mbedtls_rsa_export`, `mbedtls_rsa_export_raw` and `mbedtls_rsa_export_crt` to export some of the numbers in a key. You can export the whole key with `psa_export_key`, or with `psa_export_public_key` to export the public key from a key pair object. See also “[Exporting a public key or a key pair](#exporting-a-public-key-or-a-key-pair)”. +A PSA key object is immutable, so there is no need for an equivalent of `mbedtls_rsa_copy`. (There is a function `psa_copy_key`, but it is only useful to make a copy of a key with a different policy of ownership; both concepts are out of scope of this document since they have no equivalent in the legacy API.) + ### PK format support interfaces The interfaces in `base64.h`, `asn1.h`, `asn1write.h`, `oid.h` and `pem.h` are intended to support X.509 and key file formats. They have no PSA equivalent since they are not directly about cryptography. They remain unchanged in Mbed TLS 3.x. In the future, they are likely to move out of the cryptography part of Mbed TLS and into the public-key/X.509 part. From 603f0fca6ef0ac56e94525a1db583845871894d9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Jun 2023 23:38:21 +0200 Subject: [PATCH 0014/1674] The ECP curve name is the one from TLS, not one we made up Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index c78d0e424..065915452 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -1205,7 +1205,7 @@ There is no exact PSA equivalent of the type `mbedtls_ecp_curve_type` and the fu There is no PSA equivalent for the following functionality: -* The `name` field of `mbedtls_ecp_curve_info`, and the function `mbedtls_ecp_curve_info_from_name`. There is no equivalent of Mbed TLS's lookup based on a (nonstandard) name. +* The `name` field of `mbedtls_ecp_curve_info`, and the function `mbedtls_ecp_curve_info_from_name`. There is no equivalent of Mbed TLS's lookup based on the name used for the curve in TLS specifications. * The `tls_id` field of `mbedtls_ecp_curve_info`, the constant `MBEDTLS_ECP_TLS_NAMED_CURVE`, and the functions `mbedtls_ecp_curve_info_from_tls_id`, `mbedtls_ecp_tls_read_group`, `mbedtls_ecp_tls_read_group_id` and `mbedtls_ecp_tls_write_group`. The PSA crypto API does not have this dedicated support for the TLS protocol. * Retrieving the parameters of a curve from the fields of an `mbedtls_ecp_group` structure. From 909cf5a3ecc1e91c62e148f96f03400ca88869ff Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Jun 2023 23:38:39 +0200 Subject: [PATCH 0015/1674] Show how to extract curve information from an ecp_keypair It's not pretty. Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 065915452..fabac9c85 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -800,16 +800,30 @@ psa_import_key(&attributes, buf + sizeof(buf) - length, length, &key_id); mbedtls_pk_free(&pk); ``` -For an ECC private key (a future version of Mbed TLS [will provide a function to calculate the curve family](https://github.com/Mbed-TLS/mbedtls/issues/7764)): +For an ECC private key (a future version of Mbed TLS [will provide a more direct way to find the curve family](https://github.com/Mbed-TLS/mbedtls/issues/7764)): ``` unsigned char buf[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)]; size_t length = PSA_BITS_TO_BYTES(mbedtls_pk_bitlen(&pk)); mbedtls_ecp_keypair *ec = mbedtls_pk_ec(&pk); +psa_ecc_curve_t curve; +{ + mbedtls_ecp_group grp; + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point Q; + mbedtls_ecp_point_init(&Q); + mbedtls_mpi d; + mbedtls_mpi_init(&d); + mbedtls_ecp_export(ec, &grp, &d, &Q); + size_t bits; + curve = mbedtls_ecc_group_to_psa(grp.id, &bits); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&Q); + mbedtls_mpi_free(&d); +} mbedtls_ecp_write_key(ec, buf, length); -psa_ecc_curve_t curve = ...; // need to determine the curve family manually psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; -psa_set_key_attributes(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); +psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_... | ...); psa_set_key_algorithm(&attributes, PSA_ALGORITHM_...); psa_key_id_t key_id = 0; From 0b74434e2af40743f8ac051d7df0ed80e68310e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 26 Jun 2023 11:28:00 +0200 Subject: [PATCH 0016/1674] SSL programs: group options processing in 1 place MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- programs/ssl/ssl_client2.c | 50 +++++++++++++++++++------------------- programs/ssl/ssl_server2.c | 50 +++++++++++++++++++------------------- 2 files changed, 50 insertions(+), 50 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 12a1068f9..f4914ec40 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -867,31 +867,6 @@ int main(int argc, char *argv[]) mbedtls_test_enable_insecure_external_rng(); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ - if (argc < 2) { -usage: - if (ret == 0) { - ret = 1; - } - - mbedtls_printf(USAGE1); - mbedtls_printf(USAGE2); - mbedtls_printf(USAGE3); - mbedtls_printf(USAGE4); - - list = mbedtls_ssl_list_ciphersuites(); - while (*list) { - mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name(*list)); - list++; - if (!*list) { - break; - } - mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list)); - list++; - } - mbedtls_printf("\n"); - goto exit; - } - opt.server_name = DFL_SERVER_NAME; opt.server_addr = DFL_SERVER_ADDR; opt.server_port = DFL_SERVER_PORT; @@ -976,6 +951,31 @@ usage: opt.key_opaque_alg1 = DFL_KEY_OPAQUE_ALG; opt.key_opaque_alg2 = DFL_KEY_OPAQUE_ALG; + if (argc < 2) { +usage: + if (ret == 0) { + ret = 1; + } + + mbedtls_printf(USAGE1); + mbedtls_printf(USAGE2); + mbedtls_printf(USAGE3); + mbedtls_printf(USAGE4); + + list = mbedtls_ssl_list_ciphersuites(); + while (*list) { + mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name(*list)); + list++; + if (!*list) { + break; + } + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list)); + list++; + } + mbedtls_printf("\n"); + goto exit; + } + for (i = 1; i < argc; i++) { p = argv[i]; if ((q = strchr(p, '=')) == NULL) { diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 5f8bea93c..a3e95ccd5 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1643,31 +1643,6 @@ int main(int argc, char *argv[]) signal(SIGINT, term_handler); #endif - if (argc < 2) { -usage: - if (ret == 0) { - ret = 1; - } - - mbedtls_printf(USAGE1); - mbedtls_printf(USAGE2); - mbedtls_printf(USAGE3); - mbedtls_printf(USAGE4); - - list = mbedtls_ssl_list_ciphersuites(); - while (*list) { - mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name(*list)); - list++; - if (!*list) { - break; - } - mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list)); - list++; - } - mbedtls_printf("\n"); - goto exit; - } - opt.buffer_size = DFL_IO_BUF_LEN; opt.server_addr = DFL_SERVER_ADDR; opt.server_port = DFL_SERVER_PORT; @@ -1766,6 +1741,31 @@ usage: opt.key2_opaque_alg1 = DFL_KEY_OPAQUE_ALG; opt.key2_opaque_alg2 = DFL_KEY_OPAQUE_ALG; + if (argc < 2) { +usage: + if (ret == 0) { + ret = 1; + } + + mbedtls_printf(USAGE1); + mbedtls_printf(USAGE2); + mbedtls_printf(USAGE3); + mbedtls_printf(USAGE4); + + list = mbedtls_ssl_list_ciphersuites(); + while (*list) { + mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name(*list)); + list++; + if (!*list) { + break; + } + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list)); + list++; + } + mbedtls_printf("\n"); + goto exit; + } + for (i = 1; i < argc; i++) { p = argv[i]; if ((q = strchr(p, '=')) == NULL) { From 3eea9a461cfbffb27f3ca5d95b4ea988b8799b4b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 26 Jun 2023 11:29:35 +0200 Subject: [PATCH 0017/1674] SSL programs: allow invoking without arguments MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit All options have reasonable default so the programs don't need arguments to do something useful. It is widely accepted for programs that can work without arguments need not insist on the user passing arguments, see 'ls', 'wc', 'sort', 'more' and any number of POSIX utilities that all work without arguments. It is also the historical behaviour of those programs, and something relied one by at least a few team members. Signed-off-by: Manuel Pégourié-Gonnard --- programs/ssl/ssl_client2.c | 2 +- programs/ssl/ssl_server2.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index f4914ec40..d84333436 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -951,7 +951,7 @@ int main(int argc, char *argv[]) opt.key_opaque_alg1 = DFL_KEY_OPAQUE_ALG; opt.key_opaque_alg2 = DFL_KEY_OPAQUE_ALG; - if (argc < 2) { + if (argc < 1) { usage: if (ret == 0) { ret = 1; diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index a3e95ccd5..b305bc534 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1741,7 +1741,7 @@ int main(int argc, char *argv[]) opt.key2_opaque_alg1 = DFL_KEY_OPAQUE_ALG; opt.key2_opaque_alg2 = DFL_KEY_OPAQUE_ALG; - if (argc < 2) { + if (argc < 1) { usage: if (ret == 0) { ret = 1; From 39a0a76fcc3f8aa0ebae8ee02d8d7966d0cfe062 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 27 Jun 2023 09:28:24 +0200 Subject: [PATCH 0018/1674] SSL programs: improve command-line error reporting MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Every now and then, I see of these programs failing with a super-long usage message that gives no clue as to what went wrong. (Recently it happened with a test case in ssl-opt.sh with a fairly long command line that was entirely correct, except some options were not valid in this config - the test should have been skipped but wasn't due to some other bug. It took me longer to figure out than it should have, and could have if the program had simply reported which param was not recognized.) Also, have an explicit "help" command, separate "help_ciphersuites", and have default usage message that's not multiple screens long. Signed-off-by: Manuel Pégourié-Gonnard --- programs/ssl/ssl_client2.c | 60 ++++++++++++++++++++++++++------------ programs/ssl/ssl_server2.c | 60 ++++++++++++++++++++++++++------------ 2 files changed, 84 insertions(+), 36 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index d84333436..0e0e9cee7 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -464,7 +464,7 @@ int main(void) " otherwise. The expansion of the macro\n" \ " is printed if it is defined\n" \ USAGE_SERIALIZATION \ - " acceptable ciphersuite names:\n" + "\n" #define ALPN_LIST_SIZE 10 #define CURVE_LIST_SIZE 20 @@ -951,34 +951,54 @@ int main(int argc, char *argv[]) opt.key_opaque_alg1 = DFL_KEY_OPAQUE_ALG; opt.key_opaque_alg2 = DFL_KEY_OPAQUE_ALG; + p = q = NULL; if (argc < 1) { usage: + if (p != NULL && q != NULL) { + printf("unrecognized value for '%s': '%s'\n", p, q); + } else if (p != NULL && q == NULL) { + printf("unrecognized param: '%s'\n", p); + } + + mbedtls_printf("usage: ssl_client2 [param=value] [...]\n"); + mbedtls_printf(" ssl_client2 help[_theme]\n"); + mbedtls_printf("'help' lists acceptable 'param' and 'value'\n"); + mbedtls_printf("'help_ciphersuites' lists available ciphersuites\n"); + mbedtls_printf("\n"); + if (ret == 0) { ret = 1; } - - mbedtls_printf(USAGE1); - mbedtls_printf(USAGE2); - mbedtls_printf(USAGE3); - mbedtls_printf(USAGE4); - - list = mbedtls_ssl_list_ciphersuites(); - while (*list) { - mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name(*list)); - list++; - if (!*list) { - break; - } - mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list)); - list++; - } - mbedtls_printf("\n"); goto exit; } for (i = 1; i < argc; i++) { p = argv[i]; + + if (strcmp(p, "help") == 0) { + mbedtls_printf(USAGE1); + mbedtls_printf(USAGE2); + mbedtls_printf(USAGE3); + mbedtls_printf(USAGE4); + + ret = 0; + goto exit; + } + if (strcmp(p, "help_ciphersuites") == 0) { + mbedtls_printf(" acceptable ciphersuite names:\n"); + for (list = mbedtls_ssl_list_ciphersuites(); + *list != 0; + list++) { + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list)); + } + + ret = 0; + goto exit; + } + if ((q = strchr(p, '=')) == NULL) { + mbedtls_printf("param requires a value: '%s'\n", p); + p = NULL; // avoid "unrecnognized param" message goto usage; } *q++ = '\0'; @@ -1375,9 +1395,13 @@ usage: goto usage; } } else { + /* This signals that the problem is with p not q */ + q = NULL; goto usage; } } + /* This signals that any further errors are not with a single option */ + p = q = NULL; if (opt.nss_keylog != 0 && opt.eap_tls != 0) { mbedtls_printf("Error: eap_tls and nss_keylog options cannot be used together.\n"); diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index b305bc534..769a56a50 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -584,7 +584,7 @@ int main(void) " otherwise. The expansion of the macro\n" \ " is printed if it is defined\n" \ USAGE_SERIALIZATION \ - " acceptable ciphersuite names:\n" + "\n" #define ALPN_LIST_SIZE 10 #define CURVE_LIST_SIZE 20 @@ -1741,34 +1741,54 @@ int main(int argc, char *argv[]) opt.key2_opaque_alg1 = DFL_KEY_OPAQUE_ALG; opt.key2_opaque_alg2 = DFL_KEY_OPAQUE_ALG; + p = q = NULL; if (argc < 1) { usage: + if (p != NULL && q != NULL) { + printf("unrecognized value for '%s': '%s'\n", p, q); + } else if (p != NULL && q == NULL) { + printf("unrecognized param: '%s'\n", p); + } + + mbedtls_printf("usage: ssl_client2 [param=value] [...]\n"); + mbedtls_printf(" ssl_client2 help[_theme]\n"); + mbedtls_printf("'help' lists acceptable 'param' and 'value'\n"); + mbedtls_printf("'help_ciphersuites' lists available ciphersuites\n"); + mbedtls_printf("\n"); + if (ret == 0) { ret = 1; } - - mbedtls_printf(USAGE1); - mbedtls_printf(USAGE2); - mbedtls_printf(USAGE3); - mbedtls_printf(USAGE4); - - list = mbedtls_ssl_list_ciphersuites(); - while (*list) { - mbedtls_printf(" %-42s", mbedtls_ssl_get_ciphersuite_name(*list)); - list++; - if (!*list) { - break; - } - mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list)); - list++; - } - mbedtls_printf("\n"); goto exit; } for (i = 1; i < argc; i++) { p = argv[i]; + + if (strcmp(p, "help") == 0) { + mbedtls_printf(USAGE1); + mbedtls_printf(USAGE2); + mbedtls_printf(USAGE3); + mbedtls_printf(USAGE4); + + ret = 0; + goto exit; + } + if (strcmp(p, "help_ciphersuites") == 0) { + mbedtls_printf(" acceptable ciphersuite names:\n"); + for (list = mbedtls_ssl_list_ciphersuites(); + *list != 0; + list++) { + mbedtls_printf(" %s\n", mbedtls_ssl_get_ciphersuite_name(*list)); + } + + ret = 0; + goto exit; + } + if ((q = strchr(p, '=')) == NULL) { + mbedtls_printf("param requires a value: '%s'\n", p); + p = NULL; // avoid "unrecnognized param" message goto usage; } *q++ = '\0'; @@ -2233,9 +2253,13 @@ usage: goto usage; } } else { + /* This signals that the problem is with p not q */ + q = NULL; goto usage; } } + /* This signals that any further erorrs are not with a single option */ + p = q = NULL; if (opt.nss_keylog != 0 && opt.eap_tls != 0) { mbedtls_printf("Error: eap_tls and nss_keylog options cannot be used together.\n"); From f8b9ebf2974d3891d3e0a04867d63e4f3c0af322 Mon Sep 17 00:00:00 2001 From: Hannes Tschofenig Date: Tue, 18 Jul 2023 13:46:10 +0100 Subject: [PATCH 0019/1674] Add example program for PSA hash This commit adds the example program for PSA hash as well as the relevant changes to CMakeLists.txt and the Makefile. Signed-off-by: Thomas Daubney --- programs/Makefile | 5 ++ programs/psa/CMakeLists.txt | 1 + programs/psa/psa_hash.c | 152 ++++++++++++++++++++++++++++++++++++ 3 files changed, 158 insertions(+) create mode 100644 programs/psa/psa_hash.c diff --git a/programs/Makefile b/programs/Makefile index 3509fc374..0bd1b924e 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -109,6 +109,7 @@ APPS = \ psa/hmac_demo \ psa/key_ladder_demo \ psa/psa_constant_names \ + psa/psa_hash \ random/gen_entropy \ random/gen_random_ctr_drbg \ ssl/dtls_client \ @@ -316,6 +317,10 @@ psa/psa_constant_names$(EXEXT): psa/psa_constant_names.c psa/psa_constant_names_ echo " CC psa/psa_constant_names.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ +psa/psa_hash$(EXEXT): psa/psa_hash.c $(DEP) + echo " CC psa/psa_hash.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_hash.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + random/gen_entropy$(EXEXT): random/gen_entropy.c $(DEP) echo " CC random/gen_entropy.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_entropy.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt index 7ba4af63d..c8ee626d8 100644 --- a/programs/psa/CMakeLists.txt +++ b/programs/psa/CMakeLists.txt @@ -4,6 +4,7 @@ set(executables hmac_demo key_ladder_demo psa_constant_names + psa_hash ) if(GEN_FILES) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c new file mode 100644 index 000000000..45f61320e --- /dev/null +++ b/programs/psa/psa_hash.c @@ -0,0 +1,152 @@ +/* + * Example computing a SHA-256 hash using the PSA Crypto API + * + * The example computes the SHA-256 hash of a test string using the + * one-shot API call psa_hash_compute() and the using multi-part + * operation, which requires psa_hash_setup(), psa_hash_update() and + * psa_hash_finish(). The multi-part operation is popular on embedded + * devices where a rolling hash needs to be computed. + * + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +#include "psa/crypto.h" +#include +#include +#include + +#include "mbedtls/build_info.h" + +#define TEST_SHA256_HASH { \ + 0x5a, 0x09, 0xe8, 0xfa, 0x9c, 0x77, 0x80, 0x7b, 0x24, 0xe9, 0x9c, 0x9c, \ + 0xf9, 0x99, 0xde, 0xbf, 0xad, 0x84, 0x41, 0xe2, 0x69, 0xeb, 0x96, 0x0e, \ + 0x20, 0x1f, 0x61, 0xfc, 0x3d, 0xe2, 0x0d, 0x5a \ +} + +const uint8_t mbedtls_test_sha256_hash[] = TEST_SHA256_HASH; + +const size_t mbedtls_test_sha256_hash_len = + sizeof( mbedtls_test_sha256_hash ); + +#if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_SHA256_C) +int main( void ) +{ + printf( "MBEDTLS_PSA_CRYPTO_C and MBEDTLS_SHA256_C" + "not defined.\r\n" ); + return( EXIT_SUCCESS ); +} +#else + +int main( void ) +{ + uint8_t buf[] = "Hello World!"; + psa_status_t status; + uint8_t hash[PSA_HASH_MAX_SIZE]; + size_t hash_size; + psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t cloned_sha256 = PSA_HASH_OPERATION_INIT; + + printf( "PSA Crypto API: SHA-256 example\n\n" ); + + status = psa_crypto_init( ); + if( status != PSA_SUCCESS ) + { + printf( "psa_crypto_init failed\n" ); + return( EXIT_FAILURE ); + } + + + /* Compute hash using multi-part operation */ + + status = psa_hash_setup( &sha256_psa, PSA_ALG_SHA_256 ); + if( status != PSA_SUCCESS ) + { + printf( "psa_hash_setup failed\n" ); + return( EXIT_FAILURE ); + } + + status = psa_hash_update( &sha256_psa, buf, sizeof( buf ) ); + if( status != PSA_SUCCESS ) + { + printf( "psa_hash_update failed\n" ); + return( EXIT_FAILURE ); + } + + status = psa_hash_clone( &sha256_psa, &cloned_sha256 ); + if( status != PSA_SUCCESS ) + { + printf( "PSA hash clone failed" ); + return( EXIT_FAILURE ); + } + + status = psa_hash_finish( &sha256_psa, hash, sizeof( hash ), &hash_size ); + if( status != PSA_SUCCESS ) + { + printf( "psa_hash_finish failed\n" ); + return( EXIT_FAILURE ); + } + + status = psa_hash_verify( &cloned_sha256, mbedtls_test_sha256_hash, mbedtls_test_sha256_hash_len ); + if( status != PSA_SUCCESS ) + { + printf( "psa_hash_verify failed\n" ); + return( EXIT_FAILURE ); + } else + { + printf( "Multi-part hash operation successful!\n"); + } + + /* Compute hash using one-shot function call */ + memset( hash,0,sizeof( hash ) ); + hash_size = 0; + + status = psa_hash_compute( PSA_ALG_SHA_256, + buf, sizeof( buf ), + hash, sizeof( hash ), + &hash_size ); + if( status != PSA_SUCCESS ) + { + printf( "psa_hash_compute failed\n" ); + return( EXIT_FAILURE ); + } + + for( size_t j = 0; j < mbedtls_test_sha256_hash_len; j++ ) + { + if( hash[j] != mbedtls_test_sha256_hash[j] ) + { + printf( "One-shot hash operation failed!\n\n"); + return( EXIT_FAILURE ); + } + } + + printf( "One-shot hash operation successful!\n\n"); + + printf( "The SHA-256( '%s' ) is:\n", buf ); + + for( size_t j = 0; j < mbedtls_test_sha256_hash_len; j++ ) + { + if( j % 8 == 0 ) printf( "\n " ); + printf( "%02x ", hash[j] ); + } + + printf( "\n" ); + + mbedtls_psa_crypto_free( ); + return( EXIT_SUCCESS ); +} +#endif /* MBEDTLS_PSA_CRYPTO_C && MBEDTLS_SHA256_C */ From 209c9c94925195c26cee30acf6ceb9ea612bda07 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 18 Jul 2023 14:59:45 +0100 Subject: [PATCH 0020/1674] Bring code-style up-to-date This PR was originally created before the code style was changed. This commit updates the style. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 126 +++++++++++++++++++--------------------- 1 file changed, 59 insertions(+), 67 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 45f61320e..4be9c3839 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -33,26 +33,26 @@ #include "mbedtls/build_info.h" #define TEST_SHA256_HASH { \ - 0x5a, 0x09, 0xe8, 0xfa, 0x9c, 0x77, 0x80, 0x7b, 0x24, 0xe9, 0x9c, 0x9c, \ - 0xf9, 0x99, 0xde, 0xbf, 0xad, 0x84, 0x41, 0xe2, 0x69, 0xeb, 0x96, 0x0e, \ - 0x20, 0x1f, 0x61, 0xfc, 0x3d, 0xe2, 0x0d, 0x5a \ + 0x5a, 0x09, 0xe8, 0xfa, 0x9c, 0x77, 0x80, 0x7b, 0x24, 0xe9, 0x9c, 0x9c, \ + 0xf9, 0x99, 0xde, 0xbf, 0xad, 0x84, 0x41, 0xe2, 0x69, 0xeb, 0x96, 0x0e, \ + 0x20, 0x1f, 0x61, 0xfc, 0x3d, 0xe2, 0x0d, 0x5a \ } const uint8_t mbedtls_test_sha256_hash[] = TEST_SHA256_HASH; const size_t mbedtls_test_sha256_hash_len = - sizeof( mbedtls_test_sha256_hash ); + sizeof(mbedtls_test_sha256_hash); #if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_SHA256_C) -int main( void ) +int main(void) { - printf( "MBEDTLS_PSA_CRYPTO_C and MBEDTLS_SHA256_C" - "not defined.\r\n" ); - return( EXIT_SUCCESS ); + printf("MBEDTLS_PSA_CRYPTO_C and MBEDTLS_SHA256_C" + "not defined.\r\n"); + return EXIT_SUCCESS; } #else -int main( void ) +int main(void) { uint8_t buf[] = "Hello World!"; psa_status_t status; @@ -61,92 +61,84 @@ int main( void ) psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT; psa_hash_operation_t cloned_sha256 = PSA_HASH_OPERATION_INIT; - printf( "PSA Crypto API: SHA-256 example\n\n" ); + printf("PSA Crypto API: SHA-256 example\n\n"); - status = psa_crypto_init( ); - if( status != PSA_SUCCESS ) - { - printf( "psa_crypto_init failed\n" ); - return( EXIT_FAILURE ); + status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + printf("psa_crypto_init failed\n"); + return EXIT_FAILURE; } /* Compute hash using multi-part operation */ - status = psa_hash_setup( &sha256_psa, PSA_ALG_SHA_256 ); - if( status != PSA_SUCCESS ) - { - printf( "psa_hash_setup failed\n" ); - return( EXIT_FAILURE ); + status = psa_hash_setup(&sha256_psa, PSA_ALG_SHA_256); + if (status != PSA_SUCCESS) { + printf("psa_hash_setup failed\n"); + return EXIT_FAILURE; } - status = psa_hash_update( &sha256_psa, buf, sizeof( buf ) ); - if( status != PSA_SUCCESS ) - { - printf( "psa_hash_update failed\n" ); - return( EXIT_FAILURE ); + status = psa_hash_update(&sha256_psa, buf, sizeof(buf)); + if (status != PSA_SUCCESS) { + printf("psa_hash_update failed\n"); + return EXIT_FAILURE; } - status = psa_hash_clone( &sha256_psa, &cloned_sha256 ); - if( status != PSA_SUCCESS ) - { - printf( "PSA hash clone failed" ); - return( EXIT_FAILURE ); + status = psa_hash_clone(&sha256_psa, &cloned_sha256); + if (status != PSA_SUCCESS) { + printf("PSA hash clone failed"); + return EXIT_FAILURE; } - status = psa_hash_finish( &sha256_psa, hash, sizeof( hash ), &hash_size ); - if( status != PSA_SUCCESS ) - { - printf( "psa_hash_finish failed\n" ); - return( EXIT_FAILURE ); + status = psa_hash_finish(&sha256_psa, hash, sizeof(hash), &hash_size); + if (status != PSA_SUCCESS) { + printf("psa_hash_finish failed\n"); + return EXIT_FAILURE; } - status = psa_hash_verify( &cloned_sha256, mbedtls_test_sha256_hash, mbedtls_test_sha256_hash_len ); - if( status != PSA_SUCCESS ) - { - printf( "psa_hash_verify failed\n" ); - return( EXIT_FAILURE ); - } else - { - printf( "Multi-part hash operation successful!\n"); + status = + psa_hash_verify(&cloned_sha256, mbedtls_test_sha256_hash, mbedtls_test_sha256_hash_len); + if (status != PSA_SUCCESS) { + printf("psa_hash_verify failed\n"); + return EXIT_FAILURE; + } else { + printf("Multi-part hash operation successful!\n"); } /* Compute hash using one-shot function call */ - memset( hash,0,sizeof( hash ) ); + memset(hash, 0, sizeof(hash)); hash_size = 0; - status = psa_hash_compute( PSA_ALG_SHA_256, - buf, sizeof( buf ), - hash, sizeof( hash ), - &hash_size ); - if( status != PSA_SUCCESS ) - { - printf( "psa_hash_compute failed\n" ); - return( EXIT_FAILURE ); + status = psa_hash_compute(PSA_ALG_SHA_256, + buf, sizeof(buf), + hash, sizeof(hash), + &hash_size); + if (status != PSA_SUCCESS) { + printf("psa_hash_compute failed\n"); + return EXIT_FAILURE; } - for( size_t j = 0; j < mbedtls_test_sha256_hash_len; j++ ) - { - if( hash[j] != mbedtls_test_sha256_hash[j] ) - { - printf( "One-shot hash operation failed!\n\n"); - return( EXIT_FAILURE ); + for (size_t j = 0; j < mbedtls_test_sha256_hash_len; j++) { + if (hash[j] != mbedtls_test_sha256_hash[j]) { + printf("One-shot hash operation failed!\n\n"); + return EXIT_FAILURE; } } - printf( "One-shot hash operation successful!\n\n"); + printf("One-shot hash operation successful!\n\n"); - printf( "The SHA-256( '%s' ) is:\n", buf ); + printf("The SHA-256( '%s' ) is:\n", buf); - for( size_t j = 0; j < mbedtls_test_sha256_hash_len; j++ ) - { - if( j % 8 == 0 ) printf( "\n " ); - printf( "%02x ", hash[j] ); + for (size_t j = 0; j < mbedtls_test_sha256_hash_len; j++) { + if (j % 8 == 0) { + printf("\n "); + } + printf("%02x ", hash[j]); } - printf( "\n" ); + printf("\n"); - mbedtls_psa_crypto_free( ); - return( EXIT_SUCCESS ); + mbedtls_psa_crypto_free(); + return EXIT_SUCCESS; } #endif /* MBEDTLS_PSA_CRYPTO_C && MBEDTLS_SHA256_C */ From 8907815866bf853a1e4792a84767f9e31ed8b1c8 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 18 Jul 2023 18:29:46 +0100 Subject: [PATCH 0021/1674] Added ChangeLog entry Signed-off-by: Thomas Daubney --- ChangeLog.d/add-psa-example-program-hash.txt | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 ChangeLog.d/add-psa-example-program-hash.txt diff --git a/ChangeLog.d/add-psa-example-program-hash.txt b/ChangeLog.d/add-psa-example-program-hash.txt new file mode 100644 index 000000000..ba4da20d3 --- /dev/null +++ b/ChangeLog.d/add-psa-example-program-hash.txt @@ -0,0 +1,2 @@ +Features + * Added an example program showing how to hash with the PSA API. From f7348ae1fc298ed4b1e3e3aceb95cb3f60b56885 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 24 Jul 2023 12:18:40 +0100 Subject: [PATCH 0022/1674] Improve program from first round review comments Following an initial review: - Swap printf for mbedtls_printf - Remove MBEDTLS_xxx dependencies - Demonstrate correct buffer sizing Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 4be9c3839..07d0b4fa9 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -31,6 +31,7 @@ #include #include "mbedtls/build_info.h" +#include "mbedtls/platform.h" #define TEST_SHA256_HASH { \ 0x5a, 0x09, 0xe8, 0xfa, 0x9c, 0x77, 0x80, 0x7b, 0x24, 0xe9, 0x9c, 0x9c, \ @@ -43,10 +44,10 @@ const uint8_t mbedtls_test_sha256_hash[] = TEST_SHA256_HASH; const size_t mbedtls_test_sha256_hash_len = sizeof(mbedtls_test_sha256_hash); -#if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_SHA256_C) +#if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(PSA_WANT_ALG_SHA_256) int main(void) { - printf("MBEDTLS_PSA_CRYPTO_C and MBEDTLS_SHA256_C" + mbedtls_printf("MBEDTLS_PSA_CRYPTO_C and MBEDTLS_SHA256_C" "not defined.\r\n"); return EXIT_SUCCESS; } @@ -56,16 +57,16 @@ int main(void) { uint8_t buf[] = "Hello World!"; psa_status_t status; - uint8_t hash[PSA_HASH_MAX_SIZE]; + uint8_t hash[PSA_HASH_LENGTH(PSA_ALG_SHA_256)]; size_t hash_size; psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT; psa_hash_operation_t cloned_sha256 = PSA_HASH_OPERATION_INIT; - printf("PSA Crypto API: SHA-256 example\n\n"); + mbedtls_printf("PSA Crypto API: SHA-256 example\n\n"); status = psa_crypto_init(); if (status != PSA_SUCCESS) { - printf("psa_crypto_init failed\n"); + mbedtls_printf("psa_crypto_init failed\n"); return EXIT_FAILURE; } @@ -74,35 +75,35 @@ int main(void) status = psa_hash_setup(&sha256_psa, PSA_ALG_SHA_256); if (status != PSA_SUCCESS) { - printf("psa_hash_setup failed\n"); + mbedtls_printf("psa_hash_setup failed\n"); return EXIT_FAILURE; } status = psa_hash_update(&sha256_psa, buf, sizeof(buf)); if (status != PSA_SUCCESS) { - printf("psa_hash_update failed\n"); + mbedtls_printf("psa_hash_update failed\n"); return EXIT_FAILURE; } status = psa_hash_clone(&sha256_psa, &cloned_sha256); if (status != PSA_SUCCESS) { - printf("PSA hash clone failed"); + mbedtls_printf("PSA hash clone failed"); return EXIT_FAILURE; } status = psa_hash_finish(&sha256_psa, hash, sizeof(hash), &hash_size); if (status != PSA_SUCCESS) { - printf("psa_hash_finish failed\n"); + mbedtls_printf("psa_hash_finish failed\n"); return EXIT_FAILURE; } status = psa_hash_verify(&cloned_sha256, mbedtls_test_sha256_hash, mbedtls_test_sha256_hash_len); if (status != PSA_SUCCESS) { - printf("psa_hash_verify failed\n"); + mbedtls_printf("psa_hash_verify failed\n"); return EXIT_FAILURE; } else { - printf("Multi-part hash operation successful!\n"); + mbedtls_printf("Multi-part hash operation successful!\n"); } /* Compute hash using one-shot function call */ @@ -114,29 +115,29 @@ int main(void) hash, sizeof(hash), &hash_size); if (status != PSA_SUCCESS) { - printf("psa_hash_compute failed\n"); + mbedtls_printf("psa_hash_compute failed\n"); return EXIT_FAILURE; } for (size_t j = 0; j < mbedtls_test_sha256_hash_len; j++) { if (hash[j] != mbedtls_test_sha256_hash[j]) { - printf("One-shot hash operation failed!\n\n"); + mbedtls_printf("One-shot hash operation failed!\n\n"); return EXIT_FAILURE; } } - printf("One-shot hash operation successful!\n\n"); + mbedtls_printf("One-shot hash operation successful!\n\n"); - printf("The SHA-256( '%s' ) is:\n", buf); + mbedtls_printf("The SHA-256( '%s' ) is:\n", buf); for (size_t j = 0; j < mbedtls_test_sha256_hash_len; j++) { if (j % 8 == 0) { - printf("\n "); + mbedtls_printf("\n "); } - printf("%02x ", hash[j]); + mbedtls_printf("%02x ", hash[j]); } - printf("\n"); + mbedtls_printf("\n"); mbedtls_psa_crypto_free(); return EXIT_SUCCESS; From 1db78fa32a2e716cfc670f826e7a47d5cd71d4ad Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 24 Jul 2023 16:49:14 +0100 Subject: [PATCH 0023/1674] Demonstrate algorithm agility Define HALH_ALG to the desired PSA algorithm to demostrate the ease of swapping algorithms with the PSA API. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 07d0b4fa9..adf547d0b 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -33,6 +33,8 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform.h" +#define HASH_ALG PSA_ALG_SHA_256 + #define TEST_SHA256_HASH { \ 0x5a, 0x09, 0xe8, 0xfa, 0x9c, 0x77, 0x80, 0x7b, 0x24, 0xe9, 0x9c, 0x9c, \ 0xf9, 0x99, 0xde, 0xbf, 0xad, 0x84, 0x41, 0xe2, 0x69, 0xeb, 0x96, 0x0e, \ @@ -57,7 +59,7 @@ int main(void) { uint8_t buf[] = "Hello World!"; psa_status_t status; - uint8_t hash[PSA_HASH_LENGTH(PSA_ALG_SHA_256)]; + uint8_t hash[PSA_HASH_LENGTH(HASH_ALG)]; size_t hash_size; psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT; psa_hash_operation_t cloned_sha256 = PSA_HASH_OPERATION_INIT; @@ -73,7 +75,7 @@ int main(void) /* Compute hash using multi-part operation */ - status = psa_hash_setup(&sha256_psa, PSA_ALG_SHA_256); + status = psa_hash_setup(&sha256_psa, HASH_ALG); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_setup failed\n"); return EXIT_FAILURE; @@ -110,7 +112,7 @@ int main(void) memset(hash, 0, sizeof(hash)); hash_size = 0; - status = psa_hash_compute(PSA_ALG_SHA_256, + status = psa_hash_compute(HASH_ALG, buf, sizeof(buf), hash, sizeof(hash), &hash_size); From 9520df7580c570c00d6492e706aff234ed98acfa Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 25 Jul 2023 10:56:54 +0100 Subject: [PATCH 0024/1674] Fix code style Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index adf547d0b..6cb0cb834 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -50,7 +50,7 @@ const size_t mbedtls_test_sha256_hash_len = int main(void) { mbedtls_printf("MBEDTLS_PSA_CRYPTO_C and MBEDTLS_SHA256_C" - "not defined.\r\n"); + "not defined.\r\n"); return EXIT_SUCCESS; } #else From 1fd916a1a3e63d69084a0cfd9dabd00819b116b4 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 25 Jul 2023 16:10:48 +0100 Subject: [PATCH 0025/1674] Address review comments - make operation name more generic - make use of psa_hash_abort Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 32 ++++++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 6cb0cb834..47ba2dcf5 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -61,48 +61,60 @@ int main(void) psa_status_t status; uint8_t hash[PSA_HASH_LENGTH(HASH_ALG)]; size_t hash_size; - psa_hash_operation_t sha256_psa = PSA_HASH_OPERATION_INIT; - psa_hash_operation_t cloned_sha256 = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t psa_hash_operation = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t cloned_psa_hash_operation = PSA_HASH_OPERATION_INIT; mbedtls_printf("PSA Crypto API: SHA-256 example\n\n"); status = psa_crypto_init(); if (status != PSA_SUCCESS) { mbedtls_printf("psa_crypto_init failed\n"); + psa_hash_abort(&psa_hash_operation); + psa_hash_abort(&cloned_psa_hash_operation); return EXIT_FAILURE; } - /* Compute hash using multi-part operation */ - status = psa_hash_setup(&sha256_psa, HASH_ALG); + status = psa_hash_setup(&psa_hash_operation, HASH_ALG); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_setup failed\n"); + psa_hash_abort(&psa_hash_operation); + psa_hash_abort(&cloned_psa_hash_operation); return EXIT_FAILURE; } - status = psa_hash_update(&sha256_psa, buf, sizeof(buf)); + status = psa_hash_update(&psa_hash_operation, buf, sizeof(buf)); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_update failed\n"); + psa_hash_abort(&psa_hash_operation); + psa_hash_abort(&cloned_psa_hash_operation); return EXIT_FAILURE; } - status = psa_hash_clone(&sha256_psa, &cloned_sha256); + status = psa_hash_clone(&psa_hash_operation, &cloned_psa_hash_operation); if (status != PSA_SUCCESS) { mbedtls_printf("PSA hash clone failed"); + psa_hash_abort(&psa_hash_operation); + psa_hash_abort(&cloned_psa_hash_operation); return EXIT_FAILURE; } - status = psa_hash_finish(&sha256_psa, hash, sizeof(hash), &hash_size); + status = psa_hash_finish(&psa_hash_operation, hash, sizeof(hash), &hash_size); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_finish failed\n"); + psa_hash_abort(&psa_hash_operation); + psa_hash_abort(&cloned_psa_hash_operation); return EXIT_FAILURE; } status = - psa_hash_verify(&cloned_sha256, mbedtls_test_sha256_hash, mbedtls_test_sha256_hash_len); + psa_hash_verify(&cloned_psa_hash_operation, mbedtls_test_sha256_hash, + mbedtls_test_sha256_hash_len); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_verify failed\n"); + psa_hash_abort(&psa_hash_operation); + psa_hash_abort(&cloned_psa_hash_operation); return EXIT_FAILURE; } else { mbedtls_printf("Multi-part hash operation successful!\n"); @@ -118,12 +130,16 @@ int main(void) &hash_size); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_compute failed\n"); + psa_hash_abort(&psa_hash_operation); + psa_hash_abort(&cloned_psa_hash_operation); return EXIT_FAILURE; } for (size_t j = 0; j < mbedtls_test_sha256_hash_len; j++) { if (hash[j] != mbedtls_test_sha256_hash[j]) { mbedtls_printf("One-shot hash operation failed!\n\n"); + psa_hash_abort(&psa_hash_operation); + psa_hash_abort(&cloned_psa_hash_operation); return EXIT_FAILURE; } } From 2fcf04f46869cbe3e3bdb601a83659705206b345 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 14 Jun 2019 18:23:03 +0200 Subject: [PATCH 0026/1674] Run demo scripts and check that they work run_demos.py is the frontend to a framework for smoke-testing the sample programs. It runs scripts called programs/*/*_demo.sh ("demo scripts") and check that they succeed. A typical demo script runs one sample program or a combination of sample programs to demonstrate their usage. Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 41 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100755 tests/scripts/run_demos.py diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py new file mode 100755 index 000000000..3d4b1e0c6 --- /dev/null +++ b/tests/scripts/run_demos.py @@ -0,0 +1,41 @@ +#!/usr/bin/env python3 +"""Run the Mbed TLS demo scripts. +""" +import glob +import subprocess +import sys + +def run_demo(demo): + """Run the specified demo script. Return True if it succeeds.""" + returncode = subprocess.call([demo]) + return returncode == 0 + +def run_demos(demos): + """Run the specified demos and print summary information about failures. + + Return True if all demos passed and False if a demo fails. + """ + failures = [] + for demo in demos: + print('#### {} ####'.format(demo)) + if not run_demo(demo): + failures.append(demo) + print('{}: FAIL'.format(demo)) + print('') + successes = len(demos) - len(failures) + print('{}/{} demos passed'.format(successes, len(demos))) + if failures: + print('Failures:', *failures) + return not failures + +def run_all_demos(): + """Run all the available demos. + + Return True if all demos passed and False if a demo fails. + """ + all_demos = glob.glob('programs/*/*_demo.sh') + return run_demos(all_demos) + +if __name__ == '__main__': + if not run_all_demos(): + sys.exit(1) From d1b5f6f6099f097a4464751c4d38b09ebfdb36cd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 23 Apr 2020 17:33:36 +0200 Subject: [PATCH 0027/1674] Move common code of demo scripts into a library The new file programs/demo_common.sh contains initialization code, utility functions and cleanup code meant to be used by all demo scripts written in sh. Initial features: * msg: Display a message. * run, run_bad: Run a command, visibly. * $root_dir, $programs_dir: location of the mbedtls source tree. * $files_to_clean: files that are cleaned up on exit. Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 89 +++++++++++++++++++++++++++++++++ programs/psa/key_ladder_demo.sh | 40 ++++----------- 2 files changed, 98 insertions(+), 31 deletions(-) create mode 100644 programs/demo_common.sh diff --git a/programs/demo_common.sh b/programs/demo_common.sh new file mode 100644 index 000000000..91b33b9e8 --- /dev/null +++ b/programs/demo_common.sh @@ -0,0 +1,89 @@ +## Common shell functions used by demo scripts programs/*/*.sh. + +## How to write a demo script +## ========================== +## +## Include this file near the top of each demo script: +## . "${0%/*}/../demo_common.sh" +## +## As the last thing in the script, call the cleanup function. +## +## You can use the functions and variables described below. + +set -e -u + +## $root_dir is the root directory of the Mbed TLS source tree. +root_dir="${0%/*}" +n=4 # limit the search depth +while ! [ -d "$root_dir/programs" ] || ! [ -d "$root_dir/library" ]; do + if [ $n -eq 0 ]; then + echo >&2 "This doesn't seem to be an Mbed TLS source tree." + exit 125 + fi + n=$((n - 1)) + case $root_dir in + .) root_dir="..";; + ..|?*/..) root_dir="$root_dir/..";; + ?*/*) root_dir="${root_dir%/*}";; + /*) root_dir="/";; + *) root_dir=".";; + esac +done + +## $programs_dir is the directory containing the sample programs. +programs_dir="$root_dir/programs" + +## msg LINE... +## msg Date: Thu, 23 Apr 2020 17:50:26 +0200 Subject: [PATCH 0028/1674] Demo scripts: create a seedfile if the configuration requires it Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index 91b33b9e8..fcd075285 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -71,6 +71,14 @@ run_bad () { not "$@" } +## config_has SYMBOL... +## Succeeds if the library configuration has all SYMBOLs set. +config_has () { + for x in "$@"; do + "$programs_dir/test/query_compile_time_config" "$x" + done +} + ## Add the names of files to clean up to this whitespace-separated variable. ## The file names must not contain whitespace characters. files_to_clean= @@ -87,3 +95,11 @@ cleanup () { trap 'cleanup; trap - HUP; kill -HUP $$' HUP trap 'cleanup; trap - INT; kill -INT $$' INT trap 'cleanup; trap - TERM; kill -TERM $$' TERM + +if config_has MBEDTLS_ENTROPY_NV_SEED; then + # Create a seedfile that's sufficiently long in all library configurations. + # This is necessary for programs that use randomness. + # Assume that the name of the seedfile is the default name. + files_to_clean="$files_to_clean seedfile" + dd if=/dev/urandom of=seedfile ibs=64 obs=64 count=1 +fi From b2bcdc1c1746e8beb8d2ff23c54f15bffa9fd450 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 23 Apr 2020 18:50:37 +0200 Subject: [PATCH 0029/1674] Let demo scripts declare their dependencies Demo scripts should declare their build-time dependencies, to make them more user-friendly. If a dependency is not met, users should see an explicit message rather than an incomprehensible error. Don't rely on the dependencies of individual programs because some demo scripts use multiple programs and because some scripts might have additional requirements. Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index fcd075285..78763b82e 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -6,6 +6,10 @@ ## Include this file near the top of each demo script: ## . "${0%/*}/../demo_common.sh" ## +## Start with a "msg" call that explains the purpose of the script. +## Then call the "depends_on" function to ensure that all config +## dependencies are met. +## ## As the last thing in the script, call the cleanup function. ## ## You can use the functions and variables described below. @@ -79,6 +83,20 @@ config_has () { done } +## depends_on SYMBOL... +## Exit if the library configuration does not have all SYMBOLs set. +depends_on () { + if ! config_has "$@"; then + cat >&2 < Date: Wed, 22 Apr 2020 21:45:49 +0200 Subject: [PATCH 0030/1674] Declare the dependencies of key_ladder_demo.sh Signed-off-by: Gilles Peskine --- programs/psa/key_ladder_demo.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/programs/psa/key_ladder_demo.sh b/programs/psa/key_ladder_demo.sh index 0186183f9..dbe925b51 100755 --- a/programs/psa/key_ladder_demo.sh +++ b/programs/psa/key_ladder_demo.sh @@ -23,6 +23,8 @@ create a master key, derive a key from it and use that key to wrap the derived key using an AEAD algorithm. EOF +depends_on MBEDTLS_SHA256_C MBEDTLS_MD_C MBEDTLS_AES_C MBEDTLS_CCM_C MBEDTLS_PSA_CRYPTO_C MBEDTLS_FS_IO + program="${0%/*}"/key_ladder_demo if [ -e master.key ]; then From 82b2727e51d919e5ff742661d862aca64ddfeeba Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 14 Jun 2019 18:27:03 +0200 Subject: [PATCH 0031/1674] Run demo scripts in some builds Run the sample program demo scripts in builds with a configuration that is at least as complete as the default configuration. Do not run sample programs in all configurations since they are expected to fail if a required feature is missing. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index e3db6fdbd..747a2c80b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1003,6 +1003,9 @@ component_test_default_out_of_box () { msg "selftest: make, default config (out-of-box)" # ~10s programs/test/selftest + + msg "program demos: make, default config (out-of-box)" # ~10s + tests/scripts/run_demos.py } component_test_default_cmake_gcc_asan () { @@ -1013,6 +1016,9 @@ component_test_default_cmake_gcc_asan () { msg "test: main suites (inc. selftests) (ASan build)" # ~ 50s make test + msg "program demos (ASan build)" # ~10s + tests/scripts/run_demos.py + msg "test: selftest (ASan build)" # ~ 10s programs/test/selftest @@ -1858,6 +1864,9 @@ component_test_full_cmake_clang () { msg "test: cpp_dummy_build (full config, clang)" # ~ 1s programs/test/cpp_dummy_build + msg "program demos (full config, clang)" # ~10s + tests/scripts/run_demos.py + msg "test: psa_constant_names (full config, clang)" # ~ 1s tests/scripts/test_psa_constant_names.py @@ -2021,6 +2030,9 @@ component_test_full_deprecated_warning () { msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s make test + + msg "program demos: full config + MBEDTLS_TEST_DEPRECATED" # ~10s + tests/scripts/run_demos.py } # Check that the specified libraries exist and are empty. @@ -4606,6 +4618,9 @@ component_test_memsan () { msg "test: main suites (MSan)" # ~ 10s make test + msg "program demos (MSan)" # ~20s + tests/scripts/run_demos.py + msg "test: ssl-opt.sh (MSan)" # ~ 1 min tests/ssl-opt.sh From c142620724ace3c56f8096956482be13f27a83ad Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:29:12 +0200 Subject: [PATCH 0032/1674] cleanup is part of the external interface Since there's no EXIT trap in plain sh, the main script must call it explicitly when it exits. Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index 78763b82e..ef2acfcc0 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -101,15 +101,18 @@ EOF ## The file names must not contain whitespace characters. files_to_clean= +## Call this function at the end of each script. +## It is called automatically if the script is killed by a signal. +cleanup () { + rm -f -- $files_to_clean +} + ################################################################ ## End of the public interfaces. Code beyond this point is not ## meant to be called directly from a demo script. -cleanup () { - rm -f -- $files_to_clean -} trap 'cleanup; trap - HUP; kill -HUP $$' HUP trap 'cleanup; trap - INT; kill -INT $$' INT trap 'cleanup; trap - TERM; kill -TERM $$' TERM From fc09d27a92a0d8d7205577299bfab91e2c12ff4a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:29:57 +0200 Subject: [PATCH 0033/1674] Print only missing dependencies Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index ef2acfcc0..ff3f0408c 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -86,11 +86,17 @@ config_has () { ## depends_on SYMBOL... ## Exit if the library configuration does not have all SYMBOLs set. depends_on () { - if ! config_has "$@"; then + m= + for x in "$@"; do + if ! config_has "$x"; then + m="$m $x" + fi + done + if [ -n "$m" ]; then cat >&2 < Date: Sun, 26 Apr 2020 22:31:35 +0200 Subject: [PATCH 0034/1674] Explain why $root_dir needs a complicated calculation Signed-off-by: Gilles Peskine --- programs/demo_common.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/programs/demo_common.sh b/programs/demo_common.sh index ff3f0408c..d8fcda554 100644 --- a/programs/demo_common.sh +++ b/programs/demo_common.sh @@ -18,6 +18,10 @@ set -e -u ## $root_dir is the root directory of the Mbed TLS source tree. root_dir="${0%/*}" +# Find a nice path to the root directory, avoiding unnecessary "../". +# The code supports demo scripts nested up to 4 levels deep. +# The code works no matter where the demo script is relative to the current +# directory, even if it is called with a relative path. n=4 # limit the search depth while ! [ -d "$root_dir/programs" ] || ! [ -d "$root_dir/library" ]; do if [ $n -eq 0 ]; then @@ -35,6 +39,7 @@ while ! [ -d "$root_dir/programs" ] || ! [ -d "$root_dir/library" ]; do done ## $programs_dir is the directory containing the sample programs. +# Assume an in-tree build. programs_dir="$root_dir/programs" ## msg LINE... From 198d87ad527c494d31840c878840097966c5486c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:33:48 +0200 Subject: [PATCH 0035/1674] Minor readability improvements Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index 3d4b1e0c6..c8e399665 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -18,7 +18,8 @@ def run_demos(demos): failures = [] for demo in demos: print('#### {} ####'.format(demo)) - if not run_demo(demo): + success = run_demo(demo) + if not success: failures.append(demo) print('{}: FAIL'.format(demo)) print('') @@ -36,6 +37,9 @@ def run_all_demos(): all_demos = glob.glob('programs/*/*_demo.sh') return run_demos(all_demos) +def main(): + success = run_all_demos() + sys.exit(0 if success else 1) + if __name__ == '__main__': - if not run_all_demos(): - sys.exit(1) + main() From 086f85f0556f0f9644382e60a4e83e090e0c7a75 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:43:05 +0200 Subject: [PATCH 0036/1674] Fix some mistakes in descriptive messages Signed-off-by: Gilles Peskine --- programs/psa/key_ladder_demo.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/programs/psa/key_ladder_demo.sh b/programs/psa/key_ladder_demo.sh index dbe925b51..bb4a24f75 100755 --- a/programs/psa/key_ladder_demo.sh +++ b/programs/psa/key_ladder_demo.sh @@ -19,8 +19,8 @@ msg <<'EOF' This script demonstrates the use of the PSA cryptography interface to -create a master key, derive a key from it and use that key to wrap -the derived key using an AEAD algorithm. +create a master key, derive a key from it and use that derived key to +wrap some data using an AEAD algorithm. EOF depends_on MBEDTLS_SHA256_C MBEDTLS_MD_C MBEDTLS_AES_C MBEDTLS_CCM_C MBEDTLS_PSA_CRYPTO_C MBEDTLS_FS_IO @@ -49,7 +49,7 @@ run "Compare the unwrapped data with the original input." \ cmp input.txt hello_world.txt files_to_clean="$files_to_clean hellow_orld.txt" -run_bad "Derive a different key and attempt to unwrap the data. This must fail." \ +run_bad "Derive a different key and attempt to unwrap the data." \ "$program" unwrap master=master.key input=hello_world.wrap output=hellow_orld.txt label=hellow label=orld files_to_clean="$files_to_clean hello.key" From 9fdc657cbf33dfb24f77c86e31a0af15b2d7a94e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 26 Apr 2020 22:51:05 +0200 Subject: [PATCH 0037/1674] Add --quiet option to suppress demos' output Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 33 +++++++++++++++++++++++---------- 1 file changed, 23 insertions(+), 10 deletions(-) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index c8e399665..fcf13cd8e 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -1,44 +1,57 @@ #!/usr/bin/env python3 """Run the Mbed TLS demo scripts. """ +import argparse import glob import subprocess import sys -def run_demo(demo): +def run_demo(demo, quiet=False): """Run the specified demo script. Return True if it succeeds.""" - returncode = subprocess.call([demo]) + args = {} + if quiet: + args['stdout'] = subprocess.DEVNULL + args['stderr'] = subprocess.DEVNULL + returncode = subprocess.call([demo], **args) return returncode == 0 -def run_demos(demos): +def run_demos(demos, quiet=False): """Run the specified demos and print summary information about failures. Return True if all demos passed and False if a demo fails. """ failures = [] for demo in demos: - print('#### {} ####'.format(demo)) - success = run_demo(demo) + if not quiet: + print('#### {} ####'.format(demo)) + success = run_demo(demo, quiet=quiet) if not success: failures.append(demo) - print('{}: FAIL'.format(demo)) - print('') + if not quiet: + print('{}: FAIL'.format(demo)) + if not quiet: + print('') successes = len(demos) - len(failures) print('{}/{} demos passed'.format(successes, len(demos))) if failures: print('Failures:', *failures) return not failures -def run_all_demos(): +def run_all_demos(quiet=False): """Run all the available demos. Return True if all demos passed and False if a demo fails. """ all_demos = glob.glob('programs/*/*_demo.sh') - return run_demos(all_demos) + return run_demos(all_demos, quiet=quiet) def main(): - success = run_all_demos() + parser = argparse.ArgumentParser(description=__doc__) + parser.add_argument('--quiet', '-q', + action='store_true', + help="suppress the output of demos") + options = parser.parse_args() + success = run_all_demos(quiet=options.quiet) sys.exit(0 if success else 1) if __name__ == '__main__': From 1b01559fea0dcac3f133120a4def3803b278afe7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 Apr 2020 10:39:20 +0200 Subject: [PATCH 0038/1674] Error out if run from the wrong directory Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index fcf13cd8e..6d86a9bf2 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -43,6 +43,8 @@ def run_all_demos(quiet=False): Return True if all demos passed and False if a demo fails. """ all_demos = glob.glob('programs/*/*_demo.sh') + if not all_demos: + raise Exception('No demos found. run_demos needs to operate from the Mbed TLS toplevel directory.') return run_demos(all_demos, quiet=quiet) def main(): From 2f8c545d3dfb63b7f99754abac913245fb17a4a8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 Apr 2020 11:00:59 +0200 Subject: [PATCH 0039/1674] Make --quiet a little less quiet Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index 6d86a9bf2..6c6142c14 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -29,11 +29,13 @@ def run_demos(demos, quiet=False): failures.append(demo) if not quiet: print('{}: FAIL'.format(demo)) - if not quiet: + if quiet: + print('{}: {}'.format(demo, 'PASS' if success else 'FAIL')) + else: print('') successes = len(demos) - len(failures) print('{}/{} demos passed'.format(successes, len(demos))) - if failures: + if failures and not quiet: print('Failures:', *failures) return not failures From 63c3534981dff55c6f4f8831f82dc7639d2daa1b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 Apr 2020 14:34:38 +0200 Subject: [PATCH 0040/1674] Pacify Pylint Signed-off-by: Gilles Peskine --- tests/scripts/run_demos.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/run_demos.py b/tests/scripts/run_demos.py index 6c6142c14..6a63d232f 100755 --- a/tests/scripts/run_demos.py +++ b/tests/scripts/run_demos.py @@ -46,6 +46,7 @@ def run_all_demos(quiet=False): """ all_demos = glob.glob('programs/*/*_demo.sh') if not all_demos: + # Keep the message on one line. pylint: disable=line-too-long raise Exception('No demos found. run_demos needs to operate from the Mbed TLS toplevel directory.') return run_demos(all_demos, quiet=quiet) From c25ae6f48c41362073ed31368ccc667971ed13b8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Jul 2023 19:53:04 +0200 Subject: [PATCH 0041/1674] Use demo_common.sh in dlopen test script Signed-off-by: Gilles Peskine --- programs/test/dlopen_demo.sh | 33 ++++++--------------------------- 1 file changed, 6 insertions(+), 27 deletions(-) diff --git a/programs/test/dlopen_demo.sh b/programs/test/dlopen_demo.sh index a6a9022fc..4c5384c0c 100755 --- a/programs/test/dlopen_demo.sh +++ b/programs/test/dlopen_demo.sh @@ -18,33 +18,12 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -e -u +. "${0%/*}/../demo_common.sh" -program_name="dlopen" -program_dir="${0%/*}" -program="$program_dir/$program_name" +msg "Test the dynamic loading of libmbed*" -if [ ! -e "$program" ]; then - # Look for programs in the current directory and the directories above it - for dir in "." ".." "../.."; do - program_dir="$dir/programs/test" - program="$program_dir/$program_name" - if [ -e "$program" ]; then - break - fi - done - if [ ! -e "$program" ]; then - echo "Could not find $program_name program" - - echo "Make sure that Mbed TLS is built as a shared library." \ - "If building out-of-tree, this script must be run" \ - "from the project build directory." - exit 1 - fi -fi - -top_dir="$program_dir/../.." -library_dir="$top_dir/library" +program="$programs_dir/test/dlopen" +library_dir="$root_dir/library" # ELF-based Unix-like (Linux, *BSD, Solaris, ...) if [ -n "${LD_LIBRARY_PATH-}" ]; then @@ -62,6 +41,6 @@ else fi export DYLD_LIBRARY_PATH -echo "Running dynamic loading test program: $program" -echo "Loading libraries from: $library_dir" +msg "Running dynamic loading test program: $program" +msg "Loading libraries from: $library_dir" "$program" From f5d2d1c7cdc3c62339dc42b7e4d1ef7437826a4e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Jul 2023 20:13:53 +0200 Subject: [PATCH 0042/1674] Skip dlopen demo in static builds Signed-off-by: Gilles Peskine --- programs/test/dlopen_demo.sh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/programs/test/dlopen_demo.sh b/programs/test/dlopen_demo.sh index 4c5384c0c..b162d7b5f 100755 --- a/programs/test/dlopen_demo.sh +++ b/programs/test/dlopen_demo.sh @@ -25,6 +25,14 @@ msg "Test the dynamic loading of libmbed*" program="$programs_dir/test/dlopen" library_dir="$root_dir/library" +# Skip this test if we don't have a shared library build. Detect this +# through the absence of the demo program. +if [ ! -e "$program" ]; then + msg "$0: this demo requires a shared library build." + # Exit with a success status so that this counts as a pass for run_demos.py. + exit +fi + # ELF-based Unix-like (Linux, *BSD, Solaris, ...) if [ -n "${LD_LIBRARY_PATH-}" ]; then LD_LIBRARY_PATH="$library_dir:$LD_LIBRARY_PATH" From f1517e690ae5745cdd091e6b34fa49a08f32daca Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 Jul 2023 20:59:14 +0200 Subject: [PATCH 0043/1674] PermissionIssueTracker is obsoleted by ShebangIssueTracker ShebangIssueTracker implements the rule that scripts must be executable if and only if they have a shebang line. By removing PermissionIssueTracker, we now allow files with any extension to be executable (provided they have a shebang line), and allow *.sh and *.pl to be non-executable modules if they don't have a shebang line (as was already the case for *.py). Signed-off-by: Gilles Peskine --- tests/scripts/check_files.py | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py index 352b55eaa..238a83fab 100755 --- a/tests/scripts/check_files.py +++ b/tests/scripts/check_files.py @@ -162,24 +162,6 @@ def is_windows_file(filepath): return ext in ('.bat', '.dsp', '.dsw', '.sln', '.vcxproj') -class PermissionIssueTracker(FileIssueTracker): - """Track files with bad permissions. - - Files that are not executable scripts must not be executable.""" - - heading = "Incorrect permissions:" - - # .py files can be either full scripts or modules, so they may or may - # not be executable. - suffix_exemptions = frozenset({".py"}) - - def check_file_for_issue(self, filepath): - is_executable = os.access(filepath, os.X_OK) - should_be_executable = filepath.endswith((".sh", ".pl")) - if is_executable != should_be_executable: - self.files_with_issues[filepath] = None - - class ShebangIssueTracker(FileIssueTracker): """Track files with a bad, missing or extraneous shebang line. @@ -386,7 +368,6 @@ class IntegrityChecker: self.logger = None self.setup_logger(log_file) self.issues_to_check = [ - PermissionIssueTracker(), ShebangIssueTracker(), EndOfFileNewlineIssueTracker(), Utf8BomIssueTracker(), From 2c872340e859622dc50e99d1d8e98504bc6a04c3 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 28 Jul 2023 14:21:38 +0100 Subject: [PATCH 0044/1674] Fix erroneous macro guards Replace MBEDTLS_SHA256_C for PSA_WANT_ALG_SHA_256 everywhere, including comments and print statements. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 47ba2dcf5..9cd5a3e00 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -49,7 +49,7 @@ const size_t mbedtls_test_sha256_hash_len = #if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(PSA_WANT_ALG_SHA_256) int main(void) { - mbedtls_printf("MBEDTLS_PSA_CRYPTO_C and MBEDTLS_SHA256_C" + mbedtls_printf("MBEDTLS_PSA_CRYPTO_C and PSA_WANT_ALG_SHA_256" "not defined.\r\n"); return EXIT_SUCCESS; } @@ -160,4 +160,4 @@ int main(void) mbedtls_psa_crypto_free(); return EXIT_SUCCESS; } -#endif /* MBEDTLS_PSA_CRYPTO_C && MBEDTLS_SHA256_C */ +#endif /* MBEDTLS_PSA_CRYPTO_C && PSA_WANT_ALG_SHA_256 */ From 6fc4ca2d858162d2da5fb58404fb8183f00a3ca6 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 28 Jul 2023 14:31:06 +0100 Subject: [PATCH 0045/1674] Replace hash_size with hash_length This is to make the variable naming covnention align with the PSA API documentation. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 9cd5a3e00..5c565db2e 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -60,7 +60,7 @@ int main(void) uint8_t buf[] = "Hello World!"; psa_status_t status; uint8_t hash[PSA_HASH_LENGTH(HASH_ALG)]; - size_t hash_size; + size_t hash_length; psa_hash_operation_t psa_hash_operation = PSA_HASH_OPERATION_INIT; psa_hash_operation_t cloned_psa_hash_operation = PSA_HASH_OPERATION_INIT; @@ -100,7 +100,7 @@ int main(void) return EXIT_FAILURE; } - status = psa_hash_finish(&psa_hash_operation, hash, sizeof(hash), &hash_size); + status = psa_hash_finish(&psa_hash_operation, hash, sizeof(hash), &hash_length); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_finish failed\n"); psa_hash_abort(&psa_hash_operation); @@ -122,12 +122,12 @@ int main(void) /* Compute hash using one-shot function call */ memset(hash, 0, sizeof(hash)); - hash_size = 0; + hash_length = 0; status = psa_hash_compute(HASH_ALG, buf, sizeof(buf), hash, sizeof(hash), - &hash_size); + &hash_length); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_compute failed\n"); psa_hash_abort(&psa_hash_operation); From a79f8062257ade6b48a5a450682376b26e2016da Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 28 Jul 2023 14:33:20 +0100 Subject: [PATCH 0046/1674] Remove superfluous calls to psa_hash_abort Calls were not required since psa_hash_setup was yet to be called. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 5c565db2e..59375c27e 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -69,8 +69,6 @@ int main(void) status = psa_crypto_init(); if (status != PSA_SUCCESS) { mbedtls_printf("psa_crypto_init failed\n"); - psa_hash_abort(&psa_hash_operation); - psa_hash_abort(&cloned_psa_hash_operation); return EXIT_FAILURE; } From c050037c08f588d5f87440ba7feb6f8305c51ef9 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 28 Jul 2023 14:44:25 +0100 Subject: [PATCH 0047/1674] Remove mbedtls_ and psa_ prefix from var names Remove the mbedtls and psa prefixes from variable names in order to make clearer what is part of the API and what is just part of the demo program. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 58 ++++++++++++++++++++--------------------- 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 59375c27e..abfc19174 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -41,10 +41,10 @@ 0x20, 0x1f, 0x61, 0xfc, 0x3d, 0xe2, 0x0d, 0x5a \ } -const uint8_t mbedtls_test_sha256_hash[] = TEST_SHA256_HASH; +const uint8_t test_sha256_hash[] = TEST_SHA256_HASH; -const size_t mbedtls_test_sha256_hash_len = - sizeof(mbedtls_test_sha256_hash); +const size_t test_sha256_hash_len = + sizeof(test_sha256_hash); #if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(PSA_WANT_ALG_SHA_256) int main(void) @@ -61,8 +61,8 @@ int main(void) psa_status_t status; uint8_t hash[PSA_HASH_LENGTH(HASH_ALG)]; size_t hash_length; - psa_hash_operation_t psa_hash_operation = PSA_HASH_OPERATION_INIT; - psa_hash_operation_t cloned_psa_hash_operation = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; + psa_hash_operation_t cloned_hash_operation = PSA_HASH_OPERATION_INIT; mbedtls_printf("PSA Crypto API: SHA-256 example\n\n"); @@ -74,45 +74,45 @@ int main(void) /* Compute hash using multi-part operation */ - status = psa_hash_setup(&psa_hash_operation, HASH_ALG); + status = psa_hash_setup(&hash_operation, HASH_ALG); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_setup failed\n"); - psa_hash_abort(&psa_hash_operation); - psa_hash_abort(&cloned_psa_hash_operation); + psa_hash_abort(&hash_operation); + psa_hash_abort(&cloned_hash_operation); return EXIT_FAILURE; } - status = psa_hash_update(&psa_hash_operation, buf, sizeof(buf)); + status = psa_hash_update(&hash_operation, buf, sizeof(buf)); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_update failed\n"); - psa_hash_abort(&psa_hash_operation); - psa_hash_abort(&cloned_psa_hash_operation); + psa_hash_abort(&hash_operation); + psa_hash_abort(&cloned_hash_operation); return EXIT_FAILURE; } - status = psa_hash_clone(&psa_hash_operation, &cloned_psa_hash_operation); + status = psa_hash_clone(&hash_operation, &cloned_hash_operation); if (status != PSA_SUCCESS) { mbedtls_printf("PSA hash clone failed"); - psa_hash_abort(&psa_hash_operation); - psa_hash_abort(&cloned_psa_hash_operation); + psa_hash_abort(&hash_operation); + psa_hash_abort(&cloned_hash_operation); return EXIT_FAILURE; } - status = psa_hash_finish(&psa_hash_operation, hash, sizeof(hash), &hash_length); + status = psa_hash_finish(&hash_operation, hash, sizeof(hash), &hash_length); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_finish failed\n"); - psa_hash_abort(&psa_hash_operation); - psa_hash_abort(&cloned_psa_hash_operation); + psa_hash_abort(&hash_operation); + psa_hash_abort(&cloned_hash_operation); return EXIT_FAILURE; } status = - psa_hash_verify(&cloned_psa_hash_operation, mbedtls_test_sha256_hash, - mbedtls_test_sha256_hash_len); + psa_hash_verify(&cloned_hash_operation, test_sha256_hash, + test_sha256_hash_len); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_verify failed\n"); - psa_hash_abort(&psa_hash_operation); - psa_hash_abort(&cloned_psa_hash_operation); + psa_hash_abort(&hash_operation); + psa_hash_abort(&cloned_hash_operation); return EXIT_FAILURE; } else { mbedtls_printf("Multi-part hash operation successful!\n"); @@ -128,16 +128,16 @@ int main(void) &hash_length); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_compute failed\n"); - psa_hash_abort(&psa_hash_operation); - psa_hash_abort(&cloned_psa_hash_operation); + psa_hash_abort(&hash_operation); + psa_hash_abort(&cloned_hash_operation); return EXIT_FAILURE; } - for (size_t j = 0; j < mbedtls_test_sha256_hash_len; j++) { - if (hash[j] != mbedtls_test_sha256_hash[j]) { + for (size_t j = 0; j < test_sha256_hash_len; j++) { + if (hash[j] != test_sha256_hash[j]) { mbedtls_printf("One-shot hash operation failed!\n\n"); - psa_hash_abort(&psa_hash_operation); - psa_hash_abort(&cloned_psa_hash_operation); + psa_hash_abort(&hash_operation); + psa_hash_abort(&cloned_hash_operation); return EXIT_FAILURE; } } @@ -146,7 +146,7 @@ int main(void) mbedtls_printf("The SHA-256( '%s' ) is:\n", buf); - for (size_t j = 0; j < mbedtls_test_sha256_hash_len; j++) { + for (size_t j = 0; j < test_sha256_hash_len; j++) { if (j % 8 == 0) { mbedtls_printf("\n "); } @@ -158,4 +158,4 @@ int main(void) mbedtls_psa_crypto_free(); return EXIT_SUCCESS; } -#endif /* MBEDTLS_PSA_CRYPTO_C && PSA_WANT_ALG_SHA_256 */ +#endif /* MBEDTLS_PSA_CRYPTO_C && PSA_WANT_ALG_SHA_256 */ \ No newline at end of file From 3071c85835c742e201ac6bd42770fa7d28a8b8f1 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 28 Jul 2023 14:47:47 +0100 Subject: [PATCH 0048/1674] Clarify comments Clarify comments when moving into one-shot part of demo. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index abfc19174..f7b2f9197 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -118,10 +118,11 @@ int main(void) mbedtls_printf("Multi-part hash operation successful!\n"); } - /* Compute hash using one-shot function call */ + /* Clear local variables prior to one-shot hash demo */ memset(hash, 0, sizeof(hash)); hash_length = 0; + /* Compute hash using one-shot function call */ status = psa_hash_compute(HASH_ALG, buf, sizeof(buf), hash, sizeof(hash), From c07fa29b58b8ae6a3d1fc79cc14b04649c5c07a0 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 28 Jul 2023 14:58:55 +0100 Subject: [PATCH 0049/1674] Change wording in error message Change wording from "failed" since this implied the function had returned an error status instead of producing the wrong result. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index f7b2f9197..95fb61ce8 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -136,7 +136,7 @@ int main(void) for (size_t j = 0; j < test_sha256_hash_len; j++) { if (hash[j] != test_sha256_hash[j]) { - mbedtls_printf("One-shot hash operation failed!\n\n"); + mbedtls_printf("One-shot hash operation gave the wrong result!\n\n"); psa_hash_abort(&hash_operation); psa_hash_abort(&cloned_hash_operation); return EXIT_FAILURE; From 9730cb12748eb0dbc4b0b5b586e2c525accade8e Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 28 Jul 2023 15:07:19 +0100 Subject: [PATCH 0050/1674] Change hash output formatting Change the formatting of the hash output to remove line breaks and spaces. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 95fb61ce8..f09b48c06 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -145,13 +145,10 @@ int main(void) mbedtls_printf("One-shot hash operation successful!\n\n"); - mbedtls_printf("The SHA-256( '%s' ) is:\n", buf); + mbedtls_printf("The SHA-256( '%s' ) is: ", buf); for (size_t j = 0; j < test_sha256_hash_len; j++) { - if (j % 8 == 0) { - mbedtls_printf("\n "); - } - mbedtls_printf("%02x ", hash[j]); + mbedtls_printf("%02x", hash[j]); } mbedtls_printf("\n"); From a2b7519d63871270f2fb656b34be298fe3335164 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 28 Jul 2023 15:21:46 +0100 Subject: [PATCH 0051/1674] Use memcmp instead of reinventing it Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index f09b48c06..a2e2731a9 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -134,13 +134,12 @@ int main(void) return EXIT_FAILURE; } - for (size_t j = 0; j < test_sha256_hash_len; j++) { - if (hash[j] != test_sha256_hash[j]) { - mbedtls_printf("One-shot hash operation gave the wrong result!\n\n"); - psa_hash_abort(&hash_operation); - psa_hash_abort(&cloned_hash_operation); - return EXIT_FAILURE; - } + if (memcmp(hash, test_sha256_hash, test_sha256_hash_len) != 0) + { + mbedtls_printf("One-shot hash operation gave the wrong result!\n\n"); + psa_hash_abort(&hash_operation); + psa_hash_abort(&cloned_hash_operation); + return EXIT_FAILURE; } mbedtls_printf("One-shot hash operation successful!\n\n"); From 1f98736e71c87164a649f715d0349bf162551f3c Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 28 Jul 2023 15:23:06 +0100 Subject: [PATCH 0052/1674] Add clarifying comment to new program section Mark the beginning of the section that prints the result with a comment. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 1 + 1 file changed, 1 insertion(+) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index a2e2731a9..81110f0b7 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -144,6 +144,7 @@ int main(void) mbedtls_printf("One-shot hash operation successful!\n\n"); + /* Print out result */ mbedtls_printf("The SHA-256( '%s' ) is: ", buf); for (size_t j = 0; j < test_sha256_hash_len; j++) { From 606110fc19602e4ea6ce02ca1e3d309bb97b7623 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 28 Jul 2023 15:57:10 +0100 Subject: [PATCH 0053/1674] Restructure start of program Restructure the start of the program to make it clear to a user exactly what this program is for. Add a comment for additional clarity. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 81110f0b7..2afe34de6 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -33,18 +33,24 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform.h" +/* The algorithm used by this demo is SHA 256. + * Please see include/psa/crypto_values.h to see the other + * algorithms that are supported. If you switch to a different + * algorithm you will need to update the hash data in the + * SAMPLE_HASH_DATA macro below.*/ + #define HASH_ALG PSA_ALG_SHA_256 -#define TEST_SHA256_HASH { \ +#define SAMPLE_HASH_DATA { \ 0x5a, 0x09, 0xe8, 0xfa, 0x9c, 0x77, 0x80, 0x7b, 0x24, 0xe9, 0x9c, 0x9c, \ 0xf9, 0x99, 0xde, 0xbf, 0xad, 0x84, 0x41, 0xe2, 0x69, 0xeb, 0x96, 0x0e, \ 0x20, 0x1f, 0x61, 0xfc, 0x3d, 0xe2, 0x0d, 0x5a \ } -const uint8_t test_sha256_hash[] = TEST_SHA256_HASH; +const uint8_t sample_message[] = "Hello World!"; -const size_t test_sha256_hash_len = - sizeof(test_sha256_hash); +const uint8_t sample_hash[] = SAMPLE_HASH_DATA; +const size_t sample_hash_len = sizeof(sample_hash); #if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(PSA_WANT_ALG_SHA_256) int main(void) @@ -57,7 +63,6 @@ int main(void) int main(void) { - uint8_t buf[] = "Hello World!"; psa_status_t status; uint8_t hash[PSA_HASH_LENGTH(HASH_ALG)]; size_t hash_length; @@ -82,7 +87,7 @@ int main(void) return EXIT_FAILURE; } - status = psa_hash_update(&hash_operation, buf, sizeof(buf)); + status = psa_hash_update(&hash_operation, sample_message, sizeof(sample_message)); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_update failed\n"); psa_hash_abort(&hash_operation); @@ -107,8 +112,8 @@ int main(void) } status = - psa_hash_verify(&cloned_hash_operation, test_sha256_hash, - test_sha256_hash_len); + psa_hash_verify(&cloned_hash_operation, sample_hash, + sample_hash_len); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_verify failed\n"); psa_hash_abort(&hash_operation); @@ -124,7 +129,7 @@ int main(void) /* Compute hash using one-shot function call */ status = psa_hash_compute(HASH_ALG, - buf, sizeof(buf), + sample_message, sizeof(sample_message), hash, sizeof(hash), &hash_length); if (status != PSA_SUCCESS) { @@ -134,7 +139,7 @@ int main(void) return EXIT_FAILURE; } - if (memcmp(hash, test_sha256_hash, test_sha256_hash_len) != 0) + if (memcmp(hash, sample_hash, sample_hash_len) != 0) { mbedtls_printf("One-shot hash operation gave the wrong result!\n\n"); psa_hash_abort(&hash_operation); @@ -145,9 +150,9 @@ int main(void) mbedtls_printf("One-shot hash operation successful!\n\n"); /* Print out result */ - mbedtls_printf("The SHA-256( '%s' ) is: ", buf); + mbedtls_printf("The SHA-256( '%s' ) is: ", sample_message); - for (size_t j = 0; j < test_sha256_hash_len; j++) { + for (size_t j = 0; j < sample_hash_len; j++) { mbedtls_printf("%02x", hash[j]); } From ce14124f7c47b3955e43a34408cc7826763e5b4e Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 28 Jul 2023 16:14:20 +0100 Subject: [PATCH 0054/1674] Check result of multipart operation Check that the multi-part operation has produced the correct result. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 2afe34de6..ae4e9a5d2 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -111,6 +111,15 @@ int main(void) return EXIT_FAILURE; } + /* Check the result of the operation against the sample */ + if ((memcmp(hash, sample_hash, sample_hash_len) != 0) || hash_length != sample_hash_len) + { + mbedtls_printf("Multi-part hash operation gave the wrong result!\n\n"); + psa_hash_abort(&hash_operation); + psa_hash_abort(&cloned_hash_operation); + return EXIT_FAILURE; + } + status = psa_hash_verify(&cloned_hash_operation, sample_hash, sample_hash_len); From fbe742b2d0ffe63ea3443b198e96b685bf388ba5 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 28 Jul 2023 16:17:38 +0100 Subject: [PATCH 0055/1674] Add extra check to one-shot operation results Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index ae4e9a5d2..f73e1f3ab 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -148,7 +148,7 @@ int main(void) return EXIT_FAILURE; } - if (memcmp(hash, sample_hash, sample_hash_len) != 0) + if (memcmp(hash, sample_hash, sample_hash_len) != 0 || hash_length != sample_hash_len) { mbedtls_printf("One-shot hash operation gave the wrong result!\n\n"); psa_hash_abort(&hash_operation); From c918c32cc00cf2456cb552d8a40c4be927409c17 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 28 Jul 2023 17:15:03 +0100 Subject: [PATCH 0056/1674] Stop hashing the null byte Change the hash data to not include the null byte used to terminate the string. Pass sizeof() - 1 to the hash operation API functions so that the null byte can be ignored. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index f73e1f3ab..b5b566c18 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -41,10 +41,10 @@ #define HASH_ALG PSA_ALG_SHA_256 -#define SAMPLE_HASH_DATA { \ - 0x5a, 0x09, 0xe8, 0xfa, 0x9c, 0x77, 0x80, 0x7b, 0x24, 0xe9, 0x9c, 0x9c, \ - 0xf9, 0x99, 0xde, 0xbf, 0xad, 0x84, 0x41, 0xe2, 0x69, 0xeb, 0x96, 0x0e, \ - 0x20, 0x1f, 0x61, 0xfc, 0x3d, 0xe2, 0x0d, 0x5a \ +#define SAMPLE_HASH_DATA { \ + 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81, \ + 0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28, \ + 0x4a, 0xdd, 0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69 \ } const uint8_t sample_message[] = "Hello World!"; @@ -87,7 +87,9 @@ int main(void) return EXIT_FAILURE; } - status = psa_hash_update(&hash_operation, sample_message, sizeof(sample_message)); + /* Note: Here we use sizeof(sample_message) - 1 since we don't wish to + * include the null byte in the hash computation */ + status = psa_hash_update(&hash_operation, sample_message, sizeof(sample_message) - 1); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_update failed\n"); psa_hash_abort(&hash_operation); @@ -138,7 +140,7 @@ int main(void) /* Compute hash using one-shot function call */ status = psa_hash_compute(HASH_ALG, - sample_message, sizeof(sample_message), + sample_message, sizeof(sample_message) - 1, hash, sizeof(hash), &hash_length); if (status != PSA_SUCCESS) { From 1ba9744afbddaf1e0016528133485498c70350db Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 28 Jul 2023 17:25:16 +0100 Subject: [PATCH 0057/1674] Correct code style Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index b5b566c18..9396fb6a9 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -87,7 +87,7 @@ int main(void) return EXIT_FAILURE; } - /* Note: Here we use sizeof(sample_message) - 1 since we don't wish to + /* Note: Here we use sizeof(sample_message) - 1 since we don't wish to * include the null byte in the hash computation */ status = psa_hash_update(&hash_operation, sample_message, sizeof(sample_message) - 1); if (status != PSA_SUCCESS) { @@ -114,8 +114,7 @@ int main(void) } /* Check the result of the operation against the sample */ - if ((memcmp(hash, sample_hash, sample_hash_len) != 0) || hash_length != sample_hash_len) - { + if ((memcmp(hash, sample_hash, sample_hash_len) != 0) || hash_length != sample_hash_len) { mbedtls_printf("Multi-part hash operation gave the wrong result!\n\n"); psa_hash_abort(&hash_operation); psa_hash_abort(&cloned_hash_operation); @@ -150,8 +149,7 @@ int main(void) return EXIT_FAILURE; } - if (memcmp(hash, sample_hash, sample_hash_len) != 0 || hash_length != sample_hash_len) - { + if (memcmp(hash, sample_hash, sample_hash_len) != 0 || hash_length != sample_hash_len) { mbedtls_printf("One-shot hash operation gave the wrong result!\n\n"); psa_hash_abort(&hash_operation); psa_hash_abort(&cloned_hash_operation); @@ -172,4 +170,4 @@ int main(void) mbedtls_psa_crypto_free(); return EXIT_SUCCESS; } -#endif /* MBEDTLS_PSA_CRYPTO_C && PSA_WANT_ALG_SHA_256 */ \ No newline at end of file +#endif /* MBEDTLS_PSA_CRYPTO_C && PSA_WANT_ALG_SHA_256 */ From 1bdd76e950ca3d96b7b4bf8d26c611c58e86b876 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 3 Aug 2023 10:32:24 +0200 Subject: [PATCH 0058/1674] Update old dependency to MBEDTLS_MD_CAN This is a follow-up to 0b8095d96ac57fa3b385cdb57cc94479795550df. Some test cases had a typo in the old dependency name (MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA instead of MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA) which caused us to miss them. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pkparse.data | 40 ++++++++++++++-------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index 8e272bd10..b3a23a9ab 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -1,77 +1,77 @@ Parse RSA Key #1 (No password when required) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C pk_parse_keyfile_rsa:"data_files/test-ca.key":"NULL":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #2 (Correct password) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLTest":0 Parse RSA Key #3 (Wrong password) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C pk_parse_keyfile_rsa:"data_files/test-ca.key":"PolarSSLWRONG":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #4 (DES Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_des.pem":"testkey":0 Parse RSA Key #5 (3DES Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_3des.pem":"testkey":0 Parse RSA Key #6 (AES-128 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes128.pem":"testkey":0 Parse RSA Key #7 (AES-192 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes192.pem":"testkey":0 Parse RSA Key #8 (AES-256 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_1024_aes256.pem":"testkey":0 Parse RSA Key #9 (2048-bit, DES Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_des.pem":"testkey":0 Parse RSA Key #10 (2048-bit, 3DES Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_3des.pem":"testkey":0 Parse RSA Key #11 (2048-bit, AES-128 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes128.pem":"testkey":0 Parse RSA Key #12 (2048-bit, AES-192 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes192.pem":"testkey":0 Parse RSA Key #13 (2048-bit, AES-256 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_2048_aes256.pem":"testkey":0 Parse RSA Key #14 (4096-bit, DES Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_des.pem":"testkey":0 Parse RSA Key #15 (4096-bit, 3DES Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_3des.pem":"testkey":0 Parse RSA Key #16 (4096-bit, AES-128 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes128.pem":"testkey":0 Parse RSA Key #17 (4096-bit, AES-192 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes192.pem":"testkey":0 Parse RSA Key #18 (4096-bit, AES-256 Encrypted) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_4096_aes256.pem":"testkey":0 Parse RSA Key #19 (PKCS#8 wrapped) -depends_on:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA :MBEDTLS_PEM_PARSE_C +depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_PEM_PARSE_C pk_parse_keyfile_rsa:"data_files/format_gen.key":"":0 Parse RSA Key #20 (PKCS#8 encrypted SHA1-3DES) @@ -1003,7 +1003,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_EC_COMPRESSED:MBEDTLS_ECP_DP_SEC pk_parse_keyfile_ec:"data_files/ec_prv.sec1.comp.pem":"NULL":0 Parse EC Key #3 (SEC1 PEM encrypted) -depends_on:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_HAS_MD5_VIA_LOWLEVEL_OR_PSA +depends_on:MBEDTLS_DES_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 pk_parse_keyfile_ec:"data_files/ec_prv.sec1.pw.pem":"polar":0 Parse EC Key #4 (PKCS8 DER) From 46712c644e83ba0b0e0685a870e2fa39f9ccabf7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 3 Aug 2023 11:54:25 +0200 Subject: [PATCH 0059/1674] Add missing PSA init Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pkparse.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index df139c60f..9bcdb55a5 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -78,7 +78,7 @@ void pk_parse_public_keyfile_ec(char *key_file, int result) int res; mbedtls_pk_init(&ctx); - USE_PSA_INIT(); + MD_PSA_INIT(); res = mbedtls_pk_parse_public_keyfile(&ctx, key_file); @@ -99,7 +99,7 @@ void pk_parse_public_keyfile_ec(char *key_file, int result) exit: mbedtls_pk_free(&ctx); - USE_PSA_DONE(); + MD_PSA_DONE(); } /* END_CASE */ From 21fbe4c90e72b7b349e2b6374bb14f477c9e8a63 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 3 Aug 2023 15:39:42 +0100 Subject: [PATCH 0060/1674] Remove further superfluous call to psa_hash_abort Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 9396fb6a9..1353fb98c 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -82,8 +82,6 @@ int main(void) status = psa_hash_setup(&hash_operation, HASH_ALG); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_setup failed\n"); - psa_hash_abort(&hash_operation); - psa_hash_abort(&cloned_hash_operation); return EXIT_FAILURE; } From 5c2dcbd250e91f5c75c14590dfc40c8c8d75f6c7 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 3 Aug 2023 16:03:30 +0100 Subject: [PATCH 0061/1674] Implement cleanup label Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 35 +++++++++++++---------------------- 1 file changed, 13 insertions(+), 22 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 1353fb98c..ca9a8b32a 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -90,33 +90,25 @@ int main(void) status = psa_hash_update(&hash_operation, sample_message, sizeof(sample_message) - 1); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_update failed\n"); - psa_hash_abort(&hash_operation); - psa_hash_abort(&cloned_hash_operation); - return EXIT_FAILURE; + goto cleanup; } status = psa_hash_clone(&hash_operation, &cloned_hash_operation); if (status != PSA_SUCCESS) { mbedtls_printf("PSA hash clone failed"); - psa_hash_abort(&hash_operation); - psa_hash_abort(&cloned_hash_operation); - return EXIT_FAILURE; + goto cleanup; } status = psa_hash_finish(&hash_operation, hash, sizeof(hash), &hash_length); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_finish failed\n"); - psa_hash_abort(&hash_operation); - psa_hash_abort(&cloned_hash_operation); - return EXIT_FAILURE; + goto cleanup; } /* Check the result of the operation against the sample */ if ((memcmp(hash, sample_hash, sample_hash_len) != 0) || hash_length != sample_hash_len) { mbedtls_printf("Multi-part hash operation gave the wrong result!\n\n"); - psa_hash_abort(&hash_operation); - psa_hash_abort(&cloned_hash_operation); - return EXIT_FAILURE; + goto cleanup; } status = @@ -124,9 +116,7 @@ int main(void) sample_hash_len); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_verify failed\n"); - psa_hash_abort(&hash_operation); - psa_hash_abort(&cloned_hash_operation); - return EXIT_FAILURE; + goto cleanup; } else { mbedtls_printf("Multi-part hash operation successful!\n"); } @@ -142,16 +132,12 @@ int main(void) &hash_length); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_compute failed\n"); - psa_hash_abort(&hash_operation); - psa_hash_abort(&cloned_hash_operation); - return EXIT_FAILURE; + goto cleanup; } if (memcmp(hash, sample_hash, sample_hash_len) != 0 || hash_length != sample_hash_len) { mbedtls_printf("One-shot hash operation gave the wrong result!\n\n"); - psa_hash_abort(&hash_operation); - psa_hash_abort(&cloned_hash_operation); - return EXIT_FAILURE; + goto cleanup; } mbedtls_printf("One-shot hash operation successful!\n\n"); @@ -167,5 +153,10 @@ int main(void) mbedtls_psa_crypto_free(); return EXIT_SUCCESS; + +cleanup: + psa_hash_abort(&hash_operation); + psa_hash_abort(&cloned_hash_operation); + return EXIT_FAILURE; } -#endif /* MBEDTLS_PSA_CRYPTO_C && PSA_WANT_ALG_SHA_256 */ +#endif /* MBEDTLS_PSA_CRYPTO_C && PSA_WANT_ALG_SHA_256 */ \ No newline at end of file From 102033c38d9cc8300db72285754d173c10a7ed0a Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 3 Aug 2023 16:20:09 +0100 Subject: [PATCH 0062/1674] Add new line at end of file to satisfy code style Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index ca9a8b32a..86a59f147 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -159,4 +159,4 @@ cleanup: psa_hash_abort(&cloned_hash_operation); return EXIT_FAILURE; } -#endif /* MBEDTLS_PSA_CRYPTO_C && PSA_WANT_ALG_SHA_256 */ \ No newline at end of file +#endif /* MBEDTLS_PSA_CRYPTO_C && PSA_WANT_ALG_SHA_256 */ From a68ef953948b504bb192138c77c3fcc639426edb Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 7 Aug 2023 11:09:51 +0100 Subject: [PATCH 0063/1674] Check length before calling memcmp Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 86a59f147..dc698a162 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -106,7 +106,7 @@ int main(void) } /* Check the result of the operation against the sample */ - if ((memcmp(hash, sample_hash, sample_hash_len) != 0) || hash_length != sample_hash_len) { + if (hash_length != sample_hash_len || (memcmp(hash, sample_hash, sample_hash_len) != 0)) { mbedtls_printf("Multi-part hash operation gave the wrong result!\n\n"); goto cleanup; } @@ -135,7 +135,7 @@ int main(void) goto cleanup; } - if (memcmp(hash, sample_hash, sample_hash_len) != 0 || hash_length != sample_hash_len) { + if (hash_length != sample_hash_len || (memcmp(hash, sample_hash, sample_hash_len) != 0)) { mbedtls_printf("One-shot hash operation gave the wrong result!\n\n"); goto cleanup; } From 948137be5923961acd6726f275d4e9bb3ddfbbfe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 10 Aug 2023 16:58:04 +0200 Subject: [PATCH 0064/1674] Add details on use of ciphers from other modules MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- .../psa-migration/md-cipher-dispatch.md | 50 +++++++++++++------ 1 file changed, 36 insertions(+), 14 deletions(-) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index 355f5618d..ba76f494b 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -110,23 +110,45 @@ For the purposes of this work, three domains emerge: #### Non-use-PSA modules -The following modules in Mbed TLS call another module to perform cryptographic operations which, in the long term, will be provided through a PSA interface, but cannot make any PSA-related assumption: +The following modules in Mbed TLS call another module to perform cryptographic operations which, in the long term, will be provided through a PSA interface, but cannot make any PSA-related assumption. -* CCM (block cipher in ECB mode; interdependent with cipher) -* cipher (cipher and AEAD algorithms) -* CMAC (AES-ECB and DES-ECB, but could be extended to the other block ciphers; interdependent with cipher) -* CTR\_DRBG (AES-ECB, but could be extended to the other block ciphers) -* entropy (hashes via low-level) +Hashes and HMAC (after the work on MD-light): + +* entropy (hashes via MD-light) * ECDSA (HMAC\_DRBG; `md.h` exposed through API) -* ECJPAKE (hashes via md; `md.h` exposed through API) -* GCM (block cipher in ECB mode; interdependent with cipher) -* md (hashes and HMAC) -* NIST\_KW (AES-ECB; interdependent with cipher) +* ECJPAKE (hashes via MD-light; `md.h` exposed through API) +* MD (hashes and HMAC) * HMAC\_DRBG (hashes and HMAC via `md.h`; `md.h` exposed through API) -* PEM (AES and DES in CBC mode without padding; MD5 hash via low-level) -* PKCS12 (cipher, generically, selected from ASN.1 or function parameters; hashes via md; `cipher.h` exposed through API) -* PKCS5 (cipher, generically, selected from ASN.1; HMAC via `md.h`; `md.h` exposed through API) -* RSA (hash via md for PSS and OAEP; `md.h` exposed through API) +* PKCS12 (hashes via MD-light) +* PKCS5 (HMAC via `md.h`; `md.h` exposed through API) +* RSA (hash via MD-light for PSS and OAEP; `md.h` exposed through API) +* PEM (MD5 hash via MD-light) + +Symmetric ciphers and AEADs (before Cipher-light work): + +* PEM (AES and DES in CBC mode without padding) + AES and DES: setkey_dec + crypt_cbc + (look at test data for DES) +* PKCS12 (cipher, generically, selected from ASN.1 or function parameters; `cipher.h` exposed through API) + setup, setkey, set_iv, reset, update, finish (in sequence, once) + no documented restriction, block cipher in CBC mode in practice + (padding?) + (look at test cases) +* PKCS5 (cipher, generically, selected from ASN.1) + only DES-CBC or 3DES-CBC + (padding?) + setup, setkey, crypt +* CTR\_DRBG (AES-ECB, but could be extended to the other block ciphers) + setkey_enc + crypt_ecb +* CCM (block cipher in ECB mode; interdependent with cipher) + info, setup, setkey, update (several times), (never finish) +* CMAC (AES-ECB and DES-ECB, but could be extended to the other block ciphers; interdependent with cipher) + info, setup, setkey, update (several times), (never finish) +* GCM (block cipher in ECB mode; interdependent with cipher) + info, setup, setkey, update (several times), (never finish) +* NIST\_KW (AES-ECB; interdependent with cipher) + info, setup, setkey, update (several times), (never finish) +* cipher (cipher and AEAD algorithms) ### Difficulties From 36cd3f9f8ef6edbf9c7ba16a442117ddfa506748 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 11 Aug 2023 10:06:42 +0200 Subject: [PATCH 0065/1674] Add tentative definition of Cipher light MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- .../psa-migration/md-cipher-dispatch.md | 51 +++++++++++++++++++ 1 file changed, 51 insertions(+) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index ba76f494b..488cf20db 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -499,3 +499,54 @@ The architecture can be extended to support `MBEDTLS_PSA_CRYPTO_CLIENT` with a l * Compile-time dependencies: instead of checking `defined(MBEDTLS_PSA_CRYPTO_C)`, check `defined(MBEDTLS_PSA_CRYPTO_C) || defined(MBEDTLS_PSA_CRYPTO_CLIENT)`. * Implementers of `MBEDTLS_PSA_CRYPTO_CLIENT` will need to provide `psa_can_do_hash()` (or a more general function `psa_can_do`) alongside `psa_crypto_init()`. Note that at this point, it will become a public interface, hence we won't be able to change it at a whim. + +### Cipher light + +#### Definition + +**Note:** this definition is tentative an may be refined when implementing and +testing, based and what's needed by internal users of Cipher light. + +Cipher light will be automatically enabled in `build_info.h` by modules that +need it. (Tentative list: PEM, PCKS12, PKCS5, CTR\_DRBG, CCM, CMAC, GCM, +NIS\_KW, PSA Crypto.) Note: some of these modules currently depend on the +full `CIPHER_C` (enforced by `check_config.h`); this hard dependency would be +replace by the above auto-enablement. + +Cipher light includes: +- info functions; +- support for block ciphers in ECB mode (to be confirmed: supporting one block + at a time could be enough); +- support for block ciphers in CBC mode with no padding (to be confirmed: do + we need a padding mode?); +- support for both the "one-shot" and "streaming" APIs for block ciphers. + +This excludes: +- the AEAD/KW API (both one-shot and streaming); +- support for stream ciphers; +- support for other modes of block ciphers (CTR, CFB, etc.); +- support for (other) padding modes of CBC. + +The following API functions, and supporting types, are candidates for +inclusion in the Cipher light API, with limited features as above: +``` +mbedtls_cipher_info_from_psa +mbedtls_cipher_info_from_type +mbedtls_cipher_info_from_values + +mbedtls_cipher_info_get_block_size +mbedtls_cipher_info_get_iv_size +mbedtls_cipher_info_get_key_bitlen + +mbedtls_cipher_init +mbedtls_cipher_setup +mbedtls_cipher_setkey +mbedtls_cipher_set_padding_mode +mbedtls_cipher_crypt +mbedtls_cipher_free + +mbedtls_cipher_set_iv +mbedtls_cipher_reset +mbedtls_cipher_update +mbedtls_cipher_finish +``` From 45ad306fbf0b66c0396d0be442c620293c63c531 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 11 Aug 2023 15:03:51 +0800 Subject: [PATCH 0066/1674] pkwrite.c: save stack usage for pk_write_pubkey_pem mbedtls_pk_write_pubkey_pem would allocate 2086 bytes in writing a DER encoded RSA public key. To save stack usage significantly, we use heap memory instead. Signed-off-by: Yanray Wang --- library/pkwrite.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index 439428cff..511e22251 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -759,20 +759,27 @@ int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, int mbedtls_pk_write_pubkey_pem(const mbedtls_pk_context *key, unsigned char *buf, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char output_buf[PUB_DER_MAX_BYTES]; + unsigned char *output_buf = NULL; + output_buf = calloc(1, PUB_DER_MAX_BYTES); + if (output_buf == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } size_t olen = 0; if ((ret = mbedtls_pk_write_pubkey_der(key, output_buf, - sizeof(output_buf))) < 0) { + PUB_DER_MAX_BYTES)) < 0) { + free(output_buf); return ret; } if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY, - output_buf + sizeof(output_buf) - ret, + output_buf + PUB_DER_MAX_BYTES - ret, ret, buf, size, &olen)) != 0) { + free(output_buf); return ret; } + free(output_buf); return 0; } From c84086e55c96a44dd63dd508a5929be1788854d1 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 11 Aug 2023 15:33:07 +0800 Subject: [PATCH 0067/1674] pkwrite.c: save stack usage for pk_write_key_pem mbedtls_pk_write_key_pem would allocate 5679 bytes in writing a DER encoded RSA private key. To save stack usage significantly, we use heap memory instead. Signed-off-by: Yanray Wang --- library/pkwrite.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index 511e22251..f3acec751 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -786,7 +786,11 @@ int mbedtls_pk_write_pubkey_pem(const mbedtls_pk_context *key, unsigned char *bu int mbedtls_pk_write_key_pem(const mbedtls_pk_context *key, unsigned char *buf, size_t size) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char output_buf[PRV_DER_MAX_BYTES]; + unsigned char *output_buf = NULL; + output_buf = calloc(1, PRV_DER_MAX_BYTES); + if (output_buf == NULL) { + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } const char *begin, *end; size_t olen = 0; #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) @@ -799,7 +803,8 @@ int mbedtls_pk_write_key_pem(const mbedtls_pk_context *key, unsigned char *buf, int is_rsa_opaque = 0; #endif - if ((ret = mbedtls_pk_write_key_der(key, output_buf, sizeof(output_buf))) < 0) { + if ((ret = mbedtls_pk_write_key_der(key, output_buf, PRV_DER_MAX_BYTES)) < 0) { + free(output_buf); return ret; } @@ -843,14 +848,19 @@ int mbedtls_pk_write_key_pem(const mbedtls_pk_context *key, unsigned char *buf, } } else #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + { + free(output_buf); + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + } if ((ret = mbedtls_pem_write_buffer(begin, end, - output_buf + sizeof(output_buf) - ret, + output_buf + PRV_DER_MAX_BYTES - ret, ret, buf, size, &olen)) != 0) { + free(output_buf); return ret; } + free(output_buf); return 0; } #endif /* MBEDTLS_PEM_WRITE_C */ From 7226df07577183b59d566709d7caf2d2089609aa Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 11 Aug 2023 15:52:09 +0800 Subject: [PATCH 0068/1674] pkwrite.c: add a cleanup label to save code size Signed-off-by: Yanray Wang --- library/pkwrite.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index f3acec751..cc58f46e9 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -768,19 +768,19 @@ int mbedtls_pk_write_pubkey_pem(const mbedtls_pk_context *key, unsigned char *bu if ((ret = mbedtls_pk_write_pubkey_der(key, output_buf, PUB_DER_MAX_BYTES)) < 0) { - free(output_buf); - return ret; + goto cleanup; } if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY, output_buf + PUB_DER_MAX_BYTES - ret, ret, buf, size, &olen)) != 0) { - free(output_buf); - return ret; + goto cleanup; } + ret = 0; +cleanup: free(output_buf); - return 0; + return ret; } int mbedtls_pk_write_key_pem(const mbedtls_pk_context *key, unsigned char *buf, size_t size) @@ -804,8 +804,7 @@ int mbedtls_pk_write_key_pem(const mbedtls_pk_context *key, unsigned char *buf, #endif if ((ret = mbedtls_pk_write_key_der(key, output_buf, PRV_DER_MAX_BYTES)) < 0) { - free(output_buf); - return ret; + goto cleanup; } #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -849,19 +848,20 @@ int mbedtls_pk_write_key_pem(const mbedtls_pk_context *key, unsigned char *buf, } else #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ { - free(output_buf); - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + goto cleanup; } if ((ret = mbedtls_pem_write_buffer(begin, end, output_buf + PRV_DER_MAX_BYTES - ret, ret, buf, size, &olen)) != 0) { - free(output_buf); - return ret; + goto cleanup; } + ret = 0; +cleanup: free(output_buf); - return 0; + return ret; } #endif /* MBEDTLS_PEM_WRITE_C */ From 0882828b5162f1a4e3e9776dc5ea8105650de314 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 11 Aug 2023 16:15:14 +0800 Subject: [PATCH 0069/1674] pkwrite: add Changelog entry Signed-off-by: Yanray Wang --- ChangeLog.d/pkwrite-pem-use-heap.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/pkwrite-pem-use-heap.txt diff --git a/ChangeLog.d/pkwrite-pem-use-heap.txt b/ChangeLog.d/pkwrite-pem-use-heap.txt new file mode 100644 index 000000000..d2e7129ec --- /dev/null +++ b/ChangeLog.d/pkwrite-pem-use-heap.txt @@ -0,0 +1,4 @@ +Changes + * Use heap memory to allocate DER encoded RSA public/private key. + This reduces stack usage significantly for writing a public/private + key to a PEM string. From 08d5f46c83d0d7fcfbadd0e879db7da015046a88 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 21 Aug 2023 15:15:19 +0800 Subject: [PATCH 0070/1674] pkwrite.c: call calloc and free properly Signed-off-by: Yanray Wang --- library/pkwrite.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index cc58f46e9..225cde90d 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -760,7 +760,7 @@ int mbedtls_pk_write_pubkey_pem(const mbedtls_pk_context *key, unsigned char *bu { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *output_buf = NULL; - output_buf = calloc(1, PUB_DER_MAX_BYTES); + output_buf = mbedtls_calloc(1, PUB_DER_MAX_BYTES); if (output_buf == NULL) { return MBEDTLS_ERR_PK_ALLOC_FAILED; } @@ -779,7 +779,7 @@ int mbedtls_pk_write_pubkey_pem(const mbedtls_pk_context *key, unsigned char *bu ret = 0; cleanup: - free(output_buf); + mbedtls_free(output_buf); return ret; } @@ -787,7 +787,7 @@ int mbedtls_pk_write_key_pem(const mbedtls_pk_context *key, unsigned char *buf, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *output_buf = NULL; - output_buf = calloc(1, PRV_DER_MAX_BYTES); + output_buf = mbedtls_calloc(1, PRV_DER_MAX_BYTES); if (output_buf == NULL) { return MBEDTLS_ERR_PK_ALLOC_FAILED; } @@ -860,7 +860,7 @@ int mbedtls_pk_write_key_pem(const mbedtls_pk_context *key, unsigned char *buf, ret = 0; cleanup: - free(output_buf); + mbedtls_free(output_buf); return ret; } #endif /* MBEDTLS_PEM_WRITE_C */ From edbab91bf81eeafecca44697c0a25242a1b5f00f Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 21 Aug 2023 15:17:43 +0800 Subject: [PATCH 0071/1674] pkwrite.c: write ChangeLog accurately The heap memory is used for both RSA and EC keys. So removing `RSA` in the ChangeLog. Signed-off-by: Yanray Wang --- ChangeLog.d/pkwrite-pem-use-heap.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/pkwrite-pem-use-heap.txt b/ChangeLog.d/pkwrite-pem-use-heap.txt index d2e7129ec..11db7b6b0 100644 --- a/ChangeLog.d/pkwrite-pem-use-heap.txt +++ b/ChangeLog.d/pkwrite-pem-use-heap.txt @@ -1,4 +1,4 @@ Changes - * Use heap memory to allocate DER encoded RSA public/private key. + * Use heap memory to allocate DER encoded public/private key. This reduces stack usage significantly for writing a public/private key to a PEM string. From 422a77f7165bdfac0f437d204672f9d61ccc1c5b Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 7 Jul 2023 10:12:05 +0800 Subject: [PATCH 0072/1674] aes.c: clean up and fix wrong comment in #endif Signed-off-by: Yanray Wang --- library/aes.c | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/library/aes.c b/library/aes.c index 47a5e3e82..753bc78ad 100644 --- a/library/aes.c +++ b/library/aes.c @@ -122,8 +122,8 @@ static const unsigned char FSb[256] = 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 }; -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif /* !MBEDTLS_AES_ENCRYPT_ALT || !MBEDTLS_AES_SETKEY_ENC_ALT || + !MBEDTLS_AES_SETKEY_DEC_ALT */ /* * Forward tables @@ -216,7 +216,7 @@ static const uint32_t FT3[256] = { FT }; #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) */ +#endif /* !MBEDTLS_AES_ENCRYPT_ALT */ #undef FT @@ -259,7 +259,7 @@ static const unsigned char RSb[256] = 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D }; -#endif /* defined(MBEDTLS_AES_DECRYPT_ALT)) */ +#endif /* !MBEDTLS_AES_DECRYPT_ALT */ /* * Reverse tables @@ -353,7 +353,7 @@ static const uint32_t RT3[256] = { RT }; #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif /* !MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT */ #undef RT @@ -367,7 +367,7 @@ static const uint32_t RCON[10] = 0x00000010, 0x00000020, 0x00000040, 0x00000080, 0x0000001B, 0x00000036 }; -#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ +#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT */ #else /* MBEDTLS_AES_ROM_TABLES */ @@ -377,8 +377,8 @@ static const uint32_t RCON[10] = #if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static unsigned char FSb[256]; -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif /* !MBEDTLS_AES_ENCRYPT_ALT || !MBEDTLS_AES_SETKEY_ENC_ALT || + !MBEDTLS_AES_SETKEY_DEC_ALT */ #if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) static uint32_t FT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) @@ -386,14 +386,14 @@ static uint32_t FT1[256]; static uint32_t FT2[256]; static uint32_t FT3[256]; #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ +#endif /* !MBEDTLS_AES_ENCRYPT_ALT || !MBEDTLS_AES_SETKEY_ENC_ALT */ /* * Reverse S-box & tables */ -#if !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) +#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || !defined(MBEDTLS_AES_DECRYPT_ALT) static unsigned char RSb[256]; -#endif /* !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) */ +#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT || !MBEDTLS_AES_DECRYPT_ALT */ #if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static uint32_t RT0[256]; @@ -402,7 +402,7 @@ static uint32_t RT1[256]; static uint32_t RT2[256]; static uint32_t RT3[256]; #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif /* !MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT */ #if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) /* @@ -494,11 +494,11 @@ static void aes_gen_tables(void) RT2[i] = ROTL8(RT1[i]); RT3[i] = ROTL8(RT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif /* !MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT */ } } -#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ +#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT */ #undef ROTL8 @@ -615,8 +615,8 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf) return 0; } -#endif /* defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ +#endif /* MAY_NEED_TO_ALIGN || !MBEDTLS_AES_SETKEY_DEC_ALT || + !MBEDTLS_AES_SETKEY_ENC_ALT */ /* * AES key schedule (encryption) From 427424768a34e7e05d0e63b9d8a99ebcc6316e11 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 7 Jul 2023 17:28:24 +0800 Subject: [PATCH 0073/1674] aes.c: provide finer guard for RSb Variable RSb is only used for either computing reverse tables in aes_gen_tables or AES-decryption function. This commit provides more guards for when RSb is defined and used. Signed-off-by: Yanray Wang --- library/aes.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/library/aes.c b/library/aes.c index 753bc78ad..95ab3921c 100644 --- a/library/aes.c +++ b/library/aes.c @@ -391,9 +391,14 @@ static uint32_t FT3[256]; /* * Reverse S-box & tables */ -#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || !defined(MBEDTLS_AES_DECRYPT_ALT) + +#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) && !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static unsigned char RSb[256]; -#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT || !MBEDTLS_AES_DECRYPT_ALT */ +#else /* !MBEDTLS_AES_SETKEY_ENC_ALT && !MBEDTLS_AES_SETKEY_DEC_ALT */ +#if !defined(MBEDTLS_AES_DECRYPT_ALT) +static unsigned char RSb[256]; +#endif /* !MBEDTLS_AES_DECRYPT_ALT */ +#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT && !MBEDTLS_AES_SETKEY_DEC_ALT */ #if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) static uint32_t RT0[256]; @@ -447,7 +452,9 @@ static void aes_gen_tables(void) * generate the forward and reverse S-boxes */ FSb[0x00] = 0x63; +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) RSb[0x63] = 0x00; +#endif for (i = 1; i < 256; i++) { x = pow[255 - log[i]]; @@ -459,7 +466,9 @@ static void aes_gen_tables(void) x ^= y ^ 0x63; FSb[i] = x; +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) RSb[x] = (unsigned char) i; +#endif } /* @@ -481,9 +490,9 @@ static void aes_gen_tables(void) FT3[i] = ROTL8(FT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) x = RSb[i]; -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) RT0[i] = ((uint32_t) MUL(0x0E, x)) ^ ((uint32_t) MUL(0x09, x) << 8) ^ ((uint32_t) MUL(0x0D, x) << 16) ^ From 5cb8605d796550483fad9616b397c51c4af04869 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 27 Aug 2023 21:31:47 +0200 Subject: [PATCH 0074/1674] ssl-opt.sh doesn't actually use OPENSSL_LEGACY, so remove it Signed-off-by: Gilles Peskine --- tests/ssl-opt.sh | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0164b45cd..55e88128b 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -81,14 +81,6 @@ TCP_CLIENT="$PERL scripts/tcp_client.pl" # alternative versions of OpenSSL and GnuTLS (no default path) -if [ -n "${OPENSSL_LEGACY:-}" ]; then - O_LEGACY_SRV="$OPENSSL_LEGACY s_server -www -cert data_files/server5.crt -key data_files/server5.key" - O_LEGACY_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_LEGACY s_client" -else - O_LEGACY_SRV=false - O_LEGACY_CLI=false -fi - if [ -n "${OPENSSL_NEXT:-}" ]; then O_NEXT_SRV="$OPENSSL_NEXT s_server -www -cert data_files/server5.crt -key data_files/server5.key" O_NEXT_SRV_EARLY_DATA="$OPENSSL_NEXT s_server -early_data -cert data_files/server5.crt -key data_files/server5.key" @@ -1910,11 +1902,6 @@ O_CLI="$O_CLI -connect 127.0.0.1:+SRV_PORT" G_SRV="$G_SRV -p $SRV_PORT" G_CLI="$G_CLI -p +SRV_PORT" -if [ -n "${OPENSSL_LEGACY:-}" ]; then - O_LEGACY_SRV="$O_LEGACY_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem" - O_LEGACY_CLI="$O_LEGACY_CLI -connect 127.0.0.1:+SRV_PORT" -fi - # Newer versions of OpenSSL have a syntax to enable all "ciphers", even # low-security ones. This covers not just cipher suites but also protocol # versions. It is necessary, for example, to use (D)TLS 1.0/1.1 on From 5f5e3886c57c37d3eb8fb7ae05675e1063ef51cb Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 27 Aug 2023 21:32:36 +0200 Subject: [PATCH 0075/1674] Minor robustness improvement Let openssl use any experimental or obsolete cipher that's not in ALL. Signed-off-by: Gilles Peskine --- tests/compat.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/compat.sh b/tests/compat.sh index 2e03e44f3..dbe1cacc1 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -592,7 +592,7 @@ setup_arguments() fi M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE" - O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$O_MODE" + O_SERVER_ARGS="-accept $PORT -cipher ALL,COMPLEMENTOFALL -$O_MODE" G_SERVER_ARGS="-p $PORT --http $G_MODE" G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+SHA256:+SHA384:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE" From e29203be88c1ee6ed850eb9702953a5d3dfb23a3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 27 Aug 2023 21:43:00 +0200 Subject: [PATCH 0076/1674] Stop using "legacy" OpenSSL and GnuTLS None of the tests actually need GNUTLS_LEGACY (3.3.8): GNUTLS (3.4.10) works. None of the tests actually need OPENSSL_LEGACY (1.0.1j): OPENSSL (1.0.2g) works. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 4 ++-- tests/scripts/basic-build-test.sh | 4 +--- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8e978ac72..b456c300f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1855,7 +1855,7 @@ component_test_full_cmake_clang () { tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private' msg "test: compat.sh NULL (full config)" # ~ 2 min - env OPENSSL="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL' + tests/compat.sh -e '^$' -f 'NULL' msg "test: compat.sh ARIA + ChachaPoly" env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' @@ -2242,7 +2242,7 @@ component_test_no_use_psa_crypto_full_cmake_asan() { tests/compat.sh msg "test: compat.sh NULL (full minus MBEDTLS_USE_PSA_CRYPTO)" - env OPENSSL="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -f 'NULL' + tests/compat.sh -f 'NULL' msg "test: compat.sh ARIA + ChachaPoly (full minus MBEDTLS_USE_PSA_CRYPTO)" env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 32be0eef1..69b25a418 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -124,9 +124,7 @@ echo '################ compat.sh ################' sh compat.sh echo - echo '#### compat.sh: legacy (null)' - OPENSSL="$OPENSSL_LEGACY" \ - GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" \ + echo '#### compat.sh: null cipher' sh compat.sh -e '^$' -f 'NULL' echo From 7be571ac853ef94774d138e033d0f348411644cf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 27 Aug 2023 21:39:21 +0200 Subject: [PATCH 0077/1674] Remove GNUTLS_LEGACY and OPENSSL_LEGACY They aren't used anywhere. Keep the command line options of all.sh to avoid breaking any wrapper scripts that people might have. Signed-off-by: Gilles Peskine --- scripts/output_env.sh | 21 ------------------- tests/scripts/all.sh | 34 +++++++++++-------------------- tests/scripts/basic-build-test.sh | 6 ------ 3 files changed, 12 insertions(+), 49 deletions(-) diff --git a/scripts/output_env.sh b/scripts/output_env.sh index 535613298..302f3fdaa 100755 --- a/scripts/output_env.sh +++ b/scripts/output_env.sh @@ -170,13 +170,6 @@ echo print_version "$OPENSSL" "version" "default" echo -if [ -n "${OPENSSL_LEGACY+set}" ]; then - print_version "$OPENSSL_LEGACY" "version" "legacy" -else - echo " * openssl (legacy): Not configured." -fi -echo - if [ -n "${OPENSSL_NEXT+set}" ]; then print_version "$OPENSSL_NEXT" "version" "next" else @@ -192,20 +185,6 @@ echo print_version "$GNUTLS_SERV" "--version" "default" "head -n 1" echo -if [ -n "${GNUTLS_LEGACY_CLI+set}" ]; then - print_version "$GNUTLS_LEGACY_CLI" "--version" "legacy" "head -n 1" -else - echo " * gnutls-cli (legacy): Not configured." -fi -echo - -if [ -n "${GNUTLS_LEGACY_SERV+set}" ]; then - print_version "$GNUTLS_LEGACY_SERV" "--version" "legacy" "head -n 1" -else - echo " * gnutls-serv (legacy): Not configured." -fi -echo - echo " * Installed asan versions:" if type dpkg-query >/dev/null 2>/dev/null; then if ! dpkg-query -f '${Status} ${Package}: ${Version}\n' -W 'libasan*' | diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b456c300f..8b9a3343c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -50,10 +50,13 @@ # * G++ # * arm-gcc and mingw-gcc # * ArmCC 5 and ArmCC 6, unless invoked with --no-armcc -# * OpenSSL and GnuTLS command line tools, recent enough for the -# interoperability tests. If they don't support old features which we want -# to test, then a legacy version of these tools must be present as well -# (search for LEGACY below). +# * OpenSSL and GnuTLS command line tools, in suitable versions for the +# interoperability tests. The following are the official versions at the +# time of writing: +# * GNUTLS_{CLI,SERV} = 3.4.10 +# * GNUTLS_NEXT_{CLI,SERV} = 3.7.2 +# * OPENSSL = 1.0.2g (without Debian/Ubuntu patches) +# * OPENSSL_NEXT = 1.1.1a # See the invocation of check_tools below for details. # # This script must be invoked from the toplevel directory of a git @@ -165,12 +168,9 @@ pre_initialize_variables () { # Default commands, can be overridden by the environment : ${OPENSSL:="openssl"} - : ${OPENSSL_LEGACY:="$OPENSSL"} : ${OPENSSL_NEXT:="$OPENSSL"} : ${GNUTLS_CLI:="gnutls-cli"} : ${GNUTLS_SERV:="gnutls-serv"} - : ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"} - : ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"} : ${OUT_OF_SOURCE_DIR:=./mbedtls_out_of_source_build} : ${ARMC5_BIN_DIR:=/usr/bin} : ${ARMC6_BIN_DIR:=/usr/bin} @@ -286,10 +286,7 @@ Tool path options: --gcc-latest= Latest version of GCC available --gnutls-cli= GnuTLS client executable to use for most tests. --gnutls-serv= GnuTLS server executable to use for most tests. - --gnutls-legacy-cli= GnuTLS client executable to use for legacy tests. - --gnutls-legacy-serv= GnuTLS server executable to use for legacy tests. --openssl= OpenSSL executable to use for most tests. - --openssl-legacy= OpenSSL executable to use for legacy tests.. --openssl-next= OpenSSL executable to use for recent things like ARIA EOF } @@ -458,8 +455,8 @@ pre_parse_command_line () { --gcc-earliest) shift; GCC_EARLIEST="$1";; --gcc-latest) shift; GCC_LATEST="$1";; --gnutls-cli) shift; GNUTLS_CLI="$1";; - --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";; - --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";; + --gnutls-legacy-cli) shift;; # ignored for backward compatibility + --gnutls-legacy-serv) shift;; # ignored for backward compatibility --gnutls-serv) shift; GNUTLS_SERV="$1";; --help|-h) usage; exit;; --keep-going|-k) KEEP_GOING=1;; @@ -473,7 +470,6 @@ pre_parse_command_line () { --no-memory) MEMORY=0;; --no-quiet) QUIET=0;; --openssl) shift; OPENSSL="$1";; - --openssl-legacy) shift; OPENSSL_LEGACY="$1";; --openssl-next) shift; OPENSSL_NEXT="$1";; --outcome-file) shift; MBEDTLS_TEST_OUTCOME_FILE="$1";; --out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";; @@ -728,12 +724,9 @@ pre_print_configuration () { echo "SEED: ${SEED-"UNSET"}" echo echo "OPENSSL: $OPENSSL" - echo "OPENSSL_LEGACY: $OPENSSL_LEGACY" echo "OPENSSL_NEXT: $OPENSSL_NEXT" echo "GNUTLS_CLI: $GNUTLS_CLI" echo "GNUTLS_SERV: $GNUTLS_SERV" - echo "GNUTLS_LEGACY_CLI: $GNUTLS_LEGACY_CLI" - echo "GNUTLS_LEGACY_SERV: $GNUTLS_LEGACY_SERV" echo "ARMC5_BIN_DIR: $ARMC5_BIN_DIR" echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR" } @@ -757,13 +750,10 @@ pre_check_tools () { if [ -n "${SEED-}" ]; then export SEED fi - set "$@" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" + set "$@" OPENSSL="$OPENSSL" set "$@" GNUTLS_CLI="$GNUTLS_CLI" GNUTLS_SERV="$GNUTLS_SERV" - set "$@" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" - set "$@" GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" - check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \ - "$GNUTLS_CLI" "$GNUTLS_SERV" \ - "$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" + check_tools "$OPENSSL" "$OPENSSL_NEXT" \ + "$GNUTLS_CLI" "$GNUTLS_SERV" ;; esac diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 69b25a418..bee6b908a 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -48,11 +48,8 @@ if [ -d library -a -d include -a -d tests ]; then :; else fi : ${OPENSSL:="openssl"} -: ${OPENSSL_LEGACY:="$OPENSSL"} : ${GNUTLS_CLI:="gnutls-cli"} : ${GNUTLS_SERV:="gnutls-serv"} -: ${GNUTLS_LEGACY_CLI:="$GNUTLS_CLI"} -: ${GNUTLS_LEGACY_SERV:="$GNUTLS_SERV"} # Used to make ssl-opt.sh deterministic. # @@ -78,11 +75,8 @@ CONFIG_BAK="$CONFIG_H.bak" # Step 0 - print build environment info OPENSSL="$OPENSSL" \ - OPENSSL_LEGACY="$OPENSSL_LEGACY" \ GNUTLS_CLI="$GNUTLS_CLI" \ GNUTLS_SERV="$GNUTLS_SERV" \ - GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" \ - GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" \ scripts/output_env.sh echo From 044eb16379ffc00d984f22ce38ab49223ac059a9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 28 Aug 2023 10:35:39 +0800 Subject: [PATCH 0078/1674] pkwrite: zeroize buf containing info of private key Signed-off-by: Yanray Wang --- library/pkwrite.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index 225cde90d..4e625292c 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -860,7 +860,7 @@ int mbedtls_pk_write_key_pem(const mbedtls_pk_context *key, unsigned char *buf, ret = 0; cleanup: - mbedtls_free(output_buf); + mbedtls_zeroize_and_free(output_buf, PRV_DER_MAX_BYTES); return ret; } #endif /* MBEDTLS_PEM_WRITE_C */ From 1783870681c31962a919a1107d9e872a4b1710e9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 28 Aug 2023 17:36:22 +0200 Subject: [PATCH 0079/1674] compat.sh: add --preserve-logs option Similar to ssl-opt.sh. Signed-off-by: Gilles Peskine --- tests/compat.sh | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/tests/compat.sh b/tests/compat.sh index dbe1cacc1..51c9bcdb5 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -108,6 +108,7 @@ FILTER="" EXCLUDE='NULL\|ARIA\|CHACHA20_POLY1305' VERBOSE="" MEMCHECK=0 +PRESERVE_LOGS=0 PEERS="OpenSSL$PEER_GNUTLS mbedTLS" # hidden option: skip DTLS with OpenSSL @@ -128,6 +129,7 @@ print_usage() { printf " -v|--verbose\tSet verbose output.\n" printf " --outcome-file\tFile where test outcomes are written\n" printf " \t(default: \$MBEDTLS_TEST_OUTCOME_FILE, none if empty)\n" + printf " --preserve-logs\tPreserve logs of successful tests as well\n" } get_options() { @@ -160,6 +162,9 @@ get_options() { --outcome-file) shift; MBEDTLS_TEST_OUTCOME_FILE=$1 ;; + --preserve-logs) + PRESERVE_LOGS=1 + ;; -h|--help) print_usage exit 0 @@ -842,12 +847,16 @@ record_outcome() { fi } +save_logs() { + cp $SRV_OUT c-srv-${TESTS}.log + cp $CLI_OUT c-cli-${TESTS}.log +} + # display additional information if test case fails report_fail() { FAIL_PROMPT="outputs saved to c-srv-${TESTS}.log, c-cli-${TESTS}.log" record_outcome "FAIL" "$FAIL_PROMPT" - cp $SRV_OUT c-srv-${TESTS}.log - cp $CLI_OUT c-cli-${TESTS}.log + save_logs echo " ! $FAIL_PROMPT" if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then @@ -966,6 +975,9 @@ run_client() { case $RESULT in "0") record_outcome "PASS" + if [ "$PRESERVE_LOGS" -gt 0 ]; then + save_logs + fi ;; "1") record_outcome "SKIP" From 2c40b9059837cdecb55b3393813b77c426edf8fc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 30 Aug 2023 16:38:56 +0200 Subject: [PATCH 0080/1674] ssl-opt.sh doesn't actually use OPENSSL_LEGACY: remove unused function Signed-off-by: Gilles Peskine --- tests/ssl-opt.sh | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 55e88128b..1f2aac2e6 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -636,20 +636,6 @@ requires_gnutls_next() { fi } -# skip next test if OpenSSL-legacy isn't available -requires_openssl_legacy() { - if [ -z "${OPENSSL_LEGACY_AVAILABLE:-}" ]; then - if which "${OPENSSL_LEGACY:-}" >/dev/null 2>&1; then - OPENSSL_LEGACY_AVAILABLE="YES" - else - OPENSSL_LEGACY_AVAILABLE="NO" - fi - fi - if [ "$OPENSSL_LEGACY_AVAILABLE" = "NO" ]; then - SKIP_NEXT="YES" - fi -} - requires_openssl_next() { if [ -z "${OPENSSL_NEXT_AVAILABLE:-}" ]; then if which "${OPENSSL_NEXT:-}" >/dev/null 2>&1; then From 78ee0c9e4fc65d2fdffa1f9e5b6488b6ac4c88a1 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 15 May 2023 11:23:50 +0800 Subject: [PATCH 0081/1674] aes.c: add config option to support cipher_encrypt_only Signed-off-by: Yanray Wang --- include/mbedtls/aes.h | 4 ++ library/aes.c | 95 +++++++++++++++++++++++++++---------------- 2 files changed, 65 insertions(+), 34 deletions(-) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 7c92162d1..0780ece3b 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -167,6 +167,7 @@ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief This function sets the decryption key. * @@ -185,6 +186,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ #if defined(MBEDTLS_CIPHER_MODE_XTS) /** @@ -604,6 +606,7 @@ int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16]); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief Internal AES block decryption function. This is only * exposed to allow overriding it using see @@ -619,6 +622,7 @@ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16]); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ #if defined(MBEDTLS_SELF_TEST) /** diff --git a/library/aes.c b/library/aes.c index 95ab3921c..b604cb75c 100644 --- a/library/aes.c +++ b/library/aes.c @@ -86,7 +86,7 @@ static int aes_padlock_ace = -1; * Forward S-box */ #if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_DEC_ALT) + (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY)) static const unsigned char FSb[256] = { 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, @@ -123,7 +123,7 @@ static const unsigned char FSb[256] = 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 }; #endif /* !MBEDTLS_AES_ENCRYPT_ALT || !MBEDTLS_AES_SETKEY_ENC_ALT || - !MBEDTLS_AES_SETKEY_DEC_ALT */ + (!MBEDTLS_AES_SETKEY_DEC_ALT && !MBEDTLS_CIPHER_ENCRYPT_ONLY) */ /* * Forward tables @@ -220,7 +220,7 @@ static const uint32_t FT3[256] = { FT }; #undef FT -#if !defined(MBEDTLS_AES_DECRYPT_ALT) +#if !defined(MBEDTLS_AES_DECRYPT_ALT) && !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /* * Reverse S-box */ @@ -259,7 +259,7 @@ static const unsigned char RSb[256] = 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D }; -#endif /* !MBEDTLS_AES_DECRYPT_ALT */ +#endif /* !MBEDTLS_AES_DECRYPT_ALT && !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /* * Reverse tables @@ -331,7 +331,8 @@ static const unsigned char RSb[256] = V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \ V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0) -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) && \ + !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) #define V(a, b, c, d) 0x##a##b##c##d static const uint32_t RT0[256] = { RT }; @@ -352,8 +353,8 @@ static const uint32_t RT3[256] = { RT }; #undef V #endif /* !MBEDTLS_AES_FEWER_TABLES */ - -#endif /* !MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT */ +#endif /* (!MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT) && + !MBEDTLS_CIPHER_ENCRYPT_ONLY */ #undef RT @@ -375,10 +376,10 @@ static const uint32_t RCON[10] = * Forward S-box & tables */ #if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_DEC_ALT) + (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY)) static unsigned char FSb[256]; #endif /* !MBEDTLS_AES_ENCRYPT_ALT || !MBEDTLS_AES_SETKEY_ENC_ALT || - !MBEDTLS_AES_SETKEY_DEC_ALT */ + (!MBEDTLS_AES_SETKEY_DEC_ALT && !MBEDTLS_CIPHER_ENCRYPT_ONLY) */ #if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) static uint32_t FT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) @@ -391,23 +392,27 @@ static uint32_t FT3[256]; /* * Reverse S-box & tables */ - -#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) && !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) && !defined(MBEDTLS_AES_SETKEY_DEC_ALT) && \ + !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) static unsigned char RSb[256]; -#else /* !MBEDTLS_AES_SETKEY_ENC_ALT && !MBEDTLS_AES_SETKEY_DEC_ALT */ -#if !defined(MBEDTLS_AES_DECRYPT_ALT) +#else /* !MBEDTLS_AES_SETKEY_ENC_ALT && !MBEDTLS_AES_SETKEY_DEC_ALT && + !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#if !defined(MBEDTLS_AES_DECRYPT_ALT) && !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) static unsigned char RSb[256]; -#endif /* !MBEDTLS_AES_DECRYPT_ALT */ -#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT && !MBEDTLS_AES_SETKEY_DEC_ALT */ +#endif /* !MBEDTLS_AES_DECRYPT_ALT && !MBEDTLS_CIPHER_ENCRYPT_ONLY*/ +#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT && !MBEDTLS_AES_SETKEY_DEC_ALT && + !MBEDTLS_CIPHER_ENCRYPT_ONLY */ -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) && \ + !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) static uint32_t RT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) static uint32_t RT1[256]; static uint32_t RT2[256]; static uint32_t RT3[256]; #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT */ +#endif /* (!MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT) && + !MBEDTLS_CIPHER_ENCRYPT_ONLY */ #if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) /* @@ -452,9 +457,11 @@ static void aes_gen_tables(void) * generate the forward and reverse S-boxes */ FSb[0x00] = 0x63; -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) && \ + !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) RSb[0x63] = 0x00; -#endif +#endif /* (!MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT) && + !MBEDTLS_CIPHER_ENCRYPT_ONLY */ for (i = 1; i < 256; i++) { x = pow[255 - log[i]]; @@ -466,9 +473,11 @@ static void aes_gen_tables(void) x ^= y ^ 0x63; FSb[i] = x; -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) && \ + !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) RSb[x] = (unsigned char) i; -#endif +#endif /* (!MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT) && + !MBEDTLS_CIPHER_ENCRYPT_ONLY */ } /* @@ -490,7 +499,8 @@ static void aes_gen_tables(void) FT3[i] = ROTL8(FT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) && \ + !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) x = RSb[i]; RT0[i] = ((uint32_t) MUL(0x0E, x)) ^ @@ -503,7 +513,8 @@ static void aes_gen_tables(void) RT2[i] = ROTL8(RT1[i]); RT3[i] = ROTL8(RT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT */ +#endif /* (!MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT) && + !MBEDTLS_CIPHER_ENCRYPT_ONLY */ } } @@ -586,8 +597,8 @@ void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx) #define MAY_NEED_TO_ALIGN #endif -#if defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_ENC_ALT) +#if defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY)) static unsigned mbedtls_aes_rk_offset(uint32_t *buf) { #if defined(MAY_NEED_TO_ALIGN) @@ -624,8 +635,8 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf) return 0; } -#endif /* MAY_NEED_TO_ALIGN || !MBEDTLS_AES_SETKEY_DEC_ALT || - !MBEDTLS_AES_SETKEY_ENC_ALT */ +#endif /* MAY_NEED_TO_ALIGN || !MBEDTLS_AES_SETKEY_ENC_ALT || + (!MBEDTLS_AES_SETKEY_DEC_ALT && !MBEDTLS_CIPHER_ENCRYPT_ONLY) */ /* * AES key schedule (encryption) @@ -741,7 +752,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, /* * AES key schedule (decryption) */ -#if !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if !defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits) { @@ -810,7 +821,7 @@ exit: return ret; } -#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT */ +#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT && !MBEDTLS_CIPHER_ENCRYPT_ONLY */ #if defined(MBEDTLS_CIPHER_MODE_XTS) static int mbedtls_aes_xts_decode_keys(const unsigned char *key, @@ -999,7 +1010,7 @@ int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx, /* * AES-ECB block decryption */ -#if !defined(MBEDTLS_AES_DECRYPT_ALT) +#if !defined(MBEDTLS_AES_DECRYPT_ALT) && !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16]) @@ -1056,7 +1067,7 @@ int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, return 0; } -#endif /* !MBEDTLS_AES_DECRYPT_ALT */ +#endif /* !MBEDTLS_AES_DECRYPT_ALT && !MBEDTLS_CIPHER_ENCRYPT_ONLY */ #if defined(MAY_NEED_TO_ALIGN) /* VIA Padlock and our intrinsics-based implementation of AESNI require @@ -1113,13 +1124,16 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, #endif #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) if (mode == MBEDTLS_AES_ENCRYPT) { return mbedtls_internal_aes_encrypt(ctx, input, output); } else { return mbedtls_internal_aes_decrypt(ctx, input, output); } +#else + return mbedtls_internal_aes_encrypt(ctx, input, output); #endif - +#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ } #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -1545,6 +1559,7 @@ exit: * * http://csrc.nist.gov/archive/aes/rijndael/rijndael-vals.zip */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) static const unsigned char aes_test_ecb_dec[][16] = { { 0x44, 0x41, 0x6A, 0xC2, 0xD1, 0xF5, 0x3C, 0x58, @@ -1556,6 +1571,7 @@ static const unsigned char aes_test_ecb_dec[][16] = 0x1F, 0x6F, 0x56, 0x58, 0x5D, 0x8A, 0x4A, 0xDE } #endif }; +#endif static const unsigned char aes_test_ecb_enc[][16] = { @@ -1937,7 +1953,7 @@ int mbedtls_aes_self_test(int verbose) */ { static const int num_tests = - sizeof(aes_test_ecb_dec) / sizeof(*aes_test_ecb_dec); + sizeof(aes_test_ecb_enc) / sizeof(*aes_test_ecb_enc); for (i = 0; i < num_tests << 1; i++) { u = i >> 1; @@ -1948,13 +1964,24 @@ int mbedtls_aes_self_test(int verbose) mbedtls_printf(" AES-ECB-%3u (%s): ", keybits, (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); } +#if defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) + if (mode == MBEDTLS_AES_DECRYPT) { + if (verbose != 0) { + mbedtls_printf("skipped\n"); + } + continue; + } +#endif memset(buf, 0, 16); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) if (mode == MBEDTLS_AES_DECRYPT) { ret = mbedtls_aes_setkey_dec(&ctx, key, keybits); aes_tests = aes_test_ecb_dec[u]; - } else { + } else +#endif + { ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); aes_tests = aes_test_ecb_enc[u]; } From 590c9b7abe3aa447ce826f6b7384f731994a1bf3 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 28 Aug 2023 15:40:23 +0800 Subject: [PATCH 0082/1674] AESCE: add macro guard of CIPHER_ENCRYPT_ONLY Signed-off-by: Yanray Wang --- library/aesce.c | 9 +++++++++ library/aesce.h | 2 ++ 2 files changed, 11 insertions(+) diff --git a/library/aesce.c b/library/aesce.c index 6f75a67d7..650f75fb9 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -199,6 +199,7 @@ rounds_10: /* Two rounds of AESCE decryption */ #define AESCE_DECRYPT_ROUND_X2 AESCE_DECRYPT_ROUND; AESCE_DECRYPT_ROUND +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) static uint8x16_t aesce_decrypt_block(uint8x16_t block, unsigned char *keys, int rounds) @@ -230,6 +231,7 @@ rounds_10: return block; } +#endif /* * AES-ECB block en(de)cryption @@ -242,11 +244,16 @@ int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx, uint8x16_t block = vld1q_u8(&input[0]); unsigned char *keys = (unsigned char *) (ctx->buf + ctx->rk_offset); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) if (mode == MBEDTLS_AES_ENCRYPT) { block = aesce_encrypt_block(block, keys, ctx->nr); } else { block = aesce_decrypt_block(block, keys, ctx->nr); } +#else + (void) mode; + block = aesce_encrypt_block(block, keys, ctx->nr); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ vst1q_u8(&output[0], block); return 0; @@ -255,6 +262,7 @@ int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx, /* * Compute decryption round keys from encryption round keys */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) void mbedtls_aesce_inverse_key(unsigned char *invkey, const unsigned char *fwdkey, int nr) @@ -269,6 +277,7 @@ void mbedtls_aesce_inverse_key(unsigned char *invkey, vst1q_u8(invkey + i * 16, vld1q_u8(fwdkey + j * 16)); } +#endif static inline uint32_t aes_rot_word(uint32_t word) { diff --git a/library/aesce.h b/library/aesce.h index 735c8cfad..ccc0fd3e5 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -102,6 +102,7 @@ void mbedtls_aesce_gcm_mult(unsigned char c[16], const unsigned char b[16]); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief Internal round key inversion. This function computes * decryption round keys from the encryption round keys. @@ -113,6 +114,7 @@ void mbedtls_aesce_gcm_mult(unsigned char c[16], void mbedtls_aesce_inverse_key(unsigned char *invkey, const unsigned char *fwdkey, int nr); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief Internal key expansion for encryption From 380be5af3a1f81771973225f886b2fe2a19b0b95 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 28 Aug 2023 15:40:34 +0800 Subject: [PATCH 0083/1674] AESNI: add macro guard of CIPHER_ENCRYPT_ONLY Signed-off-by: Yanray Wang --- library/aesni.c | 33 +++++++++++++++++++++++++-------- library/aesni.h | 2 ++ 2 files changed, 27 insertions(+), 8 deletions(-) diff --git a/library/aesni.c b/library/aesni.c index 5f25a8249..f7c99df51 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -93,21 +93,32 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, ++rk; --nr; - if (mode == 0) { - while (nr != 0) { - state = _mm_aesdec_si128(state, *rk); - ++rk; - --nr; - } - state = _mm_aesdeclast_si128(state, *rk); - } else { +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) + if (mode == MBEDTLS_AES_ENCRYPT) { while (nr != 0) { state = _mm_aesenc_si128(state, *rk); ++rk; --nr; } state = _mm_aesenclast_si128(state, *rk); + } else { + while (nr != 0) { + state = _mm_aesdec_si128(state, *rk); + ++rk; + --nr; + } + state = _mm_aesdeclast_si128(state, *rk); } +#else + (void) mode; + while (nr != 0) { + + state = _mm_aesenc_si128(state, *rk); + ++rk; + --nr; + } + state = _mm_aesenclast_si128(state, *rk); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ memcpy(output, &state, 16); return 0; @@ -217,6 +228,7 @@ void mbedtls_aesni_gcm_mult(unsigned char c[16], /* * Compute decryption round keys from encryption round keys */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) void mbedtls_aesni_inverse_key(unsigned char *invkey, const unsigned char *fwdkey, int nr) { @@ -229,6 +241,7 @@ void mbedtls_aesni_inverse_key(unsigned char *invkey, } *ik = *fk; } +#endif /* * Key expansion, 128-bit case @@ -455,6 +468,7 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, "jnz 1b \n\t" "movdqu (%1), %%xmm1 \n\t" // load round key AESENCLAST(xmm1_xmm0) // last round +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) "jmp 3f \n\t" "2: \n\t" // decryption loop @@ -465,6 +479,7 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, "jnz 2b \n\t" "movdqu (%1), %%xmm1 \n\t" // load round key AESDECLAST(xmm1_xmm0) // last round +#endif "3: \n\t" "movdqu %%xmm0, (%4) \n\t" // export output @@ -591,6 +606,7 @@ void mbedtls_aesni_gcm_mult(unsigned char c[16], /* * Compute decryption round keys from encryption round keys */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) void mbedtls_aesni_inverse_key(unsigned char *invkey, const unsigned char *fwdkey, int nr) { @@ -610,6 +626,7 @@ void mbedtls_aesni_inverse_key(unsigned char *invkey, memcpy(ik, fk, 16); } +#endif /* * Key expansion, 128-bit case diff --git a/library/aesni.h b/library/aesni.h index 332a0f072..15143de83 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -141,6 +141,7 @@ void mbedtls_aesni_gcm_mult(unsigned char c[16], const unsigned char a[16], const unsigned char b[16]); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief Internal round key inversion. This function computes * decryption round keys from the encryption round keys. @@ -155,6 +156,7 @@ void mbedtls_aesni_gcm_mult(unsigned char c[16], void mbedtls_aesni_inverse_key(unsigned char *invkey, const unsigned char *fwdkey, int nr); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief Internal key expansion for encryption From 67208fdba85a431776570f148a7cc65dff8aac95 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 15 May 2023 18:02:46 +0800 Subject: [PATCH 0084/1674] PSA: auto-enable CIPHER_ENCRYPT_ONLY if cipher-decrypt is not needed Some cipher modes use cipher-encrypt to encrypt and decrypt. (E.g: ECB, CBC). This commit adds support to automatically enable CIPHER_ENCRYPT_ONLY by PSA when requested cipher modes don't need cipher_decrypt. Signed-off-by: Yanray Wang --- include/mbedtls/config_psa.h | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 3b30c0277..f558ed82b 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -598,6 +598,19 @@ #endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */ #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ +/* + * ECB, CBC, XTS modes require both ENCRYPT and DECRYPT directions. + * CIPHER_ENCRYPT_ONLY is only enabled when those modes are not requested + * via the PSA API. + * + * Note: XTS is not yet supported via the PSA API in Mbed TLS. + */ +#if !defined(PSA_WANT_ALG_ECB_NO_PADDING) && \ + !defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ + !defined(PSA_WANT_ALG_CBC_PKCS7) +#define MBEDTLS_CIPHER_ENCRYPT_ONLY 1 +#endif + #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) #define MBEDTLS_ECP_DP_BP256R1_ENABLED From a8ac23a758c82924de78a30cf469a9150b280bcb Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 15 May 2023 18:03:10 +0800 Subject: [PATCH 0085/1674] all.sh: add test case for CIPHER_ENCRYPT_ONLY Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8e978ac72..fea4e0f1f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4166,6 +4166,29 @@ component_test_aes_fewer_tables_and_rom_tables () { make test } +component_test_cipher_encrypt_only () { + msg "build: default config + PSA_CRYPTO_CONFIG + implicitly enable CIPHER_ENCRYPT_ONLY" + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC + scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS + scripts/config.py unset MBEDTLS_NIST_KW_C + + echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' >> psa_cipher_encrypt_only.h + echo '#undef PSA_WANT_ALG_CBC_PKCS7' >> psa_cipher_encrypt_only.h + echo '#undef PSA_WANT_ALG_ECB_NO_PADDING' >> psa_cipher_encrypt_only.h + + make CC=gcc CFLAGS="-Werror -Wall -Wextra -I '$PWD' \ + -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + + msg "test: default config + PSA_CRYPTO_CONFIG + implicitly enable CIPER_ENCRYPT_ONLY" + make test + + msg "selftest: default config + PSA_CRYPTO_CONFIG + implicitly enable CIPER_ENCRYPT_ONLY" + programs/test/selftest + + rm -f psa_cipher_encrypt_only.h +} + component_test_ctr_drbg_aes_256_sha_256 () { msg "build: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)" scripts/config.py full From 9141ad12239f98fdbb866aad25bd12a2bdffe861 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 24 Aug 2023 14:53:16 +0800 Subject: [PATCH 0086/1674] aria/camellia/des: guard setkey_dec by CIPHER_ENCRYPT_ONLY This is a pre-step to remove *setkey_dec_func in cipher_wrap ctx when CIPHER_ENCRYPT_ONLY is enabled. Signed-off-by: Yanray Wang --- include/mbedtls/aria.h | 2 ++ include/mbedtls/camellia.h | 2 ++ include/mbedtls/des.h | 6 ++++++ library/aria.c | 8 ++++++++ library/camellia.c | 16 +++++++++++++++- library/des.c | 21 +++++++++++++++++++++ 6 files changed, 54 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h index 7e55df7ec..e725ea044 100644 --- a/include/mbedtls/aria.h +++ b/include/mbedtls/aria.h @@ -110,6 +110,7 @@ int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx, const unsigned char *key, unsigned int keybits); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief This function sets the decryption key. * @@ -128,6 +129,7 @@ int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx, int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx, const unsigned char *key, unsigned int keybits); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief This function performs an ARIA single-block encryption or diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h index 8033c13ff..74a8e3434 100644 --- a/include/mbedtls/camellia.h +++ b/include/mbedtls/camellia.h @@ -93,6 +93,7 @@ int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx, const unsigned char *key, unsigned int keybits); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief Perform a CAMELLIA key schedule operation for decryption. * @@ -108,6 +109,7 @@ int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx, int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx, const unsigned char *key, unsigned int keybits); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief Perform a CAMELLIA-ECB block encryption/decryption operation. diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h index f445102d9..f10ac90d7 100644 --- a/include/mbedtls/des.h +++ b/include/mbedtls/des.h @@ -182,6 +182,7 @@ int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]); MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief DES key schedule (56-bit, decryption) * @@ -196,6 +197,7 @@ int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBE */ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief Triple-DES key schedule (112-bit, encryption) @@ -213,6 +215,7 @@ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief Triple-DES key schedule (112-bit, decryption) * @@ -228,6 +231,7 @@ int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief Triple-DES key schedule (168-bit, encryption) @@ -245,6 +249,7 @@ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief Triple-DES key schedule (168-bit, decryption) * @@ -260,6 +265,7 @@ int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]); +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief DES-ECB block encryption/decryption diff --git a/library/aria.c b/library/aria.c index 098036225..0bd489e68 100644 --- a/library/aria.c +++ b/library/aria.c @@ -425,6 +425,7 @@ int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx, /* * Set decryption key */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx, const unsigned char *key, unsigned int keybits) { @@ -454,6 +455,7 @@ int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx, return 0; } +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /* * Encrypt a block @@ -884,12 +886,18 @@ int mbedtls_aria_self_test(int verbose) /* test ECB decryption */ if (verbose) { mbedtls_printf(" ARIA-ECB-%d (dec): ", 128 + 64 * i); +#if defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) + mbedtls_printf("skipped\n"); +#endif } + +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) mbedtls_aria_setkey_dec(&ctx, aria_test1_ecb_key, 128 + 64 * i); mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_ct[i], blk); ARIA_SELF_TEST_ASSERT( memcmp(blk, aria_test1_ecb_pt, MBEDTLS_ARIA_BLOCKSIZE) != 0); +#endif } if (verbose) { mbedtls_printf("\n"); diff --git a/library/camellia.c b/library/camellia.c index 409727d04..634978294 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -411,6 +411,7 @@ int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx, /* * Camellia key schedule (decryption) */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx, const unsigned char *key, unsigned int keybits) @@ -456,6 +457,7 @@ exit: return ret; } +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /* * Camellia-ECB block encryption/decryption @@ -900,14 +902,26 @@ int mbedtls_camellia_self_test(int verbose) (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc"); } +#if defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) + if (v == MBEDTLS_CAMELLIA_DECRYPT) { + if (verbose != 0) { + mbedtls_printf("skipped\n"); + } + continue; + } +#endif + for (i = 0; i < CAMELLIA_TESTS_ECB; i++) { memcpy(key, camellia_test_ecb_key[u][i], 16 + 8 * u); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) if (v == MBEDTLS_CAMELLIA_DECRYPT) { mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64); memcpy(src, camellia_test_ecb_cipher[u][i], 16); memcpy(dst, camellia_test_ecb_plain[i], 16); - } else { /* MBEDTLS_CAMELLIA_ENCRYPT */ + } else +#endif + { /* MBEDTLS_CAMELLIA_ENCRYPT */ mbedtls_camellia_setkey_enc(&ctx, key, 128 + u * 64); memcpy(src, camellia_test_ecb_plain[i], 16); memcpy(dst, camellia_test_ecb_cipher[u][i], 16); diff --git a/library/des.c b/library/des.c index eaddf282a..a6a6b2fb8 100644 --- a/library/des.c +++ b/library/des.c @@ -483,6 +483,7 @@ int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBE /* * DES key schedule (56-bit, decryption) */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; @@ -496,6 +497,7 @@ int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBE return 0; } +#endif static void des3_set2key(uint32_t esk[96], uint32_t dsk[96], @@ -538,6 +540,7 @@ int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, /* * Triple-DES key schedule (112-bit, decryption) */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]) { @@ -548,6 +551,7 @@ int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, return 0; } +#endif static void des3_set3key(uint32_t esk[96], uint32_t dsk[96], @@ -588,6 +592,7 @@ int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, /* * Triple-DES key schedule (168-bit, decryption) */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]) { @@ -598,6 +603,7 @@ int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, return 0; } +#endif /* * DES-ECB block encryption/decryption @@ -869,28 +875,43 @@ int mbedtls_des_self_test(int verbose) (v == MBEDTLS_DES_DECRYPT) ? "dec" : "enc"); } +#if defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) + if (v == MBEDTLS_DES_DECRYPT) { + if (verbose != 0) { + mbedtls_printf("skipped\n"); + } + continue; + } +#endif + memcpy(buf, des3_test_buf, 8); switch (i) { +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) case 0: ret = mbedtls_des_setkey_dec(&ctx, des3_test_keys); break; +#endif case 1: ret = mbedtls_des_setkey_enc(&ctx, des3_test_keys); break; +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) case 2: ret = mbedtls_des3_set2key_dec(&ctx3, des3_test_keys); break; +#endif case 3: ret = mbedtls_des3_set2key_enc(&ctx3, des3_test_keys); break; +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) case 4: ret = mbedtls_des3_set3key_dec(&ctx3, des3_test_keys); break; +#endif case 5: ret = mbedtls_des3_set3key_enc(&ctx3, des3_test_keys); From db9b3095fb60f01cb8965d4c6f44c22b938d5271 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 24 Aug 2023 15:47:53 +0800 Subject: [PATCH 0087/1674] cipher_wrap: remove *setkey_dec_func in CIPHER_ENCRYPT_ONLY There is no need to set decrypt key under CIPHER_ENCRYPT_ONLY, so we can remove *setkey_dec_func from ctx to save extra code size. Signed-off-by: Yanray Wang --- library/cipher.c | 5 +++++ library/cipher_wrap.c | 42 ++++++++++++++++++++++++++++++++++++++++++ library/cipher_wrap.h | 2 ++ 3 files changed, 49 insertions(+) diff --git a/library/cipher.c b/library/cipher.c index de7f8378e..cefd9e125 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -396,6 +396,7 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, ctx->key_bitlen = key_bitlen; ctx->operation = operation; +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /* * For OFB, CFB and CTR mode always use the encryption key schedule */ @@ -413,6 +414,10 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, } return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; +#else + return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_enc_func(ctx->cipher_ctx, key, + ctx->key_bitlen); +#endif } int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 6ab2f5f13..20bb9847d 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -238,11 +238,13 @@ static int aes_crypt_xts_wrap(void *ctx, mbedtls_operation_t operation, } #endif /* MBEDTLS_CIPHER_MODE_XTS */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) static int aes_setkey_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { return mbedtls_aes_setkey_dec((mbedtls_aes_context *) ctx, key, key_bitlen); } +#endif static int aes_setkey_enc_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) @@ -291,7 +293,9 @@ static const mbedtls_cipher_base_t aes_info = { NULL, #endif aes_setkey_enc_wrap, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) aes_setkey_dec_wrap, +#endif aes_ctx_alloc, aes_ctx_free }; @@ -587,7 +591,9 @@ static const mbedtls_cipher_base_t gcm_aes_info = { NULL, #endif gcm_aes_setkey_wrap, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) gcm_aes_setkey_wrap, +#endif gcm_ctx_alloc, gcm_ctx_free, }; @@ -656,7 +662,9 @@ static const mbedtls_cipher_base_t ccm_aes_info = { NULL, #endif ccm_aes_setkey_wrap, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) ccm_aes_setkey_wrap, +#endif ccm_ctx_alloc, ccm_ctx_free, }; @@ -769,11 +777,13 @@ static int camellia_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off, } #endif /* MBEDTLS_CIPHER_MODE_CTR */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) static int camellia_setkey_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { return mbedtls_camellia_setkey_dec((mbedtls_camellia_context *) ctx, key, key_bitlen); } +#endif static int camellia_setkey_enc_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) @@ -823,7 +833,9 @@ static const mbedtls_cipher_base_t camellia_info = { NULL, #endif camellia_setkey_enc_wrap, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) camellia_setkey_dec_wrap, +#endif camellia_ctx_alloc, camellia_ctx_free }; @@ -996,7 +1008,9 @@ static const mbedtls_cipher_base_t gcm_camellia_info = { NULL, #endif gcm_camellia_setkey_wrap, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) gcm_camellia_setkey_wrap, +#endif gcm_ctx_alloc, gcm_ctx_free, }; @@ -1065,7 +1079,9 @@ static const mbedtls_cipher_base_t ccm_camellia_info = { NULL, #endif ccm_camellia_setkey_wrap, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) ccm_camellia_setkey_wrap, +#endif ccm_ctx_alloc, ccm_ctx_free, }; @@ -1179,11 +1195,13 @@ static int aria_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off, } #endif /* MBEDTLS_CIPHER_MODE_CTR */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) static int aria_setkey_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { return mbedtls_aria_setkey_dec((mbedtls_aria_context *) ctx, key, key_bitlen); } +#endif static int aria_setkey_enc_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) @@ -1233,7 +1251,9 @@ static const mbedtls_cipher_base_t aria_info = { NULL, #endif aria_setkey_enc_wrap, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) aria_setkey_dec_wrap, +#endif aria_ctx_alloc, aria_ctx_free }; @@ -1406,7 +1426,9 @@ static const mbedtls_cipher_base_t gcm_aria_info = { NULL, #endif gcm_aria_setkey_wrap, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) gcm_aria_setkey_wrap, +#endif gcm_ctx_alloc, gcm_ctx_free, }; @@ -1475,7 +1497,9 @@ static const mbedtls_cipher_base_t ccm_aria_info = { NULL, #endif ccm_aria_setkey_wrap, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) ccm_aria_setkey_wrap, +#endif ccm_ctx_alloc, ccm_ctx_free, }; @@ -1583,6 +1607,7 @@ static int des3_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t } #endif /* MBEDTLS_CIPHER_MODE_CBC */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) static int des_setkey_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { @@ -1590,6 +1615,7 @@ static int des_setkey_dec_wrap(void *ctx, const unsigned char *key, return mbedtls_des_setkey_dec((mbedtls_des_context *) ctx, key); } +#endif static int des_setkey_enc_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) @@ -1599,6 +1625,7 @@ static int des_setkey_enc_wrap(void *ctx, const unsigned char *key, return mbedtls_des_setkey_enc((mbedtls_des_context *) ctx, key); } +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) static int des3_set2key_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { @@ -1606,6 +1633,7 @@ static int des3_set2key_dec_wrap(void *ctx, const unsigned char *key, return mbedtls_des3_set2key_dec((mbedtls_des3_context *) ctx, key); } +#endif static int des3_set2key_enc_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) @@ -1615,6 +1643,7 @@ static int des3_set2key_enc_wrap(void *ctx, const unsigned char *key, return mbedtls_des3_set2key_enc((mbedtls_des3_context *) ctx, key); } +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) static int des3_set3key_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { @@ -1622,6 +1651,7 @@ static int des3_set3key_dec_wrap(void *ctx, const unsigned char *key, return mbedtls_des3_set3key_dec((mbedtls_des3_context *) ctx, key); } +#endif static int des3_set3key_enc_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) @@ -1692,7 +1722,9 @@ static const mbedtls_cipher_base_t des_info = { NULL, #endif des_setkey_enc_wrap, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) des_setkey_dec_wrap, +#endif des_ctx_alloc, des_ctx_free }; @@ -1743,7 +1775,9 @@ static const mbedtls_cipher_base_t des_ede_info = { NULL, #endif des3_set2key_enc_wrap, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) des3_set2key_dec_wrap, +#endif des3_ctx_alloc, des3_ctx_free }; @@ -1794,7 +1828,9 @@ static const mbedtls_cipher_base_t des_ede3_info = { NULL, #endif des3_set3key_enc_wrap, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) des3_set3key_dec_wrap, +#endif des3_ctx_alloc, des3_ctx_free }; @@ -1895,7 +1931,9 @@ static const mbedtls_cipher_base_t chacha20_base_info = { chacha20_stream_wrap, #endif chacha20_setkey_wrap, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) chacha20_setkey_wrap, +#endif chacha20_ctx_alloc, chacha20_ctx_free }; @@ -1970,7 +2008,9 @@ static const mbedtls_cipher_base_t chachapoly_base_info = { NULL, #endif chachapoly_setkey_wrap, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) chachapoly_setkey_wrap, +#endif chachapoly_ctx_alloc, chachapoly_ctx_free }; @@ -2038,7 +2078,9 @@ static const mbedtls_cipher_base_t null_base_info = { null_crypt_stream, #endif null_setkey, +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) null_setkey, +#endif null_ctx_alloc, null_ctx_free }; diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h index c85a4efa8..2cbc21671 100644 --- a/library/cipher_wrap.h +++ b/library/cipher_wrap.h @@ -93,9 +93,11 @@ struct mbedtls_cipher_base_t { int (*setkey_enc_func)(void *ctx, const unsigned char *key, unsigned int key_bitlen); +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** Set key for decryption purposes */ int (*setkey_dec_func)(void *ctx, const unsigned char *key, unsigned int key_bitlen); +#endif /** Allocate a new context */ void * (*ctx_alloc_func)(void); From d7058b0a351de110ff934da4f5b642f3340bff1d Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 24 Aug 2023 15:50:38 +0800 Subject: [PATCH 0088/1674] dh_client: removed under CIPHER_ENCRYPT_ONLY dh_client requests AES-ECB to do decryption. So it needs to be removed under CIPHER_ENCRYPT_ONLY. Signed-off-by: Yanray Wang --- programs/pkey/dh_client.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 5a2c30fc2..9dd38bc6e 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -56,6 +56,13 @@ int main(void) "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_SHA1_C not defined.\n"); mbedtls_exit(0); } + +#elif defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +int main(void) +{ + mbedtls_printf("MBEDTLS_CIPHER_ENCRYPT_ONLY implicitly defined.\n"); + mbedtls_exit(0); +} #else From 85c3023c60f91d93ef0c9d17a136d89022fb4c11 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 16 May 2023 10:07:56 +0800 Subject: [PATCH 0089/1674] AES-ECB: add CIPHER_ENCRYPT_ONLY dependency for DECRYPT test cases Signed-off-by: Yanray Wang --- tests/suites/test_suite_aes.function | 6 +- tests/suites/test_suite_cipher.aes.data | 116 ++++++++++++------------ 2 files changed, 62 insertions(+), 60 deletions(-) diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index d495b49ed..2aa27d320 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -6,6 +6,7 @@ * master, enc and dec must be AES context objects. They don't need to * be initialized, and are left freed. */ +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) static int test_copy(const data_t *key, mbedtls_aes_context *master, mbedtls_aes_context *enc, @@ -55,6 +56,7 @@ exit: * with alternative implementations. */ return 0; } +#endif /* END_HEADER */ @@ -86,7 +88,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:!MBEDTLS_CIPHER_ENCRYPT_ONLY */ void aes_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst, int setkey_result) { @@ -523,7 +525,7 @@ void aes_misc_params() } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:!MBEDTLS_CIPHER_ENCRYPT_ONLY */ void aes_ecb_copy_context(data_t *key) { /* We test context copying multiple times, with different alignments diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data index 134970f5f..557d56d29 100644 --- a/tests/suites/test_suite_cipher.aes.data +++ b/tests/suites/test_suite_cipher.aes.data @@ -1595,47 +1595,47 @@ depends_on:MBEDTLS_AES_C test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"fffffffffffffffffffffffff8000000":"2ca8209d63274cd9a29bb74bcd77683a":0 AES-128-ECB Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"db4f1aa530967d6732ce4715eb0ee24b":"ff000000000000000000000000000000":0 AES-128-ECB Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"a81738252621dd180a34f3455b4baa2f":"ff800000000000000000000000000000":0 AES-128-ECB Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"77e2b508db7fd89234caf7939ee5621a":"ffc00000000000000000000000000000":0 AES-128-ECB Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"dc43be40be0e53712f7e2bf5ca707209":"6a118a874519e64e9963798a503f1d35":0 AES-128-ECB Decrypt NIST KAT #5 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"92beedab1895a94faa69b632e5cc47ce":"cb9fceec81286ca3e989bd979b0cb284":0 AES-128-ECB Decrypt NIST KAT #6 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"459264f4798f6a78bacb89c15ed3d601":"b26aeb1874e47ca8358ff22378f09144":0 AES-128-ECB Decrypt NIST KAT #7 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"b69418a85332240dc82492353956ae0c":"a303d940ded8f0baff6f75414cac5243":"00000000000000000000000000000000":0 AES-128-ECB Decrypt NIST KAT #8 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"71b5c08a1993e1362e4d0ce9b22b78d5":"c2dabd117f8a3ecabfbb11d12194d9d0":"00000000000000000000000000000000":0 AES-128-ECB Decrypt NIST KAT #9 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"e234cdca2606b81f29408d5f6da21206":"fff60a4740086b3b9c56195b98d91a7b":"00000000000000000000000000000000":0 AES-128-ECB Decrypt NIST KAT #10 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff0000000000000000":"84be19e053635f09f2665e7bae85b42d":"00000000000000000000000000000000":0 AES-128-ECB Decrypt NIST KAT #11 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff8000000000000000":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0 AES-192-ECB Encrypt NIST KAT #1 @@ -1687,51 +1687,51 @@ depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffffe00000000000000000000":"00000000000000000000000000000000":"fd5548bcf3f42565f7efa94562528d46":0 AES-192-ECB Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff000000000000000":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff800000000000000":"1b9f5fbd5e8a4264c0a85b80409afa5e":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffc00000000000000":"30dab809f85a917fe924733f424ac589":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #5 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"b0ab0a6a818baef2d11fa33eac947284fb7d748cfb75e570":"d2eafd86f63b109b91f5dbb3a3fb7e13":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #6 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"ee053aa011c8b428cdcc3636313c54d6a03cac01c71579d6":"9b9fdd1c5975655f539998b306a324af":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #7 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0 AES-192-ECB Decrypt NIST KAT #8 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"c9b8135ff1b5adc413dfd053b21bd96d":"9c2d8842e5f48f57648205d39a239af1":0 AES-192-ECB Decrypt NIST KAT #9 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"4a3650c3371ce2eb35e389a171427440":"bff52510095f518ecca60af4205444bb":0 AES-192-ECB Decrypt NIST KAT #10 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0 AES-192-ECB Decrypt NIST KAT #11 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"a6cae46fb6fadfe7a2c302a34242817b":"ffffffffffffffffffffe00000000000":0 AES-192-ECB Decrypt NIST KAT #12 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"026a7024d6a902e0b3ffccbaa910cc3f":"fffffffffffffffffffff00000000000":0 AES-256-ECB Encrypt NIST KAT #1 @@ -1783,51 +1783,51 @@ depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffffe000000000000000000000000000":"00000000000000000000000000000000":"dcf4e129136c1a4b7a0f38935cc34b2b":0 AES-256-ECB Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff80000000000000000":"6168b00ba7859e0970ecfd757efecf7c":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffffc0000000000000000":"d1415447866230d28bb1ea18a4cdfd02":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #5 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"797f8b3d176dac5b7e34a2d539c4ef367a16f8635f6264737591c5c07bf57a3e":"a74289fe73a4c123ca189ea1e1b49ad5":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #6 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"6838d40caf927749c13f0329d331f448e202c73ef52c5f73a37ca635d4c47707":"b91d4ea4488644b56cf0812fa7fcf5fc":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #7 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0 AES-256-ECB Decrypt NIST KAT #8 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"38f2c7ae10612415d27ca190d27da8b4":"8a560769d605868ad80d819bdba03771":0 AES-256-ECB Decrypt NIST KAT #9 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"1bc704f1bce135ceb810341b216d7abe":"91fbef2d15a97816060bee1feaa49afe":0 AES-256-ECB Decrypt NIST KAT #10 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #11 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"0a6bdc6d4c1e6280301fd8e97ddbe601":"c0000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #12 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"9b80eefb7ebe2d2b16247aa0efc72f5d":"e0000000000000000000000000000000":0 AES-128-ECB crypt Encrypt NIST KAT #1 @@ -1843,15 +1843,15 @@ depends_on:MBEDTLS_AES_C test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"ffffffffffffffc00000000000000000":"3a4d354f02bb5a5e47d39666867f246a":0:0 AES-128-ECB crypt Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"db4f1aa530967d6732ce4715eb0ee24b":"ff000000000000000000000000000000":0:0 AES-128-ECB crypt Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"b69418a85332240dc82492353956ae0c":"":"a303d940ded8f0baff6f75414cac5243":"00000000000000000000000000000000":0:0 AES-128-ECB crypt Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff8000000000000000":"":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0:0 AES-192-ECB crypt Encrypt NIST KAT #1 @@ -1871,19 +1871,19 @@ depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffff800000000000000000000":"":"00000000000000000000000000000000":"8dd274bd0f1b58ae345d9e7233f9b8f3":0:0 AES-192-ECB crypt Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff000000000000000":"":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0:0 AES-192-ECB crypt Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0:0 AES-192-ECB crypt Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:0 AES-192-ECB crypt Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0:0 AES-256-ECB crypt Encrypt NIST KAT #1 @@ -1903,19 +1903,19 @@ depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffff8000000000000000000000000000":"":"00000000000000000000000000000000":"45d089c36d5c5a4efc689e3b0de10dd5":0:0 AES-256-ECB crypt Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0:0 AES-256-ECB crypt Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0:0 AES-256-ECB crypt Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0:0 AES-256-ECB crypt Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:0 AES-128-CBC crypt Encrypt NIST KAT #1 @@ -2127,19 +2127,19 @@ depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES: test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:1 AES-128-ECB crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0:1 AES-128-ECB crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0:1 AES-128-ECB crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0:1 AES-128-ECB crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:1 AES-192-ECB crypt Encrypt NIST KAT #1 PSA @@ -2159,19 +2159,19 @@ depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES: test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:1 AES-192-ECB crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:1 AES-192-ECB crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:1 AES-192-ECB crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:1 AES-192-ECB crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:1 AES-256-ECB crypt Encrypt NIST KAT #1 PSA @@ -2191,19 +2191,19 @@ depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES: test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:1 AES-256-ECB crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:1 AES-256-ECB crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:1 AES-256-ECB crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:1 AES-256-ECB crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:1 AES-128-CCM*-NO-TAG crypt Encrypt NIST VPT AES-128 #15 From 702c220809317760ec9783406c41411f14e2e547 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 28 Aug 2023 11:20:26 +0800 Subject: [PATCH 0090/1674] aria: add CIPHER_ENCRYPT_ONLY dependency for DECRYPT test cases Signed-off-by: Yanray Wang --- tests/suites/test_suite_aria.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_aria.function b/tests/suites/test_suite_aria.function index 579dddf3b..ab1ce00ec 100644 --- a/tests/suites/test_suite_aria.function +++ b/tests/suites/test_suite_aria.function @@ -86,7 +86,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:!MBEDTLS_CIPHER_ENCRYPT_ONLY */ void aria_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *expected_output, int setkey_result) { From ba473b1c827a253a30bc93ac9983a3adc8d99812 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 28 Aug 2023 11:24:14 +0800 Subject: [PATCH 0091/1674] camellia: add CIPHER_ENCRYPT_ONLY dependency for DECRYPT test cases Signed-off-by: Yanray Wang --- tests/suites/test_suite_camellia.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_camellia.function b/tests/suites/test_suite_camellia.function index 1cef97a9f..8454c5ffe 100644 --- a/tests/suites/test_suite_camellia.function +++ b/tests/suites/test_suite_camellia.function @@ -67,7 +67,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:!MBEDTLS_CIPHER_ENCRYPT_ONLY */ void camellia_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst, int setkey_result) { From 3c565275c48f1ffc00b5854b1cfecb4dfeacf844 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 28 Aug 2023 11:27:09 +0800 Subject: [PATCH 0092/1674] des: add CIPHER_ENCRYPT_ONLY dependency for test cases Signed-off-by: Yanray Wang --- tests/suites/test_suite_cipher.des.data | 10 +++++----- tests/suites/test_suite_des.function | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_cipher.des.data b/tests/suites/test_suite_cipher.des.data index 77f7515b9..2ab7fe7f1 100644 --- a/tests/suites/test_suite_cipher.des.data +++ b/tests/suites/test_suite_cipher.des.data @@ -575,15 +575,15 @@ depends_on:MBEDTLS_DES_C test_vec_ecb:MBEDTLS_CIPHER_DES_ECB:MBEDTLS_ENCRYPT:"FEDCBA9876543210":"0123456789ABCDEF":"ED39D950FA74BCC4":0 DES ECB Decrypt test vector (OpenSSL) #1 -depends_on:MBEDTLS_DES_C +depends_on:MBEDTLS_DES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_DES_ECB:MBEDTLS_DECRYPT:"0000000000000000":"8CA64DE9C1B123A7":"0000000000000000":0 DES ECB Decrypt test vector (OpenSSL) #2 -depends_on:MBEDTLS_DES_C +depends_on:MBEDTLS_DES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_DES_ECB:MBEDTLS_DECRYPT:"FFFFFFFFFFFFFFFF":"7359B2163E4EDC58":"FFFFFFFFFFFFFFFF":0 DES ECB Decrypt test vector (OpenSSL) #3 -depends_on:MBEDTLS_DES_C +depends_on:MBEDTLS_DES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_DES_ECB:MBEDTLS_DECRYPT:"43297FAD38E373FE":"EA676B2CB7DB2B7A":"762514B829BF486A":0 DES3-EDE ECB Encrypt test vector (OpenSSL) #1 @@ -595,9 +595,9 @@ depends_on:MBEDTLS_DES_C test_vec_ecb:MBEDTLS_CIPHER_DES_EDE_ECB:MBEDTLS_ENCRYPT:"FFFFFFFFFFFFFFFF3000000000000000":"FFFFFFFFFFFFFFFF":"199E9D6DF39AA816":0 DES3-EDE ECB Decrypt test vector (OpenSSL) #1 -depends_on:MBEDTLS_DES_C +depends_on:MBEDTLS_DES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_DES_EDE_ECB:MBEDTLS_DECRYPT:"0000000000000000FFFFFFFFFFFFFFFF":"9295B59BB384736E":"0000000000000000":0 DES3-EDE ECB Decrypt test vector (OpenSSL) #2 -depends_on:MBEDTLS_DES_C +depends_on:MBEDTLS_DES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY test_vec_ecb:MBEDTLS_CIPHER_DES_EDE_ECB:MBEDTLS_DECRYPT:"FFFFFFFFFFFFFFFF3000000000000000":"199E9D6DF39AA816":"FFFFFFFFFFFFFFFF":0 diff --git a/tests/suites/test_suite_des.function b/tests/suites/test_suite_des.function index b846d777a..61ec8b8dc 100644 --- a/tests/suites/test_suite_des.function +++ b/tests/suites/test_suite_des.function @@ -34,7 +34,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:!MBEDTLS_CIPHER_ENCRYPT_ONLY */ void des_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst) { unsigned char output[100]; @@ -133,7 +133,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:!MBEDTLS_CIPHER_ENCRYPT_ONLY */ void des3_decrypt_ecb(int key_count, data_t *key_str, data_t *src_str, data_t *dst) { From 72d7bb4bca913a5ef46f3b992e1a9416ea2cfc39 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 30 Aug 2023 13:58:15 +0800 Subject: [PATCH 0093/1674] check_config.h: add checks for CIPHER_ENCRYPT_ONLY MBEDTLS_CIPHER_ENCRYPT_ONLY is an internal configuration which is automatically enabled via the PSA. Typically, once MBEDTLS_CIPHER_ENCRYPT_ONLY is enabled, MBEDTLS_PSA_CRYPTO_CONFIG must be enabled. This check is only used to prevent user explicitly enabling MBEDTLS_CIPHER_ENCRYPT_ONLY. In addition, we shouldn't enable MBEDTLS_CIPHER_ENCRYPT_ONLY if either CIPHER_MODE_CBC, CIPHER_MODE_XTS or NIST_KW_C is enabled. Since three of them always need AES-decrypt. Signed-off-by: Yanray Wang --- include/mbedtls/check_config.h | 8 ++++++++ include/mbedtls/config_psa.h | 13 ++++++++----- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index ca267bdd8..c64e9c3de 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -84,6 +84,14 @@ #error "MBEDTLS_NIST_KW_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) && \ + (!defined(MBEDTLS_PSA_CRYPTO_CONFIG) || \ + (defined(MBEDTLS_CIPHER_MODE_CBC) || \ + defined(MBEDTLS_CIPHER_MODE_XTS) || \ + defined(MBEDTLS_NIST_KW_C))) +#error "MBEDTLS_CIPHER_ENCRYPT_ONLY defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C) #error "MBEDTLS_ECDH_C defined, but not all prerequisites" #endif diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index f558ed82b..9d68a3428 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -599,15 +599,18 @@ #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */ /* - * ECB, CBC, XTS modes require both ENCRYPT and DECRYPT directions. - * CIPHER_ENCRYPT_ONLY is only enabled when those modes are not requested - * via the PSA API. + * ECB, CBC, XTS, KW modes require both ENCRYPT and DECRYPT directions. + * MBEDTLS_CIPHER_ENCRYPT_ONLY is only enabled when those modes + * are not requested via the PSA API and are not enabled in the legacy API. * - * Note: XTS is not yet supported via the PSA API in Mbed TLS. + * Note: XTS, KW are not yet supported via the PSA API in Mbed TLS. */ #if !defined(PSA_WANT_ALG_ECB_NO_PADDING) && \ !defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ - !defined(PSA_WANT_ALG_CBC_PKCS7) + !defined(PSA_WANT_ALG_CBC_PKCS7) && \ + !defined(MBEDTLS_CIPHER_MODE_CBC) && \ + !defined(MBEDTLS_CIPHER_MODE_XTS) && \ + !defined(MBEDTLS_NIST_KW_C) #define MBEDTLS_CIPHER_ENCRYPT_ONLY 1 #endif From dbcc0c61721f67feabac1c36f3413fb489be8e53 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 30 Aug 2023 15:04:01 +0800 Subject: [PATCH 0094/1674] aes: define internal macro to simplify #if Directive No semantic changes, only yo simplify #if Directive with introduction of MBEDTLS_AES_NEED_FORWARD_S_BOXES and MBEDTLS_AES_NEED_REVERSE_TABLES. Signed-off-by: Yanray Wang --- library/aes.c | 66 ++++++++++++++++++++++----------------------------- 1 file changed, 29 insertions(+), 37 deletions(-) diff --git a/library/aes.c b/library/aes.c index b604cb75c..da0ab3239 100644 --- a/library/aes.c +++ b/library/aes.c @@ -75,6 +75,16 @@ #include "mbedtls/platform.h" +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ + (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY)) +#define MBEDTLS_AES_NEED_FORWARD_S_BOXES +#endif + +#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) && \ + !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#define MBEDTLS_AES_NEED_REVERSE_TABLES +#endif + #if !defined(MBEDTLS_AES_ALT) #if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) @@ -85,8 +95,7 @@ static int aes_padlock_ace = -1; /* * Forward S-box */ -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY)) +#if defined(MBEDTLS_AES_NEED_FORWARD_S_BOXES) static const unsigned char FSb[256] = { 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, @@ -122,8 +131,7 @@ static const unsigned char FSb[256] = 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 }; -#endif /* !MBEDTLS_AES_ENCRYPT_ALT || !MBEDTLS_AES_SETKEY_ENC_ALT || - (!MBEDTLS_AES_SETKEY_DEC_ALT && !MBEDTLS_CIPHER_ENCRYPT_ONLY) */ +#endif /* MBEDTLS_AES_NEED_FORWARD_S_BOXES */ /* * Forward tables @@ -331,8 +339,7 @@ static const unsigned char RSb[256] = V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \ V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0) -#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) && \ - !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if defined(MBEDTLS_AES_NEED_REVERSE_TABLES) #define V(a, b, c, d) 0x##a##b##c##d static const uint32_t RT0[256] = { RT }; @@ -353,8 +360,7 @@ static const uint32_t RT3[256] = { RT }; #undef V #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* (!MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT) && - !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* MBEDTLS_AES_NEED_REVERSE_TABLES */ #undef RT @@ -375,11 +381,9 @@ static const uint32_t RCON[10] = /* * Forward S-box & tables */ -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY)) +#if defined(MBEDTLS_AES_NEED_FORWARD_S_BOXES) static unsigned char FSb[256]; -#endif /* !MBEDTLS_AES_ENCRYPT_ALT || !MBEDTLS_AES_SETKEY_ENC_ALT || - (!MBEDTLS_AES_SETKEY_DEC_ALT && !MBEDTLS_CIPHER_ENCRYPT_ONLY) */ +#endif #if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) static uint32_t FT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) @@ -392,27 +396,21 @@ static uint32_t FT3[256]; /* * Reverse S-box & tables */ -#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) && !defined(MBEDTLS_AES_SETKEY_DEC_ALT) && \ - !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if (!defined(MBEDTLS_AES_SETKEY_ENC_ALT) && !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) || \ + !defined(MBEDTLS_AES_DECRYPT_ALT) static unsigned char RSb[256]; -#else /* !MBEDTLS_AES_SETKEY_ENC_ALT && !MBEDTLS_AES_SETKEY_DEC_ALT && - !MBEDTLS_CIPHER_ENCRYPT_ONLY */ -#if !defined(MBEDTLS_AES_DECRYPT_ALT) && !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) -static unsigned char RSb[256]; -#endif /* !MBEDTLS_AES_DECRYPT_ALT && !MBEDTLS_CIPHER_ENCRYPT_ONLY*/ -#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT && !MBEDTLS_AES_SETKEY_DEC_ALT && - !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif +#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ -#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) && \ - !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if defined(MBEDTLS_AES_NEED_REVERSE_TABLES) static uint32_t RT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) static uint32_t RT1[256]; static uint32_t RT2[256]; static uint32_t RT3[256]; #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* (!MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT) && - !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* MBEDTLS_AES_NEED_REVERSE_TABLES */ #if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) /* @@ -457,11 +455,9 @@ static void aes_gen_tables(void) * generate the forward and reverse S-boxes */ FSb[0x00] = 0x63; -#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) && \ - !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if defined(MBEDTLS_AES_NEED_REVERSE_TABLES) RSb[0x63] = 0x00; -#endif /* (!MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT) && - !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif for (i = 1; i < 256; i++) { x = pow[255 - log[i]]; @@ -473,11 +469,9 @@ static void aes_gen_tables(void) x ^= y ^ 0x63; FSb[i] = x; -#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) && \ - !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if defined(MBEDTLS_AES_NEED_REVERSE_TABLES) RSb[x] = (unsigned char) i; -#endif /* (!MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT) && - !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif } /* @@ -499,8 +493,7 @@ static void aes_gen_tables(void) FT3[i] = ROTL8(FT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) && \ - !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if defined(MBEDTLS_AES_NEED_REVERSE_TABLES) x = RSb[i]; RT0[i] = ((uint32_t) MUL(0x0E, x)) ^ @@ -513,8 +506,7 @@ static void aes_gen_tables(void) RT2[i] = ROTL8(RT1[i]); RT3[i] = ROTL8(RT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* (!MBEDTLS_AES_DECRYPT_ALT || !MBEDTLS_AES_SETKEY_DEC_ALT) && - !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* MBEDTLS_AES_NEED_REVERSE_TABLES */ } } From 207c991d56ad9849e55a5e5ba9196f38d065d8ee Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 31 Aug 2023 11:42:49 +0800 Subject: [PATCH 0095/1674] all.sh: ciper_encrypt_only: cover AESNI and C Implementation Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 42 ++++++++++++++++++++++++++++++++++++------ 1 file changed, 36 insertions(+), 6 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index fea4e0f1f..4d6ec30b5 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4166,8 +4166,8 @@ component_test_aes_fewer_tables_and_rom_tables () { make test } -component_test_cipher_encrypt_only () { - msg "build: default config + PSA_CRYPTO_CONFIG + implicitly enable CIPHER_ENCRYPT_ONLY" +component_test_cipher_encrypt_only_aesni () { + # pre-setup to implicitly enable CIPHER_ENCRYPT_ONLY scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS @@ -4177,13 +4177,43 @@ component_test_cipher_encrypt_only () { echo '#undef PSA_WANT_ALG_CBC_PKCS7' >> psa_cipher_encrypt_only.h echo '#undef PSA_WANT_ALG_ECB_NO_PADDING' >> psa_cipher_encrypt_only.h - make CC=gcc CFLAGS="-Werror -Wall -Wextra -I '$PWD' \ - -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + # test AESNI intrinsics + scripts/config.py set MBEDTLS_AESNI_C + msg "build: implicitly enable CIPER_ENCRYPT_ONLY with AESNI intrinsics" + make clean + make CC=gcc CFLAGS="-Werror -Wall -Wextra -mpclmul -msse2 -maes \ + -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" - msg "test: default config + PSA_CRYPTO_CONFIG + implicitly enable CIPER_ENCRYPT_ONLY" + msg "test: implicitly enable CIPER_ENCRYPT_ONLY with AESNI intrinsics" make test - msg "selftest: default config + PSA_CRYPTO_CONFIG + implicitly enable CIPER_ENCRYPT_ONLY" + msg "selftest: implicitly enable CIPER_ENCRYPT_ONLY with AESNI intrinsics" + programs/test/selftest + + # test AESNI assembly + scripts/config.py set MBEDTLS_AESNI_C + msg "build: implicitly enable CIPER_ENCRYPT_ONLY with AESNI assembly" + make clean + make CC=gcc CFLAGS="-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes \ + -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + + msg "test: implicitly enable CIPER_ENCRYPT_ONLY with AESNI assembly" + make test + + msg "selftest: implicitly enable CIPER_ENCRYPT_ONLY with AESNI assembly" + programs/test/selftest + + # test AES C implementation + msg "build: implicitly enable CIPER_ENCRYPT_ONLY with AES C Implementation" + scripts/config.py unset MBEDTLS_AESNI_C + make clean + make CC=gcc CFLAGS="-Werror -Wall -Wextra \ + -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + + msg "test: implicitly enable CIPER_ENCRYPT_ONLY with AES C Implementation" + make test + + msg "selftest: implicitly enable CIPER_ENCRYPT_ONLY with AES C Implementation" programs/test/selftest rm -f psa_cipher_encrypt_only.h From bf66ef9085998bc5e97f2734e9bf24b37d737517 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 31 Aug 2023 14:47:01 +0800 Subject: [PATCH 0096/1674] all.sh: ciper_encrypt_only: cover baremetal build for AESCE Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 4d6ec30b5..812942163 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4219,6 +4219,45 @@ component_test_cipher_encrypt_only_aesni () { rm -f psa_cipher_encrypt_only.h } +support_test_cipher_encrypt_only_aesce_armcc () { + armc6_cc="$ARMC6_BIN_DIR/armclang" + (check_tools "$armc6_cc" > /dev/null 2>&1) +} + +component_test_cipher_encrypt_only_aesce_armcc () { + scripts/config.py baremetal + + # armc[56] don't support SHA-512 intrinsics + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + + # Stop armclang warning about feature detection for A64_CRYPTO. + # With this enabled, the library does build correctly under armclang, + # but in baremetal builds (as tested here), feature detection is + # unavailable, and the user is notified via a #warning. So enabling + # this feature would prevent us from building with -Werror on + # armclang. Tracked in #7198. + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_HAVE_ASM + + # pre-setup to implicitly enable CIPHER_ENCRYPT_ONLY + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC + scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS + scripts/config.py unset MBEDTLS_NIST_KW_C + + echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' >> psa_cipher_encrypt_only.h + echo '#undef PSA_WANT_ALG_CBC_PKCS7' >> psa_cipher_encrypt_only.h + echo '#undef PSA_WANT_ALG_ECB_NO_PADDING' >> psa_cipher_encrypt_only.h + + # test AESCE baremetal build + scripts/config.py set MBEDTLS_AESCE_C + msg "build: implicitly enable CIPER_ENCRYPT_ONLY with AESCE" + armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto \ + -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + + rm -f psa_cipher_encrypt_only.h +} + component_test_ctr_drbg_aes_256_sha_256 () { msg "build: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)" scripts/config.py full From 782190417c5a7755eed60ac70bb8665a28506ffe Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 31 Aug 2023 15:00:57 +0800 Subject: [PATCH 0097/1674] all.sh: ciper_encrypt_only: cover VIA PADLOCK Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 812942163..4cc67be75 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4219,6 +4219,48 @@ component_test_cipher_encrypt_only_aesni () { rm -f psa_cipher_encrypt_only.h } +component_test_cipher_encrypt_only_aesni_m32 () { + # pre-setup to implicitly enable CIPHER_ENCRYPT_ONLY + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC + scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS + scripts/config.py unset MBEDTLS_NIST_KW_C + + echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' >> psa_cipher_encrypt_only.h + echo '#undef PSA_WANT_ALG_CBC_PKCS7' >> psa_cipher_encrypt_only.h + echo '#undef PSA_WANT_ALG_ECB_NO_PADDING' >> psa_cipher_encrypt_only.h + + # test AESNI intrinsics for i386 with VIA PADLOCK + scripts/config.py set MBEDTLS_AESNI_C + scripts/config.py set MBEDTLS_PADLOCK_C + msg "build: implicitly enable CIPER_ENCRYPT_ONLY for i386 with VIA PADLOCK" + make clean + make CC=gcc LDFLAGS='-m32' CFLAGS="-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes\ + -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + + msg "test: implicitly enable CIPER_ENCRYPT_ONLY for i386 with VIA PADLOCK" + make test + + msg "selftest: implicitly enable CIPER_ENCRYPT_ONLY for i386 with VIA PADLOCK" + programs/test/selftest + + # test AESNI intrinsics for i386 without VIA PADLOCK + scripts/config.py set MBEDTLS_AESNI_C + scripts/config.py unset MBEDTLS_PADLOCK_C + msg "build: implicitly enable CIPER_ENCRYPT_ONLY for i386 without VIA PADLOCK" + make clean + make CC=gcc LDFLAGS='-m32' CFLAGS="-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes\ + -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + + msg "test: implicitly enable CIPER_ENCRYPT_ONLY for i386 without VIA PADLOCK" + make test + + msg "selftest: implicitly enable CIPER_ENCRYPT_ONLY for i386 without VIA PADLOCK" + programs/test/selftest + + rm -f psa_cipher_encrypt_only.h +} + support_test_cipher_encrypt_only_aesce_armcc () { armc6_cc="$ARMC6_BIN_DIR/armclang" (check_tools "$armc6_cc" > /dev/null 2>&1) From a6757765c0bc03be51dc83a25b88dcac8db76313 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 1 Sep 2023 18:24:54 +0800 Subject: [PATCH 0098/1674] Add ChangeLog entry for MBEDTLS_CIPHER_ENCRYPT_ONLY Signed-off-by: Yanray Wang --- ChangeLog.d/add-cipher-encrypt-only.txt | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ChangeLog.d/add-cipher-encrypt-only.txt diff --git a/ChangeLog.d/add-cipher-encrypt-only.txt b/ChangeLog.d/add-cipher-encrypt-only.txt new file mode 100644 index 000000000..1a0181d6d --- /dev/null +++ b/ChangeLog.d/add-cipher-encrypt-only.txt @@ -0,0 +1,6 @@ +Features + * Add support to remove xxx_setkey_dec and xxx_decrypt for cipher type of + AES, ARIA, CAMELLIA and DES. This is achieved by implicitly enabling + MBEDTLS_CIPHER_ENCRYPT_ONLY when + - ECB and CBC cipher modes are not requested via the PSA API. + - ECB, CBC, XTS and KW are not enabled in the legacy API. From 4f4822c55392e19e2ae97e431e30e663e3dde047 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 7 Sep 2023 16:22:01 +0800 Subject: [PATCH 0099/1674] Revert "des: add CIPHER_ENCRYPT_ONLY dependency for test cases" This reverts commit 3c565275c48f1ffc00b5854b1cfecb4dfeacf844. Signed-off-by: Yanray Wang --- tests/suites/test_suite_cipher.des.data | 10 +++++----- tests/suites/test_suite_des.function | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_cipher.des.data b/tests/suites/test_suite_cipher.des.data index 2ab7fe7f1..77f7515b9 100644 --- a/tests/suites/test_suite_cipher.des.data +++ b/tests/suites/test_suite_cipher.des.data @@ -575,15 +575,15 @@ depends_on:MBEDTLS_DES_C test_vec_ecb:MBEDTLS_CIPHER_DES_ECB:MBEDTLS_ENCRYPT:"FEDCBA9876543210":"0123456789ABCDEF":"ED39D950FA74BCC4":0 DES ECB Decrypt test vector (OpenSSL) #1 -depends_on:MBEDTLS_DES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_DES_C test_vec_ecb:MBEDTLS_CIPHER_DES_ECB:MBEDTLS_DECRYPT:"0000000000000000":"8CA64DE9C1B123A7":"0000000000000000":0 DES ECB Decrypt test vector (OpenSSL) #2 -depends_on:MBEDTLS_DES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_DES_C test_vec_ecb:MBEDTLS_CIPHER_DES_ECB:MBEDTLS_DECRYPT:"FFFFFFFFFFFFFFFF":"7359B2163E4EDC58":"FFFFFFFFFFFFFFFF":0 DES ECB Decrypt test vector (OpenSSL) #3 -depends_on:MBEDTLS_DES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_DES_C test_vec_ecb:MBEDTLS_CIPHER_DES_ECB:MBEDTLS_DECRYPT:"43297FAD38E373FE":"EA676B2CB7DB2B7A":"762514B829BF486A":0 DES3-EDE ECB Encrypt test vector (OpenSSL) #1 @@ -595,9 +595,9 @@ depends_on:MBEDTLS_DES_C test_vec_ecb:MBEDTLS_CIPHER_DES_EDE_ECB:MBEDTLS_ENCRYPT:"FFFFFFFFFFFFFFFF3000000000000000":"FFFFFFFFFFFFFFFF":"199E9D6DF39AA816":0 DES3-EDE ECB Decrypt test vector (OpenSSL) #1 -depends_on:MBEDTLS_DES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_DES_C test_vec_ecb:MBEDTLS_CIPHER_DES_EDE_ECB:MBEDTLS_DECRYPT:"0000000000000000FFFFFFFFFFFFFFFF":"9295B59BB384736E":"0000000000000000":0 DES3-EDE ECB Decrypt test vector (OpenSSL) #2 -depends_on:MBEDTLS_DES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_DES_C test_vec_ecb:MBEDTLS_CIPHER_DES_EDE_ECB:MBEDTLS_DECRYPT:"FFFFFFFFFFFFFFFF3000000000000000":"199E9D6DF39AA816":"FFFFFFFFFFFFFFFF":0 diff --git a/tests/suites/test_suite_des.function b/tests/suites/test_suite_des.function index 61ec8b8dc..b846d777a 100644 --- a/tests/suites/test_suite_des.function +++ b/tests/suites/test_suite_des.function @@ -34,7 +34,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:!MBEDTLS_CIPHER_ENCRYPT_ONLY */ +/* BEGIN_CASE */ void des_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst) { unsigned char output[100]; @@ -133,7 +133,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:!MBEDTLS_CIPHER_ENCRYPT_ONLY */ +/* BEGIN_CASE */ void des3_decrypt_ecb(int key_count, data_t *key_str, data_t *src_str, data_t *dst) { From 56e27b9938d8357b923f78d772a6753846ddc233 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 7 Sep 2023 16:25:22 +0800 Subject: [PATCH 0100/1674] des: don't consider DES for CIPHER_ENCRYPT_ONLY We only support ECB and CBC modes for DES. Those two modes require both encrypt and decrypt directions, so we don't consider DES with CIPHER_ENCRYPT_ONLY. Signed-off-by: Yanray Wang --- include/mbedtls/des.h | 6 ------ library/des.c | 21 --------------------- 2 files changed, 27 deletions(-) diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h index f10ac90d7..f445102d9 100644 --- a/include/mbedtls/des.h +++ b/include/mbedtls/des.h @@ -182,7 +182,6 @@ int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]); MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]); -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief DES key schedule (56-bit, decryption) * @@ -197,7 +196,6 @@ int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBE */ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]); -#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief Triple-DES key schedule (112-bit, encryption) @@ -215,7 +213,6 @@ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]); -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief Triple-DES key schedule (112-bit, decryption) * @@ -231,7 +228,6 @@ int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]); -#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief Triple-DES key schedule (168-bit, encryption) @@ -249,7 +245,6 @@ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]); -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) /** * \brief Triple-DES key schedule (168-bit, decryption) * @@ -265,7 +260,6 @@ int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]); -#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ /** * \brief DES-ECB block encryption/decryption diff --git a/library/des.c b/library/des.c index a6a6b2fb8..eaddf282a 100644 --- a/library/des.c +++ b/library/des.c @@ -483,7 +483,6 @@ int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBE /* * DES key schedule (56-bit, decryption) */ -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; @@ -497,7 +496,6 @@ int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBE return 0; } -#endif static void des3_set2key(uint32_t esk[96], uint32_t dsk[96], @@ -540,7 +538,6 @@ int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx, /* * Triple-DES key schedule (112-bit, decryption) */ -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]) { @@ -551,7 +548,6 @@ int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx, return 0; } -#endif static void des3_set3key(uint32_t esk[96], uint32_t dsk[96], @@ -592,7 +588,6 @@ int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx, /* * Triple-DES key schedule (168-bit, decryption) */ -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]) { @@ -603,7 +598,6 @@ int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, return 0; } -#endif /* * DES-ECB block encryption/decryption @@ -875,43 +869,28 @@ int mbedtls_des_self_test(int verbose) (v == MBEDTLS_DES_DECRYPT) ? "dec" : "enc"); } -#if defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) - if (v == MBEDTLS_DES_DECRYPT) { - if (verbose != 0) { - mbedtls_printf("skipped\n"); - } - continue; - } -#endif - memcpy(buf, des3_test_buf, 8); switch (i) { -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) case 0: ret = mbedtls_des_setkey_dec(&ctx, des3_test_keys); break; -#endif case 1: ret = mbedtls_des_setkey_enc(&ctx, des3_test_keys); break; -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) case 2: ret = mbedtls_des3_set2key_dec(&ctx3, des3_test_keys); break; -#endif case 3: ret = mbedtls_des3_set2key_enc(&ctx3, des3_test_keys); break; -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) case 4: ret = mbedtls_des3_set3key_dec(&ctx3, des3_test_keys); break; -#endif case 5: ret = mbedtls_des3_set3key_enc(&ctx3, des3_test_keys); From c5944d4a3c2983831d145508fdf3797a9751107e Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 7 Sep 2023 17:58:49 +0800 Subject: [PATCH 0101/1674] all.sh: fix a typo Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 79f5d97e3..aee68c571 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4215,41 +4215,41 @@ component_test_cipher_encrypt_only_aesni () { # test AESNI intrinsics scripts/config.py set MBEDTLS_AESNI_C - msg "build: implicitly enable CIPER_ENCRYPT_ONLY with AESNI intrinsics" + msg "build: implicitly enable CIPHER_ENCRYPT_ONLY with AESNI intrinsics" make clean make CC=gcc CFLAGS="-Werror -Wall -Wextra -mpclmul -msse2 -maes \ -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" - msg "test: implicitly enable CIPER_ENCRYPT_ONLY with AESNI intrinsics" + msg "test: implicitly enable CIPHER_ENCRYPT_ONLY with AESNI intrinsics" make test - msg "selftest: implicitly enable CIPER_ENCRYPT_ONLY with AESNI intrinsics" + msg "selftest: implicitly enable CIPHER_ENCRYPT_ONLY with AESNI intrinsics" programs/test/selftest # test AESNI assembly scripts/config.py set MBEDTLS_AESNI_C - msg "build: implicitly enable CIPER_ENCRYPT_ONLY with AESNI assembly" + msg "build: implicitly enable CIPHER_ENCRYPT_ONLY with AESNI assembly" make clean make CC=gcc CFLAGS="-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes \ -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" - msg "test: implicitly enable CIPER_ENCRYPT_ONLY with AESNI assembly" + msg "test: implicitly enable CIPHER_ENCRYPT_ONLY with AESNI assembly" make test - msg "selftest: implicitly enable CIPER_ENCRYPT_ONLY with AESNI assembly" + msg "selftest: implicitly enable CIPHER_ENCRYPT_ONLY with AESNI assembly" programs/test/selftest # test AES C implementation - msg "build: implicitly enable CIPER_ENCRYPT_ONLY with AES C Implementation" + msg "build: implicitly enable CIPHER_ENCRYPT_ONLY with AES C Implementation" scripts/config.py unset MBEDTLS_AESNI_C make clean make CC=gcc CFLAGS="-Werror -Wall -Wextra \ -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" - msg "test: implicitly enable CIPER_ENCRYPT_ONLY with AES C Implementation" + msg "test: implicitly enable CIPHER_ENCRYPT_ONLY with AES C Implementation" make test - msg "selftest: implicitly enable CIPER_ENCRYPT_ONLY with AES C Implementation" + msg "selftest: implicitly enable CIPHER_ENCRYPT_ONLY with AES C Implementation" programs/test/selftest rm -f psa_cipher_encrypt_only.h @@ -4269,29 +4269,29 @@ component_test_cipher_encrypt_only_aesni_m32 () { # test AESNI intrinsics for i386 with VIA PADLOCK scripts/config.py set MBEDTLS_AESNI_C scripts/config.py set MBEDTLS_PADLOCK_C - msg "build: implicitly enable CIPER_ENCRYPT_ONLY for i386 with VIA PADLOCK" + msg "build: implicitly enable CIPHER_ENCRYPT_ONLY for i386 with VIA PADLOCK" make clean make CC=gcc LDFLAGS='-m32' CFLAGS="-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes\ -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" - msg "test: implicitly enable CIPER_ENCRYPT_ONLY for i386 with VIA PADLOCK" + msg "test: implicitly enable CIPHER_ENCRYPT_ONLY for i386 with VIA PADLOCK" make test - msg "selftest: implicitly enable CIPER_ENCRYPT_ONLY for i386 with VIA PADLOCK" + msg "selftest: implicitly enable CIPHER_ENCRYPT_ONLY for i386 with VIA PADLOCK" programs/test/selftest # test AESNI intrinsics for i386 without VIA PADLOCK scripts/config.py set MBEDTLS_AESNI_C scripts/config.py unset MBEDTLS_PADLOCK_C - msg "build: implicitly enable CIPER_ENCRYPT_ONLY for i386 without VIA PADLOCK" + msg "build: implicitly enable CIPHER_ENCRYPT_ONLY for i386 without VIA PADLOCK" make clean make CC=gcc LDFLAGS='-m32' CFLAGS="-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes\ -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" - msg "test: implicitly enable CIPER_ENCRYPT_ONLY for i386 without VIA PADLOCK" + msg "test: implicitly enable CIPHER_ENCRYPT_ONLY for i386 without VIA PADLOCK" make test - msg "selftest: implicitly enable CIPER_ENCRYPT_ONLY for i386 without VIA PADLOCK" + msg "selftest: implicitly enable CIPHER_ENCRYPT_ONLY for i386 without VIA PADLOCK" programs/test/selftest rm -f psa_cipher_encrypt_only.h @@ -4329,7 +4329,7 @@ component_test_cipher_encrypt_only_aesce_armcc () { # test AESCE baremetal build scripts/config.py set MBEDTLS_AESCE_C - msg "build: implicitly enable CIPER_ENCRYPT_ONLY with AESCE" + msg "build: implicitly enable CIPHER_ENCRYPT_ONLY with AESCE" armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto \ -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" From 3caaf0c61eac1707e15eb027828bad687813c7c2 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 7 Sep 2023 17:50:14 +0800 Subject: [PATCH 0102/1674] Enable CIPHER_ENCRYPT_ONLY when DES is disabled Signed-off-by: Yanray Wang --- ChangeLog.d/add-cipher-encrypt-only.txt | 1 + include/mbedtls/config_adjust_legacy_crypto.h | 6 ++++++ tests/scripts/all.sh | 6 ++++++ 3 files changed, 13 insertions(+) diff --git a/ChangeLog.d/add-cipher-encrypt-only.txt b/ChangeLog.d/add-cipher-encrypt-only.txt index 1a0181d6d..434c294d2 100644 --- a/ChangeLog.d/add-cipher-encrypt-only.txt +++ b/ChangeLog.d/add-cipher-encrypt-only.txt @@ -4,3 +4,4 @@ Features MBEDTLS_CIPHER_ENCRYPT_ONLY when - ECB and CBC cipher modes are not requested via the PSA API. - ECB, CBC, XTS and KW are not enabled in the legacy API. + - DES is not requested in the PSA API and the legacy API. diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 4480b8cae..c2fbb2432 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -39,14 +39,20 @@ * MBEDTLS_CIPHER_ENCRYPT_ONLY is only enabled when those modes * are not requested via the PSA API and are not enabled in the legacy API. * + * DES only supports ECB and CBC modes in Mbed TLS. As it's a deprecated and + * insecure block cipher, MBEDTLS_CIPHER_ENCRYPT_ONLY is enabled when DES + * is not requested via the PSA API and is not enabled in the legacy API. + * * Note: XTS, KW are not yet supported via the PSA API in Mbed TLS. */ #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) #if !defined(PSA_WANT_ALG_ECB_NO_PADDING) && \ !defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ !defined(PSA_WANT_ALG_CBC_PKCS7) && \ + !defined(PSA_WANT_KEY_TYPE_DES) && \ !defined(MBEDTLS_CIPHER_MODE_CBC) && \ !defined(MBEDTLS_CIPHER_MODE_XTS) && \ + !defined(MBEDTLS_DES_C) && \ !defined(MBEDTLS_NIST_KW_C) #define MBEDTLS_CIPHER_ENCRYPT_ONLY 1 #endif diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index aee68c571..8223a889d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4207,11 +4207,13 @@ component_test_cipher_encrypt_only_aesni () { scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS + scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_NIST_KW_C echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' >> psa_cipher_encrypt_only.h echo '#undef PSA_WANT_ALG_CBC_PKCS7' >> psa_cipher_encrypt_only.h echo '#undef PSA_WANT_ALG_ECB_NO_PADDING' >> psa_cipher_encrypt_only.h + echo '#undef PSA_WANT_KEY_TYPE_DES' >> psa_cipher_encrypt_only.h # test AESNI intrinsics scripts/config.py set MBEDTLS_AESNI_C @@ -4260,11 +4262,13 @@ component_test_cipher_encrypt_only_aesni_m32 () { scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS + scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_NIST_KW_C echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' >> psa_cipher_encrypt_only.h echo '#undef PSA_WANT_ALG_CBC_PKCS7' >> psa_cipher_encrypt_only.h echo '#undef PSA_WANT_ALG_ECB_NO_PADDING' >> psa_cipher_encrypt_only.h + echo '#undef PSA_WANT_KEY_TYPE_DES' >> psa_cipher_encrypt_only.h # test AESNI intrinsics for i386 with VIA PADLOCK scripts/config.py set MBEDTLS_AESNI_C @@ -4321,11 +4325,13 @@ component_test_cipher_encrypt_only_aesce_armcc () { scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS + scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_NIST_KW_C echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' >> psa_cipher_encrypt_only.h echo '#undef PSA_WANT_ALG_CBC_PKCS7' >> psa_cipher_encrypt_only.h echo '#undef PSA_WANT_ALG_ECB_NO_PADDING' >> psa_cipher_encrypt_only.h + echo '#undef PSA_WANT_KEY_TYPE_DES' >> psa_cipher_encrypt_only.h # test AESCE baremetal build scripts/config.py set MBEDTLS_AESCE_C From ef1b04db9485c246723fe5b6f1e3e22b4a85e311 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 8 Sep 2023 11:09:26 +0800 Subject: [PATCH 0103/1674] all.sh: make sure CIPHER_ENCRYPT_ONLY is enabled in tests grep corresponding mbedtls_xxx_setkey_dec and mbedtls_xxx_decrypt symbols in cipher_only tests to make sure CIPHER_ENCRYPT_ONLY is enabled as expected. Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 48 +++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 45 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8223a889d..2107de088 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4210,7 +4210,7 @@ component_test_cipher_encrypt_only_aesni () { scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_NIST_KW_C - echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' >> psa_cipher_encrypt_only.h + echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' > psa_cipher_encrypt_only.h echo '#undef PSA_WANT_ALG_CBC_PKCS7' >> psa_cipher_encrypt_only.h echo '#undef PSA_WANT_ALG_ECB_NO_PADDING' >> psa_cipher_encrypt_only.h echo '#undef PSA_WANT_KEY_TYPE_DES' >> psa_cipher_encrypt_only.h @@ -4222,6 +4222,13 @@ component_test_cipher_encrypt_only_aesni () { make CC=gcc CFLAGS="-Werror -Wall -Wextra -mpclmul -msse2 -maes \ -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA + not grep mbedtls_aes_setkey_dec library/aes.o + not grep mbedtls_aria_setkey_dec library/aria.o + not grep mbedtls_camellia_setkey_dec library/camellia.o + # Make sure we don't have mbedtls_internal_aes_decrypt in AES + not grep mbedtls_internal_aes_decrypt library/aes.o + msg "test: implicitly enable CIPHER_ENCRYPT_ONLY with AESNI intrinsics" make test @@ -4235,6 +4242,13 @@ component_test_cipher_encrypt_only_aesni () { make CC=gcc CFLAGS="-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes \ -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA + not grep mbedtls_aes_setkey_dec library/aes.o + not grep mbedtls_aria_setkey_dec library/aria.o + not grep mbedtls_camellia_setkey_dec library/camellia.o + # Make sure we don't have mbedtls_internal_aes_decrypt in AES + not grep mbedtls_internal_aes_decrypt library/aes.o + msg "test: implicitly enable CIPHER_ENCRYPT_ONLY with AESNI assembly" make test @@ -4248,6 +4262,13 @@ component_test_cipher_encrypt_only_aesni () { make CC=gcc CFLAGS="-Werror -Wall -Wextra \ -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA + not grep mbedtls_aes_setkey_dec library/aes.o + not grep mbedtls_aria_setkey_dec library/aria.o + not grep mbedtls_camellia_setkey_dec library/camellia.o + # Make sure we don't have mbedtls_internal_aes_decrypt in AES + not grep mbedtls_internal_aes_decrypt library/aes.o + msg "test: implicitly enable CIPHER_ENCRYPT_ONLY with AES C Implementation" make test @@ -4265,7 +4286,7 @@ component_test_cipher_encrypt_only_aesni_m32 () { scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_NIST_KW_C - echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' >> psa_cipher_encrypt_only.h + echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' > psa_cipher_encrypt_only.h echo '#undef PSA_WANT_ALG_CBC_PKCS7' >> psa_cipher_encrypt_only.h echo '#undef PSA_WANT_ALG_ECB_NO_PADDING' >> psa_cipher_encrypt_only.h echo '#undef PSA_WANT_KEY_TYPE_DES' >> psa_cipher_encrypt_only.h @@ -4278,6 +4299,13 @@ component_test_cipher_encrypt_only_aesni_m32 () { make CC=gcc LDFLAGS='-m32' CFLAGS="-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes\ -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA + not grep mbedtls_aes_setkey_dec library/aes.o + not grep mbedtls_aria_setkey_dec library/aria.o + not grep mbedtls_camellia_setkey_dec library/camellia.o + # Make sure we don't have mbedtls_internal_aes_decrypt in AES + not grep mbedtls_internal_aes_decrypt library/aes.o + msg "test: implicitly enable CIPHER_ENCRYPT_ONLY for i386 with VIA PADLOCK" make test @@ -4292,6 +4320,13 @@ component_test_cipher_encrypt_only_aesni_m32 () { make CC=gcc LDFLAGS='-m32' CFLAGS="-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes\ -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA + not grep mbedtls_aes_setkey_dec library/aes.o + not grep mbedtls_aria_setkey_dec library/aria.o + not grep mbedtls_camellia_setkey_dec library/camellia.o + # Make sure we don't have mbedtls_internal_aes_decrypt in AES + not grep mbedtls_internal_aes_decrypt library/aes.o + msg "test: implicitly enable CIPHER_ENCRYPT_ONLY for i386 without VIA PADLOCK" make test @@ -4328,7 +4363,7 @@ component_test_cipher_encrypt_only_aesce_armcc () { scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_NIST_KW_C - echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' >> psa_cipher_encrypt_only.h + echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' > psa_cipher_encrypt_only.h echo '#undef PSA_WANT_ALG_CBC_PKCS7' >> psa_cipher_encrypt_only.h echo '#undef PSA_WANT_ALG_ECB_NO_PADDING' >> psa_cipher_encrypt_only.h echo '#undef PSA_WANT_KEY_TYPE_DES' >> psa_cipher_encrypt_only.h @@ -4339,6 +4374,13 @@ component_test_cipher_encrypt_only_aesce_armcc () { armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto \ -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA + not grep mbedtls_aes_setkey_dec library/aes.o + not grep mbedtls_aria_setkey_dec library/aria.o + not grep mbedtls_camellia_setkey_dec library/camellia.o + # Make sure we don't have mbedtls_internal_aes_decrypt in AES + not grep mbedtls_internal_aes_decrypt library/aes.o + rm -f psa_cipher_encrypt_only.h } From bc7716cddc9021398044fc32f6b115b639035e59 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 8 Sep 2023 11:20:59 +0800 Subject: [PATCH 0104/1674] all.sh: run make clean before make lib in armc6_build_test We should run make clean before we build libraries in armc6_build_test. On the one hand, this makes sure we do have a clean build directory initially. On the other hand, we can do extra actions after building the library with armc6_build_test. Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 2107de088..a69f03ffc 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -412,13 +412,12 @@ armc6_build_test() FLAGS="$1" msg "build: ARM Compiler 6 ($FLAGS)" + make clean ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \ WARNING_CFLAGS='-Werror -xc -std=c99' make lib msg "size: ARM Compiler 6 ($FLAGS)" "$ARMC6_FROMELF" -z library/*.o - - make clean } err_msg() @@ -3676,7 +3675,6 @@ component_build_tfm_armcc() { cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" msg "build: TF-M config, armclang armv7-m thumb2" - make clean armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" } @@ -4853,8 +4851,6 @@ component_build_armcc () { msg "size: ARM Compiler 5" "$ARMC5_FROMELF" -z library/*.o - make clean - # Compile mostly with -O1 since some Arm inline assembly is disabled for -O0. # ARM Compiler 6 - Target ARMv7-A From 9d87a38976cb0b9f8df8228c47acb0ebefe0c00f Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 11 Jul 2023 10:15:16 +0800 Subject: [PATCH 0105/1674] test_suite_ssl: improve variable naming in ssl_set_hostname_twice Signed-off-by: Pengyu Lv --- tests/suites/test_suite_ssl.function | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 29bc1c496..a4473cae8 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1146,21 +1146,21 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ -void ssl_set_hostname_twice(char *hostname0, char *hostname1) +void ssl_set_hostname_twice(char *input_hostname0, char *input_hostname1) { - const char *hostname; + const char *output_hostname; mbedtls_ssl_context ssl; mbedtls_ssl_init(&ssl); USE_PSA_INIT(); - TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, hostname0) == 0); - hostname = mbedtls_ssl_get_hostname(&ssl); - TEST_ASSERT(strcmp(hostname0, hostname) == 0); + TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, input_hostname0) == 0); + output_hostname = mbedtls_ssl_get_hostname(&ssl); + TEST_ASSERT(strcmp(input_hostname0, output_hostname) == 0); - TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, hostname1) == 0); - hostname = mbedtls_ssl_get_hostname(&ssl); - TEST_ASSERT(strcmp(hostname1, hostname) == 0); + TEST_ASSERT(mbedtls_ssl_set_hostname(&ssl, input_hostname1) == 0); + output_hostname = mbedtls_ssl_get_hostname(&ssl); + TEST_ASSERT(strcmp(input_hostname1, output_hostname) == 0); exit: mbedtls_ssl_free(&ssl); From 6f0259e6da4d7677b48701a68adb529ea02b4473 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 21 Sep 2023 10:34:32 +0800 Subject: [PATCH 0106/1674] AESNI: improve comments on some guards in aesni.h Signed-off-by: Pengyu Lv --- library/aesni.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/aesni.h b/library/aesni.h index ba1429029..5c5a0266b 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -165,6 +165,6 @@ int mbedtls_aesni_setkey_enc(unsigned char *rk, #endif #endif /* MBEDTLS_AESNI_HAVE_CODE */ -#endif /* MBEDTLS_AESNI_C */ +#endif /* MBEDTLS_AESNI_C && (MBEDTLS_ARCH_IS_X64 || MBEDTLS_ARCH_IS_X86) */ #endif /* MBEDTLS_AESNI_H */ From 28648236710155d30538638428b935dd1cf4d20f Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 6 Sep 2023 11:50:45 +0800 Subject: [PATCH 0107/1674] configs: move TFM config to a subdirectory Signed-off-by: Yanray Wang --- configs/{ => ext}/crypto_config_profile_medium.h | 0 configs/{ => ext}/tfm_mbedcrypto_config_profile_medium.h | 0 scripts/code_size_compare.py | 4 ++-- 3 files changed, 2 insertions(+), 2 deletions(-) rename configs/{ => ext}/crypto_config_profile_medium.h (100%) rename configs/{ => ext}/tfm_mbedcrypto_config_profile_medium.h (100%) diff --git a/configs/crypto_config_profile_medium.h b/configs/ext/crypto_config_profile_medium.h similarity index 100% rename from configs/crypto_config_profile_medium.h rename to configs/ext/crypto_config_profile_medium.h diff --git a/configs/tfm_mbedcrypto_config_profile_medium.h b/configs/ext/tfm_mbedcrypto_config_profile_medium.h similarity index 100% rename from configs/tfm_mbedcrypto_config_profile_medium.h rename to configs/ext/tfm_mbedcrypto_config_profile_medium.h diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py index 53d859edf..b45f45599 100755 --- a/scripts/code_size_compare.py +++ b/scripts/code_size_compare.py @@ -156,8 +156,8 @@ def detect_arch() -> str: print("Unknown host architecture, cannot auto-detect arch.") sys.exit(1) -TFM_MEDIUM_CONFIG_H = 'configs/tfm_mbedcrypto_config_profile_medium.h' -TFM_MEDIUM_CRYPTO_CONFIG_H = 'configs/crypto_config_profile_medium.h' +TFM_MEDIUM_CONFIG_H = 'configs/ext/tfm_mbedcrypto_config_profile_medium.h' +TFM_MEDIUM_CRYPTO_CONFIG_H = 'configs/ext/crypto_config_profile_medium.h' CONFIG_H = 'include/mbedtls/mbedtls_config.h' CRYPTO_CONFIG_H = 'include/psa/crypto_config.h' From b153aaed9e16672f16312fd6dd31f034b778d42d Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 6 Sep 2023 12:32:10 +0800 Subject: [PATCH 0108/1674] configs: add config_tfm.h which includes TFM configs Signed-off-by: Yanray Wang --- configs/config-tfm.h | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 configs/config-tfm.h diff --git a/configs/config-tfm.h b/configs/config-tfm.h new file mode 100644 index 000000000..ec9dc98df --- /dev/null +++ b/configs/config-tfm.h @@ -0,0 +1,27 @@ +/** + * \file config-tfm.h + * + * \brief TF-M configuration with tweaks for a successful build and test. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* TF-M Configuration Options */ +#include "../configs/ext/tfm_mbedcrypto_config_profile_medium.h" + +/* TF-M PSA Crypto Configuration */ +#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "../configs/ext/crypto_config_profile_medium.h" From 0c98f9f8423c74fcd2a04a0f1c17e3f9fb37448b Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 6 Sep 2023 15:47:49 +0800 Subject: [PATCH 0109/1674] test-ref-configs: test config-tfm.h Tweak some configurations based on TF-M config in order to get a successful build and test. Signed-off-by: Yanray Wang --- configs/config-tfm.h | 20 ++++++++++++++++++++ tests/scripts/test-ref-configs.pl | 3 +++ 2 files changed, 23 insertions(+) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index ec9dc98df..772e6e5e3 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -25,3 +25,23 @@ /* TF-M PSA Crypto Configuration */ #define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "../configs/ext/crypto_config_profile_medium.h" + +/*****************************************************************************/ +/* Tweak configuration based on TF-M config for a successful build and test. */ +/*****************************************************************************/ + +/* MBEDTLS_PSA_CRYPTO_SPM needs third party files, so disable it. */ +#undef MBEDTLS_PSA_CRYPTO_SPM +/* TF-M provides its own (dummy) implemenations which Mbed TLS doesn't need. */ +#undef MBEDTLS_AES_SETKEY_DEC_ALT +#undef MBEDTLS_AES_DECRYPT_ALT +/* pkparse.c fails to link without this. */ +#define MBEDTLS_OID_C + +/* Since MBEDTLS_PSA_CRYPTO_STORAGE_C is disabled, we need to disable this to + pass test_suite_psa_crypto_slot_management. */ +#undef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER +/* Use built-in platform entropy functions. */ +#undef MBEDTLS_NO_PLATFORM_ENTROPY +/* Disable buffer-based memory allocator */ +#undef MBEDTLS_MEMORY_BUFFER_ALLOC_C diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index 15209b4a0..9fd98be8d 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -53,6 +53,9 @@ my %configs = ( 'opt' => '-f ECJPAKE.*nolog', 'test_again_with_use_psa' => 1, }, + 'config-tfm.h' => { + 'test_again_with_use_psa' => 0, # Uses PSA by default, no need to test it twice + }, ); # If no config-name is provided, use all known configs. From 5f573f8301267a8d8b443f61530ab279358107b9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Sep 2023 16:17:55 +0200 Subject: [PATCH 0110/1674] Fix broken test with MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER When testing the lifecycle of a transient key, it doesn't make much sense to try psa_open_key: that expects a persistent key and the lookup takes a different path. The error from psa_open_key is also different depending on whether MBEDTLS_PSA_CRYPTO_STORAGE_C is enabled. To check that the key ownership is taken into account, try to access the same key id with a different owner without expecting that this is a persistent key. Just call psa_get_key_attributes, which works fine for a transient key. This fixes a test failure when MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is enabled and MBEDTLS_PSA_CRYPTO_STORAGE_C is disabled. Signed-off-by: Gilles Peskine --- configs/config-tfm.h | 3 --- tests/suites/test_suite_psa_crypto_slot_management.function | 5 ++--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index 772e6e5e3..500cb243f 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -38,9 +38,6 @@ /* pkparse.c fails to link without this. */ #define MBEDTLS_OID_C -/* Since MBEDTLS_PSA_CRYPTO_STORAGE_C is disabled, we need to disable this to - pass test_suite_psa_crypto_slot_management. */ -#undef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER /* Use built-in platform entropy functions. */ #undef MBEDTLS_NO_PLATFORM_ENTROPY /* Disable buffer-based memory allocator */ diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 5bd12eb09..b4f2d234e 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -142,7 +142,6 @@ void transient_slot_lifecycle(int owner_id_arg, #if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) { - psa_key_handle_t handle; mbedtls_svc_key_id_t key_with_invalid_owner = mbedtls_svc_key_id_make(owner_id + 1, MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key)); @@ -150,8 +149,8 @@ void transient_slot_lifecycle(int owner_id_arg, TEST_ASSERT(mbedtls_key_owner_id_equal( owner_id, MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(key))); - TEST_EQUAL(psa_open_key(key_with_invalid_owner, &handle), - PSA_ERROR_DOES_NOT_EXIST); + TEST_EQUAL(psa_get_key_attributes(key_with_invalid_owner, &attributes), + PSA_ERROR_INVALID_HANDLE); } #endif From eaa1c5619aa1a32900323c89a5f60ff92ba16d1a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Sep 2023 16:23:13 +0200 Subject: [PATCH 0111/1674] Update location of TFM config files Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c85d4865e..7d91430ae 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3851,8 +3851,8 @@ support_build_tfm_armcc () { component_build_tfm_armcc() { # test the TF-M configuration can build cleanly with various warning flags enabled - cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H" - cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" + cp configs/ext/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H" + cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" msg "build: TF-M config, armclang armv7-m thumb2" make clean @@ -3860,9 +3860,13 @@ component_build_tfm_armcc() { } component_build_tfm() { - # test the TF-M configuration can build cleanly with various warning flags enabled - cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H" - cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" + # Check that the TF-M configuration can build cleanly with various + # warning flags enabled. We don't build or run tests, since the + # TF-M configuration needs a TF-M platform. A tweaked version of + # the configuration that works on mainstream platforms is in + # configs/config-tfm.h, tested via test-ref-configs.pl. + cp configs/ext/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H" + cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" msg "build: TF-M config, clang, armv7-m thumb2" make lib CC="clang" CFLAGS="--target=arm-linux-gnueabihf -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" From da26a5172c005f5b06b6469b534c9ab4f99c875e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Sep 2023 17:15:49 +0200 Subject: [PATCH 0112/1674] Disable PK_PARSE and PK_WRITE This is what TF-M intended and they have done so since we copied the file. It's either disable these options, or enable MBEDTLS_OID_C. Signed-off-by: Gilles Peskine --- configs/config-tfm.h | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index 500cb243f..64dce4874 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -35,8 +35,17 @@ /* TF-M provides its own (dummy) implemenations which Mbed TLS doesn't need. */ #undef MBEDTLS_AES_SETKEY_DEC_ALT #undef MBEDTLS_AES_DECRYPT_ALT -/* pkparse.c fails to link without this. */ -#define MBEDTLS_OID_C +/* The configuration we have enables MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C + * but not MBEDTLS_OID_C. This is inconsistent, and leads to a link error + * when using one of the mbedtls_pk_parse_xxx or mbedtls_pk_write_xxx + * functions that depend on an mbedtls_oid_xxx function. + * Mbed TLS needs PK parse/write for RSA with PSA, but the medium + * profile doesn't have RSA. Later versions of TF-M no longer enable + * PK parse/write: it wasn't a wanted feature. So disable it here + * (otherwise we'd have to enable MBEDTLS_OID_C). + */ +#undef MBEDTLS_PK_PARSE_C +#undef MBEDTLS_PK_WRITE_C /* Use built-in platform entropy functions. */ #undef MBEDTLS_NO_PLATFORM_ENTROPY From e23fa41f1090807121414c9826c2602fb470aba7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Sep 2023 17:16:36 +0200 Subject: [PATCH 0113/1674] Documentation improvements Signed-off-by: Gilles Peskine --- configs/config-tfm.h | 32 +++++++++++++++++++++----------- 1 file changed, 21 insertions(+), 11 deletions(-) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index 64dce4874..7ca83b6c9 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -1,7 +1,7 @@ /** * \file config-tfm.h * - * \brief TF-M configuration with tweaks for a successful build and test. + * \brief TF-M medium profile, adapted to work on other platforms. */ /* * Copyright The Mbed TLS Contributors @@ -20,19 +20,26 @@ * limitations under the License. */ -/* TF-M Configuration Options */ -#include "../configs/ext/tfm_mbedcrypto_config_profile_medium.h" +/* TF-M medium profile: mbedtls legacy configuration */ +#include "ext/tfm_mbedcrypto_config_profile_medium.h" -/* TF-M PSA Crypto Configuration */ +/* TF-M medium profile: PSA crypto configuration */ #define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "../configs/ext/crypto_config_profile_medium.h" -/*****************************************************************************/ -/* Tweak configuration based on TF-M config for a successful build and test. */ -/*****************************************************************************/ +/***********************************************************/ +/* Tweak the configuration to remove dependencies on TF-M. */ +/***********************************************************/ -/* MBEDTLS_PSA_CRYPTO_SPM needs third party files, so disable it. */ +/* MBEDTLS_PSA_CRYPTO_SPM needs third-party files, so disable it. */ #undef MBEDTLS_PSA_CRYPTO_SPM -/* TF-M provides its own (dummy) implemenations which Mbed TLS doesn't need. */ + +/* TF-M provides its own dummy implementations to save code size. + * We don't have any way to disable the tests that need these feature, + * so we just keep AES decryption enabled. We will resolve this though + * an official way to disable AES decryption, then this deviation + * will no longer be needed: + * https://github.com/Mbed-TLS/mbedtls/issues/7368 + */ #undef MBEDTLS_AES_SETKEY_DEC_ALT #undef MBEDTLS_AES_DECRYPT_ALT /* The configuration we have enables MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C @@ -47,7 +54,10 @@ #undef MBEDTLS_PK_PARSE_C #undef MBEDTLS_PK_WRITE_C -/* Use built-in platform entropy functions. */ +/* Use built-in platform entropy functions (TF-M provides its own). */ #undef MBEDTLS_NO_PLATFORM_ENTROPY -/* Disable buffer-based memory allocator */ + +/* Disable buffer-based memory allocator. This isn't strictly required, + * but using the native allocator is faster and works better with + * memory management analysis frameworks such as ASan. */ #undef MBEDTLS_MEMORY_BUFFER_ALLOC_C From 5baf66755c5dd80f5266dc0452a799b683bdc218 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 6 Sep 2023 17:17:10 +0200 Subject: [PATCH 0114/1674] Keep the list in alphabetical order Signed-off-by: Gilles Peskine --- tests/scripts/test-ref-configs.pl | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index 9fd98be8d..80aa87a99 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -49,13 +49,13 @@ my %configs = ( 'config-symmetric-only.h' => { 'test_again_with_use_psa' => 0, # Uses PSA by default, no need to test it twice }, + 'config-tfm.h' => { + 'test_again_with_use_psa' => 0, # Uses PSA by default, no need to test it twice + }, 'config-thread.h' => { 'opt' => '-f ECJPAKE.*nolog', 'test_again_with_use_psa' => 1, }, - 'config-tfm.h' => { - 'test_again_with_use_psa' => 0, # Uses PSA by default, no need to test it twice - }, ); # If no config-name is provided, use all known configs. From 4419d38a1559fdea57f70e3cf8658701d3e89062 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 7 Sep 2023 11:28:27 +0800 Subject: [PATCH 0115/1674] config-tfm.h: include TF-M medium profile properly config-tfm.h is copied into mbedtls_config.h in test-ref-config.pl. The relative path is include/ not configs/. Signed-off-by: Yanray Wang --- configs/config-tfm.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index 7ca83b6c9..dab13814e 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -21,7 +21,7 @@ */ /* TF-M medium profile: mbedtls legacy configuration */ -#include "ext/tfm_mbedcrypto_config_profile_medium.h" +#include "../configs/ext/tfm_mbedcrypto_config_profile_medium.h" /* TF-M medium profile: PSA crypto configuration */ #define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "../configs/ext/crypto_config_profile_medium.h" @@ -35,7 +35,7 @@ /* TF-M provides its own dummy implementations to save code size. * We don't have any way to disable the tests that need these feature, - * so we just keep AES decryption enabled. We will resolve this though + * so we just keep AES decryption enabled. We will resolve this through * an official way to disable AES decryption, then this deviation * will no longer be needed: * https://github.com/Mbed-TLS/mbedtls/issues/7368 From 7050504bdcd2cfe24fb560df4c9f346e27a4a0ee Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 21 Sep 2023 17:11:40 +0800 Subject: [PATCH 0116/1674] all.sh: simplify common_tfm_config Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 21 ++++++--------------- 1 file changed, 6 insertions(+), 15 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7d91430ae..1e92d6ff0 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2893,25 +2893,18 @@ component_test_psa_crypto_config_reference_ecc_ffdh_no_bignum () { # - component_test_tfm_config() common_tfm_config () { # Enable TF-M config - cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H" - cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" - - # Adjust for the fact that we're building outside the TF-M environment. - # - # TF-M has separation, our build doesn't - scripts/config.py unset MBEDTLS_PSA_CRYPTO_SPM - scripts/config.py unset MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER - # TF-M provdes its own (dummy) implemenation, from their tree - scripts/config.py unset MBEDTLS_AES_DECRYPT_ALT - scripts/config.py unset MBEDTLS_AES_SETKEY_DEC_ALT - # We have an OS that provides entropy, use it - scripts/config.py unset MBEDTLS_NO_PLATFORM_ENTROPY + cp configs/config-tfm.h "$CONFIG_H" + echo "#undef MBEDTLS_PSA_CRYPTO_CONFIG_FILE" >> "$CONFIG_H" + cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" # Other config adjustments to make the tests pass. # Those should probably be adopted upstream. # # - USE_PSA_CRYPTO for PK_HAVE_ECC_KEYS echo "#define MBEDTLS_USE_PSA_CRYPTO" >> "$CONFIG_H" + # PK_[PARSE/WRITE]_C used to avoid build and link errors in test_suite_pk.c + echo "#define MBEDTLS_PK_PARSE_C" >> "$CONFIG_H" + echo "#define MBEDTLS_PK_WRITE_C" >> "$CONFIG_H" # pkparse.c and pkwrite.c fail to link without this echo "#define MBEDTLS_OID_C" >> "$CONFIG_H" # - ASN1_[PARSE/WRITE]_C found by check_config.h for pkparse/pkwrite @@ -2925,8 +2918,6 @@ common_tfm_config () { # # Enable filesystem I/O for the benefit of PK parse/write tests. echo "#define MBEDTLS_FS_IO" >> "$CONFIG_H" - # Disable this for maximal ASan efficiency - scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # Config adjustments for features that are not supported # when using only drivers / by p256-m From 382966d1a75021a8ef337e669468847ffb3617d1 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 21 Sep 2023 17:18:49 +0800 Subject: [PATCH 0117/1674] all.sh: fix a comment in common_tfm_config Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1e92d6ff0..85fadf4f8 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2922,7 +2922,7 @@ common_tfm_config () { # Config adjustments for features that are not supported # when using only drivers / by p256-m # - # Disable all the features that auto-enable ECP_LIGHT (see build_info.h) + # Disable all the features that auto-enable ECP_LIGHT (see config_adjust_legacy_crypto.h) scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # Disable deterministic ECDSA as p256-m only does randomized scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_DETERMINISTIC_ECDSA From 09f9300c013ed754653a315500ac4342a562ec0b Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 25 Sep 2023 10:54:24 +0800 Subject: [PATCH 0118/1674] config-tfm.h: remove PK_[PARSE/WRITE]_C As we have removed PK_[PARSE_WRITE]_C in TF-M config, we do not have to undef them in config-tfm.h Signed-off-by: Yanray Wang --- configs/config-tfm.h | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index dab13814e..b8233e900 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -42,17 +42,6 @@ */ #undef MBEDTLS_AES_SETKEY_DEC_ALT #undef MBEDTLS_AES_DECRYPT_ALT -/* The configuration we have enables MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C - * but not MBEDTLS_OID_C. This is inconsistent, and leads to a link error - * when using one of the mbedtls_pk_parse_xxx or mbedtls_pk_write_xxx - * functions that depend on an mbedtls_oid_xxx function. - * Mbed TLS needs PK parse/write for RSA with PSA, but the medium - * profile doesn't have RSA. Later versions of TF-M no longer enable - * PK parse/write: it wasn't a wanted feature. So disable it here - * (otherwise we'd have to enable MBEDTLS_OID_C). - */ -#undef MBEDTLS_PK_PARSE_C -#undef MBEDTLS_PK_WRITE_C /* Use built-in platform entropy functions (TF-M provides its own). */ #undef MBEDTLS_NO_PLATFORM_ENTROPY From 4eaf5adda995e4296eefccce6e4f93254f300c37 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 25 Sep 2023 10:57:16 +0800 Subject: [PATCH 0119/1674] all.sh: remove define MD_C in common_tfm_config We have set MBEDTLS_MD_C in tfm_mbedcrypto_config_profile_medium.h so there is no need to enable it again. Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 85fadf4f8..88d741454 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2910,8 +2910,6 @@ common_tfm_config () { # - ASN1_[PARSE/WRITE]_C found by check_config.h for pkparse/pkwrite echo "#define MBEDTLS_ASN1_PARSE_C" >> "$CONFIG_H" echo "#define MBEDTLS_ASN1_WRITE_C" >> "$CONFIG_H" - # - MD_C for HKDF_C - echo "#define MBEDTLS_MD_C" >> "$CONFIG_H" # Config adjustments for better test coverage in our environment. # These are not needed just to build and pass tests. From 145bb2946e0d18448caab07300fd34be7614fa0d Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 25 Sep 2023 11:10:25 +0800 Subject: [PATCH 0120/1674] check_config: add check of ASN1_[WRITE/PARSE]_C This commit adds dependency check when PK_CAN_ECDSA_SIGN or PK_CAN_ECDSA_VERIFY is enabled but no corresponding ASN1_WRITE_C or ASN1_PARSE_C is enabled under PSA. Signed-off-by: Yanray Wang --- include/mbedtls/check_config.h | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 17eb0340c..5c96223d7 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -106,6 +106,15 @@ #error "MBEDTLS_ECDSA_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN) && !defined(MBEDTLS_ASN1_WRITE_C) +#error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_WRITE_C for ECDSA signature" +#endif +#if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) && !defined(MBEDTLS_ASN1_PARSE_C) +#error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_PARSE_C for ECDSA verification" +#endif +#endif /* MBEDTLS_PK_C && MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_ECJPAKE_C) && \ ( !defined(MBEDTLS_ECP_C) || \ !( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) ) ) From 73bb2318785b997ad0ba729c512d5d97b5f3205c Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 25 Sep 2023 11:21:15 +0800 Subject: [PATCH 0121/1674] all.sh: remove not needed #define in common_tfm_config Since we have removed PK_C, PK_[WRITE/PARSE]_C, there is no need to define PK related configurations again. Therefore we removed them in common_tfm_config to make a simpler. Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 17 ++++------------- 1 file changed, 4 insertions(+), 13 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 88d741454..0557ee359 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2897,22 +2897,14 @@ common_tfm_config () { echo "#undef MBEDTLS_PSA_CRYPTO_CONFIG_FILE" >> "$CONFIG_H" cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" - # Other config adjustments to make the tests pass. - # Those should probably be adopted upstream. + # Other config adjustment to make the tests pass. + # This should probably be adopted upstream. # # - USE_PSA_CRYPTO for PK_HAVE_ECC_KEYS echo "#define MBEDTLS_USE_PSA_CRYPTO" >> "$CONFIG_H" - # PK_[PARSE/WRITE]_C used to avoid build and link errors in test_suite_pk.c - echo "#define MBEDTLS_PK_PARSE_C" >> "$CONFIG_H" - echo "#define MBEDTLS_PK_WRITE_C" >> "$CONFIG_H" - # pkparse.c and pkwrite.c fail to link without this - echo "#define MBEDTLS_OID_C" >> "$CONFIG_H" - # - ASN1_[PARSE/WRITE]_C found by check_config.h for pkparse/pkwrite - echo "#define MBEDTLS_ASN1_PARSE_C" >> "$CONFIG_H" - echo "#define MBEDTLS_ASN1_WRITE_C" >> "$CONFIG_H" - # Config adjustments for better test coverage in our environment. - # These are not needed just to build and pass tests. + # Config adjustment for better test coverage in our environment. + # This is not needed just to build and pass tests. # # Enable filesystem I/O for the benefit of PK parse/write tests. echo "#define MBEDTLS_FS_IO" >> "$CONFIG_H" @@ -2924,7 +2916,6 @@ common_tfm_config () { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # Disable deterministic ECDSA as p256-m only does randomized scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_DETERMINISTIC_ECDSA - } # Keep this in sync with component_test_tfm_config() as they are both meant From 61f96608ccf71b8314b9d85b5ae7953f8ba00b5a Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 25 Sep 2023 14:13:22 +0800 Subject: [PATCH 0122/1674] test_suite_pk: add extra dependency for pk_psa_sign pk_psa_sign is guarded by MBEDTLS_TEST_PK_PSA_SIGN which is set under: - The build has PK_[PARSE/WRITE]_C for RSA or ECDSA signature. - The build has built-in ECC and ECDSA signature. Signed-off-by: Yanray Wang --- tests/suites/test_suite_pk.function | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 881429c2d..fa0b03b34 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -24,6 +24,17 @@ #define RSA_KEY_SIZE MBEDTLS_RSA_GEN_KEY_MIN_BITS #define RSA_KEY_LEN (MBEDTLS_RSA_GEN_KEY_MIN_BITS/8) +/* MBEDTLS_TEST_PK_PSA_SIGN is enabled when: + * - The build has PK_[PARSE/WRITE]_C for RSA or ECDSA signature. + * - The build has built-in ECC and ECDSA signature. + */ +#if (defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_PK_WRITE_C) && \ + ((defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)) || \ + defined(MBEDTLS_PK_CAN_ECDSA_SIGN))) || \ + (defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_CAN_ECDSA_SIGN)) +#define MBEDTLS_TEST_PK_PSA_SIGN +#endif + #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) static int pk_genkey_ec(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) { @@ -1274,7 +1285,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO */ +/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_PK_PSA_SIGN */ void pk_psa_sign(int parameter_arg, int psa_type_arg, int expected_bits_arg) { From 079b3bb97b4c1a769fdc517340e73d1eff45bcbb Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 26 Sep 2023 12:19:15 +0800 Subject: [PATCH 0123/1674] test_suite_asn1parse.data: remove {} in test data description In analyze_outcomes.py, if a test case passes in reference_test but not in driver_test, we log the key by key.format in python. However, this causes error because of the grammar {} in python string format. So removing {} to avoid KeyError for sys.stderr.write((fmt + '\n').format(*args, **kwargs)) Signed-off-by: Yanray Wang --- tests/suites/test_suite_asn1parse.data | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_asn1parse.data b/tests/suites/test_suite_asn1parse.data index c129e3c8f..4b1372962 100644 --- a/tests/suites/test_suite_asn1parse.data +++ b/tests/suites/test_suite_asn1parse.data @@ -514,13 +514,13 @@ traverse_sequence_of:"300705000203123456":0:0:0xff:0x02:"6,0x02,3":0 Traverse SEQUENCE of INTEGER, skip everything traverse_sequence_of:"30080203123456020178":0xff:0x02:0:1:"":0 -Traverse SEQUENCE of {NULL, OCTET STRING}, skip NULL: OS, NULL +Traverse SEQUENCE of NULL, OCTET STRING, skip NULL: OS, NULL traverse_sequence_of:"300704031234560500":0xfe:0x04:0xff:0x04:"4,0x04,3":0 -Traverse SEQUENCE of {NULL, OCTET STRING}, skip NULL: NULL, OS +Traverse SEQUENCE of NULL, OCTET STRING, skip NULL: NULL, OS traverse_sequence_of:"300705000403123456":0xfe:0x04:0xff:0x04:"6,0x04,3":0 -Traverse SEQUENCE of {NULL, OCTET STRING}, skip everything +Traverse SEQUENCE of NULL, OCTET STRING, skip everything traverse_sequence_of:"300705000403123456":0xfe:0x04:0:1:"":0 Traverse SEQUENCE of INTEGER, stop at 0: NULL From ffbdd33f043534016fe562d2552c29df71de15bb Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 26 Sep 2023 15:16:30 +0800 Subject: [PATCH 0124/1674] Revert "test_suite_asn1parse.data: remove {} in test data description" This reverts commit 929311e9a7c092b54a05d84bc74daa8efdb07422. Signed-off-by: Yanray Wang --- tests/suites/test_suite_asn1parse.data | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_asn1parse.data b/tests/suites/test_suite_asn1parse.data index 4b1372962..c129e3c8f 100644 --- a/tests/suites/test_suite_asn1parse.data +++ b/tests/suites/test_suite_asn1parse.data @@ -514,13 +514,13 @@ traverse_sequence_of:"300705000203123456":0:0:0xff:0x02:"6,0x02,3":0 Traverse SEQUENCE of INTEGER, skip everything traverse_sequence_of:"30080203123456020178":0xff:0x02:0:1:"":0 -Traverse SEQUENCE of NULL, OCTET STRING, skip NULL: OS, NULL +Traverse SEQUENCE of {NULL, OCTET STRING}, skip NULL: OS, NULL traverse_sequence_of:"300704031234560500":0xfe:0x04:0xff:0x04:"4,0x04,3":0 -Traverse SEQUENCE of NULL, OCTET STRING, skip NULL: NULL, OS +Traverse SEQUENCE of {NULL, OCTET STRING}, skip NULL: NULL, OS traverse_sequence_of:"300705000403123456":0xfe:0x04:0xff:0x04:"6,0x04,3":0 -Traverse SEQUENCE of NULL, OCTET STRING, skip everything +Traverse SEQUENCE of {NULL, OCTET STRING}, skip everything traverse_sequence_of:"300705000403123456":0xfe:0x04:0:1:"":0 Traverse SEQUENCE of INTEGER, stop at 0: NULL From 0e319ae5776f1c03617a1f78cbc2a6337f81b4f6 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 26 Sep 2023 16:19:18 +0800 Subject: [PATCH 0125/1674] analyze_outcomes: escape {} in string format for test description {} are valid characters in test description, but they're not escaped properly in python string format(). To resolve the bug of KeyError when it tries to log test description which contains {}, we replace {XXX} format with {{XXX}} in order to escape {} in python string format() properly. In addition, the calls to Results.log() are also handled to avoid similar potential problems. Signed-off-by: Yanray Wang --- tests/scripts/analyze_outcomes.py | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 119dbb57a..085bff2f2 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -60,13 +60,13 @@ def execute_reference_driver_tests(ref_component, driver_component, outcome_file # If the outcome file already exists, we assume that the user wants to # perform the comparison analysis again without repeating the tests. if os.path.exists(outcome_file): - Results.log("Outcome file (" + outcome_file + ") already exists. " + \ - "Tests will be skipped.") + Results.log("Outcome file {} already exists. Tests will be skipped.", + outcome_file) return shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \ " " + ref_component + " " + driver_component - Results.log("Running: " + shell_command) + Results.log("Running: {}", shell_command) ret_val = subprocess.run(shell_command.split(), check=False).returncode if ret_val != 0: @@ -101,6 +101,7 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver, """ available = check_test_cases.collect_available_test_cases() result = True + escape_curly_brace = lambda x: x.replace('{', '{{').replace('}', '}}') for key in available: # Continue if test was not executed by any component @@ -125,7 +126,7 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver, if component_ref in entry: reference_test_passed = True if(reference_test_passed and not driver_test_passed): - Results.log(key) + Results.log(escape_curly_brace(key)) result = False return result @@ -172,8 +173,8 @@ def do_analyze_driver_vs_reference(outcome_file, args): ignored_suites = ['test_suite_' + x for x in args['ignored_suites']] outcomes = read_outcome_file(outcome_file) - Results.log("\n*** Analyze driver {} vs reference {} ***\n".format( - args['component_driver'], args['component_ref'])) + Results.log("\n*** Analyze driver {} vs reference {} ***\n", + args['component_driver'], args['component_ref']) return analyze_driver_vs_reference(outcomes, args['component_ref'], args['component_driver'], ignored_suites, args['ignored_tests']) @@ -652,7 +653,7 @@ def main(): for task in tasks: if task not in TASKS: - Results.log('Error: invalid task: {}'.format(task)) + Results.log('Error: invalid task: {}', task) sys.exit(1) TASKS['analyze_coverage']['args']['full_coverage'] = \ From 5c0c858026189b106864b2763fb3f1884286b580 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 26 Sep 2023 16:52:33 +0800 Subject: [PATCH 0126/1674] analyze_outcomes: ignore asn1parse and asn1write in result analysis By default, we disable ASN1_[PARSE/WRITE]_C in common_tfm_config. In fact, this is what happens for accelerated p256m driver, which means all asn1[parse/write] tests are skipped in driver_accel test. However, those two macros are automatically enabled for built-in ECDSA via PSA, which means all asn1[parse/write] tests are passed in tfm_config test. This commit simply ignores the whole asn1[parse/write] test suite when analyzing between driver and reference. Signed-off-by: Yanray Wang --- tests/scripts/analyze_outcomes.py | 24 ++---------------------- 1 file changed, 2 insertions(+), 22 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 085bff2f2..0c63eff4f 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -530,6 +530,8 @@ TASKS = { 'ignored_suites': [ # Ignore test suites for the modules that are disabled in the # accelerated test case. + 'asn1parse', + 'asn1write', 'ecp', 'ecdsa', 'ecdh', @@ -593,28 +595,6 @@ TASKS = { 'test_suite_psa_crypto_pake': [ 'PSA PAKE: ecjpake size macros', ], - 'test_suite_asn1parse': [ - # This test depends on BIGNUM_C - 'INTEGER too large for mpi', - ], - 'test_suite_asn1write': [ - # Following tests depends on BIGNUM_C - 'ASN.1 Write mpi 0 (1 limb)', - 'ASN.1 Write mpi 0 (null)', - 'ASN.1 Write mpi 0x100', - 'ASN.1 Write mpi 0x7f', - 'ASN.1 Write mpi 0x7f with leading 0 limb', - 'ASN.1 Write mpi 0x80', - 'ASN.1 Write mpi 0x80 with leading 0 limb', - 'ASN.1 Write mpi 0xff', - 'ASN.1 Write mpi 1', - 'ASN.1 Write mpi, 127*8 bits', - 'ASN.1 Write mpi, 127*8+1 bits', - 'ASN.1 Write mpi, 127*8-1 bits', - 'ASN.1 Write mpi, 255*8 bits', - 'ASN.1 Write mpi, 255*8-1 bits', - 'ASN.1 Write mpi, 256*8-1 bits', - ], } } } From 89c88bb44bf2b4e35ecce38bd38e502ed6cebbf5 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 27 Sep 2023 10:31:44 +0800 Subject: [PATCH 0127/1674] analyze_outcomes: fix incorrect use of Results.log() Signed-off-by: Yanray Wang --- tests/scripts/analyze_outcomes.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 0c63eff4f..48457e67a 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -101,7 +101,6 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver, """ available = check_test_cases.collect_available_test_cases() result = True - escape_curly_brace = lambda x: x.replace('{', '{{').replace('}', '}}') for key in available: # Continue if test was not executed by any component @@ -126,7 +125,7 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver, if component_ref in entry: reference_test_passed = True if(reference_test_passed and not driver_test_passed): - Results.log(escape_curly_brace(key)) + Results.log('{}', key) result = False return result @@ -621,7 +620,7 @@ def main(): if options.list: for task in TASKS: - Results.log(task) + Results.log('{}', task) sys.exit(0) result = True From 745af9f47bc3252708dd425b0f572f59ca122f1b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 29 Sep 2023 15:47:07 +0100 Subject: [PATCH 0128/1674] Extend testing of aes.o options Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 37 ++++++++++++++++++++++++++++++++++++- 1 file changed, 36 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9e1d84f5d..20b7fda8c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3934,13 +3934,25 @@ component_build_tfm() { make lib CC="gcc" CFLAGS="-Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wformat-signedness -Wlogical-op -I../tests/include/spe" } -component_build_aes_variations() { # ~45s +component_build_aes_variations() { # 3m20s # aes.o has many #if defined(...) guards that intersect in complex ways. # Test that all the combinations build cleanly. The most common issue is # unused variables/functions, so ensure -Wunused is set. msg "build: aes.o for all combinations of relevant config options" + # check to see if we can enable MBEDTLS_AES_USE_HARDWARE_ONLY - require + # Linux (so we can check for CPU flags) + if [[ "$OSTYPE" == "linux-gnu" ]]; then + # Runtime detection is supported on Linux, so it's safe to set these here + AESNI_OPTIONS="set unset" + AESCE_OPTIONS="set unset" + else + # otherwise leave them unset + AESNI_OPTIONS="unset" + AESCE_OPTIONS="unset" + fi + for a in set unset; do for b in set unset; do for c in set unset; do @@ -3948,6 +3960,20 @@ component_build_aes_variations() { # ~45s for e in set unset; do for f in set unset; do for g in set unset; do + for h in set unset; do + for i in ${AESNI_OPTIONS}; do + for j in ${AESCE_OPTIONS}; do + if [[ "$h" == "set" ]]; then + if [[ !(("$HOSTTYPE" == "aarch64" && "$j" == "set") || ("$HOSTTYPE" == "x86_64" && "$i" == "set")) ]]; then + # MBEDTLS_AES_USE_HARDWARE_ONLY requires hw acceleration for the target platform + continue + fi + if [[ "$g" == "set" ]]; then + # MBEDTLS_AES_USE_HARDWARE_ONLY and MBEDTLS_PADLOCK_C is not supported + continue + fi + fi + echo ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT echo ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT echo ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES @@ -3955,6 +3981,9 @@ component_build_aes_variations() { # ~45s echo ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT echo ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES echo ./scripts/config.py $g MBEDTLS_PADLOCK_C + echo ./scripts/config.py $h MBEDTLS_AES_USE_HARDWARE_ONLY + echo ./scripts/config.py $i MBEDTLS_AESNI_C + echo ./scripts/config.py $j MBEDTLS_AESCE_C ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT @@ -3963,6 +3992,9 @@ component_build_aes_variations() { # ~45s ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES ./scripts/config.py $g MBEDTLS_PADLOCK_C + ./scripts/config.py $h MBEDTLS_AES_USE_HARDWARE_ONLY + ./scripts/config.py $i MBEDTLS_AESNI_C + ./scripts/config.py $j MBEDTLS_AESCE_C rm -f library/aes.o make -C library aes.o CC="clang" CFLAGS="-O0 -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" @@ -3973,6 +4005,9 @@ component_build_aes_variations() { # ~45s done done done + done + done + done } component_test_no_platform () { From 450c1ff353e8e7431d916178a8a6f19f3568e4c3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 29 Sep 2023 15:52:33 +0100 Subject: [PATCH 0129/1674] Fix some more incorrect guards in aes.c Signed-off-by: Dave Rodgman --- library/aes.c | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/library/aes.c b/library/aes.c index 0a7b26ce9..3e27cd39b 100644 --- a/library/aes.c +++ b/library/aes.c @@ -84,8 +84,10 @@ static int aes_padlock_ace = -1; /* * Forward S-box */ -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || \ + (!defined(MBEDTLS_AES_SETKEY_ENC_ALT) && (!defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \ + !defined(MBEDTLS_AES_ROM_TABLES))) || \ + (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) static const unsigned char FSb[256] = { 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, @@ -330,7 +332,8 @@ static const unsigned char RSb[256] = V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \ V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0) -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || \ + (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) #define V(a, b, c, d) 0x##a##b##c##d static const uint32_t RT0[256] = { RT }; @@ -352,11 +355,12 @@ static const uint32_t RT3[256] = { RT }; #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif \ + /* !defined(MBEDTLS_AES_DECRYPT_ALT) || (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) */ #undef RT -#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) +#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) /* * Round constants */ @@ -373,11 +377,12 @@ static const uint32_t RCON[10] = /* * Forward S-box & tables */ -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || \ + (!defined(MBEDTLS_AES_SETKEY_ENC_ALT) && (!defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \ + !defined(MBEDTLS_AES_ROM_TABLES))) || \ + (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) static unsigned char FSb[256]; -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif #if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) static uint32_t FT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) @@ -394,7 +399,8 @@ static uint32_t FT3[256]; static unsigned char RSb[256]; #endif /* !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) */ -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && \ + !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) static uint32_t RT0[256]; #if !defined(MBEDTLS_AES_FEWER_TABLES) static uint32_t RT1[256]; @@ -482,7 +488,8 @@ static void aes_gen_tables(void) x = RSb[i]; -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) +#if !defined(MBEDTLS_AES_DECRYPT_ALT) || \ + (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) RT0[i] = ((uint32_t) MUL(0x0E, x)) ^ ((uint32_t) MUL(0x09, x) << 8) ^ ((uint32_t) MUL(0x0D, x) << 16) ^ @@ -493,7 +500,8 @@ static void aes_gen_tables(void) RT2[i] = ROTL8(RT1[i]); RT3[i] = ROTL8(RT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +#endif \ + /* !defined(MBEDTLS_AES_DECRYPT_ALT) || (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) */ } } From 573dfc167ae1a3953e5613eeff67e3766fa73c34 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 29 Sep 2023 16:27:29 +0100 Subject: [PATCH 0130/1674] Add testing for MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 20b7fda8c..238d4ccce 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3934,7 +3934,7 @@ component_build_tfm() { make lib CC="gcc" CFLAGS="-Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wformat-signedness -Wlogical-op -I../tests/include/spe" } -component_build_aes_variations() { # 3m20s +component_build_aes_variations() { # ~7m # aes.o has many #if defined(...) guards that intersect in complex ways. # Test that all the combinations build cleanly. The most common issue is # unused variables/functions, so ensure -Wunused is set. @@ -3963,6 +3963,7 @@ component_build_aes_variations() { # 3m20s for h in set unset; do for i in ${AESNI_OPTIONS}; do for j in ${AESCE_OPTIONS}; do + for k in set unset; do if [[ "$h" == "set" ]]; then if [[ !(("$HOSTTYPE" == "aarch64" && "$j" == "set") || ("$HOSTTYPE" == "x86_64" && "$i" == "set")) ]]; then # MBEDTLS_AES_USE_HARDWARE_ONLY requires hw acceleration for the target platform @@ -3984,6 +3985,7 @@ component_build_aes_variations() { # 3m20s echo ./scripts/config.py $h MBEDTLS_AES_USE_HARDWARE_ONLY echo ./scripts/config.py $i MBEDTLS_AESNI_C echo ./scripts/config.py $j MBEDTLS_AESCE_C + echo ./scripts/config.py $k MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT @@ -3995,6 +3997,7 @@ component_build_aes_variations() { # 3m20s ./scripts/config.py $h MBEDTLS_AES_USE_HARDWARE_ONLY ./scripts/config.py $i MBEDTLS_AESNI_C ./scripts/config.py $j MBEDTLS_AESCE_C + ./scripts/config.py $k MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH rm -f library/aes.o make -C library aes.o CC="clang" CFLAGS="-O0 -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" @@ -4008,6 +4011,7 @@ component_build_aes_variations() { # 3m20s done done done + done } component_test_no_platform () { From 972856219202c4bc134493f6dfc420497959d7ed Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 29 Sep 2023 17:32:06 +0100 Subject: [PATCH 0131/1674] Improve test speed Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 122 ++++++++++++++++++++++++------------------- 1 file changed, 68 insertions(+), 54 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 238d4ccce..22b471445 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3934,84 +3934,98 @@ component_build_tfm() { make lib CC="gcc" CFLAGS="-Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wformat-signedness -Wlogical-op -I../tests/include/spe" } -component_build_aes_variations() { # ~7m +component_build_aes_variations() { + # 1m40 - around 90ms per clang invocation on M1 Pro + # # aes.o has many #if defined(...) guards that intersect in complex ways. # Test that all the combinations build cleanly. The most common issue is # unused variables/functions, so ensure -Wunused is set. msg "build: aes.o for all combinations of relevant config options" + WARNING_FLAGS="-Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" + # check to see if we can enable MBEDTLS_AES_USE_HARDWARE_ONLY - require # Linux (so we can check for CPU flags) if [[ "$OSTYPE" == "linux-gnu" ]]; then # Runtime detection is supported on Linux, so it's safe to set these here - AESNI_OPTIONS="set unset" - AESCE_OPTIONS="set unset" + AESNI_OPTIONS="0 1" + AESCE_OPTIONS="0 1" else # otherwise leave them unset - AESNI_OPTIONS="unset" - AESCE_OPTIONS="unset" + AESNI_OPTIONS="0" + AESCE_OPTIONS="0" fi - for a in set unset; do - for b in set unset; do - for c in set unset; do - for d in set unset; do - for e in set unset; do - for f in set unset; do - for g in set unset; do - for h in set unset; do - for i in ${AESNI_OPTIONS}; do - for j in ${AESCE_OPTIONS}; do - for k in set unset; do - if [[ "$h" == "set" ]]; then - if [[ !(("$HOSTTYPE" == "aarch64" && "$j" == "set") || ("$HOSTTYPE" == "x86_64" && "$i" == "set")) ]]; then + # clear all the variables, so that we can individually set them via clang + for x in "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" "MBEDTLS_AES_ROM_TABLES" \ + "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" "MBEDTLS_AES_FEWER_TABLES" \ + "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" \ + "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"; do + echo ./scripts/config.py unset ${x} + ./scripts/config.py unset ${x} + done + + FAILED=0 + + for a in 0 1; do [[ $a == 0 ]] && A="" || A="-DMBEDTLS_AES_SETKEY_ENC_ALT" + for b in 0 1; do [[ $b == 0 ]] && B="" || B="-DMBEDTLS_AES_DECRYPT_ALT" + for c in 0 1; do [[ $c == 0 ]] && C="" || C="-DMBEDTLS_AES_ROM_TABLES" + for d in 0 1; do [[ $d == 0 ]] && D="" || D="-DMBEDTLS_AES_ENCRYPT_ALT" + for e in 0 1; do [[ $e == 0 ]] && E="" || E="-DMBEDTLS_AES_SETKEY_DEC_ALT" + for f in 0 1; do [[ $f == 0 ]] && F="" || F="-DMBEDTLS_AES_FEWER_TABLES" + for g in 0 1; do [[ $g == 0 ]] && G="" || G="-DMBEDTLS_PADLOCK_C" + for h in 0 1; do [[ $h == 0 ]] && H="" || H="-DMBEDTLS_AES_USE_HARDWARE_ONLY" + for i in $AESNI_OPTIONS; do [[ $i == 0 ]] && I="" || I="-DMBEDTLS_AESNI_C" + for j in $AESCE_OPTIONS; do [[ $j == 0 ]] && J="" || J="-DMBEDTLS_AESCE_C" + for k in 0 1; do [[ $k == 0 ]] && K="" || K="-DMBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" + + # skip invalid combinations + if [[ $h -eq 1 ]]; then + if [[ !(("$HOSTTYPE" == "aarch64" && $j -eq 1) || ("$HOSTTYPE" == "x86_64" && $i -eq 1)) ]]; then # MBEDTLS_AES_USE_HARDWARE_ONLY requires hw acceleration for the target platform continue fi - if [[ "$g" == "set" ]]; then + if [[ $g -eq 1 ]]; then # MBEDTLS_AES_USE_HARDWARE_ONLY and MBEDTLS_PADLOCK_C is not supported continue fi fi - echo ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT - echo ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT - echo ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES - echo ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT - echo ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT - echo ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES - echo ./scripts/config.py $g MBEDTLS_PADLOCK_C - echo ./scripts/config.py $h MBEDTLS_AES_USE_HARDWARE_ONLY - echo ./scripts/config.py $i MBEDTLS_AESNI_C - echo ./scripts/config.py $j MBEDTLS_AESCE_C - echo ./scripts/config.py $k MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH + # Check syntax only, for speed + # Capture failures and continue, but hide successes to avoid spamming the log with 2^11 combinations + CMD_FAILED=0 + cmd="clang $A $B $C $D $E $F $G $H $I $J $K -fsyntax-only library/aes.c -Iinclude -std=c99 $WARNING_FLAGS" + $cmd || CMD_FAILED=1 - ./scripts/config.py $a MBEDTLS_AES_SETKEY_ENC_ALT - ./scripts/config.py $b MBEDTLS_AES_DECRYPT_ALT - ./scripts/config.py $c MBEDTLS_AES_ROM_TABLES - ./scripts/config.py $d MBEDTLS_AES_ENCRYPT_ALT - ./scripts/config.py $e MBEDTLS_AES_SETKEY_DEC_ALT - ./scripts/config.py $f MBEDTLS_AES_FEWER_TABLES - ./scripts/config.py $g MBEDTLS_PADLOCK_C - ./scripts/config.py $h MBEDTLS_AES_USE_HARDWARE_ONLY - ./scripts/config.py $i MBEDTLS_AESNI_C - ./scripts/config.py $j MBEDTLS_AESCE_C - ./scripts/config.py $k MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH + if [[ $CMD_FAILED -eq 1 ]]; then + FAILED=1 + echo "Failed: $cmd" + echo $a MBEDTLS_AES_SETKEY_ENC_ALT + echo $b MBEDTLS_AES_DECRYPT_ALT + echo $c MBEDTLS_AES_ROM_TABLES + echo $d MBEDTLS_AES_ENCRYPT_ALT + echo $e MBEDTLS_AES_SETKEY_DEC_ALT + echo $f MBEDTLS_AES_FEWER_TABLES + echo $g MBEDTLS_PADLOCK_C + echo $h MBEDTLS_AES_USE_HARDWARE_ONLY + echo $i MBEDTLS_AESNI_C + echo $j MBEDTLS_AESCE_C + echo $k MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH + fi + done + done + done + done + done + done + done + done + done + done + done - rm -f library/aes.o - make -C library aes.o CC="clang" CFLAGS="-O0 -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" - done - done - done - done - done - done - done - done - done - done - done + [[ $FAILED -eq 1 ]] && false # fail if any combination failed } component_test_no_platform () { From aea01c9455117da6bee185377a100f46e801f466 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 29 Sep 2023 18:54:49 +0100 Subject: [PATCH 0132/1674] Use make to parellise tests Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 34 ++++++++++++++-------------------- 1 file changed, 14 insertions(+), 20 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 22b471445..ba43d133d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3935,7 +3935,7 @@ component_build_tfm() { } component_build_aes_variations() { - # 1m40 - around 90ms per clang invocation on M1 Pro + # 18s - around 90ms per clang invocation on M1 Pro # # aes.o has many #if defined(...) guards that intersect in complex ways. # Test that all the combinations build cleanly. The most common issue is @@ -3962,11 +3962,11 @@ component_build_aes_variations() { "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" "MBEDTLS_AES_FEWER_TABLES" \ "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" \ "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"; do - echo ./scripts/config.py unset ${x} ./scripts/config.py unset ${x} done - FAILED=0 + MAKEFILE=$(mktemp) + DEPS="" for a in 0 1; do [[ $a == 0 ]] && A="" || A="-DMBEDTLS_AES_SETKEY_ENC_ALT" for b in 0 1; do [[ $b == 0 ]] && B="" || B="-DMBEDTLS_AES_DECRYPT_ALT" @@ -3996,23 +3996,12 @@ component_build_aes_variations() { # Capture failures and continue, but hide successes to avoid spamming the log with 2^11 combinations CMD_FAILED=0 cmd="clang $A $B $C $D $E $F $G $H $I $J $K -fsyntax-only library/aes.c -Iinclude -std=c99 $WARNING_FLAGS" - $cmd || CMD_FAILED=1 - if [[ $CMD_FAILED -eq 1 ]]; then - FAILED=1 - echo "Failed: $cmd" - echo $a MBEDTLS_AES_SETKEY_ENC_ALT - echo $b MBEDTLS_AES_DECRYPT_ALT - echo $c MBEDTLS_AES_ROM_TABLES - echo $d MBEDTLS_AES_ENCRYPT_ALT - echo $e MBEDTLS_AES_SETKEY_DEC_ALT - echo $f MBEDTLS_AES_FEWER_TABLES - echo $g MBEDTLS_PADLOCK_C - echo $h MBEDTLS_AES_USE_HARDWARE_ONLY - echo $i MBEDTLS_AESNI_C - echo $j MBEDTLS_AESCE_C - echo $k MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH - fi + TARGET="t$a$b$c$d$e$f$g$h$i$j$k" + echo "${TARGET}:" >> $MAKEFILE + echo -e "\t$cmd" >> $MAKEFILE + echo >> $MAKEFILE + DEPS="${DEPS} ${TARGET}" done done done @@ -4025,7 +4014,12 @@ component_build_aes_variations() { done done - [[ $FAILED -eq 1 ]] && false # fail if any combination failed + echo "all: ${DEPS}" >> $MAKEFILE + + MAKEFILE_CONTENT=`cat $MAKEFILE` + rm ${MAKEFILE} + NCPUS=$(lscpu -p|tail -n1|sed 's/,.*//') + echo $MAKEFILE_CONTENT | make --quiet -j$((NCPUS * 2)) -f ${MAKEFILE} all } component_test_no_platform () { From 86cc70871ceecfa5d26ce1b736a48b59658ea628 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 29 Sep 2023 22:32:04 +0100 Subject: [PATCH 0133/1674] fix make issue Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ba43d133d..14d32c158 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4016,10 +4016,9 @@ component_build_aes_variations() { echo "all: ${DEPS}" >> $MAKEFILE - MAKEFILE_CONTENT=`cat $MAKEFILE` - rm ${MAKEFILE} NCPUS=$(lscpu -p|tail -n1|sed 's/,.*//') - echo $MAKEFILE_CONTENT | make --quiet -j$((NCPUS * 2)) -f ${MAKEFILE} all + make --quiet -j$((NCPUS * 2)) -f ${MAKEFILE} all + rm ${MAKEFILE} } component_test_no_platform () { From 8a64fb82a8279e26bf4309716fc1ba40b62b11ca Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 1 Oct 2023 13:31:31 +0100 Subject: [PATCH 0134/1674] Simplify makefile generation; don't use -j Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 41 ++++++++++++++++++++--------------------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 14d32c158..0e3e6d4e5 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3949,12 +3949,12 @@ component_build_aes_variations() { # Linux (so we can check for CPU flags) if [[ "$OSTYPE" == "linux-gnu" ]]; then # Runtime detection is supported on Linux, so it's safe to set these here - AESNI_OPTIONS="0 1" - AESCE_OPTIONS="0 1" + AESNI_OPTIONS=("" "-DMBEDTLS_AESNI_C") + AESCE_OPTIONS=("" "-DMBEDTLS_AESCE_C") else # otherwise leave them unset - AESNI_OPTIONS="0" - AESCE_OPTIONS="0" + AESNI_OPTIONS=("") + AESCE_OPTIONS=("") fi # clear all the variables, so that we can individually set them via clang @@ -3968,25 +3968,25 @@ component_build_aes_variations() { MAKEFILE=$(mktemp) DEPS="" - for a in 0 1; do [[ $a == 0 ]] && A="" || A="-DMBEDTLS_AES_SETKEY_ENC_ALT" - for b in 0 1; do [[ $b == 0 ]] && B="" || B="-DMBEDTLS_AES_DECRYPT_ALT" - for c in 0 1; do [[ $c == 0 ]] && C="" || C="-DMBEDTLS_AES_ROM_TABLES" - for d in 0 1; do [[ $d == 0 ]] && D="" || D="-DMBEDTLS_AES_ENCRYPT_ALT" - for e in 0 1; do [[ $e == 0 ]] && E="" || E="-DMBEDTLS_AES_SETKEY_DEC_ALT" - for f in 0 1; do [[ $f == 0 ]] && F="" || F="-DMBEDTLS_AES_FEWER_TABLES" - for g in 0 1; do [[ $g == 0 ]] && G="" || G="-DMBEDTLS_PADLOCK_C" - for h in 0 1; do [[ $h == 0 ]] && H="" || H="-DMBEDTLS_AES_USE_HARDWARE_ONLY" - for i in $AESNI_OPTIONS; do [[ $i == 0 ]] && I="" || I="-DMBEDTLS_AESNI_C" - for j in $AESCE_OPTIONS; do [[ $j == 0 ]] && J="" || J="-DMBEDTLS_AESCE_C" - for k in 0 1; do [[ $k == 0 ]] && K="" || K="-DMBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" + for a in "" "-DMBEDTLS_AES_SETKEY_ENC_ALT"; do + for b in "" "-DMBEDTLS_AES_DECRYPT_ALT"; do + for c in "" "-DMBEDTLS_AES_ROM_TABLES"; do + for d in "" "-DMBEDTLS_AES_ENCRYPT_ALT"; do + for e in "" "-DMBEDTLS_AES_SETKEY_DEC_ALT"; do + for f in "" "-DMBEDTLS_AES_FEWER_TABLES"; do + for g in "" "-DMBEDTLS_PADLOCK_C"; do + for h in "" "-DMBEDTLS_AES_USE_HARDWARE_ONLY"; do + for i in "${AESNI_OPTIONS[@]}"; do + for j in "${AESCE_OPTIONS[@]}"; do + for k in "" "-DMBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"; do # skip invalid combinations - if [[ $h -eq 1 ]]; then - if [[ !(("$HOSTTYPE" == "aarch64" && $j -eq 1) || ("$HOSTTYPE" == "x86_64" && $i -eq 1)) ]]; then + if [[ "$h" != "" ]]; then + if [[ !(("$HOSTTYPE" == "aarch64" && "$j" != "") || ("$HOSTTYPE" == "x86_64" && "$i" != "")) ]]; then # MBEDTLS_AES_USE_HARDWARE_ONLY requires hw acceleration for the target platform continue fi - if [[ $g -eq 1 ]]; then + if [[ "$g" != "" ]]; then # MBEDTLS_AES_USE_HARDWARE_ONLY and MBEDTLS_PADLOCK_C is not supported continue fi @@ -3995,7 +3995,7 @@ component_build_aes_variations() { # Check syntax only, for speed # Capture failures and continue, but hide successes to avoid spamming the log with 2^11 combinations CMD_FAILED=0 - cmd="clang $A $B $C $D $E $F $G $H $I $J $K -fsyntax-only library/aes.c -Iinclude -std=c99 $WARNING_FLAGS" + cmd="clang $a $b $c $d $e $f $g $h $i $j $k -fsyntax-only library/aes.c -Iinclude -std=c99 $WARNING_FLAGS" TARGET="t$a$b$c$d$e$f$g$h$i$j$k" echo "${TARGET}:" >> $MAKEFILE @@ -4016,8 +4016,7 @@ component_build_aes_variations() { echo "all: ${DEPS}" >> $MAKEFILE - NCPUS=$(lscpu -p|tail -n1|sed 's/,.*//') - make --quiet -j$((NCPUS * 2)) -f ${MAKEFILE} all + make --quiet -f ${MAKEFILE} all rm ${MAKEFILE} } From 184c0af06e1800b6c20c56c4e771d9fb45211d29 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 1 Oct 2023 13:43:02 +0100 Subject: [PATCH 0135/1674] Remove not-needed edge-case Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 0e3e6d4e5..93739f40b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3945,18 +3945,6 @@ component_build_aes_variations() { WARNING_FLAGS="-Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" - # check to see if we can enable MBEDTLS_AES_USE_HARDWARE_ONLY - require - # Linux (so we can check for CPU flags) - if [[ "$OSTYPE" == "linux-gnu" ]]; then - # Runtime detection is supported on Linux, so it's safe to set these here - AESNI_OPTIONS=("" "-DMBEDTLS_AESNI_C") - AESCE_OPTIONS=("" "-DMBEDTLS_AESCE_C") - else - # otherwise leave them unset - AESNI_OPTIONS=("") - AESCE_OPTIONS=("") - fi - # clear all the variables, so that we can individually set them via clang for x in "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" "MBEDTLS_AES_ROM_TABLES" \ "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" "MBEDTLS_AES_FEWER_TABLES" \ @@ -3976,8 +3964,8 @@ component_build_aes_variations() { for f in "" "-DMBEDTLS_AES_FEWER_TABLES"; do for g in "" "-DMBEDTLS_PADLOCK_C"; do for h in "" "-DMBEDTLS_AES_USE_HARDWARE_ONLY"; do - for i in "${AESNI_OPTIONS[@]}"; do - for j in "${AESCE_OPTIONS[@]}"; do + for i in "" "-DMBEDTLS_AESNI_C"; do + for j in "" "-DMBEDTLS_AESCE_C"; do for k in "" "-DMBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"; do # skip invalid combinations From 920343aaf74f1bd2267c8645223bfa9313dfbad1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 1 Oct 2023 18:41:09 +0100 Subject: [PATCH 0136/1674] Separate out a resuable option cross-product test function Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 132 ++++++++++++++++++++++++------------------- 1 file changed, 73 insertions(+), 59 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 93739f40b..fdbde160a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3934,80 +3934,94 @@ component_build_tfm() { make lib CC="gcc" CFLAGS="-Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wformat-signedness -Wlogical-op -I../tests/include/spe" } -component_build_aes_variations() { - # 18s - around 90ms per clang invocation on M1 Pro - # - # aes.o has many #if defined(...) guards that intersect in complex ways. - # Test that all the combinations build cleanly. The most common issue is - # unused variables/functions, so ensure -Wunused is set. +build_test_config_combos() { + # test that the given file builds with all (valid) combinations of the given options. + # syntax: build_test_config_combos FILE VALIDATOR_FUNCTION OPT1 OPT2 ... + # The validator function may be "" if all combinations are valid - msg "build: aes.o for all combinations of relevant config options" + FILE=$1 + shift + # this function must echo something iff the clang "-DA -DB ..." string is invalid + VALIDATE_OPTIONS=$1 + shift + OPTIONS=("$@") + # The most common issue is unused variables/functions, so ensure -Wunused is set. WARNING_FLAGS="-Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" - # clear all the variables, so that we can individually set them via clang - for x in "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" "MBEDTLS_AES_ROM_TABLES" \ - "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" "MBEDTLS_AES_FEWER_TABLES" \ - "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" \ - "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"; do - ./scripts/config.py unset ${x} - done - MAKEFILE=$(mktemp) DEPS="" - for a in "" "-DMBEDTLS_AES_SETKEY_ENC_ALT"; do - for b in "" "-DMBEDTLS_AES_DECRYPT_ALT"; do - for c in "" "-DMBEDTLS_AES_ROM_TABLES"; do - for d in "" "-DMBEDTLS_AES_ENCRYPT_ALT"; do - for e in "" "-DMBEDTLS_AES_SETKEY_DEC_ALT"; do - for f in "" "-DMBEDTLS_AES_FEWER_TABLES"; do - for g in "" "-DMBEDTLS_PADLOCK_C"; do - for h in "" "-DMBEDTLS_AES_USE_HARDWARE_ONLY"; do - for i in "" "-DMBEDTLS_AESNI_C"; do - for j in "" "-DMBEDTLS_AESCE_C"; do - for k in "" "-DMBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"; do + LEN=${#OPTIONS[@]} - # skip invalid combinations - if [[ "$h" != "" ]]; then - if [[ !(("$HOSTTYPE" == "aarch64" && "$j" != "") || ("$HOSTTYPE" == "x86_64" && "$i" != "")) ]]; then - # MBEDTLS_AES_USE_HARDWARE_ONLY requires hw acceleration for the target platform - continue - fi - if [[ "$g" != "" ]]; then - # MBEDTLS_AES_USE_HARDWARE_ONLY and MBEDTLS_PADLOCK_C is not supported - continue - fi + for ((i = 0; i < $((2**${LEN})); i++)); do + # generate each of 2^n combinations of options + # each bit of $i is used to determine if OPTIONS[i] will be set or not + TARGET="t" + CLANG_ARGS="" + for ((j = 0; j < ${LEN}; j++)); do + OPT=${OPTIONS[j]} + X=$(((i >> j) & 1)) + [[ $X == 0 ]] && OPT="" || OPT="-D${OPT}" + CLANG_ARGS="${CLANG_ARGS} ${OPT}" + TARGET="${TARGET}${OPT}" + done + + # check that combination is not known to be invalid + INVALID="" + [[ "$VALIDATE_OPTIONS" != "" ]] && INVALID=$(${VALIDATE_OPTIONS} "${CLANG_ARGS}") + + # if valid, add it to the makefile + if [[ "$INVALID" == "" ]]; then + cmd="clang ${CLANG_ARGS} -fsyntax-only ${FILE} -Iinclude -std=c99 $WARNING_FLAGS" + echo "${TARGET}:" >> ${MAKEFILE} + echo -e "\t$cmd" >> ${MAKEFILE} + + DEPS="${DEPS} ${TARGET}" fi - - # Check syntax only, for speed - # Capture failures and continue, but hide successes to avoid spamming the log with 2^11 combinations - CMD_FAILED=0 - cmd="clang $a $b $c $d $e $f $g $h $i $j $k -fsyntax-only library/aes.c -Iinclude -std=c99 $WARNING_FLAGS" - - TARGET="t$a$b$c$d$e$f$g$h$i$j$k" - echo "${TARGET}:" >> $MAKEFILE - echo -e "\t$cmd" >> $MAKEFILE - echo >> $MAKEFILE - DEPS="${DEPS} ${TARGET}" - done - done - done - done - done - done - done - done - done - done done - echo "all: ${DEPS}" >> $MAKEFILE + echo "all: ${DEPS}" >> ${MAKEFILE} - make --quiet -f ${MAKEFILE} all + # clear all of the options so that they can be overridden on the clang commandline + for OPT in "${OPTIONS[@]}"; do + ./scripts/config.py unset ${OPT} + done + + # execute all of the commands via Make (probably in parallel) + make -s -f ${MAKEFILE} all + + # clean up the temporary makefile rm ${MAKEFILE} } +build_aes_variations_validate_combo() { + if [[ "$1" == *"MBEDTLS_AES_USE_HARDWARE_ONLY"* ]]; then + if [[ "$1" == *"MBEDTLS_PADLOCK_C"* ]]; then + echo 1 + fi + if [[ !(("$HOSTTYPE" == "aarch64" && "$1" != *"MBEDTLS_AESCE_C"*) || \ + ("$HOSTTYPE" == "x86_64" && "$1" != *"MBEDTLS_AESNI_C"*)) ]]; then + echo 1 + fi + fi +} + +component_build_aes_variations() { + # 18s - around 90ms per clang invocation on M1 Pro + # + # aes.o has many #if defined(...) guards that intersect in complex ways. + # Test that all the combinations build cleanly. + + msg "build: aes.o for all combinations of relevant config options" + + build_test_config_combos library/aes.c build_aes_variations_validate_combo \ + "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" \ + "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \ + "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ + "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" +} + component_test_no_platform () { # Full configuration build, without platform support, file IO and net sockets. # This should catch missing mbedtls_printf definitions, and by disabling file From 43a5ce8c7f1375c4a4e043277e6bd9c5321b79f7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 2 Oct 2023 17:09:37 +0100 Subject: [PATCH 0137/1674] rename function Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index fdbde160a..943ea885c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3995,7 +3995,7 @@ build_test_config_combos() { rm ${MAKEFILE} } -build_aes_variations_validate_combo() { +validate_aes_config_variations() { if [[ "$1" == *"MBEDTLS_AES_USE_HARDWARE_ONLY"* ]]; then if [[ "$1" == *"MBEDTLS_PADLOCK_C"* ]]; then echo 1 @@ -4015,7 +4015,7 @@ component_build_aes_variations() { msg "build: aes.o for all combinations of relevant config options" - build_test_config_combos library/aes.c build_aes_variations_validate_combo \ + build_test_config_combos library/aes.c validate_aes_config_variations \ "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" \ "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \ "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ From 4243610c15ebd92676d50808cec12314b9eb7020 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 3 Oct 2023 15:47:05 +0100 Subject: [PATCH 0138/1674] Use make to generate the test command Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 943ea885c..9ebb120a7 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3946,9 +3946,24 @@ build_test_config_combos() { shift OPTIONS=("$@") + # clear all of the options so that they can be overridden on the clang commandline + for OPT in "${OPTIONS[@]}"; do + ./scripts/config.py unset ${OPT} + done + + # enter the directory containing the target file & strip the dir from the filename + cd $(dirname ${FILE}) + FILE=$(basename ${FILE}) + # The most common issue is unused variables/functions, so ensure -Wunused is set. WARNING_FLAGS="-Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" + # Extract the command generated by the Makefile to build the target file. + # This ensures that we have any include paths, macro definitions, etc + # that may be applied by make. + # Add -fsyntax-only as we only want a syntax check and don't need to generate a file. + MAKE_CMD=$(make -B -n ${FILE} CC=clang CFLAGS="${WARNING_FLAGS} -fsyntax-only" | egrep "^clang") + MAKEFILE=$(mktemp) DEPS="" @@ -3973,7 +3988,7 @@ build_test_config_combos() { # if valid, add it to the makefile if [[ "$INVALID" == "" ]]; then - cmd="clang ${CLANG_ARGS} -fsyntax-only ${FILE} -Iinclude -std=c99 $WARNING_FLAGS" + cmd="${MAKE_CMD} ${CLANG_ARGS}" echo "${TARGET}:" >> ${MAKEFILE} echo -e "\t$cmd" >> ${MAKEFILE} @@ -3983,11 +3998,6 @@ build_test_config_combos() { echo "all: ${DEPS}" >> ${MAKEFILE} - # clear all of the options so that they can be overridden on the clang commandline - for OPT in "${OPTIONS[@]}"; do - ./scripts/config.py unset ${OPT} - done - # execute all of the commands via Make (probably in parallel) make -s -f ${MAKEFILE} all @@ -4015,7 +4025,7 @@ component_build_aes_variations() { msg "build: aes.o for all combinations of relevant config options" - build_test_config_combos library/aes.c validate_aes_config_variations \ + build_test_config_combos library/aes.o validate_aes_config_variations \ "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" \ "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \ "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ From 3cde6a2be26ae7c00b319edcd0973700f0dbeba1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 3 Oct 2023 16:02:56 +0100 Subject: [PATCH 0139/1674] Improve naming Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9ebb120a7..56727ce7a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3962,7 +3962,7 @@ build_test_config_combos() { # This ensures that we have any include paths, macro definitions, etc # that may be applied by make. # Add -fsyntax-only as we only want a syntax check and don't need to generate a file. - MAKE_CMD=$(make -B -n ${FILE} CC=clang CFLAGS="${WARNING_FLAGS} -fsyntax-only" | egrep "^clang") + COMPILE_CMD=$(make -B -n ${FILE} CC=clang CFLAGS="${WARNING_FLAGS} -fsyntax-only" | egrep "^clang") MAKEFILE=$(mktemp) DEPS="" @@ -3988,7 +3988,7 @@ build_test_config_combos() { # if valid, add it to the makefile if [[ "$INVALID" == "" ]]; then - cmd="${MAKE_CMD} ${CLANG_ARGS}" + cmd="${COMPILE_CMD} ${CLANG_ARGS}" echo "${TARGET}:" >> ${MAKEFILE} echo -e "\t$cmd" >> ${MAKEFILE} From 5ed7b2dec246ac27ce303884089c8e4e3ef4524c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 3 Oct 2023 18:00:44 +0100 Subject: [PATCH 0140/1674] Introduce MBEDTLS_ARCH_IS_ARMV8 Signed-off-by: Dave Rodgman --- include/mbedtls/build_info.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 533e076e0..9b9f5f2ac 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -74,6 +74,17 @@ #define MBEDTLS_ARCH_IS_X86 #endif +/* This is defined if the architecture is Armv8, or higher */ +#if !defined(MBEDTLS_ARCH_IS_ARMV8) +#if defined(__ARM_ARCH) +#if __ARM_ARCH >= 8 +#define MBEDTLS_ARCH_IS_ARMV8 +#endif +#elif defined(MBEDTLS_ARCH_IS_ARM64) +#define MBEDTLS_ARCH_IS_ARMV8 +#endif +#endif + #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 #endif From cc5bf4946f9376f9410ca145953f4d77ed7b3044 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 3 Oct 2023 18:02:56 +0100 Subject: [PATCH 0141/1674] Make SHA256 depend on Armv8, not aarch64 Signed-off-by: Dave Rodgman --- include/mbedtls/check_config.h | 5 ++--- library/sha256.c | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index e18e9a5fc..158070783 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -865,9 +865,8 @@ #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && \ - !defined(__aarch64__) && !defined(_M_ARM64) -#error "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system" +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) +#error "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY defined on non-Armv8 system" #endif /* TLS 1.3 requires separate HKDF parts from PSA, diff --git a/library/sha256.c b/library/sha256.c index 223badf00..83dcc8156 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -56,7 +56,7 @@ #include "mbedtls/platform.h" -#if defined(__aarch64__) +#if defined(MBEDTLS_ARCH_IS_ARMV8) # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) From 28e38d8e12a9a4c5562f1cc0ea4a5a0fbbb9d003 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 11:50:30 +0100 Subject: [PATCH 0142/1674] Use lower-case for local variables Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 62 ++++++++++++++++++++++---------------------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 56727ce7a..33a2c9f49 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3939,70 +3939,70 @@ build_test_config_combos() { # syntax: build_test_config_combos FILE VALIDATOR_FUNCTION OPT1 OPT2 ... # The validator function may be "" if all combinations are valid - FILE=$1 + file=$1 shift # this function must echo something iff the clang "-DA -DB ..." string is invalid - VALIDATE_OPTIONS=$1 + validate_options=$1 shift - OPTIONS=("$@") + options=("$@") # clear all of the options so that they can be overridden on the clang commandline - for OPT in "${OPTIONS[@]}"; do - ./scripts/config.py unset ${OPT} + for opt in "${options[@]}"; do + ./scripts/config.py unset ${opt} done # enter the directory containing the target file & strip the dir from the filename - cd $(dirname ${FILE}) - FILE=$(basename ${FILE}) + cd $(dirname ${file}) + file=$(basename ${file}) # The most common issue is unused variables/functions, so ensure -Wunused is set. - WARNING_FLAGS="-Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" + warning_flags="-Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused" # Extract the command generated by the Makefile to build the target file. # This ensures that we have any include paths, macro definitions, etc # that may be applied by make. # Add -fsyntax-only as we only want a syntax check and don't need to generate a file. - COMPILE_CMD=$(make -B -n ${FILE} CC=clang CFLAGS="${WARNING_FLAGS} -fsyntax-only" | egrep "^clang") + compile_cmd=$(make -B -n ${file} CC=clang CFLAGS="${warning_flags} -fsyntax-only" | egrep "^clang") - MAKEFILE=$(mktemp) - DEPS="" + makefile=$(mktemp) + deps="" - LEN=${#OPTIONS[@]} + len=${#options[@]} - for ((i = 0; i < $((2**${LEN})); i++)); do + for ((i = 0; i < $((2**${len})); i++)); do # generate each of 2^n combinations of options - # each bit of $i is used to determine if OPTIONS[i] will be set or not - TARGET="t" - CLANG_ARGS="" - for ((j = 0; j < ${LEN}; j++)); do - OPT=${OPTIONS[j]} + # each bit of $i is used to determine if options[i] will be set or not + target="t" + clang_args="" + for ((j = 0; j < ${len}; j++)); do + opt=${options[j]} X=$(((i >> j) & 1)) - [[ $X == 0 ]] && OPT="" || OPT="-D${OPT}" - CLANG_ARGS="${CLANG_ARGS} ${OPT}" - TARGET="${TARGET}${OPT}" + [[ $X == 0 ]] && opt="" || opt="-D${opt}" + clang_args="${clang_args} ${opt}" + target="${target}${opt}" done # check that combination is not known to be invalid - INVALID="" - [[ "$VALIDATE_OPTIONS" != "" ]] && INVALID=$(${VALIDATE_OPTIONS} "${CLANG_ARGS}") + invalid="" + [[ "$validate_options" != "" ]] && invalid=$(${validate_options} "${clang_args}") # if valid, add it to the makefile - if [[ "$INVALID" == "" ]]; then - cmd="${COMPILE_CMD} ${CLANG_ARGS}" - echo "${TARGET}:" >> ${MAKEFILE} - echo -e "\t$cmd" >> ${MAKEFILE} + if [[ "$invalid" == "" ]]; then + cmd="${compile_cmd} ${clang_args}" + echo "${target}:" >> ${makefile} + echo -e "\t$cmd" >> ${makefile} - DEPS="${DEPS} ${TARGET}" + deps="${deps} ${target}" fi done - echo "all: ${DEPS}" >> ${MAKEFILE} + echo "all: ${deps}" >> ${makefile} # execute all of the commands via Make (probably in parallel) - make -s -f ${MAKEFILE} all + make -s -f ${makefile} all # clean up the temporary makefile - rm ${MAKEFILE} + rm ${makefile} } validate_aes_config_variations() { From 54ada8bae8ade96010d1005964d782bdb0e3084f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 11:55:25 +0100 Subject: [PATCH 0143/1674] Improve docs Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 33a2c9f49..34089a402 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3934,14 +3934,17 @@ component_build_tfm() { make lib CC="gcc" CFLAGS="-Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wformat-signedness -Wlogical-op -I../tests/include/spe" } +# Test that the given .o file builds with all (valid) combinations of the given options. +# +# Syntax: build_test_config_combos FILE VALIDATOR_FUNCTION OPT1 OPT2 ... +# +# The validator function is the name of a function to validate the combination of options. +# It may be "" if all combinations are valid. +# It receives a string containing a combination of options, as passed to the compiler, +# e.g. "-DOPT1 -DOPT2 ...". It must echo something iff the combination is invalid. build_test_config_combos() { - # test that the given file builds with all (valid) combinations of the given options. - # syntax: build_test_config_combos FILE VALIDATOR_FUNCTION OPT1 OPT2 ... - # The validator function may be "" if all combinations are valid - file=$1 shift - # this function must echo something iff the clang "-DA -DB ..." string is invalid validate_options=$1 shift options=("$@") From b1107aeee1fcb3afced5dea75171e8ec334c0c5d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 12:30:23 +0100 Subject: [PATCH 0144/1674] Tidy up bash syntax Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 34089a402..ace70d1a4 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3978,19 +3978,16 @@ build_test_config_combos() { target="t" clang_args="" for ((j = 0; j < ${len}; j++)); do - opt=${options[j]} - X=$(((i >> j) & 1)) - [[ $X == 0 ]] && opt="" || opt="-D${opt}" + opt= + if (((i >> j) & 1)); then + opt=-D${options[j]} + fi clang_args="${clang_args} ${opt}" target="${target}${opt}" done - # check that combination is not known to be invalid - invalid="" - [[ "$validate_options" != "" ]] && invalid=$(${validate_options} "${clang_args}") - - # if valid, add it to the makefile - if [[ "$invalid" == "" ]]; then + # if combination is not known to be invalid, add it to the makefile + if [[ -z $validate_options ]] || [[ $($validate_options "${clang_args}") == "" ]] ; then cmd="${compile_cmd} ${clang_args}" echo "${target}:" >> ${makefile} echo -e "\t$cmd" >> ${makefile} From 7a8a2490e58330907c7b67e53be210782c101ec3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 13:14:20 +0100 Subject: [PATCH 0145/1674] Tidy-up Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ace70d1a4..164c2e99f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3978,12 +3978,11 @@ build_test_config_combos() { target="t" clang_args="" for ((j = 0; j < ${len}; j++)); do - opt= if (((i >> j) & 1)); then opt=-D${options[j]} + clang_args="${clang_args} ${opt}" + target="${target}${opt}" fi - clang_args="${clang_args} ${opt}" - target="${target}${opt}" done # if combination is not known to be invalid, add it to the makefile From a7127eb67cecc021987cd186a04965c52887c52f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 13:38:41 +0100 Subject: [PATCH 0146/1674] tidy up Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 164c2e99f..90e5f1bd7 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3979,7 +3979,7 @@ build_test_config_combos() { clang_args="" for ((j = 0; j < ${len}; j++)); do if (((i >> j) & 1)); then - opt=-D${options[j]} + opt=-D${options[$j]} clang_args="${clang_args} ${opt}" target="${target}${opt}" fi @@ -4007,11 +4007,11 @@ build_test_config_combos() { validate_aes_config_variations() { if [[ "$1" == *"MBEDTLS_AES_USE_HARDWARE_ONLY"* ]]; then if [[ "$1" == *"MBEDTLS_PADLOCK_C"* ]]; then - echo 1 + echo INVALID fi if [[ !(("$HOSTTYPE" == "aarch64" && "$1" != *"MBEDTLS_AESCE_C"*) || \ ("$HOSTTYPE" == "x86_64" && "$1" != *"MBEDTLS_AESNI_C"*)) ]]; then - echo 1 + echo INVALID fi fi } From 1ec1a0f0cc74cfe94c883932103edf0e9f26cdcc Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 13:50:54 +0100 Subject: [PATCH 0147/1674] Introduce MBEDTLS_MAYBE_UNUSED Signed-off-by: Dave Rodgman --- library/common.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/library/common.h b/library/common.h index 3c472c685..1fc04a32e 100644 --- a/library/common.h +++ b/library/common.h @@ -334,4 +334,11 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #define MBEDTLS_OPTIMIZE_FOR_PERFORMANCE #endif +/* Suppress compiler warnings for unused functions and variables. */ +#if defined(__GNUC__) +#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +#else +#define MBEDTLS_MAYBE_UNUSED +#endif + #endif /* MBEDTLS_LIBRARY_COMMON_H */ From 18ddf61a750a2a04ca677bbcb254d84f3ce1a84e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 14:03:12 +0100 Subject: [PATCH 0148/1674] Use MBEDTLS_MAYBE_UNUSED to simplify aes.c and let compiler remove unused variables Signed-off-by: Dave Rodgman --- library/aes.c | 103 +++++++++++++------------------------------------- 1 file changed, 26 insertions(+), 77 deletions(-) diff --git a/library/aes.c b/library/aes.c index 3e27cd39b..d23222981 100644 --- a/library/aes.c +++ b/library/aes.c @@ -84,11 +84,7 @@ static int aes_padlock_ace = -1; /* * Forward S-box */ -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || \ - (!defined(MBEDTLS_AES_SETKEY_ENC_ALT) && (!defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \ - !defined(MBEDTLS_AES_ROM_TABLES))) || \ - (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) -static const unsigned char FSb[256] = +MBEDTLS_MAYBE_UNUSED static const unsigned char FSb[256] = { 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, @@ -123,8 +119,6 @@ static const unsigned char FSb[256] = 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 }; -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ /* * Forward tables @@ -196,36 +190,28 @@ static const unsigned char FSb[256] = V(C3, 41, 41, 82), V(B0, 99, 99, 29), V(77, 2D, 2D, 5A), V(11, 0F, 0F, 1E), \ V(CB, B0, B0, 7B), V(FC, 54, 54, A8), V(D6, BB, BB, 6D), V(3A, 16, 16, 2C) -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) #define V(a, b, c, d) 0x##a##b##c##d -static const uint32_t FT0[256] = { FT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t FT0[256] = { FT }; #undef V -#if !defined(MBEDTLS_AES_FEWER_TABLES) - #define V(a, b, c, d) 0x##b##c##d##a -static const uint32_t FT1[256] = { FT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t FT1[256] = { FT }; #undef V #define V(a, b, c, d) 0x##c##d##a##b -static const uint32_t FT2[256] = { FT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t FT2[256] = { FT }; #undef V #define V(a, b, c, d) 0x##d##a##b##c -static const uint32_t FT3[256] = { FT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t FT3[256] = { FT }; #undef V -#endif /* !MBEDTLS_AES_FEWER_TABLES */ - -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) */ - #undef FT -#if !defined(MBEDTLS_AES_DECRYPT_ALT) /* * Reverse S-box */ -static const unsigned char RSb[256] = +MBEDTLS_MAYBE_UNUSED static const unsigned char RSb[256] = { 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB, @@ -260,7 +246,6 @@ static const unsigned char RSb[256] = 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D }; -#endif /* defined(MBEDTLS_AES_DECRYPT_ALT)) */ /* * Reverse tables @@ -332,88 +317,60 @@ static const unsigned char RSb[256] = V(71, 01, A8, 39), V(DE, B3, 0C, 08), V(9C, E4, B4, D8), V(90, C1, 56, 64), \ V(61, 84, CB, 7B), V(70, B6, 32, D5), V(74, 5C, 6C, 48), V(42, 57, B8, D0) -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || \ - (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) #define V(a, b, c, d) 0x##a##b##c##d -static const uint32_t RT0[256] = { RT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t RT0[256] = { RT }; #undef V -#if !defined(MBEDTLS_AES_FEWER_TABLES) - #define V(a, b, c, d) 0x##b##c##d##a -static const uint32_t RT1[256] = { RT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t RT1[256] = { RT }; #undef V #define V(a, b, c, d) 0x##c##d##a##b -static const uint32_t RT2[256] = { RT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t RT2[256] = { RT }; #undef V #define V(a, b, c, d) 0x##d##a##b##c -static const uint32_t RT3[256] = { RT }; +MBEDTLS_MAYBE_UNUSED static const uint32_t RT3[256] = { RT }; #undef V -#endif /* !MBEDTLS_AES_FEWER_TABLES */ - -#endif \ - /* !defined(MBEDTLS_AES_DECRYPT_ALT) || (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) */ - #undef RT -#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) /* * Round constants */ -static const uint32_t RCON[10] = +MBEDTLS_MAYBE_UNUSED static const uint32_t RCON[10] = { 0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010, 0x00000020, 0x00000040, 0x00000080, 0x0000001B, 0x00000036 }; -#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ #else /* MBEDTLS_AES_ROM_TABLES */ /* * Forward S-box & tables */ -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || \ - (!defined(MBEDTLS_AES_SETKEY_ENC_ALT) && (!defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \ - !defined(MBEDTLS_AES_ROM_TABLES))) || \ - (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) -static unsigned char FSb[256]; -#endif -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) -static uint32_t FT0[256]; -#if !defined(MBEDTLS_AES_FEWER_TABLES) -static uint32_t FT1[256]; -static uint32_t FT2[256]; -static uint32_t FT3[256]; -#endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !defined(MBEDTLS_AES_ENCRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ +MBEDTLS_MAYBE_UNUSED static unsigned char FSb[256]; +MBEDTLS_MAYBE_UNUSED static uint32_t FT0[256]; +MBEDTLS_MAYBE_UNUSED static uint32_t FT1[256]; +MBEDTLS_MAYBE_UNUSED static uint32_t FT2[256]; +MBEDTLS_MAYBE_UNUSED static uint32_t FT3[256]; /* * Reverse S-box & tables */ -#if !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) -static unsigned char RSb[256]; -#endif /* !(defined(MBEDTLS_AES_SETKEY_ENC_ALT) && defined(MBEDTLS_AES_DECRYPT_ALT)) */ +MBEDTLS_MAYBE_UNUSED static unsigned char RSb[256]; -#if !defined(MBEDTLS_AES_DECRYPT_ALT) || (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && \ - !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) -static uint32_t RT0[256]; -#if !defined(MBEDTLS_AES_FEWER_TABLES) -static uint32_t RT1[256]; -static uint32_t RT2[256]; -static uint32_t RT3[256]; -#endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) */ +MBEDTLS_MAYBE_UNUSED static uint32_t RT0[256]; +MBEDTLS_MAYBE_UNUSED static uint32_t RT1[256]; +MBEDTLS_MAYBE_UNUSED static uint32_t RT2[256]; +MBEDTLS_MAYBE_UNUSED static uint32_t RT3[256]; -#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) /* * Round constants */ -static uint32_t RCON[10]; +MBEDTLS_MAYBE_UNUSED static uint32_t RCON[10]; /* * Tables generation code @@ -422,9 +379,9 @@ static uint32_t RCON[10]; #define XTIME(x) (((x) << 1) ^ (((x) & 0x80) ? 0x1B : 0x00)) #define MUL(x, y) (((x) && (y)) ? pow[(log[(x)]+log[(y)]) % 255] : 0) -static int aes_init_done = 0; +MBEDTLS_MAYBE_UNUSED static int aes_init_done = 0; -static void aes_gen_tables(void) +MBEDTLS_MAYBE_UNUSED static void aes_gen_tables(void) { int i; uint8_t x, y, z; @@ -505,8 +462,6 @@ static void aes_gen_tables(void) } } -#endif /* !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ - #undef ROTL8 #endif /* MBEDTLS_AES_ROM_TABLES */ @@ -584,9 +539,7 @@ void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx) #define MAY_NEED_TO_ALIGN #endif -#if defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_ENC_ALT) -static unsigned mbedtls_aes_rk_offset(uint32_t *buf) +MBEDTLS_MAYBE_UNUSED static unsigned mbedtls_aes_rk_offset(uint32_t *buf) { #if defined(MAY_NEED_TO_ALIGN) int align_16_bytes = 0; @@ -622,8 +575,6 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf) return 0; } -#endif /* defined(MAY_NEED_TO_ALIGN) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT) || \ - !defined(MBEDTLS_AES_SETKEY_ENC_ALT) */ /* * AES key schedule (encryption) @@ -1056,7 +1007,6 @@ int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, } #endif /* !MBEDTLS_AES_DECRYPT_ALT */ -#if defined(MAY_NEED_TO_ALIGN) /* VIA Padlock and our intrinsics-based implementation of AESNI require * the round keys to be aligned on a 16-byte boundary. We take care of this * before creating them, but the AES context may have moved (this can happen @@ -1064,7 +1014,7 @@ int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, * calls it might have a different alignment with respect to 16-byte memory. * So we may need to realign. */ -static void aes_maybe_realign(mbedtls_aes_context *ctx) +MBEDTLS_MAYBE_UNUSED static void aes_maybe_realign(mbedtls_aes_context *ctx) { unsigned new_offset = mbedtls_aes_rk_offset(ctx->buf); if (new_offset != ctx->rk_offset) { @@ -1074,7 +1024,6 @@ static void aes_maybe_realign(mbedtls_aes_context *ctx) ctx->rk_offset = new_offset; } } -#endif /* * AES-ECB block encryption/decryption From feadcaf4a6cd700c1074cffe19aff9add91d3ba6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 15:27:33 +0100 Subject: [PATCH 0149/1674] Support MBEDTLS_MAYBE_UNUSED in MSVC and IAR Signed-off-by: Dave Rodgman --- library/common.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/common.h b/library/common.h index 1fc04a32e..910106bde 100644 --- a/library/common.h +++ b/library/common.h @@ -337,6 +337,12 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, /* Suppress compiler warnings for unused functions and variables. */ #if defined(__GNUC__) #define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +#elif defined(__IAR_SYSTEMS_ICC__) && defined(__VER__) +#if (__VER__ >= 8000000) +#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +#endif +#elif defined(_MSC_VER) +#define MBEDTLS_MAYBE_UNUSED __pragma(warning(suppress:4189)) #else #define MBEDTLS_MAYBE_UNUSED #endif From d9e8083d262c9cfa24cd70bdb17c70ce04391632 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 17:17:46 +0100 Subject: [PATCH 0150/1674] Add tests for SHA256 on ARMCE for thumb, arm and aarch64 Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9e1d84f5d..1d9f32d9d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4354,6 +4354,27 @@ component_build_aes_aesce_armcc () { armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto" } +component_build_sha_armce () { + # Test variations of SHA256 Armv8 crypto extensions + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, aarch64" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, arm" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + + scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, aarch64" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" +} + # For timebeing, no VIA Padlock platform available. component_build_aes_via_padlock () { From 793e264fbbd2ea57213f0d577d42d22cb50880b7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 17:36:20 +0100 Subject: [PATCH 0151/1674] Fix indentation Signed-off-by: Dave Rodgman --- library/sha256.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/sha256.c b/library/sha256.c index 83dcc8156..55f8d635c 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -69,7 +69,7 @@ # error "Target does not support NEON instructions" # endif -# if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) +# if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 # error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_A64_CRYPTO_*" From ebe4292a9ce6fda09f061fb6c4c2977efb739a34 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 17:36:44 +0100 Subject: [PATCH 0152/1674] Improve behaviour on gcc targetting arm or thumb Signed-off-by: Dave Rodgman --- library/sha256.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/sha256.c b/library/sha256.c index 55f8d635c..f0eb6ad58 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -101,6 +101,10 @@ # endif # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_COMPILER_IS_GCC) && !defined(MBEDTLS_ARCH_IS_ARM64) +# warning "GCC only supports aarch64 for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT, using C code only" +# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +# endif # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ From 86908590977819e18bea5b3e097d00ab47fe65e0 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 17:40:25 +0100 Subject: [PATCH 0153/1674] Improve docs Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index af0761395..14d19aeb6 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3280,7 +3280,8 @@ * for a non-Aarch64 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, - * armclang 6.6 or GCC 6.0. + * armclang 6.6 or GCC 6.0. Targetting Thumb or 32-bit arm with GCC is not + * supported. * * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 From d30728cf5e3e6fde80a082976cffe6493c6a300c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 18:04:39 +0100 Subject: [PATCH 0154/1674] Add Changelog Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/sha256-armce-arm.txt diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt new file mode 100644 index 000000000..aaa6e39db --- /dev/null +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -0,0 +1,4 @@ +Features + * Support Armv8 Crypto Extension acceleration for SHA-256 + when compiling for Thumb or 32-bit Arm. + From 04d0d06e83729d991a5deb90163f911c8b8c10c1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 18:05:08 +0100 Subject: [PATCH 0155/1674] Code style Signed-off-by: Dave Rodgman --- library/sha256.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/sha256.c b/library/sha256.c index f0eb6ad58..00a01ea3d 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -102,7 +102,8 @@ # endif # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) # if defined(MBEDTLS_COMPILER_IS_GCC) && !defined(MBEDTLS_ARCH_IS_ARM64) -# warning "GCC only supports aarch64 for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT, using C code only" +# warning \ + "GCC only supports aarch64 for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT, using C code only" # undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT # endif # if defined(__unix__) From 749f2227c67b5b07fe9c6633b0b8767de511a8b2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 4 Oct 2023 15:38:58 +0100 Subject: [PATCH 0156/1674] Get MBEDTLS_MAYBE_UNUSED to cover more compilers Signed-off-by: Dave Rodgman --- library/common.h | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/library/common.h b/library/common.h index 910106bde..436e35a91 100644 --- a/library/common.h +++ b/library/common.h @@ -335,15 +335,23 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #endif /* Suppress compiler warnings for unused functions and variables. */ -#if defined(__GNUC__) -#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) -#elif defined(__IAR_SYSTEMS_ICC__) && defined(__VER__) -#if (__VER__ >= 8000000) +#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__GNUC__) #define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) #endif -#elif defined(_MSC_VER) +#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__IAR_SYSTEMS_ICC__) && defined(__VER__) +#if (__VER__ >= 8010000) // IAR 8.1 or later +#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +#endif +#endif +#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(_MSC_VER) #define MBEDTLS_MAYBE_UNUSED __pragma(warning(suppress:4189)) -#else +#endif +#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__has_attribute) +#if __has_attribute(unused) +#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +#endif +#endif +#if !defined(MBEDTLS_MAYBE_UNUSED) #define MBEDTLS_MAYBE_UNUSED #endif From 9ed1853093cf1bf748a84b112a90e100a6307f8f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 00:06:47 +0100 Subject: [PATCH 0157/1674] require clang 4 for testing Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1d9f32d9d..b7f4f4df6 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4354,6 +4354,12 @@ component_build_aes_aesce_armcc () { armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto" } +support_build_sha_armce() { + # clang >= 4 is required to build with SHA extensions + ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" + [ "${ver}" -ge 4 ] +} + component_build_sha_armce () { # Test variations of SHA256 Armv8 crypto extensions scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT From 9bf752c45d3fc2d4df3c42de4a9fa630a53d401f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 08:20:44 +0100 Subject: [PATCH 0158/1674] Support MSVS with clang Signed-off-by: Dave Rodgman --- library/common.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/common.h b/library/common.h index 436e35a91..de26d451b 100644 --- a/library/common.h +++ b/library/common.h @@ -335,7 +335,7 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #endif /* Suppress compiler warnings for unused functions and variables. */ -#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__GNUC__) +#if !defined(MBEDTLS_MAYBE_UNUSED) && (defined(__GNUC__) || defined(__clang__)) #define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) #endif #if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__IAR_SYSTEMS_ICC__) && defined(__VER__) From ca92f50e124abea85870ece48d5ee2fe365ce859 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 08:24:55 +0100 Subject: [PATCH 0159/1674] Update docs for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 14d19aeb6..3d44b075c 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3277,7 +3277,7 @@ * If not, the library will fall back to the C implementation. * * \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building - * for a non-Aarch64 build it will be silently ignored. + * for a non-Armv8 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. Targetting Thumb or 32-bit arm with GCC is not From bfe6021e8541e3643e97e3e7b254c53900ceb06e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 08:31:22 +0100 Subject: [PATCH 0160/1674] Improve docs Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 3d44b075c..2b9e29ba2 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3280,8 +3280,11 @@ * for a non-Armv8 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, - * armclang 6.6 or GCC 6.0. Targetting Thumb or 32-bit arm with GCC is not - * supported. + * armclang 6.6 or GCC 6.0. + * + * \note GCC for Thumb or 32-bit Armv8 targets supports accelerated SHA-256 + * via #MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY, but does not support runtime + * detection via #MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. * * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 From 7ed619d3fa0d4d80df7eec1cd1e90abf861a2941 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 09:39:56 +0100 Subject: [PATCH 0161/1674] Enable run-time detection for Thumb and Arm Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 4 ---- library/sha256.c | 12 +++++++----- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 2b9e29ba2..a104114b4 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3282,10 +3282,6 @@ * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. * - * \note GCC for Thumb or 32-bit Armv8 targets supports accelerated SHA-256 - * via #MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY, but does not support runtime - * detection via #MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. - * * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 * diff --git a/library/sha256.c b/library/sha256.c index 00a01ea3d..b603b86c9 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -44,6 +44,9 @@ #define MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG #endif +/* Ensure that SIG_SETMASK is defined when -std=c99 is used. */ +#define _GNU_SOURCE + #include "common.h" #if defined(MBEDTLS_SHA256_C) || defined(MBEDTLS_SHA224_C) @@ -101,11 +104,6 @@ # endif # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) -# if defined(MBEDTLS_COMPILER_IS_GCC) && !defined(MBEDTLS_ARCH_IS_ARM64) -# warning \ - "GCC only supports aarch64 for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT, using C code only" -# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT -# endif # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -185,7 +183,11 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) if (setjmp(return_from_sigill) == 0) { /* First return only */ /* If this traps, we will return a second time from setjmp() with 1 */ +#if defined(MBEDTLS_ARCH_IS_ARM64) asm ("sha256h q0, q0, v0.4s" : : : "v0"); +#else + asm ("sha256h.32 q0, q0, q0" : : : "q0"); +#endif ret = 1; } From cd65400c48ca10020f948c87f78cdd71fcc9a6a8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 09:40:07 +0100 Subject: [PATCH 0162/1674] Add tests for runtime detection Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b7f4f4df6..32d1a1527 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4379,6 +4379,13 @@ component_build_sha_armce () { msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" + + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + } # For timebeing, no VIA Padlock platform available. From 3ba9ce3c1def3278791704fe40d6cc38be201c97 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 09:58:33 +0100 Subject: [PATCH 0163/1674] Warn if using runtime detection and no Neon Signed-off-by: Dave Rodgman --- library/sha256.c | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index b603b86c9..8315b71f3 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -61,17 +61,24 @@ #if defined(MBEDTLS_ARCH_IS_ARMV8) -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) - /* *INDENT-OFF* */ -# ifdef __ARM_NEON -# include -# else -# error "Target does not support NEON instructions" +# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +# ifdef __ARM_NEON +# include +# else +# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +# warning "Target does not support NEON instructions" +# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +# else +# error "Target does not support NEON instructions" +# endif +# endif # endif +# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 From 790370b3924779f5f1cc015359df13a3484e8ba1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 11:01:31 +0100 Subject: [PATCH 0164/1674] code style Signed-off-by: Dave Rodgman --- library/sha256.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index 8315b71f3..c6a118d92 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -61,8 +61,6 @@ #if defined(MBEDTLS_ARCH_IS_ARMV8) -/* *INDENT-OFF* */ - # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) # ifdef __ARM_NEON @@ -79,6 +77,8 @@ # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +/* *INDENT-OFF* */ + # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 From 9a36f4cb97a887ab3f654538b04ce59820b7d504 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 11:25:52 +0100 Subject: [PATCH 0165/1674] Fix cast errors on IAR Signed-off-by: Dave Rodgman --- library/sha256.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index c6a118d92..37f68c743 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -336,10 +336,10 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( uint32x4_t abcd_orig = abcd; uint32x4_t efgh_orig = efgh; - uint32x4_t sched0 = (uint32x4_t) vld1q_u8(msg + 16 * 0); - uint32x4_t sched1 = (uint32x4_t) vld1q_u8(msg + 16 * 1); - uint32x4_t sched2 = (uint32x4_t) vld1q_u8(msg + 16 * 2); - uint32x4_t sched3 = (uint32x4_t) vld1q_u8(msg + 16 * 3); + uint32x4_t sched0 = vreinterpretq_u32_u8(vld1q_u8(msg + 16 * 0)); + uint32x4_t sched1 = vreinterpretq_u32_u8(vld1q_u8(msg + 16 * 1)); + uint32x4_t sched2 = vreinterpretq_u32_u8(vld1q_u8(msg + 16 * 2)); + uint32x4_t sched3 = vreinterpretq_u32_u8(vld1q_u8(msg + 16 * 3)); #if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ /* Will be true if not defined */ /* Untested on BE */ From bc2d2179beb74b70d6d4e497438bd9a554703fa6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 5 Oct 2023 11:36:26 +0100 Subject: [PATCH 0166/1674] Update baremetal config to exclude MBEDTLS_SHAxxx_USE_A64_CRYPTO_IF_PRESENT Signed-off-by: Dave Rodgman --- scripts/config.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/config.py b/scripts/config.py index 17fbe653a..1a71cb35f 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -278,6 +278,8 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_THREADING_C', # requires a threading interface 'MBEDTLS_THREADING_PTHREAD', # requires pthread 'MBEDTLS_TIMING_C', # requires a clock + 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) def keep_in_baremetal(name): From 21bff21575e75381be8749993e629c1826f041df Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 2 Oct 2023 20:09:35 +0200 Subject: [PATCH 0167/1674] Support running unit tests from another directory When running a test suite, try to change to the directory containing the executable. This allows running a test suite from any directory, and still allow it to access its .datax file as well as data files (generally in tests/data_files) used by individual test cases. Only implemented on Unix-like systems and on Windows. Signed-off-by: Gilles Peskine --- tests/suites/host_test.function | 33 +++++++++++++++++++++++++++++++++ tests/suites/main_test.function | 15 +++++++++++++++ 2 files changed, 48 insertions(+) diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index 06f391fa4..3a3cb3414 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -432,6 +432,39 @@ static void write_outcome_result(FILE *outcome_file, fflush(outcome_file); } +#if defined(__unix__) || \ + (defined(__APPLE__) && defined(__MACH__)) || \ + defined(_WIN32) +#define MBEDTLS_HAVE_CHDIR +#endif + +#if defined(MBEDTLS_HAVE_CHDIR) +/** Try chdir to the directory containing argv0. + * + * Failures are silent. + */ +static void try_chdir(const char *argv0) +{ + const char *slash = strrchr(argv0, '/'); + if (slash == NULL) { + return; + } + size_t path_size = slash - argv0 + 1; + char *path = mbedtls_calloc(1, path_size); + if (path == NULL) { + return; + } + memcpy(path, argv0, path_size - 1); + path[path_size - 1] = 0; +#if defined(_WIN32) + (void) _chdir(path); +#else + (void) chdir(path); +#endif + mbedtls_free(path); +} +#endif /* MBEDTLS_HAVE_CHDIR */ + /** * \brief Desktop implementation of execute_tests(). * Parses command line and executes tests from diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 6c8d98e8b..eb74e8f0c 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -237,6 +237,21 @@ int main(int argc, const char *argv[]) #endif #endif +#ifdef MBEDTLS_HAVE_CHDIR + /* Try changing to the directory containing the executable, if + * using the default data file. This allows running the executable + * from another directory (e.g. the project root) and still access + * the .datax file as well as data files used by test cases + * (typically from tests/data_files). + * + * Note that we do this before the platform setup (which may access + * files such as a random seed). We also do this before accessing + * test-specific files such as the outcome file, which is arguably + * not desirable and should be fixed later. + */ + try_chdir(argv[0]); +#endif /* MBEDTLS_HAVE_CHDIR */ + int ret = mbedtls_test_platform_setup(); if (ret != 0) { mbedtls_fprintf(stderr, From ca26082ab7cac79268b98920632656d0c39ff18c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 3 Oct 2023 10:01:43 +0200 Subject: [PATCH 0168/1674] Print a notice if chdir fails Fixes -Wunused-result warning. Signed-off-by: Gilles Peskine --- tests/suites/host_test.function | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index 3a3cb3414..1f95fb4b5 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -433,8 +433,7 @@ static void write_outcome_result(FILE *outcome_file, } #if defined(__unix__) || \ - (defined(__APPLE__) && defined(__MACH__)) || \ - defined(_WIN32) + (defined(__APPLE__) && defined(__MACH__)) #define MBEDTLS_HAVE_CHDIR #endif @@ -456,11 +455,11 @@ static void try_chdir(const char *argv0) } memcpy(path, argv0, path_size - 1); path[path_size - 1] = 0; -#if defined(_WIN32) - (void) _chdir(path); -#else - (void) chdir(path); -#endif + int ret = chdir(path); + if (ret != 0) { + mbedtls_fprintf(stderr, "%s: note: chdir(\"%s\") failed.\n", + __func__, path); + } mbedtls_free(path); } #endif /* MBEDTLS_HAVE_CHDIR */ From c760019dd5495cd19a318a0d468f990758bf654e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 5 Oct 2023 17:23:58 +0200 Subject: [PATCH 0169/1674] Note about the lack of Windows support Signed-off-by: Gilles Peskine --- tests/suites/host_test.function | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index 1f95fb4b5..736883fe1 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -444,6 +444,11 @@ static void write_outcome_result(FILE *outcome_file, */ static void try_chdir(const char *argv0) { + /* We might want to allow backslash as well, for Windows. But then we also + * need to consider chdir() vs _chdir(), and different conventions + * regarding paths in argv[0] (naively enabling this code with + * backslash support on Windows leads to chdir into the wrong directory + * on the CI). */ const char *slash = strrchr(argv0, '/'); if (slash == NULL) { return; From d3925d25ec1a6d2a4b60d699cafe69dbd62cc61d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 6 Oct 2023 13:13:19 +0200 Subject: [PATCH 0170/1674] pk_internal: change guards for mbedtls_pk_ec_[ro/rw] Signed-off-by: Valerio Setti --- library/pk_internal.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/pk_internal.h b/library/pk_internal.h index 67ee5fea2..d3a8e3198 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -44,7 +44,7 @@ psa_pk_status_to_mbedtls) #endif -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) +#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA) /** * Public function mbedtls_pk_ec() can be used to get direct access to the * wrapped ecp_keypair structure pointed to the pk_ctx. However this is not @@ -80,7 +80,9 @@ static inline mbedtls_ecp_keypair *mbedtls_pk_ec_rw(const mbedtls_pk_context pk) return NULL; } } +#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */ +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) static inline mbedtls_ecp_group_id mbedtls_pk_get_group_id(const mbedtls_pk_context *pk) { mbedtls_ecp_group_id id; From e7cefae5f4190bee3363402da4f772da8d4e090f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 6 Oct 2023 13:19:48 +0200 Subject: [PATCH 0171/1674] ssl: fix getting group id in ssl_check_key_curve() Signed-off-by: Valerio Setti --- library/ssl_tls12_server.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index d2143ac15..b4719d6d1 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -676,7 +676,11 @@ static int ssl_check_key_curve(mbedtls_pk_context *pk, uint16_t *curves_tls_id) { uint16_t *curr_tls_id = curves_tls_id; +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa(pk->ec_family, pk->ec_bits, 0); +#else mbedtls_ecp_group_id grp_id = mbedtls_pk_ec_ro(*pk)->grp.id; +#endif mbedtls_ecp_group_id curr_grp_id; while (*curr_tls_id != 0) { From 85d2a985496aa143d5e4e08f5995b5727c097287 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 6 Oct 2023 16:04:49 +0200 Subject: [PATCH 0172/1674] md: move definitions of MBEDTLS_MD_CAN to config_adjust_legacy_crypto.h Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_crypto.h | 114 ++++++++++++++++++ include/mbedtls/md.h | 114 ------------------ 2 files changed, 114 insertions(+), 114 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 6ec59f193..a8ea53d95 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -56,6 +56,120 @@ #define MBEDTLS_MD_LIGHT #endif +#if defined(MBEDTLS_MD_LIGHT) +/* + * - MBEDTLS_MD_CAN_xxx is defined if the md module can perform xxx. + * - MBEDTLS_MD_xxx_VIA_PSA is defined if the md module may perform xxx via PSA + * (see below). + * - MBEDTLS_MD_SOME_PSA is defined if at least one algorithm may be performed + * via PSA (see below). + * - MBEDTLS_MD_SOME_LEGACY is defined if at least one algorithm may be performed + * via a direct legacy call (see below). + * + * The md module performs an algorithm via PSA if there is a PSA hash + * accelerator and the PSA driver subsytem is initialized at the time the + * operation is started, and makes a direct legacy call otherwise. + */ + +/* PSA accelerated implementations */ +#if defined(MBEDTLS_PSA_CRYPTO_C) + +#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) +#define MBEDTLS_MD_CAN_MD5 +#define MBEDTLS_MD_MD5_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) +#define MBEDTLS_MD_CAN_SHA1 +#define MBEDTLS_MD_SHA1_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) +#define MBEDTLS_MD_CAN_SHA224 +#define MBEDTLS_MD_SHA224_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) +#define MBEDTLS_MD_CAN_SHA256 +#define MBEDTLS_MD_SHA256_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) +#define MBEDTLS_MD_CAN_SHA384 +#define MBEDTLS_MD_SHA384_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) +#define MBEDTLS_MD_CAN_SHA512 +#define MBEDTLS_MD_SHA512_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) +#define MBEDTLS_MD_CAN_RIPEMD160 +#define MBEDTLS_MD_RIPEMD160_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224) +#define MBEDTLS_MD_CAN_SHA3_224 +#define MBEDTLS_MD_SHA3_224_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256) +#define MBEDTLS_MD_CAN_SHA3_256 +#define MBEDTLS_MD_SHA3_256_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384) +#define MBEDTLS_MD_CAN_SHA3_384 +#define MBEDTLS_MD_SHA3_384_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512) +#define MBEDTLS_MD_CAN_SHA3_512 +#define MBEDTLS_MD_SHA3_512_VIA_PSA +#define MBEDTLS_MD_SOME_PSA +#endif +#endif /* MBEDTLS_PSA_CRYPTO_C */ + +/* Built-in implementations */ +#if defined(MBEDTLS_MD5_C) +#define MBEDTLS_MD_CAN_MD5 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA1_C) +#define MBEDTLS_MD_CAN_SHA1 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA224_C) +#define MBEDTLS_MD_CAN_SHA224 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA256_C) +#define MBEDTLS_MD_CAN_SHA256 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA384_C) +#define MBEDTLS_MD_CAN_SHA384 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA512_C) +#define MBEDTLS_MD_CAN_SHA512 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_SHA3_C) +#define MBEDTLS_MD_CAN_SHA3_224 +#define MBEDTLS_MD_CAN_SHA3_256 +#define MBEDTLS_MD_CAN_SHA3_384 +#define MBEDTLS_MD_CAN_SHA3_512 +#define MBEDTLS_MD_SOME_LEGACY +#endif +#if defined(MBEDTLS_RIPEMD160_C) +#define MBEDTLS_MD_CAN_RIPEMD160 +#define MBEDTLS_MD_SOME_LEGACY +#endif + +#endif /* MBEDTLS_MD_LIGHT */ + /* MBEDTLS_ECP_LIGHT is auto-enabled by the following symbols: * - MBEDTLS_ECP_C because now it consists of MBEDTLS_ECP_LIGHT plus functions * for curve arithmetic. As a consequence if MBEDTLS_ECP_C is required for diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index c9a7858f3..e5b30d045 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -32,120 +32,6 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform_util.h" -#if defined(MBEDTLS_MD_LIGHT) - -/* - * - MBEDTLS_MD_CAN_xxx is defined if the md module can perform xxx. - * - MBEDTLS_MD_xxx_VIA_PSA is defined if the md module may perform xxx via PSA - * (see below). - * - MBEDTLS_MD_SOME_PSA is defined if at least one algorithm may be performed - * via PSA (see below). - * - MBEDTLS_MD_SOME_LEGACY is defined if at least one algorithm may be performed - * via a direct legacy call (see below). - * - * The md module performs an algorithm via PSA if there is a PSA hash - * accelerator and the PSA driver subsytem is initialized at the time the - * operation is started, and makes a direct legacy call otherwise. - */ - -/* PSA accelerated implementations */ -#if defined(MBEDTLS_PSA_CRYPTO_C) -#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5) -#define MBEDTLS_MD_CAN_MD5 -#define MBEDTLS_MD_MD5_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) -#define MBEDTLS_MD_CAN_SHA1 -#define MBEDTLS_MD_SHA1_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) -#define MBEDTLS_MD_CAN_SHA224 -#define MBEDTLS_MD_SHA224_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) -#define MBEDTLS_MD_CAN_SHA256 -#define MBEDTLS_MD_SHA256_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) -#define MBEDTLS_MD_CAN_SHA384 -#define MBEDTLS_MD_SHA384_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) -#define MBEDTLS_MD_CAN_SHA512 -#define MBEDTLS_MD_SHA512_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) -#define MBEDTLS_MD_CAN_RIPEMD160 -#define MBEDTLS_MD_RIPEMD160_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224) -#define MBEDTLS_MD_CAN_SHA3_224 -#define MBEDTLS_MD_SHA3_224_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256) -#define MBEDTLS_MD_CAN_SHA3_256 -#define MBEDTLS_MD_SHA3_256_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384) -#define MBEDTLS_MD_CAN_SHA3_384 -#define MBEDTLS_MD_SHA3_384_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512) -#define MBEDTLS_MD_CAN_SHA3_512 -#define MBEDTLS_MD_SHA3_512_VIA_PSA -#define MBEDTLS_MD_SOME_PSA -#endif -#endif /* MBEDTLS_PSA_CRYPTO_C */ - -/* Built-in implementations */ -#if defined(MBEDTLS_MD5_C) -#define MBEDTLS_MD_CAN_MD5 -#define MBEDTLS_MD_SOME_LEGACY -#endif -#if defined(MBEDTLS_SHA1_C) -#define MBEDTLS_MD_CAN_SHA1 -#define MBEDTLS_MD_SOME_LEGACY -#endif -#if defined(MBEDTLS_SHA224_C) -#define MBEDTLS_MD_CAN_SHA224 -#define MBEDTLS_MD_SOME_LEGACY -#endif -#if defined(MBEDTLS_SHA256_C) -#define MBEDTLS_MD_CAN_SHA256 -#define MBEDTLS_MD_SOME_LEGACY -#endif -#if defined(MBEDTLS_SHA384_C) -#define MBEDTLS_MD_CAN_SHA384 -#define MBEDTLS_MD_SOME_LEGACY -#endif -#if defined(MBEDTLS_SHA512_C) -#define MBEDTLS_MD_CAN_SHA512 -#define MBEDTLS_MD_SOME_LEGACY -#endif -#if defined(MBEDTLS_SHA3_C) -#define MBEDTLS_MD_CAN_SHA3_224 -#define MBEDTLS_MD_CAN_SHA3_256 -#define MBEDTLS_MD_CAN_SHA3_384 -#define MBEDTLS_MD_CAN_SHA3_512 -#define MBEDTLS_MD_SOME_LEGACY -#endif -#if defined(MBEDTLS_RIPEMD160_C) -#define MBEDTLS_MD_CAN_RIPEMD160 -#define MBEDTLS_MD_SOME_LEGACY -#endif - -#endif /* MBEDTLS_MD_LIGHT */ - /** The selected feature is not available. */ #define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /** Bad input parameters to function. */ From 8ba9f42acd43520fc5577724e7e44ae2c2cbbf7d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 8 Oct 2023 10:46:25 +0100 Subject: [PATCH 0173/1674] Fix arch detection for auto setting of clang flags Signed-off-by: Dave Rodgman --- library/sha256.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index 37f68c743..e655cf8b9 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -22,8 +22,17 @@ * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf */ -#if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ - defined(__clang__) && __clang_major__ >= 4 +#if defined(__clang__) && (__clang_major__ >= 4) + +/* Ideally, we would simply use MBEDTLS_ARCH_IS_ARMV8 in the following #if, + * but that is defined by build_info.h, and we need this block to happen first. */ +#if defined(__ARM_ARCH) +#if __ARM_ARCH >= 8 +#define MBEDTLS_SHA256_ARCH_IS_ARMV8 +#endif +#endif + +#if defined(MBEDTLS_SHA256_ARCH_IS_ARMV8) && !defined(__ARM_FEATURE_CRYPTO) /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: @@ -44,6 +53,8 @@ #define MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG #endif +#endif /* defined(__clang__) && (__clang_major__ >= 4) */ + /* Ensure that SIG_SETMASK is defined when -std=c99 is used. */ #define _GNU_SOURCE From dfd7ca63447a9d6df2ed86c7869eb1d9f3d623c7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 9 Oct 2023 16:30:11 +0200 Subject: [PATCH 0174/1674] analyze_outcomes: rename some variables for better readability Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 35 ++++++++++++++----------------- 1 file changed, 16 insertions(+), 19 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 1f20734b1..f7fc4e3ef 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -179,7 +179,7 @@ def do_analyze_driver_vs_reference(outcome_file, args): args['ignored_tests']) # List of tasks with a function that can handle this task and additional arguments if required -TASKS = { +KNOWN_TASKS = { 'analyze_coverage': { 'test_function': do_analyze_coverage, 'args': { @@ -645,7 +645,7 @@ def main(): parser = argparse.ArgumentParser(description=__doc__) parser.add_argument('outcomes', metavar='OUTCOMES.CSV', help='Outcome file to analyze') - parser.add_argument('task', default='all', nargs='?', + parser.add_argument('specified_tasks', default='all', nargs='?', help='Analysis to be done. By default, run all tasks. ' 'With one or more TASK, run only those. ' 'TASK can be the name of a single task or ' @@ -660,31 +660,28 @@ def main(): options = parser.parse_args() if options.list: - for task in TASKS: + for task in KNOWN_TASKS: Results.log(task) sys.exit(0) - result = True - - if options.task == 'all': - tasks = TASKS.keys() + if options.specified_tasks == 'all': + tasks_list = KNOWN_TASKS.keys() else: - tasks = re.split(r'[, ]+', options.task) + tasks_list = re.split(r'[, ]+', options.specified_tasks) - for task in tasks: - if task not in TASKS: - Results.log('Error: invalid task: {}'.format(task)) - sys.exit(1) + for task in tasks_list: + if task not in KNOWN_TASKS: - TASKS['analyze_coverage']['args']['full_coverage'] = \ - options.full_coverage + KNOWN_TASKS['analyze_coverage']['args']['full_coverage'] = options.full_coverage - for task in TASKS: - if task in tasks: - if not TASKS[task]['test_function'](options.outcomes, TASKS[task]['args']): - result = False + all_succeeded = True - if result is False: + for task in KNOWN_TASKS: + if task in tasks_list: + if not KNOWN_TASKS[task]['test_function'](options.outcomes, KNOWN_TASKS[task]['args']): + all_succeeded = False + + if all_succeeded is False: sys.exit(1) Results.log("SUCCESS :-)") except Exception: # pylint: disable=broad-except From 839d3580bd9eb1bba89887c515837a871c0078aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 15 Sep 2023 21:27:19 +0200 Subject: [PATCH 0175/1674] Update details of modules using cipher operations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- .../psa-migration/md-cipher-dispatch.md | 82 +++++++++++++------ 1 file changed, 57 insertions(+), 25 deletions(-) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index 488cf20db..6bd0694c4 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -112,7 +112,7 @@ For the purposes of this work, three domains emerge: The following modules in Mbed TLS call another module to perform cryptographic operations which, in the long term, will be provided through a PSA interface, but cannot make any PSA-related assumption. -Hashes and HMAC (after the work on MD-light): +Hashes and HMAC (after the work on driver-only hashes): * entropy (hashes via MD-light) * ECDSA (HMAC\_DRBG; `md.h` exposed through API) @@ -124,31 +124,63 @@ Hashes and HMAC (after the work on MD-light): * RSA (hash via MD-light for PSS and OAEP; `md.h` exposed through API) * PEM (MD5 hash via MD-light) -Symmetric ciphers and AEADs (before Cipher-light work): +Symmetric ciphers and AEADs (before work on driver-only cipher): -* PEM (AES and DES in CBC mode without padding) - AES and DES: setkey_dec + crypt_cbc - (look at test data for DES) -* PKCS12 (cipher, generically, selected from ASN.1 or function parameters; `cipher.h` exposed through API) - setup, setkey, set_iv, reset, update, finish (in sequence, once) - no documented restriction, block cipher in CBC mode in practice - (padding?) - (look at test cases) -* PKCS5 (cipher, generically, selected from ASN.1) - only DES-CBC or 3DES-CBC - (padding?) - setup, setkey, crypt -* CTR\_DRBG (AES-ECB, but could be extended to the other block ciphers) - setkey_enc + crypt_ecb -* CCM (block cipher in ECB mode; interdependent with cipher) - info, setup, setkey, update (several times), (never finish) -* CMAC (AES-ECB and DES-ECB, but could be extended to the other block ciphers; interdependent with cipher) - info, setup, setkey, update (several times), (never finish) -* GCM (block cipher in ECB mode; interdependent with cipher) - info, setup, setkey, update (several times), (never finish) -* NIST\_KW (AES-ECB; interdependent with cipher) - info, setup, setkey, update (several times), (never finish) -* cipher (cipher and AEAD algorithms) +* PEM: + * AES, DES or 3DES in CBC mode without padding, decrypt only (!). + * Currently using low-level non-generic APIs. + * No hard dependency, features guarded by `AES_C` resp. `DES_C`. + * Functions called: `setkey_dec()` + `crypt_cbc()`. +* PKCS12: + * In practice: 2DES or 3DES in CBC mode with PKCS7 padding, decrypt only + (when called from pkparse). + * In principle: any cipher-mode (default padding), passed an + `mbedtls_cipher_type_t` as an argument, no documented restriction. + * Cipher, generically, selected from ASN.1 or function parameters; + no documented restriction but in practice TODO (inc. padding and + en/decrypt, look at standards and tests) + * Unconditional dependency on `CIPHER_C` in `check_config.h`. + * Note: `cipher.h` exposed through API. + * Functions called: `setup`, `setkey`, `set_iv`, `reset`, `update`, `finish` (in sequence, once). +* PKCS5 (PBES2, `mbedtls_pkcs5_pbes2()`): + * 3DES or DES in CBC mode with PKCS7 padding, both encrypt and decrypt. + * Note: could also be AES in the future, see #7038. + * Unconditional dependency on `CIPHER_C` in `check_config.h`. + * Functions called: `setup`, `setkey`, `crypt`. +* CTR\_DRBG: + * AES in ECB mode, encrypt only. + * Currently using low-level non-generic API (`aes.h`). + * Unconditional dependency on `AES_C` in `check_config.h`. + * Functions called: `setkey_enc`, `crypt_ecb`. +* CCM: + * AES, Camellia or Aria in ECB mode, encrypt only. + * Unconditional dependency on `AES_C || CAMELLIA_C || ARIA_C` in `check_config.h`. + * Unconditional dependency on `CIPHER_C` in `check_config.h`. + * Note: also called by `cipher.c` if enabled. + * Functions called: `info`, `setup`, `setkey`, `update` (several times) - (never finish) +* CMAC: + * AES or DES in ECB mode, encrypt only. + * Unconditional dependency on `AES_C || DES_C` in `check_config.h`. + * Unconditional dependency on `CIPHER_C` in `check_config.h`. + * Note: also called by `cipher.c` if enabled. + * Functions called: `info`, `setup`, `setkey`, `update` (several times) - (never finish) +* GCM: + * AES, Camellia or Aria in ECB mode, encrypt only. + * Unconditional dependency on `AES_C || CAMELLIA_C || ARIA_C` in `check_config.h`. + * Unconditional dependency on `CIPHER_C` in `check_config.h`. + * Note: also called by `cipher.c` if enabled. + * Functions called: `info`, `setup`, `setkey`, `update` (several times) - (never finish) +* NIST\_KW: + * AES in ECB mode, both encryt and decrypt. + * Unconditional dependency on `AES_C || DES_C` in `check_config.h`. + * Unconditional dependency on `CIPHER_C` in `check_config.h`. + * Note: also called by `cipher.c` if enabled. + * Note: `cipher.h` exposed through API. + * Functions called: `info`, `setup`, `setkey`, `update` (several times) - (never finish) +* Cipher: + * potentially any cipher/AEAD in any mode and any direction + +Note: PSA cipher is built on Cipher, but PSA AEAD directly calls the underlying AEAD modules (GCM, CCM, ChachaPoly). ### Difficulties From ca18b7747e7738788df26c06c581e9c0f7c6a92a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Oct 2023 09:45:28 +0200 Subject: [PATCH 0176/1674] Update definition of Cipher light MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- .../psa-migration/md-cipher-dispatch.md | 45 ++++++++++--------- 1 file changed, 24 insertions(+), 21 deletions(-) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index 6bd0694c4..3feda1115 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -537,48 +537,51 @@ The architecture can be extended to support `MBEDTLS_PSA_CRYPTO_CLIENT` with a l #### Definition **Note:** this definition is tentative an may be refined when implementing and -testing, based and what's needed by internal users of Cipher light. +testing, based and what's needed by internal users of Cipher light. The new +config symbol will not be considered public so its definition may change. Cipher light will be automatically enabled in `build_info.h` by modules that -need it. (Tentative list: PEM, PCKS12, PKCS5, CTR\_DRBG, CCM, CMAC, GCM, -NIS\_KW, PSA Crypto.) Note: some of these modules currently depend on the -full `CIPHER_C` (enforced by `check_config.h`); this hard dependency would be -replace by the above auto-enablement. +need it, namely: CTR\_DRBG, CCM, GCM. Note: CCM and GCM currently depend on +the full `CIPHER_C` (enforced by `check_config.h`); this hard dependency would +be replaced by the above auto-enablement. Cipher light includes: - info functions; -- support for block ciphers in ECB mode (to be confirmed: supporting one block - at a time could be enough); -- support for block ciphers in CBC mode with no padding (to be confirmed: do - we need a padding mode?); -- support for both the "one-shot" and "streaming" APIs for block ciphers. +- support for block ciphers in ECB mode, encrypt only (note: in Cipher, "ECB" + means just one block, contrary to PSA); +- the one-shot API as well as (part of) the streaming API; +- only AES, Aria and Camellia. This excludes: - the AEAD/KW API (both one-shot and streaming); - support for stream ciphers; -- support for other modes of block ciphers (CTR, CFB, etc.); -- support for (other) padding modes of CBC. +- support for other modes of block ciphers (CBC, CTR, CFB, etc.); +- DES and variants (3DES). The following API functions, and supporting types, are candidates for inclusion in the Cipher light API, with limited features as above: ``` -mbedtls_cipher_info_from_psa mbedtls_cipher_info_from_type -mbedtls_cipher_info_from_values - mbedtls_cipher_info_get_block_size -mbedtls_cipher_info_get_iv_size -mbedtls_cipher_info_get_key_bitlen mbedtls_cipher_init mbedtls_cipher_setup mbedtls_cipher_setkey -mbedtls_cipher_set_padding_mode mbedtls_cipher_crypt mbedtls_cipher_free -mbedtls_cipher_set_iv -mbedtls_cipher_reset mbedtls_cipher_update -mbedtls_cipher_finish +(mbedtls_cipher_finish) ``` + +Note: `mbedtls_cipher_info_get_block_size()` can be hard-coded to return 16, +as all three supported block ciphers have the same block size (DES was +excluded). + +Note: `mbedtls_cipher_finish()` is not required by any of the modules using +Cipher light, but it might be convenient to include it anyway as it's used in +the implementation of `mbedtls_cipher_crypt()`. + +#### Cipher light dual dispatch + +This is likely to come in the future, but has not been defined yet. From 2daee0410e725ef5ef5beb34d80ac35bbd88ac79 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Oct 2023 09:55:03 +0200 Subject: [PATCH 0177/1674] Update list of modules using hashes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- docs/architecture/psa-migration/md-cipher-dispatch.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index 3feda1115..76081deef 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -118,9 +118,11 @@ Hashes and HMAC (after the work on driver-only hashes): * ECDSA (HMAC\_DRBG; `md.h` exposed through API) * ECJPAKE (hashes via MD-light; `md.h` exposed through API) * MD (hashes and HMAC) +* HKDF (HMAC via `md.h`; `md.h` exposed through API) * HMAC\_DRBG (hashes and HMAC via `md.h`; `md.h` exposed through API) * PKCS12 (hashes via MD-light) * PKCS5 (HMAC via `md.h`; `md.h` exposed through API) +* PKCS7 (hashes via MD) * RSA (hash via MD-light for PSS and OAEP; `md.h` exposed through API) * PEM (MD5 hash via MD-light) From 301d2a29a72292d4654be1929007e33fe69334ed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 10 Oct 2023 10:02:03 +0200 Subject: [PATCH 0178/1674] Update to MD light section MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Mostly to reflect this has been implemented, and remove references to temporary remains from the previous strategy (hash_info, legacy_or_psa) which would probably be more confusing than helpful at this point. Signed-off-by: Manuel Pégourié-Gonnard --- .../psa-migration/md-cipher-dispatch.md | 32 +------------------ 1 file changed, 1 insertion(+), 31 deletions(-) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index 76081deef..12b486a46 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -323,8 +323,6 @@ These problems are easily solvable. ### MD light -https://github.com/Mbed-TLS/mbedtls/pull/6474 implements part of this specification, but it's based on Mbed TLS 3.2, so it needs to be rewritten for 3.3. - #### Definition of MD light MD light is a subset of `md.h` that implements the hash calculation interface described in ”[Designing an interface for hashes](#designing-an-interface-for-hashes)”. It is activated by `MBEDTLS_MD_LIGHT` in `mbedtls_config.h`. @@ -454,31 +452,7 @@ Note that this assumes that an operation that has been started via PSA can be co #### Error code conversion -After calling a PSA function, call `mbedtls_md_error_from_psa` to convert its status code. This function is currently defined in `hash_info.c`. - -### Migration to MD light - -#### Migration of modules that used to call MD and now do the legacy-or-PSA dance - -Get rid of the case where `MBEDTLS_MD_C` is undefined. Enable `MBEDTLS_MD_LIGHT` in `build_info.h`. - -#### Migration of modules that used to call a low-level hash module and now do the legacy-or-PSA dance - -Switch to calling MD (light) unconditionally. Enable `MBEDTLS_MD_LIGHT` in `build_info.h`. - -#### Migration of modules that call a low-level hash module - -Switch to calling MD (light). Enable `MBEDTLS_MD_LIGHT` in `build_info.h`. - -#### Migration of use-PSA mixed code - -Instead of calling `hash_info.h` functions to obtain metadata, get it from `md.h`. - -Optionally, code that currently tests on `MBEDTLS_USE_PSA_CRYPTO` just to determine whether to call MD or PSA to calculate hashes can switch to just having the MD variant. - -#### Remove `legacy_or_psa.h` - -It's no longer used. +After calling a PSA function, call `mbedtls_md_error_from_psa` to convert its status code. ### Support all legacy algorithms in PSA @@ -517,10 +491,6 @@ static inline psa_algorithm_t psa_alg_of_md_info( Work in progress on this conversion is at https://github.com/gilles-peskine-arm/mbedtls/tree/hash-unify-ids-wip-1 -#### Get rid of the hash_info module - -The hash_info module is redundant with MD light. Move `mbedtls_md_error_from_psa` to `md.c`, defined only when `MBEDTLS_MD_SOME_PSA` is defined. The rest is no longer used. - #### Unify HMAC with PSA PSA has its own HMAC implementation. In builds with both `MBEDTLS_MD_C` and `PSA_WANT_ALG_HMAC` not fully provided by drivers, we should have a single implementation. Replace the one in `md.h` by calls to the PSA driver interface. This will also give mixed-domain modules access to HMAC accelerated directly by a PSA driver (eliminating the need to a HMAC interface in software if all supported hashes have an accelerator that includes HMAC support). From 78d78462ac9ba048d026647dd2cdfbd0eaffd561 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 09:53:44 +0100 Subject: [PATCH 0179/1674] Make asm without side-effects not optimisable-out Signed-off-by: Dave Rodgman --- library/sha256.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index e655cf8b9..18be8a4b9 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -202,9 +202,9 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) if (setjmp(return_from_sigill) == 0) { /* First return only */ /* If this traps, we will return a second time from setjmp() with 1 */ #if defined(MBEDTLS_ARCH_IS_ARM64) - asm ("sha256h q0, q0, v0.4s" : : : "v0"); + asm volatile ("sha256h q0, q0, v0.4s" : : : "v0"); #else - asm ("sha256h.32 q0, q0, q0" : : : "q0"); + asm volatile ("sha256h.32 q0, q0, q0" : : : "q0"); #endif ret = 1; } From 88d806254535a1430527655488be7102b3518008 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 10:14:26 +0100 Subject: [PATCH 0180/1674] Fix excess newline Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index aaa6e39db..c1211f0c9 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -1,4 +1,3 @@ Features * Support Armv8 Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. - From 308cb232bf30316105e3419930e385649eeba384 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 10 Oct 2023 17:56:12 +0800 Subject: [PATCH 0181/1674] aesni: support cpuid on WIN32 `__cpuid` has two kinds of signatures in different headers depending on the target OS. We make it consistent between the usages ang the included header. Signed-off-by: Pengyu Lv --- library/aesni.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/aesni.c b/library/aesni.c index 5f25a8249..7eb11aff5 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -53,7 +53,7 @@ int mbedtls_aesni_has_support(unsigned int what) if (!done) { #if MBEDTLS_AESNI_HAVE_CODE == 2 static unsigned info[4] = { 0, 0, 0, 0 }; -#if defined(_MSC_VER) +#if defined(_WIN32) __cpuid(info, 1); #else __cpuid(1, info[0], info[1], info[2], info[3]); From e8c4bf180b9ab6631d80e138bcf57fd8f3019a6a Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 10 Oct 2023 18:12:43 +0800 Subject: [PATCH 0182/1674] aesni: declare cpuinfo as int Change the type of array that stores the cpuinfo data to int[4] to match the signature of `__cpuinfo` in `intrin.h` header file. Signed-off-by: Pengyu Lv --- library/aesni.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/aesni.c b/library/aesni.c index 7eb11aff5..322a25533 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -52,7 +52,7 @@ int mbedtls_aesni_has_support(unsigned int what) if (!done) { #if MBEDTLS_AESNI_HAVE_CODE == 2 - static unsigned info[4] = { 0, 0, 0, 0 }; + static int info[4] = { 0, 0, 0, 0 }; #if defined(_WIN32) __cpuid(info, 1); #else From 94a634db96d692a470e3c7d0098fca7ab6b8680d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 12:59:29 +0100 Subject: [PATCH 0183/1674] Rename A64 config options Signed-off-by: Dave Rodgman --- include/mbedtls/config_adjust_legacy_crypto.h | 15 ++++ include/mbedtls/mbedtls_config.h | 86 ++++++++++++++----- library/sha256.c | 72 ++++++++-------- library/sha512.c | 70 +++++++-------- tests/scripts/all.sh | 53 +++++++----- 5 files changed, 181 insertions(+), 115 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 65bea1a6e..78a5bb1d8 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -184,4 +184,19 @@ #define MBEDTLS_PK_HAVE_ECC_KEYS #endif /* MBEDTLS_PK_USE_PSA_EC_DATA || MBEDTLS_ECP_C */ +/* Backwards compatibility for some macros which were renamed to reflect that + * they are related to Armv8, not aarch64. */ +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +#endif +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY +#endif +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT +#endif +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY +#endif + #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H */ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index a104114b4..f9ad2b6f9 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3270,13 +3270,13 @@ #define MBEDTLS_SHA256_C /** - * \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building * for a non-Armv8 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, @@ -3285,27 +3285,38 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 * - * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. + * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. + * That name is deprecated, but may still be used as an alternative form for this + * option. + * + * \warning MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA256_C. * * Module: library/sha256.c * - * Uncomment to have the library check for the A64 SHA-256 crypto extensions + * Uncomment to have the library check for the Armv8 SHA-256 crypto extensions * and use them if available. */ +//#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + +/* + * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT. + * This name is now deprecated, but may still be used as an alternative form for + * this option. + */ //#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + * \def MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY * * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. @@ -3313,17 +3324,28 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 * - * \warning MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT. + * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. + * That name is deprecated, but may still be used as an alternative form for this + * option. + * + * \warning MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA256_C. * * Module: library/sha256.c * - * Uncomment to have the library use the A64 SHA-256 crypto extensions + * Uncomment to have the library use the Armv8 SHA-256 crypto extensions * unconditionally. */ -//#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY +//#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + +/* + * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY. + * This name is now deprecated, but may still be used as an alternative form for + * this option. + */ +//#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT /** * \def MBEDTLS_SHA384_C @@ -3368,13 +3390,13 @@ #define MBEDTLS_SHA3_C /** - * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 7.0, @@ -3383,27 +3405,38 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for * armclang 6.9 * - * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. + * \note This was previously known as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. + * That name is deprecated, but may still be used as an alternative form for this + * option. + * + * \warning MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c * - * Uncomment to have the library check for the A64 SHA-512 crypto extensions + * Uncomment to have the library check for the Armv8 SHA-512 crypto extensions * and use them if available. */ +//#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + +/* + * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT. + * This name is now deprecated, but may still be used as an alternative form for + * this option. + */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY + * \def MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + * MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 7.0, * armclang 6.9 or GCC 8.0. @@ -3411,16 +3444,27 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for * armclang 6.9 * - * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. + * \note This was previously known as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. + * That name is deprecated, but may still be used as an alternative form for this + * option. + * + * \warning MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c * - * Uncomment to have the library use the A64 SHA-512 crypto extensions + * Uncomment to have the library use the Armv8 SHA-512 crypto extensions * unconditionally. */ +//#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY + +/* + * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY. + * This name is now deprecated, but may still be used as an alternative form for + * this option. + */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY /** diff --git a/library/sha256.c b/library/sha256.c index 18be8a4b9..96aa25e59 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -72,34 +72,34 @@ #if defined(MBEDTLS_ARCH_IS_ARMV8) -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) # ifdef __ARM_NEON # include # else -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) # warning "Target does not support NEON instructions" -# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT # else # error "Target does not support NEON instructions" # endif # endif # endif -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) /* *INDENT-OFF* */ # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 -# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" # endif # pragma clang attribute push (__attribute__((target("sha2"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # elif defined(__clang__) # if __clang_major__ < 4 -# error "A more recent Clang is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" # endif # pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA @@ -108,20 +108,20 @@ * intrinsics are missing. Missing intrinsics could be worked around. */ # if __GNUC__ < 6 -# error "A more recent GCC is required for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8-a+crypto") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_A64_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -132,19 +132,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY -# undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY +# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(HWCAP_SHA2) static int mbedtls_a64_crypto_sha256_determine_support(void) @@ -174,7 +174,7 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) static jmp_buf return_from_sigill; /* - * A64 SHA256 support detection via SIGILL + * Armv8 SHA256 support detection via SIGILL */ static void sigill_handler(int signal) { @@ -215,11 +215,11 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) return ret; } #else -#warning "No mechanism to detect A64_CRYPTO found, using C code only" -#undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" +#undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA2, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA256_ALT) @@ -321,10 +321,10 @@ static const uint32_t K[] = #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) # define mbedtls_internal_sha256_process_many_a64_crypto mbedtls_internal_sha256_process_many # define mbedtls_internal_sha256_process_a64_crypto mbedtls_internal_sha256_process #endif @@ -424,9 +424,9 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and A64 + * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() */ static @@ -439,7 +439,7 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, SHA256_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -450,14 +450,14 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, #undef MBEDTLS_POP_TARGET_PRAGMA #endif -#if !defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha256_process_many_c mbedtls_internal_sha256_process_many #define mbedtls_internal_sha256_process_c mbedtls_internal_sha256_process #endif #if !defined(MBEDTLS_SHA256_PROCESS_ALT) && \ - !defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) + !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) #define SHR(x, n) (((x) & 0xFFFFFFFF) >> (n)) #define ROTR(x, n) (SHR(x, n) | ((x) << (32 - (n)))) @@ -485,9 +485,9 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, (d) += local.temp1; (h) = local.temp1 + local.temp2; \ } while (0) -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and A64 + * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() */ static @@ -577,10 +577,10 @@ int mbedtls_internal_sha256_process_c(mbedtls_sha256_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA256_PROCESS_ALT && !MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA256_PROCESS_ALT && !MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) static size_t mbedtls_internal_sha256_process_many_c( mbedtls_sha256_context *ctx, const uint8_t *data, size_t len) @@ -601,10 +601,10 @@ static size_t mbedtls_internal_sha256_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha256_has_support(void) { @@ -639,7 +639,7 @@ int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, } } -#endif /* MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT */ /* diff --git a/library/sha512.c b/library/sha512.c index e739af254..14c9343e3 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -57,8 +57,8 @@ #include "mbedtls/platform.h" #if defined(__aarch64__) -# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) /* *INDENT-OFF* */ # ifdef __ARM_NEON # include @@ -83,35 +83,35 @@ /* Test Clang first, as it defines __GNUC__ */ # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION < 6090000 -# error "A more recent armclang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "A more recent armclang is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # elif __ARMCOMPILER_VERSION == 6090000 -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__clang__) # if __clang_major__ < 7 -# error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__GNUC__) # if __GNUC__ < 8 -# error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8.2-a+sha3") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -122,19 +122,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY -# undef MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY +# undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(HWCAP_SHA512) static int mbedtls_a64_crypto_sha512_determine_support(void) @@ -161,9 +161,9 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) * SHA-512 support. So we fall back to the C code only. */ #if defined(_MSC_VER) -#pragma message "No mechanism to detect A64_CRYPTO found, using C code only" +#pragma message "No mechanism to detect ARMV8_CRYPTO found, using C code only" #else -#warning "No mechanism to detect A64_CRYPTO found, using C code only" +#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" #endif #elif defined(__unix__) && defined(SIG_SETMASK) /* Detection with SIGILL, setjmp() and longjmp() */ @@ -173,7 +173,7 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) static jmp_buf return_from_sigill; /* - * A64 SHA512 support detection via SIGILL + * Armv8 SHA512 support detection via SIGILL */ static void sigill_handler(int signal) { @@ -210,11 +210,11 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) return ret; } #else -#warning "No mechanism to detect A64_CRYPTO found, using C code only" -#undef MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT +#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" +#undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA512, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA512_ALT) @@ -352,10 +352,10 @@ static const uint64_t K[80] = }; #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) # define mbedtls_internal_sha512_process_many_a64_crypto mbedtls_internal_sha512_process_many # define mbedtls_internal_sha512_process_a64_crypto mbedtls_internal_sha512_process #endif @@ -567,9 +567,9 @@ static size_t mbedtls_internal_sha512_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and A64 + * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() */ static @@ -582,7 +582,7 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, SHA512_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -594,17 +594,17 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, #endif -#if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha512_process_many_c mbedtls_internal_sha512_process_many #define mbedtls_internal_sha512_process_c mbedtls_internal_sha512_process #endif -#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and A64 + * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() */ static @@ -701,10 +701,10 @@ int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) static size_t mbedtls_internal_sha512_process_many_c( mbedtls_sha512_context *ctx, const uint8_t *data, size_t len) @@ -725,10 +725,10 @@ static size_t mbedtls_internal_sha512_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha512_has_support(void) { @@ -763,7 +763,7 @@ int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, } } -#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT */ /* * SHA-512 process buffer diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 32d1a1527..1892ef869 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2245,12 +2245,12 @@ component_build_module_alt () { # The SpecifiedECDomain parsing code accesses mbedtls_ecp_group fields # directly and assumes the implementation works with partial groups. scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED - # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_A64_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY + # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY # Enable all MBEDTLS_XXX_ALT for whole modules. Do not enable # MBEDTLS_XXX_YYY_ALT which are for single functions. @@ -3464,10 +3464,10 @@ config_psa_crypto_hash_use_psa () { scripts/config.py unset MBEDTLS_SHA1_C scripts/config.py unset MBEDTLS_SHA224_C scripts/config.py unset MBEDTLS_SHA256_C # see external RNG below - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA384_C scripts/config.py unset MBEDTLS_SHA512_C - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA3_C fi } @@ -4332,7 +4332,7 @@ component_build_aes_aesce_armcc () { scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4340,7 +4340,7 @@ component_build_aes_aesce_armcc () { # unavailable, and the user is notified via a #warning. So enabling # this feature would prevent us from building with -Werror on # armclang. Tracked in #7198. - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_HAVE_ASM msg "AESCE, build with default configuration." @@ -4362,30 +4362,37 @@ support_build_sha_armce() { component_build_sha_armce () { # Test variations of SHA256 Armv8 crypto extensions - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, aarch64" + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, arm" + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" + # test the deprecated form of the config option + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" - scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, aarch64" + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" + # test the deprecated form of the config option + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" + msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" - } # For timebeing, no VIA Padlock platform available. @@ -4929,7 +4936,7 @@ component_build_armcc () { msg "build: ARM Compiler 5" scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4937,7 +4944,7 @@ component_build_armcc () { # unavailable, and the user is notified via a #warning. So enabling # this feature would prevent us from building with -Werror on # armclang. Tracked in #7198. - scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_HAVE_ASM From 5d4ef83e01645a40d07b945f8b70501f190ffd90 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 13:04:07 +0100 Subject: [PATCH 0184/1674] Fix hwcap detection on 32-bit Arm Signed-off-by: Dave Rodgman --- library/sha256.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/library/sha256.c b/library/sha256.c index 96aa25e59..fe343e7a4 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -126,6 +126,7 @@ # if defined(__linux__) /* Our preferred method of detection is getauxval() */ # include +# include # endif /* Use SIGILL on Unix, and fall back to it on Linux */ # include @@ -146,11 +147,16 @@ * Capability detection code comes early, so we can disable * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found */ -#if defined(HWCAP_SHA2) +#if defined(MBEDTLS_ARCH_IS_ARM64) && defined(HWCAP_SHA2) static int mbedtls_a64_crypto_sha256_determine_support(void) { return (getauxval(AT_HWCAP) & HWCAP_SHA2) ? 1 : 0; } +#elif defined(MBEDTLS_ARCH_IS_ARM32) && defined(HWCAP2_SHA2) +static int mbedtls_a64_crypto_sha256_determine_support(void) +{ + return (getauxval(AT_HWCAP2) & HWCAP2_SHA2) ? 1 : 0; +} #elif defined(__APPLE__) static int mbedtls_a64_crypto_sha256_determine_support(void) { From 6ab314f71d0fe0f4c39d78cdd57e0b65ea1a10b8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:00:17 +0100 Subject: [PATCH 0185/1674] More config option renaming Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 4 ++ include/mbedtls/check_config.h | 38 +++++++++---------- include/mbedtls/config_adjust_legacy_crypto.h | 8 ++-- include/mbedtls/mbedtls_config.h | 2 +- scripts/config.py | 4 ++ 5 files changed, 32 insertions(+), 24 deletions(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index c1211f0c9..13d4dda1a 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -1,3 +1,7 @@ Features * Support Armv8 Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. +New deprecations + * Rename the SHAxxx_USE_A64_CRYPTO_yyy config options to + SHAxxx_USE_ARMV8_CRYPTO_yyy. The old names may still be + used, but are deprecated. diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 158070783..24b3e03e2 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -829,44 +829,44 @@ #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*" +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA512_C) -#error "MBEDTLS_SHA512_USE_A64_CRYPTO_* defined without MBEDTLS_SHA512_C" +#error "MBEDTLS_SHA512_USE_ARMV8_CRYPTO_* defined without MBEDTLS_SHA512_C" #endif #if defined(MBEDTLS_SHA512_ALT) || defined(MBEDTLS_SHA512_PROCESS_ALT) -#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_*" +#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" #endif -#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(__aarch64__) -#error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system" +#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) && !defined(__aarch64__) +#error "MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY defined on non-Aarch64 system" #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA256_USE_A64_CRYPTO_*" +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA256_C) -#error "MBEDTLS_SHA256_USE_A64_CRYPTO_* defined without MBEDTLS_SHA256_C" +#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_* defined without MBEDTLS_SHA256_C" #endif #if defined(MBEDTLS_SHA256_ALT) || defined(MBEDTLS_SHA256_PROCESS_ALT) -#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_A64_CRYPTO_*" +#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" #endif #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) -#error "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY defined on non-Armv8 system" +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) +#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8 system" #endif /* TLS 1.3 requires separate HKDF parts from PSA, diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 78a5bb1d8..bd356da59 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -186,16 +186,16 @@ /* Backwards compatibility for some macros which were renamed to reflect that * they are related to Armv8, not aarch64. */ -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) #define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) #define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) #define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) #define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY #endif diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index f9ad2b6f9..0cbb0ee41 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3345,7 +3345,7 @@ * This name is now deprecated, but may still be used as an alternative form for * this option. */ -//#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT +//#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY /** * \def MBEDTLS_SHA384_C diff --git a/scripts/config.py b/scripts/config.py index 1a71cb35f..619782b89 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -215,6 +215,8 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) @@ -280,6 +282,8 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_TIMING_C', # requires a clock 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) def keep_in_baremetal(name): From c5861d5bf254bd991dd266cdab295216c36ca578 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:01:54 +0100 Subject: [PATCH 0186/1674] Code style Signed-off-by: Dave Rodgman --- include/mbedtls/config_adjust_legacy_crypto.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index bd356da59..9144c4963 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -186,13 +186,15 @@ /* Backwards compatibility for some macros which were renamed to reflect that * they are related to Armv8, not aarch64. */ -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \ + !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) #define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT #endif #if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) #define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ + !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) #define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT #endif #if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) From f097bef6ea9a8a83d08281c5435cf43946fe375d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:56:35 +0100 Subject: [PATCH 0187/1674] Refer to Armv8-A (not Armv8) in docs Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 2 +- include/mbedtls/check_config.h | 2 +- include/mbedtls/mbedtls_config.h | 10 +++++----- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index 13d4dda1a..bff70f500 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -1,5 +1,5 @@ Features - * Support Armv8 Crypto Extension acceleration for SHA-256 + * Support Armv8-A Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. New deprecations * Rename the SHAxxx_USE_A64_CRYPTO_yyy config options to diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 24b3e03e2..0dba0a872 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -866,7 +866,7 @@ #endif #if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) -#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8 system" +#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8-A system" #endif /* TLS 1.3 requires separate HKDF parts from PSA, diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 0cbb0ee41..595b8cd89 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3277,7 +3277,7 @@ * If not, the library will fall back to the C implementation. * * \note If MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building - * for a non-Armv8 build it will be silently ignored. + * for a non-Armv8-A build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. @@ -3296,7 +3296,7 @@ * * Module: library/sha256.c * - * Uncomment to have the library check for the Armv8 SHA-256 crypto extensions + * Uncomment to have the library check for the Armv8-A SHA-256 crypto extensions * and use them if available. */ //#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT @@ -3335,7 +3335,7 @@ * * Module: library/sha256.c * - * Uncomment to have the library use the Armv8 SHA-256 crypto extensions + * Uncomment to have the library use the Armv8-A SHA-256 crypto extensions * unconditionally. */ //#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY @@ -3416,7 +3416,7 @@ * * Module: library/sha512.c * - * Uncomment to have the library check for the Armv8 SHA-512 crypto extensions + * Uncomment to have the library check for the Armv8-A SHA-512 crypto extensions * and use them if available. */ //#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT @@ -3455,7 +3455,7 @@ * * Module: library/sha512.c * - * Uncomment to have the library use the Armv8 SHA-512 crypto extensions + * Uncomment to have the library use the Armv8-A SHA-512 crypto extensions * unconditionally. */ //#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY From fe9fda81aabf178eb241670d1aced3810e7be7b2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:51:06 +0100 Subject: [PATCH 0188/1674] Rename MBEDTLS_ARCH_IS_ARMV8 to MBEDTLS_ARCH_IS_ARMV8_A Signed-off-by: Dave Rodgman --- include/mbedtls/build_info.h | 19 ++++++++++++------- include/mbedtls/check_config.h | 2 +- library/sha256.c | 10 +++++----- 3 files changed, 18 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 9b9f5f2ac..b09c5dd09 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -74,14 +74,19 @@ #define MBEDTLS_ARCH_IS_X86 #endif -/* This is defined if the architecture is Armv8, or higher */ -#if !defined(MBEDTLS_ARCH_IS_ARMV8) -#if defined(__ARM_ARCH) -#if __ARM_ARCH >= 8 -#define MBEDTLS_ARCH_IS_ARMV8 +/* This is defined if the architecture is Armv8-A, or higher */ +#if !defined(MBEDTLS_ARCH_IS_ARMV8_A) +#if defined(__ARM_ARCH) && defined(__ARM_ARCH_PROFILE) +#if (__ARM_ARCH >= 8) && (__ARM_ARCH_PROFILE == 'A') +/* GCC, clang, armclang and IAR */ +#define MBEDTLS_ARCH_IS_ARMV8_A #endif -#elif defined(MBEDTLS_ARCH_IS_ARM64) -#define MBEDTLS_ARCH_IS_ARMV8 +#elif defined(__ARM_ARCH_8A) +/* Alternative defined by clang */ +#define MBEDTLS_ARCH_IS_ARMV8_A +#elif defined(_M_ARM64) || defined(_M_ARM64EC) +/* MSVC ARM64 is at least Armv8.0-A */ +#define MBEDTLS_ARCH_IS_ARMV8_A #endif #endif diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 0dba0a872..eac226618 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -865,7 +865,7 @@ #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8) +#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8_A) #error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8-A system" #endif diff --git a/library/sha256.c b/library/sha256.c index fe343e7a4..763c71076 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -24,15 +24,15 @@ #if defined(__clang__) && (__clang_major__ >= 4) -/* Ideally, we would simply use MBEDTLS_ARCH_IS_ARMV8 in the following #if, +/* Ideally, we would simply use MBEDTLS_ARCH_IS_ARMV8_A in the following #if, * but that is defined by build_info.h, and we need this block to happen first. */ -#if defined(__ARM_ARCH) +#if defined(__ARM_ARCH) && (__ARM_ARCH_PROFILE == 'A') #if __ARM_ARCH >= 8 -#define MBEDTLS_SHA256_ARCH_IS_ARMV8 +#define MBEDTLS_SHA256_ARCH_IS_ARMV8_A #endif #endif -#if defined(MBEDTLS_SHA256_ARCH_IS_ARMV8) && !defined(__ARM_FEATURE_CRYPTO) +#if defined(MBEDTLS_SHA256_ARCH_IS_ARMV8_A) && !defined(__ARM_FEATURE_CRYPTO) /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: @@ -70,7 +70,7 @@ #include "mbedtls/platform.h" -#if defined(MBEDTLS_ARCH_IS_ARMV8) +#if defined(MBEDTLS_ARCH_IS_ARMV8_A) # if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) From 5b89c55bb853aab5936e5845d61eb58e91a324f2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 14:59:02 +0100 Subject: [PATCH 0189/1674] Rename MBEDTLS_SHAxxx_USE_ARMV8_yyy to MBEDTLS_SHAxxx_USE_ARMV8_A_yyy Signed-off-by: Dave Rodgman --- include/mbedtls/check_config.h | 38 +++++------ include/mbedtls/config_adjust_legacy_crypto.h | 16 ++--- include/mbedtls/mbedtls_config.h | 48 +++++++------- library/sha256.c | 64 +++++++++---------- library/sha512.c | 58 ++++++++--------- scripts/config.py | 8 +-- tests/scripts/all.sh | 48 +++++++------- 7 files changed, 140 insertions(+), 140 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index eac226618..b346f1f6e 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -829,44 +829,44 @@ #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA512_C) -#error "MBEDTLS_SHA512_USE_ARMV8_CRYPTO_* defined without MBEDTLS_SHA512_C" +#error "MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA512_C" #endif #if defined(MBEDTLS_SHA512_ALT) || defined(MBEDTLS_SHA512_PROCESS_ALT) -#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" #endif -#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) && !defined(__aarch64__) -#error "MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY defined on non-Aarch64 system" +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) && !defined(__aarch64__) +#error "MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY defined on non-Aarch64 system" #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA256_C) -#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_* defined without MBEDTLS_SHA256_C" +#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA256_C" #endif #if defined(MBEDTLS_SHA256_ALT) || defined(MBEDTLS_SHA256_PROCESS_ALT) -#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" #endif #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8_A) -#error "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY defined on non-Armv8-A system" +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8_A) +#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY defined on non-Armv8-A system" #endif /* TLS 1.3 requires separate HKDF parts from PSA, diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 9144c4963..c8791fc63 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -187,18 +187,18 @@ /* Backwards compatibility for some macros which were renamed to reflect that * they are related to Armv8, not aarch64. */ #if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \ - !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) -#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) -#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY +#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) +#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY #endif #if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ - !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) -#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) -#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY #endif #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H */ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 595b8cd89..49ae7218e 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3270,13 +3270,13 @@ #define MBEDTLS_SHA256_C /** - * \def MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT is defined when building * for a non-Armv8-A build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 4.0, @@ -3289,8 +3289,8 @@ * That name is deprecated, but may still be used as an alternative form for this * option. * - * \warning MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY. + * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA256_C. * @@ -3299,24 +3299,24 @@ * Uncomment to have the library check for the Armv8-A SHA-256 crypto extensions * and use them if available. */ -//#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT /* - * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT. + * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. * This name is now deprecated, but may still be used as an alternative form for * this option. */ //#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + * \def MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY * * Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + * MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 4.0, * armclang 6.6 or GCC 6.0. @@ -3328,8 +3328,8 @@ * That name is deprecated, but may still be used as an alternative form for this * option. * - * \warning MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT. + * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA256_C. * @@ -3338,10 +3338,10 @@ * Uncomment to have the library use the Armv8-A SHA-256 crypto extensions * unconditionally. */ -//#define MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY +//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY /* - * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY. + * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. * This name is now deprecated, but may still be used as an alternative form for * this option. */ @@ -3390,13 +3390,13 @@ #define MBEDTLS_SHA3_C /** - * \def MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 7.0, @@ -3409,8 +3409,8 @@ * That name is deprecated, but may still be used as an alternative form for this * option. * - * \warning MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY. + * \warning MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA512_C. * @@ -3419,24 +3419,24 @@ * Uncomment to have the library check for the Armv8-A SHA-512 crypto extensions * and use them if available. */ -//#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT +//#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT /* - * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT. + * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT. * This name is now deprecated, but may still be used as an alternative form for * this option. */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY + * \def MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + * MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 7.0, * armclang 6.9 or GCC 8.0. @@ -3448,8 +3448,8 @@ * That name is deprecated, but may still be used as an alternative form for this * option. * - * \warning MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT. + * \warning MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA512_C. * @@ -3458,10 +3458,10 @@ * Uncomment to have the library use the Armv8-A SHA-512 crypto extensions * unconditionally. */ -//#define MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY +//#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY /* - * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY. + * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY. * This name is now deprecated, but may still be used as an alternative form for * this option. */ diff --git a/library/sha256.c b/library/sha256.c index 763c71076..726f5fb56 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -72,34 +72,34 @@ #if defined(MBEDTLS_ARCH_IS_ARMV8_A) -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) # ifdef __ARM_NEON # include # else -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) # warning "Target does not support NEON instructions" -# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT # else # error "Target does not support NEON instructions" # endif # endif # endif -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) /* *INDENT-OFF* */ # if !defined(__ARM_FEATURE_CRYPTO) || defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION <= 6090000 -# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +# error "Must use minimum -march=armv8-a+crypto for MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" # endif # pragma clang attribute push (__attribute__((target("sha2"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # elif defined(__clang__) # if __clang_major__ < 4 -# error "A more recent Clang is required for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" # endif # pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA @@ -108,20 +108,20 @@ * intrinsics are missing. Missing intrinsics could be worked around. */ # if __GNUC__ < 6 -# error "A more recent GCC is required for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8-a+crypto") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_ARMV8_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -133,19 +133,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY -# undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY +# undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(MBEDTLS_ARCH_IS_ARM64) && defined(HWCAP_SHA2) static int mbedtls_a64_crypto_sha256_determine_support(void) @@ -222,10 +222,10 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) } #else #warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" -#undef MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT +#undef MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA2, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA256_ALT) @@ -327,10 +327,10 @@ static const uint32_t K[] = #endif -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) # define mbedtls_internal_sha256_process_many_a64_crypto mbedtls_internal_sha256_process_many # define mbedtls_internal_sha256_process_a64_crypto mbedtls_internal_sha256_process #endif @@ -430,7 +430,7 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() @@ -445,7 +445,7 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, SHA256_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -456,14 +456,14 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, #undef MBEDTLS_POP_TARGET_PRAGMA #endif -#if !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha256_process_many_c mbedtls_internal_sha256_process_many #define mbedtls_internal_sha256_process_c mbedtls_internal_sha256_process #endif #if !defined(MBEDTLS_SHA256_PROCESS_ALT) && \ - !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) + !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) #define SHR(x, n) (((x) & 0xFFFFFFFF) >> (n)) #define ROTR(x, n) (SHR(x, n) | ((x) << (32 - (n)))) @@ -491,7 +491,7 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, (d) += local.temp1; (h) = local.temp1 + local.temp2; \ } while (0) -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() @@ -583,10 +583,10 @@ int mbedtls_internal_sha256_process_c(mbedtls_sha256_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA256_PROCESS_ALT && !MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA256_PROCESS_ALT && !MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) static size_t mbedtls_internal_sha256_process_many_c( mbedtls_sha256_context *ctx, const uint8_t *data, size_t len) @@ -607,10 +607,10 @@ static size_t mbedtls_internal_sha256_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha256_has_support(void) { @@ -645,7 +645,7 @@ int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, } } -#endif /* MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT */ /* diff --git a/library/sha512.c b/library/sha512.c index 14c9343e3..ab13e841e 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -57,8 +57,8 @@ #include "mbedtls/platform.h" #if defined(__aarch64__) -# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) /* *INDENT-OFF* */ # ifdef __ARM_NEON # include @@ -83,35 +83,35 @@ /* Test Clang first, as it defines __GNUC__ */ # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION < 6090000 -# error "A more recent armclang is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "A more recent armclang is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # elif __ARMCOMPILER_VERSION == 6090000 -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__clang__) # if __clang_major__ < 7 -# error "A more recent Clang is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__GNUC__) # if __GNUC__ < 8 -# error "A more recent GCC is required for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8.2-a+sha3") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_ARMV8_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -122,19 +122,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY -# undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY +# undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(HWCAP_SHA512) static int mbedtls_a64_crypto_sha512_determine_support(void) @@ -211,10 +211,10 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) } #else #warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" -#undef MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT +#undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA512, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA512_ALT) @@ -352,10 +352,10 @@ static const uint64_t K[80] = }; #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) # define mbedtls_internal_sha512_process_many_a64_crypto mbedtls_internal_sha512_process_many # define mbedtls_internal_sha512_process_a64_crypto mbedtls_internal_sha512_process #endif @@ -567,7 +567,7 @@ static size_t mbedtls_internal_sha512_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() @@ -582,7 +582,7 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, SHA512_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -594,15 +594,15 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, #endif -#if !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha512_process_many_c mbedtls_internal_sha512_process_many #define mbedtls_internal_sha512_process_c mbedtls_internal_sha512_process #endif -#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* * This function is for internal use only if we are building both C and Armv8 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() @@ -701,10 +701,10 @@ int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) static size_t mbedtls_internal_sha512_process_many_c( mbedtls_sha512_context *ctx, const uint8_t *data, size_t len) @@ -725,10 +725,10 @@ static size_t mbedtls_internal_sha512_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha512_has_support(void) { @@ -763,7 +763,7 @@ int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, } } -#endif /* MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT */ /* * SHA-512 process buffer diff --git a/scripts/config.py b/scripts/config.py index 619782b89..6e32e3db2 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -215,8 +215,8 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) @@ -282,8 +282,8 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_TIMING_C', # requires a clock 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection - 'MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection - 'MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) def keep_in_baremetal(name): diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1892ef869..5be96a586 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2245,12 +2245,12 @@ component_build_module_alt () { # The SpecifiedECDomain parsing code accesses mbedtls_ecp_group fields # directly and assumes the implementation works with partial groups. scripts/config.py unset MBEDTLS_PK_PARSE_EC_EXTENDED - # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY - # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_ONLY + # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY + # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY # Enable all MBEDTLS_XXX_ALT for whole modules. Do not enable # MBEDTLS_XXX_YYY_ALT which are for single functions. @@ -3464,10 +3464,10 @@ config_psa_crypto_hash_use_psa () { scripts/config.py unset MBEDTLS_SHA1_C scripts/config.py unset MBEDTLS_SHA224_C scripts/config.py unset MBEDTLS_SHA256_C # see external RNG below - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA384_C scripts/config.py unset MBEDTLS_SHA512_C - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA3_C fi } @@ -4332,7 +4332,7 @@ component_build_aes_aesce_armcc () { scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4340,7 +4340,7 @@ component_build_aes_aesce_armcc () { # unavailable, and the user is notified via a #warning. So enabling # this feature would prevent us from building with -Werror on # armclang. Tracked in #7198. - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_HAVE_ASM msg "AESCE, build with default configuration." @@ -4362,36 +4362,36 @@ support_build_sha_armce() { component_build_sha_armce () { # Test variations of SHA256 Armv8 crypto extensions - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT - scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, aarch64" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, arm" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" # test the deprecated form of the config option - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY clang, thumb" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" - scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_ONLY + scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, aarch64" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, aarch64" make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" # test the deprecated form of the config option - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, arm" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" - msg "MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT clang, thumb" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" } @@ -4936,7 +4936,7 @@ component_build_armcc () { msg "build: ARM Compiler 5" scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4944,7 +4944,7 @@ component_build_armcc () { # unavailable, and the user is notified via a #warning. So enabling # this feature would prevent us from building with -Werror on # armclang. Tracked in #7198. - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_HAVE_ASM From 28b4da954bcdefe2d7e8b0d4a433d69f69f1e9ac Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 3 Oct 2023 17:32:50 +0100 Subject: [PATCH 0190/1674] Add PSA threading design Signed-off-by: Janos Follath --- docs/architecture/psa-thread-safety.md | 70 ++++++++++++++++++++++++-- 1 file changed, 67 insertions(+), 3 deletions(-) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md index 06bdcc056..072430762 100644 --- a/docs/architecture/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety.md @@ -53,7 +53,7 @@ We need to define clear policies so that driver implementers know what to expect * Driver entry points may be called concurrently from multiple threads, even if they're using the same key, and even including destroying a key while an operation is in progress on it. * At most one driver entry point is active at any given time. -A more reasonable policy could be: +Combining the two we arrive at the following policy: * By default, each driver only has at most one entry point active at any given time. In other words, each driver has its own exclusive lock. * Drivers have an optional `"thread_safe"` boolean property. If true, it allows concurrent calls to this driver. @@ -293,8 +293,72 @@ There is currently no indication of when a slot is in the WRITING state. This on ### Destruction of a key in use -Problem: a key slot is destroyed (by `psa_wipe_key_slot`) while it's in use (READING or WRITING). +Problem: In #key-destruction-long-term-requirements we require that the key slot is destroyed (by `psa_wipe_key_slot`) even while it's in use (READING or WRITING). -TODO: how do we ensure that? This needs something more sophisticated than mutexes (concurrency number >2)! Even a per-slot mutex isn't enough (we'd need a reader-writer lock). +How do we ensure that? This needs something more sophisticated than mutexes (concurrency number >2)! Even a per-slot mutex isn't enough (we'd need a reader-writer lock). Solution: after some team discussion, we've decided to rely on a new threading abstraction which mimics C11 (i.e. `mbedtls_fff` where `fff` is the C11 function name, having the same parameters and return type, with default implementations for C11, pthreads and Windows). We'll likely use condition variables in addition to mutexes. + +#### Mutex only + +When calling `psa_wipe_key_slot` it is the callers responsibility to set the slot state to WRITING first. For most functions this is a clean UNUSED -> WRITING transition: psa_get_empty_key_slot, psa_get_and_lock_key_slot, psa_close_key, psa_purge_key. + +`psa_wipe_all_key_slots` is only called from `mbedtls_psa_crypto_free`, here we will need to return an error as we won't be able to free the key store if a key is in use without compromising the state of the secure side. This opens up the way for an untrusted application to launch a DoS attack against the crypto service, but this is still better than compromising confidentiality or integrity and this is the most we can do with mutexes only. Also, this is the current behaviour. + +`psa_destroy_key` marks the slot as deleted, deletes persistent keys and opaque keys and returns. This only works if drivers are protected by a mutex (and the persistent storage as well if needed). When the last reading operation finishes, it wipes the key slot. This will free the key ID, but the slot might be still in use. In case of volatile keys freeing up the ID while the slot is still in use does not provide any benefit and we don't need to do it. + +These are serious limitations, but this can be implemented with mutexes only and arguably satisfies the #key-destruction-short-term-requirements. + +Variations: + +1. As a first step the multipart operations would lock the keys for reading on setup and release on free +2. In a later stage this would be improved by locking the keys on entry into multi-part API calls and released before exiting. + +The second variant can't be implemented as a backward compatible improvement on the first as multipart operations that were successfully completed in the first case, would fail in the second. If we want to implement these incrementally, multipart operations in a multithreaded environment must left unsupported in the first variant. + +### Condition variables + +Clean UNUSED -> WRITING transition works as before. + +`psa_wipe_all_key_slots` and `psa_destroy_key` mark the slot as deleted and go to sleep until the slot state becomes UNUSED. When waking up, they wipe the slot, and return. + +If the slot is already marked as deleted the threads calling `psa_wipe_all_key_slots` and `psa_destroy_key` go to sleep until the deletion completes. To satisfy #key-destruction-long-term-requirements none of the threads may return from the call until the slot is deleted completely. This can be achieved by signalling them when the slot has already been whiped and ready for use, that is not marked for deletion anymore. To handle spurious wake-ups, these threads need to be able to tell whether the slot was already deleted. This is not trivial, because by the time the thread wakes up, theoretically the slot might be in any state. It might have been reused and maybe even marked for deletion again. + +To resolve this, we can either: + +1. Depend on the deletion marker. If the slot has been reused and is marked for deletion again, the threads keep waiting until the second deletion completes. +2. Introduce a uuid (eg a global counter plus a slot ID), which is recorded by the thread waiting for deletion and checks whether it matches. If it doesn't, the function can return as the slot was already reallocated. If it does match, it can check whether it is still marked for deletion, if it is, the thread goes back to sleep, if it isn't, the function can return. + +#### Platform abstraction + +Introducing condition variables to the platform abstraction layer would be best done in a major version. If we can't wait until that, we will need to introduce a new compile time flag. Considering that this only will be needed on the PSA Crypto side and the upcoming split, it makes sense to make this flag responsible for the entire PSA Crypto threading support. Therefore if we want to keep the option open for implementing this in a backward compatible manner, we need to introduce and use this new flag already when implementing #mutex-only. (If we keep the abstraction layer for mutexes the same, this shouldn't mean increase in code size and would mean only minimal effort on the porting side.) + +### Operation contexts + +Concurrent access to the same operation context can compromise the crypto service for example if the operation context has a pointer (depending on the compiler and the platform, the pointer assignment may or may not be atomic). This violates the functional correctness requirement. (Concurrent calls to operations is undefined behaviour, but still should not compromise the CIA of the crypto service.) + +Operations will have a status field protected by a global mutex similarly to key slots. On entry, API calls check the state and return an error if it is already ACTIVE. Otherwise they set it to ACTIVE and restore it to INACTIVE before returning. + +### Drivers + +Each driver that hasn’t got the "thread_safe” property set has a dedicated mutex. + +Implementing "thread_safe” drivers depends on the condition variable protection in the key store, as we must guarantee that the core never starts the destruction of a key while there are operations in progress on it. + +Start with implementing threading for drivers without the "thread_safe” property (all drivers behave like the property wasn't set). Add "thread_safe" drivers at some point after the #condition-variables approach is implemented in the core. + +### Global Data + +PSA Crypto makes use of a `global_data` variable that will be accessible from multiple threads and needs to be protected. Any function accessing this variable (or its members) must take the corresponding lock first. Since `global_data` holds the RNG state, these will involve relatively expensive operations and therefore ideally `global_data` should be protected by its own, dedicated lock (different from the one protecting the key store). + +Note that this does not protect access to the RNG via `mbedtls_psa_get_random`, which is guaranteed to be thread-safe when `MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG` is disabled. Still, doing so is conceptually simpler and we probably will want to remove the lower level mutex in the long run, since the corresponding interface will be removed from the public API. The two mutexes are different and are always taken in the same order, there is no risk of deadlock. + +The purpose of `MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG` is very similar to the driver interface (and might even be added to it in the long run), therefore it makes sense to handle it the same way. In particular, we can use the `global_data` mutex to protect it as a default and when we implement the "thread_safe” property for drivers, we implement it for `MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG` as well. + +### Implementation notes + +Since we only have simple mutexes, locking the same mutex from the same thread is a deadlock. Therefore functions taking the global mutex must not be called while holding the same mutex. Functions taking the mutex will document this fact and the implications. + +Releasing the mutex before a function call might introduce race conditions. Therefore might not be practical to take the mutex in low level access functions. If functions like that don't take the mutex, they need to rely on the caller to take it for them. These functions will document that the caller is required to hold the mutex. + +To avoid performance degradation, functions must not start expensive operations (eg. doing cryptography) while holding the mutex. From 86f9795b0058c1c81063cbe05a7b6c07e52de6b6 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 10 Oct 2023 16:50:49 +0100 Subject: [PATCH 0191/1674] Update documentation Add further information about PSA hashing to the comment at the beginning of the code. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index dc698a162..b3f3597f0 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -33,11 +33,15 @@ #include "mbedtls/build_info.h" #include "mbedtls/platform.h" -/* The algorithm used by this demo is SHA 256. +/* Information about hashing with the PSA API can be + * found here: + * https://arm-software.github.io/psa-api/crypto/1.1/api/ops/hashes.html + * + * The algorithm used by this demo is SHA 256. * Please see include/psa/crypto_values.h to see the other - * algorithms that are supported. If you switch to a different - * algorithm you will need to update the hash data in the - * SAMPLE_HASH_DATA macro below.*/ + * algorithms that are supported by Mbed TLS. + * If you switch to a different algorithm you will need to update + * the hash data in the SAMPLE_HASH_DATA macro below. */ #define HASH_ALG PSA_ALG_SHA_256 From 760538885a0c6d07f67c98b11e8a15b8d5f8bfc5 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 10 Oct 2023 17:38:53 +0100 Subject: [PATCH 0192/1674] Inform user when unknown hash algorithm supplied Excplictly inform the user that their hash algorithm selection is invalid. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index b3f3597f0..fc39849cc 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -84,7 +84,11 @@ int main(void) /* Compute hash using multi-part operation */ status = psa_hash_setup(&hash_operation, HASH_ALG); - if (status != PSA_SUCCESS) { + if (status == PSA_ERROR_NOT_SUPPORTED){ + mbedtls_printf("unknown hash algorithm supplied\n"); + return EXIT_FAILURE; + } + else if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_setup failed\n"); return EXIT_FAILURE; } From 0ecb635ca5a41fee0af01f5cd5aeb85622a0a1f3 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 11 Oct 2023 10:36:55 +0800 Subject: [PATCH 0193/1674] aesni: select `__cpuid` impl based on compiler type MinGW provides both kinds of implementations of `__cpuid`, but since `cpuid.h` is provided by GNUC, so we should choose the implementation by the compiler type instead of OS type. Signed-off-by: Pengyu Lv --- library/aesni.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/library/aesni.c b/library/aesni.c index 322a25533..b90e7f9a3 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -33,10 +33,12 @@ #if defined(MBEDTLS_AESNI_HAVE_CODE) #if MBEDTLS_AESNI_HAVE_CODE == 2 -#if !defined(_WIN32) +#if defined(__GNUC__) #include -#else +#elif defined(_MSC_VER) #include +#else +#error "`__cpuid` required by MBEDTLS_AESNI_C is not supported by the compiler" #endif #include #endif @@ -53,7 +55,7 @@ int mbedtls_aesni_has_support(unsigned int what) if (!done) { #if MBEDTLS_AESNI_HAVE_CODE == 2 static int info[4] = { 0, 0, 0, 0 }; -#if defined(_WIN32) +#if defined(_MSC_VER) __cpuid(info, 1); #else __cpuid(1, info[0], info[1], info[2], info[3]); From 64cca2f3eadfbf9665f50d82348bc254f35932fe Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 10 Oct 2023 18:22:24 +0800 Subject: [PATCH 0194/1674] all.sh: Re-enable MBEDTLS_AESNI_C in some components Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7e6c95c62..ca8404049 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4626,8 +4626,7 @@ component_test_m32_o0 () { # build) and not the i386-specific inline assembly. msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s scripts/config.py full - scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0 -maes -msse2 -mpclmul" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O0 (ASan build)" make test @@ -4644,8 +4643,7 @@ component_test_m32_o2 () { # and go faster for tests. msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s scripts/config.py full - scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2 -maes -msse2 -mpclmul" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O2 (ASan build)" make test @@ -4660,8 +4658,7 @@ support_test_m32_o2 () { component_test_m32_everest () { msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED - scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2 -maes -msse2 -mpclmul" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s make test @@ -5114,16 +5111,15 @@ component_test_tls13_only_record_size_limit () { component_build_mingw () { msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s - scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 lib programs # note Make tests only builds the tests, but doesn't run them - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 tests + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -maes -msse2 -mpclmul' WINDOWS_BUILD=1 tests make WINDOWS_BUILD=1 clean msg "build: Windows cross build - mingw64, make (DLL)" # ~ 30s - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 lib programs - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 tests + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 SHARED=1 lib programs + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 SHARED=1 tests make WINDOWS_BUILD=1 clean } support_build_mingw() { From 34500874cee2fa1bea3109d71e7dcad764131dfb Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 11 Oct 2023 10:04:54 +0100 Subject: [PATCH 0195/1674] Remove trailing white space in documentation Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index fc39849cc..a3923628f 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -36,7 +36,7 @@ /* Information about hashing with the PSA API can be * found here: * https://arm-software.github.io/psa-api/crypto/1.1/api/ops/hashes.html - * + * * The algorithm used by this demo is SHA 256. * Please see include/psa/crypto_values.h to see the other * algorithms that are supported by Mbed TLS. From be7915aa6ceddaaf81652c0072ea5fd2b2466932 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 10:46:38 +0100 Subject: [PATCH 0196/1674] Revert renaming of SHA512 options Signed-off-by: Dave Rodgman --- include/mbedtls/check_config.h | 20 +++--- include/mbedtls/config_adjust_legacy_crypto.h | 7 -- include/mbedtls/mbedtls_config.h | 42 +++-------- library/sha512.c | 70 +++++++++---------- scripts/config.py | 8 +-- tests/scripts/all.sh | 12 ++-- 6 files changed, 64 insertions(+), 95 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index b346f1f6e..3df6ede44 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -829,24 +829,24 @@ #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*" #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) #if !defined(MBEDTLS_SHA512_C) -#error "MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA512_C" +#error "MBEDTLS_SHA512_USE_A64_CRYPTO_* defined without MBEDTLS_SHA512_C" #endif #if defined(MBEDTLS_SHA512_ALT) || defined(MBEDTLS_SHA512_PROCESS_ALT) -#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_*" #endif -#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) && !defined(__aarch64__) -#error "MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY defined on non-Aarch64 system" +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(__aarch64__) +#error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system" #endif #if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \ diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index c8791fc63..9bb1f88f4 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -193,12 +193,5 @@ #if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) #define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ - !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) -#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT -#endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) -#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY -#endif #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H */ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 49ae7218e..b5c0d5879 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3390,13 +3390,13 @@ #define MBEDTLS_SHA3_C /** - * \def MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + * \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions if they are available at runtime. * If not, the library will fall back to the C implementation. * - * \note If MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT is defined when building + * \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building * for a non-Aarch64 build it will be silently ignored. * * \note Minimum compiler versions for this feature are Clang 7.0, @@ -3405,38 +3405,27 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for * armclang 6.9 * - * \note This was previously known as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. - * That name is deprecated, but may still be used as an alternative form for this - * option. - * - * \warning MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT cannot be defined at the - * same time as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY. + * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the + * same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c * - * Uncomment to have the library check for the Armv8-A SHA-512 crypto extensions + * Uncomment to have the library check for the A64 SHA-512 crypto extensions * and use them if available. */ -//#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT - -/* - * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT. - * This name is now deprecated, but may still be used as an alternative form for - * this option. - */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT /** - * \def MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY + * \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY * * Enable acceleration of the SHA-512 and SHA-384 cryptographic hash algorithms * with the ARMv8 cryptographic extensions, which must be available at runtime * or else an illegal instruction fault will occur. * * \note This allows builds with a smaller code size than with - * MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT * * \note Minimum compiler versions for this feature are Clang 7.0, * armclang 6.9 or GCC 8.0. @@ -3444,27 +3433,16 @@ * \note \c CFLAGS must be set to a minimum of \c -march=armv8.2-a+sha3 for * armclang 6.9 * - * \note This was previously known as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. - * That name is deprecated, but may still be used as an alternative form for this - * option. - * - * \warning MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same - * time as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT. + * \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same + * time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT. * * Requires: MBEDTLS_SHA512_C. * * Module: library/sha512.c * - * Uncomment to have the library use the Armv8-A SHA-512 crypto extensions + * Uncomment to have the library use the A64 SHA-512 crypto extensions * unconditionally. */ -//#define MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY - -/* - * \deprecated This is now known as MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY. - * This name is now deprecated, but may still be used as an alternative form for - * this option. - */ //#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY /** diff --git a/library/sha512.c b/library/sha512.c index ab13e841e..e739af254 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -57,8 +57,8 @@ #include "mbedtls/platform.h" #if defined(__aarch64__) -# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) /* *INDENT-OFF* */ # ifdef __ARM_NEON # include @@ -83,35 +83,35 @@ /* Test Clang first, as it defines __GNUC__ */ # if defined(__ARMCOMPILER_VERSION) # if __ARMCOMPILER_VERSION < 6090000 -# error "A more recent armclang is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "A more recent armclang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # elif __ARMCOMPILER_VERSION == 6090000 -# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__clang__) # if __clang_major__ < 7 -# error "A more recent Clang is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # else # pragma clang attribute push (__attribute__((target("sha3"))), apply_to=function) # define MBEDTLS_POP_TARGET_PRAGMA # endif # elif defined(__GNUC__) # if __GNUC__ < 8 -# error "A more recent GCC is required for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # else # pragma GCC push_options # pragma GCC target ("arch=armv8.2-a+sha3") # define MBEDTLS_POP_TARGET_PRAGMA # endif # else -# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_*" +# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*" # endif # endif /* *INDENT-ON* */ # endif -# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) # if defined(__unix__) # if defined(__linux__) /* Our preferred method of detection is getauxval() */ @@ -122,19 +122,19 @@ # endif # endif #elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) # include # endif #else -# undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY -# undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT +# undef MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY +# undef MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) /* * Capability detection code comes early, so we can disable - * MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT if no detection mechanism found + * MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT if no detection mechanism found */ #if defined(HWCAP_SHA512) static int mbedtls_a64_crypto_sha512_determine_support(void) @@ -161,9 +161,9 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) * SHA-512 support. So we fall back to the C code only. */ #if defined(_MSC_VER) -#pragma message "No mechanism to detect ARMV8_CRYPTO found, using C code only" +#pragma message "No mechanism to detect A64_CRYPTO found, using C code only" #else -#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" +#warning "No mechanism to detect A64_CRYPTO found, using C code only" #endif #elif defined(__unix__) && defined(SIG_SETMASK) /* Detection with SIGILL, setjmp() and longjmp() */ @@ -173,7 +173,7 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) static jmp_buf return_from_sigill; /* - * Armv8 SHA512 support detection via SIGILL + * A64 SHA512 support detection via SIGILL */ static void sigill_handler(int signal) { @@ -210,11 +210,11 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) return ret; } #else -#warning "No mechanism to detect ARMV8_CRYPTO found, using C code only" -#undef MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT +#warning "No mechanism to detect A64_CRYPTO found, using C code only" +#undef MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT #endif /* HWCAP_SHA512, __APPLE__, __unix__ && SIG_SETMASK */ -#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT */ #if !defined(MBEDTLS_SHA512_ALT) @@ -352,10 +352,10 @@ static const uint64_t K[80] = }; #endif -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) # define mbedtls_internal_sha512_process_many_a64_crypto mbedtls_internal_sha512_process_many # define mbedtls_internal_sha512_process_a64_crypto mbedtls_internal_sha512_process #endif @@ -567,9 +567,9 @@ static size_t mbedtls_internal_sha512_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and Armv8 + * This function is for internal use only if we are building both C and A64 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() */ static @@ -582,7 +582,7 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, SHA512_BLOCK_SIZE) ? 0 : -1; } -#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ +#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ #if defined(MBEDTLS_POP_TARGET_PRAGMA) #if defined(__clang__) @@ -594,17 +594,17 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, #endif -#if !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) #define mbedtls_internal_sha512_process_many_c mbedtls_internal_sha512_process_many #define mbedtls_internal_sha512_process_c mbedtls_internal_sha512_process #endif -#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and Armv8 + * This function is for internal use only if we are building both C and A64 * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() */ static @@ -701,10 +701,10 @@ int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ -#if !defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) static size_t mbedtls_internal_sha512_process_many_c( mbedtls_sha512_context *ctx, const uint8_t *data, size_t len) @@ -725,10 +725,10 @@ static size_t mbedtls_internal_sha512_process_many_c( return processed; } -#endif /* !MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ -#if defined(MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT) +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) static int mbedtls_a64_crypto_sha512_has_support(void) { @@ -763,7 +763,7 @@ int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, } } -#endif /* MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT */ +#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT */ /* * SHA-512 process buffer diff --git a/scripts/config.py b/scripts/config.py index 6e32e3db2..eeda6e18d 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -214,9 +214,8 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_PSA_INJECT_ENTROPY', # conflicts with platform entropy sources 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) @@ -280,10 +279,9 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_THREADING_C', # requires a threading interface 'MBEDTLS_THREADING_PTHREAD', # requires pthread 'MBEDTLS_TIMING_C', # requires a clock - 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection - 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA256_USE_A64_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection - 'MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) def keep_in_baremetal(name): diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5be96a586..49492651d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2248,9 +2248,9 @@ component_build_module_alt () { # MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY - # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_* - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_ONLY + # MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_* + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY # Enable all MBEDTLS_XXX_ALT for whole modules. Do not enable # MBEDTLS_XXX_YYY_ALT which are for single functions. @@ -3467,7 +3467,7 @@ config_psa_crypto_hash_use_psa () { scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA384_C scripts/config.py unset MBEDTLS_SHA512_C - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT scripts/config.py unset MBEDTLS_SHA3_C fi } @@ -4332,7 +4332,7 @@ component_build_aes_aesce_armcc () { scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, @@ -4936,7 +4936,7 @@ component_build_armcc () { msg "build: ARM Compiler 5" scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics - scripts/config.py unset MBEDTLS_SHA512_USE_ARMV8_A_CRYPTO_IF_PRESENT + scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, From d680d4fbf909f78ff6a163a3206d8dd2ef1c83d7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 11:05:22 +0100 Subject: [PATCH 0197/1674] SHA256 renaming - fix some missed things Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 4 ++-- tests/scripts/depends.py | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index bff70f500..46b2ca2a2 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -2,6 +2,6 @@ Features * Support Armv8-A Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. New deprecations - * Rename the SHAxxx_USE_A64_CRYPTO_yyy config options to - SHAxxx_USE_ARMV8_CRYPTO_yyy. The old names may still be + * Rename the SHA256_USE_A64_CRYPTO_xxx config options to + SHA256_USE_ARMV8_A_CRYPTO_xxx. The old names may still be used, but are deprecated. diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index e92564151..96529de7d 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -262,16 +262,16 @@ REVERSE_DEPENDENCIES = { 'MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED'], 'MBEDTLS_SHA256_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED', 'MBEDTLS_ENTROPY_FORCE_SHA256', - 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', - 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', 'MBEDTLS_LMS_C', 'MBEDTLS_LMS_PRIVATE'], 'MBEDTLS_SHA512_C': ['MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY'], 'MBEDTLS_SHA224_C': ['MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED', 'MBEDTLS_ENTROPY_FORCE_SHA256', - 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', - 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY'], + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY'], 'MBEDTLS_X509_RSASSA_PSS_SUPPORT': [] } From 830dc3dc71667a85fc09ae56c3c876998eaef53f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 11:20:16 +0100 Subject: [PATCH 0198/1674] Improve Changelog Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index 46b2ca2a2..0f9754460 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -2,6 +2,6 @@ Features * Support Armv8-A Crypto Extension acceleration for SHA-256 when compiling for Thumb or 32-bit Arm. New deprecations - * Rename the SHA256_USE_A64_CRYPTO_xxx config options to - SHA256_USE_ARMV8_A_CRYPTO_xxx. The old names may still be - used, but are deprecated. + * Rename the MBEDTLS_SHA256_USE_A64_CRYPTO_xxx config options to + MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_xxx. The old names may still + be used, but are deprecated. From 3f02bb7a96baf3cd95f4bb85f5ea1f52e9e9d9b7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 2 Oct 2023 15:57:33 +0200 Subject: [PATCH 0199/1674] test: use full config in accelerated AEAD test Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7e6c95c62..fb4f99f30 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3571,13 +3571,14 @@ component_test_psa_crypto_config_accel_cipher () { component_test_psa_crypto_config_accel_aead () { msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated AEAD" - loc_accel_list="ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 KEY_TYPE_AES KEY_TYPE_CHACHA20 KEY_TYPE_ARIA KEY_TYPE_CAMELLIA" + loc_accel_list="ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 \ + KEY_TYPE_AES KEY_TYPE_CHACHA20 KEY_TYPE_ARIA KEY_TYPE_CAMELLIA" # Configure # --------- - # Start from default config (no TLS 1.3, no USE_PSA) - helper_libtestdriver1_adjust_config "default" + # Start from full config + helper_libtestdriver1_adjust_config "full" # Disable things that are being accelerated scripts/config.py unset MBEDTLS_GCM_C From e7bac17b5d0cef95ff160d051b88c9df246c0e5e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 2 Oct 2023 16:03:42 +0200 Subject: [PATCH 0200/1674] test: keep SSL_TICKET_C and SSL_CONTEXT_SERIALIZATION enabled Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 15 +++++++++++++-- tests/scripts/all.sh | 3 --- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index e18e9a5fc..815bfb69c 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -1040,7 +1040,12 @@ #endif #if defined(MBEDTLS_SSL_TICKET_C) && \ - !( defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) ) + !( defined(MBEDTLS_GCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) || \ + defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) || \ + defined(MBEDTLS_CHACHAPOLY_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) ) #error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" #endif @@ -1141,7 +1146,13 @@ #error "MBEDTLS_SSL_RECORD_SIZE_LIMIT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) && !( defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) ) +#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) && \ + !( defined(MBEDTLS_GCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) || \ + defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) || \ + defined(MBEDTLS_CHACHAPOLY_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) ) #error "MBEDTLS_SSL_CONTEXT_SERIALIZATION defined, but not all prerequisites" #endif diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index fb4f99f30..ab684089a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3584,9 +3584,6 @@ component_test_psa_crypto_config_accel_aead () { scripts/config.py unset MBEDTLS_GCM_C scripts/config.py unset MBEDTLS_CCM_C scripts/config.py unset MBEDTLS_CHACHAPOLY_C - # Features that depend on AEAD - scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION - scripts/config.py unset MBEDTLS_SSL_TICKET_C # Build # ----- From d0411defa25f51f34b18ce83723dc22ed9d5ba41 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 3 Oct 2023 15:10:59 +0200 Subject: [PATCH 0201/1674] cipher: add internal symbols for AEAD capabilities Signed-off-by: Valerio Setti --- include/mbedtls/cipher.h | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 9c8701d38..9f8657599 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -33,7 +33,24 @@ #include #include "mbedtls/platform_util.h" -#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) +/* Support for GCM either through MbedTLS SW implementation or PSA */ +#if defined(MBEDTLS_GCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) +#define MBEDTLS_CIPHER_HAVE_GCM +#endif +/* Support for CCM either through MbedTLS SW implementation or PSA */ +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) +#define MBEDTLS_CIPHER_HAVE_CCM +#endif +/* Support for CHACHAPOLY either through MbedTLS SW implementation or PSA */ +#if defined(MBEDTLS_CHACHAPOLY_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) +#define MBEDTLS_CIPHER_HAVE_CHACHAPOLY +#endif + +#if defined(MBEDTLS_CIPHER_HAVE_GCM) || defined(MBEDTLS_CIPHER_HAVE_CCM) || \ + defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) #define MBEDTLS_CIPHER_MODE_AEAD #endif From d4a10cebe4508685395fb23044f3887079af1bbf Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 3 Oct 2023 15:11:48 +0200 Subject: [PATCH 0202/1674] cipher/tls: use new symbols for guarding AEAD code Signed-off-by: Valerio Setti --- library/cipher_wrap.c | 54 ++++++++++++--- library/ssl_ciphersuites.c | 132 ++++++++++++++++++------------------- library/ssl_msg.c | 18 ++--- library/ssl_tls.c | 6 +- 4 files changed, 120 insertions(+), 90 deletions(-) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index bbf57ceee..5a789ced9 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -80,7 +80,8 @@ enum mbedtls_cipher_base_index { #if defined(MBEDTLS_CAMELLIA_C) MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, #endif -#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C) +#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) @@ -104,7 +105,8 @@ enum mbedtls_cipher_base_index { #if defined(MBEDTLS_DES_C) MBEDTLS_CIPHER_BASE_INDEX_DES, #endif -#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) MBEDTLS_CIPHER_BASE_INDEX_GCM_AES, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) @@ -576,7 +578,10 @@ static int gcm_aes_setkey_wrap(void *ctx, const unsigned char *key, return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES, key, key_bitlen); } +#endif /* MBEDTLS_GCM_C */ +#if defined(MBEDTLS_GCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) static const mbedtls_cipher_base_t gcm_aes_info = { MBEDTLS_CIPHER_ID_AES, NULL, @@ -598,12 +603,22 @@ static const mbedtls_cipher_base_t gcm_aes_info = { #if defined(MBEDTLS_CIPHER_MODE_STREAM) NULL, #endif +#if defined(MBEDTLS_GCM_C) gcm_aes_setkey_wrap, gcm_aes_setkey_wrap, gcm_ctx_alloc, gcm_ctx_free, +#else + NULL, + NULL, + NULL, + NULL, +#endif /* MBEDTLS_GCM_C */ }; +#endif /* MBEDTLS_GCM_C || (MBEDTLS_USE_PSA_CRYPTO && PSA_WANT_ALG_GCM) */ +#if defined(MBEDTLS_GCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) static const mbedtls_cipher_info_t aes_128_gcm_info = { "AES-128-GCM", 16, @@ -638,7 +653,7 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = { MBEDTLS_CIPHER_BASE_INDEX_GCM_AES }; #endif -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_GCM_C || PSA_WANT_ALG_GCM */ #if defined(MBEDTLS_CCM_C) static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, @@ -647,7 +662,10 @@ static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES, key, key_bitlen); } +#endif /* MBEDTLS_CCM_C */ +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) static const mbedtls_cipher_base_t ccm_aes_info = { MBEDTLS_CIPHER_ID_AES, NULL, @@ -669,12 +687,22 @@ static const mbedtls_cipher_base_t ccm_aes_info = { #if defined(MBEDTLS_CIPHER_MODE_STREAM) NULL, #endif +#if defined(MBEDTLS_CCM_C) ccm_aes_setkey_wrap, ccm_aes_setkey_wrap, ccm_ctx_alloc, ccm_ctx_free, +#else + NULL, + NULL, + NULL, + NULL, +#endif }; +#endif /* MBEDTLS_CCM_C || (MBEDTLS_USE_PSA_CRYPTO && PSA_WANT_ALG_CCM) */ +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) static const mbedtls_cipher_info_t aes_128_ccm_info = { "AES-128-CCM", 16, @@ -709,7 +737,10 @@ static const mbedtls_cipher_info_t aes_256_ccm_info = { MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif +#endif /* MBEDTLS_CCM_C || PSA_WANT_ALG_CCM */ +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)) static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { "AES-128-CCM*-NO-TAG", 16, @@ -744,7 +775,7 @@ static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CCM_C || PSA_WANT_ALG_CCM_STAR_NO_TAG */ #endif /* MBEDTLS_AES_C */ @@ -2245,19 +2276,24 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = { MBEDTLS_CIPHER_AES_256_XTS, &aes_256_xts_info }, #endif #endif -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_GCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) { MBEDTLS_CIPHER_AES_128_GCM, &aes_128_gcm_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_GCM, &aes_192_gcm_info }, { MBEDTLS_CIPHER_AES_256_GCM, &aes_256_gcm_info }, #endif #endif -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) { MBEDTLS_CIPHER_AES_128_CCM, &aes_128_ccm_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM, &aes_192_ccm_info }, { MBEDTLS_CIPHER_AES_256_CCM, &aes_256_ccm_info }, #endif +#endif +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)) { MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, &aes_128_ccm_star_no_tag_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, &aes_192_ccm_star_no_tag_info }, @@ -2387,7 +2423,8 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #if defined(MBEDTLS_CAMELLIA_C) [MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA] = &camellia_info, #endif -#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C) +#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM) && defined(PSA_WANT_KEY_TYPE_AES)) [MBEDTLS_CIPHER_BASE_INDEX_CCM_AES] = &ccm_aes_info, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) @@ -2411,7 +2448,8 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #if defined(MBEDTLS_DES_C) [MBEDTLS_CIPHER_BASE_INDEX_DES] = &des_info, #endif -#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_KEY_TYPE_AES)) [MBEDTLS_CIPHER_BASE_INDEX_GCM_AES] = &gcm_aes_info, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 2368489df..b50df5c87 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -293,7 +293,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = { #if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, @@ -308,8 +308,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, #endif /* MBEDTLS_MD_CAN_SHA256 */ -#endif /* MBEDTLS_GCM_C */ -#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_MD_CAN_SHA256) +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#if defined(MBEDTLS_CIPHER_HAVE_CCM) && defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS1_3_AES_128_CCM_SHA256, "TLS1-3-AES-128-CCM-SHA256", MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ @@ -320,19 +320,19 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, -#endif /* MBEDTLS_MD_CAN_SHA256 && MBEDTLS_CCM_C */ +#endif /* MBEDTLS_MD_CAN_SHA256 && MBEDTLS_CIPHER_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_MD_CAN_SHA256) +#if defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) && defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256, "TLS1-3-CHACHA20-POLY1305-SHA256", MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ 0, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, -#endif /* MBEDTLS_CHACHAPOLY_C && MBEDTLS_MD_CAN_SHA256 */ +#endif /* MBEDTLS_CIPHER_HAVE_CHACHAPOLY && MBEDTLS_MD_CAN_SHA256 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ -#if defined(MBEDTLS_CHACHAPOLY_C) && \ +#if defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) && \ defined(MBEDTLS_MD_CAN_SHA256) && \ defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) @@ -391,7 +391,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#endif /* MBEDTLS_CHACHAPOLY_C && +#endif /* MBEDTLS_CIPHER_HAVE_CHACHAPOLY && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) @@ -415,12 +415,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -429,14 +429,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, @@ -453,7 +453,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -474,7 +474,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -489,7 +489,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -523,12 +523,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if (defined(MBEDTLS_GCM_C) || defined(PSA_WANT_ALG_GCM)) { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -537,12 +537,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if (defined(MBEDTLS_GCM_C) || defined(PSA_WANT_ALG_GCM)) { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ @@ -564,7 +564,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -579,7 +579,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -595,7 +595,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_MD_CAN_SHA384) && \ - defined(MBEDTLS_GCM_C) + defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, @@ -603,12 +603,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_GCM_C */ #if defined(MBEDTLS_MD_CAN_SHA256) -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256", @@ -636,7 +636,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, @@ -653,7 +653,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -682,7 +682,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -696,7 +696,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ @@ -704,7 +704,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_MD_CAN_SHA384) && \ - defined(MBEDTLS_GCM_C) + defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 0, @@ -712,12 +712,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_GCM_C */ #if defined(MBEDTLS_MD_CAN_SHA256) -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256", @@ -745,7 +745,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_MD_CAN_SHA1 */ -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 0, @@ -762,7 +762,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -792,7 +792,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, @@ -806,7 +806,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ @@ -832,12 +832,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -846,12 +846,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ @@ -873,7 +873,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -888,7 +888,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -922,12 +922,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -936,12 +936,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ @@ -963,7 +963,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -978,7 +978,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -993,7 +993,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1007,7 +1007,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1036,7 +1036,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 0, @@ -1053,7 +1053,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -1073,7 +1073,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1087,14 +1087,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1108,7 +1108,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1137,7 +1137,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, @@ -1154,7 +1154,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -1174,7 +1174,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1188,7 +1188,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ @@ -1249,7 +1249,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1263,7 +1263,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1311,7 +1311,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1325,19 +1325,19 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8", MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index c312d816e..ff8de9278 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -863,9 +863,7 @@ static void ssl_extract_add_data_from_record(unsigned char *add_data, *add_data_len = cur - add_data; } -#if defined(MBEDTLS_GCM_C) || \ - defined(MBEDTLS_CCM_C) || \ - defined(MBEDTLS_CHACHAPOLY_C) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_transform_aead_dynamic_iv_is_explicit( mbedtls_ssl_transform const *transform) @@ -910,7 +908,7 @@ static void ssl_build_record_nonce(unsigned char *dst_iv, dst_iv += dst_iv_len - dynamic_iv_len; mbedtls_xor(dst_iv, dst_iv, dynamic_iv, dynamic_iv_len); } -#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl, mbedtls_ssl_transform *transform, @@ -1146,9 +1144,7 @@ hmac_failed_etm_disabled: } else #endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */ -#if defined(MBEDTLS_GCM_C) || \ - defined(MBEDTLS_CCM_C) || \ - defined(MBEDTLS_CHACHAPOLY_C) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) if (ssl_mode == MBEDTLS_SSL_MODE_AEAD) { unsigned char iv[12]; unsigned char *dynamic_iv; @@ -1258,7 +1254,7 @@ hmac_failed_etm_disabled: auth_done++; } else -#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) if (ssl_mode == MBEDTLS_SSL_MODE_CBC || ssl_mode == MBEDTLS_SSL_MODE_CBC_ETM) { @@ -1559,9 +1555,7 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, * so there's no encryption to do here.*/ } else #endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */ -#if defined(MBEDTLS_GCM_C) || \ - defined(MBEDTLS_CCM_C) || \ - defined(MBEDTLS_CHACHAPOLY_C) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) if (ssl_mode == MBEDTLS_SSL_MODE_AEAD) { unsigned char iv[12]; unsigned char *dynamic_iv; @@ -1677,7 +1671,7 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } } else -#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) if (ssl_mode == MBEDTLS_SSL_MODE_CBC || ssl_mode == MBEDTLS_SSL_MODE_CBC_ETM) { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d3a7ddb42..540beb0f9 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -8287,9 +8287,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; #endif -#if defined(MBEDTLS_GCM_C) || \ - defined(MBEDTLS_CCM_C) || \ - defined(MBEDTLS_CHACHAPOLY_C) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) if (ssl_mode == MBEDTLS_SSL_MODE_AEAD) { size_t explicit_ivlen; @@ -8324,7 +8322,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, explicit_ivlen = transform->ivlen - transform->fixed_ivlen; transform->minlen = explicit_ivlen + transform->taglen; } else -#endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) if (ssl_mode == MBEDTLS_SSL_MODE_STREAM || ssl_mode == MBEDTLS_SSL_MODE_CBC || From a797ce3ed2fd23779851f1dfb4bc1e067162d099 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 3 Oct 2023 15:16:38 +0200 Subject: [PATCH 0203/1674] test: use full config in test_psa_crypto_config_accel_cipher Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ab684089a..ab1007812 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3532,7 +3532,7 @@ component_test_psa_crypto_config_accel_cipher () { # --------- # Start from the default config (no TLS 1.3, no USE_PSA) - helper_libtestdriver1_adjust_config "default" + helper_libtestdriver1_adjust_config "full" # There is no intended accelerator support for ALG CMAC. Therefore, asking # for it in the build implies the inclusion of the Mbed TLS cipher From 6bd3d9b166ec086b8eefe834fec390194c2c4df7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 9 Oct 2023 09:29:25 +0200 Subject: [PATCH 0204/1674] cipher: fix missing spaces Signed-off-by: Valerio Setti --- include/mbedtls/cipher.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 9f8657599..5153e19dd 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -33,17 +33,17 @@ #include #include "mbedtls/platform_util.h" -/* Support for GCM either through MbedTLS SW implementation or PSA */ +/* Support for GCM either through Mbed TLS SW implementation or PSA */ #if defined(MBEDTLS_GCM_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) #define MBEDTLS_CIPHER_HAVE_GCM #endif -/* Support for CCM either through MbedTLS SW implementation or PSA */ +/* Support for CCM either through Mbed TLS SW implementation or PSA */ #if defined(MBEDTLS_CCM_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) #define MBEDTLS_CIPHER_HAVE_CCM #endif -/* Support for CHACHAPOLY either through MbedTLS SW implementation or PSA */ +/* Support for CHACHAPOLY either through Mbed TLS SW implementation or PSA */ #if defined(MBEDTLS_CHACHAPOLY_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) #define MBEDTLS_CIPHER_HAVE_CHACHAPOLY From 4d0e84628c28d931823d47d5e87f4911e00c8e63 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 6 Oct 2023 13:20:21 +0200 Subject: [PATCH 0205/1674] ssl: reorganize guards surrounding ssl_get_ecdh_params_from_cert() Signed-off-by: Valerio Setti --- library/ssl_tls12_server.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index b4719d6d1..4433e8b4a 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -2604,9 +2604,9 @@ static int ssl_write_certificate_request(mbedtls_ssl_context *ssl) } #endif /* MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ - (defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ +#if (defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)) +#if defined(MBEDTLS_USE_PSA_CRYPTO) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) { @@ -2716,8 +2716,7 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) return ret; } -#elif defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +#else /* MBEDTLS_USE_PSA_CRYPTO */ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) { @@ -2743,6 +2742,7 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) return 0; } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ From 02a634decd0f07c9d29985e81a670c7e8a16a89e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 6 Oct 2023 16:24:04 +0200 Subject: [PATCH 0206/1674] md: remove unnecessary inclusions of mbedtls/md.h Signed-off-by: Valerio Setti --- include/mbedtls/oid.h | 1 - include/mbedtls/ssl.h | 1 - include/mbedtls/ssl_ciphersuites.h | 1 - library/psa_crypto.c | 1 - library/rsa.c | 1 - library/x509write.c | 1 - library/x509write_crt.c | 1 - tests/include/test/psa_crypto_helpers.h | 3 --- tests/src/drivers/test_driver_signature.c | 1 - tests/suites/test_suite_entropy.function | 1 - tests/suites/test_suite_md.function | 1 - tests/suites/test_suite_pkcs1_v15.function | 1 - tests/suites/test_suite_psa_crypto_persistent_key.function | 2 -- 13 files changed, 16 deletions(-) diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 954507229..8ab7f7f94 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -34,7 +34,6 @@ #include "mbedtls/cipher.h" #endif -#include "mbedtls/md.h" /** OID is not found. */ #define MBEDTLS_ERR_OID_NOT_FOUND -0x002E diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index debb1cc2c..b69e3150f 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -40,7 +40,6 @@ #include "mbedtls/dhm.h" #endif -#include "mbedtls/md.h" #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) #include "mbedtls/ecdh.h" diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 07f2facef..07791e541 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -27,7 +27,6 @@ #include "mbedtls/pk.h" #include "mbedtls/cipher.h" -#include "mbedtls/md.h" #ifdef __cplusplus extern "C" { diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1faf1dd6c..739b07708 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -73,7 +73,6 @@ #include "mbedtls/error.h" #include "mbedtls/gcm.h" #include "mbedtls/md5.h" -#include "mbedtls/md.h" #include "mbedtls/pk.h" #include "pk_wrap.h" #include "mbedtls/platform_util.h" diff --git a/library/rsa.c b/library/rsa.c index 3c538bf43..802bf5d24 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2431,7 +2431,6 @@ void mbedtls_rsa_free(mbedtls_rsa_context *ctx) #if defined(MBEDTLS_SELF_TEST) -#include "mbedtls/md.h" /* * Example RSA-1024 keypair, for test purposes diff --git a/library/x509write.c b/library/x509write.c index cd3c7394d..5628c29ef 100644 --- a/library/x509write.c +++ b/library/x509write.c @@ -25,7 +25,6 @@ #include "mbedtls/oid.h" #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/md.h" #include #include diff --git a/library/x509write_crt.c b/library/x509write_crt.c index a8a3022cb..c0657a827 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -33,7 +33,6 @@ #include "mbedtls/oid.h" #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" -#include "mbedtls/md.h" #include #include diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index 9ba7dbcd9..959308af9 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -28,9 +28,6 @@ #include #endif -#if defined(MBEDTLS_MD_LIGHT) -#include "mbedtls/md.h" -#endif #if defined(MBEDTLS_PSA_CRYPTO_C) /** Initialize the PSA Crypto subsystem. */ diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index c312477c8..7d1f91fdf 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -33,7 +33,6 @@ #include "test/drivers/signature.h" #include "test/drivers/hash.h" -#include "mbedtls/md.h" #include "mbedtls/ecdsa.h" #include "test/random.h" diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index 0e013b740..7c7e43f17 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -1,7 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/entropy.h" #include "entropy_poll.h" -#include "mbedtls/md.h" #include "string.h" typedef enum { diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 866ff588f..71dcb8765 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -1,5 +1,4 @@ /* BEGIN_HEADER */ -#include "mbedtls/md.h" #include "md_psa.h" #include "mbedtls/oid.h" diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 711327455..716ae4453 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -1,6 +1,5 @@ /* BEGIN_HEADER */ #include "mbedtls/rsa.h" -#include "mbedtls/md.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function index a48114ff6..c4e4c7dc0 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.function +++ b/tests/suites/test_suite_psa_crypto_persistent_key.function @@ -17,8 +17,6 @@ #include "psa_crypto_slot_management.h" #include "psa_crypto_storage.h" -#include "mbedtls/md.h" - #define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY" #define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH (sizeof(PSA_KEY_STORAGE_MAGIC_HEADER)) From 66f9b3f8100c67866ab8ac917e9ef98363b166f9 Mon Sep 17 00:00:00 2001 From: Mehmet Cagri Aksoy Date: Tue, 10 Oct 2023 20:51:29 +0200 Subject: [PATCH 0207/1674] Add casting size_t to int Signed-off-by: Mehmet Cagri Aksoy --- library/ssl_tls13_keys.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 6905d926a..ef4bd8639 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -1019,14 +1019,14 @@ int mbedtls_ssl_tls13_populate_transform( #if !defined(MBEDTLS_USE_PSA_CRYPTO) if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_enc, - key_enc, mbedtls_cipher_info_get_key_bitlen(cipher_info), + (int)key_enc, mbedtls_cipher_info_get_key_bitlen(cipher_info), MBEDTLS_ENCRYPT)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret); return ret; } if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_dec, - key_dec, mbedtls_cipher_info_get_key_bitlen(cipher_info), + (int)key_dec, mbedtls_cipher_info_get_key_bitlen(cipher_info), MBEDTLS_DECRYPT)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret); return ret; From 56e9011bde9e671c6764169d90ad3518f5d991da Mon Sep 17 00:00:00 2001 From: Mehmet Cagri Aksoy Date: Wed, 11 Oct 2023 15:28:06 +0200 Subject: [PATCH 0208/1674] Add casting size_t to int Signed-off-by: Mehmet Cagri Aksoy --- library/ssl_tls13_keys.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index ef4bd8639..5ae621005 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -1019,14 +1019,14 @@ int mbedtls_ssl_tls13_populate_transform( #if !defined(MBEDTLS_USE_PSA_CRYPTO) if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_enc, - (int)key_enc, mbedtls_cipher_info_get_key_bitlen(cipher_info), + key_enc, (int) mbedtls_cipher_info_get_key_bitlen(cipher_info), MBEDTLS_ENCRYPT)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret); return ret; } if ((ret = mbedtls_cipher_setkey(&transform->cipher_ctx_dec, - (int)key_dec, mbedtls_cipher_info_get_key_bitlen(cipher_info), + key_dec, (int) mbedtls_cipher_info_get_key_bitlen(cipher_info), MBEDTLS_DECRYPT)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_setkey", ret); return ret; From 9be3cf077624e44eea551cb65866272fdbb76453 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 14:47:55 +0100 Subject: [PATCH 0209/1674] Fix a couple of typos related to renaming options Signed-off-by: Dave Rodgman --- scripts/config.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index eeda6e18d..3173be483 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -214,7 +214,7 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_PSA_INJECT_ENTROPY', # conflicts with platform entropy sources 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT - 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_A_CRYPTO_IF_PRESENT 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) @@ -279,7 +279,7 @@ EXCLUDE_FROM_BAREMETAL = frozenset([ 'MBEDTLS_THREADING_C', # requires a threading interface 'MBEDTLS_THREADING_PTHREAD', # requires pthread 'MBEDTLS_TIMING_C', # requires a clock - 'MBEDTLS_SHA256_USE_A64_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection + 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection 'MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT', # requires an OS for runtime-detection ]) From c20d8992662d92604954bd5692efa636b8016b25 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 15:01:35 +0100 Subject: [PATCH 0210/1674] Adjust messages in all.sh Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 4c96f8688..ce06c11c8 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4360,7 +4360,7 @@ component_build_sha_armce () { scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, thumb" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT @@ -4373,10 +4373,10 @@ component_build_sha_armce () { scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, arm" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, thumb" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" } From 1c2378b8b1a64c19d356d255c1238af9a0367750 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 11 Oct 2023 15:19:38 +0100 Subject: [PATCH 0211/1674] Add variable for message length Add variable to store message length to increase clarity in what the program is doing. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index a3923628f..9b02255cc 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -51,11 +51,15 @@ 0x4a, 0xdd, 0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69 \ } -const uint8_t sample_message[] = "Hello World!"; - const uint8_t sample_hash[] = SAMPLE_HASH_DATA; const size_t sample_hash_len = sizeof(sample_hash); +const uint8_t sample_message[] = "Hello World!"; +/* sample_message is terminated with a null byte which is not part of + * the message itself so we make sure to subtract it in order to get + * the message length. */ +const size_t sample_message_length = sizeof(sample_message) - 1; + #if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(PSA_WANT_ALG_SHA_256) int main(void) { @@ -95,7 +99,7 @@ int main(void) /* Note: Here we use sizeof(sample_message) - 1 since we don't wish to * include the null byte in the hash computation */ - status = psa_hash_update(&hash_operation, sample_message, sizeof(sample_message) - 1); + status = psa_hash_update(&hash_operation, sample_message, sample_message_length); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_update failed\n"); goto cleanup; @@ -135,7 +139,7 @@ int main(void) /* Compute hash using one-shot function call */ status = psa_hash_compute(HASH_ALG, - sample_message, sizeof(sample_message) - 1, + sample_message, sample_message_length, hash, sizeof(hash), &hash_length); if (status != PSA_SUCCESS) { From cd79f77439fc621f09ae1996770c191a2e724fd8 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 11 Oct 2023 15:28:13 +0100 Subject: [PATCH 0212/1674] Add missing newline Newline character was missing from end of print statement. Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 9b02255cc..c75972249 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -107,7 +107,7 @@ int main(void) status = psa_hash_clone(&hash_operation, &cloned_hash_operation); if (status != PSA_SUCCESS) { - mbedtls_printf("PSA hash clone failed"); + mbedtls_printf("PSA hash clone failed\n"); goto cleanup; } From d8453bb1848e8f7575d1447ea342cd5ec817c13c Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 11 Oct 2023 15:29:02 +0100 Subject: [PATCH 0213/1674] Remove superfluous comment Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index c75972249..18fefeddc 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -97,8 +97,6 @@ int main(void) return EXIT_FAILURE; } - /* Note: Here we use sizeof(sample_message) - 1 since we don't wish to - * include the null byte in the hash computation */ status = psa_hash_update(&hash_operation, sample_message, sample_message_length); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_update failed\n"); From ee62fceadec33a5952961377a0090e321f39a897 Mon Sep 17 00:00:00 2001 From: Jerzy Kasenberg Date: Wed, 11 Oct 2023 16:36:24 +0200 Subject: [PATCH 0214/1674] Rename local variable in aes.c This changes local variable name RCON to round_constants. RCON being definition in xc32 compiler headers for some PIC32 register. Without this change, mynewt project for PIC32 platform fails to build due to macro redefinition. This does not changes behavior of library in any way. Signed-off-by: Jerzy Kasenberg --- library/aes.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/library/aes.c b/library/aes.c index 0a7b26ce9..f1a5a4477 100644 --- a/library/aes.c +++ b/library/aes.c @@ -360,7 +360,7 @@ static const uint32_t RT3[256] = { RT }; /* * Round constants */ -static const uint32_t RCON[10] = +static const uint32_t round_constants[10] = { 0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010, 0x00000020, 0x00000040, 0x00000080, @@ -407,7 +407,7 @@ static uint32_t RT3[256]; /* * Round constants */ -static uint32_t RCON[10]; +static uint32_t round_constants[10]; /* * Tables generation code @@ -438,7 +438,7 @@ static void aes_gen_tables(void) * calculate the round constants */ for (i = 0, x = 1; i < 10; i++) { - RCON[i] = x; + round_constants[i] = x; x = XTIME(x); } @@ -666,7 +666,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, case 10: for (unsigned int i = 0; i < 10; i++, RK += 4) { - RK[4] = RK[0] ^ RCON[i] ^ + RK[4] = RK[0] ^ round_constants[i] ^ ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[3])]) ^ ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[3])] << 8) ^ ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[3])] << 16) ^ @@ -682,7 +682,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, case 12: for (unsigned int i = 0; i < 8; i++, RK += 6) { - RK[6] = RK[0] ^ RCON[i] ^ + RK[6] = RK[0] ^ round_constants[i] ^ ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[5])]) ^ ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[5])] << 8) ^ ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[5])] << 16) ^ @@ -699,7 +699,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, case 14: for (unsigned int i = 0; i < 7; i++, RK += 8) { - RK[8] = RK[0] ^ RCON[i] ^ + RK[8] = RK[0] ^ round_constants[i] ^ ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[7])]) ^ ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[7])] << 8) ^ ((uint32_t) FSb[MBEDTLS_BYTE_3(RK[7])] << 16) ^ From f4b415c369d1ae35655c8de36a4e6e4ff243eb0a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 16:11:42 +0100 Subject: [PATCH 0215/1674] Test instructions built/not built Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 67 ++++++++++++++++++++++++++++++++------------ 1 file changed, 49 insertions(+), 18 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ce06c11c8..253f6c0fa 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4346,38 +4346,69 @@ support_build_sha_armce() { } component_build_sha_armce () { - # Test variations of SHA256 Armv8 crypto extensions scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT + + + # Test variations of SHA256 Armv8 crypto extensions scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, aarch64" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, arm" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, aarch64" - make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" - - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, arm" - make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" # test the deprecated form of the config option - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY - - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" - make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY + msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, aarch64" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT - msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, aarch64" - make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" # test the deprecated form of the config option - scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" + msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm" - make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99" - msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb" - make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + # examine the disassembly for presence of SHA instructions + for opt in MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT; do + scripts/config.py set ${opt} + msg "${opt} clang, test A32 crypto instructions built" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S" + grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o + + msg "${opt} clang, test T32 crypto instructions built" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S" + grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o + + msg "${opt} clang, test aarch64 crypto instructions built" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S" + grep -E 'sha256[a-z0-9]+\s+[qv]' library/sha256.o + scripts/config.py unset ${opt} + done + + + # examine the disassembly for absence of SHA instructions + msg "clang, test A32 crypto instructions not built" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S" + not grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o + + msg "clang, test T32 crypto instructions not built" + make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S" + not grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o + + msg "clang, test aarch64 crypto instructions not built" + make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S" + not grep -E 'sha256[a-z0-9]+\s+[qv]' library/sha256.o } # For timebeing, no VIA Padlock platform available. From a21c97294109b75f2913fffc149541901652135b Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 11 Oct 2023 17:17:32 +0100 Subject: [PATCH 0216/1674] Remove extra blank line Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 1 - 1 file changed, 1 deletion(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index 18fefeddc..dd3bf7476 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -24,7 +24,6 @@ * limitations under the License. */ - #include "psa/crypto.h" #include #include From 02e3a074a35cb1cc0e2319f160e17013a7a40062 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 12 Dec 2022 15:13:20 +0800 Subject: [PATCH 0217/1674] Add max_early_data_size into ticket Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 4 ++++ library/ssl_tls.c | 18 ++++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index debb1cc2c..ad5fbc57a 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1252,6 +1252,10 @@ struct mbedtls_ssl_session { #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ +#if defined(MBEDTLS_SSL_EARLY_DATA) + uint32_t MBEDTLS_PRIVATE(max_early_data_size); /*!< max_early_data_size of ticket */ +#endif + #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) int MBEDTLS_PRIVATE(encrypt_then_mac); /*!< flag for EtM activation */ #endif diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d3a7ddb42..2c88da59b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2466,6 +2466,7 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite( * uint32 ticket_age_add; * uint8 ticket_flags; * opaque resumption_key<0..255>; + * uint32 max_early_data_size; * select ( endpoint ) { * case client: ClientOnlyData; * case server: uint64 start_time; @@ -2498,6 +2499,10 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session, } needed += session->resumption_key_len; /* resumption_key */ +#if defined(MBEDTLS_SSL_EARLY_DATA) + needed += 4; /* max_early_data_size */ +#endif + #if defined(MBEDTLS_HAVE_TIME) needed += 8; /* start_time or ticket_received */ #endif @@ -2537,6 +2542,11 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session, memcpy(p, session->resumption_key, session->resumption_key_len); p += session->resumption_key_len; +#if defined(MBEDTLS_SSL_EARLY_DATA) + MBEDTLS_PUT_UINT32_BE(session->max_early_data_size, p, 0); + p += 4; +#endif + #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { MBEDTLS_PUT_UINT64_BE((uint64_t) session->start, p, 0); @@ -2605,6 +2615,14 @@ static int ssl_tls13_session_load(mbedtls_ssl_session *session, memcpy(session->resumption_key, p, session->resumption_key_len); p += session->resumption_key_len; +#if defined(MBEDTLS_SSL_EARLY_DATA) + if (end - p < 4) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + session->max_early_data_size = MBEDTLS_GET_UINT32_BE(p, 0); + p += 4; +#endif + #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { if (end - p < 8) { From 33bf240e53447d92269e2e8670d595bff1fca7a6 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 12 Dec 2022 16:01:43 +0800 Subject: [PATCH 0218/1674] Add max_early_data_size into copy list Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index b8201f086..3e6c0385d 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -467,6 +467,10 @@ static int ssl_tls13_session_copy_ticket(mbedtls_ssl_session *dst, } memcpy(dst->resumption_key, src->resumption_key, src->resumption_key_len); +#if defined(MBEDTLS_SSL_EARLY_DATA) + dst->max_early_data_size = src->max_early_data_size; +#endif + return 0; } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ From 34e9516cb69225c0e50c8257f1461c5aaf63d0b4 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 12 Dec 2022 15:14:56 +0800 Subject: [PATCH 0219/1674] Add unit test for max_early_data_size of ticket Signed-off-by: Jerry Yu --- tests/src/test_helpers/ssl_helpers.c | 4 ++++ tests/suites/test_suite_ssl.function | 6 ++++++ 2 files changed, 10 insertions(+) diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 5c305cb0a..a55d06701 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -1638,6 +1638,10 @@ int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, session->resumption_key_len = 32; memset(session->resumption_key, 0x99, sizeof(session->resumption_key)); +#if defined(MBEDTLS_SSL_EARLY_DATA) + session->max_early_data_size = 0x87654321; +#endif + #if defined(MBEDTLS_HAVE_TIME) if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { session->start = mbedtls_time(NULL) - 42; diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index eb2407d2e..07f1d97ef 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2042,6 +2042,12 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, restored.resumption_key, original.resumption_key_len) == 0); } + +#if defined(MBEDTLS_SSL_EARLY_DATA) + TEST_ASSERT( + original.max_early_data_size == restored.max_early_data_size); +#endif + #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) if (endpoint_type == MBEDTLS_SSL_IS_SERVER) { TEST_ASSERT(original.start == restored.start); From 7a799ccacd852e6fcaa222a64b9149fb91f584b7 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 8 Feb 2023 13:47:47 +0800 Subject: [PATCH 0220/1674] Share `early_data_status` between server and client Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index debb1cc2c..03a8b1f14 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1840,7 +1840,7 @@ struct mbedtls_ssl_context { * and #MBEDTLS_SSL_CID_DISABLED. */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C) +#if defined(MBEDTLS_SSL_EARLY_DATA) int MBEDTLS_PRIVATE(early_data_status); #endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_CLI_C */ @@ -5013,6 +5013,10 @@ int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_EARLY_DATA) +#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT 0 +#define MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED 1 +#define MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED 2 + #if defined(MBEDTLS_SSL_SRV_C) /** * \brief Read at most 'len' application data bytes while performing @@ -5122,9 +5126,6 @@ int mbedtls_ssl_read_early_data(mbedtls_ssl_context *ssl, int mbedtls_ssl_write_early_data(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len); -#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT 0 -#define MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED 1 -#define MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED 2 /** * \brief Get the status of the negotiation of the use of early data. * From 1eb0bd557dcd9d709d993e9e42bf2a08d30e840f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 8 Feb 2023 13:49:43 +0800 Subject: [PATCH 0221/1674] Add not-received status Signed-off-by: Jerry Yu --- library/ssl_misc.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index a99bb3343..2d78fd47c 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2129,6 +2129,12 @@ int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, unsigned char *buf, const unsigned char *end, size_t *out_len); + +#if defined(MBEDTLS_SSL_SRV_C) +#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED \ + MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT +#endif /* MBEDTLS_SSL_SRV_C */ + #endif /* MBEDTLS_SSL_EARLY_DATA */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ From ab0da370a431b2aab896fa9c0be1a91f7d3c213a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 8 Feb 2023 13:55:24 +0800 Subject: [PATCH 0222/1674] Add early data status update Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 40 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index b8201f086..dad07817a 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1749,6 +1749,40 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, return hrr_required ? SSL_CLIENT_HELLO_HRR_REQUIRED : SSL_CLIENT_HELLO_OK; } +#if defined(MBEDTLS_SSL_EARLY_DATA) +static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) +{ + mbedtls_ssl_handshake_params *handshake = ssl->handshake; + + if ((handshake->received_extensions & + MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) == 0) { + MBEDTLS_SSL_DEBUG_MSG( + 1, ("EarlyData: early data extension is not received.")); + ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED; + return; + } + + ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED; + + if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_DISABLED) { + MBEDTLS_SSL_DEBUG_MSG( + 1, ("EarlyData: rejected. configured disabled.")); + return; + } + + MBEDTLS_SSL_DEBUG_MSG( + 3, ("EarlyData: conf->max_early_data_size = %u", + (unsigned int) ssl->conf->max_early_data_size)); + + /* TODO: Add more checks here. */ + + MBEDTLS_SSL_DEBUG_MSG( + 1, ("EarlyData: For time being, it should not happen.")); + ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED; + +} +#endif /* MBEDTLS_SSL_EARLY_DATA */ + /* Update the handshake state machine */ MBEDTLS_CHECK_RETURN_CRITICAL @@ -1775,6 +1809,12 @@ static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl) return ret; } +#if defined(MBEDTLS_SSL_EARLY_DATA) + /* There is enough information, update early data state. */ + ssl_tls13_update_early_data_status(ssl); + +#endif /* MBEDTLS_SSL_EARLY_DATA */ + return 0; } From e649cecb4355d03be583a93db0c7fbfcbbae72dc Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 8 Feb 2023 13:58:57 +0800 Subject: [PATCH 0223/1674] Add data file for early data input Signed-off-by: Jerry Yu --- tests/data_files/early_data.txt | 3 +++ tests/ssl-opt.sh | 1 + 2 files changed, 4 insertions(+) create mode 100644 tests/data_files/early_data.txt diff --git a/tests/data_files/early_data.txt b/tests/data_files/early_data.txt new file mode 100644 index 000000000..f0084c3ef --- /dev/null +++ b/tests/data_files/early_data.txt @@ -0,0 +1,3 @@ +EarlyData context: line 0 lf +EarlyData context: line 1 lf +EarlyData context: If it appear, that means early_data success diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index efcbd2686..2ff097ff1 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -72,6 +72,7 @@ guess_config_name() { : ${MBEDTLS_TEST_OUTCOME_FILE=} : ${MBEDTLS_TEST_CONFIGURATION:="$(guess_config_name)"} : ${MBEDTLS_TEST_PLATFORM:="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"} +: ${EARLY_DATA_INPUT:=data_files/early_data.txt} O_SRV="$OPENSSL s_server -www -cert data_files/server5.crt -key data_files/server5.key" O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL s_client" From bc57e86390aa0868c7f418478c8ef5323b8e8163 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 8 Feb 2023 14:05:53 +0800 Subject: [PATCH 0224/1674] Add early data disable tests Signed-off-by: Jerry Yu --- tests/opt-testcases/tls13-misc.sh | 32 +++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index f30384d39..78b466f0b 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -493,3 +493,35 @@ run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_all." \ -S "No suitable key exchange mode" \ -s "found matched identity" +requires_gnutls_next +requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ + MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ + MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +run_test "TLS 1.3 G->m: EarlyData: ephemeral: feature is disabled, fail." \ + "$P_SRV force_version=tls13 debug_level=4 max_early_data_size=-1 $(get_srv_psk_list)" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL -d 10 -r --earlydata $EARLY_DATA_INPUT" \ + 1 \ + -c "Resume Handshake was completed" \ + -s "ClientHello: early_data(42) extension exists." \ + -S "EncryptedExtensions: early_data(42) extension exists." \ + -s "NewSessionTicket: early_data(42) extension does not exist." + +requires_gnutls_next +requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ + MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ + MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +run_test "TLS 1.3 G->m: EarlyData: psk*: feature is disabled, fail." \ + "$P_SRV force_version=tls13 debug_level=4 max_early_data_size=-1 $(get_srv_psk_list)" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK \ + -d 10 -r --earlydata $EARLY_DATA_INPUT \ + --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \ + 1 \ + -c "Resume Handshake was completed" \ + -s "ClientHello: early_data(42) extension exists." \ + -S "EncryptedExtensions: early_data(42) extension exists." \ + -s "NewSessionTicket: early_data(42) extension does not exist." From bd4dd81606639ea461110acd6999ceefcf9386ac Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 14 Aug 2023 17:15:42 +0800 Subject: [PATCH 0225/1674] fix test fail when ecp disabled Gnutls-cli send ecp algorithm as key share algorithm and we do not known how to change that. Signed-off-by: Jerry Yu --- tests/opt-testcases/tls13-misc.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index 78b466f0b..9845717aa 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -497,7 +497,7 @@ requires_gnutls_next requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ - MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE + MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_ECP_LIGHT requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 G->m: EarlyData: ephemeral: feature is disabled, fail." \ @@ -512,7 +512,7 @@ run_test "TLS 1.3 G->m: EarlyData: ephemeral: feature is disabled, fail." \ requires_gnutls_next requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ - MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE + MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_ECP_LIGHT requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 G->m: EarlyData: psk*: feature is disabled, fail." \ From aaef0bc172d09c289d8f59c01187c4cbaf76af38 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 10 Oct 2023 09:42:13 +0200 Subject: [PATCH 0226/1674] analyze_outcomes: improve logging system - the script now only terminates in case of hard faults - each task is assigned a log - this log tracks messages, warning and errors - when task completes, errors and warnings are listed and messages are appended to the main log - on exit the main log is printed and the proper return value is returned Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 100 +++++++++++++++++++----------- 1 file changed, 63 insertions(+), 37 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index f7fc4e3ef..49445a473 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -15,25 +15,31 @@ import os import check_test_cases -class Results: +class TestLog: """Process analysis results.""" def __init__(self): self.error_count = 0 self.warning_count = 0 + self.output = "" - @staticmethod - def log(fmt, *args, **kwargs): - sys.stderr.write((fmt + '\n').format(*args, **kwargs)) + def add_line(self, fmt, *args, **kwargs): + self.output = self.output + (fmt + '\n').format(*args, **kwargs) + + def info(self, fmt, *args, **kwargs): + self.add_line(fmt, *args, **kwargs) def error(self, fmt, *args, **kwargs): - self.log('Error: ' + fmt, *args, **kwargs) + self.info('Error: ' + fmt, *args, **kwargs) self.error_count += 1 def warning(self, fmt, *args, **kwargs): - self.log('Warning: ' + fmt, *args, **kwargs) + self.info('Warning: ' + fmt, *args, **kwargs) self.warning_count += 1 + def print_output(self): + sys.stderr.write(self.output) + class TestCaseOutcomes: """The outcomes of one test case across many configurations.""" # pylint: disable=too-few-public-methods @@ -53,25 +59,27 @@ class TestCaseOutcomes: """ return len(self.successes) + len(self.failures) -def execute_reference_driver_tests(ref_component, driver_component, outcome_file): +def execute_reference_driver_tests(log: TestLog, ref_component, driver_component, \ + outcome_file) -> TestLog: """Run the tests specified in ref_component and driver_component. Results are stored in the output_file and they will be used for the following coverage analysis""" # If the outcome file already exists, we assume that the user wants to # perform the comparison analysis again without repeating the tests. if os.path.exists(outcome_file): - Results.log("Outcome file (" + outcome_file + ") already exists. " + \ - "Tests will be skipped.") - return + log.info("Outcome file (" + outcome_file + ") already exists. " + \ + "Tests will be skipped.") + return log shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \ " " + ref_component + " " + driver_component - Results.log("Running: " + shell_command) + log.info("Running: " + shell_command) ret_val = subprocess.run(shell_command.split(), check=False).returncode if ret_val != 0: - Results.log("Error: failed to run reference/driver components") - sys.exit(ret_val) + log.error("failed to run reference/driver components") + + return log def analyze_coverage(results, outcomes, allow_list, full_coverage): """Check that all available test cases are executed at least once.""" @@ -90,7 +98,8 @@ def analyze_coverage(results, outcomes, allow_list, full_coverage): else: results.warning('Allow listed test case was executed: {}', key) -def analyze_driver_vs_reference(outcomes, component_ref, component_driver, +def analyze_driver_vs_reference(log: TestLog, outcomes, + component_ref, component_driver, ignored_suites, ignored_test=None): """Check that all tests executed in the reference component are also executed in the corresponding driver component. @@ -100,7 +109,6 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver, output string is provided """ available = check_test_cases.collect_available_test_cases() - result = True for key in available: # Continue if test was not executed by any component @@ -125,16 +133,15 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver, if component_ref in entry: reference_test_passed = True if(reference_test_passed and not driver_test_passed): - Results.log(key) - result = False - return result + log.error(key) -def analyze_outcomes(outcomes, args): + return log + +def analyze_outcomes(log: TestLog, outcomes, args) -> TestLog: """Run all analyses on the given outcome collection.""" - results = Results() - analyze_coverage(results, outcomes, args['allow_list'], + analyze_coverage(log, outcomes, args['allow_list'], args['full_coverage']) - return results + return log def read_outcome_file(outcome_file): """Parse an outcome file and return an outcome collection. @@ -159,24 +166,32 @@ by a semicolon. def do_analyze_coverage(outcome_file, args): """Perform coverage analysis.""" + log = TestLog() + log.info("\n*** Analyze coverage ***\n") outcomes = read_outcome_file(outcome_file) - Results.log("\n*** Analyze coverage ***\n") - results = analyze_outcomes(outcomes, args) - return results.error_count == 0 + log = analyze_outcomes(log, outcomes, args) + return log def do_analyze_driver_vs_reference(outcome_file, args): """Perform driver vs reference analyze.""" - execute_reference_driver_tests(args['component_ref'], \ - args['component_driver'], outcome_file) + log = TestLog() + + log = execute_reference_driver_tests(log, args['component_ref'], \ + args['component_driver'], outcome_file) + if log.error_count != 0: + return log ignored_suites = ['test_suite_' + x for x in args['ignored_suites']] outcomes = read_outcome_file(outcome_file) - Results.log("\n*** Analyze driver {} vs reference {} ***\n".format( + + log.info("\n*** Analyze driver {} vs reference {} ***\n".format( args['component_driver'], args['component_ref'])) - return analyze_driver_vs_reference(outcomes, args['component_ref'], - args['component_driver'], ignored_suites, - args['ignored_tests']) + log = analyze_driver_vs_reference(log, outcomes, + args['component_ref'], args['component_driver'], + ignored_suites, args['ignored_tests']) + + return log # List of tasks with a function that can handle this task and additional arguments if required KNOWN_TASKS = { @@ -641,6 +656,8 @@ KNOWN_TASKS = { } def main(): + main_log = TestLog() + try: parser = argparse.ArgumentParser(description=__doc__) parser.add_argument('outcomes', metavar='OUTCOMES.CSV', @@ -661,16 +678,17 @@ def main(): if options.list: for task in KNOWN_TASKS: - Results.log(task) + main_log.info(task) + main_log.print_output() sys.exit(0) if options.specified_tasks == 'all': tasks_list = KNOWN_TASKS.keys() else: tasks_list = re.split(r'[, ]+', options.specified_tasks) - for task in tasks_list: if task not in KNOWN_TASKS: + main_log.error('invalid task: {}'.format(task)) KNOWN_TASKS['analyze_coverage']['args']['full_coverage'] = options.full_coverage @@ -678,12 +696,20 @@ def main(): for task in KNOWN_TASKS: if task in tasks_list: - if not KNOWN_TASKS[task]['test_function'](options.outcomes, KNOWN_TASKS[task]['args']): + test_function = KNOWN_TASKS[task]['test_function'] + test_args = KNOWN_TASKS[task]['args'] + test_log = test_function(options.outcomes, test_args) + # Merge the output of this task with the main one + main_log.output = main_log.output + test_log.output + main_log.info("Task {} completed with:\n".format(task) + \ + "{} warnings\n".format(test_log.warning_count) + \ + "{} errors\n".format(test_log.error_count)) + if test_log.error_count != 0: all_succeeded = False - if all_succeeded is False: - sys.exit(1) - Results.log("SUCCESS :-)") + main_log.print_output() + sys.exit(0 if all_succeeded else 1) + except Exception: # pylint: disable=broad-except # Print the backtrace and exit explicitly with our chosen status. traceback.print_exc() From 4fd868e4b1786b07af1500d5edc264353a460169 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 12 Oct 2023 09:09:42 +0100 Subject: [PATCH 0227/1674] Refer to Armv8-A (not Armv8) in comments Co-authored-by: Jerry Yu Signed-off-by: Dave Rodgman --- library/sha256.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index 726f5fb56..a6d0a7a46 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -180,7 +180,7 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) static jmp_buf return_from_sigill; /* - * Armv8 SHA256 support detection via SIGILL + * Armv8-A SHA256 support detection via SIGILL */ static void sigill_handler(int signal) { @@ -432,7 +432,7 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( #if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) /* - * This function is for internal use only if we are building both C and Armv8 + * This function is for internal use only if we are building both C and Armv8-A * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() */ static From e570704f1fa834a5fc408cd0efad31613655b164 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 11 Oct 2023 11:54:42 +0200 Subject: [PATCH 0228/1674] ssl: use MBEDTLS_SSL_HAVE_[CCM/GCM/CHACHAPOLY/AEAD] macros for ssl code Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 16 +-- include/mbedtls/config_adjust_legacy_crypto.h | 20 +++ library/ssl_ciphersuites.c | 128 +++++++++--------- library/ssl_msg.c | 16 +-- library/ssl_tls.c | 4 +- 5 files changed, 98 insertions(+), 86 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 815bfb69c..2e7128595 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -1040,12 +1040,8 @@ #endif #if defined(MBEDTLS_SSL_TICKET_C) && \ - !( defined(MBEDTLS_GCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) || \ - defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) || \ - defined(MBEDTLS_CHACHAPOLY_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) ) + !( defined(MBEDTLS_SSL_HAVE_GCM) || defined(MBEDTLS_SSL_HAVE_GCM) || \ + defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) ) #error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" #endif @@ -1147,12 +1143,8 @@ #endif #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) && \ - !( defined(MBEDTLS_GCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) || \ - defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) || \ - defined(MBEDTLS_CHACHAPOLY_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) ) + !( defined(MBEDTLS_SSL_HAVE_GCM) || defined(MBEDTLS_SSL_HAVE_GCM) || \ + defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) ) #error "MBEDTLS_SSL_CONTEXT_SERIALIZATION defined, but not all prerequisites" #endif diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 495cd5ab3..53c03b5d3 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -192,4 +192,24 @@ #define MBEDTLS_CIPHER_PADDING_PKCS7 #endif +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_GCM_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) +#define MBEDTLS_SSL_HAVE_GCM +#endif + +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CCM_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) +#define MBEDTLS_SSL_HAVE_CCM +#endif + +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CHACHAPOLY_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) +#define MBEDTLS_SSL_HAVE_CHACHAPOLY +#endif + +#if defined(MBEDTLS_SSL_HAVE_GCM) || defined(MBEDTLS_SSL_HAVE_CCM) || \ + defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) +#define MBEDTLS_SSL_HAVE_AEAD +#endif + #endif /* MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H */ diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index b50df5c87..95aa5816c 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -293,7 +293,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = { #if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, @@ -308,8 +308,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, #endif /* MBEDTLS_MD_CAN_SHA256 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) && defined(MBEDTLS_MD_CAN_SHA256) +#endif /* MBEDTLS_SSL_HAVE_GCM */ +#if defined(MBEDTLS_SSL_HAVE_CCM) && defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS1_3_AES_128_CCM_SHA256, "TLS1-3-AES-128-CCM-SHA256", MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ @@ -320,19 +320,19 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, -#endif /* MBEDTLS_MD_CAN_SHA256 && MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_MD_CAN_SHA256 && MBEDTLS_SSL_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) && defined(MBEDTLS_MD_CAN_SHA256) +#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) && defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256, "TLS1-3-CHACHA20-POLY1305-SHA256", MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ 0, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, -#endif /* MBEDTLS_CIPHER_HAVE_CHACHAPOLY && MBEDTLS_MD_CAN_SHA256 */ +#endif /* MBEDTLS_SSL_HAVE_CHACHAPOLY && MBEDTLS_MD_CAN_SHA256 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ -#if defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) && \ +#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) && \ defined(MBEDTLS_MD_CAN_SHA256) && \ defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) @@ -391,7 +391,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#endif /* MBEDTLS_CIPHER_HAVE_CHACHAPOLY && +#endif /* MBEDTLS_SSL_HAVE_CHACHAPOLY && MBEDTLS_MD_CAN_SHA256 && MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) @@ -415,12 +415,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -429,14 +429,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, @@ -453,7 +453,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_SSL_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -474,7 +474,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -489,7 +489,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -528,7 +528,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -542,7 +542,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ @@ -564,7 +564,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -579,7 +579,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -595,7 +595,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_MD_CAN_SHA384) && \ - defined(MBEDTLS_CIPHER_HAVE_GCM) + defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, @@ -603,12 +603,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_GCM_C */ #if defined(MBEDTLS_MD_CAN_SHA256) -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256", @@ -636,7 +636,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, @@ -653,7 +653,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_SSL_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -682,7 +682,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -696,7 +696,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ @@ -704,7 +704,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_MD_CAN_SHA384) && \ - defined(MBEDTLS_CIPHER_HAVE_GCM) + defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 0, @@ -712,12 +712,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_GCM_C */ #if defined(MBEDTLS_MD_CAN_SHA256) -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256", @@ -745,7 +745,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_MD_CAN_SHA1 */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 0, @@ -762,7 +762,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_SSL_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -792,7 +792,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, @@ -806,7 +806,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ @@ -832,12 +832,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -846,12 +846,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ @@ -873,7 +873,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -888,7 +888,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -922,12 +922,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -936,12 +936,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_AES_C */ @@ -963,7 +963,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -978,7 +978,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -993,7 +993,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1007,7 +1007,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1036,7 +1036,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 0, @@ -1053,7 +1053,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_SSL_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -1073,7 +1073,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1087,14 +1087,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1108,7 +1108,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1137,7 +1137,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, @@ -1154,7 +1154,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_SSL_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -1174,7 +1174,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1188,7 +1188,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ @@ -1249,7 +1249,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1263,7 +1263,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1311,7 +1311,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1325,19 +1325,19 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_CAMELLIA_C */ #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8", MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_SSL_HAVE_CCM */ #endif /* MBEDTLS_AES_C */ #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index ff8de9278..12b8f9bf0 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -863,7 +863,7 @@ static void ssl_extract_add_data_from_record(unsigned char *add_data, *add_data_len = cur - add_data; } -#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_SSL_HAVE_AEAD) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_transform_aead_dynamic_iv_is_explicit( mbedtls_ssl_transform const *transform) @@ -908,7 +908,7 @@ static void ssl_build_record_nonce(unsigned char *dst_iv, dst_iv += dst_iv_len - dynamic_iv_len; mbedtls_xor(dst_iv, dst_iv, dynamic_iv, dynamic_iv_len); } -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_SSL_HAVE_AEAD */ int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl, mbedtls_ssl_transform *transform, @@ -1144,7 +1144,7 @@ hmac_failed_etm_disabled: } else #endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */ -#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_SSL_HAVE_AEAD) if (ssl_mode == MBEDTLS_SSL_MODE_AEAD) { unsigned char iv[12]; unsigned char *dynamic_iv; @@ -1254,7 +1254,7 @@ hmac_failed_etm_disabled: auth_done++; } else -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_SSL_HAVE_AEAD */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) if (ssl_mode == MBEDTLS_SSL_MODE_CBC || ssl_mode == MBEDTLS_SSL_MODE_CBC_ETM) { @@ -1492,9 +1492,9 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, mbedtls_ssl_transform *transform, mbedtls_record *rec) { -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) || defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) || defined(MBEDTLS_SSL_HAVE_AEAD) size_t olen; -#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC || MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_CBC || MBEDTLS_SSL_HAVE_AEAD */ mbedtls_ssl_mode_t ssl_mode; int ret; @@ -1555,7 +1555,7 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, * so there's no encryption to do here.*/ } else #endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */ -#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_SSL_HAVE_AEAD) if (ssl_mode == MBEDTLS_SSL_MODE_AEAD) { unsigned char iv[12]; unsigned char *dynamic_iv; @@ -1671,7 +1671,7 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } } else -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_SSL_HAVE_AEAD */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) if (ssl_mode == MBEDTLS_SSL_MODE_CBC || ssl_mode == MBEDTLS_SSL_MODE_CBC_ETM) { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 540beb0f9..827b7fbcf 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -8287,7 +8287,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; #endif -#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_SSL_HAVE_AEAD) if (ssl_mode == MBEDTLS_SSL_MODE_AEAD) { size_t explicit_ivlen; @@ -8322,7 +8322,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, explicit_ivlen = transform->ivlen - transform->fixed_ivlen; transform->minlen = explicit_ivlen + transform->taglen; } else -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_SSL_HAVE_AEAD */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) if (ssl_mode == MBEDTLS_SSL_MODE_STREAM || ssl_mode == MBEDTLS_SSL_MODE_CBC || From db1ca8fc3344df9c5b065ea0247d2df7a65ee539 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 11 Oct 2023 12:46:16 +0200 Subject: [PATCH 0229/1674] cipher: keep MBEDTLS_CIPHER_HAVE symbols private This commit also improve the usage of these new symbols in cipher_wrap code Signed-off-by: Valerio Setti --- include/mbedtls/cipher.h | 25 ++------------ library/cipher.c | 16 ++++----- library/cipher_wrap.c | 46 +++++++++---------------- library/cipher_wrap.h | 36 +++++++++++++++++++ tests/suites/test_suite_cipher.function | 2 +- 5 files changed, 64 insertions(+), 61 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 5153e19dd..bda768cfb 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -33,27 +33,6 @@ #include #include "mbedtls/platform_util.h" -/* Support for GCM either through Mbed TLS SW implementation or PSA */ -#if defined(MBEDTLS_GCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) -#define MBEDTLS_CIPHER_HAVE_GCM -#endif -/* Support for CCM either through Mbed TLS SW implementation or PSA */ -#if defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) -#define MBEDTLS_CIPHER_HAVE_CCM -#endif -/* Support for CHACHAPOLY either through Mbed TLS SW implementation or PSA */ -#if defined(MBEDTLS_CHACHAPOLY_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) -#define MBEDTLS_CIPHER_HAVE_CHACHAPOLY -#endif - -#if defined(MBEDTLS_CIPHER_HAVE_GCM) || defined(MBEDTLS_CIPHER_HAVE_CCM) || \ - defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) -#define MBEDTLS_CIPHER_MODE_AEAD -#endif - #if defined(MBEDTLS_CIPHER_MODE_CBC) #define MBEDTLS_CIPHER_MODE_WITH_PADDING #endif @@ -1097,7 +1076,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen); -#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C) /** * \brief The authenticated encryption (AEAD/NIST_KW) function. * @@ -1204,7 +1183,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t output_len, size_t *olen, size_t tag_len); -#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD || MBEDTLS_NIST_KW_C */ #ifdef __cplusplus } #endif diff --git a/library/cipher.c b/library/cipher.c index 9f9f1075c..f17f3e0e1 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1390,7 +1390,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, return 0; } -#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) /* * Packet-oriented encryption for AEAD modes: internal function used by * mbedtls_cipher_auth_encrypt_ext(). @@ -1569,9 +1569,9 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */ -#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C) /* * Packet-oriented encryption for AEAD/NIST_KW: public function. */ @@ -1607,7 +1607,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) /* AEAD case: check length before passing on to shared function */ if (output_len < ilen + tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1620,7 +1620,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, return ret; #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */ } /* @@ -1658,7 +1658,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_MODE_AEAD) +#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) /* AEAD case: check length before passing on to shared function */ if (ilen < tag_len || output_len < ilen - tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1669,8 +1669,8 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, input + ilen - tag_len, tag_len); #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_MODE_AEAD */ +#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */ } -#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD || MBEDTLS_NIST_KW_C */ #endif /* MBEDTLS_CIPHER_C */ diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 5a789ced9..63b725fb7 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -80,8 +80,7 @@ enum mbedtls_cipher_base_index { #if defined(MBEDTLS_CAMELLIA_C) MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, #endif -#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES) MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) @@ -105,8 +104,7 @@ enum mbedtls_cipher_base_index { #if defined(MBEDTLS_DES_C) MBEDTLS_CIPHER_BASE_INDEX_DES, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES) MBEDTLS_CIPHER_BASE_INDEX_GCM_AES, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) @@ -580,8 +578,7 @@ static int gcm_aes_setkey_wrap(void *ctx, const unsigned char *key, } #endif /* MBEDTLS_GCM_C */ -#if defined(MBEDTLS_GCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) static const mbedtls_cipher_base_t gcm_aes_info = { MBEDTLS_CIPHER_ID_AES, NULL, @@ -615,10 +612,9 @@ static const mbedtls_cipher_base_t gcm_aes_info = { NULL, #endif /* MBEDTLS_GCM_C */ }; -#endif /* MBEDTLS_GCM_C || (MBEDTLS_USE_PSA_CRYPTO && PSA_WANT_ALG_GCM) */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ -#if defined(MBEDTLS_GCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) static const mbedtls_cipher_info_t aes_128_gcm_info = { "AES-128-GCM", 16, @@ -653,7 +649,7 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = { MBEDTLS_CIPHER_BASE_INDEX_GCM_AES }; #endif -#endif /* MBEDTLS_GCM_C || PSA_WANT_ALG_GCM */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM */ #if defined(MBEDTLS_CCM_C) static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, @@ -664,8 +660,7 @@ static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, } #endif /* MBEDTLS_CCM_C */ -#if defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) static const mbedtls_cipher_base_t ccm_aes_info = { MBEDTLS_CIPHER_ID_AES, NULL, @@ -699,10 +694,9 @@ static const mbedtls_cipher_base_t ccm_aes_info = { NULL, #endif }; -#endif /* MBEDTLS_CCM_C || (MBEDTLS_USE_PSA_CRYPTO && PSA_WANT_ALG_CCM) */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ -#if defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) static const mbedtls_cipher_info_t aes_128_ccm_info = { "AES-128-CCM", 16, @@ -737,10 +731,9 @@ static const mbedtls_cipher_info_t aes_256_ccm_info = { MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif -#endif /* MBEDTLS_CCM_C || PSA_WANT_ALG_CCM */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM */ -#if defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG) static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { "AES-128-CCM*-NO-TAG", 16, @@ -775,7 +768,7 @@ static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif -#endif /* MBEDTLS_CCM_C || PSA_WANT_ALG_CCM_STAR_NO_TAG */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG */ #endif /* MBEDTLS_AES_C */ @@ -2276,24 +2269,21 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = { MBEDTLS_CIPHER_AES_256_XTS, &aes_256_xts_info }, #endif #endif -#if defined(MBEDTLS_GCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) +#if defined(MBEDTLS_CIPHER_HAVE_GCM) { MBEDTLS_CIPHER_AES_128_GCM, &aes_128_gcm_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_GCM, &aes_192_gcm_info }, { MBEDTLS_CIPHER_AES_256_GCM, &aes_256_gcm_info }, #endif #endif -#if defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) +#if defined(MBEDTLS_CIPHER_HAVE_CCM) { MBEDTLS_CIPHER_AES_128_CCM, &aes_128_ccm_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM, &aes_192_ccm_info }, { MBEDTLS_CIPHER_AES_256_CCM, &aes_256_ccm_info }, #endif #endif -#if defined(MBEDTLS_CCM_C) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG) { MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, &aes_128_ccm_star_no_tag_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, &aes_192_ccm_star_no_tag_info }, @@ -2423,8 +2413,7 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #if defined(MBEDTLS_CAMELLIA_C) [MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA] = &camellia_info, #endif -#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM) && defined(PSA_WANT_KEY_TYPE_AES)) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES) [MBEDTLS_CIPHER_BASE_INDEX_CCM_AES] = &ccm_aes_info, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) @@ -2448,8 +2437,7 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #if defined(MBEDTLS_DES_C) [MBEDTLS_CIPHER_BASE_INDEX_DES] = &des_info, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_KEY_TYPE_AES)) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES) [MBEDTLS_CIPHER_BASE_INDEX_GCM_AES] = &gcm_aes_info, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h index c85a4efa8..53cf12ff4 100644 --- a/library/cipher_wrap.h +++ b/library/cipher_wrap.h @@ -36,6 +36,42 @@ extern "C" { #endif +/* Support for GCM either through Mbed TLS SW implementation or PSA */ +#if defined(MBEDTLS_GCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) +#define MBEDTLS_CIPHER_HAVE_GCM +#endif + +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_KEY_TYPE_AES)) +#define MBEDTLS_CIPHER_HAVE_GCM_AES +#endif + +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) +#define MBEDTLS_CIPHER_HAVE_CCM +#endif + +#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM) && defined(PSA_WANT_KEY_TYPE_AES)) +#define MBEDTLS_CIPHER_HAVE_CCM_AES +#endif + +#if defined(MBEDTLS_CCM_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)) +#define MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG +#endif + +#if defined(MBEDTLS_CHACHAPOLY_C) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) +#define MBEDTLS_CIPHER_HAVE_CHACHAPOLY +#endif + +#if defined(MBEDTLS_CIPHER_HAVE_GCM) || defined(MBEDTLS_CIPHER_HAVE_CCM) || \ + defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG) || defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) +#define MBEDTLS_CIPHER_HAVE_SOME_AEAD +#endif + /** * Base cipher information. The non-mode specific functions and values. */ diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index fdf22a92f..da43fda19 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -6,7 +6,7 @@ #include "mbedtls/gcm.h" #endif -#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C) #define MBEDTLS_CIPHER_AUTH_CRYPT #endif From f1878d89741ed968b55c2a10ce5d996073bd74bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 12 Oct 2023 11:19:00 +0200 Subject: [PATCH 0230/1674] Update to only serve GCM and CCM MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- .../psa-migration/md-cipher-dispatch.md | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index 12b486a46..11c5f21fb 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -513,9 +513,9 @@ testing, based and what's needed by internal users of Cipher light. The new config symbol will not be considered public so its definition may change. Cipher light will be automatically enabled in `build_info.h` by modules that -need it, namely: CTR\_DRBG, CCM, GCM. Note: CCM and GCM currently depend on -the full `CIPHER_C` (enforced by `check_config.h`); this hard dependency would -be replaced by the above auto-enablement. +need it, namely: CCM, GCM. Note: CCM and GCM currently depend on the full +`CIPHER_C` (enforced by `check_config.h`); this hard dependency would be +replaced by the above auto-enablement. Cipher light includes: - info functions; @@ -533,27 +533,21 @@ This excludes: The following API functions, and supporting types, are candidates for inclusion in the Cipher light API, with limited features as above: ``` -mbedtls_cipher_info_from_type +mbedtls_cipher_info_from_values mbedtls_cipher_info_get_block_size mbedtls_cipher_init mbedtls_cipher_setup mbedtls_cipher_setkey -mbedtls_cipher_crypt mbedtls_cipher_free mbedtls_cipher_update -(mbedtls_cipher_finish) ``` Note: `mbedtls_cipher_info_get_block_size()` can be hard-coded to return 16, as all three supported block ciphers have the same block size (DES was excluded). -Note: `mbedtls_cipher_finish()` is not required by any of the modules using -Cipher light, but it might be convenient to include it anyway as it's used in -the implementation of `mbedtls_cipher_crypt()`. - #### Cipher light dual dispatch This is likely to come in the future, but has not been defined yet. From 2e67781e932b9e14d98b585b0038eaee5eb1a5b3 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 12 Oct 2023 10:46:43 +0100 Subject: [PATCH 0231/1674] Alter program layout for better clarity Signed-off-by: Thomas Daubney --- programs/psa/psa_hash.c | 56 ++++++++++++++++++++--------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index dd3bf7476..d3a6bf857 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -40,24 +40,7 @@ * Please see include/psa/crypto_values.h to see the other * algorithms that are supported by Mbed TLS. * If you switch to a different algorithm you will need to update - * the hash data in the SAMPLE_HASH_DATA macro below. */ - -#define HASH_ALG PSA_ALG_SHA_256 - -#define SAMPLE_HASH_DATA { \ - 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81, \ - 0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28, \ - 0x4a, 0xdd, 0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69 \ -} - -const uint8_t sample_hash[] = SAMPLE_HASH_DATA; -const size_t sample_hash_len = sizeof(sample_hash); - -const uint8_t sample_message[] = "Hello World!"; -/* sample_message is terminated with a null byte which is not part of - * the message itself so we make sure to subtract it in order to get - * the message length. */ -const size_t sample_message_length = sizeof(sample_message) - 1; + * the hash data in the EXAMPLE_HASH_VALUE macro below. */ #if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(PSA_WANT_ALG_SHA_256) int main(void) @@ -68,6 +51,23 @@ int main(void) } #else +#define HASH_ALG PSA_ALG_SHA_256 + +const uint8_t sample_message[] = "Hello World!"; +/* sample_message is terminated with a null byte which is not part of + * the message itself so we make sure to subtract it in order to get + * the message length. */ +const size_t sample_message_length = sizeof(sample_message) - 1; + +#define EXPECTED_HASH_VALUE { \ + 0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81, \ + 0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28, \ + 0x4a, 0xdd, 0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69 \ +} + +const uint8_t expected_hash[] = EXPECTED_HASH_VALUE; +const size_t expected_hash_len = sizeof(expected_hash); + int main(void) { psa_status_t status; @@ -85,13 +85,11 @@ int main(void) } /* Compute hash using multi-part operation */ - status = psa_hash_setup(&hash_operation, HASH_ALG); - if (status == PSA_ERROR_NOT_SUPPORTED){ + if (status == PSA_ERROR_NOT_SUPPORTED) { mbedtls_printf("unknown hash algorithm supplied\n"); return EXIT_FAILURE; - } - else if (status != PSA_SUCCESS) { + } else if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_setup failed\n"); return EXIT_FAILURE; } @@ -115,14 +113,15 @@ int main(void) } /* Check the result of the operation against the sample */ - if (hash_length != sample_hash_len || (memcmp(hash, sample_hash, sample_hash_len) != 0)) { + if (hash_length != expected_hash_len || + (memcmp(hash, expected_hash, expected_hash_len) != 0)) { mbedtls_printf("Multi-part hash operation gave the wrong result!\n\n"); goto cleanup; } status = - psa_hash_verify(&cloned_hash_operation, sample_hash, - sample_hash_len); + psa_hash_verify(&cloned_hash_operation, expected_hash, + expected_hash_len); if (status != PSA_SUCCESS) { mbedtls_printf("psa_hash_verify failed\n"); goto cleanup; @@ -144,7 +143,8 @@ int main(void) goto cleanup; } - if (hash_length != sample_hash_len || (memcmp(hash, sample_hash, sample_hash_len) != 0)) { + if (hash_length != expected_hash_len || + (memcmp(hash, expected_hash, expected_hash_len) != 0)) { mbedtls_printf("One-shot hash operation gave the wrong result!\n\n"); goto cleanup; } @@ -154,7 +154,7 @@ int main(void) /* Print out result */ mbedtls_printf("The SHA-256( '%s' ) is: ", sample_message); - for (size_t j = 0; j < sample_hash_len; j++) { + for (size_t j = 0; j < expected_hash_len; j++) { mbedtls_printf("%02x", hash[j]); } @@ -168,4 +168,4 @@ cleanup: psa_hash_abort(&cloned_hash_operation); return EXIT_FAILURE; } -#endif /* MBEDTLS_PSA_CRYPTO_C && PSA_WANT_ALG_SHA_256 */ +#endif /* !MBEDTLS_PSA_CRYPTO_C || !PSA_WANT_ALG_SHA_256 */ From 0d3fe733cc6835bac635ce2f2c4ed25ce526a77b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 12 Oct 2023 11:00:49 +0100 Subject: [PATCH 0232/1674] Clarify changelog Co-authored-by: Tom Cosgrove Signed-off-by: Dave Rodgman --- ChangeLog.d/sha256-armce-arm.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/sha256-armce-arm.txt b/ChangeLog.d/sha256-armce-arm.txt index 0f9754460..5b18eb3fc 100644 --- a/ChangeLog.d/sha256-armce-arm.txt +++ b/ChangeLog.d/sha256-armce-arm.txt @@ -1,6 +1,6 @@ Features * Support Armv8-A Crypto Extension acceleration for SHA-256 - when compiling for Thumb or 32-bit Arm. + when compiling for Thumb (T32) or 32-bit Arm (A32). New deprecations * Rename the MBEDTLS_SHA256_USE_A64_CRYPTO_xxx config options to MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_xxx. The old names may still From 476c1198e8a5e31b9674da98e58061a84a677711 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 12 Oct 2023 14:19:25 +0100 Subject: [PATCH 0233/1674] Fix possible NULL dereference issue in X509 cert_write program Signed-off-by: Waleed Elmelegy --- programs/x509/cert_write.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 40b1871f3..5e0d608bc 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -583,6 +583,9 @@ usage: if ((subtype_value = strchr(q, ':')) != NULL) { *subtype_value++ = '\0'; + } else { + mbedtls_printf("Invalid argument for option SAN: Entry should be seperated by a colon\n"); + goto usage; } if (strcmp(q, "RFC822") == 0) { cur->node.type = MBEDTLS_X509_SAN_RFC822_NAME; From 1444c0eb20163cf4979902572c08e9e720a9a310 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 12 Oct 2023 14:31:06 +0100 Subject: [PATCH 0234/1674] Add changelog entry for x509 cert_write null dereference fix Also fix a typo in cert_write.c Signed-off-by: Waleed Elmelegy --- ChangeLog.d/fix-issue-x509-cert_write.txt | 2 ++ programs/x509/cert_write.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 ChangeLog.d/fix-issue-x509-cert_write.txt diff --git a/ChangeLog.d/fix-issue-x509-cert_write.txt b/ChangeLog.d/fix-issue-x509-cert_write.txt new file mode 100644 index 000000000..7e1f31d2e --- /dev/null +++ b/ChangeLog.d/fix-issue-x509-cert_write.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix possible NULL dereference issue in X509 cert_write program if an entry in the san parameter is not separated by a colon. diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 5e0d608bc..19215c954 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -584,7 +584,7 @@ usage: if ((subtype_value = strchr(q, ':')) != NULL) { *subtype_value++ = '\0'; } else { - mbedtls_printf("Invalid argument for option SAN: Entry should be seperated by a colon\n"); + mbedtls_printf("Invalid argument for option SAN: Entry should be separated by a colon\n"); goto usage; } if (strcmp(q, "RFC822") == 0) { From ac97af223eda0358413dee5349d6912d82d891f8 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 12 Oct 2023 15:46:06 +0100 Subject: [PATCH 0235/1674] Fix possible NULL dereference issue in X509 cert_req program Signed-off-by: Waleed Elmelegy --- programs/x509/cert_req.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index 558d8cc73..bc4eb80d5 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -261,6 +261,9 @@ usage: if ((subtype_value = strchr(q, ':')) != NULL) { *subtype_value++ = '\0'; + } else { + mbedtls_printf("Invalid argument for option SAN: Entry should be separated by a colon\n"); + goto usage; } if (strcmp(q, "RFC822") == 0) { cur->node.type = MBEDTLS_X509_SAN_RFC822_NAME; From 737cfe184b47472fda7305a3f90f9805dbc9de44 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 12 Oct 2023 15:51:13 +0100 Subject: [PATCH 0236/1674] Add changelog entry for x509 cert_req null dereference fix Signed-off-by: Waleed Elmelegy --- ChangeLog.d/fix-issue-x509-cert_req.txt | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 ChangeLog.d/fix-issue-x509-cert_req.txt diff --git a/ChangeLog.d/fix-issue-x509-cert_req.txt b/ChangeLog.d/fix-issue-x509-cert_req.txt new file mode 100644 index 000000000..7e4effdf8 --- /dev/null +++ b/ChangeLog.d/fix-issue-x509-cert_req.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix possible NULL dereference issue in X509 cert_req program if an entry in the san parameter is not separated by a colon. From 7cb635a56340785bcf2b61caef9ac70df6e014ca Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 12 Oct 2023 16:14:51 +0100 Subject: [PATCH 0237/1674] Adjust the full config Signed-off-by: Dave Rodgman --- scripts/config.py | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/config.py b/scripts/config.py index 3173be483..5f49f2d8c 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -216,6 +216,7 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_A_CRYPTO_IF_PRESENT 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT + 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # setting *_USE_ARMV8_A_CRYPTO is sufficient 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) From bcb1818e19ea455cfddb7926d247513ce4e91939 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 12 Oct 2023 11:50:30 +0100 Subject: [PATCH 0238/1674] Fix IAR 'transfer of control bypasses initialization' warnings Signed-off-by: Dave Rodgman --- library/pkcs12.c | 3 ++- library/pkcs5.c | 3 ++- library/x509_create.c | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/library/pkcs12.c b/library/pkcs12.c index 4db2a4bbf..4e12476d2 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -172,6 +172,7 @@ int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode, size_t iv_len = 0; size_t finish_olen = 0; unsigned int padlen = 0; + mbedtls_cipher_padding_t padding; if (pwd == NULL && pwdlen != 0) { return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA; @@ -218,7 +219,7 @@ int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode, #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /* PKCS12 uses CBC with PKCS7 padding */ - mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; + padding = MBEDTLS_PADDING_PKCS7; #if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) /* For historical reasons, when decrypting, this function works when * decrypting even when support for PKCS7 padding is disabled. In this diff --git a/library/pkcs5.c b/library/pkcs5.c index 2756d058e..3dc97a557 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -152,6 +152,7 @@ int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, mbedtls_cipher_type_t cipher_alg; mbedtls_cipher_context_t cipher_ctx; unsigned int padlen = 0; + mbedtls_cipher_padding_t padding; p = pbe_params->p; end = p + pbe_params->len; @@ -246,7 +247,7 @@ int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, * "PKCS5 padding" except that it's typically only called PKCS5 * with 64-bit-block ciphers). */ - mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; + padding = MBEDTLS_PADDING_PKCS7; #if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) /* For historical reasons, when decrypting, this function works when * decrypting even when support for PKCS7 padding is disabled. In this diff --git a/library/x509_create.c b/library/x509_create.c index 2583cdd0f..93ca2debc 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -243,6 +243,8 @@ static int parse_attribute_value_hex_der_encoded(const char *s, return MBEDTLS_ERR_X509_ALLOC_FAILED; } /* Beyond this point, der needs to be freed on exit. */ + unsigned char *p = der + 1; + for (size_t i = 0; i < der_length; i++) { int c = hexpair_to_int(s + 2 * i); if (c < 0) { @@ -254,7 +256,6 @@ static int parse_attribute_value_hex_der_encoded(const char *s, /* Step 3: decode the DER. */ /* We've checked that der_length >= 1 above. */ *tag = der[0]; - unsigned char *p = der + 1; if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) { goto error; } From 351a81c65dbd12adb29f807bad5c433a8739d1b2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 12 Oct 2023 16:36:05 +0100 Subject: [PATCH 0239/1674] Keep initialisation of p in its original location Signed-off-by: Dave Rodgman --- library/x509_create.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 93ca2debc..271d4f12c 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -218,6 +218,8 @@ static int parse_attribute_value_hex_der_encoded(const char *s, size_t *data_len, int *tag) { + unsigned char *p; + /* Step 1: preliminary length checks. */ /* Each byte is encoded by exactly two hexadecimal digits. */ if (len % 2 != 0) { @@ -243,8 +245,6 @@ static int parse_attribute_value_hex_der_encoded(const char *s, return MBEDTLS_ERR_X509_ALLOC_FAILED; } /* Beyond this point, der needs to be freed on exit. */ - unsigned char *p = der + 1; - for (size_t i = 0; i < der_length; i++) { int c = hexpair_to_int(s + 2 * i); if (c < 0) { @@ -256,6 +256,7 @@ static int parse_attribute_value_hex_der_encoded(const char *s, /* Step 3: decode the DER. */ /* We've checked that der_length >= 1 above. */ *tag = der[0]; + p = der + 1; if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) { goto error; } From 584c8108b3b997e8b5fff93e0187d87cd9d8b406 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 12 Oct 2023 16:55:23 +0100 Subject: [PATCH 0240/1674] Use a block to save 12b Signed-off-by: Dave Rodgman --- library/x509_create.c | 44 +++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/library/x509_create.c b/library/x509_create.c index 271d4f12c..3074ce41c 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -218,8 +218,6 @@ static int parse_attribute_value_hex_der_encoded(const char *s, size_t *data_len, int *tag) { - unsigned char *p; - /* Step 1: preliminary length checks. */ /* Each byte is encoded by exactly two hexadecimal digits. */ if (len % 2 != 0) { @@ -256,31 +254,33 @@ static int parse_attribute_value_hex_der_encoded(const char *s, /* Step 3: decode the DER. */ /* We've checked that der_length >= 1 above. */ *tag = der[0]; - p = der + 1; - if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) { - goto error; - } - /* Now p points to the first byte of the payload inside der, - * and *data_len is the length of the payload. */ + { + unsigned char *p = der + 1; + if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) { + goto error; + } + /* Now p points to the first byte of the payload inside der, + * and *data_len is the length of the payload. */ - /* Step 4: payload validation */ - if (*data_len > MBEDTLS_X509_MAX_DN_NAME_SIZE) { - goto error; - } - /* Strings must not contain null bytes. */ - if (MBEDTLS_ASN1_IS_STRING_TAG(*tag)) { - for (size_t i = 0; i < *data_len; i++) { - if (p[i] == 0) { - goto error; + /* Step 4: payload validation */ + if (*data_len > MBEDTLS_X509_MAX_DN_NAME_SIZE) { + goto error; + } + /* Strings must not contain null bytes. */ + if (MBEDTLS_ASN1_IS_STRING_TAG(*tag)) { + for (size_t i = 0; i < *data_len; i++) { + if (p[i] == 0) { + goto error; + } } } - } - /* Step 5: output the payload. */ - if (*data_len > data_size) { - goto error; + /* Step 5: output the payload. */ + if (*data_len > data_size) { + goto error; + } + memcpy(data, p, *data_len); } - memcpy(data, p, *data_len); mbedtls_free(der); return 0; From 193e383686f1e187f0095bdaf12e860dfd78156e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 13 Oct 2023 09:37:24 +0200 Subject: [PATCH 0241/1674] check_config: fix typo causing build issues with only CCM enabled Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 2e7128595..d9c3b813e 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -1040,7 +1040,7 @@ #endif #if defined(MBEDTLS_SSL_TICKET_C) && \ - !( defined(MBEDTLS_SSL_HAVE_GCM) || defined(MBEDTLS_SSL_HAVE_GCM) || \ + !( defined(MBEDTLS_SSL_HAVE_CCM) || defined(MBEDTLS_SSL_HAVE_GCM) || \ defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) ) #error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" #endif @@ -1143,7 +1143,7 @@ #endif #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) && \ - !( defined(MBEDTLS_SSL_HAVE_GCM) || defined(MBEDTLS_SSL_HAVE_GCM) || \ + !( defined(MBEDTLS_SSL_HAVE_CCM) || defined(MBEDTLS_SSL_HAVE_GCM) || \ defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) ) #error "MBEDTLS_SSL_CONTEXT_SERIALIZATION defined, but not all prerequisites" #endif From d85277c62e3618681f8d2d2d5921b73d143cdf8d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 09:22:54 +0100 Subject: [PATCH 0242/1674] Doxygen fixes Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index b5c0d5879..f2451cb4c 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3301,7 +3301,9 @@ */ //#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT -/* +/** + * \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT + * * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT. * This name is now deprecated, but may still be used as an alternative form for * this option. @@ -3325,7 +3327,7 @@ * armclang <= 6.9 * * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. - * That name is deprecated, but may still be used as an alternative form for this + * That name is \deprecated, but may still be used as an alternative form for this * option. * * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same @@ -3340,7 +3342,9 @@ */ //#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY -/* +/** + * \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY + * * \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY. * This name is now deprecated, but may still be used as an alternative form for * this option. From ab0cff5b4e3215c7c5b4541a10a6397fd59bb4ff Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 09:32:04 +0100 Subject: [PATCH 0243/1674] Require asm/hwcap.h for testing Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 253f6c0fa..aec54c166 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4341,8 +4341,13 @@ component_build_aes_aesce_armcc () { support_build_sha_armce() { # clang >= 4 is required to build with SHA extensions - ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" - [ "${ver}" -ge 4 ] + clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" + + # we need asm/hwcap.h available for runtime detection + echo '#include ' | clang -E - >/dev/null 2>&1 + have_hwcap=$? + + [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 0 ]] } component_build_sha_armce () { From 7821df3e8baab741b6753223d1d971078609cfa9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 09:38:44 +0100 Subject: [PATCH 0244/1674] Adjust use of deprecated in Doxygen Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index f2451cb4c..73229ea91 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3327,7 +3327,7 @@ * armclang <= 6.9 * * \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY. - * That name is \deprecated, but may still be used as an alternative form for this + * That name is deprecated, but may still be used as an alternative form for this * option. * * \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same From eade3fedb240ce288e7b0102d60709ccb1a3dc1f Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 13 Oct 2023 09:59:19 +0100 Subject: [PATCH 0245/1674] Fix code style issue in cert_req program Signed-off-by: Waleed Elmelegy --- programs/x509/cert_req.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index bc4eb80d5..ff744a430 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -262,7 +262,8 @@ usage: if ((subtype_value = strchr(q, ':')) != NULL) { *subtype_value++ = '\0'; } else { - mbedtls_printf("Invalid argument for option SAN: Entry should be separated by a colon\n"); + mbedtls_printf( + "Invalid argument for option SAN: Entry should be separated by a colon\n"); goto usage; } if (strcmp(q, "RFC822") == 0) { From 5867465e9093c1e8b6846f48ed33da8a5ec1b4af Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 13 Oct 2023 10:03:12 +0100 Subject: [PATCH 0246/1674] Fix code style issue in cert_write program Signed-off-by: Waleed Elmelegy --- programs/x509/cert_write.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 19215c954..8bee0a666 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -584,7 +584,8 @@ usage: if ((subtype_value = strchr(q, ':')) != NULL) { *subtype_value++ = '\0'; } else { - mbedtls_printf("Invalid argument for option SAN: Entry should be separated by a colon\n"); + mbedtls_printf( + "Invalid argument for option SAN: Entry should be separated by a colon\n"); goto usage; } if (strcmp(q, "RFC822") == 0) { From 768bc143ad8aad064bdee6033bdcc69b2cb362a4 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 10:15:55 +0100 Subject: [PATCH 0247/1674] Fix hwcap test for CI Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index aec54c166..22289e543 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4344,10 +4344,9 @@ support_build_sha_armce() { clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" # we need asm/hwcap.h available for runtime detection - echo '#include ' | clang -E - >/dev/null 2>&1 - have_hwcap=$? + echo '#include ' | clang -E - >/dev/null 2>&1 && no_hwcap=0 || no_hwcap=1 - [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 0 ]] + [[ "${clang_ver}" -ge 4 && "${no_hwcap}" -eq 0 ]] } component_build_sha_armce () { From 107c60c765b9fdc7832612cc199648732b3943dc Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 13 Oct 2023 10:25:58 +0100 Subject: [PATCH 0248/1674] Fix changelog style issue Signed-off-by: Waleed Elmelegy --- ChangeLog.d/fix-issue-x509-cert_write.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog.d/fix-issue-x509-cert_write.txt b/ChangeLog.d/fix-issue-x509-cert_write.txt index 7e1f31d2e..43d67c21d 100644 --- a/ChangeLog.d/fix-issue-x509-cert_write.txt +++ b/ChangeLog.d/fix-issue-x509-cert_write.txt @@ -1,2 +1,3 @@ Bugfix - * Fix possible NULL dereference issue in X509 cert_write program if an entry in the san parameter is not separated by a colon. + * Fix possible NULL dereference issue in X509 cert_write program if an entry + in the san parameter is not separated by a colon. From 0badeb45607f9dc21503433ef7db74c10c5eeaf9 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 13 Oct 2023 10:27:13 +0100 Subject: [PATCH 0249/1674] Fix changelog code style issue Signed-off-by: Waleed Elmelegy --- ChangeLog.d/fix-issue-x509-cert_req.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog.d/fix-issue-x509-cert_req.txt b/ChangeLog.d/fix-issue-x509-cert_req.txt index 7e4effdf8..3a5171b83 100644 --- a/ChangeLog.d/fix-issue-x509-cert_req.txt +++ b/ChangeLog.d/fix-issue-x509-cert_req.txt @@ -1,2 +1,3 @@ Bugfix - * Fix possible NULL dereference issue in X509 cert_req program if an entry in the san parameter is not separated by a colon. + * Fix possible NULL dereference issue in X509 cert_req program if an entry + in the san parameter is not separated by a colon. From 97a6231b5c1e0caf10d58498ba8a450f19c24c83 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 13 Oct 2023 11:39:53 +0200 Subject: [PATCH 0250/1674] Revert "Fix a few IAR warnings" --- library/pkcs12.c | 3 +-- library/pkcs5.c | 3 +-- library/x509_create.c | 44 +++++++++++++++++++++---------------------- 3 files changed, 23 insertions(+), 27 deletions(-) diff --git a/library/pkcs12.c b/library/pkcs12.c index 4e12476d2..4db2a4bbf 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -172,7 +172,6 @@ int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode, size_t iv_len = 0; size_t finish_olen = 0; unsigned int padlen = 0; - mbedtls_cipher_padding_t padding; if (pwd == NULL && pwdlen != 0) { return MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA; @@ -219,7 +218,7 @@ int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode, #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) /* PKCS12 uses CBC with PKCS7 padding */ - padding = MBEDTLS_PADDING_PKCS7; + mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; #if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) /* For historical reasons, when decrypting, this function works when * decrypting even when support for PKCS7 padding is disabled. In this diff --git a/library/pkcs5.c b/library/pkcs5.c index 3dc97a557..2756d058e 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -152,7 +152,6 @@ int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, mbedtls_cipher_type_t cipher_alg; mbedtls_cipher_context_t cipher_ctx; unsigned int padlen = 0; - mbedtls_cipher_padding_t padding; p = pbe_params->p; end = p + pbe_params->len; @@ -247,7 +246,7 @@ int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, * "PKCS5 padding" except that it's typically only called PKCS5 * with 64-bit-block ciphers). */ - padding = MBEDTLS_PADDING_PKCS7; + mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; #if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) /* For historical reasons, when decrypting, this function works when * decrypting even when support for PKCS7 padding is disabled. In this diff --git a/library/x509_create.c b/library/x509_create.c index 3074ce41c..2583cdd0f 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -254,33 +254,31 @@ static int parse_attribute_value_hex_der_encoded(const char *s, /* Step 3: decode the DER. */ /* We've checked that der_length >= 1 above. */ *tag = der[0]; - { - unsigned char *p = der + 1; - if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) { - goto error; - } - /* Now p points to the first byte of the payload inside der, - * and *data_len is the length of the payload. */ + unsigned char *p = der + 1; + if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) { + goto error; + } + /* Now p points to the first byte of the payload inside der, + * and *data_len is the length of the payload. */ - /* Step 4: payload validation */ - if (*data_len > MBEDTLS_X509_MAX_DN_NAME_SIZE) { - goto error; - } - /* Strings must not contain null bytes. */ - if (MBEDTLS_ASN1_IS_STRING_TAG(*tag)) { - for (size_t i = 0; i < *data_len; i++) { - if (p[i] == 0) { - goto error; - } + /* Step 4: payload validation */ + if (*data_len > MBEDTLS_X509_MAX_DN_NAME_SIZE) { + goto error; + } + /* Strings must not contain null bytes. */ + if (MBEDTLS_ASN1_IS_STRING_TAG(*tag)) { + for (size_t i = 0; i < *data_len; i++) { + if (p[i] == 0) { + goto error; } } - - /* Step 5: output the payload. */ - if (*data_len > data_size) { - goto error; - } - memcpy(data, p, *data_len); } + + /* Step 5: output the payload. */ + if (*data_len > data_size) { + goto error; + } + memcpy(data, p, *data_len); mbedtls_free(der); return 0; From 9a32632577c9ea24f6c8f2e487e6b2ed8511dca4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 4 Oct 2023 20:03:55 +0200 Subject: [PATCH 0251/1674] Fix 3rdparty/Makefile.inc when included recursively 3rdparty/Makefile.inc could only be used when included from the primary makefile passed to make. It could not be used directly, or included from a makefile that is itself included. This was due to counting from the left of $(MAKEFILE_LIST) instead of using the last element. Since each include directive appends to $(MAKEFILE_LIST), when using it to determine $(THIRDPARTY_DIR), we need to use a simply-expanded variable. Signed-off-by: Gilles Peskine --- 3rdparty/Makefile.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/3rdparty/Makefile.inc b/3rdparty/Makefile.inc index 80dc12692..70f316b0c 100644 --- a/3rdparty/Makefile.inc +++ b/3rdparty/Makefile.inc @@ -1,3 +1,3 @@ -THIRDPARTY_DIR = $(dir $(word 2, $(MAKEFILE_LIST))) +THIRDPARTY_DIR := $(dir $(lastword $(MAKEFILE_LIST))) include $(THIRDPARTY_DIR)/everest/Makefile.inc include $(THIRDPARTY_DIR)/p256-m/Makefile.inc From cc88ccdda1d594fea51218c5b584e166d020c6f7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 10:33:15 +0100 Subject: [PATCH 0252/1674] Include existing Makefile Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index fec46cc50..7b801a3ec 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3950,12 +3950,16 @@ build_test_config_combos() { # This ensures that we have any include paths, macro definitions, etc # that may be applied by make. # Add -fsyntax-only as we only want a syntax check and don't need to generate a file. - compile_cmd=$(make -B -n ${file} CC=clang CFLAGS="${warning_flags} -fsyntax-only" | egrep "^clang") + compile_cmd="clang \$(LOCAL_CFLAGS) ${warning_flags} -fsyntax-only -c" - makefile=$(mktemp) + makefile=$(TMPDIR=. mktemp) deps="" len=${#options[@]} + source_file=${file%.o}.c + + targets=0 + echo 'include Makefile' >${makefile} for ((i = 0; i < $((2**${len})); i++)); do # generate each of 2^n combinations of options @@ -3973,17 +3977,18 @@ build_test_config_combos() { # if combination is not known to be invalid, add it to the makefile if [[ -z $validate_options ]] || [[ $($validate_options "${clang_args}") == "" ]] ; then cmd="${compile_cmd} ${clang_args}" - echo "${target}:" >> ${makefile} - echo -e "\t$cmd" >> ${makefile} + echo "${target}: ${source_file}; $cmd ${source_file}" >> ${makefile} deps="${deps} ${target}" + ((++targets)) fi done - echo "all: ${deps}" >> ${makefile} + echo "build_test_config_combos: ${deps}" >> ${makefile} # execute all of the commands via Make (probably in parallel) - make -s -f ${makefile} all + make -s -f ${makefile} build_test_config_combos + echo "$targets targets checked" # clean up the temporary makefile rm ${makefile} From 2457bcd26c2c8b803dce6318432b2a4f31ffa0bf Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 12:31:45 +0100 Subject: [PATCH 0253/1674] Tidy up logic for MBEDTLS_MAYBE_UNUSED Signed-off-by: Dave Rodgman --- library/common.h | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/library/common.h b/library/common.h index de26d451b..570b97eca 100644 --- a/library/common.h +++ b/library/common.h @@ -335,24 +335,24 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #endif /* Suppress compiler warnings for unused functions and variables. */ -#if !defined(MBEDTLS_MAYBE_UNUSED) && (defined(__GNUC__) || defined(__clang__)) -#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__has_attribute) +# if __has_attribute(unused) +# define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +# endif +#endif +#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__GNUC__) +# define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) #endif #if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__IAR_SYSTEMS_ICC__) && defined(__VER__) -#if (__VER__ >= 8010000) // IAR 8.1 or later -#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) -#endif +# if (__VER__ >= 8010000) // IAR 8.1 or later +# define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +# endif #endif #if !defined(MBEDTLS_MAYBE_UNUSED) && defined(_MSC_VER) -#define MBEDTLS_MAYBE_UNUSED __pragma(warning(suppress:4189)) -#endif -#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__has_attribute) -#if __has_attribute(unused) -#define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) -#endif +# define MBEDTLS_MAYBE_UNUSED __pragma(warning(suppress:4189)) #endif #if !defined(MBEDTLS_MAYBE_UNUSED) -#define MBEDTLS_MAYBE_UNUSED +# define MBEDTLS_MAYBE_UNUSED #endif #endif /* MBEDTLS_LIBRARY_COMMON_H */ From 515af1d80dce7effa946bb31a91c3b5f19189872 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 14:40:14 +0100 Subject: [PATCH 0254/1674] Stop IAR warning about goto skipping variable definition Signed-off-by: Dave Rodgman --- library/pkcs12.c | 27 ++++++++++++++------------- library/pkcs5.c | 32 +++++++++++++++++--------------- library/x509_create.c | 42 ++++++++++++++++++++++-------------------- 3 files changed, 53 insertions(+), 48 deletions(-) diff --git a/library/pkcs12.c b/library/pkcs12.c index 4db2a4bbf..42e4fb438 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -216,21 +216,22 @@ int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode, } #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - /* PKCS12 uses CBC with PKCS7 padding */ - - mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; + { + /* PKCS12 uses CBC with PKCS7 padding */ + mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; #if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) - /* For historical reasons, when decrypting, this function works when - * decrypting even when support for PKCS7 padding is disabled. In this - * case, it ignores the padding, and so will never report a - * password mismatch. - */ - if (mode == MBEDTLS_PKCS12_PBE_DECRYPT) { - padding = MBEDTLS_PADDING_NONE; - } + /* For historical reasons, when decrypting, this function works when + * decrypting even when support for PKCS7 padding is disabled. In this + * case, it ignores the padding, and so will never report a + * password mismatch. + */ + if (mode == MBEDTLS_PKCS12_PBE_DECRYPT) { + padding = MBEDTLS_PADDING_NONE; + } #endif - if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) { - goto exit; + if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) { + goto exit; + } } #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ diff --git a/library/pkcs5.c b/library/pkcs5.c index 2756d058e..d10a1937c 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -242,23 +242,25 @@ int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, } #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) - /* PKCS5 uses CBC with PKCS7 padding (which is the same as - * "PKCS5 padding" except that it's typically only called PKCS5 - * with 64-bit-block ciphers). - */ - mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; + { + /* PKCS5 uses CBC with PKCS7 padding (which is the same as + * "PKCS5 padding" except that it's typically only called PKCS5 + * with 64-bit-block ciphers). + */ + mbedtls_cipher_padding_t padding = MBEDTLS_PADDING_PKCS7; #if !defined(MBEDTLS_CIPHER_PADDING_PKCS7) - /* For historical reasons, when decrypting, this function works when - * decrypting even when support for PKCS7 padding is disabled. In this - * case, it ignores the padding, and so will never report a - * password mismatch. - */ - if (mode == MBEDTLS_DECRYPT) { - padding = MBEDTLS_PADDING_NONE; - } + /* For historical reasons, when decrypting, this function works when + * decrypting even when support for PKCS7 padding is disabled. In this + * case, it ignores the padding, and so will never report a + * password mismatch. + */ + if (mode == MBEDTLS_DECRYPT) { + padding = MBEDTLS_PADDING_NONE; + } #endif - if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) { - goto exit; + if ((ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, padding)) != 0) { + goto exit; + } } #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ if ((ret = mbedtls_cipher_crypt(&cipher_ctx, iv, enc_scheme_params.len, diff --git a/library/x509_create.c b/library/x509_create.c index 2583cdd0f..62fb119ba 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -254,31 +254,33 @@ static int parse_attribute_value_hex_der_encoded(const char *s, /* Step 3: decode the DER. */ /* We've checked that der_length >= 1 above. */ *tag = der[0]; - unsigned char *p = der + 1; - if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) { - goto error; - } - /* Now p points to the first byte of the payload inside der, - * and *data_len is the length of the payload. */ + { + unsigned char *p = der + 1; + if (mbedtls_asn1_get_len(&p, der + der_length, data_len) != 0) { + goto error; + } + /* Now p points to the first byte of the payload inside der, + * and *data_len is the length of the payload. */ - /* Step 4: payload validation */ - if (*data_len > MBEDTLS_X509_MAX_DN_NAME_SIZE) { - goto error; - } - /* Strings must not contain null bytes. */ - if (MBEDTLS_ASN1_IS_STRING_TAG(*tag)) { - for (size_t i = 0; i < *data_len; i++) { - if (p[i] == 0) { - goto error; + /* Step 4: payload validation */ + if (*data_len > MBEDTLS_X509_MAX_DN_NAME_SIZE) { + goto error; + } + /* Strings must not contain null bytes. */ + if (MBEDTLS_ASN1_IS_STRING_TAG(*tag)) { + for (size_t i = 0; i < *data_len; i++) { + if (p[i] == 0) { + goto error; + } } } - } - /* Step 5: output the payload. */ - if (*data_len > data_size) { - goto error; + /* Step 5: output the payload. */ + if (*data_len > data_size) { + goto error; + } + memcpy(data, p, *data_len); } - memcpy(data, p, *data_len); mbedtls_free(der); return 0; From 37801d714b6f72b349536a9ed1b5663edbb0524c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 13 Oct 2023 16:06:55 +0100 Subject: [PATCH 0255/1674] Invert no_hwcap variable Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 22289e543..91ed1a566 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4344,9 +4344,9 @@ support_build_sha_armce() { clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" # we need asm/hwcap.h available for runtime detection - echo '#include ' | clang -E - >/dev/null 2>&1 && no_hwcap=0 || no_hwcap=1 + echo '#include ' | clang -E - >/dev/null 2>&1 && have_hwcap=1 || have_hwcap=0 - [[ "${clang_ver}" -ge 4 && "${no_hwcap}" -eq 0 ]] + [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 1 ]] } component_build_sha_armce () { From 5f5573fa90bade3f5d505882a486df2c9c7df839 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 13 Oct 2023 14:32:09 +0200 Subject: [PATCH 0256/1674] cipher: reintroduce symbol for legacy AEAD support Signed-off-by: Valerio Setti --- include/mbedtls/cipher.h | 8 ++++++-- library/cipher.c | 8 ++++---- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index bda768cfb..e13bee6a0 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -33,6 +33,10 @@ #include #include "mbedtls/platform_util.h" +#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) +#define MBEDTLS_CIPHER_HAVE_AEAD_LEGACY +#endif + #if defined(MBEDTLS_CIPHER_MODE_CBC) #define MBEDTLS_CIPHER_MODE_WITH_PADDING #endif @@ -1076,7 +1080,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen); -#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) || defined(MBEDTLS_NIST_KW_C) /** * \brief The authenticated encryption (AEAD/NIST_KW) function. * @@ -1183,7 +1187,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t output_len, size_t *olen, size_t tag_len); -#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY || MBEDTLS_NIST_KW_C */ #ifdef __cplusplus } #endif diff --git a/library/cipher.c b/library/cipher.c index f17f3e0e1..7009c19b4 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1390,7 +1390,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, return 0; } -#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) /* * Packet-oriented encryption for AEAD modes: internal function used by * mbedtls_cipher_auth_encrypt_ext(). @@ -1569,9 +1569,9 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ -#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) || defined(MBEDTLS_NIST_KW_C) /* * Packet-oriented encryption for AEAD/NIST_KW: public function. */ @@ -1671,6 +1671,6 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */ } -#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY || MBEDTLS_NIST_KW_C */ #endif /* MBEDTLS_CIPHER_C */ From 132261345d1fec20f629138cf74c8cf5fb5a744c Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Mon, 16 Oct 2023 14:03:29 +0800 Subject: [PATCH 0257/1674] all.sh: revert changes in test_m32* AESNI for x86 (32-bit) have been tested in a seperate component, we don't need to test twice. Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ca8404049..64bde15fd 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4626,7 +4626,8 @@ component_test_m32_o0 () { # build) and not the i386-specific inline assembly. msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s scripts/config.py full - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0 -maes -msse2 -mpclmul" LDFLAGS="-m32 $ASAN_CFLAGS" + scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O0 (ASan build)" make test @@ -4643,7 +4644,8 @@ component_test_m32_o2 () { # and go faster for tests. msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s scripts/config.py full - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2 -maes -msse2 -mpclmul" LDFLAGS="-m32 $ASAN_CFLAGS" + scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O2 (ASan build)" make test @@ -4658,7 +4660,8 @@ support_test_m32_o2 () { component_test_m32_everest () { msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2 -maes -msse2 -mpclmul" LDFLAGS="-m32 $ASAN_CFLAGS" + scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s make test From 4b0e8f0e2c67f88816f7ebfc314e725986fe6343 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 6 Jul 2023 12:25:12 +0200 Subject: [PATCH 0258/1674] Remove redundant include MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It's also included later, guarded by support for ECC keys, and actually that's the only case where we need it. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 1 - 1 file changed, 1 deletion(-) diff --git a/library/pkparse.c b/library/pkparse.c index e1422df77..687c2c082 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -26,7 +26,6 @@ #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" -#include "pk_internal.h" #include From da88c380bd9674efef64b91b9ff34057c6b537d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 6 Jul 2023 12:31:43 +0200 Subject: [PATCH 0259/1674] Minimize key-type-related includes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - we don't use any ECDSA function here - we only need to include ecp.h when supporting ECC keys Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 687c2c082..1dd5653e2 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -29,16 +29,16 @@ #include +/* Key types */ #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" #endif -#include "mbedtls/ecp.h" #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) +#include "mbedtls/ecp.h" #include "pk_internal.h" #endif -#if defined(MBEDTLS_ECDSA_C) -#include "mbedtls/ecdsa.h" -#endif + +/* Extended formats */ #if defined(MBEDTLS_PEM_PARSE_C) #include "mbedtls/pem.h" #endif From 5fcbe4c1f802b5532a198f91d7cfa33f211c7cbc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 6 Jul 2023 13:02:51 +0200 Subject: [PATCH 0260/1674] Further rationalize includes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - only include psa_util when we use PSA Crypto - re-order includes Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 1dd5653e2..3fca2c44f 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -25,10 +25,16 @@ #include "mbedtls/asn1.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" +#include "mbedtls/platform.h" #include "mbedtls/error.h" #include +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "mbedtls/psa_util.h" +#include "psa/crypto.h" +#endif + /* Key types */ #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" @@ -49,16 +55,6 @@ #include "mbedtls/pkcs12.h" #endif -#if defined(MBEDTLS_PSA_CRYPTO_C) -#include "psa_util_internal.h" -#endif - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "psa/crypto.h" -#endif - -#include "mbedtls/platform.h" - /* Helper for Montgomery curves */ #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) && defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) #define MBEDTLS_PK_IS_RFC8410_GROUP_ID(id) \ From 2585852231fb4e895dc9471f547c0e81bd97f308 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 24 Jul 2023 11:44:55 +0200 Subject: [PATCH 0261/1674] Factor common code into a function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit There were two places that were calling either pk_update_ecparams() or mbedtls_ecp_group_load() depending on the same guard. Factor this into a single function, that works in both configs, so that callers don't have to worry about guards. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 67 ++++++++++++++++++----------------------------- 1 file changed, 26 insertions(+), 41 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 3fca2c44f..d5ffc862d 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -453,28 +453,39 @@ cleanup: } #endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) -/* Functions pk_use_ecparams() and pk_use_ecparams_rfc8410() update the - * ecp_keypair structure with proper group ID. The purpose of this helper - * function is to update ec_family and ec_bits accordingly. */ -static int pk_update_psa_ecparams(mbedtls_pk_context *pk, - mbedtls_ecp_group_id grp_id) +/* + * Set the group used by this key. + */ +static int pk_ecc_set_group(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) { - psa_ecc_family_t ec_family; - size_t bits; +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + size_t ec_bits; + psa_ecc_family_t ec_family = mbedtls_ecc_group_to_psa(grp_id, &ec_bits); - ec_family = mbedtls_ecc_group_to_psa(grp_id, &bits); - - if ((pk->ec_family != 0) && (pk->ec_family != ec_family)) { + /* group may already be initialized; if so, make sure IDs match */ + if ((pk->ec_family != 0 && pk->ec_family != ec_family) || + (pk->ec_bits != 0 && pk->ec_bits != ec_bits)) { return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; } + /* set group */ pk->ec_family = ec_family; - pk->ec_bits = bits; + pk->ec_bits = ec_bits; return 0; -} +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec_rw(*pk); + + /* grp may already be initialized; if so, make sure IDs match */ + if (mbedtls_pk_ec_ro(*pk)->grp.id != MBEDTLS_ECP_DP_NONE && + mbedtls_pk_ec_ro(*pk)->grp.id != grp_id) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + + /* set group */ + return mbedtls_ecp_group_load(&(ecp->grp), grp_id); #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +} /* * Use EC parameters to initialise an EC group @@ -503,22 +514,7 @@ static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_pk_context *p #endif } -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - ret = pk_update_psa_ecparams(pk, grp_id); -#else - /* grp may already be initialized; if so, make sure IDs match */ - if (mbedtls_pk_ec_ro(*pk)->grp.id != MBEDTLS_ECP_DP_NONE && - mbedtls_pk_ec_ro(*pk)->grp.id != grp_id) { - return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; - } - - if ((ret = mbedtls_ecp_group_load(&(mbedtls_pk_ec_rw(*pk)->grp), - grp_id)) != 0) { - return ret; - } -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ - - return ret; + return pk_ecc_set_group(pk, grp_id); } /* @@ -588,22 +584,11 @@ static int pk_use_ecparams_rfc8410(const mbedtls_asn1_buf *params, mbedtls_ecp_group_id grp_id, mbedtls_pk_context *pk) { - int ret; - if (params->tag != 0 || params->len != 0) { return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; } -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - ret = pk_update_psa_ecparams(pk, grp_id); -#else - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec_rw(*pk); - ret = mbedtls_ecp_group_load(&(ecp->grp), grp_id); - if (ret != 0) { - return ret; - } -#endif - return ret; + return pk_ecc_set_group(pk, grp_id); } /* From d5b43720121916237f4474f13e27e288c62cb8f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 24 Jul 2023 12:06:22 +0200 Subject: [PATCH 0262/1674] Slightly simplify pk_derive_public_key() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - add a comment explain potentially surprising parameters - avoid nesting #if guards: I find the linear structure #if #elif #else makes the three cases clearer. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index d5ffc862d..78155ba32 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -519,24 +519,32 @@ static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_pk_context *p /* * Helper function for deriving a public key from its private counterpart. + * + * Note: the private key information is always available from pk, + * however for convenience the serialized version is also passed, + * as it's available at each calling site, and useful in some configs + * (as otherwise we're have to re-serialize it from the pk context). */ static int pk_derive_public_key(mbedtls_pk_context *pk, const unsigned char *d, size_t d_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { - int ret; -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) psa_status_t status; (void) f_rng; (void) p_rng; -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) (void) d; (void) d_len; status = psa_export_public_key(pk->priv_id, pk->pub_raw, sizeof(pk->pub_raw), &pk->pub_raw_len); - ret = psa_pk_status_to_mbedtls(status); -#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + return psa_pk_status_to_mbedtls(status); +#elif defined(MBEDTLS_USE_PSA_CRYPTO) /* && !MBEDTLS_PK_USE_PSA_EC_DATA */ + int ret; + psa_status_t status; + (void) f_rng; + (void) p_rng; + mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; unsigned char key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; size_t key_len; @@ -563,16 +571,14 @@ static int pk_derive_public_key(mbedtls_pk_context *pk, } else if (destruction_status != PSA_SUCCESS) { return psa_pk_status_to_mbedtls(destruction_status); } - ret = mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, key_buf, key_len); -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + return mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, key_buf, key_len); #else /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; (void) d; (void) d_len; - ret = mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, f_rng, p_rng); + return mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, f_rng, p_rng); #endif /* MBEDTLS_USE_PSA_CRYPTO */ - return ret; } #if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) From 6db11d5068d73c56ca8bfb2a7ca68b52cc258173 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 25 Jul 2023 11:20:48 +0200 Subject: [PATCH 0263/1674] Group two versions of the same code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Just moving code around. The two blocks do morally the same thing: load the key, and grouping them makes the #if #else structure clearer. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 44 +++++++++++++++++++++----------------------- 1 file changed, 21 insertions(+), 23 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 78155ba32..edcc2e291 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1214,11 +1214,30 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, } -#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA) +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); + /* Setting largest masks for usage and key algorithms */ + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_SIGN_MESSAGE | + PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE); +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + psa_set_key_algorithm(&attributes, + PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)); +#else + psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); +#endif + psa_set_key_enrollment_algorithm(&attributes, PSA_ALG_ECDH); + + status = psa_import_key(&attributes, d, d_len, &pk->priv_id); + if (status != PSA_SUCCESS) { + ret = psa_pk_status_to_mbedtls(status); + return ret; + } +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ if ((ret = mbedtls_ecp_read_key(eck->grp.id, eck, d, d_len)) != 0) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } -#endif +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ if (p != end) { /* @@ -1255,27 +1274,6 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, } } -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); - /* Setting largest masks for usage and key algorithms */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | - PSA_KEY_USAGE_SIGN_MESSAGE | - PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE); -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - psa_set_key_algorithm(&attributes, - PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)); -#else - psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); -#endif - psa_set_key_enrollment_algorithm(&attributes, PSA_ALG_ECDH); - - status = psa_import_key(&attributes, d, d_len, &pk->priv_id); - if (status != PSA_SUCCESS) { - ret = psa_pk_status_to_mbedtls(status); - return ret; - } -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ - if (!pubkey_done) { if ((ret = pk_derive_public_key(pk, d, d_len, f_rng, p_rng)) != 0) { return ret; From dcd98fffabeedfbff4dae473b8be368b728960af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 25 Jul 2023 11:58:31 +0200 Subject: [PATCH 0264/1674] Factor similar code into pk_ecc_set_key() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 100 ++++++++++++++++++++++++---------------------- 1 file changed, 52 insertions(+), 48 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index edcc2e291..114a56389 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -487,6 +487,48 @@ static int pk_ecc_set_group(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ } +/* + * Set the private key material + * + * Must have already set the group with pk_ecc_set_group(). + * + * The 'key' argument points to the raw private key (no ASN.1 wrapping). + */ +static int pk_ecc_set_key(mbedtls_pk_context *pk, + unsigned char *key, size_t len) +{ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status; + + psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); + psa_set_key_algorithm(&attributes, PSA_ALG_ECDH); + psa_key_usage_t flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE; + if (pk->ec_family != PSA_ECC_FAMILY_MONTGOMERY) { + flags |= PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE; +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + psa_set_key_enrollment_algorithm(&attributes, + PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)); +#else + psa_set_key_enrollment_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); +#endif + } + psa_set_key_usage_flags(&attributes, flags); + + status = psa_import_key(&attributes, key, len, &pk->priv_id); + return psa_pk_status_to_mbedtls(status); + +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + + mbedtls_ecp_keypair *eck = mbedtls_pk_ec_rw(*pk); + int ret = mbedtls_ecp_read_key(eck->grp.id, eck, key, len); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } + return 0; +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +} + /* * Use EC parameters to initialise an EC group * @@ -617,27 +659,13 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; } -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_status_t status; - - psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT | - PSA_KEY_USAGE_DERIVE); - psa_set_key_algorithm(&attributes, PSA_ALG_ECDH); - - status = psa_import_key(&attributes, key, len, &pk->priv_id); - if (status != PSA_SUCCESS) { - ret = psa_pk_status_to_mbedtls(status); + /* + * Load the private key + */ + ret = pk_ecc_set_key(pk, key, len); + if (ret != 0) { return ret; } -#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ - mbedtls_ecp_keypair *eck = mbedtls_pk_ec_rw(*pk); - - if ((ret = mbedtls_ecp_read_key(eck->grp.id, eck, key, len)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); - } -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ /* pk_parse_key_pkcs8_unencrypted_der() only supports version 1 PKCS8 keys, * which never contain a public key. As such, derive the public key @@ -1153,12 +1181,6 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, unsigned char *d; unsigned char *end = p + keylen; unsigned char *end2; -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_status_t status; -#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ - mbedtls_ecp_keypair *eck = mbedtls_pk_ec_rw(*pk); -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ /* * RFC 5915, or SEC1 Appendix C.4 @@ -1213,31 +1235,13 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, } } - -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); - /* Setting largest masks for usage and key algorithms */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | - PSA_KEY_USAGE_SIGN_MESSAGE | - PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE); -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - psa_set_key_algorithm(&attributes, - PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)); -#else - psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); -#endif - psa_set_key_enrollment_algorithm(&attributes, PSA_ALG_ECDH); - - status = psa_import_key(&attributes, d, d_len, &pk->priv_id); - if (status != PSA_SUCCESS) { - ret = psa_pk_status_to_mbedtls(status); + /* + * Load the private key + */ + ret = pk_ecc_set_key(pk, d, d_len); + if (ret != 0) { return ret; } -#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ - if ((ret = mbedtls_ecp_read_key(eck->grp.id, eck, d, d_len)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); - } -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ if (p != end) { /* From 78fc0bd1db4ba98d3210372a9ae0a1b95c16ca10 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 8 Aug 2023 10:36:15 +0100 Subject: [PATCH 0265/1674] Define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS on Windows-on-Arm Signed-off-by: Dave Rodgman --- library/alignment.h | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/library/alignment.h b/library/alignment.h index ab15986e5..211e7ac37 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -35,11 +35,16 @@ * efficient when this is not defined. */ #if defined(__ARM_FEATURE_UNALIGNED) \ - || defined(__i386__) || defined(__amd64__) || defined(__x86_64__) + || defined(__i386__) || defined(__amd64__) || defined(__x86_64__) \ + || defined(_M_ARM64) || defined(_M_ARM64EC) /* * __ARM_FEATURE_UNALIGNED is defined where appropriate by armcc, gcc 7, clang 9 * (and later versions) for Arm v7 and later; all x86 platforms should have * efficient unaligned access. + * + * https://learn.microsoft.com/en-us/cpp/build/arm64-windows-abi-conventions?view=msvc-170#alignment + * specifies that on Windows-on-Arm64, unaligned access is safe (except for uncached + * device memory). */ #define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS #endif From ad71b6a834b136249a2aee549f4b85644b424377 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 8 Aug 2023 10:37:33 +0100 Subject: [PATCH 0266/1674] Support ARM64EC in the same way as ARM64 in sha256 and sha512 Signed-off-by: Dave Rodgman --- library/sha256.c | 4 ++-- library/sha512.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index 223badf00..20d5188b6 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -110,7 +110,7 @@ # include # endif # endif -#elif defined(_M_ARM64) +#elif defined(_M_ARM64) || defined(_M_ARM64EC) # if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) # include @@ -135,7 +135,7 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) { return 1; } -#elif defined(_M_ARM64) +#elif defined(_M_ARM64) || defined(_M_ARM64EC) #define WIN32_LEAN_AND_MEAN #include #include diff --git a/library/sha512.c b/library/sha512.c index e739af254..23e8745a5 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -154,7 +154,7 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) NULL, 0); return ret == 0 && value != 0; } -#elif defined(_M_ARM64) +#elif defined(_M_ARM64) || defined(_M_ARM64EC) /* * As of March 2022, there don't appear to be any PF_ARM_V8_* flags * available to pass to IsProcessorFeaturePresent() to check for From be0928666614cf52510845ad1d3c44607b075f1d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 8 Aug 2023 10:42:55 +0100 Subject: [PATCH 0267/1674] Enable 8-byte fastpath in mbedtls_xor on ARM64 and ARM64EC Signed-off-by: Dave Rodgman --- library/common.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/common.h b/library/common.h index 3c472c685..f83821691 100644 --- a/library/common.h +++ b/library/common.h @@ -188,7 +188,8 @@ inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned uint8x16_t x = veorq_u8(v1, v2); vst1q_u8(r + i, x); } -#elif defined(__amd64__) || defined(__x86_64__) || defined(__aarch64__) +#elif defined(__amd64__) || defined(__x86_64__) || \ + defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC) /* This codepath probably only makes sense on architectures with 64-bit registers */ for (; (i + 8) <= n; i += 8) { uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i); @@ -227,7 +228,8 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, { size_t i = 0; #if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) -#if defined(__amd64__) || defined(__x86_64__) || defined(__aarch64__) +#if defined(__amd64__) || defined(__x86_64__) || \ + defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC) /* This codepath probably only makes sense on architectures with 64-bit registers */ for (; (i + 8) <= n; i += 8) { uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i); From 4ffd7c7614b8f6a9a083de0b9e8c5588ca987e4a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 5 Sep 2023 11:43:02 +0100 Subject: [PATCH 0268/1674] Introduce MBEDTLS_HAVE_NEON_INTRINSICS and simplify NEON header inclusion Signed-off-by: Dave Rodgman --- library/common.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/common.h b/library/common.h index f83821691..c080af043 100644 --- a/library/common.h +++ b/library/common.h @@ -33,8 +33,14 @@ #if defined(__ARM_NEON) #include +#define MBEDTLS_HAVE_NEON_INTRINSICS #endif /* __ARM_NEON */ +#if defined(_M_ARM64) || defined(_M_ARM64EC) +#include +#define MBEDTLS_HAVE_NEON_INTRINSICS +#endif + /** Helper to define a function as static except when building invasive tests. * * If a function is only used inside its own source file and should be From a0f10da9d22abea8879af814d739632ed9d30d0a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 5 Sep 2023 11:43:17 +0100 Subject: [PATCH 0269/1674] Use MBEDTLS_HAVE_NEON_INTRINSICS instead of __ARM_NEON Signed-off-by: Dave Rodgman --- library/aesce.c | 6 ++---- library/common.h | 2 +- library/sha256.c | 13 +++---------- library/sha512.c | 6 ++---- 4 files changed, 8 insertions(+), 19 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 8b42b034f..21ec47daa 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -26,7 +26,7 @@ * By defining the macros ourselves we gain access to those declarations without * requiring -march on the command line. * - * `arm_neon.h` could be included by any header file, so we put these defines + * `arm_neon.h` is included by common.h, so we put these defines * at the top of this file, before any includes. */ #define __ARM_FEATURE_CRYPTO 1 @@ -66,9 +66,7 @@ # endif #endif -#ifdef __ARM_NEON -#include -#else +#if !defined(MBEDTLS_HAVE_NEON_INTRINSICS) #error "Target does not support NEON instructions" #endif diff --git a/library/common.h b/library/common.h index c080af043..fd2aecb20 100644 --- a/library/common.h +++ b/library/common.h @@ -187,7 +187,7 @@ inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned { size_t i = 0; #if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) -#if defined(__ARM_NEON) +#if defined(MBEDTLS_HAVE_NEON_INTRINSICS) for (; (i + 16) <= n; i += 16) { uint8x16_t v1 = vld1q_u8(a + i); uint8x16_t v2 = vld1q_u8(b + i); diff --git a/library/sha256.c b/library/sha256.c index 20d5188b6..da6ec180c 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -31,7 +31,7 @@ * By defining the macros ourselves we gain access to those declarations without * requiring -march on the command line. * - * `arm_neon.h` could be included by any header file, so we put these defines + * `arm_neon.h` is included by common.h, so we put these defines * at the top of this file, before any includes. */ #define __ARM_FEATURE_CRYPTO 1 @@ -63,9 +63,7 @@ /* *INDENT-OFF* */ -# ifdef __ARM_NEON -# include -# else +# if !defined(MBEDTLS_HAVE_NEON_INTRINSICS) # error "Target does not support NEON instructions" # endif @@ -110,12 +108,7 @@ # include # endif # endif -#elif defined(_M_ARM64) || defined(_M_ARM64EC) -# if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) -# include -# endif -#else +#elif !(defined(_M_ARM64) || defined(_M_ARM64EC)) # undef MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY # undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT #endif diff --git a/library/sha512.c b/library/sha512.c index 23e8745a5..0e99914dd 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -31,7 +31,7 @@ * By defining the macros ourselves we gain access to those declarations without * requiring -march on the command line. * - * `arm_neon.h` could be included by any header file, so we put these defines + * `arm_neon.h` is included by common.h, so we put these defines * at the top of this file, before any includes. */ #define __ARM_FEATURE_SHA512 1 @@ -60,9 +60,7 @@ # if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) /* *INDENT-OFF* */ -# ifdef __ARM_NEON -# include -# else +# if !defined(MBEDTLS_HAVE_NEON_INTRINSICS) # error "Target does not support NEON instructions" # endif /* From c5cc727dd04d1a5df16487d30c81a6a2ff2f0e0e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 15 Sep 2023 11:41:17 +0100 Subject: [PATCH 0270/1674] Use new MBEDTLS_ARCH_IS_xxx macros Signed-off-by: Dave Rodgman --- library/alignment.h | 2 +- library/common.h | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/library/alignment.h b/library/alignment.h index 211e7ac37..ff811e34d 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -35,7 +35,7 @@ * efficient when this is not defined. */ #if defined(__ARM_FEATURE_UNALIGNED) \ - || defined(__i386__) || defined(__amd64__) || defined(__x86_64__) \ + || defined(MBEDTLS_ARCH_IS_X86) || defined(MBEDTLS_ARCH_IS_X64) \ || defined(_M_ARM64) || defined(_M_ARM64EC) /* * __ARM_FEATURE_UNALIGNED is defined where appropriate by armcc, gcc 7, clang 9 diff --git a/library/common.h b/library/common.h index fd2aecb20..6c65084f4 100644 --- a/library/common.h +++ b/library/common.h @@ -194,8 +194,7 @@ inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned uint8x16_t x = veorq_u8(v1, v2); vst1q_u8(r + i, x); } -#elif defined(__amd64__) || defined(__x86_64__) || \ - defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC) +#elif defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_ARM64) /* This codepath probably only makes sense on architectures with 64-bit registers */ for (; (i + 8) <= n; i += 8) { uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i); @@ -234,8 +233,7 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, { size_t i = 0; #if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) -#if defined(__amd64__) || defined(__x86_64__) || \ - defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC) +#if defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_ARM64) /* This codepath probably only makes sense on architectures with 64-bit registers */ for (; (i + 8) <= n; i += 8) { uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i); From 0a48717b83f3629b2f43ae925f18db0c7d0409d5 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 15 Sep 2023 11:52:06 +0100 Subject: [PATCH 0271/1674] Simplify Windows-on-Arm macros Signed-off-by: Dave Rodgman --- include/mbedtls/build_info.h | 4 ++++ library/alignment.h | 2 +- library/bignum.c | 3 ++- library/common.h | 4 +--- library/sha256.c | 4 ++-- library/sha512.c | 9 ++------- 6 files changed, 12 insertions(+), 14 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 842f15c58..cb2cda76d 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -74,6 +74,10 @@ #define MBEDTLS_ARCH_IS_X86 #endif +#if defined(_M_ARM64) || defined(_M_ARM64EC) +#define MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64 +#endif + #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 #endif diff --git a/library/alignment.h b/library/alignment.h index ff811e34d..d8c4fb384 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -36,7 +36,7 @@ */ #if defined(__ARM_FEATURE_UNALIGNED) \ || defined(MBEDTLS_ARCH_IS_X86) || defined(MBEDTLS_ARCH_IS_X64) \ - || defined(_M_ARM64) || defined(_M_ARM64EC) + || defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64) /* * __ARM_FEATURE_UNALIGNED is defined where appropriate by armcc, gcc 7, clang 9 * (and later versions) for Arm v7 and later; all x86 platforms should have diff --git a/library/bignum.c b/library/bignum.c index 7c265e04d..795952ccd 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -114,7 +114,8 @@ int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, * about whether the assignment was made or not. * (Leaking information about the respective sizes of X and Y is ok however.) */ -#if defined(_MSC_VER) && defined(_M_ARM64) && (_MSC_FULL_VER < 193131103) +#if defined(_MSC_VER) && defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64) && \ + (_MSC_FULL_VER < 193131103) /* * MSVC miscompiles this function if it's inlined prior to Visual Studio 2022 version 17.1. See: * https://developercommunity.visualstudio.com/t/c-compiler-miscompiles-part-of-mbedtls-library-on/1646989 diff --git a/library/common.h b/library/common.h index 6c65084f4..48fb6d0d7 100644 --- a/library/common.h +++ b/library/common.h @@ -34,9 +34,7 @@ #if defined(__ARM_NEON) #include #define MBEDTLS_HAVE_NEON_INTRINSICS -#endif /* __ARM_NEON */ - -#if defined(_M_ARM64) || defined(_M_ARM64EC) +#elif defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64) #include #define MBEDTLS_HAVE_NEON_INTRINSICS #endif diff --git a/library/sha256.c b/library/sha256.c index da6ec180c..ed47c7c51 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -108,7 +108,7 @@ # include # endif # endif -#elif !(defined(_M_ARM64) || defined(_M_ARM64EC)) +#elif !defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64) # undef MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY # undef MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT #endif @@ -128,7 +128,7 @@ static int mbedtls_a64_crypto_sha256_determine_support(void) { return 1; } -#elif defined(_M_ARM64) || defined(_M_ARM64EC) +#elif defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64) #define WIN32_LEAN_AND_MEAN #include #include diff --git a/library/sha512.c b/library/sha512.c index 0e99914dd..05b89408f 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -119,12 +119,7 @@ # include # endif # endif -#elif defined(_M_ARM64) -# if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -# include -# endif -#else +#elif !defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64) # undef MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY # undef MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT #endif @@ -152,7 +147,7 @@ static int mbedtls_a64_crypto_sha512_determine_support(void) NULL, 0); return ret == 0 && value != 0; } -#elif defined(_M_ARM64) || defined(_M_ARM64EC) +#elif defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64) /* * As of March 2022, there don't appear to be any PF_ARM_V8_* flags * available to pass to IsProcessorFeaturePresent() to check for From 3e521849231f31df0af4f4d860b8f2417eb64d2a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 18 Sep 2023 10:36:21 +0100 Subject: [PATCH 0272/1674] Make macro definition more consistent with similar defns Signed-off-by: Dave Rodgman --- include/mbedtls/build_info.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index cb2cda76d..895645064 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -74,7 +74,8 @@ #define MBEDTLS_ARCH_IS_X86 #endif -#if defined(_M_ARM64) || defined(_M_ARM64EC) +#if !defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64) && \ + (defined(_M_ARM64) || defined(_M_ARM64EC)) #define MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64 #endif From 116175c5d7f2b44f5d3186e845b9881d519d53d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 25 Jul 2023 12:06:55 +0200 Subject: [PATCH 0273/1674] Use helper macro for (deterministic) ECDSA MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - centralizes decision making about which version to use when - avoids nested #ifs in pk_ecc_set_key() Signed-off-by: Manuel Pégourié-Gonnard --- library/pk_internal.h | 9 +++++++-- library/pk_wrap.c | 9 ++------- library/pkparse.c | 7 ++----- 3 files changed, 11 insertions(+), 14 deletions(-) diff --git a/library/pk_internal.h b/library/pk_internal.h index 004660e09..9becbecd4 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -117,14 +117,19 @@ static inline mbedtls_ecp_group_id mbedtls_pk_get_group_id(const mbedtls_pk_cont #endif /* MBEDTLS_ECP_HAVE_CURVE25519 || MBEDTLS_ECP_DP_CURVE448 */ #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ -#if defined(MBEDTLS_TEST_HOOKS) +/* Helper for (deterministic) ECDSA */ +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) +#define MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET PSA_ALG_DETERMINISTIC_ECDSA +#else +#define MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET PSA_ALG_ECDSA +#endif +#if defined(MBEDTLS_TEST_HOOKS) MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der( mbedtls_pk_context *pk, unsigned char *key, size_t keylen, const unsigned char *pwd, size_t pwdlen, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); - #endif #endif /* MBEDTLS_PK_INTERNAL_H */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 436876a5d..53e11d5cb 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -1037,13 +1037,8 @@ static int ecdsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(ctx->grp.id, &curve_bits); size_t key_len = PSA_BITS_TO_BYTES(curve_bits); -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - psa_algorithm_t psa_sig_md = - PSA_ALG_DETERMINISTIC_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)); -#else - psa_algorithm_t psa_sig_md = - PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)); -#endif + psa_algorithm_t psa_hash = mbedtls_md_psa_alg_from_type(md_alg); + psa_algorithm_t psa_sig_md = MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET(psa_hash); ((void) f_rng); ((void) p_rng); diff --git a/library/pkparse.c b/library/pkparse.c index 114a56389..3f67786e4 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -504,14 +504,11 @@ static int pk_ecc_set_key(mbedtls_pk_context *pk, psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); psa_set_key_algorithm(&attributes, PSA_ALG_ECDH); psa_key_usage_t flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE; + /* Montgomery allows only ECDH, others ECDSA too */ if (pk->ec_family != PSA_ECC_FAMILY_MONTGOMERY) { flags |= PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE; -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) psa_set_key_enrollment_algorithm(&attributes, - PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)); -#else - psa_set_key_enrollment_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); -#endif + MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET(PSA_ALG_ANY_HASH)); } psa_set_key_usage_flags(&attributes, flags); From e82fcd9c9e01cd3b63c76e792b9136834cc38f34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 10:53:25 +0200 Subject: [PATCH 0274/1674] Avoid nested #ifs in body of pk_get_ecpubkey() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 3f67786e4..72eed097f 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -675,7 +675,7 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, } #endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) && defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) /* * Create a temporary ecp_keypair for converting an EC point in compressed * format to an uncompressed one @@ -685,6 +685,7 @@ static int pk_convert_compressed_ec(mbedtls_pk_context *pk, size_t *out_buf_len, unsigned char *out_buf, size_t out_buf_size) { +#if defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) mbedtls_ecp_keypair ecp_key; mbedtls_ecp_group_id ecp_group_id; int ret; @@ -708,8 +709,11 @@ static int pk_convert_compressed_ec(mbedtls_pk_context *pk, exit: mbedtls_ecp_keypair_free(&ecp_key); return ret; +#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; +#endif /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ } -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA && MBEDTLS_PK_PARSE_EC_COMPRESSED */ +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ /* * EC public key is an EC point @@ -732,20 +736,15 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - /* Compressed point format are not supported yet by PSA crypto. As a - * consequence ecp functions are used to "convert" the point to - * uncompressed format */ if ((**p == 0x02) || (**p == 0x03)) { -#if defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) + /* Compressed format, not supported by PSA Crypto. + * Try converting using functions from ECP_LIGHT. */ ret = pk_convert_compressed_ec(pk, *p, len, &(pk->pub_raw_len), pk->pub_raw, PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); if (ret != 0) { return ret; } -#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ } else { /* Uncompressed format */ if ((size_t) (end - *p) > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { From df151bbc37c47c9da99ecf7eca8e127e521038db Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 11:06:46 +0200 Subject: [PATCH 0275/1674] Minor improvements to pk_ecc_read_compressed() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - new name starting with pk_ecc for consistency - re-order params to match the PSA convention: buf, len, &size - add comment about input consumption Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 72eed097f..3fa1a8422 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -679,11 +679,14 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, /* * Create a temporary ecp_keypair for converting an EC point in compressed * format to an uncompressed one + * + * Consumes everything or fails - inherited from + * mbedtls_ecp_point_read_binary(). */ -static int pk_convert_compressed_ec(mbedtls_pk_context *pk, - const unsigned char *in_start, size_t in_len, - size_t *out_buf_len, unsigned char *out_buf, - size_t out_buf_size) +static int pk_ecc_read_compressed(mbedtls_pk_context *pk, + const unsigned char *in_start, size_t in_len, + unsigned char *out_buf, size_t out_buf_size, + size_t *out_buf_len) { #if defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) mbedtls_ecp_keypair ecp_key; @@ -730,7 +733,7 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) mbedtls_svc_key_id_t key; psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; - size_t len = (end - *p); + size_t len = (size_t) (end - *p); if (len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -739,19 +742,20 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, if ((**p == 0x02) || (**p == 0x03)) { /* Compressed format, not supported by PSA Crypto. * Try converting using functions from ECP_LIGHT. */ - ret = pk_convert_compressed_ec(pk, *p, len, - &(pk->pub_raw_len), pk->pub_raw, - PSA_EXPORT_PUBLIC_KEY_MAX_SIZE); + ret = pk_ecc_read_compressed(pk, *p, len, + pk->pub_raw, + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE, + &pk->pub_raw_len); if (ret != 0) { return ret; } } else { /* Uncompressed format */ - if ((size_t) (end - *p) > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { + if (len > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; } - memcpy(pk->pub_raw, *p, (end - *p)); - pk->pub_raw_len = end - *p; + memcpy(pk->pub_raw, *p, len); + pk->pub_raw_len = len; } /* Validate the key by trying to importing it */ @@ -778,7 +782,8 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ /* - * We know mbedtls_ecp_point_read_binary consumed all bytes or failed + * We know mbedtls_ecp_point_read_binary and pk_ecc_read_compressed either + * consumed all bytes or failed, and memcpy consumed all bytes too. */ *p = (unsigned char *) end; From 212517b87d72fb96145e066535f3a895884ea701 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 12:05:38 +0200 Subject: [PATCH 0276/1674] Start re-ordering functions in pkparse MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The general order is low-level first, top-level last, for the sake of static function and avoiding forward declarations. The obvious exception was functions that parse files that were at the beginning; move them to the end. Also start defining sections in the file; this is incomplete as I don't have a clear view of the beginning of the file yet. Will continue in further commits. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 222 +++++++++++++++++++++++++--------------------- 1 file changed, 120 insertions(+), 102 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 3fa1a8422..fbf8cbfc1 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -61,108 +61,6 @@ ((id == MBEDTLS_ECP_DP_CURVE25519) || (id == MBEDTLS_ECP_DP_CURVE448)) #endif /* MBEDTLS_PK_HAVE_ECC_KEYS && MBEDTLS_PK_HAVE_RFC8410_CURVES */ -#if defined(MBEDTLS_FS_IO) -/* - * Load all data from a file into a given buffer. - * - * The file is expected to contain either PEM or DER encoded data. - * A terminating null byte is always appended. It is included in the announced - * length only if the data looks like it is PEM encoded. - */ -int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n) -{ - FILE *f; - long size; - - if ((f = fopen(path, "rb")) == NULL) { - return MBEDTLS_ERR_PK_FILE_IO_ERROR; - } - - /* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */ - mbedtls_setbuf(f, NULL); - - fseek(f, 0, SEEK_END); - if ((size = ftell(f)) == -1) { - fclose(f); - return MBEDTLS_ERR_PK_FILE_IO_ERROR; - } - fseek(f, 0, SEEK_SET); - - *n = (size_t) size; - - if (*n + 1 == 0 || - (*buf = mbedtls_calloc(1, *n + 1)) == NULL) { - fclose(f); - return MBEDTLS_ERR_PK_ALLOC_FAILED; - } - - if (fread(*buf, 1, *n, f) != *n) { - fclose(f); - - mbedtls_zeroize_and_free(*buf, *n); - - return MBEDTLS_ERR_PK_FILE_IO_ERROR; - } - - fclose(f); - - (*buf)[*n] = '\0'; - - if (strstr((const char *) *buf, "-----BEGIN ") != NULL) { - ++*n; - } - - return 0; -} - -/* - * Load and parse a private key - */ -int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx, - const char *path, const char *pwd, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t n; - unsigned char *buf; - - if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { - return ret; - } - - if (pwd == NULL) { - ret = mbedtls_pk_parse_key(ctx, buf, n, NULL, 0, f_rng, p_rng); - } else { - ret = mbedtls_pk_parse_key(ctx, buf, n, - (const unsigned char *) pwd, strlen(pwd), f_rng, p_rng); - } - - mbedtls_zeroize_and_free(buf, n); - - return ret; -} - -/* - * Load and parse a public key - */ -int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t n; - unsigned char *buf; - - if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { - return ret; - } - - ret = mbedtls_pk_parse_public_key(ctx, buf, n); - - mbedtls_zeroize_and_free(buf, n); - - return ret; -} -#endif /* MBEDTLS_FS_IO */ - #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) /* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf * @@ -1289,6 +1187,12 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, } #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ +/*********************************************************************** + * + * PKCS#8 parsing functions + * + **********************************************************************/ + /* * Parse an unencrypted PKCS#8 encoded private key * @@ -1524,6 +1428,12 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der( } #endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */ +/*********************************************************************** + * + * Top-level functions, with format auto-discovery + * + **********************************************************************/ + /* * Parse a private key */ @@ -1843,4 +1753,112 @@ int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, return ret; } +/*********************************************************************** + * + * Top-level functions, with filesystem support + * + **********************************************************************/ + +#if defined(MBEDTLS_FS_IO) +/* + * Load all data from a file into a given buffer. + * + * The file is expected to contain either PEM or DER encoded data. + * A terminating null byte is always appended. It is included in the announced + * length only if the data looks like it is PEM encoded. + */ +int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n) +{ + FILE *f; + long size; + + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_PK_FILE_IO_ERROR; + } + + /* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */ + mbedtls_setbuf(f, NULL); + + fseek(f, 0, SEEK_END); + if ((size = ftell(f)) == -1) { + fclose(f); + return MBEDTLS_ERR_PK_FILE_IO_ERROR; + } + fseek(f, 0, SEEK_SET); + + *n = (size_t) size; + + if (*n + 1 == 0 || + (*buf = mbedtls_calloc(1, *n + 1)) == NULL) { + fclose(f); + return MBEDTLS_ERR_PK_ALLOC_FAILED; + } + + if (fread(*buf, 1, *n, f) != *n) { + fclose(f); + + mbedtls_zeroize_and_free(*buf, *n); + + return MBEDTLS_ERR_PK_FILE_IO_ERROR; + } + + fclose(f); + + (*buf)[*n] = '\0'; + + if (strstr((const char *) *buf, "-----BEGIN ") != NULL) { + ++*n; + } + + return 0; +} + +/* + * Load and parse a private key + */ +int mbedtls_pk_parse_keyfile(mbedtls_pk_context *ctx, + const char *path, const char *pwd, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t n; + unsigned char *buf; + + if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { + return ret; + } + + if (pwd == NULL) { + ret = mbedtls_pk_parse_key(ctx, buf, n, NULL, 0, f_rng, p_rng); + } else { + ret = mbedtls_pk_parse_key(ctx, buf, n, + (const unsigned char *) pwd, strlen(pwd), f_rng, p_rng); + } + + mbedtls_zeroize_and_free(buf, n); + + return ret; +} + +/* + * Load and parse a public key + */ +int mbedtls_pk_parse_public_keyfile(mbedtls_pk_context *ctx, const char *path) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t n; + unsigned char *buf; + + if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) { + return ret; + } + + ret = mbedtls_pk_parse_public_key(ctx, buf, n); + + mbedtls_zeroize_and_free(buf, n); + + return ret; +} +#endif /* MBEDTLS_FS_IO */ + #endif /* MBEDTLS_PK_PARSE_C */ From 997a95e5926d4ef64836e8702fe2d00c955b9878 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 15:18:30 +0200 Subject: [PATCH 0277/1674] Merge two consecutive #ifs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index fbf8cbfc1..98094a36f 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -55,13 +55,14 @@ #include "mbedtls/pkcs12.h" #endif +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + /* Helper for Montgomery curves */ -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) && defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) +#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) #define MBEDTLS_PK_IS_RFC8410_GROUP_ID(id) \ ((id == MBEDTLS_ECP_DP_CURVE25519) || (id == MBEDTLS_ECP_DP_CURVE448)) -#endif /* MBEDTLS_PK_HAVE_ECC_KEYS && MBEDTLS_PK_HAVE_RFC8410_CURVES */ +#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) /* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf * * ECParameters ::= CHOICE { From 5470898e37875e2cf29019c4e66322f8a4ba5e69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 15:38:36 +0200 Subject: [PATCH 0278/1674] Move code around again MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 566 ++++++++++++++++++++++++---------------------- 1 file changed, 292 insertions(+), 274 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 98094a36f..5a35c43fb 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -57,56 +57,274 @@ #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) -/* Helper for Montgomery curves */ -#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) -#define MBEDTLS_PK_IS_RFC8410_GROUP_ID(id) \ - ((id == MBEDTLS_ECP_DP_CURVE25519) || (id == MBEDTLS_ECP_DP_CURVE448)) -#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ - -/* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf +/*********************************************************************** * - * ECParameters ::= CHOICE { - * namedCurve OBJECT IDENTIFIER - * specifiedCurve SpecifiedECDomain -- = SEQUENCE { ... } - * -- implicitCurve NULL - * } + * ECC setters + * + * 1. This is an abstraction layer around MBEDTLS_PK_USE_PSA_EC_DATA: + * this macro will not appear outside this section. + * 2. All inputs are raw: no metadata, no ASN.1 until the next section. + * + **********************************************************************/ + +/* + * Set the group used by this key. */ -static int pk_get_ecparams(unsigned char **p, const unsigned char *end, - mbedtls_asn1_buf *params) +static int pk_ecc_set_group(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) +{ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + size_t ec_bits; + psa_ecc_family_t ec_family = mbedtls_ecc_group_to_psa(grp_id, &ec_bits); + + /* group may already be initialized; if so, make sure IDs match */ + if ((pk->ec_family != 0 && pk->ec_family != ec_family) || + (pk->ec_bits != 0 && pk->ec_bits != ec_bits)) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + + /* set group */ + pk->ec_family = ec_family; + pk->ec_bits = ec_bits; + + return 0; +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec_rw(*pk); + + /* grp may already be initialized; if so, make sure IDs match */ + if (mbedtls_pk_ec_ro(*pk)->grp.id != MBEDTLS_ECP_DP_NONE && + mbedtls_pk_ec_ro(*pk)->grp.id != grp_id) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + + /* set group */ + return mbedtls_ecp_group_load(&(ecp->grp), grp_id); +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +} + +/* + * Set the private key material + * + * Must have already set the group with pk_ecc_set_group(). + * + * The 'key' argument points to the raw private key (no ASN.1 wrapping). + */ +static int pk_ecc_set_key(mbedtls_pk_context *pk, + unsigned char *key, size_t len) +{ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status; + + psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); + psa_set_key_algorithm(&attributes, PSA_ALG_ECDH); + psa_key_usage_t flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE; + /* Montgomery allows only ECDH, others ECDSA too */ + if (pk->ec_family != PSA_ECC_FAMILY_MONTGOMERY) { + flags |= PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE; + psa_set_key_enrollment_algorithm(&attributes, + MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET(PSA_ALG_ANY_HASH)); + } + psa_set_key_usage_flags(&attributes, flags); + + status = psa_import_key(&attributes, key, len, &pk->priv_id); + return psa_pk_status_to_mbedtls(status); + +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + + mbedtls_ecp_keypair *eck = mbedtls_pk_ec_rw(*pk); + int ret = mbedtls_ecp_read_key(eck->grp.id, eck, key, len); + if (ret != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } + return 0; +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +} + +/* + * Helper function for deriving a public key from its private counterpart. + * + * Note: the private key information is always available from pk, + * however for convenience the serialized version is also passed, + * as it's available at each calling site, and useful in some configs + * (as otherwise we're have to re-serialize it from the pk context). + */ +static int pk_derive_public_key(mbedtls_pk_context *pk, + const unsigned char *d, size_t d_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) +{ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + psa_status_t status; + (void) f_rng; + (void) p_rng; + (void) d; + (void) d_len; + + status = psa_export_public_key(pk->priv_id, pk->pub_raw, sizeof(pk->pub_raw), + &pk->pub_raw_len); + return psa_pk_status_to_mbedtls(status); +#elif defined(MBEDTLS_USE_PSA_CRYPTO) /* && !MBEDTLS_PK_USE_PSA_EC_DATA */ + int ret; + psa_status_t status; + (void) f_rng; + (void) p_rng; + + mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; + unsigned char key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; + size_t key_len; + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; + size_t curve_bits; + psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(eck->grp.id, &curve_bits); + psa_status_t destruction_status; + + psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); + psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT); + + status = psa_import_key(&key_attr, d, d_len, &key_id); + ret = psa_pk_status_to_mbedtls(status); + if (ret != 0) { + return ret; + } + + status = psa_export_public_key(key_id, key_buf, sizeof(key_buf), &key_len); + ret = psa_pk_status_to_mbedtls(status); + destruction_status = psa_destroy_key(key_id); + if (ret != 0) { + return ret; + } else if (destruction_status != PSA_SUCCESS) { + return psa_pk_status_to_mbedtls(destruction_status); + } + return mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, key_buf, key_len); +#else /* MBEDTLS_USE_PSA_CRYPTO */ + mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; + (void) d; + (void) d_len; + + return mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, f_rng, p_rng); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +} + +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) +/* + * Create a temporary ecp_keypair for converting an EC point in compressed + * format to an uncompressed one + * + * Consumes everything or fails - inherited from + * mbedtls_ecp_point_read_binary(). + */ +static int pk_ecc_read_compressed(mbedtls_pk_context *pk, + const unsigned char *in_start, size_t in_len, + unsigned char *out_buf, size_t out_buf_size, + size_t *out_buf_len) +{ +#if defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) + mbedtls_ecp_keypair ecp_key; + mbedtls_ecp_group_id ecp_group_id; + int ret; + + ecp_group_id = mbedtls_ecc_group_of_psa(pk->ec_family, pk->ec_bits, 0); + + mbedtls_ecp_keypair_init(&ecp_key); + ret = mbedtls_ecp_group_load(&(ecp_key.grp), ecp_group_id); + if (ret != 0) { + return ret; + } + ret = mbedtls_ecp_point_read_binary(&(ecp_key.grp), &ecp_key.Q, + in_start, in_len); + if (ret != 0) { + goto exit; + } + ret = mbedtls_ecp_point_write_binary(&(ecp_key.grp), &ecp_key.Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, + out_buf_len, out_buf, out_buf_size); + +exit: + mbedtls_ecp_keypair_free(&ecp_key); + return ret; +#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; +#endif /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ +} +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + +/* + * EC public key is an EC point + * + * The caller is responsible for clearing the structure upon failure if + * desired. Take care to pass along the possible ECP_FEATURE_UNAVAILABLE + * return code of mbedtls_ecp_point_read_binary() and leave p in a usable state. + */ +static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, + mbedtls_pk_context *pk) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if (end - *p < 1) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_OUT_OF_DATA); +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + mbedtls_svc_key_id_t key; + psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; + size_t len = (size_t) (end - *p); + + if (len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - /* Tag may be either OID or SEQUENCE */ - params->tag = **p; - if (params->tag != MBEDTLS_ASN1_OID -#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) - && params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) -#endif - ) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + if ((**p == 0x02) || (**p == 0x03)) { + /* Compressed format, not supported by PSA Crypto. + * Try converting using functions from ECP_LIGHT. */ + ret = pk_ecc_read_compressed(pk, *p, len, + pk->pub_raw, + PSA_EXPORT_PUBLIC_KEY_MAX_SIZE, + &pk->pub_raw_len); + if (ret != 0) { + return ret; + } + } else { + /* Uncompressed format */ + if (len > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { + return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; + } + memcpy(pk->pub_raw, *p, len); + pk->pub_raw_len = len; } - if ((ret = mbedtls_asn1_get_tag(p, end, ¶ms->len, params->tag)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + /* Validate the key by trying to importing it */ + psa_set_key_usage_flags(&key_attrs, 0); + psa_set_key_algorithm(&key_attrs, PSA_ALG_ECDSA_ANY); + psa_set_key_type(&key_attrs, PSA_KEY_TYPE_ECC_PUBLIC_KEY(pk->ec_family)); + psa_set_key_bits(&key_attrs, pk->ec_bits); + + if ((psa_import_key(&key_attrs, pk->pub_raw, pk->pub_raw_len, + &key) != PSA_SUCCESS) || + (psa_destroy_key(key) != PSA_SUCCESS)) { + mbedtls_platform_zeroize(pk->pub_raw, MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN); + pk->pub_raw_len = 0; + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - - params->p = *p; - *p += params->len; - - if (*p != end) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + ret = 0; +#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + mbedtls_ecp_keypair *ec_key = (mbedtls_ecp_keypair *) pk->pk_ctx; + if ((ret = mbedtls_ecp_point_read_binary(&ec_key->grp, &ec_key->Q, + (const unsigned char *) *p, + end - *p)) == 0) { + ret = mbedtls_ecp_check_pubkey(&ec_key->grp, &ec_key->Q); } +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ - return 0; + /* + * We know mbedtls_ecp_point_read_binary and pk_ecc_read_compressed either + * consumed all bytes or failed, and memcpy consumed all bytes too. + */ + *p = (unsigned char *) end; + + return ret; } +/*********************************************************************** + * + * Unsorted (yet!) from this point on until the next section header + * + **********************************************************************/ + #if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) /* * Parse a SpecifiedECDomain (SEC 1 C.2) and (mostly) fill the group with it. @@ -352,77 +570,49 @@ cleanup: } #endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ -/* - * Set the group used by this key. - */ -static int pk_ecc_set_group(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) -{ -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - size_t ec_bits; - psa_ecc_family_t ec_family = mbedtls_ecc_group_to_psa(grp_id, &ec_bits); - /* group may already be initialized; if so, make sure IDs match */ - if ((pk->ec_family != 0 && pk->ec_family != ec_family) || - (pk->ec_bits != 0 && pk->ec_bits != ec_bits)) { - return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; - } - - /* set group */ - pk->ec_family = ec_family; - pk->ec_bits = ec_bits; - - return 0; -#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec_rw(*pk); - - /* grp may already be initialized; if so, make sure IDs match */ - if (mbedtls_pk_ec_ro(*pk)->grp.id != MBEDTLS_ECP_DP_NONE && - mbedtls_pk_ec_ro(*pk)->grp.id != grp_id) { - return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; - } - - /* set group */ - return mbedtls_ecp_group_load(&(ecp->grp), grp_id); -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ -} - -/* - * Set the private key material +/* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf * - * Must have already set the group with pk_ecc_set_group(). - * - * The 'key' argument points to the raw private key (no ASN.1 wrapping). + * ECParameters ::= CHOICE { + * namedCurve OBJECT IDENTIFIER + * specifiedCurve SpecifiedECDomain -- = SEQUENCE { ... } + * -- implicitCurve NULL + * } */ -static int pk_ecc_set_key(mbedtls_pk_context *pk, - unsigned char *key, size_t len) +static int pk_get_ecparams(unsigned char **p, const unsigned char *end, + mbedtls_asn1_buf *params) { -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_status_t status; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); - psa_set_key_algorithm(&attributes, PSA_ALG_ECDH); - psa_key_usage_t flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE; - /* Montgomery allows only ECDH, others ECDSA too */ - if (pk->ec_family != PSA_ECC_FAMILY_MONTGOMERY) { - flags |= PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE; - psa_set_key_enrollment_algorithm(&attributes, - MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET(PSA_ALG_ANY_HASH)); + if (end - *p < 1) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_OUT_OF_DATA); } - psa_set_key_usage_flags(&attributes, flags); - status = psa_import_key(&attributes, key, len, &pk->priv_id); - return psa_pk_status_to_mbedtls(status); + /* Tag may be either OID or SEQUENCE */ + params->tag = **p; + if (params->tag != MBEDTLS_ASN1_OID +#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) + && params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) +#endif + ) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } -#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ - - mbedtls_ecp_keypair *eck = mbedtls_pk_ec_rw(*pk); - int ret = mbedtls_ecp_read_key(eck->grp.id, eck, key, len); - if (ret != 0) { + if ((ret = mbedtls_asn1_get_tag(p, end, ¶ms->len, params->tag)) != 0) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } + + params->p = *p; + *p += params->len; + + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + return 0; -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ } /* @@ -455,70 +645,6 @@ static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_pk_context *p return pk_ecc_set_group(pk, grp_id); } -/* - * Helper function for deriving a public key from its private counterpart. - * - * Note: the private key information is always available from pk, - * however for convenience the serialized version is also passed, - * as it's available at each calling site, and useful in some configs - * (as otherwise we're have to re-serialize it from the pk context). - */ -static int pk_derive_public_key(mbedtls_pk_context *pk, - const unsigned char *d, size_t d_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) -{ -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_status_t status; - (void) f_rng; - (void) p_rng; - (void) d; - (void) d_len; - - status = psa_export_public_key(pk->priv_id, pk->pub_raw, sizeof(pk->pub_raw), - &pk->pub_raw_len); - return psa_pk_status_to_mbedtls(status); -#elif defined(MBEDTLS_USE_PSA_CRYPTO) /* && !MBEDTLS_PK_USE_PSA_EC_DATA */ - int ret; - psa_status_t status; - (void) f_rng; - (void) p_rng; - - mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; - unsigned char key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; - size_t key_len; - mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; - psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; - size_t curve_bits; - psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(eck->grp.id, &curve_bits); - psa_status_t destruction_status; - - psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); - psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT); - - status = psa_import_key(&key_attr, d, d_len, &key_id); - ret = psa_pk_status_to_mbedtls(status); - if (ret != 0) { - return ret; - } - - status = psa_export_public_key(key_id, key_buf, sizeof(key_buf), &key_len); - ret = psa_pk_status_to_mbedtls(status); - destruction_status = psa_destroy_key(key_id); - if (ret != 0) { - return ret; - } else if (destruction_status != PSA_SUCCESS) { - return psa_pk_status_to_mbedtls(destruction_status); - } - return mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, key_buf, key_len); -#else /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; - (void) d; - (void) d_len; - - return mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, f_rng, p_rng); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ -} - #if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) /* @@ -574,120 +700,6 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, } #endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) -/* - * Create a temporary ecp_keypair for converting an EC point in compressed - * format to an uncompressed one - * - * Consumes everything or fails - inherited from - * mbedtls_ecp_point_read_binary(). - */ -static int pk_ecc_read_compressed(mbedtls_pk_context *pk, - const unsigned char *in_start, size_t in_len, - unsigned char *out_buf, size_t out_buf_size, - size_t *out_buf_len) -{ -#if defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) - mbedtls_ecp_keypair ecp_key; - mbedtls_ecp_group_id ecp_group_id; - int ret; - - ecp_group_id = mbedtls_ecc_group_of_psa(pk->ec_family, pk->ec_bits, 0); - - mbedtls_ecp_keypair_init(&ecp_key); - ret = mbedtls_ecp_group_load(&(ecp_key.grp), ecp_group_id); - if (ret != 0) { - return ret; - } - ret = mbedtls_ecp_point_read_binary(&(ecp_key.grp), &ecp_key.Q, - in_start, in_len); - if (ret != 0) { - goto exit; - } - ret = mbedtls_ecp_point_write_binary(&(ecp_key.grp), &ecp_key.Q, - MBEDTLS_ECP_PF_UNCOMPRESSED, - out_buf_len, out_buf, out_buf_size); - -exit: - mbedtls_ecp_keypair_free(&ecp_key); - return ret; -#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ -} -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ - -/* - * EC public key is an EC point - * - * The caller is responsible for clearing the structure upon failure if - * desired. Take care to pass along the possible ECP_FEATURE_UNAVAILABLE - * return code of mbedtls_ecp_point_read_binary() and leave p in a usable state. - */ -static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, - mbedtls_pk_context *pk) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - mbedtls_svc_key_id_t key; - psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; - size_t len = (size_t) (end - *p); - - if (len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) { - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - } - - if ((**p == 0x02) || (**p == 0x03)) { - /* Compressed format, not supported by PSA Crypto. - * Try converting using functions from ECP_LIGHT. */ - ret = pk_ecc_read_compressed(pk, *p, len, - pk->pub_raw, - PSA_EXPORT_PUBLIC_KEY_MAX_SIZE, - &pk->pub_raw_len); - if (ret != 0) { - return ret; - } - } else { - /* Uncompressed format */ - if (len > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { - return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; - } - memcpy(pk->pub_raw, *p, len); - pk->pub_raw_len = len; - } - - /* Validate the key by trying to importing it */ - psa_set_key_usage_flags(&key_attrs, 0); - psa_set_key_algorithm(&key_attrs, PSA_ALG_ECDSA_ANY); - psa_set_key_type(&key_attrs, PSA_KEY_TYPE_ECC_PUBLIC_KEY(pk->ec_family)); - psa_set_key_bits(&key_attrs, pk->ec_bits); - - if ((psa_import_key(&key_attrs, pk->pub_raw, pk->pub_raw_len, - &key) != PSA_SUCCESS) || - (psa_destroy_key(key) != PSA_SUCCESS)) { - mbedtls_platform_zeroize(pk->pub_raw, MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN); - pk->pub_raw_len = 0; - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - } - ret = 0; -#else /* MBEDTLS_PK_USE_PSA_EC_DATA */ - mbedtls_ecp_keypair *ec_key = (mbedtls_ecp_keypair *) pk->pk_ctx; - if ((ret = mbedtls_ecp_point_read_binary(&ec_key->grp, &ec_key->Q, - (const unsigned char *) *p, - end - *p)) == 0) { - ret = mbedtls_ecp_check_pubkey(&ec_key->grp, &ec_key->Q); - } -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ - - /* - * We know mbedtls_ecp_point_read_binary and pk_ecc_read_compressed either - * consumed all bytes or failed, and memcpy consumed all bytes too. - */ - *p = (unsigned char *) end; - - return ret; -} #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ #if defined(MBEDTLS_RSA_C) @@ -799,6 +811,12 @@ static int pk_get_pk_alg(unsigned char **p, return 0; } +/* Helper for Montgomery curves */ +#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) +#define MBEDTLS_PK_IS_RFC8410_GROUP_ID(id) \ + ((id == MBEDTLS_ECP_DP_CURVE25519) || (id == MBEDTLS_ECP_DP_CURVE448)) +#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ + /* * SubjectPublicKeyInfo ::= SEQUENCE { * algorithm AlgorithmIdentifier, From d1aa64239443ec4de20c0571f2dc56b50afa2586 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 22:24:23 +0200 Subject: [PATCH 0279/1674] Document pk_ecc_set_group() and pk_ecc_set_key() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 5a35c43fb..a12374358 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -69,6 +69,10 @@ /* * Set the group used by this key. + * + * [in/out] pk: in: must have been pk_setup() to an ECC type + * out: will have group (curve) information set + * [in] grp_in: a supported group ID (not NONE) */ static int pk_ecc_set_group(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) { @@ -104,12 +108,12 @@ static int pk_ecc_set_group(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) /* * Set the private key material * - * Must have already set the group with pk_ecc_set_group(). - * - * The 'key' argument points to the raw private key (no ASN.1 wrapping). + * [in/out] pk: in: must have the group set already, see pk_ecc_set_group(). + * out: will have the private key set. + * [in] key, key_len: the raw private key (no ASN.1 wrapping). */ static int pk_ecc_set_key(mbedtls_pk_context *pk, - unsigned char *key, size_t len) + unsigned char *key, size_t key_len) { #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -126,13 +130,13 @@ static int pk_ecc_set_key(mbedtls_pk_context *pk, } psa_set_key_usage_flags(&attributes, flags); - status = psa_import_key(&attributes, key, len, &pk->priv_id); + status = psa_import_key(&attributes, key, key_len, &pk->priv_id); return psa_pk_status_to_mbedtls(status); #else /* MBEDTLS_PK_USE_PSA_EC_DATA */ mbedtls_ecp_keypair *eck = mbedtls_pk_ec_rw(*pk); - int ret = mbedtls_ecp_read_key(eck->grp.id, eck, key, len); + int ret = mbedtls_ecp_read_key(eck->grp.id, eck, key, key_len); if (ret != 0) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); } From de25194a20a978a253f8804f47c7cbcf7c402ef8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 22:33:58 +0200 Subject: [PATCH 0280/1674] Rename and document pk_ecc_set_pubkey_from_prv() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 33 ++++++++++++++++++++++----------- 1 file changed, 22 insertions(+), 11 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index a12374358..007e1fc03 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -145,23 +145,34 @@ static int pk_ecc_set_key(mbedtls_pk_context *pk, } /* - * Helper function for deriving a public key from its private counterpart. + * Derive a public key from its private counterpart. + * Computationally intensive, only use when public key is not available. + * + * [in/out] pk: in: must have the private key set, see pk_ecc_set_key(). + * out: will have the public key set. + * [in] prv, prv_len: the raw private key (see note below). + * [in] f_rng, p_rng: RNG function and context. * * Note: the private key information is always available from pk, * however for convenience the serialized version is also passed, * as it's available at each calling site, and useful in some configs * (as otherwise we're have to re-serialize it from the pk context). + * + * There are three implementations of this function: + * 1. MBEDTLS_PK_USE_PSA_EC_DATA, + * 2. MBEDTLS_USE_PSA_CRYPTO but not MBEDTLS_PK_USE_PSA_EC_DATA, + * 3. not MBEDTLS_USE_PSA_CRYPTO. */ -static int pk_derive_public_key(mbedtls_pk_context *pk, - const unsigned char *d, size_t d_len, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) +static int pk_ecc_set_pubkey_from_prv(mbedtls_pk_context *pk, + const unsigned char *prv, size_t prv_len, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) psa_status_t status; (void) f_rng; (void) p_rng; - (void) d; - (void) d_len; + (void) prv; + (void) prv_len; status = psa_export_public_key(pk->priv_id, pk->pub_raw, sizeof(pk->pub_raw), &pk->pub_raw_len); @@ -184,7 +195,7 @@ static int pk_derive_public_key(mbedtls_pk_context *pk, psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT); - status = psa_import_key(&key_attr, d, d_len, &key_id); + status = psa_import_key(&key_attr, prv, prv_len, &key_id); ret = psa_pk_status_to_mbedtls(status); if (ret != 0) { return ret; @@ -201,8 +212,8 @@ static int pk_derive_public_key(mbedtls_pk_context *pk, return mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, key_buf, key_len); #else /* MBEDTLS_USE_PSA_CRYPTO */ mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; - (void) d; - (void) d_len; + (void) prv; + (void) prv_len; return mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, f_rng, p_rng); #endif /* MBEDTLS_USE_PSA_CRYPTO */ @@ -696,7 +707,7 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, /* pk_parse_key_pkcs8_unencrypted_der() only supports version 1 PKCS8 keys, * which never contain a public key. As such, derive the public key * unconditionally. */ - if ((ret = pk_derive_public_key(pk, key, len, f_rng, p_rng)) != 0) { + if ((ret = pk_ecc_set_pubkey_from_prv(pk, key, len, f_rng, p_rng)) != 0) { return ret; } @@ -1201,7 +1212,7 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, } if (!pubkey_done) { - if ((ret = pk_derive_public_key(pk, d, d_len, f_rng, p_rng)) != 0) { + if ((ret = pk_ecc_set_pubkey_from_prv(pk, d, d_len, f_rng, p_rng)) != 0) { return ret; } } From 0b8e45650f0b8d322a823b61ad9a90a2e7cbbbfd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 22:43:25 +0200 Subject: [PATCH 0281/1674] Tune body of pk_ecc_set_pubkey_from_prv() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - avoid useless use of ret in PSA code, keep only status - improve variable names - keep declarations closer to use - a few internal comments Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 43 ++++++++++++++++++++++++------------------- 1 file changed, 24 insertions(+), 19 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 007e1fc03..826412a54 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -168,54 +168,59 @@ static int pk_ecc_set_pubkey_from_prv(mbedtls_pk_context *pk, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_status_t status; + (void) f_rng; (void) p_rng; (void) prv; (void) prv_len; + psa_status_t status; status = psa_export_public_key(pk->priv_id, pk->pub_raw, sizeof(pk->pub_raw), &pk->pub_raw_len); return psa_pk_status_to_mbedtls(status); + #elif defined(MBEDTLS_USE_PSA_CRYPTO) /* && !MBEDTLS_PK_USE_PSA_EC_DATA */ - int ret; - psa_status_t status; + (void) f_rng; (void) p_rng; + psa_status_t status; mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; - unsigned char key_buf[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; - size_t key_len; - mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; - psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; size_t curve_bits; psa_ecc_family_t curve = mbedtls_ecc_group_to_psa(eck->grp.id, &curve_bits); - psa_status_t destruction_status; + /* Import private key into PSA, from serialized input */ + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; psa_set_key_type(&key_attr, PSA_KEY_TYPE_ECC_KEY_PAIR(curve)); psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_EXPORT); - status = psa_import_key(&key_attr, prv, prv_len, &key_id); - ret = psa_pk_status_to_mbedtls(status); - if (ret != 0) { - return ret; + if (status != PSA_SUCCESS) { + return psa_pk_status_to_mbedtls(status); } - status = psa_export_public_key(key_id, key_buf, sizeof(key_buf), &key_len); - ret = psa_pk_status_to_mbedtls(status); - destruction_status = psa_destroy_key(key_id); - if (ret != 0) { - return ret; + /* Export public key from PSA */ + unsigned char pub[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH]; + size_t pub_len; + status = psa_export_public_key(key_id, pub, sizeof(pub), &pub_len); + psa_status_t destruction_status = psa_destroy_key(key_id); + if (status != PSA_SUCCESS) { + return psa_pk_status_to_mbedtls(status); } else if (destruction_status != PSA_SUCCESS) { return psa_pk_status_to_mbedtls(destruction_status); } - return mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, key_buf, key_len); + + /* Load serialized public key into ecp_keypair structure */ + return mbedtls_ecp_point_read_binary(&eck->grp, &eck->Q, pub, pub_len); + #else /* MBEDTLS_USE_PSA_CRYPTO */ - mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; + (void) prv; (void) prv_len; + mbedtls_ecp_keypair *eck = (mbedtls_ecp_keypair *) pk->pk_ctx; return mbedtls_ecp_mul(&eck->grp, &eck->Q, &eck->d, &eck->grp.G, f_rng, p_rng); + #endif /* MBEDTLS_USE_PSA_CRYPTO */ } From 681e30b7275c408549db58a20c8a999c98ab4fce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 23:03:35 +0200 Subject: [PATCH 0282/1674] Rework pk_ecc_set_pubkey_psa_ecp_fallback() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - new semantic: sets the pubkey directly in the PK context - new name to reflect that semantic and obey the naming scheme - trivial case first - documentation and better parameter names Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 38 +++++++++++++++++++++----------------- 1 file changed, 21 insertions(+), 17 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 826412a54..91f56062d 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -226,18 +226,26 @@ static int pk_ecc_set_pubkey_from_prv(mbedtls_pk_context *pk, #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) /* - * Create a temporary ecp_keypair for converting an EC point in compressed - * format to an uncompressed one + * Set the public key: fallback using ECP_LIGHT in the USE_PSA_EC_DATA case. * - * Consumes everything or fails - inherited from - * mbedtls_ecp_point_read_binary(). + * Normally, when MBEDTLS_PK_USE_PSA_EC_DATA is enabled, we only use PSA + * functions to handle keys. However, currently psa_import_key() does not + * support compressed points. In case that support was explicitly requested, + * this fallback uses ECP functions to get the job done. This is the reason + * why MBEDTLS_PK_PARSE_EC_COMPRESSED auto-enables MBEDTLS_ECP_LIGHT. + * + * [in/out] pk: in: must have the group set, see pk_ecc_set_group(). + * out: will have the public key set. + * [in] pub, pub_len: the public key as an ECPoint, + * in any format supported by ECP. */ -static int pk_ecc_read_compressed(mbedtls_pk_context *pk, - const unsigned char *in_start, size_t in_len, - unsigned char *out_buf, size_t out_buf_size, - size_t *out_buf_len) +static int pk_ecc_set_pubkey_psa_ecp_fallback(mbedtls_pk_context *pk, + const unsigned char *pub, + size_t pub_len) { -#if defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) +#if !defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; +#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ mbedtls_ecp_keypair ecp_key; mbedtls_ecp_group_id ecp_group_id; int ret; @@ -250,19 +258,18 @@ static int pk_ecc_read_compressed(mbedtls_pk_context *pk, return ret; } ret = mbedtls_ecp_point_read_binary(&(ecp_key.grp), &ecp_key.Q, - in_start, in_len); + pub, pub_len); if (ret != 0) { goto exit; } ret = mbedtls_ecp_point_write_binary(&(ecp_key.grp), &ecp_key.Q, MBEDTLS_ECP_PF_UNCOMPRESSED, - out_buf_len, out_buf, out_buf_size); + &pk->pub_raw_len, pk->pub_raw, + sizeof(pk->pub_raw)); exit: mbedtls_ecp_keypair_free(&ecp_key); return ret; -#else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ } #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ @@ -291,10 +298,7 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, if ((**p == 0x02) || (**p == 0x03)) { /* Compressed format, not supported by PSA Crypto. * Try converting using functions from ECP_LIGHT. */ - ret = pk_ecc_read_compressed(pk, *p, len, - pk->pub_raw, - PSA_EXPORT_PUBLIC_KEY_MAX_SIZE, - &pk->pub_raw_len); + ret = pk_ecc_set_pubkey_psa_ecp_fallback(pk, *p, len); if (ret != 0) { return ret; } From e4c883bc8cc64141b764b30ad0bc5c820e6831d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 23:31:01 +0200 Subject: [PATCH 0283/1674] New signature for pk_ecc_set_pubkey() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Also new name, for consistency, and documentation. The signature **p, *end is mostly for parsing functions that may not consume everything, and need to update the "current" pointer to reflect what has been consumed. This is not the case here. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 42 +++++++++++++++++------------------------- 1 file changed, 17 insertions(+), 25 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 91f56062d..f897c1e8c 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -275,40 +275,39 @@ exit: #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ /* - * EC public key is an EC point + * Set the public key. * - * The caller is responsible for clearing the structure upon failure if - * desired. Take care to pass along the possible ECP_FEATURE_UNAVAILABLE - * return code of mbedtls_ecp_point_read_binary() and leave p in a usable state. + * [in/out] pk: in: must have its group set, see pk_ecc_set_group(). + * out: will have the public key set. + * [in] pub, pub_len: the raw public key (an ECPoint). */ -static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, - mbedtls_pk_context *pk) +static int pk_ecc_set_pubkey(mbedtls_pk_context *pk, + const unsigned char *pub, size_t pub_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) mbedtls_svc_key_id_t key; psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; - size_t len = (size_t) (end - *p); - if (len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) { + if (pub_len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - if ((**p == 0x02) || (**p == 0x03)) { + if ((*pub == 0x02) || (*pub == 0x03)) { /* Compressed format, not supported by PSA Crypto. * Try converting using functions from ECP_LIGHT. */ - ret = pk_ecc_set_pubkey_psa_ecp_fallback(pk, *p, len); + ret = pk_ecc_set_pubkey_psa_ecp_fallback(pk, pub, pub_len); if (ret != 0) { return ret; } } else { /* Uncompressed format */ - if (len > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { + if (pub_len > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; } - memcpy(pk->pub_raw, *p, len); - pk->pub_raw_len = len; + memcpy(pk->pub_raw, pub, pub_len); + pk->pub_raw_len = pub_len; } /* Validate the key by trying to importing it */ @@ -328,18 +327,10 @@ static int pk_get_ecpubkey(unsigned char **p, const unsigned char *end, #else /* MBEDTLS_PK_USE_PSA_EC_DATA */ mbedtls_ecp_keypair *ec_key = (mbedtls_ecp_keypair *) pk->pk_ctx; if ((ret = mbedtls_ecp_point_read_binary(&ec_key->grp, &ec_key->Q, - (const unsigned char *) *p, - end - *p)) == 0) { + pub, pub_len)) == 0) { ret = mbedtls_ecp_check_pubkey(&ec_key->grp, &ec_key->Q); } #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ - - /* - * We know mbedtls_ecp_point_read_binary and pk_ecc_read_compressed either - * consumed all bytes or failed, and memcpy consumed all bytes too. - */ - *p = (unsigned char *) end; - return ret; } @@ -900,7 +891,8 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, ret = pk_use_ecparams(&alg_params, pk); } if (ret == 0) { - ret = pk_get_ecpubkey(p, end, pk); + ret = pk_ecc_set_pubkey(pk, *p, end - *p); + *p += end - *p; } } else #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ @@ -1204,11 +1196,11 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } - if ((ret = pk_get_ecpubkey(&p, end2, pk)) == 0) { + if ((ret = pk_ecc_set_pubkey(pk, p, end2 - p)) == 0) { pubkey_done = 1; } else { /* - * The only acceptable failure mode of pk_get_ecpubkey() above + * The only acceptable failure mode of pk_ecc_set_pubkey() above * is if the point format is not recognized. */ if (ret != MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE) { From ff72ea9d518b5cfda03288adb586e0c6055d6103 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 Jul 2023 23:56:05 +0200 Subject: [PATCH 0284/1674] Rework pk_ecc_set_pubkey() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Fix the logic around format: we were just assuming that if the format was not compressed, it was uncompressed, but it could also have been just invalid. - Remove redundant length check: the fallback does its own checks. - Remove set_algorithm() that's not needed and introduced a depencency on ECDSA. - Some style / naming / scope reduction. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 57 ++++++++++++++++++++++------------------------- 1 file changed, 27 insertions(+), 30 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index f897c1e8c..e8678ed34 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -284,54 +284,51 @@ exit: static int pk_ecc_set_pubkey(mbedtls_pk_context *pk, const unsigned char *pub, size_t pub_len) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - mbedtls_svc_key_id_t key; - psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; - if (pub_len > PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) { - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - } - - if ((*pub == 0x02) || (*pub == 0x03)) { - /* Compressed format, not supported by PSA Crypto. - * Try converting using functions from ECP_LIGHT. */ - ret = pk_ecc_set_pubkey_psa_ecp_fallback(pk, pub, pub_len); - if (ret != 0) { - return ret; - } - } else { - /* Uncompressed format */ - if (pub_len > MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN) { + /* Load the key */ + if (*pub == 0x04) { + /* Uncompressed format, directly supported by PSA */ + if (pub_len > sizeof(pk->pub_raw)) { return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; } memcpy(pk->pub_raw, pub, pub_len); pk->pub_raw_len = pub_len; + } else { + /* Other format, try the fallback */ + int ret = pk_ecc_set_pubkey_psa_ecp_fallback(pk, pub, pub_len); + if (ret != 0) { + return ret; + } } - /* Validate the key by trying to importing it */ + /* Validate the key by trying to import it */ + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; + psa_set_key_usage_flags(&key_attrs, 0); - psa_set_key_algorithm(&key_attrs, PSA_ALG_ECDSA_ANY); psa_set_key_type(&key_attrs, PSA_KEY_TYPE_ECC_PUBLIC_KEY(pk->ec_family)); psa_set_key_bits(&key_attrs, pk->ec_bits); if ((psa_import_key(&key_attrs, pk->pub_raw, pk->pub_raw_len, - &key) != PSA_SUCCESS) || - (psa_destroy_key(key) != PSA_SUCCESS)) { - mbedtls_platform_zeroize(pk->pub_raw, MBEDTLS_PK_MAX_EC_PUBKEY_RAW_LEN); - pk->pub_raw_len = 0; - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + &key_id) != PSA_SUCCESS) || + (psa_destroy_key(key_id) != PSA_SUCCESS)) { + return MBEDTLS_ERR_PK_INVALID_PUBKEY; } - ret = 0; + + return 0; + #else /* MBEDTLS_PK_USE_PSA_EC_DATA */ + + int ret; mbedtls_ecp_keypair *ec_key = (mbedtls_ecp_keypair *) pk->pk_ctx; - if ((ret = mbedtls_ecp_point_read_binary(&ec_key->grp, &ec_key->Q, - pub, pub_len)) == 0) { - ret = mbedtls_ecp_check_pubkey(&ec_key->grp, &ec_key->Q); + ret = mbedtls_ecp_point_read_binary(&ec_key->grp, &ec_key->Q, pub, pub_len); + if (ret != 0) { + return ret; } + return mbedtls_ecp_check_pubkey(&ec_key->grp, &ec_key->Q); + #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ - return ret; } /*********************************************************************** From fac9819edcbc4b647dc44b99909972cac066970c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 27 Jul 2023 09:19:42 +0200 Subject: [PATCH 0285/1674] Fix and document return of pk_ecc_set_pubkey() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit One of the calling site needs to distinguish between "the format is potentially valid but not supported" vs "other errors", and it uses MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE for that. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/library/pkparse.c b/library/pkparse.c index e8678ed34..d12984fb0 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -238,13 +238,19 @@ static int pk_ecc_set_pubkey_from_prv(mbedtls_pk_context *pk, * out: will have the public key set. * [in] pub, pub_len: the public key as an ECPoint, * in any format supported by ECP. + * + * Return: + * - 0 on success; + * - MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the format is potentially valid + * but not supported; + * - another error code otherwise. */ static int pk_ecc_set_pubkey_psa_ecp_fallback(mbedtls_pk_context *pk, const unsigned char *pub, size_t pub_len) { #if !defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ mbedtls_ecp_keypair ecp_key; mbedtls_ecp_group_id ecp_group_id; @@ -280,6 +286,12 @@ exit: * [in/out] pk: in: must have its group set, see pk_ecc_set_group(). * out: will have the public key set. * [in] pub, pub_len: the raw public key (an ECPoint). + * + * Return: + * - 0 on success; + * - MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the format is potentially valid + * but not supported; + * - another error code otherwise. */ static int pk_ecc_set_pubkey(mbedtls_pk_context *pk, const unsigned char *pub, size_t pub_len) From 12ea63a5f7b96b2169331a40221b0f5779111201 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 27 Jul 2023 12:20:16 +0200 Subject: [PATCH 0286/1674] Abstract away MBEDTLS_PK_PARSE_EC_EXTENDED MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 69 +++++++++++++++++++++++++++++++++++------------ 1 file changed, 52 insertions(+), 17 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index d12984fb0..9d87a7150 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -345,15 +345,51 @@ static int pk_ecc_set_pubkey(mbedtls_pk_context *pk, /*********************************************************************** * - * Unsorted (yet!) from this point on until the next section header + * Low-level ECC parsing: optional support for SpecifiedECDomain + * + * There are two functions here that are used by the rest of the code: + * - pk_ecc_tag_may_be_speficied_ec_domain() + * - pk_ecc_group_id_from_specified() + * + * All the other functions are internal to this section. + * + * The two "public" functions have a dummy variant provided + * in configs without MBEDTLS_PK_PARSE_EC_EXTENDED. This acts as an + * abstraction layer for this macro, which should not appear outside + * this section. * **********************************************************************/ -#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) +#if !defined(MBEDTLS_PK_PARSE_EC_EXTENDED) +/* See the "real" version for documentation */ +static int pk_ecc_tag_may_be_specified_ec_domain(int tag) +{ + (void) tag; + return 0; +} + +/* See the "real" version for documentation */ +static int pk_ecc_group_id_from_specified(const mbedtls_asn1_buf *params, + mbedtls_ecp_group_id *grp_id) +{ + (void) params; + (void) grp_id; + return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; +} +#else /* MBEDTLS_PK_PARSE_EC_EXTENDED */ +/* + * Tell if the passed tag might be the start of SpecifiedECDomain + * (that is, a sequence). + */ +static int pk_ecc_tag_may_be_specified_ec_domain(int tag) +{ + return tag == (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); +} + /* * Parse a SpecifiedECDomain (SEC 1 C.2) and (mostly) fill the group with it. * WARNING: the resulting group should only be used with - * pk_group_id_from_specified(), since its base point may not be set correctly + * pk_ecc_group_id_from_specified(), since its base point may not be set correctly * if it was encoded compressed. * * SpecifiedECDomain ::= SEQUENCE { @@ -562,8 +598,8 @@ cleanup: /* * Parse a SpecifiedECDomain (SEC 1 C.2) and find the associated group ID */ -static int pk_group_id_from_specified(const mbedtls_asn1_buf *params, - mbedtls_ecp_group_id *grp_id) +static int pk_ecc_group_id_from_specified(const mbedtls_asn1_buf *params, + mbedtls_ecp_group_id *grp_id) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group grp; @@ -578,7 +614,7 @@ static int pk_group_id_from_specified(const mbedtls_asn1_buf *params, cleanup: /* The API respecting lifecycle for mbedtls_ecp_group struct is - * _init(), _load() and _free(). In pk_group_id_from_specified() the + * _init(), _load() and _free(). In pk_ecc_group_id_from_specified() the * temporary grp breaks that flow and it's members are populated * by pk_group_id_from_group(). As such mbedtls_ecp_group_free() * which is assuming a group populated by _setup() may not clean-up @@ -594,6 +630,11 @@ cleanup: } #endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ +/*********************************************************************** + * + * Unsorted (yet!) from this point on until the next section header + * + **********************************************************************/ /* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf * @@ -613,13 +654,10 @@ static int pk_get_ecparams(unsigned char **p, const unsigned char *end, MBEDTLS_ERR_ASN1_OUT_OF_DATA); } - /* Tag may be either OID or SEQUENCE */ + /* Acceptable tags: OID for namedCurve, or specifiedECDomain */ params->tag = **p; - if (params->tag != MBEDTLS_ASN1_OID -#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) - && params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) -#endif - ) { + if (params->tag != MBEDTLS_ASN1_OID && + !pk_ecc_tag_may_be_specified_ec_domain(params->tag)) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } @@ -657,13 +695,10 @@ static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_pk_context *p return MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE; } } else { -#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) - if ((ret = pk_group_id_from_specified(params, &grp_id)) != 0) { + ret = pk_ecc_group_id_from_specified(params, &grp_id); + if (ret != 0) { return ret; } -#else - return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; -#endif } return pk_ecc_set_group(pk, grp_id); From 53d3e40a21c9c56a053c25ec8fe801ccb796a18e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 1 Aug 2023 11:19:24 +0200 Subject: [PATCH 0287/1674] Fix unused warnings in dummy definition MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/pkparse.c b/library/pkparse.c index 9d87a7150..ffa91d30d 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -250,6 +250,9 @@ static int pk_ecc_set_pubkey_psa_ecp_fallback(mbedtls_pk_context *pk, size_t pub_len) { #if !defined(MBEDTLS_PK_PARSE_EC_COMPRESSED) + (void) pk; + (void) pub; + (void) pub_len; return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; #else /* MBEDTLS_PK_PARSE_EC_COMPRESSED */ mbedtls_ecp_keypair ecp_key; From 564bc1bb960cd4d67a3d58488fff53565cf74ef2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 2 Aug 2023 12:05:16 +0200 Subject: [PATCH 0288/1674] Fix limitation in checking supported alg in pk_sign MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The recent changes in pkparse made it so ECDSA (deterministic or not) is set as the secondary alg and ECDH the first one. This broke the wrapper in pk_wrap as it was only checking the first alg when deciding whether to use deterministic or not. The wrapper should not have unnecessary requirements on how algs are set up, so make the check more flexible. Signed-off-by: Manuel Pégourié-Gonnard --- library/pk_wrap.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 53e11d5cb..2c6783674 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -976,16 +976,17 @@ static int ecdsa_sign_psa(mbedtls_svc_key_id_t key_id, mbedtls_md_type_t md_alg, psa_status_t status; psa_algorithm_t psa_sig_md; psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg; + psa_algorithm_t alg, alg2; status = psa_get_key_attributes(key_id, &key_attr); if (status != PSA_SUCCESS) { return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status); } alg = psa_get_key_algorithm(&key_attr); + alg2 = psa_get_key_enrollment_algorithm(&key_attr); psa_reset_key_attributes(&key_attr); - if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)) { + if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) || PSA_ALG_IS_DETERMINISTIC_ECDSA(alg2)) { psa_sig_md = PSA_ALG_DETERMINISTIC_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)); } else { psa_sig_md = PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)); From 94cf1f82ad73ea2dcf68367d9daf18a13e3b3db5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 2 Aug 2023 12:09:24 +0200 Subject: [PATCH 0289/1674] Fix a typo in a comment MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pkparse.c b/library/pkparse.c index ffa91d30d..bb6db0824 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -156,7 +156,7 @@ static int pk_ecc_set_key(mbedtls_pk_context *pk, * Note: the private key information is always available from pk, * however for convenience the serialized version is also passed, * as it's available at each calling site, and useful in some configs - * (as otherwise we're have to re-serialize it from the pk context). + * (as otherwise we would have to re-serialize it from the pk context). * * There are three implementations of this function: * 1. MBEDTLS_PK_USE_PSA_EC_DATA, From 842ffc5085a12998407de61d465c3d2fbb910e04 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 2 Aug 2023 12:10:51 +0200 Subject: [PATCH 0290/1674] Make code more robust MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Using return here is only correct if we know that group_load() is atomic (either succeeds, or allocates no ressources). I'm not sure it is, and even if it were, goto exit is more obviously correct, so let's use that. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pkparse.c b/library/pkparse.c index bb6db0824..b0eef95a3 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -264,7 +264,7 @@ static int pk_ecc_set_pubkey_psa_ecp_fallback(mbedtls_pk_context *pk, mbedtls_ecp_keypair_init(&ecp_key); ret = mbedtls_ecp_group_load(&(ecp_key.grp), ecp_group_id); if (ret != 0) { - return ret; + goto exit; } ret = mbedtls_ecp_point_read_binary(&(ecp_key.grp), &ecp_key.Q, pub, pub_len); From f1b7633443ef3c4709e594817fd7e57645404472 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 2 Aug 2023 12:14:19 +0200 Subject: [PATCH 0291/1674] Use clearer function name MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit I went for "may be" as I was thinking just checking the tag technically does not guarantee that what follows is correct, but I was wrong: according to ASN.1, when there are variants, the tag does distinguish unambiguously between variants, so we can be more positive here. (Whether the thing inside that variant is correct is a different question.) As a welcome side effect, this makes the name more standard hence more readable. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index b0eef95a3..820c8d1cf 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -351,7 +351,7 @@ static int pk_ecc_set_pubkey(mbedtls_pk_context *pk, * Low-level ECC parsing: optional support for SpecifiedECDomain * * There are two functions here that are used by the rest of the code: - * - pk_ecc_tag_may_be_speficied_ec_domain() + * - pk_ecc_tag_is_speficied_ec_domain() * - pk_ecc_group_id_from_specified() * * All the other functions are internal to this section. @@ -365,7 +365,7 @@ static int pk_ecc_set_pubkey(mbedtls_pk_context *pk, #if !defined(MBEDTLS_PK_PARSE_EC_EXTENDED) /* See the "real" version for documentation */ -static int pk_ecc_tag_may_be_specified_ec_domain(int tag) +static int pk_ecc_tag_is_specified_ec_domain(int tag) { (void) tag; return 0; @@ -384,7 +384,7 @@ static int pk_ecc_group_id_from_specified(const mbedtls_asn1_buf *params, * Tell if the passed tag might be the start of SpecifiedECDomain * (that is, a sequence). */ -static int pk_ecc_tag_may_be_specified_ec_domain(int tag) +static int pk_ecc_tag_is_specified_ec_domain(int tag) { return tag == (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); } @@ -660,7 +660,7 @@ static int pk_get_ecparams(unsigned char **p, const unsigned char *end, /* Acceptable tags: OID for namedCurve, or specifiedECDomain */ params->tag = **p; if (params->tag != MBEDTLS_ASN1_OID && - !pk_ecc_tag_may_be_specified_ec_domain(params->tag)) { + !pk_ecc_tag_is_specified_ec_domain(params->tag)) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } From 52e9548c227d659fb889d3a73657244608cf8d82 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 3 Aug 2023 10:22:41 +0200 Subject: [PATCH 0292/1674] Fix check for format supported by PSA MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit For non-Weierstrass curves there's only one format and it's supported. Signed-off-by: Manuel Pégourié-Gonnard --- library/pkparse.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 820c8d1cf..b4299518f 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -302,8 +302,10 @@ static int pk_ecc_set_pubkey(mbedtls_pk_context *pk, #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) /* Load the key */ - if (*pub == 0x04) { - /* Uncompressed format, directly supported by PSA */ + if (!PSA_ECC_FAMILY_IS_WEIERSTRASS(pk->ec_family) || *pub == 0x04) { + /* Format directly supported by PSA: + * - non-Weierstrass curves that only have one format; + * - uncompressed format for Weierstrass curves. */ if (pub_len > sizeof(pk->pub_raw)) { return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; } From 05216335596a21e0986a6c617f989ee2f1c4a0e8 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 11:22:21 +0200 Subject: [PATCH 0293/1674] cipher: fix guards in mbedtls_cipher_auth_[encrypt/decrypt]_ext() Signed-off-by: Valerio Setti --- library/cipher.c | 8 ++++---- tests/suites/test_suite_cipher.function | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index 7009c19b4..c5d82cb9c 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1607,7 +1607,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) /* AEAD case: check length before passing on to shared function */ if (output_len < ilen + tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1620,7 +1620,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, return ret; #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ } /* @@ -1658,7 +1658,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) /* AEAD case: check length before passing on to shared function */ if (ilen < tag_len || output_len < ilen - tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1669,7 +1669,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, input + ilen - tag_len, tag_len); #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_HAVE_SOME_AEAD */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ } #endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY || MBEDTLS_NIST_KW_C */ diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index da43fda19..9679e019d 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -85,7 +85,7 @@ exit: return 0; } -#if defined(MBEDTLS_CIPHER_AUTH_CRYPT) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) /* Helper for resetting key/direction * * The documentation doesn't explicitly say whether calling @@ -842,7 +842,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_AUTH_CRYPT */ +/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv, data_t *ad, data_t *cipher, data_t *tag, char *result, data_t *clear, int use_psa) From d35b188a5cf0e9e706129a8a04bebbfd3047d3c3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 16 Oct 2023 10:25:30 +0100 Subject: [PATCH 0294/1674] Make component_build_aes_aesce_armcc silent Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 91ed1a566..8adf3f485 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4340,13 +4340,18 @@ component_build_aes_aesce_armcc () { } support_build_sha_armce() { - # clang >= 4 is required to build with SHA extensions - clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" + if ( $(which clang > /dev/null) ); then + # clang >= 4 is required to build with SHA extensions + clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" - # we need asm/hwcap.h available for runtime detection - echo '#include ' | clang -E - >/dev/null 2>&1 && have_hwcap=1 || have_hwcap=0 + # we need asm/hwcap.h available for runtime detection + echo '#include ' | clang -E - >/dev/null 2>&1 && have_hwcap=1 || have_hwcap=0 - [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 1 ]] + [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 1 ]] + else + # clang not available + false + fi } component_build_sha_armce () { From 596ef6c0b1031f518e85f2d1a102eba570d8c0de Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 11:26:08 +0200 Subject: [PATCH 0295/1674] cipher: reset MBEDTLS_CIPHER_HAVE_AEAD_LEGACY to previous naming Signed-off-by: Valerio Setti --- include/mbedtls/cipher.h | 6 +++--- library/cipher.c | 16 ++++++++-------- tests/suites/test_suite_cipher.function | 4 ++-- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index e13bee6a0..3a98976d5 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -34,7 +34,7 @@ #include "mbedtls/platform_util.h" #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) -#define MBEDTLS_CIPHER_HAVE_AEAD_LEGACY +#define MBEDTLS_CIPHER_HAVE_AEAD #endif #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -1080,7 +1080,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen); -#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD) || defined(MBEDTLS_NIST_KW_C) /** * \brief The authenticated encryption (AEAD/NIST_KW) function. * @@ -1187,7 +1187,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t output_len, size_t *olen, size_t tag_len); -#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD || MBEDTLS_NIST_KW_C */ #ifdef __cplusplus } #endif diff --git a/library/cipher.c b/library/cipher.c index c5d82cb9c..97dd0e95a 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1390,7 +1390,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, return 0; } -#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD) /* * Packet-oriented encryption for AEAD modes: internal function used by * mbedtls_cipher_auth_encrypt_ext(). @@ -1569,9 +1569,9 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD */ -#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD) || defined(MBEDTLS_NIST_KW_C) /* * Packet-oriented encryption for AEAD/NIST_KW: public function. */ @@ -1607,7 +1607,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD) /* AEAD case: check length before passing on to shared function */ if (output_len < ilen + tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1620,7 +1620,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, return ret; #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD */ } /* @@ -1658,7 +1658,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD) /* AEAD case: check length before passing on to shared function */ if (ilen < tag_len || output_len < ilen - tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1669,8 +1669,8 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, input + ilen - tag_len, tag_len); #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD */ } -#endif /* MBEDTLS_CIPHER_HAVE_AEAD_LEGACY || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_HAVE_AEAD || MBEDTLS_NIST_KW_C */ #endif /* MBEDTLS_CIPHER_C */ diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 9679e019d..3403af0b1 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -85,7 +85,7 @@ exit: return 0; } -#if defined(MBEDTLS_CIPHER_HAVE_AEAD_LEGACY) +#if defined(MBEDTLS_CIPHER_HAVE_AEAD) /* Helper for resetting key/direction * * The documentation doesn't explicitly say whether calling @@ -842,7 +842,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_HAVE_AEAD_LEGACY */ +/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_HAVE_AEAD */ void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv, data_t *ad, data_t *cipher, data_t *tag, char *result, data_t *clear, int use_psa) From dcee98730b544e77321ea0a73c42f46385abe614 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 11:35:57 +0200 Subject: [PATCH 0296/1674] cipher_wrap: add VIA_LEGACY_OR_USE_PSA to new internal symbols Signed-off-by: Valerio Setti --- library/cipher_wrap.c | 34 ++++++++++++------------- library/cipher_wrap.h | 20 ++++++++------- tests/suites/test_suite_cipher.function | 2 +- 3 files changed, 29 insertions(+), 27 deletions(-) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 63b725fb7..4e1e996c6 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -80,7 +80,7 @@ enum mbedtls_cipher_base_index { #if defined(MBEDTLS_CAMELLIA_C) MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA, #endif -#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA) MBEDTLS_CIPHER_BASE_INDEX_CCM_AES, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) @@ -104,7 +104,7 @@ enum mbedtls_cipher_base_index { #if defined(MBEDTLS_DES_C) MBEDTLS_CIPHER_BASE_INDEX_DES, #endif -#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA) MBEDTLS_CIPHER_BASE_INDEX_GCM_AES, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) @@ -578,7 +578,7 @@ static int gcm_aes_setkey_wrap(void *ctx, const unsigned char *key, } #endif /* MBEDTLS_GCM_C */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_base_t gcm_aes_info = { MBEDTLS_CIPHER_ID_AES, NULL, @@ -612,9 +612,9 @@ static const mbedtls_cipher_base_t gcm_aes_info = { NULL, #endif /* MBEDTLS_GCM_C */ }; -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_info_t aes_128_gcm_info = { "AES-128-GCM", 16, @@ -649,7 +649,7 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = { MBEDTLS_CIPHER_BASE_INDEX_GCM_AES }; #endif -#endif /* MBEDTLS_CIPHER_HAVE_GCM */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA */ #if defined(MBEDTLS_CCM_C) static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, @@ -660,7 +660,7 @@ static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, } #endif /* MBEDTLS_CCM_C */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_base_t ccm_aes_info = { MBEDTLS_CIPHER_ID_AES, NULL, @@ -694,9 +694,9 @@ static const mbedtls_cipher_base_t ccm_aes_info = { NULL, #endif }; -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_info_t aes_128_ccm_info = { "AES-128-CCM", 16, @@ -731,9 +731,9 @@ static const mbedtls_cipher_info_t aes_256_ccm_info = { MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif -#endif /* MBEDTLS_CIPHER_HAVE_CCM */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { "AES-128-CCM*-NO-TAG", 16, @@ -768,7 +768,7 @@ static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif -#endif /* MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_VIA_LEGACY_OR_USE_PSA */ #endif /* MBEDTLS_AES_C */ @@ -2269,21 +2269,21 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = { MBEDTLS_CIPHER_AES_256_XTS, &aes_256_xts_info }, #endif #endif -#if defined(MBEDTLS_CIPHER_HAVE_GCM) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA) { MBEDTLS_CIPHER_AES_128_GCM, &aes_128_gcm_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_GCM, &aes_192_gcm_info }, { MBEDTLS_CIPHER_AES_256_GCM, &aes_256_gcm_info }, #endif #endif -#if defined(MBEDTLS_CIPHER_HAVE_CCM) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA) { MBEDTLS_CIPHER_AES_128_CCM, &aes_128_ccm_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM, &aes_192_ccm_info }, { MBEDTLS_CIPHER_AES_256_CCM, &aes_256_ccm_info }, #endif #endif -#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_VIA_LEGACY_OR_USE_PSA) { MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, &aes_128_ccm_star_no_tag_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, &aes_192_ccm_star_no_tag_info }, @@ -2413,7 +2413,7 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #if defined(MBEDTLS_CAMELLIA_C) [MBEDTLS_CIPHER_BASE_INDEX_CAMELLIA] = &camellia_info, #endif -#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA) [MBEDTLS_CIPHER_BASE_INDEX_CCM_AES] = &ccm_aes_info, #endif #if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_ARIA_C) @@ -2437,7 +2437,7 @@ const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[] = { #if defined(MBEDTLS_DES_C) [MBEDTLS_CIPHER_BASE_INDEX_DES] = &des_info, #endif -#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA) [MBEDTLS_CIPHER_BASE_INDEX_GCM_AES] = &gcm_aes_info, #endif #if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_ARIA_C) diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h index 53cf12ff4..c1915bce9 100644 --- a/library/cipher_wrap.h +++ b/library/cipher_wrap.h @@ -39,37 +39,39 @@ extern "C" { /* Support for GCM either through Mbed TLS SW implementation or PSA */ #if defined(MBEDTLS_GCM_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) -#define MBEDTLS_CIPHER_HAVE_GCM +#define MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA #endif #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C)) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_KEY_TYPE_AES)) -#define MBEDTLS_CIPHER_HAVE_GCM_AES +#define MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA #endif #if defined(MBEDTLS_CCM_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM)) -#define MBEDTLS_CIPHER_HAVE_CCM +#define MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA #endif #if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM) && defined(PSA_WANT_KEY_TYPE_AES)) -#define MBEDTLS_CIPHER_HAVE_CCM_AES +#define MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA #endif #if defined(MBEDTLS_CCM_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG)) -#define MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG +#define MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_VIA_LEGACY_OR_USE_PSA #endif #if defined(MBEDTLS_CHACHAPOLY_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) -#define MBEDTLS_CIPHER_HAVE_CHACHAPOLY +#define MBEDTLS_CIPHER_HAVE_CHACHAPOLY_VIA_LEGACY_OR_USE_PSA #endif -#if defined(MBEDTLS_CIPHER_HAVE_GCM) || defined(MBEDTLS_CIPHER_HAVE_CCM) || \ - defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG) || defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY) -#define MBEDTLS_CIPHER_HAVE_SOME_AEAD +#if defined(MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA) || \ + defined(MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA) || \ + defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_VIA_LEGACY_OR_USE_PSA) || \ + defined(MBEDTLS_CIPHER_HAVE_CHACHAPOLY_VIA_LEGACY_OR_USE_PSA) +#define MBEDTLS_CIPHER_HAVE_SOME_AEAD_VIA_LEGACY_OR_USE_PSA #endif /** diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 3403af0b1..6fd94ce22 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -6,7 +6,7 @@ #include "mbedtls/gcm.h" #endif -#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_HAVE_SOME_AEAD_VIA_LEGACY_OR_USE_PSA) || defined(MBEDTLS_NIST_KW_C) #define MBEDTLS_CIPHER_AUTH_CRYPT #endif From f2ea08ae5039e30fba8289ea26a0d04f432852c0 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 16 Oct 2023 11:37:28 +0100 Subject: [PATCH 0297/1674] Improve test for clang presence Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8adf3f485..28767eb3f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4340,7 +4340,7 @@ component_build_aes_aesce_armcc () { } support_build_sha_armce() { - if ( $(which clang > /dev/null) ); then + if command -v clang > /dev/null ; then # clang >= 4 is required to build with SHA extensions clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" From 74cb404b0d779fe04b80a482c4562b9b41e9ee27 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 13:40:50 +0200 Subject: [PATCH 0298/1674] ssl: improve ssl_check_key_curve() Signed-off-by: Valerio Setti --- library/ssl_tls12_server.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 4433e8b4a..6f5472416 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -676,11 +676,7 @@ static int ssl_check_key_curve(mbedtls_pk_context *pk, uint16_t *curves_tls_id) { uint16_t *curr_tls_id = curves_tls_id; -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa(pk->ec_family, pk->ec_bits, 0); -#else - mbedtls_ecp_group_id grp_id = mbedtls_pk_ec_ro(*pk)->grp.id; -#endif + mbedtls_ecp_group_id grp_id = mbedtls_pk_get_group_id(pk); mbedtls_ecp_group_id curr_grp_id; while (*curr_tls_id != 0) { From b0c618e147554e672b6c3f438127e1163157e807 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 14:19:49 +0200 Subject: [PATCH 0299/1674] analyze_outcomes: minor improvements Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 49445a473..105a4aaed 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -27,7 +27,7 @@ class TestLog: self.output = self.output + (fmt + '\n').format(*args, **kwargs) def info(self, fmt, *args, **kwargs): - self.add_line(fmt, *args, **kwargs) + self.add_line('Info: ' + fmt, *args, **kwargs) def error(self, fmt, *args, **kwargs): self.info('Error: ' + fmt, *args, **kwargs) @@ -176,6 +176,9 @@ def do_analyze_driver_vs_reference(outcome_file, args): """Perform driver vs reference analyze.""" log = TestLog() + log.info("\n*** Analyze driver {} vs reference {} ***\n".format( + args['component_driver'], args['component_ref'])) + log = execute_reference_driver_tests(log, args['component_ref'], \ args['component_driver'], outcome_file) if log.error_count != 0: @@ -185,8 +188,6 @@ def do_analyze_driver_vs_reference(outcome_file, args): outcomes = read_outcome_file(outcome_file) - log.info("\n*** Analyze driver {} vs reference {} ***\n".format( - args['component_driver'], args['component_ref'])) log = analyze_driver_vs_reference(log, outcomes, args['component_ref'], args['component_driver'], ignored_suites, args['ignored_tests']) From 9fc1f24331c364398394db39a0e76baa8f200272 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 14:39:38 +0200 Subject: [PATCH 0300/1674] md: restore md.h includes in source files directly using its elements Signed-off-by: Valerio Setti --- include/mbedtls/oid.h | 1 + include/mbedtls/ssl.h | 1 + include/mbedtls/ssl_ciphersuites.h | 1 + library/x509write_crt.c | 1 + tests/suites/test_suite_entropy.function | 1 + tests/suites/test_suite_md.function | 1 + tests/suites/test_suite_pkcs1_v15.function | 1 + 7 files changed, 7 insertions(+) diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 8ab7f7f94..954507229 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -34,6 +34,7 @@ #include "mbedtls/cipher.h" #endif +#include "mbedtls/md.h" /** OID is not found. */ #define MBEDTLS_ERR_OID_NOT_FOUND -0x002E diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b69e3150f..debb1cc2c 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -40,6 +40,7 @@ #include "mbedtls/dhm.h" #endif +#include "mbedtls/md.h" #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) #include "mbedtls/ecdh.h" diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 07791e541..07f2facef 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -27,6 +27,7 @@ #include "mbedtls/pk.h" #include "mbedtls/cipher.h" +#include "mbedtls/md.h" #ifdef __cplusplus extern "C" { diff --git a/library/x509write_crt.c b/library/x509write_crt.c index c0657a827..a8a3022cb 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -33,6 +33,7 @@ #include "mbedtls/oid.h" #include "mbedtls/platform.h" #include "mbedtls/platform_util.h" +#include "mbedtls/md.h" #include #include diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index 7c7e43f17..0e013b740 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -1,6 +1,7 @@ /* BEGIN_HEADER */ #include "mbedtls/entropy.h" #include "entropy_poll.h" +#include "mbedtls/md.h" #include "string.h" typedef enum { diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 71dcb8765..866ff588f 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -1,4 +1,5 @@ /* BEGIN_HEADER */ +#include "mbedtls/md.h" #include "md_psa.h" #include "mbedtls/oid.h" diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 716ae4453..711327455 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -1,5 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/rsa.h" +#include "mbedtls/md.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES From f3803a1f715245f36226abdd4b398bdb92fbdc85 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 16 Oct 2023 13:47:15 +0100 Subject: [PATCH 0301/1674] Cleanup validation interface Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7b801a3ec..f07de88f1 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3926,7 +3926,7 @@ component_build_tfm() { # The validator function is the name of a function to validate the combination of options. # It may be "" if all combinations are valid. # It receives a string containing a combination of options, as passed to the compiler, -# e.g. "-DOPT1 -DOPT2 ...". It must echo something iff the combination is invalid. +# e.g. "-DOPT1 -DOPT2 ...". It must return 0 iff the combination is valid, non-zero if invalid. build_test_config_combos() { file=$1 shift @@ -3975,7 +3975,7 @@ build_test_config_combos() { done # if combination is not known to be invalid, add it to the makefile - if [[ -z $validate_options ]] || [[ $($validate_options "${clang_args}") == "" ]] ; then + if [[ -z $validate_options ]] || $validate_options "${clang_args}"; then cmd="${compile_cmd} ${clang_args}" echo "${target}: ${source_file}; $cmd ${source_file}" >> ${makefile} @@ -3997,11 +3997,11 @@ build_test_config_combos() { validate_aes_config_variations() { if [[ "$1" == *"MBEDTLS_AES_USE_HARDWARE_ONLY"* ]]; then if [[ "$1" == *"MBEDTLS_PADLOCK_C"* ]]; then - echo INVALID + false fi if [[ !(("$HOSTTYPE" == "aarch64" && "$1" != *"MBEDTLS_AESCE_C"*) || \ ("$HOSTTYPE" == "x86_64" && "$1" != *"MBEDTLS_AESNI_C"*)) ]]; then - echo INVALID + false fi fi } From 41bc798d7cb258871ab13f3122b5971a4ce64be6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 16 Oct 2023 14:04:21 +0100 Subject: [PATCH 0302/1674] Tidy-up Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f07de88f1..7493c9734 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3997,13 +3997,14 @@ build_test_config_combos() { validate_aes_config_variations() { if [[ "$1" == *"MBEDTLS_AES_USE_HARDWARE_ONLY"* ]]; then if [[ "$1" == *"MBEDTLS_PADLOCK_C"* ]]; then - false + return 1 fi if [[ !(("$HOSTTYPE" == "aarch64" && "$1" != *"MBEDTLS_AESCE_C"*) || \ ("$HOSTTYPE" == "x86_64" && "$1" != *"MBEDTLS_AESNI_C"*)) ]]; then - false + return 1 fi fi + return 0 } component_build_aes_variations() { From 5329ff06b9456fecb7cbe42021177da14999c4c3 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 09:44:36 +0200 Subject: [PATCH 0303/1674] analyze_outcomes: print task list directly to stdout Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 105a4aaed..f1680adc9 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -679,8 +679,7 @@ def main(): if options.list: for task in KNOWN_TASKS: - main_log.info(task) - main_log.print_output() + print(task) sys.exit(0) if options.specified_tasks == 'all': From 6d429216339adf27c6404b78d67c4b674c75319e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 17 Oct 2023 10:01:33 +0200 Subject: [PATCH 0304/1674] Require at least on curve for ECP_LIGHT MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ECP_LIGHT is not usable without any curve, just the same as ECP_C. We forgot to update this check when introducing the ECP_LIGHT subset. Note: the message doesn't mention ECP_LIGHT as that's not a public config knob, hence the message with "ECP_C or a subset" (that's how it's referred to in user-facing documentation such as docs/driver-only-builds.md). Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/check_config.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index e18e9a5fc..cdc2be171 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -231,7 +231,7 @@ #error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites" #endif -#if defined(MBEDTLS_ECP_C) && ( !defined(MBEDTLS_BIGNUM_C) || ( \ +#if defined(MBEDTLS_ECP_LIGHT) && ( !defined(MBEDTLS_BIGNUM_C) || ( \ !defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \ @@ -245,7 +245,7 @@ !defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && \ !defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) ) ) -#error "MBEDTLS_ECP_C defined, but not all prerequisites" +#error "MBEDTLS_ECP_C defined (or a subset enabled), but not all prerequisites" #endif #if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_ASN1_PARSE_C) From 745ec5d75ebdebdc7f2c913d2e45d7d2e918e06e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 17 Oct 2023 10:13:45 +0200 Subject: [PATCH 0305/1674] Fix static initializer warning MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In a hypothetical build with no curves, or in the future when we add a new curve type and possibly forget updating this function with a new block for the new type, we write to `ret` at the beginning or the function then immediately overwrite it with MPI_CHK(check_privkey), which static analyzers understandably find questionable. Use `ret` here and check the key only if it was actually set. Signed-off-by: Manuel Pégourié-Gonnard --- library/ecp.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/ecp.c b/library/ecp.c index 5f2a7b0c0..dfa095782 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3288,7 +3288,10 @@ int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&key->d, buf, buflen)); } #endif - MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(&key->grp, &key->d)); + + if (ret == 0) { + MBEDTLS_MPI_CHK(mbedtls_ecp_check_privkey(&key->grp, &key->d)); + } cleanup: From fb2750e98e1f68e61a04b54ad6821bee89ee54a9 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 10:11:45 +0200 Subject: [PATCH 0306/1674] analyze_outcomes: exit immediately in case of invalid task Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index f1680adc9..28c55125c 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -688,24 +688,24 @@ def main(): tasks_list = re.split(r'[, ]+', options.specified_tasks) for task in tasks_list: if task not in KNOWN_TASKS: - main_log.error('invalid task: {}'.format(task)) + sys.stderr.write('invalid task: {}'.format(task)) + sys.exit(2) KNOWN_TASKS['analyze_coverage']['args']['full_coverage'] = options.full_coverage all_succeeded = True - for task in KNOWN_TASKS: - if task in tasks_list: - test_function = KNOWN_TASKS[task]['test_function'] - test_args = KNOWN_TASKS[task]['args'] - test_log = test_function(options.outcomes, test_args) - # Merge the output of this task with the main one - main_log.output = main_log.output + test_log.output - main_log.info("Task {} completed with:\n".format(task) + \ - "{} warnings\n".format(test_log.warning_count) + \ - "{} errors\n".format(test_log.error_count)) - if test_log.error_count != 0: - all_succeeded = False + for task in tasks_list: + test_function = KNOWN_TASKS[task]['test_function'] + test_args = KNOWN_TASKS[task]['args'] + test_log = test_function(options.outcomes, test_args) + # Merge the output of this task with the main one + main_log.output = main_log.output + test_log.output + main_log.info("Task {} completed with:\n".format(task) + \ + "{} warnings\n".format(test_log.warning_count) + \ + "{} errors\n".format(test_log.error_count)) + if test_log.error_count != 0: + all_succeeded = False main_log.print_output() sys.exit(0 if all_succeeded else 1) From 3f339897628ebd9ee37320042099aa255a83823a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 10:42:11 +0200 Subject: [PATCH 0307/1674] analyze_outcomes: use a single TestLog instance and do not delay output Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 41 +++++++++++-------------------- 1 file changed, 14 insertions(+), 27 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 28c55125c..8ddbf6c1e 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -21,24 +21,21 @@ class TestLog: def __init__(self): self.error_count = 0 self.warning_count = 0 - self.output = "" - - def add_line(self, fmt, *args, **kwargs): - self.output = self.output + (fmt + '\n').format(*args, **kwargs) def info(self, fmt, *args, **kwargs): - self.add_line('Info: ' + fmt, *args, **kwargs) + self.print_line('Info: ' + fmt, *args, **kwargs) def error(self, fmt, *args, **kwargs): - self.info('Error: ' + fmt, *args, **kwargs) self.error_count += 1 + self.print_line('Error: ' + fmt, *args, **kwargs) def warning(self, fmt, *args, **kwargs): - self.info('Warning: ' + fmt, *args, **kwargs) self.warning_count += 1 + self.print_line('Warning: ' + fmt, *args, **kwargs) - def print_output(self): - sys.stderr.write(self.output) + @staticmethod + def print_line(fmt, *args, **kwargs): + sys.stderr.write(fmt, *args, **kwargs) class TestCaseOutcomes: """The outcomes of one test case across many configurations.""" @@ -164,25 +161,20 @@ by a semicolon. outcomes[key].failures.append(setup) return outcomes -def do_analyze_coverage(outcome_file, args): +def do_analyze_coverage(log: TestLog, outcome_file, args) -> TestLog: """Perform coverage analysis.""" - log = TestLog() log.info("\n*** Analyze coverage ***\n") outcomes = read_outcome_file(outcome_file) log = analyze_outcomes(log, outcomes, args) return log -def do_analyze_driver_vs_reference(outcome_file, args): +def do_analyze_driver_vs_reference(log: TestLog, outcome_file, args) -> TestLog: """Perform driver vs reference analyze.""" - log = TestLog() - log.info("\n*** Analyze driver {} vs reference {} ***\n".format( args['component_driver'], args['component_ref'])) log = execute_reference_driver_tests(log, args['component_ref'], \ args['component_driver'], outcome_file) - if log.error_count != 0: - return log ignored_suites = ['test_suite_' + x for x in args['ignored_suites']] @@ -693,22 +685,17 @@ def main(): KNOWN_TASKS['analyze_coverage']['args']['full_coverage'] = options.full_coverage - all_succeeded = True - for task in tasks_list: test_function = KNOWN_TASKS[task]['test_function'] test_args = KNOWN_TASKS[task]['args'] - test_log = test_function(options.outcomes, test_args) - # Merge the output of this task with the main one - main_log.output = main_log.output + test_log.output - main_log.info("Task {} completed with:\n".format(task) + \ - "{} warnings\n".format(test_log.warning_count) + \ - "{} errors\n".format(test_log.error_count)) - if test_log.error_count != 0: - all_succeeded = False + main_log = test_function(main_log, options.outcomes, test_args) + + main_log.info("Overall results:\n" + \ + "{} warnings\n".format(main_log.warning_count) + \ + "{} errors\n".format(main_log.error_count)) main_log.print_output() - sys.exit(0 if all_succeeded else 1) + sys.exit(0 if (main_log.error_count == 0) else 2) except Exception: # pylint: disable=broad-except # Print the backtrace and exit explicitly with our chosen status. From f075e47bc1ea7a02bfc5d9c44427ee4e7908a419 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 11:03:16 +0200 Subject: [PATCH 0308/1674] analyze_outcomes: reset name of TestLog to Results Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 67 +++++++++++++++---------------- 1 file changed, 33 insertions(+), 34 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 8ddbf6c1e..95f0cc697 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python3 + #!/usr/bin/env python3 """Analyze the test outcomes from a full CI run. @@ -15,7 +15,7 @@ import os import check_test_cases -class TestLog: +class Results: """Process analysis results.""" def __init__(self): @@ -56,27 +56,27 @@ class TestCaseOutcomes: """ return len(self.successes) + len(self.failures) -def execute_reference_driver_tests(log: TestLog, ref_component, driver_component, \ - outcome_file) -> TestLog: +def execute_reference_driver_tests(results: Results, ref_component, driver_component, \ + outcome_file) -> Results: """Run the tests specified in ref_component and driver_component. Results are stored in the output_file and they will be used for the following coverage analysis""" # If the outcome file already exists, we assume that the user wants to # perform the comparison analysis again without repeating the tests. if os.path.exists(outcome_file): - log.info("Outcome file (" + outcome_file + ") already exists. " + \ + results.info("Outcome file (" + outcome_file + ") already exists. " + \ "Tests will be skipped.") - return log + return results shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \ " " + ref_component + " " + driver_component - log.info("Running: " + shell_command) + results.info("Running: " + shell_command) ret_val = subprocess.run(shell_command.split(), check=False).returncode if ret_val != 0: - log.error("failed to run reference/driver components") + results.error("failed to run reference/driver components") - return log + return results def analyze_coverage(results, outcomes, allow_list, full_coverage): """Check that all available test cases are executed at least once.""" @@ -95,7 +95,7 @@ def analyze_coverage(results, outcomes, allow_list, full_coverage): else: results.warning('Allow listed test case was executed: {}', key) -def analyze_driver_vs_reference(log: TestLog, outcomes, +def analyze_driver_vs_reference(results: Results, outcomes, component_ref, component_driver, ignored_suites, ignored_test=None): """Check that all tests executed in the reference component are also @@ -130,15 +130,15 @@ def analyze_driver_vs_reference(log: TestLog, outcomes, if component_ref in entry: reference_test_passed = True if(reference_test_passed and not driver_test_passed): - log.error(key) + results.error(key) - return log + return results -def analyze_outcomes(log: TestLog, outcomes, args) -> TestLog: +def analyze_outcomes(results: Results, outcomes, args) -> Results: """Run all analyses on the given outcome collection.""" - analyze_coverage(log, outcomes, args['allow_list'], + analyze_coverage(results, outcomes, args['allow_list'], args['full_coverage']) - return log + return results def read_outcome_file(outcome_file): """Parse an outcome file and return an outcome collection. @@ -161,30 +161,30 @@ by a semicolon. outcomes[key].failures.append(setup) return outcomes -def do_analyze_coverage(log: TestLog, outcome_file, args) -> TestLog: +def do_analyze_coverage(results: Results, outcome_file, args) -> Results: """Perform coverage analysis.""" - log.info("\n*** Analyze coverage ***\n") + results.info("\n*** Analyze coverage ***\n") outcomes = read_outcome_file(outcome_file) - log = analyze_outcomes(log, outcomes, args) - return log + results = analyze_outcomes(results, outcomes, args) + return results -def do_analyze_driver_vs_reference(log: TestLog, outcome_file, args) -> TestLog: +def do_analyze_driver_vs_reference(results: Results, outcome_file, args) -> Results: """Perform driver vs reference analyze.""" - log.info("\n*** Analyze driver {} vs reference {} ***\n".format( + results.info("\n*** Analyze driver {} vs reference {} ***\n".format( args['component_driver'], args['component_ref'])) - log = execute_reference_driver_tests(log, args['component_ref'], \ + results = execute_reference_driver_tests(results, args['component_ref'], \ args['component_driver'], outcome_file) ignored_suites = ['test_suite_' + x for x in args['ignored_suites']] outcomes = read_outcome_file(outcome_file) - log = analyze_driver_vs_reference(log, outcomes, - args['component_ref'], args['component_driver'], - ignored_suites, args['ignored_tests']) + results = analyze_driver_vs_reference(results, outcomes, + args['component_ref'], args['component_driver'], + ignored_suites, args['ignored_tests']) - return log + return results # List of tasks with a function that can handle this task and additional arguments if required KNOWN_TASKS = { @@ -649,7 +649,7 @@ KNOWN_TASKS = { } def main(): - main_log = TestLog() + main_results = Results() try: parser = argparse.ArgumentParser(description=__doc__) @@ -688,14 +688,13 @@ def main(): for task in tasks_list: test_function = KNOWN_TASKS[task]['test_function'] test_args = KNOWN_TASKS[task]['args'] - main_log = test_function(main_log, options.outcomes, test_args) - - main_log.info("Overall results:\n" + \ - "{} warnings\n".format(main_log.warning_count) + \ - "{} errors\n".format(main_log.error_count)) + main_results = test_function(main_results, options.outcomes, test_args) - main_log.print_output() - sys.exit(0 if (main_log.error_count == 0) else 2) + main_results.info("Overall results:\n" + \ + "{} warnings\n".format(main_results.warning_count) + \ + "{} errors\n".format(main_results.error_count)) + + sys.exit(0 if (main_results.error_count == 0) else 2) except Exception: # pylint: disable=broad-except # Print the backtrace and exit explicitly with our chosen status. From 40314fcc75d3343ecc7cb3b8a366e89715f52a85 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 11:34:31 +0200 Subject: [PATCH 0309/1674] analyze_outcomes: fix newlines Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 95f0cc697..57f359a65 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -35,7 +35,7 @@ class Results: @staticmethod def print_line(fmt, *args, **kwargs): - sys.stderr.write(fmt, *args, **kwargs) + sys.stderr.write(fmt + '\n', *args, **kwargs) class TestCaseOutcomes: """The outcomes of one test case across many configurations.""" @@ -163,14 +163,14 @@ by a semicolon. def do_analyze_coverage(results: Results, outcome_file, args) -> Results: """Perform coverage analysis.""" - results.info("\n*** Analyze coverage ***\n") + results.info("*** Analyze coverage ***") outcomes = read_outcome_file(outcome_file) results = analyze_outcomes(results, outcomes, args) return results def do_analyze_driver_vs_reference(results: Results, outcome_file, args) -> Results: """Perform driver vs reference analyze.""" - results.info("\n*** Analyze driver {} vs reference {} ***\n".format( + results.info("*** Analyze driver {} vs reference {} ***".format( args['component_driver'], args['component_ref'])) results = execute_reference_driver_tests(results, args['component_ref'], \ @@ -690,9 +690,9 @@ def main(): test_args = KNOWN_TASKS[task]['args'] main_results = test_function(main_results, options.outcomes, test_args) - main_results.info("Overall results:\n" + \ - "{} warnings\n".format(main_results.warning_count) + \ - "{} errors\n".format(main_results.error_count)) + main_results.info("Overall results: " + \ + "{} warnings | ".format(main_results.warning_count) + \ + "{} errors".format(main_results.error_count)) sys.exit(0 if (main_results.error_count == 0) else 2) From 9a4273099c4c3cade2aeff3cfe58ba824626c679 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 11:40:42 +0200 Subject: [PATCH 0310/1674] all.sh: fix comment Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ab1007812..564e2e46a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3531,7 +3531,7 @@ component_test_psa_crypto_config_accel_cipher () { # Configure # --------- - # Start from the default config (no TLS 1.3, no USE_PSA) + # Start from the full config helper_libtestdriver1_adjust_config "full" # There is no intended accelerator support for ALG CMAC. Therefore, asking From 2f00b7a5dab28ff93b731f4972887251ab4e4882 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 11:43:34 +0200 Subject: [PATCH 0311/1674] cipher: reset MBEDTLS_CIPHER_HAVE_AEAD to MBEDTLS_CIPHER_MODE_AEAD Signed-off-by: Valerio Setti --- include/mbedtls/cipher.h | 6 +++--- library/cipher.c | 16 ++++++++-------- tests/suites/test_suite_cipher.function | 4 ++-- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 3a98976d5..9c8701d38 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -34,7 +34,7 @@ #include "mbedtls/platform_util.h" #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) -#define MBEDTLS_CIPHER_HAVE_AEAD +#define MBEDTLS_CIPHER_MODE_AEAD #endif #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -1080,7 +1080,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen); -#if defined(MBEDTLS_CIPHER_HAVE_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) /** * \brief The authenticated encryption (AEAD/NIST_KW) function. * @@ -1187,7 +1187,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t output_len, size_t *olen, size_t tag_len); -#endif /* MBEDTLS_CIPHER_HAVE_AEAD || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ #ifdef __cplusplus } #endif diff --git a/library/cipher.c b/library/cipher.c index 97dd0e95a..9f9f1075c 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1390,7 +1390,7 @@ int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, return 0; } -#if defined(MBEDTLS_CIPHER_HAVE_AEAD) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) /* * Packet-oriented encryption for AEAD modes: internal function used by * mbedtls_cipher_auth_encrypt_ext(). @@ -1569,9 +1569,9 @@ static int mbedtls_cipher_aead_decrypt(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } -#endif /* MBEDTLS_CIPHER_HAVE_AEAD */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ -#if defined(MBEDTLS_CIPHER_HAVE_AEAD) || defined(MBEDTLS_NIST_KW_C) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) /* * Packet-oriented encryption for AEAD/NIST_KW: public function. */ @@ -1607,7 +1607,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_HAVE_AEAD) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) /* AEAD case: check length before passing on to shared function */ if (output_len < ilen + tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1620,7 +1620,7 @@ int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, return ret; #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_HAVE_AEAD */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ } /* @@ -1658,7 +1658,7 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_CIPHER_HAVE_AEAD) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) /* AEAD case: check length before passing on to shared function */ if (ilen < tag_len || output_len < ilen - tag_len) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; @@ -1669,8 +1669,8 @@ int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, input + ilen - tag_len, tag_len); #else return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; -#endif /* MBEDTLS_CIPHER_HAVE_AEAD */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD */ } -#endif /* MBEDTLS_CIPHER_HAVE_AEAD || MBEDTLS_NIST_KW_C */ +#endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */ #endif /* MBEDTLS_CIPHER_C */ diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 6fd94ce22..e6970129e 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -85,7 +85,7 @@ exit: return 0; } -#if defined(MBEDTLS_CIPHER_HAVE_AEAD) +#if defined(MBEDTLS_CIPHER_MODE_AEAD) /* Helper for resetting key/direction * * The documentation doesn't explicitly say whether calling @@ -842,7 +842,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_HAVE_AEAD */ +/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_AEAD */ void auth_crypt_tv(int cipher_id, data_t *key, data_t *iv, data_t *ad, data_t *cipher, data_t *tag, char *result, data_t *clear, int use_psa) From adb3cc4d433466f00ba827d5288577e367fbf1f3 Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Tue, 17 Oct 2023 11:50:50 +0200 Subject: [PATCH 0312/1674] Fixes #8377. Signed-off-by: Matthias Schulz --- library/x509_csr.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/x509_csr.c b/library/x509_csr.c index 0b2bb6f3b..bd45c5665 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -78,6 +78,7 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, int ret; size_t len; unsigned char *end_ext_data; + int critical; while (*p < end) { mbedtls_x509_buf extn_oid = { 0, 0, NULL }; int ext_type = 0; @@ -100,6 +101,9 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, extn_oid.p = *p; *p += extn_oid.len; + /* Get and ignore optional critical flag */ + (void)mbedtls_asn1_get_bool(p, end_ext_data, &critical); + /* Data should be octet string type */ if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len, MBEDTLS_ASN1_OCTET_STRING)) != 0) { From 8d178be66e5cdc1b5ba60d90a96d2e63da9a7ff2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 12:23:55 +0200 Subject: [PATCH 0313/1674] analyze_outcomes: fix return value in case of test failure Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 57f359a65..2998d322d 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -1,4 +1,4 @@ - #!/usr/bin/env python3 +#!/usr/bin/env python3 """Analyze the test outcomes from a full CI run. @@ -694,7 +694,7 @@ def main(): "{} warnings | ".format(main_results.warning_count) + \ "{} errors".format(main_results.error_count)) - sys.exit(0 if (main_results.error_count == 0) else 2) + sys.exit(0 if (main_results.error_count == 0) else 1) except Exception: # pylint: disable=broad-except # Print the backtrace and exit explicitly with our chosen status. From f6f64cfd819335fab6d09320a66de27c821ee4ad Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 12:28:26 +0200 Subject: [PATCH 0314/1674] analyze_outcomes: code style improvement Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 2998d322d..e0c69469f 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -690,9 +690,8 @@ def main(): test_args = KNOWN_TASKS[task]['args'] main_results = test_function(main_results, options.outcomes, test_args) - main_results.info("Overall results: " + \ - "{} warnings | ".format(main_results.warning_count) + \ - "{} errors".format(main_results.error_count)) + main_results.info("Overall results: {} warnings and {} errors", + main_results.warning_count, main_results.error_count) sys.exit(0 if (main_results.error_count == 0) else 1) From cc923f307ed3b99299034d17ed042151e4cc0712 Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Tue, 17 Oct 2023 12:36:23 +0200 Subject: [PATCH 0315/1674] Added missing like between variables and function body. Signed-off-by: Matthias Schulz --- library/x509_csr.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/x509_csr.c b/library/x509_csr.c index bd45c5665..ce4c081e3 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -79,6 +79,7 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, size_t len; unsigned char *end_ext_data; int critical; + while (*p < end) { mbedtls_x509_buf extn_oid = { 0, 0, NULL }; int ext_type = 0; From 8070dbec6b76f5a4dcf8260d855065dca42dc633 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 12:29:30 +0200 Subject: [PATCH 0316/1674] analyze_outcomes: keep print_line() method non-static Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index e0c69469f..034640430 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -23,18 +23,18 @@ class Results: self.warning_count = 0 def info(self, fmt, *args, **kwargs): - self.print_line('Info: ' + fmt, *args, **kwargs) + self._print_line('Info: ' + fmt, *args, **kwargs) def error(self, fmt, *args, **kwargs): self.error_count += 1 - self.print_line('Error: ' + fmt, *args, **kwargs) + self._print_line('Error: ' + fmt, *args, **kwargs) def warning(self, fmt, *args, **kwargs): self.warning_count += 1 - self.print_line('Warning: ' + fmt, *args, **kwargs) + self._print_line('Warning: ' + fmt, *args, **kwargs) @staticmethod - def print_line(fmt, *args, **kwargs): + def _print_line(fmt, *args, **kwargs): sys.stderr.write(fmt + '\n', *args, **kwargs) class TestCaseOutcomes: From 781c23416e511ab31738bfc2607f944e8fcc4ce3 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 12:47:35 +0200 Subject: [PATCH 0317/1674] analyze_oucomes: do not return Results instance passed as parameter Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 32 ++++++++++++------------------- 1 file changed, 12 insertions(+), 20 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 034640430..5f2e37877 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -57,7 +57,7 @@ class TestCaseOutcomes: return len(self.successes) + len(self.failures) def execute_reference_driver_tests(results: Results, ref_component, driver_component, \ - outcome_file) -> Results: + outcome_file): """Run the tests specified in ref_component and driver_component. Results are stored in the output_file and they will be used for the following coverage analysis""" @@ -66,7 +66,7 @@ def execute_reference_driver_tests(results: Results, ref_component, driver_compo if os.path.exists(outcome_file): results.info("Outcome file (" + outcome_file + ") already exists. " + \ "Tests will be skipped.") - return results + return shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \ " " + ref_component + " " + driver_component @@ -76,8 +76,6 @@ def execute_reference_driver_tests(results: Results, ref_component, driver_compo if ret_val != 0: results.error("failed to run reference/driver components") - return results - def analyze_coverage(results, outcomes, allow_list, full_coverage): """Check that all available test cases are executed at least once.""" available = check_test_cases.collect_available_test_cases() @@ -132,13 +130,10 @@ def analyze_driver_vs_reference(results: Results, outcomes, if(reference_test_passed and not driver_test_passed): results.error(key) - return results - -def analyze_outcomes(results: Results, outcomes, args) -> Results: +def analyze_outcomes(results: Results, outcomes, args): """Run all analyses on the given outcome collection.""" analyze_coverage(results, outcomes, args['allow_list'], args['full_coverage']) - return results def read_outcome_file(outcome_file): """Parse an outcome file and return an outcome collection. @@ -161,30 +156,27 @@ by a semicolon. outcomes[key].failures.append(setup) return outcomes -def do_analyze_coverage(results: Results, outcome_file, args) -> Results: +def do_analyze_coverage(results: Results, outcome_file, args): """Perform coverage analysis.""" results.info("*** Analyze coverage ***") outcomes = read_outcome_file(outcome_file) - results = analyze_outcomes(results, outcomes, args) - return results + analyze_outcomes(results, outcomes, args) -def do_analyze_driver_vs_reference(results: Results, outcome_file, args) -> Results: +def do_analyze_driver_vs_reference(results: Results, outcome_file, args): """Perform driver vs reference analyze.""" results.info("*** Analyze driver {} vs reference {} ***".format( args['component_driver'], args['component_ref'])) - results = execute_reference_driver_tests(results, args['component_ref'], \ - args['component_driver'], outcome_file) + execute_reference_driver_tests(results, args['component_ref'], \ + args['component_driver'], outcome_file) ignored_suites = ['test_suite_' + x for x in args['ignored_suites']] outcomes = read_outcome_file(outcome_file) - results = analyze_driver_vs_reference(results, outcomes, - args['component_ref'], args['component_driver'], - ignored_suites, args['ignored_tests']) - - return results + analyze_driver_vs_reference(results, outcomes, + args['component_ref'], args['component_driver'], + ignored_suites, args['ignored_tests']) # List of tasks with a function that can handle this task and additional arguments if required KNOWN_TASKS = { @@ -688,7 +680,7 @@ def main(): for task in tasks_list: test_function = KNOWN_TASKS[task]['test_function'] test_args = KNOWN_TASKS[task]['args'] - main_results = test_function(main_results, options.outcomes, test_args) + test_function(main_results, options.outcomes, test_args) main_results.info("Overall results: {} warnings and {} errors", main_results.warning_count, main_results.error_count) From 0ca58e3c1000d067fb28bfb41dc90a1db9308b0d Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Tue, 17 Oct 2023 13:11:52 +0200 Subject: [PATCH 0318/1674] Added testcase with certificate that contains extensions with critical fields. Signed-off-by: Matthias Schulz --- tests/suites/test_suite_x509parse.data | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 4b75f1763..a38a3ff32 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -2940,6 +2940,10 @@ X509 CSR ASN.1 (OK) depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_parse:"308201183081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04010349003046022100b49fd8c8f77abfa871908dfbe684a08a793d0f490a43d86fcf2086e4f24bb0c2022100f829d5ccd3742369299e6294394717c4b723a0f68b44e831b6e6c3bcabf97243":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n":0 +X509 CSR ASN.1 (critical extensions) +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_parse:"308201233081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004c11ebb9951848a436ca2c8a73382f24bbb6c28a92e401d4889b0c361f377b92a8b0497ff2f5a5f6057ae85f704ab1850bef075914f68ed3aeb15a1ff1ebc0dc6a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101ff0403010101300a06082a8648ce3d040302034700304402200c4108fd098525993d3fd5b113f0a1ead8750852baf55a2f8e670a22cabc0ba1022034db93a0fcb993912adcf2ea8cb4b66389af30e264d43c0daea03255e45d2ccc":"CSR version \: 1\nsubject name \: CN=Self signed test, C=DE, O=AuthCrtDB Test\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n":0 + X509 CSR ASN.1 (bad first tag) mbedtls_x509_csr_parse:"3100":"":MBEDTLS_ERR_X509_INVALID_FORMAT From 811a954383d4a63320c35cbf8023917f970cdf5b Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 17 Oct 2023 11:08:12 +0100 Subject: [PATCH 0319/1674] Add reentrancy section to thread safety design Signed-off-by: Janos Follath --- docs/architecture/psa-thread-safety.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md index 072430762..53ee2c88c 100644 --- a/docs/architecture/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety.md @@ -347,6 +347,25 @@ Implementing "thread_safe” drivers depends on the condition variable protectio Start with implementing threading for drivers without the "thread_safe” property (all drivers behave like the property wasn't set). Add "thread_safe" drivers at some point after the #condition-variables approach is implemented in the core. +#### Reentrancy + +It is natural sometimes to want to perform cryptographic operations from a driver, for example calculating a hash as part of various other crypto primitives, or using a block cipher in a driver for a mode, etc. Also encrypting/authenticating communication with a secure element. + +If the driver is thread safe, it is the drivers responsibility to handle re-entrancy. + +In the non-thread-safe case we have these natural assumptions/requirements: +1. Drivers don't call the core for any operation for which they provide an entry point +2. The core doesn't hold the driver mutex between calls to entry points + +With these, the only way of a deadlock is when we have several drivers and they have circular dependencies. That is, Driver A makes a call that is despatched to Driver B and upon executing that Driver B makes a call that is despatched to Driver A. For example Driver A does CCM calls Driver B to do CBC-MAC, which in turn calls Driver A to do AES. This example is pretty contrived and it is hard to find a more practical example. + +Potential ways for resolving this: +1. Non-thread-safe drivers must not call the core +2. Provide a new public API that drivers can safely call +3. There is a whitelist of core APIs that drivers can call. Drivers providing entry points to these must not make a call to the core when handling these calls. (Drivers are still allowed to call any core API that can't have a driver entry point.) + +The first is too restrictive, the second is too expensive, the only viable option is the third. + ### Global Data PSA Crypto makes use of a `global_data` variable that will be accessible from multiple threads and needs to be protected. Any function accessing this variable (or its members) must take the corresponding lock first. Since `global_data` holds the RNG state, these will involve relatively expensive operations and therefore ideally `global_data` should be protected by its own, dedicated lock (different from the one protecting the key store). From 574100bb0d69554aa3543cc6ec536c3cd8330cfd Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 17 Oct 2023 12:09:57 +0100 Subject: [PATCH 0320/1674] Add clarifications to thread safety design Signed-off-by: Janos Follath --- docs/architecture/psa-thread-safety.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md index 53ee2c88c..3a18d35ab 100644 --- a/docs/architecture/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety.md @@ -303,7 +303,7 @@ Solution: after some team discussion, we've decided to rely on a new threading a When calling `psa_wipe_key_slot` it is the callers responsibility to set the slot state to WRITING first. For most functions this is a clean UNUSED -> WRITING transition: psa_get_empty_key_slot, psa_get_and_lock_key_slot, psa_close_key, psa_purge_key. -`psa_wipe_all_key_slots` is only called from `mbedtls_psa_crypto_free`, here we will need to return an error as we won't be able to free the key store if a key is in use without compromising the state of the secure side. This opens up the way for an untrusted application to launch a DoS attack against the crypto service, but this is still better than compromising confidentiality or integrity and this is the most we can do with mutexes only. Also, this is the current behaviour. +`psa_wipe_all_key_slots` is only called from `mbedtls_psa_crypto_free`, here we will need to return an error as we won't be able to free the key store if a key is in use without compromising the state of the secure side. This is acceptable as an untrusted application cannot call `mbedtls_psa_crypto_free` in a crypto service. In a service integration, `mbedtls_psa_crypto_free` on the client cuts the communication with the crypto service. Also, this is the current behaviour. `psa_destroy_key` marks the slot as deleted, deletes persistent keys and opaque keys and returns. This only works if drivers are protected by a mutex (and the persistent storage as well if needed). When the last reading operation finishes, it wipes the key slot. This will free the key ID, but the slot might be still in use. In case of volatile keys freeing up the ID while the slot is still in use does not provide any benefit and we don't need to do it. @@ -314,7 +314,7 @@ Variations: 1. As a first step the multipart operations would lock the keys for reading on setup and release on free 2. In a later stage this would be improved by locking the keys on entry into multi-part API calls and released before exiting. -The second variant can't be implemented as a backward compatible improvement on the first as multipart operations that were successfully completed in the first case, would fail in the second. If we want to implement these incrementally, multipart operations in a multithreaded environment must left unsupported in the first variant. +The second variant can't be implemented as a backward compatible improvement on the first as multipart operations that were successfully completed in the first case, would fail in the second. If we want to implement these incrementally, multipart operations in a multithreaded environment must be left unsupported in the first variant. This makes the first variant impractical (multipart operations returning an error in builds with multithreading enabled is not a behaviour that would be very useful to release). ### Condition variables From d7a39ae21ed953b1fd81f07ae022b1fd2fd0eb48 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 17 Oct 2023 14:34:26 +0100 Subject: [PATCH 0321/1674] Add plan for 3.6 to threading design Signed-off-by: Janos Follath --- docs/architecture/psa-thread-safety.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md index 3a18d35ab..9e396e082 100644 --- a/docs/architecture/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety.md @@ -381,3 +381,18 @@ Since we only have simple mutexes, locking the same mutex from the same thread i Releasing the mutex before a function call might introduce race conditions. Therefore might not be practical to take the mutex in low level access functions. If functions like that don't take the mutex, they need to rely on the caller to take it for them. These functions will document that the caller is required to hold the mutex. To avoid performance degradation, functions must not start expensive operations (eg. doing cryptography) while holding the mutex. + +## Strategy for 3.6 + +The goal is to provide viable threading support without extending the platform abstraction. (Condition variables should be added in 4.0.) This means that we will be relying on mutexes only. + +- Key Store + - Slot states guarantee safe concurrent access to slot contents + - Slot states will be protected by a global mutex + - Simple key destruction strategy as described in #mutex-only (variant 2.) +- Concurrent calls to operation contexts will be prevented by state fields which shall be protected by a global mutex +- Drivers + - The solution shall use the pre-existing MBEDTLS_THREADING_C threading abstraction + - Drivers will be protected by their own dedicated lock - only non-thread safe drivers are supported + - Constraints on the drivers and the core will be in place and documented as proposed in #reentrancy +- The main `global_data` (the one in `psa_crypto.c`) shall be protected by its own mutex From 4a493b267f55b21bf056af363f942862f7a9a754 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 17 Oct 2023 14:57:23 +0100 Subject: [PATCH 0322/1674] Reword error message on format of SAN arguments Signed-off-by: David Horstmann --- programs/x509/cert_write.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 8bee0a666..d8660dc95 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -585,7 +585,7 @@ usage: *subtype_value++ = '\0'; } else { mbedtls_printf( - "Invalid argument for option SAN: Entry should be separated by a colon\n"); + "Invalid argument for option SAN: Entry must be of the form TYPE:value\n"); goto usage; } if (strcmp(q, "RFC822") == 0) { From 9534dfd15bb8b38553c28c861bff25b2b90cfb03 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 17 Oct 2023 14:59:31 +0100 Subject: [PATCH 0323/1674] Reword error message on format of SAN arguments Signed-off-by: David Horstmann --- programs/x509/cert_req.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index ff744a430..7e2a6bd8e 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -263,7 +263,7 @@ usage: *subtype_value++ = '\0'; } else { mbedtls_printf( - "Invalid argument for option SAN: Entry should be separated by a colon\n"); + "Invalid argument for option SAN: Entry must be of the form TYPE:value\n"); goto usage; } if (strcmp(q, "RFC822") == 0) { From 873a202d18915abe1ca15976389768eb3c1e18ba Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Tue, 17 Oct 2023 16:02:20 +0200 Subject: [PATCH 0324/1674] Now handling critical extensions similarly to how its done in x509_get_crt_ext just without the callback function to handle unknown extensions. Signed-off-by: Matthias Schulz --- library/x509_csr.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/library/x509_csr.c b/library/x509_csr.c index ce4c081e3..baf260664 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -75,13 +75,13 @@ static int x509_csr_get_version(unsigned char **p, static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, unsigned char **p, const unsigned char *end) { - int ret; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; unsigned char *end_ext_data; - int critical; while (*p < end) { mbedtls_x509_buf extn_oid = { 0, 0, NULL }; + int is_critical = 0; /* DEFAULT FALSE */ int ext_type = 0; /* Read sequence tag */ @@ -102,8 +102,11 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, extn_oid.p = *p; *p += extn_oid.len; - /* Get and ignore optional critical flag */ - (void)mbedtls_asn1_get_bool(p, end_ext_data, &critical); + /* Get optional critical */ + if ((ret = mbedtls_asn1_get_bool(p, end_ext_data, &is_critical)) != 0 && + (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); + } /* Data should be octet string type */ if ((ret = mbedtls_asn1_get_tag(p, end_ext_data, &len, @@ -157,6 +160,12 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, default: break; } + } else { + if (is_critical) { + /* Data is marked as critical: fail */ + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); + } } *p = end_ext_data; } From a0e810de4b7a457348d5d6a516e8303cd41220e8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 17 Oct 2023 16:04:27 +0200 Subject: [PATCH 0325/1674] Convey that it's ok for mbedtls_ssl_session_save to fail mbedtls_ssl_session_save() always outputs the output length, even on error. Here, we're only calling it to get the needed output length, so it's ok to ignore the return value. Convey this to linters. Signed-off-by: Gilles Peskine --- programs/ssl/ssl_client2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 7c2c818d8..ac02e548a 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -705,7 +705,7 @@ static int ssl_save_session_serialize(mbedtls_ssl_context *ssl, } /* get size of the buffer needed */ - mbedtls_ssl_session_save(&exported_session, NULL, 0, session_data_len); + (void) mbedtls_ssl_session_save(&exported_session, NULL, 0, session_data_len); *session_data = mbedtls_calloc(1, *session_data_len); if (*session_data == NULL) { mbedtls_printf(" failed\n ! alloc %u bytes for session data\n", From 21e46b39ccf6ca1e47f13df25aacfd1defc5e889 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 17 Oct 2023 16:35:20 +0200 Subject: [PATCH 0326/1674] Fix missing initializations on some error paths Signed-off-by: Gilles Peskine --- tests/suites/test_suite_ctr_drbg.function | 4 +--- tests/suites/test_suite_pkwrite.function | 4 +--- .../test_suite_psa_crypto_se_driver_hal.function | 2 +- tests/suites/test_suite_ssl.function | 9 ++++----- tests/suites/test_suite_x509parse.function | 12 +++++++----- tests/suites/test_suite_x509write.function | 14 +++++++------- 6 files changed, 21 insertions(+), 24 deletions(-) diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 7d816080a..c6896998e 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -31,15 +31,13 @@ static void ctr_drbg_validate_internal(int reseed_mode, data_t *nonce, data_t *result) { mbedtls_ctr_drbg_context ctx; + mbedtls_ctr_drbg_init(&ctx); unsigned char buf[64]; size_t entropy_chunk_len = (size_t) entropy_len_arg; - TEST_ASSERT(entropy_chunk_len <= sizeof(buf)); test_offset_idx = 0; - mbedtls_ctr_drbg_init(&ctx); - test_max_idx = entropy->len; /* CTR_DRBG_Instantiate(entropy[:entropy->len], nonce, perso, ) diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function index 730bb881b..733909ebc 100644 --- a/tests/suites/test_suite_pkwrite.function +++ b/tests/suites/test_suite_pkwrite.function @@ -68,6 +68,7 @@ static int pk_write_any_key(mbedtls_pk_context *pk, unsigned char **p, static void pk_write_check_common(char *key_file, int is_public_key, int is_der) { mbedtls_pk_context key; + mbedtls_pk_init(&key); unsigned char *buf = NULL; unsigned char *check_buf = NULL; unsigned char *start_buf; @@ -78,9 +79,6 @@ static void pk_write_check_common(char *key_file, int is_public_key, int is_der) USE_PSA_INIT(); - mbedtls_pk_init(&key); - USE_PSA_INIT(); - /* Note: if mbedtls_pk_load_file() successfully reads the file, then it also allocates check_buf, which should be freed on exit */ TEST_EQUAL(mbedtls_pk_load_file(key_file, &check_buf, &check_buf_len), 0); diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index 9c5ef23a6..8e9698443 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -1297,7 +1297,7 @@ void sign_verify(int flow, mbedtls_svc_key_id_t returned_id; mbedtls_svc_key_id_t sw_key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t sw_attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_attributes_t drv_attributes; + psa_key_attributes_t drv_attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t signature[PSA_SIGNATURE_MAX_SIZE]; size_t signature_length; diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index eb2407d2e..8a837bb9c 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -24,6 +24,7 @@ void test_callback_buffer_sanity() { enum { MSGLEN = 10 }; mbedtls_test_ssl_buffer buf; + mbedtls_test_ssl_buffer_init(&buf); unsigned char input[MSGLEN]; unsigned char output[MSGLEN]; @@ -43,8 +44,6 @@ void test_callback_buffer_sanity() /* Make sure calling put and get on a buffer that hasn't been set up results * in error. */ - mbedtls_test_ssl_buffer_init(&buf); - TEST_ASSERT(mbedtls_test_ssl_buffer_put(&buf, input, sizeof(input)) == -1); TEST_ASSERT(mbedtls_test_ssl_buffer_get(&buf, output, sizeof(output)) @@ -1787,7 +1786,9 @@ void ssl_tls13_record_protection(int ciphersuite, { mbedtls_ssl_key_set keys; mbedtls_ssl_transform transform_send; + mbedtls_ssl_transform_init(&transform_send); mbedtls_ssl_transform transform_recv; + mbedtls_ssl_transform_init(&transform_recv); mbedtls_record rec; unsigned char *buf = NULL; size_t buf_len; @@ -1818,8 +1819,6 @@ void ssl_tls13_record_protection(int ciphersuite, keys.key_len = server_write_key->len; keys.iv_len = server_write_iv->len; - mbedtls_ssl_transform_init(&transform_recv); - mbedtls_ssl_transform_init(&transform_send); MD_OR_USE_PSA_INIT(); TEST_ASSERT(mbedtls_ssl_tls13_populate_transform( @@ -3122,6 +3121,7 @@ void raw_key_agreement_fail(int bad_server_ecdhe_key) mbedtls_psa_stats_t stats; size_t free_slots_before = -1; mbedtls_test_handshake_test_options options; + mbedtls_test_init_handshake_options(&options); uint16_t iana_tls_group_list[] = { MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, MBEDTLS_SSL_IANA_TLS_GROUP_NONE }; @@ -3129,7 +3129,6 @@ void raw_key_agreement_fail(int bad_server_ecdhe_key) mbedtls_platform_zeroize(&client, sizeof(client)); mbedtls_platform_zeroize(&server, sizeof(server)); - mbedtls_test_init_handshake_options(&options); options.pk_alg = MBEDTLS_PK_ECDSA; options.server_min_version = MBEDTLS_SSL_VERSION_TLS1_2; options.server_max_version = MBEDTLS_SSL_VERSION_TLS1_2; diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 114bd5277..c38a37283 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -928,15 +928,17 @@ void mbedtls_x509_dn_get_next(char *name_str, int ret = 0, i; size_t len = 0, out_size; mbedtls_asn1_named_data *names = NULL; - mbedtls_x509_name parsed, *parsed_cur; + mbedtls_x509_name parsed; + memset(&parsed, 0, sizeof(parsed)); + mbedtls_x509_name *parsed_cur; // Size of buf is maximum required for test cases - unsigned char buf[80], *out = NULL, *c; + unsigned char buf[80] = {0}; + unsigned char *out = NULL; + unsigned char *c = buf + sizeof(buf); const char *short_name; USE_PSA_INIT(); - memset(&parsed, 0, sizeof(parsed)); - memset(buf, 0, sizeof(buf)); - c = buf + sizeof(buf); + // Additional size required for trailing space out_size = strlen(expected_oids) + 2; TEST_CALLOC(out, out_size); diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index a7ed26295..06e08168c 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -699,16 +699,16 @@ void mbedtls_x509_string_to_names(char *name, char *parsed_name, int ret; size_t len = 0; mbedtls_asn1_named_data *names = NULL; - mbedtls_x509_name parsed, *parsed_cur, *parsed_prv; - unsigned char buf[1024], out[1024], *c; + mbedtls_x509_name parsed; + memset(&parsed, 0, sizeof(parsed)); + mbedtls_x509_name *parsed_cur = NULL; + mbedtls_x509_name *parsed_prv = NULL; + unsigned char buf[1024] = {0}; + unsigned char out[1024] = {0}; + unsigned char *c = buf + sizeof(buf); USE_PSA_INIT(); - memset(&parsed, 0, sizeof(parsed)); - memset(out, 0, sizeof(out)); - memset(buf, 0, sizeof(buf)); - c = buf + sizeof(buf); - ret = mbedtls_x509_string_to_names(&names, name); TEST_EQUAL(ret, result); From bb7d92c4b259e9b01760fc24624651dbd111172a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 17 Oct 2023 17:26:44 +0200 Subject: [PATCH 0327/1674] Remove redundant null check crl_file is a test argument and can't be null. Besides the code above already assumes that it's non-null. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_x509parse.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index c38a37283..938917ad7 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -729,7 +729,7 @@ void x509_verify(char *crt_file, char *ca_file, char *crl_file, #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) /* CRLs aren't supported with CA callbacks, so skip the CA callback * version of the test if CRLs are in use. */ - if (crl_file == NULL || strcmp(crl_file, "") == 0) { + if (strcmp(crl_file, "") == 0) { flags = 0; res = mbedtls_x509_crt_verify_with_ca_cb(&crt, From d681ffdb54568353206bf1111dfcecbffeeb7c24 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 17 Oct 2023 17:31:50 +0200 Subject: [PATCH 0328/1674] Use modern macros for calloc in test code Signed-off-by: Gilles Peskine --- tests/suites/test_suite_ssl.function | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 8a837bb9c..9ebc56c34 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1199,7 +1199,7 @@ void ssl_crypt_record(int cipher_type, int hash_id, TEST_ASSERT(ret == 0); - TEST_ASSERT((buf = mbedtls_calloc(1, buflen)) != NULL); + TEST_CALLOC(buf, buflen); while (num_records-- > 0) { mbedtls_ssl_transform *t_dec, *t_enc; @@ -1353,7 +1353,7 @@ void ssl_crypt_record_small(int cipher_type, int hash_id, TEST_ASSERT(ret == 0); - TEST_ASSERT((buf = mbedtls_calloc(1, buflen)) != NULL); + TEST_CALLOC(buf, buflen); for (mode = 1; mode <= 3; mode++) { seen_success = 0; @@ -1957,7 +1957,7 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, /* Serialize it */ TEST_ASSERT(mbedtls_ssl_session_save(&original, NULL, 0, &len) == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); - TEST_ASSERT((buf = mbedtls_calloc(1, len)) != NULL); + TEST_CALLOC(buf, len); TEST_ASSERT(mbedtls_ssl_session_save(&original, buf, len, &len) == 0); @@ -2171,7 +2171,8 @@ void ssl_serialize_session_save_buf_size(int ticket_len, char *crt_file, for (bad_len = 1; bad_len < good_len; bad_len++) { /* Allocate exact size so that asan/valgrind can detect any overwrite */ mbedtls_free(buf); - TEST_ASSERT((buf = mbedtls_calloc(1, bad_len)) != NULL); + buf = NULL; + TEST_CALLOC(buf, bad_len); TEST_ASSERT(mbedtls_ssl_session_save(&session, buf, bad_len, &test_len) == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); @@ -2214,7 +2215,7 @@ void ssl_serialize_session_load_buf_size(int ticket_len, char *crt_file, } TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len) == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); - TEST_ASSERT((good_buf = mbedtls_calloc(1, good_len)) != NULL); + TEST_CALLOC(good_buf, good_len); TEST_ASSERT(mbedtls_ssl_session_save(&session, good_buf, good_len, &good_len) == 0); mbedtls_ssl_session_free(&session); @@ -2223,8 +2224,8 @@ void ssl_serialize_session_load_buf_size(int ticket_len, char *crt_file, for (bad_len = 0; bad_len < good_len; bad_len++) { /* Allocate exact size so that asan/valgrind can detect any overread */ mbedtls_free(bad_buf); - bad_buf = mbedtls_calloc(1, bad_len ? bad_len : 1); - TEST_ASSERT(bad_buf != NULL); + bad_buf = NULL; + TEST_CALLOC_NONNULL(bad_buf, bad_len); memcpy(bad_buf, good_buf, bad_len); TEST_ASSERT(mbedtls_ssl_session_load(&session, bad_buf, bad_len) From bbd92917d837d6c2a94b6b871ed454ca7b1280a1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 17 Oct 2023 18:08:24 +0200 Subject: [PATCH 0329/1674] Close file on error path Signed-off-by: Gilles Peskine --- tests/suites/test_suite_entropy.function | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/suites/test_suite_entropy.function b/tests/suites/test_suite_entropy.function index 0e013b740..ed9f3ac3c 100644 --- a/tests/suites/test_suite_entropy.function +++ b/tests/suites/test_suite_entropy.function @@ -102,6 +102,7 @@ static int write_nv_seed(unsigned char *buf, size_t buf_len) if (fwrite(buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f) != MBEDTLS_ENTROPY_BLOCK_SIZE) { + fclose(f); return -1; } @@ -124,6 +125,7 @@ int read_nv_seed(unsigned char *buf, size_t buf_len) if (fread(buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f) != MBEDTLS_ENTROPY_BLOCK_SIZE) { + fclose(f); return -1; } From 735794c7454c91ba06a1e0c518799b85ed00b99e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 18 Oct 2023 08:05:15 +0200 Subject: [PATCH 0330/1674] analyze_outcomes: fix missing format for args/kwargs Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 5f2e37877..d0b72a859 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -35,7 +35,7 @@ class Results: @staticmethod def _print_line(fmt, *args, **kwargs): - sys.stderr.write(fmt + '\n', *args, **kwargs) + sys.stderr.write((fmt + '\n').format(*args, **kwargs)) class TestCaseOutcomes: """The outcomes of one test case across many configurations.""" From a3d911b0ae1b49dfa94142a56ac28c7b58abb6f2 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 23 May 2023 17:21:52 +0800 Subject: [PATCH 0331/1674] add script for server9_bad_saltlen Signed-off-by: Jerry Yu --- .../generate_server9_bad_saltlen.py | 100 ++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100755 scripts/mbedtls_dev/generate_server9_bad_saltlen.py diff --git a/scripts/mbedtls_dev/generate_server9_bad_saltlen.py b/scripts/mbedtls_dev/generate_server9_bad_saltlen.py new file mode 100755 index 000000000..68a8a5f15 --- /dev/null +++ b/scripts/mbedtls_dev/generate_server9_bad_saltlen.py @@ -0,0 +1,100 @@ +#!/usr/bin/env python3 +"""Generate server9-bad-saltlen.crt + +`server9-bad-saltlen.crt (announcing saltlen = 0xDE, signed with another len)`. It can not generate +with normal command. This script is to generate the file. +""" + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import subprocess +import argparse +from asn1crypto import pem, x509, core #type: ignore #pylint: disable=import-error + +OPENSSL_RSA_PSS_CERT_COMMAND = r''' +openssl x509 -req -CA {ca_name}.crt -CAkey {ca_name}.key -set_serial 24 {ca_password} \ + {openssl_extfile} -days 3650 -outform DER -in {csr} \ + -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:{anounce_saltlen} \ + -sigopt rsa_mgf1_md:sha256 +''' +SIG_OPT = \ + r'-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:{saltlen} -sigopt rsa_mgf1_md:sha256' +OPENSSL_RSA_PSS_DGST_COMMAND = r'''openssl dgst -sign {ca_name}.key {ca_password} \ + -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:{actual_saltlen} \ + -sigopt rsa_mgf1_md:sha256''' + + +def auto_int(x): + return int(x, 0) + + +def build_argparser(parser): + """Build argument parser""" + parser.description = __doc__ + parser.add_argument('--ca-name', type=str, required=True, + help='Basename of CA files') + parser.add_argument('--ca-password', type=str, + required=True, help='CA key file password') + parser.add_argument('--csr', type=str, required=True, + help='CSR file for generating certificate') + parser.add_argument('--openssl-extfile', type=str, + required=True, help='X905 v3 extension config file') + parser.add_argument('--anounce_saltlen', type=auto_int, + required=True, help='Announced salt length') + parser.add_argument('--actual_saltlen', type=auto_int, + required=True, help='Actual salt length') + parser.add_argument('--output', type=str, required=True) + + +def main(): + parser = argparse.ArgumentParser() + build_argparser(parser) + args = parser.parse_args() + + return generate(**vars(args)) + +def generate(**kwargs): + """Generate different slt length certificate file.""" + ca_password = kwargs.get('ca_password', '') + if ca_password: + kwargs['ca_password'] = r'-passin "pass:{ca_password}"'.format( + **kwargs) + else: + kwargs['ca_password'] = '' + extfile = kwargs.get('openssl_extfile', '') + if extfile: + kwargs['openssl_extfile'] = '-extfile {openssl_extfile}'.format( + **kwargs) + else: + kwargs['openssl_extfile'] = '' + + cmd = OPENSSL_RSA_PSS_CERT_COMMAND.format(**kwargs) + der_bytes = subprocess.check_output(cmd, shell=True) + target_certificate = x509.Certificate.load(der_bytes) + + cmd = OPENSSL_RSA_PSS_DGST_COMMAND.format(**kwargs) + #pylint: disable=unexpected-keyword-arg + der_bytes = subprocess.check_output(cmd, + input=target_certificate['tbs_certificate'].dump(), + shell=True) + + with open(kwargs.get('output'), 'wb') as f: + target_certificate['signature_value'] = core.OctetBitString(der_bytes) + f.write(pem.armor('CERTIFICATE', target_certificate.dump())) + + +if __name__ == '__main__': + main() From 09977e230754ce52c3cd4bc96232da702878d1dc Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 25 May 2023 10:53:38 +0800 Subject: [PATCH 0332/1674] Add asn1crypto to python maintainer requirements Signed-off-by: Jerry Yu --- scripts/maintainer.requirements.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/maintainer.requirements.txt b/scripts/maintainer.requirements.txt index b149921a2..dd2826486 100644 --- a/scripts/maintainer.requirements.txt +++ b/scripts/maintainer.requirements.txt @@ -8,3 +8,6 @@ clang # For building some test vectors pycryptodomex pycryptodome-test-vectors + +# For building `tests/data_files/server9-bad-saltlen.crt` +asn1crypto From ca3790d6538de1bec60c7d7ca09a94a35f83e8d7 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 24 May 2023 18:00:54 +0800 Subject: [PATCH 0333/1674] Add server9-bad-saltlen generate command Signed-off-by: Jerry Yu --- tests/data_files/Makefile | 15 +++++++++++---- tests/data_files/opensslcnf/server9.crt.v3_ext | 4 ++++ 2 files changed, 15 insertions(+), 4 deletions(-) create mode 100644 tests/data_files/opensslcnf/server9.crt.v3_ext diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 21ca489c1..1c0bde4df 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -577,10 +577,6 @@ server9-with-ca.crt: server9.crt $(test_ca_crt) cat $^ > $@ all_final += server9-with-ca.crt -# FIXME: This file needs special sequence. It should be update manually -server9-bad-saltlen.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) - false - server9-bad-mgfhash.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) $(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \ -passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \ @@ -590,6 +586,17 @@ server9-bad-mgfhash.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) -in $< -out $@ all_final += server9-bad-mgfhash.crt +server9-bad-saltlen.crt: server9.csr \ + $(test_ca_crt) $(test_ca_key_file_rsa) \ + opensslcnf/server9.crt.v3_ext \ + ../../scripts/mbedtls_dev/generate_server9_bad_saltlen.py + ../../scripts/mbedtls_dev/generate_server9_bad_saltlen.py --ca-name test-ca \ + --ca-password $(test_ca_pwd_rsa) --csr server9.csr \ + --openssl-extfile opensslcnf/server9.crt.v3_ext \ + --anounce_saltlen 0xde --actual_saltlen 0x20 \ + --output $@ +all_final += server9-bad-saltlen.crt + # server10* server10.crt: server10.key test-int-ca3.crt test-int-ca3.key diff --git a/tests/data_files/opensslcnf/server9.crt.v3_ext b/tests/data_files/opensslcnf/server9.crt.v3_ext new file mode 100644 index 000000000..f8d201bea --- /dev/null +++ b/tests/data_files/opensslcnf/server9.crt.v3_ext @@ -0,0 +1,4 @@ +basicConstraints = CA:false +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always + From 2f3f9680331cd9c692fe4395c578e927d1a32132 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 18 Oct 2023 15:06:54 +0800 Subject: [PATCH 0334/1674] fix wrong typo and indent issue Signed-off-by: Jerry Yu --- .../generate_server9_bad_saltlen.py | 2 +- tests/data_files/Makefile | 25 ++++++++----------- 2 files changed, 12 insertions(+), 15 deletions(-) diff --git a/scripts/mbedtls_dev/generate_server9_bad_saltlen.py b/scripts/mbedtls_dev/generate_server9_bad_saltlen.py index 68a8a5f15..813e6dc0f 100755 --- a/scripts/mbedtls_dev/generate_server9_bad_saltlen.py +++ b/scripts/mbedtls_dev/generate_server9_bad_saltlen.py @@ -67,7 +67,7 @@ def main(): return generate(**vars(args)) def generate(**kwargs): - """Generate different slt length certificate file.""" + """Generate different salt length certificate file.""" ca_password = kwargs.get('ca_password', '') if ca_password: kwargs['ca_password'] = r'-passin "pass:{ca_password}"'.format( diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 1c0bde4df..4ab5786e1 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -203,10 +203,8 @@ test-ca2.ku-%.crt: test-ca2.ku-%.crt.openssl.v3_ext $(test_ca_key_file_ec) test- $(OPENSSL) x509 -req -in test-ca2.req.sha256 -extfile $< \ -signkey $(test_ca_key_file_ec) -days 3653 -out $@ -all_final += test-ca2.ku-crl.crt \ - test-ca2.ku-crt.crt \ - test-ca2.ku-crt_crl.crt \ - test-ca2.ku-ds.crt +all_final += test-ca2.ku-crl.crt test-ca2.ku-crt.crt test-ca2.ku-crt_crl.crt \ + test-ca2.ku-ds.crt test-ca2-future.crt: $(test_ca_key_file_ec) test-ca2.req.sha256 $(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 request_file=test-ca2.req.sha256 selfsign=1 \ @@ -586,10 +584,9 @@ server9-bad-mgfhash.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) -in $< -out $@ all_final += server9-bad-mgfhash.crt -server9-bad-saltlen.crt: server9.csr \ - $(test_ca_crt) $(test_ca_key_file_rsa) \ - opensslcnf/server9.crt.v3_ext \ - ../../scripts/mbedtls_dev/generate_server9_bad_saltlen.py +server9-bad-saltlen.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) \ + opensslcnf/server9.crt.v3_ext \ + ../../scripts/mbedtls_dev/generate_server9_bad_saltlen.py ../../scripts/mbedtls_dev/generate_server9_bad_saltlen.py --ca-name test-ca \ --ca-password $(test_ca_pwd_rsa) --csr server9.csr \ --openssl-extfile opensslcnf/server9.crt.v3_ext \ @@ -1549,9 +1546,9 @@ server6-ss-child.csr : server6.key all_intermediate += server6-ss-child.csr server6-ss-child.crt: server6-ss-child.csr server5-selfsigned.crt server5.key server6-ss-child.crt.openssl.v3_ext $(OPENSSL) x509 -req -CA server5-selfsigned.crt -CAkey server5.key \ - -extfile server6-ss-child.crt.openssl.v3_ext \ - -set_serial 0x53a2cb5822399474a7ec79ec \ - -days 3650 -sha256 -in $< -out $@ + -extfile server6-ss-child.crt.openssl.v3_ext \ + -set_serial 0x53a2cb5822399474a7ec79ec \ + -days 3650 -sha256 -in $< -out $@ all_final += server6-ss-child.crt @@ -1718,9 +1715,9 @@ crl.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) $(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_server1_config_file) -md sha1 -crldays 3653 -out $@ crl-futureRevocationDate.pem: $(test_ca_crt) $(test_ca_key_file_rsa) \ - $(test_ca_config_file) \ - test-ca.server1.future-crl.db \ - test-ca.server1.future-crl.opensslconf + $(test_ca_config_file) \ + test-ca.server1.future-crl.db \ + test-ca.server1.future-crl.opensslconf $(FAKETIME) -f '+10y' $(OPENSSL) ca -gencrl \ -config test-ca.server1.future-crl.opensslconf -crldays 365 \ -passin "pass:$(test_ca_pwd_rsa)" -out $@ From b47b2990d63ec69ba2325a162999a015fa7b3d30 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 18 Oct 2023 15:50:35 +0800 Subject: [PATCH 0335/1674] fix various issues - fix wrong typo - remove redundant check - remove psk mode tests Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 20 ++------------------ tests/opt-testcases/tls13-misc.sh | 29 ++++++----------------------- 2 files changed, 8 insertions(+), 41 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index dad07817a..6445a00a1 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1757,29 +1757,14 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) if ((handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) == 0) { MBEDTLS_SSL_DEBUG_MSG( - 1, ("EarlyData: early data extension is not received.")); + 1, ("EarlyData: no early data extension received.")); ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED; return; } + /* We do not accept early data for the time being */ ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED; - if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_DISABLED) { - MBEDTLS_SSL_DEBUG_MSG( - 1, ("EarlyData: rejected. configured disabled.")); - return; - } - - MBEDTLS_SSL_DEBUG_MSG( - 3, ("EarlyData: conf->max_early_data_size = %u", - (unsigned int) ssl->conf->max_early_data_size)); - - /* TODO: Add more checks here. */ - - MBEDTLS_SSL_DEBUG_MSG( - 1, ("EarlyData: For time being, it should not happen.")); - ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED; - } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -1812,7 +1797,6 @@ static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_SSL_EARLY_DATA) /* There is enough information, update early data state. */ ssl_tls13_update_early_data_status(ssl); - #endif /* MBEDTLS_SSL_EARLY_DATA */ return 0; diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index 9845717aa..635e31a69 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -497,31 +497,14 @@ requires_gnutls_next requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ - MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_ECP_LIGHT + MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED -run_test "TLS 1.3 G->m: EarlyData: ephemeral: feature is disabled, fail." \ +run_test "TLS 1.3 G->m: EarlyData: feature is disabled, fail." \ "$P_SRV force_version=tls13 debug_level=4 max_early_data_size=-1 $(get_srv_psk_list)" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL -d 10 -r --earlydata $EARLY_DATA_INPUT" \ 1 \ - -c "Resume Handshake was completed" \ - -s "ClientHello: early_data(42) extension exists." \ - -S "EncryptedExtensions: early_data(42) extension exists." \ - -s "NewSessionTicket: early_data(42) extension does not exist." - -requires_gnutls_next -requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ - MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ - MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_ECP_LIGHT -requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED -run_test "TLS 1.3 G->m: EarlyData: psk*: feature is disabled, fail." \ - "$P_SRV force_version=tls13 debug_level=4 max_early_data_size=-1 $(get_srv_psk_list)" \ - "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK \ - -d 10 -r --earlydata $EARLY_DATA_INPUT \ - --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \ - 1 \ - -c "Resume Handshake was completed" \ - -s "ClientHello: early_data(42) extension exists." \ - -S "EncryptedExtensions: early_data(42) extension exists." \ - -s "NewSessionTicket: early_data(42) extension does not exist." + -s "ClientHello: early_data(42) extension exists." \ + -s "EncryptedExtensions: early_data(42) extension does not exists." \ + -s "NewSessionTicket: early_data(42) extension does not exist." \ + -s "Last error was: -29056 - SSL - Verification of the message MAC failed" From ab4082290ee9e1a175255940ebba6af90827ba4f Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Wed, 18 Oct 2023 13:20:59 +0200 Subject: [PATCH 0336/1674] Added parameters to add callback function to handle unsupported extensions. Similar to how the callback functions work when parsing certificates. Also added new test cases. Signed-off-by: Matthias Schulz --- include/mbedtls/x509_csr.h | 58 +++++++++ library/x509_csr.c | 136 ++++++++++++++------- tests/suites/test_suite_x509parse.data | 12 +- tests/suites/test_suite_x509parse.function | 57 +++++++++ 4 files changed, 218 insertions(+), 45 deletions(-) diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index 513a83edd..a4bdc9413 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -102,6 +102,64 @@ mbedtls_x509write_csr; int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen); +/** + * \brief The type of certificate extension callbacks. + * + * Callbacks of this type are passed to and used by the + * mbedtls_x509_csr_parse_der_with_ext_cb() routine when + * it encounters either an unsupported extension. + * Future versions of the library may invoke the callback + * in other cases, if and when the need arises. + * + * \param p_ctx An opaque context passed to the callback. + * \param csr The CSR being parsed. + * \param oid The OID of the extension. + * \param critical Whether the extension is critical. + * \param p Pointer to the start of the extension value + * (the content of the OCTET STRING). + * \param end End of extension value. + * + * \note The callback must fail and return a negative error code + * if it can not parse or does not support the extension. + * When the callback fails to parse a critical extension + * mbedtls_x509_csr_parse_der_with_ext_cb() also fails. + * When the callback fails to parse a non critical extension + * mbedtls_x509_csr_parse_der_with_ext_cb() simply skips + * the extension and continues parsing. + * + * \return \c 0 on success. + * \return A negative error code on failure. + */ +typedef int (*mbedtls_x509_csr_ext_cb_t)(void *p_ctx, + mbedtls_x509_csr const *csr, + mbedtls_x509_buf const *oid, + int critical, + const unsigned char *p, + const unsigned char *end); + +/** + * \brief Load a Certificate Signing Request (CSR) in DER format + * + * \note CSR attributes (if any) are currently silently ignored. + * + * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto + * subsystem must have been initialized by calling + * psa_crypto_init() before calling this function. + * + * \param csr CSR context to fill + * \param buf buffer holding the CRL data + * \param buflen size of the buffer + * \param cb A callback invoked for every unsupported certificate + * extension. + * \param p_ctx An opaque context passed to the callback. + * + * \return 0 if successful, or a specific X509 error code + */ +int mbedtls_x509_csr_parse_der_with_ext_cb(mbedtls_x509_csr *csr, + const unsigned char *buf, size_t buflen, + mbedtls_x509_csr_ext_cb_t cb, + void *p_ctx); + /** * \brief Load a Certificate Signing Request (CSR), DER or PEM format * diff --git a/library/x509_csr.c b/library/x509_csr.c index baf260664..9e4a01ab6 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -73,11 +73,13 @@ static int x509_csr_get_version(unsigned char **p, * Parse CSR extension requests in DER format */ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, - unsigned char **p, const unsigned char *end) + unsigned char **p, const unsigned char *end, + mbedtls_x509_csr_ext_cb_t cb, + void *p_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; - unsigned char *end_ext_data; + unsigned char *end_ext_data, *end_ext_octet; while (*p < end) { mbedtls_x509_buf extn_oid = { 0, 0, NULL }; @@ -114,7 +116,9 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); } - if (*p + len != end_ext_data) { + end_ext_octet = *p + len; + + if (end_ext_octet != end_ext_data) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } @@ -124,50 +128,72 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, */ ret = mbedtls_oid_get_x509_ext_type(&extn_oid, &ext_type); - if (ret == 0) { - /* Forbid repeated extensions */ - if ((csr->ext_types & ext_type) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_INVALID_DATA); + if (ret != 0) { + /* Give the callback (if any) a chance to handle the extension */ + if (cb != NULL) { + ret = cb(p_ctx, csr, &extn_oid, is_critical, *p, end_ext_octet); + if (ret != 0 && is_critical) { + return ret; + } + *p = end_ext_octet; + continue; } - csr->ext_types |= ext_type; + /* No parser found, skip extension */ + *p = end_ext_octet; - switch (ext_type) { - case MBEDTLS_X509_EXT_KEY_USAGE: - /* Parse key usage */ - if ((ret = mbedtls_x509_get_key_usage(p, end_ext_data, - &csr->key_usage)) != 0) { - return ret; - } - break; - - case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME: - /* Parse subject alt name */ - if ((ret = mbedtls_x509_get_subject_alt_name(p, end_ext_data, - &csr->subject_alt_names)) != 0) { - return ret; - } - break; - - case MBEDTLS_X509_EXT_NS_CERT_TYPE: - /* Parse netscape certificate type */ - if ((ret = mbedtls_x509_get_ns_cert_type(p, end_ext_data, - &csr->ns_cert_type)) != 0) { - return ret; - } - break; - default: - break; - } - } else { if (is_critical) { /* Data is marked as critical: fail */ return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } + continue; + } + + /* Forbid repeated extensions */ + if ((csr->ext_types & ext_type) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_INVALID_DATA); + } + + csr->ext_types |= ext_type; + + switch (ext_type) { + case MBEDTLS_X509_EXT_KEY_USAGE: + /* Parse key usage */ + if ((ret = mbedtls_x509_get_key_usage(p, end_ext_data, + &csr->key_usage)) != 0) { + return ret; + } + break; + + case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME: + /* Parse subject alt name */ + if ((ret = mbedtls_x509_get_subject_alt_name(p, end_ext_data, + &csr->subject_alt_names)) != 0) { + return ret; + } + break; + + case MBEDTLS_X509_EXT_NS_CERT_TYPE: + /* Parse netscape certificate type */ + if ((ret = mbedtls_x509_get_ns_cert_type(p, end_ext_data, + &csr->ns_cert_type)) != 0) { + return ret; + } + break; + default: + /* + * If this is a non-critical extension, which the oid layer + * supports, but there isn't an x509 parser for it, + * skip the extension. + */ + if (is_critical) { + return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; + } else { + *p = end_ext_octet; + } } - *p = end_ext_data; } if (*p != end) { @@ -182,7 +208,9 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, * Parse CSR attributes in DER format */ static int x509_csr_parse_attributes(mbedtls_x509_csr *csr, - const unsigned char *start, const unsigned char *end) + const unsigned char *start, const unsigned char *end, + mbedtls_x509_csr_ext_cb_t cb, + void *p_ctx) { int ret; size_t len; @@ -221,7 +249,7 @@ static int x509_csr_parse_attributes(mbedtls_x509_csr *csr, return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); } - if ((ret = x509_csr_parse_extensions(csr, p, *p + len)) != 0) { + if ((ret = x509_csr_parse_extensions(csr, p, *p + len, cb, p_ctx)) != 0) { return ret; } @@ -245,8 +273,10 @@ static int x509_csr_parse_attributes(mbedtls_x509_csr *csr, /* * Parse a CSR in DER format */ -int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr, - const unsigned char *buf, size_t buflen) +static int mbedtls_x509_csr_parse_der_internal(mbedtls_x509_csr *csr, + const unsigned char *buf, size_t buflen, + mbedtls_x509_csr_ext_cb_t cb, + void *p_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -370,7 +400,7 @@ int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr, return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret); } - if ((ret = x509_csr_parse_attributes(csr, p, p + len)) != 0) { + if ((ret = x509_csr_parse_attributes(csr, p, p + len, cb, p_ctx)) != 0) { mbedtls_x509_csr_free(csr); return ret; } @@ -409,6 +439,26 @@ int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr, return 0; } +/* + * Parse a CSR in DER format + */ +int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr, + const unsigned char *buf, size_t buflen) +{ + return mbedtls_x509_csr_parse_der_internal(csr, buf, buflen, NULL, NULL); +} + +/* + * Parse a CSR in DER format with callback for unknown extensions + */ +int mbedtls_x509_csr_parse_der_with_ext_cb(mbedtls_x509_csr *csr, + const unsigned char *buf, size_t buflen, + mbedtls_x509_csr_ext_cb_t cb, + void *p_ctx) +{ + return mbedtls_x509_csr_parse_der_internal(csr, buf, buflen, cb, p_ctx); +} + /* * Parse a CSR, allowing for PEM or raw DER encoding */ diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index a38a3ff32..9817536d7 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -2940,9 +2940,17 @@ X509 CSR ASN.1 (OK) depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_parse:"308201183081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04010349003046022100b49fd8c8f77abfa871908dfbe684a08a793d0f490a43d86fcf2086e4f24bb0c2022100f829d5ccd3742369299e6294394717c4b723a0f68b44e831b6e6c3bcabf97243":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n":0 -X509 CSR ASN.1 (critical extensions) +X509 CSR ASN.1 (Unsupported critical extension) depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO -mbedtls_x509_csr_parse:"308201233081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004c11ebb9951848a436ca2c8a73382f24bbb6c28a92e401d4889b0c361f377b92a8b0497ff2f5a5f6057ae85f704ab1850bef075914f68ed3aeb15a1ff1ebc0dc6a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101ff0403010101300a06082a8648ce3d040302034700304402200c4108fd098525993d3fd5b113f0a1ead8750852baf55a2f8e670a22cabc0ba1022034db93a0fcb993912adcf2ea8cb4b66389af30e264d43c0daea03255e45d2ccc":"CSR version \: 1\nsubject name \: CN=Self signed test, C=DE, O=AuthCrtDB Test\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n":0 +mbedtls_x509_csr_parse:"308201233081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004c11ebb9951848a436ca2c8a73382f24bbb6c28a92e401d4889b0c361f377b92a8b0497ff2f5a5f6057ae85f704ab1850bef075914f68ed3aeb15a1ff1ebc0dc6a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101ff0403010101300a06082a8648ce3d040302034700304402200c4108fd098525993d3fd5b113f0a1ead8750852baf55a2f8e670a22cabc0ba1022034db93a0fcb993912adcf2ea8cb4b66389af30e264d43c0daea03255e45d2ccc":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +X509 CSR ASN.1 (Unsupported critical extension accepted by callback) +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_parse_with_ext_cb:"308201233081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004c11ebb9951848a436ca2c8a73382f24bbb6c28a92e401d4889b0c361f377b92a8b0497ff2f5a5f6057ae85f704ab1850bef075914f68ed3aeb15a1ff1ebc0dc6a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101ff0403010101300a06082a8648ce3d040302034700304402200c4108fd098525993d3fd5b113f0a1ead8750852baf55a2f8e670a22cabc0ba1022034db93a0fcb993912adcf2ea8cb4b66389af30e264d43c0daea03255e45d2ccc":"CSR version \: 1\nsubject name \: CN=Self signed test, C=DE, O=AuthCrtDB Test\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n":0:1 + +X509 CSR ASN.1 (Unsupported critical extension rejected by callback) +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_parse_with_ext_cb:"308201233081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004c11ebb9951848a436ca2c8a73382f24bbb6c28a92e401d4889b0c361f377b92a8b0497ff2f5a5f6057ae85f704ab1850bef075914f68ed3aeb15a1ff1ebc0dc6a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101ff0403010101300a06082a8648ce3d040302034700304402200c4108fd098525993d3fd5b113f0a1ead8750852baf55a2f8e670a22cabc0ba1022034db93a0fcb993912adcf2ea8cb4b66389af30e264d43c0daea03255e45d2ccc":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:0 X509 CSR ASN.1 (bad first tag) mbedtls_x509_csr_parse:"3100":"":MBEDTLS_ERR_X509_INVALID_FORMAT diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 114bd5277..8cdca82e0 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -412,6 +412,33 @@ int parse_crt_ext_cb(void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } } + +int parse_csr_ext_accept_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x509_buf const *oid, + int critical, const unsigned char *cp, const unsigned char *end) +{ + (void) p_ctx; + (void) csr; + (void) oid; + (void) critical; + (void) cp; + (void) end; + + return 0; +} + +int parse_csr_ext_reject_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x509_buf const *oid, + int critical, const unsigned char *cp, const unsigned char *end) +{ + (void) p_ctx; + (void) csr; + (void) oid; + (void) critical; + (void) cp; + (void) end; + + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); +} #endif /* MBEDTLS_X509_CRT_PARSE_C */ /* END_HEADER */ @@ -1245,6 +1272,36 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ +void mbedtls_x509_csr_parse_with_ext_cb(data_t *csr_der, char *ref_out, int ref_ret, int accept) +{ + mbedtls_x509_csr csr; + char my_out[1000]; + int my_ret; + + mbedtls_x509_csr_init(&csr); + USE_PSA_INIT(); + + memset(my_out, 0, sizeof(my_out)); + + my_ret = mbedtls_x509_csr_parse_der_with_ext_cb(&csr, csr_der->x, csr_der->len, + accept ? parse_csr_ext_accept_cb : + parse_csr_ext_reject_cb, + NULL); + TEST_EQUAL(my_ret, ref_ret); + + if (ref_ret == 0) { + size_t my_out_len = mbedtls_x509_csr_info(my_out, sizeof(my_out), "", &csr); + TEST_EQUAL(my_out_len, strlen(ref_out)); + TEST_EQUAL(strcmp(my_out, ref_out), 0); + } + +exit: + mbedtls_x509_csr_free(&csr); + USE_PSA_DONE(); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ void mbedtls_x509_csr_parse_file(char *csr_file, char *ref_out, int ref_ret) { From 39d4b9d15bf6a89bc2d9ef59c064041c539ab38f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 18 Oct 2023 14:30:03 +0200 Subject: [PATCH 0337/1674] analyze_outcomes: fix format interpolation errors Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index d0b72a859..b522efb31 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -64,13 +64,12 @@ def execute_reference_driver_tests(results: Results, ref_component, driver_compo # If the outcome file already exists, we assume that the user wants to # perform the comparison analysis again without repeating the tests. if os.path.exists(outcome_file): - results.info("Outcome file (" + outcome_file + ") already exists. " + \ - "Tests will be skipped.") + results.info("Outcome file ({}) already exists. Tests will be skipped.", outcome_file) return shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \ " " + ref_component + " " + driver_component - results.info("Running: " + shell_command) + results.info("Running: {}", shell_command) ret_val = subprocess.run(shell_command.split(), check=False).returncode if ret_val != 0: @@ -128,7 +127,7 @@ def analyze_driver_vs_reference(results: Results, outcomes, if component_ref in entry: reference_test_passed = True if(reference_test_passed and not driver_test_passed): - results.error(key) + results.error("Did not pass with driver: {}", key) def analyze_outcomes(results: Results, outcomes, args): """Run all analyses on the given outcome collection.""" @@ -164,8 +163,8 @@ def do_analyze_coverage(results: Results, outcome_file, args): def do_analyze_driver_vs_reference(results: Results, outcome_file, args): """Perform driver vs reference analyze.""" - results.info("*** Analyze driver {} vs reference {} ***".format( - args['component_driver'], args['component_ref'])) + results.info("*** Analyze driver {} vs reference {} ***", + args['component_driver'], args['component_ref']) execute_reference_driver_tests(results, args['component_ref'], \ args['component_driver'], outcome_file) From 2cff82069e6933358cb03c5f87a169fad52acf38 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 18 Oct 2023 14:36:47 +0200 Subject: [PATCH 0338/1674] analyze_outcomes: add new_section() method to the Results class Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index b522efb31..925433118 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -22,6 +22,9 @@ class Results: self.error_count = 0 self.warning_count = 0 + def new_section(self, fmt, *args, **kwargs): + self._print_line('\n*** ' + fmt + ' ***\n', *args, **kwargs) + def info(self, fmt, *args, **kwargs): self._print_line('Info: ' + fmt, *args, **kwargs) @@ -157,14 +160,14 @@ by a semicolon. def do_analyze_coverage(results: Results, outcome_file, args): """Perform coverage analysis.""" - results.info("*** Analyze coverage ***") + results.new_section("Analyze coverage") outcomes = read_outcome_file(outcome_file) analyze_outcomes(results, outcomes, args) def do_analyze_driver_vs_reference(results: Results, outcome_file, args): """Perform driver vs reference analyze.""" - results.info("*** Analyze driver {} vs reference {} ***", - args['component_driver'], args['component_ref']) + results.new_section("Analyze driver {} vs reference {}", + args['component_driver'], args['component_ref']) execute_reference_driver_tests(results, args['component_ref'], \ args['component_driver'], outcome_file) From 3bda79ba9f6404f1aecaa08838238490f1703020 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 18 Oct 2023 15:09:09 +0100 Subject: [PATCH 0339/1674] Move initialisation in test to before first test Calling mbedtls_cipher_free() on a context that was not initialised is dangerous, and this could happen if the first test in check_set_padding() failed. Signed-off-by: Paul Elliott --- tests/suites/test_suite_cipher.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index e6970129e..3140ba9ed 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -1218,6 +1218,8 @@ void check_set_padding(int cipher_id) const mbedtls_cipher_info_t *cipher_info; size_t keylen = 0; + mbedtls_cipher_init(&ctx); + cipher_info = mbedtls_cipher_info_from_type(cipher_id); if (cipher_info->mode != MBEDTLS_MODE_CBC) { @@ -1228,8 +1230,6 @@ void check_set_padding(int cipher_id) TEST_CALLOC(key, keylen/8); memset(key, 0, keylen/8); - mbedtls_cipher_init(&ctx); - TEST_EQUAL(0, mbedtls_cipher_setup(&ctx, cipher_info)); TEST_EQUAL(0, mbedtls_cipher_setkey(&ctx, key, keylen, From 4fb1955b3184244ccd7e3c0066fb3b19457ca615 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 18 Oct 2023 12:15:30 +0100 Subject: [PATCH 0340/1674] Remove NULL-ing of passed in SSL context in ssl_populate_transform() Remove a piece of code that was meant to ensure non-usage of the ssl context under conditions where it should not be used, as this now makes less sense and also triggers coverity. Signed-off-by: Paul Elliott --- library/ssl_tls.c | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 827b7fbcf..0476a9f73 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -8159,14 +8159,6 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; #endif -#if !defined(MBEDTLS_DEBUG_C) && \ - !defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if (ssl->f_export_keys == NULL) { - ssl = NULL; /* make sure we don't use it except for these cases */ - (void) ssl; - } -#endif - /* * Some data just needs copying into the structure */ @@ -8438,7 +8430,7 @@ static int ssl_tls12_populate_transform(mbedtls_ssl_transform *transform, goto end; } - if (ssl != NULL && ssl->f_export_keys != NULL) { + if (ssl->f_export_keys != NULL) { ssl->f_export_keys(ssl->p_export_keys, MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET, master, 48, From f2574206e5cf70d978a0cf4b880534271fc788cc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 18 Oct 2023 17:39:48 +0200 Subject: [PATCH 0341/1674] Fix code style Signed-off-by: Gilles Peskine --- tests/suites/test_suite_x509parse.function | 2 +- tests/suites/test_suite_x509write.function | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 938917ad7..894e0bb18 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -932,7 +932,7 @@ void mbedtls_x509_dn_get_next(char *name_str, memset(&parsed, 0, sizeof(parsed)); mbedtls_x509_name *parsed_cur; // Size of buf is maximum required for test cases - unsigned char buf[80] = {0}; + unsigned char buf[80] = { 0 }; unsigned char *out = NULL; unsigned char *c = buf + sizeof(buf); const char *short_name; diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 06e08168c..4de9addca 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -703,8 +703,8 @@ void mbedtls_x509_string_to_names(char *name, char *parsed_name, memset(&parsed, 0, sizeof(parsed)); mbedtls_x509_name *parsed_cur = NULL; mbedtls_x509_name *parsed_prv = NULL; - unsigned char buf[1024] = {0}; - unsigned char out[1024] = {0}; + unsigned char buf[1024] = { 0 }; + unsigned char out[1024] = { 0 }; unsigned char *c = buf + sizeof(buf); USE_PSA_INIT(); From 154982719a96c0f4bfd874dd0c9e317f0a8dcabf Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 19 Oct 2023 10:29:07 +0800 Subject: [PATCH 0342/1674] fix wrong typo Signed-off-by: Jerry Yu --- tests/opt-testcases/tls13-misc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index 635e31a69..572a291fd 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -505,6 +505,6 @@ run_test "TLS 1.3 G->m: EarlyData: feature is disabled, fail." \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL -d 10 -r --earlydata $EARLY_DATA_INPUT" \ 1 \ -s "ClientHello: early_data(42) extension exists." \ - -s "EncryptedExtensions: early_data(42) extension does not exists." \ + -s "EncryptedExtensions: early_data(42) extension does not exist." \ -s "NewSessionTicket: early_data(42) extension does not exist." \ -s "Last error was: -29056 - SSL - Verification of the message MAC failed" From bb4f63cbb222994c35c061c9785289de3e7b0599 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 19 Oct 2023 10:38:58 +0800 Subject: [PATCH 0343/1674] all.sh: build_mingw: test default config without MBEDTLS_AESNI_C Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 64bde15fd..c197ee10b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -5124,6 +5124,17 @@ component_build_mingw () { make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 SHARED=1 lib programs make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 SHARED=1 tests make WINDOWS_BUILD=1 clean + + msg "build: Windows cross build - mingw64, make (Link Library, default config without MBEDTLS_AESNI_C)" # ~ 30s + ./scripts/config.py unset MBEDTLS_AESNI_C # + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 tests + make WINDOWS_BUILD=1 clean + + msg "build: Windows cross build - mingw64, make (DLL, default config without MBEDTLS_AESNI_C)" # ~ 30s + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 lib programs + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 tests + make WINDOWS_BUILD=1 clean } support_build_mingw() { case $(i686-w64-mingw32-gcc -dumpversion 2>/dev/null) in From 3898f10fed1de8c3d9c4382f5ec3f9d9798d2a6d Mon Sep 17 00:00:00 2001 From: Sergey Markelov Date: Mon, 16 Oct 2023 12:54:48 -0700 Subject: [PATCH 0344/1674] Fix #8372 - Error compiling AESNI in Mbed-TLS with clang on Windows It can successfully compile w/ the clang options -maes -mpclmul. Signed-off-by: Sergey Markelov --- ChangeLog.d/8372.txt | 3 +++ library/aesni.c | 4 ++-- library/aesni.h | 6 +++--- 3 files changed, 8 insertions(+), 5 deletions(-) create mode 100644 ChangeLog.d/8372.txt diff --git a/ChangeLog.d/8372.txt b/ChangeLog.d/8372.txt new file mode 100644 index 000000000..4a72edfb1 --- /dev/null +++ b/ChangeLog.d/8372.txt @@ -0,0 +1,3 @@ +Features + * AES-NI is now supported in Windows builds with clang and clang-cl. + Resolves #8372. diff --git a/library/aesni.c b/library/aesni.c index 5f25a8249..92626e137 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -52,7 +52,7 @@ int mbedtls_aesni_has_support(unsigned int what) if (!done) { #if MBEDTLS_AESNI_HAVE_CODE == 2 - static unsigned info[4] = { 0, 0, 0, 0 }; + static int info[4] = { 0, 0, 0, 0 }; #if defined(_MSC_VER) __cpuid(info, 1); #else @@ -187,7 +187,7 @@ void mbedtls_aesni_gcm_mult(unsigned char c[16], const unsigned char a[16], const unsigned char b[16]) { - __m128i aa, bb, cc, dd; + __m128i aa = { 0 }, bb = { 0 }, cc, dd; /* The inputs are in big-endian order, so byte-reverse them */ for (size_t i = 0; i < 16; i++) { diff --git a/library/aesni.h b/library/aesni.h index ba1429029..952e13850 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -39,7 +39,7 @@ * (Only implemented with certain compilers, only for certain targets.) */ #undef MBEDTLS_AESNI_HAVE_INTRINSICS -#if defined(_MSC_VER) +#if defined(_MSC_VER) && !defined(__clang__) /* Visual Studio supports AESNI intrinsics since VS 2008 SP1. We only support * VS 2013 and up for other reasons anyway, so no need to check the version. */ #define MBEDTLS_AESNI_HAVE_INTRINSICS @@ -47,7 +47,7 @@ /* GCC-like compilers: currently, we only support intrinsics if the requisite * target flag is enabled when building the library (e.g. `gcc -mpclmul -msse2` * or `clang -maes -mpclmul`). */ -#if defined(__GNUC__) && defined(__AES__) && defined(__PCLMUL__) +#if (defined(__GNUC__) || defined(__clang__)) && defined(__AES__) && defined(__PCLMUL__) #define MBEDTLS_AESNI_HAVE_INTRINSICS #endif @@ -65,7 +65,7 @@ * (Only implemented with gas syntax, only for 64-bit.) */ #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly -#elif defined(__GNUC__) +#elif defined(__GNUC__) || defined(__clang__) # error "Must use `-mpclmul -msse2 -maes` for MBEDTLS_AESNI_C" #else #error "MBEDTLS_AESNI_C defined, but neither intrinsics nor assembly available" From 158eead001677307d4731f1a4dacb4f38245dc6d Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 19 Oct 2023 11:27:05 +0800 Subject: [PATCH 0345/1674] all.sh: build_mingw: only test build lib without MBEDTLS_AESNI_C Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c197ee10b..81084a9ee 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -5125,15 +5125,9 @@ component_build_mingw () { make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 SHARED=1 tests make WINDOWS_BUILD=1 clean - msg "build: Windows cross build - mingw64, make (Link Library, default config without MBEDTLS_AESNI_C)" # ~ 30s + msg "build: Windows cross build - mingw64, make (Library only, default config without MBEDTLS_AESNI_C)" # ~ 30s ./scripts/config.py unset MBEDTLS_AESNI_C # - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror' WINDOWS_BUILD=1 tests - make WINDOWS_BUILD=1 clean - - msg "build: Windows cross build - mingw64, make (DLL, default config without MBEDTLS_AESNI_C)" # ~ 30s - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 lib programs - make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 SHARED=1 tests + make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib make WINDOWS_BUILD=1 clean } support_build_mingw() { From 74f2c15ea3894ca52fef5d32047cedccec4af3ed Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 19 Oct 2023 11:39:17 +0800 Subject: [PATCH 0346/1674] Add a changelog entry Signed-off-by: Pengyu Lv --- ChangeLog.d/fix-mingw32-build.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/fix-mingw32-build.txt diff --git a/ChangeLog.d/fix-mingw32-build.txt b/ChangeLog.d/fix-mingw32-build.txt new file mode 100644 index 000000000..c657f23e2 --- /dev/null +++ b/ChangeLog.d/fix-mingw32-build.txt @@ -0,0 +1,4 @@ +Bugfix + * Fix an inconsistency between implementations and usages of `__cpuid`, + which mainly causes failures when building Windows target using + mingw or clang. Fix #8334 & #8332. From 03bd095a76bbc46ba73f30d6a0cb9e4176c424b9 Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Thu, 19 Oct 2023 09:52:59 +0200 Subject: [PATCH 0347/1674] Fix dependency check for helper functions. Signed-off-by: Matthias Schulz --- tests/suites/test_suite_x509parse.function | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 8cdca82e0..cdbbcfd73 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -412,7 +412,9 @@ int parse_crt_ext_cb(void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } } +#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_X509_CSR_PARSE_C) int parse_csr_ext_accept_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x509_buf const *oid, int critical, const unsigned char *cp, const unsigned char *end) { @@ -439,7 +441,7 @@ int parse_csr_ext_reject_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x5 return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CSR_PARSE_C */ /* END_HEADER */ /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ From 0df6d9688add33721fbae9d9a098a3cc49a584f6 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 11 Oct 2023 13:27:25 +0800 Subject: [PATCH 0348/1674] all.sh: fix a typo in comment Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9290aa6d9..baa2b600f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -864,7 +864,7 @@ pre_generate_files() { # Example: # loc_extra_list="ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512" # helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" -# 4b. Call helper_libtestdriver1_make_main "$loc_accel_list". Any +# 3b. Call helper_libtestdriver1_make_main "$loc_accel_list". Any # additional arguments will be passed to make: this can be useful if # you don't want to build everything when iterating during development. # Example: From af5003a1577d2798e90a7f3c1824b9e6d0145bdf Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 11 Oct 2023 11:57:10 +0800 Subject: [PATCH 0349/1674] CMAC: accelerate CMAC in accel_cipher Signed-off-by: Yanray Wang --- .../crypto_config_test_driver_extension.h | 9 ++++++++- tests/scripts/all.sh | 19 ++++++++++--------- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h index ef8c88a66..b0bbc4421 100644 --- a/tests/include/test/drivers/crypto_config_test_driver_extension.h +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -32,6 +32,14 @@ #endif #endif +#if defined(PSA_WANT_ALG_CMAC) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) +#undef MBEDTLS_PSA_ACCEL_ALG_CMAC +#else +#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1 +#endif +#endif + #if defined(PSA_WANT_ALG_CTR) #if defined(MBEDTLS_PSA_ACCEL_ALG_CTR) #undef MBEDTLS_PSA_ACCEL_ALG_CTR @@ -395,7 +403,6 @@ #define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1 #define MBEDTLS_PSA_ACCEL_ALG_CCM 1 -#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1 #define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1 #define MBEDTLS_PSA_ACCEL_ALG_GCM 1 #define MBEDTLS_PSA_ACCEL_ALG_HKDF 1 diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index baa2b600f..17f894a7b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3528,22 +3528,22 @@ component_test_psa_crypto_config_reference_hash_use_psa() { component_test_psa_crypto_config_accel_cipher () { msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher" - loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB ALG_OFB ALG_XTS KEY_TYPE_DES" + loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 \ + ALG_CTR ALG_CFB ALG_OFB ALG_XTS \ + KEY_TYPE_DES ALG_CMAC" # Configure # --------- + # There is no intended accelerator support for STREAM_CIPHER and + # ECB_NO_PADDING. Therefore, asking for them in the build implies the + # inclusion of the Mbed TLS cipher operations. As we want to test here with + # cipher operations solely supported by accelerators, disabled those + # PSA configuration options by helper_libtestdriver1_adjust_config. + # Start from the full config helper_libtestdriver1_adjust_config "full" - # There is no intended accelerator support for ALG CMAC. Therefore, asking - # for it in the build implies the inclusion of the Mbed TLS cipher - # operations. As we want to test here with cipher operations solely - # supported by accelerators, disabled this PSA configuration option. - # (Note: the same applies to STREAM_CIPHER and ECB_NO_PADDING, which are - # already disabled by helper_libtestdriver1_adjust_config above.) - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CMAC - # Disable the things that are being accelerated scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_CIPHER_PADDING_PKCS7 @@ -3552,6 +3552,7 @@ component_test_psa_crypto_config_accel_cipher () { scripts/config.py unset MBEDTLS_CIPHER_MODE_OFB scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS scripts/config.py unset MBEDTLS_DES_C + scripts/config.py unset MBEDTLS_CMAC_C # Build # ----- From 893623fb289d170e0a32ea8dbb26cb7bba469434 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 16 Oct 2023 11:55:37 +0800 Subject: [PATCH 0350/1674] PBKDF2-AES-CMAC: remove not needed preprocessor directive PBKDF2-AES-CMAC works if we provide the driver of AES-CMAC or KEY-TYPE-AES or both. So if PBKDF2-AES-CMAC is requested via PSA, we don't need to additionally enable builtin AES-CMAC or builtin KEY-TYPE-AES. Signed-off-by: Yanray Wang --- include/mbedtls/config_adjust_legacy_from_psa.h | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index e3c2ed117..5c294e914 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -724,8 +724,7 @@ #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */ #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ - defined(PSA_HAVE_SOFT_BLOCK_AEAD) || \ - defined(PSA_HAVE_SOFT_PBKDF2_CMAC) + defined(PSA_HAVE_SOFT_BLOCK_AEAD) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 #define MBEDTLS_AES_C #endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */ @@ -796,8 +795,7 @@ #if defined(PSA_WANT_ALG_CMAC) #if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \ - defined(PSA_HAVE_SOFT_BLOCK_CIPHER) || \ - defined(PSA_HAVE_SOFT_PBKDF2_CMAC) + defined(PSA_HAVE_SOFT_BLOCK_CIPHER) #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1 #define MBEDTLS_CMAC_C #endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */ From 3d43434953767d64a8bb1770e506157e1dbcc07e Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 16 Oct 2023 14:03:52 +0800 Subject: [PATCH 0351/1674] test_suite_psa_crypto_driver_wrappers.data: fix dependency There are some fallback test cases which should rely on builtin implementations. This commit adjusts them with correct dependencies. Signed-off-by: Yanray Wang --- ...test_suite_psa_crypto_driver_wrappers.data | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index 54558f0f0..8ba3b7997 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -340,11 +340,11 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fallback -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA symmetric encrypt multipart: AES-CTR, 15 bytes, fallback -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":15:15:0:"8f9408fe80a81d3e813da3c7b0b2bd":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA symmetric encrypt multipart: AES-CTR, 16 bytes, fake @@ -372,7 +372,7 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fallback -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER +depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA symmetric decrypt multipart: AES-CTR, 16 bytes, fake @@ -460,7 +460,7 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_SUCCESS PSA AEAD encrypt: AES-CCM, 24 bytes, fallback -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CCM aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_NOT_SUPPORTED PSA AEAD encrypt: AES-CCM, 24 bytes, INSUFFICIENT_MEMORY @@ -472,7 +472,7 @@ depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":PSA_SUCCESS PSA AEAD encrypt, AES-GCM, 128 bytes #1, fallback -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_GCM aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":PSA_ERROR_NOT_SUPPORTED PSA AEAD encrypt, AES-GCM, 128 bytes #1, INSUFFICIENT_MEMORY @@ -484,7 +484,7 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS PSA AEAD decrypt: AES-CCM, 39 bytes, fallback -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CCM aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_ERROR_NOT_SUPPORTED PSA AEAD decrypt: AES-CCM, 39 bytes, INSUFFICIENT_MEMORY @@ -496,7 +496,7 @@ depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS PSA AEAD decrypt, AES-GCM, 144 bytes #1, fallback -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_GCM aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_NOT_SUPPORTED PSA AEAD decrypt, AES-GCM, 144 bytes #1, INSUFFICIENT_MEMORY @@ -536,7 +536,7 @@ depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_ACCEL_ALG_CMAC mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_SUCCESS PSA MAC sign, fallback: CMAC-AES-128 -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CMAC +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CMAC mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_ERROR_NOT_SUPPORTED PSA MAC sign, driver reports error: CMAC-AES-128 @@ -576,7 +576,7 @@ depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_ACCEL_ALG_CMAC mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_SUCCESS PSA MAC verify, fallback: CMAC-AES-128 -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CMAC +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_CMAC mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827":PSA_ERROR_NOT_SUPPORTED PSA MAC verify, driver reports error: CMAC-AES-128 @@ -802,7 +802,7 @@ depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_encrypt_setup:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c87281":"4365847fe0b7b7fbed325953df344a96":PSA_SUCCESS:PSA_SUCCESS PSA AEAD encrypt setup, AES-GCM, 128 bytes #1, fallback -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_GCM aead_encrypt_setup:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c87281":"4365847fe0b7b7fbed325953df344a96":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA AEAD encrypt setup, AES-GCM, 128 bytes #1, INSUFFICIENT_MEMORY @@ -814,7 +814,7 @@ depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES aead_decrypt_setup:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c87281":"4365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS:PSA_SUCCESS PSA AEAD decrypt setup, AES-GCM, 144 bytes #1, fallback -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_ALG_GCM aead_decrypt_setup:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c87281":"4365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS PSA AEAD decrypt setup, AES-GCM, 144 bytes #1, insufficient memory From d2d3d6374ec0df38dca7d6bd35d9bb4fad54681f Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 19 Oct 2023 16:50:45 +0800 Subject: [PATCH 0352/1674] Reword the changelog entry Signed-off-by: Pengyu Lv --- ChangeLog.d/fix-mingw32-build.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/fix-mingw32-build.txt b/ChangeLog.d/fix-mingw32-build.txt index c657f23e2..feef0a2c5 100644 --- a/ChangeLog.d/fix-mingw32-build.txt +++ b/ChangeLog.d/fix-mingw32-build.txt @@ -1,4 +1,4 @@ Bugfix * Fix an inconsistency between implementations and usages of `__cpuid`, which mainly causes failures when building Windows target using - mingw or clang. Fix #8334 & #8332. + mingw or clang. Fixes #8334 & #8332. From 22334a202aea9302222fa0451652fdc688fdabaf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 19 Oct 2023 11:27:33 +0200 Subject: [PATCH 0353/1674] Fix some dependencies in ssl-opt.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit These are explicitly PSA tests, so use PSA_WANT. Was missed by analyze_outcomes.py because those test cases were not listed properly, which will be fixed by #8088. Signed-off-by: Manuel Pégourié-Gonnard --- tests/ssl-opt.sh | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0dcff6796..51d59bbbf 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2572,32 +2572,32 @@ run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 -requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED +requires_config_enabled PSA_WANT_ECC_SECP_R1_521 run_test_psa_force_curve "secp521r1" -requires_config_enabled MBEDTLS_ECP_DP_BP512R1_ENABLED +requires_config_enabled PSA_WANT_ECC_BRAINPOOL_P_R1_512 run_test_psa_force_curve "brainpoolP512r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP384R1_ENABLED +requires_config_enabled PSA_WANT_ECC_SECP_R1_384 run_test_psa_force_curve "secp384r1" -requires_config_enabled MBEDTLS_ECP_DP_BP384R1_ENABLED +requires_config_enabled PSA_WANT_ECC_BRAINPOOL_P_R1_384 run_test_psa_force_curve "brainpoolP384r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED +requires_config_enabled PSA_WANT_ECC_SECP_R1_256 run_test_psa_force_curve "secp256r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP256K1_ENABLED +requires_config_enabled PSA_WANT_ECC_SECP_K1_256 run_test_psa_force_curve "secp256k1" -requires_config_enabled MBEDTLS_ECP_DP_BP256R1_ENABLED +requires_config_enabled PSA_WANT_ECC_BRAINPOOL_P_R1_256 run_test_psa_force_curve "brainpoolP256r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP224R1_ENABLED +requires_config_enabled PSA_WANT_ECC_SECP_R1_224 run_test_psa_force_curve "secp224r1" ## SECP224K1 is buggy via the PSA API ## (https://github.com/Mbed-TLS/mbedtls/issues/3541), ## so it is disabled in PSA even when it's enabled in Mbed TLS. ## The proper dependency would be on PSA_WANT_ECC_SECP_K1_224 but ## dependencies on PSA symbols in ssl-opt.sh are not implemented yet. -#requires_config_enabled MBEDTLS_ECP_DP_SECP224K1_ENABLED +#requires_config_enabled PSA_WANT_ECC_SECP_K1_224 #run_test_psa_force_curve "secp224k1" -requires_config_enabled MBEDTLS_ECP_DP_SECP192R1_ENABLED +requires_config_enabled PSA_WANT_ECC_SECP_R1_192 run_test_psa_force_curve "secp192r1" -requires_config_enabled MBEDTLS_ECP_DP_SECP192K1_ENABLED +requires_config_enabled PSA_WANT_ECC_SECP_K1_192 run_test_psa_force_curve "secp192k1" # Test current time in ServerHello From edc32eaf1ac8d967d093692c36902d1b3186cd3f Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Thu, 19 Oct 2023 16:09:08 +0200 Subject: [PATCH 0354/1674] Uncrustified Signed-off-by: Matthias Schulz --- include/mbedtls/x509_csr.h | 6 ++--- library/x509_csr.c | 28 +++++++++++----------- tests/suites/test_suite_x509parse.function | 9 +++---- 3 files changed, 22 insertions(+), 21 deletions(-) diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index a4bdc9413..f3ac57045 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -156,9 +156,9 @@ typedef int (*mbedtls_x509_csr_ext_cb_t)(void *p_ctx, * \return 0 if successful, or a specific X509 error code */ int mbedtls_x509_csr_parse_der_with_ext_cb(mbedtls_x509_csr *csr, - const unsigned char *buf, size_t buflen, - mbedtls_x509_csr_ext_cb_t cb, - void *p_ctx); + const unsigned char *buf, size_t buflen, + mbedtls_x509_csr_ext_cb_t cb, + void *p_ctx); /** * \brief Load a Certificate Signing Request (CSR), DER or PEM format diff --git a/library/x509_csr.c b/library/x509_csr.c index 9e4a01ab6..a8fef7c54 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -153,7 +153,7 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, /* Forbid repeated extensions */ if ((csr->ext_types & ext_type) != 0) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, - MBEDTLS_ERR_ASN1_INVALID_DATA); + MBEDTLS_ERR_ASN1_INVALID_DATA); } csr->ext_types |= ext_type; @@ -162,7 +162,7 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, case MBEDTLS_X509_EXT_KEY_USAGE: /* Parse key usage */ if ((ret = mbedtls_x509_get_key_usage(p, end_ext_data, - &csr->key_usage)) != 0) { + &csr->key_usage)) != 0) { return ret; } break; @@ -170,7 +170,7 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, case MBEDTLS_X509_EXT_SUBJECT_ALT_NAME: /* Parse subject alt name */ if ((ret = mbedtls_x509_get_subject_alt_name(p, end_ext_data, - &csr->subject_alt_names)) != 0) { + &csr->subject_alt_names)) != 0) { return ret; } break; @@ -178,16 +178,16 @@ static int x509_csr_parse_extensions(mbedtls_x509_csr *csr, case MBEDTLS_X509_EXT_NS_CERT_TYPE: /* Parse netscape certificate type */ if ((ret = mbedtls_x509_get_ns_cert_type(p, end_ext_data, - &csr->ns_cert_type)) != 0) { + &csr->ns_cert_type)) != 0) { return ret; } break; default: /* - * If this is a non-critical extension, which the oid layer - * supports, but there isn't an x509 parser for it, - * skip the extension. - */ + * If this is a non-critical extension, which the oid layer + * supports, but there isn't an x509 parser for it, + * skip the extension. + */ if (is_critical) { return MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; } else { @@ -274,9 +274,9 @@ static int x509_csr_parse_attributes(mbedtls_x509_csr *csr, * Parse a CSR in DER format */ static int mbedtls_x509_csr_parse_der_internal(mbedtls_x509_csr *csr, - const unsigned char *buf, size_t buflen, - mbedtls_x509_csr_ext_cb_t cb, - void *p_ctx) + const unsigned char *buf, size_t buflen, + mbedtls_x509_csr_ext_cb_t cb, + void *p_ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -452,9 +452,9 @@ int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr, * Parse a CSR in DER format with callback for unknown extensions */ int mbedtls_x509_csr_parse_der_with_ext_cb(mbedtls_x509_csr *csr, - const unsigned char *buf, size_t buflen, - mbedtls_x509_csr_ext_cb_t cb, - void *p_ctx) + const unsigned char *buf, size_t buflen, + mbedtls_x509_csr_ext_cb_t cb, + void *p_ctx) { return mbedtls_x509_csr_parse_der_internal(csr, buf, buflen, cb, p_ctx); } diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index cdbbcfd73..67d93d03a 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -250,7 +250,8 @@ int verify_parse_san(mbedtls_x509_subject_alternative_name *san, ret = mbedtls_oid_get_numeric_string(p, n, - &san->san.other_name.value.hardware_module_name.oid); + &san->san.other_name.value.hardware_module_name + .oid); MBEDTLS_X509_SAFE_SNPRINTF; ret = mbedtls_snprintf(p, n, ", hardware serial number : "); @@ -416,7 +417,7 @@ int parse_crt_ext_cb(void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf #if defined(MBEDTLS_X509_CSR_PARSE_C) int parse_csr_ext_accept_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x509_buf const *oid, - int critical, const unsigned char *cp, const unsigned char *end) + int critical, const unsigned char *cp, const unsigned char *end) { (void) p_ctx; (void) csr; @@ -429,7 +430,7 @@ int parse_csr_ext_accept_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x5 } int parse_csr_ext_reject_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x509_buf const *oid, - int critical, const unsigned char *cp, const unsigned char *end) + int critical, const unsigned char *cp, const unsigned char *end) { (void) p_ctx; (void) csr; @@ -1288,7 +1289,7 @@ void mbedtls_x509_csr_parse_with_ext_cb(data_t *csr_der, char *ref_out, int ref_ my_ret = mbedtls_x509_csr_parse_der_with_ext_cb(&csr, csr_der->x, csr_der->len, accept ? parse_csr_ext_accept_cb : - parse_csr_ext_reject_cb, + parse_csr_ext_reject_cb, NULL); TEST_EQUAL(my_ret, ref_ret); From 83d0dbf087dcb8ba8ce5b910606f38aeb597fe2e Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Thu, 19 Oct 2023 16:25:53 +0200 Subject: [PATCH 0355/1674] Added changelog. Signed-off-by: Matthias Schulz --- ChangeLog.d/fix-csr-parsing-with-critical-fields-fails.txt | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ChangeLog.d/fix-csr-parsing-with-critical-fields-fails.txt diff --git a/ChangeLog.d/fix-csr-parsing-with-critical-fields-fails.txt b/ChangeLog.d/fix-csr-parsing-with-critical-fields-fails.txt new file mode 100644 index 000000000..5b155121f --- /dev/null +++ b/ChangeLog.d/fix-csr-parsing-with-critical-fields-fails.txt @@ -0,0 +1,6 @@ +Features + * Add new mbedtls_x509_csr_parse_der_with_ext_cb() routine which allows + parsing unsupported certificate extensions via user provided callback. + +Bugfix + * Fix parsing of CSRs with critical extensions. From 11120f9c4d1ea1f951dd36a405e92fc672a72470 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 19 Oct 2023 15:27:59 +0100 Subject: [PATCH 0356/1674] Modify lcov.sh to work in tf-psa-crypto as well Add repository detection (credit to davidhorstmann-arm for adding this in all.sh previously) and use repository detection to set the library directory and title variables. Signed-off-by: Thomas Daubney --- scripts/lcov.sh | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/scripts/lcov.sh b/scripts/lcov.sh index 6bba02fd2..9e52b9844 100755 --- a/scripts/lcov.sh +++ b/scripts/lcov.sh @@ -42,16 +42,21 @@ EOF set -eu +# Repository detection +in_mbedtls_repo () { + test -d include -a -d library -a -d programs -a -d tests + } + # Collect stats and build a HTML report. lcov_library_report () { rm -rf Coverage mkdir Coverage Coverage/tmp - lcov --capture --initial --directory library -o Coverage/tmp/files.info - lcov --rc lcov_branch_coverage=1 --capture --directory library -o Coverage/tmp/tests.info + lcov --capture --initial --directory $library_dir -o Coverage/tmp/files.info + lcov --rc lcov_branch_coverage=1 --capture --directory $library_dir -o Coverage/tmp/tests.info lcov --rc lcov_branch_coverage=1 --add-tracefile Coverage/tmp/files.info --add-tracefile Coverage/tmp/tests.info -o Coverage/tmp/all.info lcov --rc lcov_branch_coverage=1 --remove Coverage/tmp/all.info -o Coverage/tmp/final.info '*.h' gendesc tests/Descriptions.txt -o Coverage/tmp/descriptions - genhtml --title "Mbed TLS" --description-file Coverage/tmp/descriptions --keep-descriptions --legend --branch-coverage -o Coverage Coverage/tmp/final.info + genhtml --title "$title" --description-file Coverage/tmp/descriptions --keep-descriptions --legend --branch-coverage -o Coverage Coverage/tmp/final.info rm -f Coverage/tmp/*.info Coverage/tmp/descriptions echo "Coverage report in: Coverage/index.html" } @@ -59,9 +64,9 @@ lcov_library_report () { # Reset the traces to 0. lcov_reset_traces () { # Location with plain make - rm -f library/*.gcda + rm -f $library_dir/*.gcda # Location with CMake - rm -f library/CMakeFiles/*.dir/*.gcda + rm -f $library_dir/CMakeFiles/*.dir/*.gcda } if [ $# -gt 0 ] && [ "$1" = "--help" ]; then @@ -69,6 +74,14 @@ if [ $# -gt 0 ] && [ "$1" = "--help" ]; then exit fi +if in_mbedtls_repo; then + library_dir='library' + title='Mbed TLS' +else + library_dir='build/core' + title='TF-PSA-Crypto' +fi + main=lcov_library_report while getopts r OPTLET; do case $OPTLET in From 19192a515888557af0b6281e1964b51d0c0603ad Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 20 Oct 2023 13:05:55 +0100 Subject: [PATCH 0357/1674] Clarify reentrancy requirements for drivers Signed-off-by: Janos Follath --- docs/architecture/psa-thread-safety.md | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md index 9e396e082..281189cce 100644 --- a/docs/architecture/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety.md @@ -351,7 +351,9 @@ Start with implementing threading for drivers without the "thread_safe” proper It is natural sometimes to want to perform cryptographic operations from a driver, for example calculating a hash as part of various other crypto primitives, or using a block cipher in a driver for a mode, etc. Also encrypting/authenticating communication with a secure element. -If the driver is thread safe, it is the drivers responsibility to handle re-entrancy. +**Non-thread-safe drivers:** + +A driver is non-thread-safe if the `thread-safe` property (see #driver-requirements) is set to false. In the non-thread-safe case we have these natural assumptions/requirements: 1. Drivers don't call the core for any operation for which they provide an entry point @@ -362,9 +364,20 @@ With these, the only way of a deadlock is when we have several drivers and they Potential ways for resolving this: 1. Non-thread-safe drivers must not call the core 2. Provide a new public API that drivers can safely call -3. There is a whitelist of core APIs that drivers can call. Drivers providing entry points to these must not make a call to the core when handling these calls. (Drivers are still allowed to call any core API that can't have a driver entry point.) +3. Make the dispatch layer public for drivers to call +4. There is a whitelist of core APIs that drivers can call. Drivers providing entry points to these must not make a call to the core when handling these calls. (Drivers are still allowed to call any core API that can't have a driver entry point.) -The first is too restrictive, the second is too expensive, the only viable option is the third. +The first is too restrictive, the second and the third would require making it a stable API, and would likely increase the code size for a relatively rare feature. Choosing the fourth as that is the most viable option. + +**Thread-safe drivers:** + +A driver is non-thread-safe if the `thread-safe` property (see #driver-requirements) is set to true. + +To make reentrancy in non-thread-safe drivers work, thread-safe drivers must not make a call to the core when handling a call that is on the non-thread-safe driver whitelist. + +Thread-safe drivers have less guarantees from the core and need to implement more complex logic and we can reasonably expect them to be more flexible in terms of reentrancy as well. At this point hard to see what further guarantees would be useful and feasible. Therefore, we don't provide any further guarantees for now. + +Thread-safe drivers must not make any assumption about the operation of the core beyond what is discussed in the #reentrancy and #driver-requirements sections. ### Global Data From 52586895f701ccb78c4995c56d7139747e326ec3 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 20 Oct 2023 14:26:57 +0100 Subject: [PATCH 0358/1674] Clarify threading design document structure Separate design analysis from plans and make the distinction clear between what is implemented, what is planned to be implemented soon, what is planned to be implemented in the future, and what is ideas that are rejected. (The distinction between the last two categories doesn't have to be clear, we can't and shouldn't plan that far ahead.) Signed-off-by: Janos Follath --- docs/architecture/psa-thread-safety.md | 73 ++++++++++++++------------ 1 file changed, 40 insertions(+), 33 deletions(-) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md index 281189cce..493d4fb7b 100644 --- a/docs/architecture/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety.md @@ -1,9 +1,16 @@ -Thread safety of the PSA subsystem -================================== +# Thread safety of the PSA subsystem -## Requirements +Currently PSA Crypto API calls in Mbed TLS releases are not thread-safe. In Mbed TLS 3.6 we are planning to add a minimal support for thread-safety of the PSA Crypto API (see #strategy-for-3.6). -### Backward compatibility requirement +In the #design-analysis section we analyse design choices. This discussion is not constrained to what is planned for 3.6 and considers future developments. It also leaves some questions open and discusses options that have been (or probably will be) rejected. + +## Design analysis + +This section explores possible designs and does not reflect what is currently implemented. + +### Requirements + +#### Backward compatibility requirement Code that is currently working must keep working. There can be an exception for code that uses features that are advertised as experimental; for example, it would be annoying but ok to add extra requirements for drivers. @@ -18,7 +25,7 @@ Tempting platform requirements that we cannot add to the default `MBEDTLS_THREAD * Releasing a mutex from a different thread than the one that acquired it. This isn't even guaranteed to work with pthreads. * New primitives such as semaphores or condition variables. -### Correctness out of the box +#### Correctness out of the box If you build with `MBEDTLS_PSA_CRYPTO_C` and `MBEDTLS_THREADING_C`, the code must be functionally correct: no race conditions, deadlocks or livelocks. @@ -31,7 +38,7 @@ The [PSA Crypto API specification](https://armmbed.github.io/mbed-crypto/html/ov Note that while the specification does not define the behavior in such cases, Mbed TLS can be used as a crypto service. It's acceptable if an application can mess itself up, but it is not acceptable if an application can mess up the crypto service. As a consequence, destroying a key while it's in use may violate the security property that all key material is erased as soon as `psa_destroy_key` returns, but it may not cause data corruption or read-after-free inside the key store. -### No spinning +#### No spinning The code must not spin on a potentially non-blocking task. For example, this is proscribed: ``` @@ -44,7 +51,7 @@ while (!its_my_turn) { Rationale: this can cause battery drain, and can even be a livelock (spinning forever), e.g. if the thread that might unblock this one has a lower priority. -### Driver requirements +#### Driver requirements At the time of writing, the driver interface specification does not consider multithreaded environments. @@ -59,7 +66,7 @@ Combining the two we arrive at the following policy: * Drivers have an optional `"thread_safe"` boolean property. If true, it allows concurrent calls to this driver. * Even with a thread-safe driver, the core never starts the destruction of a key while there are operations in progress on it, and never performs concurrent calls on the same multipart operation. -### Long-term performance requirements +#### Long-term performance requirements In the short term, correctness is the important thing. We can start with a global lock. @@ -67,9 +74,9 @@ In the medium to long term, performing a slow or blocking operation (for example We may want to go directly to a more sophisticated approach because when a system works with a global lock, it's typically hard to get rid of it to get more fine-grained concurrency. -### Key destruction short-term requirements +#### Key destruction short-term requirements -#### Summary of guarantees in the short term +##### Summary of guarantees in the short term When `psa_destroy_key` returns: @@ -79,11 +86,11 @@ When `psa_destroy_key` returns: When `psa_destroy_key` is called on a key that is in use, guarantee 2. might be violated. (This is consistent with the requirement [“Correctness out of the box”](#correctness-out-of-the-box), as destroying a key while it's in use is undefined behavior.) -### Key destruction long-term requirements +#### Key destruction long-term requirements The [PSA Crypto API specification](https://armmbed.github.io/mbed-crypto/html/api/keys/management.html#key-destruction) mandates that implementations make a best effort to ensure that the key material cannot be recovered. In the long term, it would be good to guarantee that `psa_destroy_key` wipes all copies of the key material. -#### Summary of guarantees in the long term +##### Summary of guarantees in the long term When `psa_destroy_key` returns: @@ -94,11 +101,11 @@ When `psa_destroy_key` returns: As opposed to the short term requirements, all the above guarantees hold even if `psa_destroy_key` is called on a key that is in use. -## Resources to protect +### Resources to protect Analysis of the behavior of the PSA key store as of Mbed TLS 9202ba37b19d3ea25c8451fd8597fce69eaa6867. -### Global variables +#### Global variables * `psa_crypto_slot_management::global_data.key_slots[i]`: see [“Key slots”](#key-slots). @@ -120,9 +127,9 @@ Analysis of the behavior of the PSA key store as of Mbed TLS 9202ba37b19d3ea25c8 * `psa_crypto_init`: modification. * Many functions via `GUARD_MODULE_INITIALIZED`: read. -### Key slots +#### Key slots -#### Key slot array traversal +##### Key slot array traversal “Occupied key slot” is determined by `psa_is_key_slot_occupied` based on `slot->attr.type`. @@ -136,7 +143,7 @@ The following functions traverse the key slot array: * `psa_wipe_all_key_slots`: writes to all slots. * `mbedtls_psa_get_stats`: reads from all slots. -#### Key slot state +##### Key slot state The following functions modify a slot's usage state: @@ -194,13 +201,13 @@ The following functions modify a slot's usage state: * `psa_key_derivation_input_key` - reads attr.type * `psa_key_agreement_raw_internal` - reads attr.type and attr.bits -#### Determining whether a key slot is occupied +##### Determining whether a key slot is occupied `psa_is_key_slot_occupied` currently uses the `attr.type` field to determine whether a key slot is occupied. This works because we maintain the invariant that an occupied slot contains key material. With concurrency, it is desirable to allow a key slot to be reserved, but not yet contain key material or even metadata. When creating a key, determining the key type can be costly, for example when loading a persistent key from storage or (not yet implemented) when importing or unwrapping a key using an interface that determines the key type from the data that it parses. So we should not need to hold the global key store lock while the key type is undetermined. Instead, `psa_is_key_slot_occupied` should use the key identifier to decide whether a slot is occupied. The key identifier is always readily available: when allocating a slot for a persistent key, it's an input of the function that allocates the key slot; when allocating a slot for a volatile key, the identifier is calculated from the choice of slot. -#### Key slot content +##### Key slot content Other than what is used to determine the [“key slot state”](#key-slot-state), the contents of a key slot are only accessed as follows: @@ -236,7 +243,7 @@ Other than what is used to determine the [“key slot state”](#key-slot-state) * `psa_key_agreement_raw_internal` - passes key data to mbedtls_psa_ecp_load_representation * `psa_generate_key` - passes key data to psa_driver_wrapper_generate_key -### Random generator +#### Random generator The PSA RNG can be accessed both from various PSA functions, and from application code via `mbedtls_psa_get_random`. @@ -244,11 +251,11 @@ With the built-in RNG implementations using `mbedtls_ctr_drbg_context` or `mbedt When `MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG` is enabled, thread safety depends on the implementation. -### Driver resources +#### Driver resources Depends on the driver. The PSA driver interface specification does not discuss whether drivers must support concurrent calls. -## Simple global lock strategy +### Simple global lock strategy Have a single mutex protecting all accesses to the key store and other global variables. In practice, this means every PSA API function needs to take the lock on entry and release on exit, except for: @@ -261,7 +268,7 @@ Note that this does not protect access to the RNG via `mbedtls_psa_get_random`, This approach is conceptually simple, but requires extra instrumentation to every function and has bad performance in a multithreaded environment since a slow operation in one thread blocks unrelated operations on other threads. -## Global lock excluding slot content +### Global lock excluding slot content Have a single mutex protecting all accesses to the key store and other global variables, except that it's ok to access the content of a key slot without taking the lock if one of the following conditions holds: @@ -270,7 +277,7 @@ Have a single mutex protecting all accesses to the key store and other global va Note that a thread must hold the global mutex when it reads or changes a slot's state. -### Slot states +#### Slot states For concurrency purposes, a slot can be in one of three states: @@ -291,7 +298,7 @@ The current `state->lock_count` corresponds to the difference between UNUSED and There is currently no indication of when a slot is in the WRITING state. This only happens between a call to `psa_start_key_creation` and a call to one of `psa_finish_key_creation` or `psa_fail_key_creation`. This new state can be conveyed by a new boolean flag, or by setting `lock_count` to `~0`. -### Destruction of a key in use +#### Destruction of a key in use Problem: In #key-destruction-long-term-requirements we require that the key slot is destroyed (by `psa_wipe_key_slot`) even while it's in use (READING or WRITING). @@ -299,7 +306,7 @@ How do we ensure that? This needs something more sophisticated than mutexes (con Solution: after some team discussion, we've decided to rely on a new threading abstraction which mimics C11 (i.e. `mbedtls_fff` where `fff` is the C11 function name, having the same parameters and return type, with default implementations for C11, pthreads and Windows). We'll likely use condition variables in addition to mutexes. -#### Mutex only +##### Mutex only When calling `psa_wipe_key_slot` it is the callers responsibility to set the slot state to WRITING first. For most functions this is a clean UNUSED -> WRITING transition: psa_get_empty_key_slot, psa_get_and_lock_key_slot, psa_close_key, psa_purge_key. @@ -316,7 +323,7 @@ Variations: The second variant can't be implemented as a backward compatible improvement on the first as multipart operations that were successfully completed in the first case, would fail in the second. If we want to implement these incrementally, multipart operations in a multithreaded environment must be left unsupported in the first variant. This makes the first variant impractical (multipart operations returning an error in builds with multithreading enabled is not a behaviour that would be very useful to release). -### Condition variables +#### Condition variables Clean UNUSED -> WRITING transition works as before. @@ -329,17 +336,17 @@ To resolve this, we can either: 1. Depend on the deletion marker. If the slot has been reused and is marked for deletion again, the threads keep waiting until the second deletion completes. 2. Introduce a uuid (eg a global counter plus a slot ID), which is recorded by the thread waiting for deletion and checks whether it matches. If it doesn't, the function can return as the slot was already reallocated. If it does match, it can check whether it is still marked for deletion, if it is, the thread goes back to sleep, if it isn't, the function can return. -#### Platform abstraction +##### Platform abstraction Introducing condition variables to the platform abstraction layer would be best done in a major version. If we can't wait until that, we will need to introduce a new compile time flag. Considering that this only will be needed on the PSA Crypto side and the upcoming split, it makes sense to make this flag responsible for the entire PSA Crypto threading support. Therefore if we want to keep the option open for implementing this in a backward compatible manner, we need to introduce and use this new flag already when implementing #mutex-only. (If we keep the abstraction layer for mutexes the same, this shouldn't mean increase in code size and would mean only minimal effort on the porting side.) -### Operation contexts +#### Operation contexts Concurrent access to the same operation context can compromise the crypto service for example if the operation context has a pointer (depending on the compiler and the platform, the pointer assignment may or may not be atomic). This violates the functional correctness requirement. (Concurrent calls to operations is undefined behaviour, but still should not compromise the CIA of the crypto service.) Operations will have a status field protected by a global mutex similarly to key slots. On entry, API calls check the state and return an error if it is already ACTIVE. Otherwise they set it to ACTIVE and restore it to INACTIVE before returning. -### Drivers +#### Drivers Each driver that hasn’t got the "thread_safe” property set has a dedicated mutex. @@ -347,7 +354,7 @@ Implementing "thread_safe” drivers depends on the condition variable protectio Start with implementing threading for drivers without the "thread_safe” property (all drivers behave like the property wasn't set). Add "thread_safe" drivers at some point after the #condition-variables approach is implemented in the core. -#### Reentrancy +##### Reentrancy It is natural sometimes to want to perform cryptographic operations from a driver, for example calculating a hash as part of various other crypto primitives, or using a block cipher in a driver for a mode, etc. Also encrypting/authenticating communication with a secure element. @@ -379,7 +386,7 @@ Thread-safe drivers have less guarantees from the core and need to implement mor Thread-safe drivers must not make any assumption about the operation of the core beyond what is discussed in the #reentrancy and #driver-requirements sections. -### Global Data +#### Global Data PSA Crypto makes use of a `global_data` variable that will be accessible from multiple threads and needs to be protected. Any function accessing this variable (or its members) must take the corresponding lock first. Since `global_data` holds the RNG state, these will involve relatively expensive operations and therefore ideally `global_data` should be protected by its own, dedicated lock (different from the one protecting the key store). @@ -387,7 +394,7 @@ Note that this does not protect access to the RNG via `mbedtls_psa_get_random`, The purpose of `MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG` is very similar to the driver interface (and might even be added to it in the long run), therefore it makes sense to handle it the same way. In particular, we can use the `global_data` mutex to protect it as a default and when we implement the "thread_safe” property for drivers, we implement it for `MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG` as well. -### Implementation notes +#### Implementation notes Since we only have simple mutexes, locking the same mutex from the same thread is a deadlock. Therefore functions taking the global mutex must not be called while holding the same mutex. Functions taking the mutex will document this fact and the implications. From de0e3e352d07a1f497e023d1efc951918f9e51be Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 20 Oct 2023 15:12:42 +0100 Subject: [PATCH 0359/1674] Threading design: Update empty slot tracking Using a dedicated field allows clean separatin between key attributes and slot state. This allows us to use the same mechanics for attributes and key content. Which in turn means lower code size and easier maintenance. Signed-off-by: Janos Follath --- docs/architecture/psa-thread-safety.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md index 493d4fb7b..a1081a9b6 100644 --- a/docs/architecture/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety.md @@ -207,6 +207,8 @@ The following functions modify a slot's usage state: Instead, `psa_is_key_slot_occupied` should use the key identifier to decide whether a slot is occupied. The key identifier is always readily available: when allocating a slot for a persistent key, it's an input of the function that allocates the key slot; when allocating a slot for a volatile key, the identifier is calculated from the choice of slot. +Alternatively, we could use a dedicated indicator that the slot is occupied. The advantage of this is that no field of the `attr` structure would be needed to determine the slot state. This would be a clean separation between key attributes and slot state and `attr` could be treated exactly like key slot content. This would save code size and maintenance effort. The cost of it would be that each slot would need an extra field to indicate whether it is occupied. + ##### Key slot content Other than what is used to determine the [“key slot state”](#key-slot-state), the contents of a key slot are only accessed as follows: @@ -323,6 +325,8 @@ Variations: The second variant can't be implemented as a backward compatible improvement on the first as multipart operations that were successfully completed in the first case, would fail in the second. If we want to implement these incrementally, multipart operations in a multithreaded environment must be left unsupported in the first variant. This makes the first variant impractical (multipart operations returning an error in builds with multithreading enabled is not a behaviour that would be very useful to release). +We can't reuse the `lock_count` field to mark key slots deleted, as we still need to keep track the lock count while the slot is marked for deletion. This means that we will need to add a new field to key slots. This new field can be reused to indicate whether the slot is occupied (see #determining-whether-a-key-slot-is-occupied). (There would be three states: deleted, occupied, empty.) + #### Condition variables Clean UNUSED -> WRITING transition works as before. From 49d467c37dc0dd084ebeb4f651952b4dbed3ab77 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 20 Oct 2023 15:41:40 +0100 Subject: [PATCH 0360/1674] Threading design: update and clarify 3.6 plan - Separation of attr and slot state is added - Driver support is cut back Signed-off-by: Janos Follath --- docs/architecture/psa-thread-safety.md | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md index a1081a9b6..d6af5a959 100644 --- a/docs/architecture/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety.md @@ -57,10 +57,10 @@ At the time of writing, the driver interface specification does not consider mul We need to define clear policies so that driver implementers know what to expect. Here are two possible policies at two ends of the spectrum; what is desirable is probably somewhere in between. -* Driver entry points may be called concurrently from multiple threads, even if they're using the same key, and even including destroying a key while an operation is in progress on it. -* At most one driver entry point is active at any given time. +* **Policy 1:** Driver entry points may be called concurrently from multiple threads, even if they're using the same key, and even including destroying a key while an operation is in progress on it. +* **Policy 2:** At most one driver entry point is active at any given time. -Combining the two we arrive at the following policy: +Combining the two we arrive at **Policy 3**: * By default, each driver only has at most one entry point active at any given time. In other words, each driver has its own exclusive lock. * Drivers have an optional `"thread_safe"` boolean property. If true, it allows concurrent calls to this driver. @@ -411,12 +411,11 @@ To avoid performance degradation, functions must not start expensive operations The goal is to provide viable threading support without extending the platform abstraction. (Condition variables should be added in 4.0.) This means that we will be relying on mutexes only. - Key Store - - Slot states guarantee safe concurrent access to slot contents - - Slot states will be protected by a global mutex - - Simple key destruction strategy as described in #mutex-only (variant 2.) -- Concurrent calls to operation contexts will be prevented by state fields which shall be protected by a global mutex -- Drivers - - The solution shall use the pre-existing MBEDTLS_THREADING_C threading abstraction - - Drivers will be protected by their own dedicated lock - only non-thread safe drivers are supported - - Constraints on the drivers and the core will be in place and documented as proposed in #reentrancy -- The main `global_data` (the one in `psa_crypto.c`) shall be protected by its own mutex + - Slot states are described in #slot-states. They guarantee safe concurrent access to slot contents. + - Slot states will be protected by a global mutex as described in the introduction of #global-lock-excluding-slot-content. + - Simple key destruction strategy as described in #mutex-only (variant 2). + - The slot state and key attributes will be separated as described in the last paragraph of #determining-whether-a-key-slot-is-occupied. +- Concurrent calls to operation contexts will be prevented by state fields which shall be protected by a global mutex as in #operation-contexts. +- The main `global_data` (the one in `psa_crypto.c`) shall be protected by its own mutex as described in #global-data. +- The solution shall use the pre-existing `MBEDTLS_THREADING_C` threading abstraction. That is, the flag proposed in #platform-abstraction won't be implemented. +- The core makes no additional guarantees for drivers. That is, Policy 1 in #driver-requirements applies. From fb81f77f888e683b080ac9666bda7bf75a43887f Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 18 Oct 2023 17:44:59 +0100 Subject: [PATCH 0361/1674] Add build preset full_no_platform Add build preset as above, and utilise it in all.sh:component_test_no_platform. Signed-off-by: Paul Elliott --- scripts/config.py | 20 ++++++++++++++++++++ tests/scripts/all.sh | 13 ++----------- 2 files changed, 22 insertions(+), 11 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index 17fbe653a..af9372d6d 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -358,6 +358,22 @@ def no_deprecated_adapter(adapter): return adapter(name, active, section) return continuation +def no_platform_adapter(adapter): + """Modify an adapter to disable platform symbols. + + ``no_platform_adapter(adapter)(name, active, section)`` is like + ``adapter(name, active, section)``, but unsets all platform symbols other + ``than MBEDTLS_PLATFORM_C. + """ + def continuation(name, active, section): + # Allow MBEDTLS_PLATFORM_C but remove all other platform symbols. + if name.startswith('MBEDTLS_PLATFORM_') and name != 'MBEDTLS_PLATFORM_C': + return False + if adapter is None: + return active + return adapter(name, active, section) + return continuation + class ConfigFile(Config): """Representation of the Mbed TLS configuration read for a file. @@ -540,6 +556,10 @@ if __name__ == '__main__': """Uncomment most non-deprecated features. Like "full", but without deprecated features. """) + add_adapter('full_no_platform', no_platform_adapter(full_adapter), + """Uncomment most non-platform features. + Like "full", but without platform features. + """) add_adapter('realfull', realfull_adapter, """Uncomment all boolean #defines. Suitable for generating documentation, but not for building.""") diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9290aa6d9..7b4bbea98 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4027,23 +4027,14 @@ component_test_no_platform () { # This should catch missing mbedtls_printf definitions, and by disabling file # IO, it should catch missing '#include ' msg "build: full config except platform/fsio/net, make, gcc, C99" # ~ 30s - scripts/config.py full + scripts/config.py full_no_platform scripts/config.py unset MBEDTLS_PLATFORM_C scripts/config.py unset MBEDTLS_NET_C - scripts/config.py unset MBEDTLS_PLATFORM_MEMORY - scripts/config.py unset MBEDTLS_PLATFORM_PRINTF_ALT - scripts/config.py unset MBEDTLS_PLATFORM_FPRINTF_ALT - scripts/config.py unset MBEDTLS_PLATFORM_SNPRINTF_ALT - scripts/config.py unset MBEDTLS_PLATFORM_VSNPRINTF_ALT - scripts/config.py unset MBEDTLS_PLATFORM_TIME_ALT - scripts/config.py unset MBEDTLS_PLATFORM_EXIT_ALT - scripts/config.py unset MBEDTLS_PLATFORM_SETBUF_ALT - scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT - scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED scripts/config.py unset MBEDTLS_FS_IO scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C + scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19, # to re-enable platform integration features otherwise disabled in C99 builds make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -Os -D_DEFAULT_SOURCE' lib programs From 078edc205d5b640f5faa9d0d9c693055b81beeae Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Fri, 20 Oct 2023 19:14:46 +0100 Subject: [PATCH 0362/1674] Add missing exit labels to MPS tests Coverity flagged this due to the potential leaked memory allocations in mbedtls_mps_reader_random_usage() Signed-off-by: Paul Elliott --- tests/suites/test_suite_mps.function | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/tests/suites/test_suite_mps.function b/tests/suites/test_suite_mps.function index 0b8434b7c..675113658 100644 --- a/tests/suites/test_suite_mps.function +++ b/tests/suites/test_suite_mps.function @@ -65,6 +65,8 @@ void mbedtls_mps_reader_no_pausing_single_step_single_round(int with_acc) /* Wrapup (lower layer) */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, &paused) == 0); TEST_ASSERT(paused == 0); + +exit: mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -119,6 +121,8 @@ void mbedtls_mps_reader_no_pausing_single_step_multiple_rounds(int with_acc) TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup (lower layer) */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + +exit: mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -170,6 +174,8 @@ void mbedtls_mps_reader_no_pausing_multiple_steps_single_round(int with_acc) TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup (lower layer) */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + +exit: mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -217,6 +223,8 @@ void mbedtls_mps_reader_no_pausing_multiple_steps_multiple_rounds(int with_acc) TEST_ASSERT(mbedtls_mps_reader_commit(&rd) == 0); /* Wrapup */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + +exit: mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -250,6 +258,8 @@ void mbedtls_mps_reader_pausing_needed_disabled() /* Wrapup (lower layer) */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == MBEDTLS_ERR_MPS_READER_NEED_ACCUMULATOR); + +exit: mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -297,6 +307,7 @@ void mbedtls_mps_reader_pausing_needed_buffer_too_small() TEST_ASSERT(mbedtls_mps_reader_get(&rd, 50, &tmp, &tmp_len) == 0); TEST_MEMORY_COMPARE(tmp, tmp_len, buf + 50, 50); +exit: mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -333,6 +344,7 @@ void mbedtls_mps_reader_reclaim_overflow() TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == MBEDTLS_ERR_MPS_READER_ACCUMULATOR_TOO_SMALL); +exit: mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -458,6 +470,8 @@ void mbedtls_mps_reader_pausing(int option) /* Wrapup */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + +exit: mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -562,6 +576,8 @@ void mbedtls_mps_reader_pausing_multiple_feeds(int option) /* Wrapup */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + +exit: mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -623,6 +639,8 @@ void mbedtls_mps_reader_reclaim_data_left(int option) /* Wrapup */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == MBEDTLS_ERR_MPS_READER_DATA_LEFT); + +exit: mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -795,6 +813,7 @@ void mbedtls_mps_reader_multiple_pausing(int option) break; } +exit: mbedtls_mps_reader_free(&rd); } /* END_CASE */ @@ -951,6 +970,7 @@ void mbedtls_mps_reader_random_usage(int num_out_chunks, } } +exit: /* Cleanup */ mbedtls_mps_reader_free(&rd); mbedtls_free(incoming); @@ -1103,6 +1123,7 @@ void mbedtls_reader_inconsistent_usage(int option) TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); } +exit: /* Wrapup */ mbedtls_mps_reader_free(&rd); } @@ -1136,6 +1157,8 @@ void mbedtls_mps_reader_feed_empty() /* Wrapup */ TEST_ASSERT(mbedtls_mps_reader_reclaim(&rd, NULL) == 0); + +exit: mbedtls_mps_reader_free(&rd); } /* END_CASE */ From 53a332d970aae9d8cf84a4b677bb0eabb26d9fb7 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 23 Oct 2023 13:52:49 +0800 Subject: [PATCH 0363/1674] fix various issues - rename file name from `early_data.txt` to `tls13_early_data.txt` - fix typo issue - remove redundant parameter Signed-off-by: Jerry Yu --- tests/data_files/{early_data.txt => tls13_early_data.txt} | 2 +- tests/opt-testcases/tls13-misc.sh | 2 +- tests/ssl-opt.sh | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) rename tests/data_files/{early_data.txt => tls13_early_data.txt} (70%) diff --git a/tests/data_files/early_data.txt b/tests/data_files/tls13_early_data.txt similarity index 70% rename from tests/data_files/early_data.txt rename to tests/data_files/tls13_early_data.txt index f0084c3ef..0c84b0720 100644 --- a/tests/data_files/early_data.txt +++ b/tests/data_files/tls13_early_data.txt @@ -1,3 +1,3 @@ EarlyData context: line 0 lf EarlyData context: line 1 lf -EarlyData context: If it appear, that means early_data success +EarlyData context: If it appears, that means early_data received. diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index 572a291fd..d5efc9edc 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -501,7 +501,7 @@ requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 G->m: EarlyData: feature is disabled, fail." \ - "$P_SRV force_version=tls13 debug_level=4 max_early_data_size=-1 $(get_srv_psk_list)" \ + "$P_SRV force_version=tls13 debug_level=4 max_early_data_size=-1" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL -d 10 -r --earlydata $EARLY_DATA_INPUT" \ 1 \ -s "ClientHello: early_data(42) extension exists." \ diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 2ff097ff1..696ec164a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -72,7 +72,7 @@ guess_config_name() { : ${MBEDTLS_TEST_OUTCOME_FILE=} : ${MBEDTLS_TEST_CONFIGURATION:="$(guess_config_name)"} : ${MBEDTLS_TEST_PLATFORM:="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"} -: ${EARLY_DATA_INPUT:=data_files/early_data.txt} +: ${EARLY_DATA_INPUT:=data_files/tls13_early_data.txt} O_SRV="$OPENSSL s_server -www -cert data_files/server5.crt -key data_files/server5.key" O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL s_client" From 23f7e41633174a0a750812eb2713549170afa39a Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 23 Oct 2023 10:11:18 +0100 Subject: [PATCH 0364/1674] Threading design: improve language Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com> Signed-off-by: Janos Follath --- docs/architecture/psa-thread-safety.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md index d6af5a959..6ff834f83 100644 --- a/docs/architecture/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety.md @@ -333,7 +333,7 @@ Clean UNUSED -> WRITING transition works as before. `psa_wipe_all_key_slots` and `psa_destroy_key` mark the slot as deleted and go to sleep until the slot state becomes UNUSED. When waking up, they wipe the slot, and return. -If the slot is already marked as deleted the threads calling `psa_wipe_all_key_slots` and `psa_destroy_key` go to sleep until the deletion completes. To satisfy #key-destruction-long-term-requirements none of the threads may return from the call until the slot is deleted completely. This can be achieved by signalling them when the slot has already been whiped and ready for use, that is not marked for deletion anymore. To handle spurious wake-ups, these threads need to be able to tell whether the slot was already deleted. This is not trivial, because by the time the thread wakes up, theoretically the slot might be in any state. It might have been reused and maybe even marked for deletion again. +If the slot is already marked as deleted the threads calling `psa_wipe_all_key_slots` and `psa_destroy_key` go to sleep until the deletion completes. To satisfy #key-destruction-long-term-requirements none of the threads may return from the call until the slot is deleted completely. This can be achieved by signalling them when the slot has already been wiped and ready for use, that is not marked for deletion anymore. To handle spurious wake-ups, these threads need to be able to tell whether the slot was already deleted. This is not trivial, because by the time the thread wakes up, theoretically the slot might be in any state. It might have been reused and maybe even marked for deletion again. To resolve this, we can either: @@ -378,15 +378,15 @@ Potential ways for resolving this: 3. Make the dispatch layer public for drivers to call 4. There is a whitelist of core APIs that drivers can call. Drivers providing entry points to these must not make a call to the core when handling these calls. (Drivers are still allowed to call any core API that can't have a driver entry point.) -The first is too restrictive, the second and the third would require making it a stable API, and would likely increase the code size for a relatively rare feature. Choosing the fourth as that is the most viable option. +The first is too restrictive, the second and the third would require making it a stable API, and would likely increase the code size for a relatively rare feature. We are choosing the fourth as that is the most viable option. **Thread-safe drivers:** A driver is non-thread-safe if the `thread-safe` property (see #driver-requirements) is set to true. -To make reentrancy in non-thread-safe drivers work, thread-safe drivers must not make a call to the core when handling a call that is on the non-thread-safe driver whitelist. +To make reentrancy in non-thread-safe drivers work, thread-safe drivers must not make a call to the core when handling a call that is on the non-thread-safe driver core API whitelist. -Thread-safe drivers have less guarantees from the core and need to implement more complex logic and we can reasonably expect them to be more flexible in terms of reentrancy as well. At this point hard to see what further guarantees would be useful and feasible. Therefore, we don't provide any further guarantees for now. +Thread-safe drivers have less guarantees from the core and need to implement more complex logic and we can reasonably expect them to be more flexible in terms of reentrancy as well. At this point it is hard to see what further guarantees would be useful and feasible. Therefore, we don't provide any further guarantees for now. Thread-safe drivers must not make any assumption about the operation of the core beyond what is discussed in the #reentrancy and #driver-requirements sections. From e604269a59acc37c0cef02c9023270d101939a77 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 23 Oct 2023 10:16:58 +0100 Subject: [PATCH 0365/1674] Threading Design: emphasise performance requirement Signed-off-by: Janos Follath --- docs/architecture/psa-thread-safety.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md index 6ff834f83..5952874b8 100644 --- a/docs/architecture/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety.md @@ -404,7 +404,7 @@ Since we only have simple mutexes, locking the same mutex from the same thread i Releasing the mutex before a function call might introduce race conditions. Therefore might not be practical to take the mutex in low level access functions. If functions like that don't take the mutex, they need to rely on the caller to take it for them. These functions will document that the caller is required to hold the mutex. -To avoid performance degradation, functions must not start expensive operations (eg. doing cryptography) while holding the mutex. +To avoid performance degradation, functions must hold mutexes for as short time as possible. In particular, they must not start expensive operations (eg. doing cryptography) while holding the mutex. ## Strategy for 3.6 From 54bd71b40f72a3aac2fdd90adbcd6664b20bcd45 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 23 Oct 2023 10:30:50 +0100 Subject: [PATCH 0366/1674] Update operation threading strategy The library does not need to provide protection, leave it to the crypto service. Signed-off-by: Janos Follath --- docs/architecture/psa-thread-safety.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md index 5952874b8..3a3e9bda6 100644 --- a/docs/architecture/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety.md @@ -346,9 +346,11 @@ Introducing condition variables to the platform abstraction layer would be best #### Operation contexts -Concurrent access to the same operation context can compromise the crypto service for example if the operation context has a pointer (depending on the compiler and the platform, the pointer assignment may or may not be atomic). This violates the functional correctness requirement. (Concurrent calls to operations is undefined behaviour, but still should not compromise the CIA of the crypto service.) +Concurrent access to the same operation context can compromise the crypto service for example if the operation context has a pointer (depending on the compiler and the platform, the pointer assignment may or may not be atomic). This violates the functional correctness requirement of the crypto service. (Concurrent calls to operations is undefined behaviour, but still should not compromise the CIA of the crypto service.) -Operations will have a status field protected by a global mutex similarly to key slots. On entry, API calls check the state and return an error if it is already ACTIVE. Otherwise they set it to ACTIVE and restore it to INACTIVE before returning. +If we want to protect against this in the library, operations will need a status field protected by a global mutex similarly to key slots. On entry, API calls would check the state and return an error if it is already ACTIVE. Otherwise they set it to ACTIVE and restore it to INACTIVE before returning. + +Alternatively, protecting operation contexts can be left as the responsibility of the crypto service. The [PSA Crypto API Specification](https://arm-software.github.io/psa-api/crypto/1.1/overview/conventions.html#concurrent-calls) does not require the library to provide any protection in this case. A crypto service can easily add its own mutex in its operation structure wrapper (the same structure where it keeps track of which client connection owns that operation object). #### Drivers @@ -415,7 +417,6 @@ The goal is to provide viable threading support without extending the platform a - Slot states will be protected by a global mutex as described in the introduction of #global-lock-excluding-slot-content. - Simple key destruction strategy as described in #mutex-only (variant 2). - The slot state and key attributes will be separated as described in the last paragraph of #determining-whether-a-key-slot-is-occupied. -- Concurrent calls to operation contexts will be prevented by state fields which shall be protected by a global mutex as in #operation-contexts. - The main `global_data` (the one in `psa_crypto.c`) shall be protected by its own mutex as described in #global-data. - The solution shall use the pre-existing `MBEDTLS_THREADING_C` threading abstraction. That is, the flag proposed in #platform-abstraction won't be implemented. - The core makes no additional guarantees for drivers. That is, Policy 1 in #driver-requirements applies. From bd24d95c27c82d2e33c1ae3d2e141ecea9ebe1d1 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 16:31:32 +0200 Subject: [PATCH 0367/1674] legacy_from_psa: fix support for PSA_ACCEL_ALG_[STREAM_CIPHER/ECB_NO_PADDING] Signed-off-by: Valerio Setti --- .../mbedtls/config_adjust_legacy_from_psa.h | 21 ++++++++++--------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index 5c294e914..66d9887e1 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -697,11 +697,9 @@ #if (defined(PSA_WANT_ALG_CTR) && !defined(MBEDTLS_PSA_ACCEL_ALG_CTR)) || \ (defined(PSA_WANT_ALG_CFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_CFB)) || \ (defined(PSA_WANT_ALG_OFB) && !defined(MBEDTLS_PSA_ACCEL_ALG_OFB)) || \ - defined(PSA_WANT_ALG_ECB_NO_PADDING) || \ - (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ - (defined(PSA_WANT_ALG_CBC_PKCS7) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ + (defined(PSA_WANT_ALG_ECB_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING)) || \ + (defined(PSA_WANT_ALG_CBC_NO_PADDING) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)) || \ + (defined(PSA_WANT_ALG_CBC_PKCS7) && !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)) || \ (defined(PSA_WANT_ALG_CMAC) && !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)) #define PSA_HAVE_SOFT_BLOCK_MODE 1 #endif @@ -765,8 +763,15 @@ #endif /*PSA_HAVE_SOFT_KEY_TYPE_DES || PSA_HAVE_SOFT_BLOCK_MODE */ #endif /* PSA_WANT_KEY_TYPE_DES */ +#if defined(PSA_WANT_ALG_STREAM_CIPHER) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER) +#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 +#endif /* MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER */ +#endif /* PSA_WANT_ALG_STREAM_CIPHER */ + #if defined(PSA_WANT_KEY_TYPE_CHACHA20) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 #define MBEDTLS_CHACHA20_C #endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 */ @@ -782,10 +787,6 @@ #define PSA_HAVE_SOFT_BLOCK_CIPHER 1 #endif -#if defined(PSA_WANT_ALG_STREAM_CIPHER) -#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 -#endif /* PSA_WANT_ALG_STREAM_CIPHER */ - #if defined(PSA_WANT_ALG_CBC_MAC) #if !defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC) #error "CBC-MAC is not yet supported via the PSA API in Mbed TLS." From 91adb41a8cf373d6b36d0d06ccdc893a3301293e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 16 Oct 2023 16:34:09 +0200 Subject: [PATCH 0368/1674] all.sh: remove fixes in test components Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 17f894a7b..29390ef39 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -883,11 +883,6 @@ helper_libtestdriver1_adjust_config() { # Enable PSA-based config (necessary to use drivers) scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having - # partial support for cipher operations in the driver test library. - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING - # Dynamic secure element support is a deprecated feature and needs to be disabled here. # This is done to have the same form of psa_key_attributes_s for libdriver and library. scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C @@ -3535,12 +3530,6 @@ component_test_psa_crypto_config_accel_cipher () { # Configure # --------- - # There is no intended accelerator support for STREAM_CIPHER and - # ECB_NO_PADDING. Therefore, asking for them in the build implies the - # inclusion of the Mbed TLS cipher operations. As we want to test here with - # cipher operations solely supported by accelerators, disabled those - # PSA configuration options by helper_libtestdriver1_adjust_config. - # Start from the full config helper_libtestdriver1_adjust_config "full" From 221d8aa8e747759544f3a9c11cf6200fdc8c3e28 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 17 Oct 2023 13:55:38 +0200 Subject: [PATCH 0369/1674] libtestdriver1: fix acceleration for ALG_STREAM_CIPHER/ALG_ECB_NO_PADDING Signed-off-by: Valerio Setti --- .../crypto_config_test_driver_extension.h | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h index b0bbc4421..0eedb8b10 100644 --- a/tests/include/test/drivers/crypto_config_test_driver_extension.h +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -48,6 +48,22 @@ #endif #endif +#if defined(PSA_WANT_ALG_STREAM_CIPHER) +#if defined(MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER) +#undef MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER +#else +#define MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_ECB_NO_PADDING) +#if defined(MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING) +#undef MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING +#else +#define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1 +#endif +#endif + #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) #if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) #undef MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA @@ -403,7 +419,6 @@ #define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1 #define MBEDTLS_PSA_ACCEL_ALG_CCM 1 -#define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1 #define MBEDTLS_PSA_ACCEL_ALG_GCM 1 #define MBEDTLS_PSA_ACCEL_ALG_HKDF 1 #define MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT 1 @@ -411,7 +426,6 @@ #define MBEDTLS_PSA_ACCEL_ALG_HMAC 1 #define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1 #define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1 -#define MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER 1 #if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) && \ defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) && \ From 0244fbbf28d693588aafb622b4ae19cf51ae5fee Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 19 Oct 2023 10:42:31 +0200 Subject: [PATCH 0370/1674] all.sh: accelerate ALG_ECB_NO_PADDING in test_psa_crypto_config_accel_cipher() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 29390ef39..86e8a0eca 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3523,9 +3523,9 @@ component_test_psa_crypto_config_reference_hash_use_psa() { component_test_psa_crypto_config_accel_cipher () { msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher" - loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 \ - ALG_CTR ALG_CFB ALG_OFB ALG_XTS \ - KEY_TYPE_DES ALG_CMAC" + loc_accel_list="ALG_ECB_NO_PADDING ALG_CBC_NO_PADDING ALG_CBC_PKCS7 \ + ALG_CTR ALG_CFB ALG_OFB ALG_XTS ALG_CMAC \ + KEY_TYPE_DES" # Configure # --------- From 66d5512571305e3aed3bf5a28e0ee7a5c020bad4 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 23 Oct 2023 15:12:32 +0100 Subject: [PATCH 0371/1674] Remove dependency on asm/hwcap.h Signed-off-by: Dave Rodgman --- library/sha256.c | 8 +++++++- tests/scripts/all.sh | 5 +---- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/library/sha256.c b/library/sha256.c index a6d0a7a46..596b2c533 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -126,7 +126,13 @@ # if defined(__linux__) /* Our preferred method of detection is getauxval() */ # include -# include +/* These are not always defined via sys/auxv.h */ +# if !defined(HWCAP_SHA2) +# define HWCAP_SHA2 (1 << 6) +# endif +# if !defined(HWCAP2_SHA2) +# define HWCAP2_SHA2 (1 << 3) +# endif # endif /* Use SIGILL on Unix, and fall back to it on Linux */ # include diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 28767eb3f..114f27109 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4344,10 +4344,7 @@ support_build_sha_armce() { # clang >= 4 is required to build with SHA extensions clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" - # we need asm/hwcap.h available for runtime detection - echo '#include ' | clang -E - >/dev/null 2>&1 && have_hwcap=1 || have_hwcap=0 - - [[ "${clang_ver}" -ge 4 && "${have_hwcap}" -eq 1 ]] + [[ "${clang_ver}" -ge 4 ]] else # clang not available false From 6c68df4155d20f63f94a0325b93d1074e243e132 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Mon, 23 Oct 2023 15:33:37 +0100 Subject: [PATCH 0372/1674] Convert interruptible test over to using TEST_CALLOC Also fix potential leak in unlikely edge case. Signed-off-by: Paul Elliott --- tests/suites/test_suite_psa_crypto.function | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 2dfc7a4bf..a510f8e01 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -7639,8 +7639,7 @@ void interruptible_signverify_hash_edgecase_tests(int key_type_arg, * no reliance on external buffers. */ psa_interruptible_set_max_ops(PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED); - input_buffer = mbedtls_calloc(1, input_data->len); - TEST_ASSERT(input_buffer != NULL); + TEST_CALLOC(input_buffer, input_data->len); memcpy(input_buffer, input_data->x, input_data->len); @@ -7657,8 +7656,7 @@ void interruptible_signverify_hash_edgecase_tests(int key_type_arg, PSA_ASSERT(psa_sign_hash_abort(&sign_operation)); - input_buffer = mbedtls_calloc(1, input_data->len); - TEST_ASSERT(input_buffer != NULL); + TEST_CALLOC(input_buffer, input_data->len); memcpy(input_buffer, input_data->x, input_data->len); @@ -7683,6 +7681,7 @@ exit: psa_destroy_key(key); mbedtls_free(signature); + mbedtls_free(input_buffer); PSA_DONE(); } /* END_CASE */ From c0ae5690669871b6e00e90eec211aaa1b17f99b0 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 23 Oct 2023 17:25:52 +0100 Subject: [PATCH 0373/1674] Make lcov.sh run from the build directory lcov.sh can now be called from any build directory and also still works with in-place builds too. Signed-off-by: Thomas Daubney --- scripts/lcov.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/lcov.sh b/scripts/lcov.sh index 9e52b9844..2cf566a8d 100755 --- a/scripts/lcov.sh +++ b/scripts/lcov.sh @@ -43,8 +43,8 @@ EOF set -eu # Repository detection -in_mbedtls_repo () { - test -d include -a -d library -a -d programs -a -d tests +in_mbedtls_build_dir () { + test -d library } # Collect stats and build a HTML report. @@ -74,11 +74,11 @@ if [ $# -gt 0 ] && [ "$1" = "--help" ]; then exit fi -if in_mbedtls_repo; then +if in_mbedtls_build_dir; then library_dir='library' title='Mbed TLS' else - library_dir='build/core' + library_dir='core' title='TF-PSA-Crypto' fi From 974be516dc84f780298cbddfaaf221b815f47cfa Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 24 Oct 2023 15:42:30 +0800 Subject: [PATCH 0374/1674] move asn1crypto to ci.requirements.txt Signed-off-by: Jerry Yu --- scripts/ci.requirements.txt | 4 ++++ scripts/maintainer.requirements.txt | 3 --- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/scripts/ci.requirements.txt b/scripts/ci.requirements.txt index 7dbcfe8e0..69c2db07a 100644 --- a/scripts/ci.requirements.txt +++ b/scripts/ci.requirements.txt @@ -18,3 +18,7 @@ mypy >= 0.780 # for mypy and pylint under Python 3.5, and we also get something good enough # to run audit-validity-dates.py on Python >=3.6. cryptography # >= 35.0.0 + +# For building `tests/data_files/server9-bad-saltlen.crt` and check python +# files. +asn1crypto diff --git a/scripts/maintainer.requirements.txt b/scripts/maintainer.requirements.txt index dd2826486..b149921a2 100644 --- a/scripts/maintainer.requirements.txt +++ b/scripts/maintainer.requirements.txt @@ -8,6 +8,3 @@ clang # For building some test vectors pycryptodomex pycryptodome-test-vectors - -# For building `tests/data_files/server9-bad-saltlen.crt` -asn1crypto From baf7ba44c489d54a8f727497cb51fe88c5550595 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 24 Oct 2023 15:44:00 +0800 Subject: [PATCH 0375/1674] improve document Signed-off-by: Jerry Yu --- scripts/mbedtls_dev/generate_server9_bad_saltlen.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/mbedtls_dev/generate_server9_bad_saltlen.py b/scripts/mbedtls_dev/generate_server9_bad_saltlen.py index 813e6dc0f..36682152a 100755 --- a/scripts/mbedtls_dev/generate_server9_bad_saltlen.py +++ b/scripts/mbedtls_dev/generate_server9_bad_saltlen.py @@ -1,8 +1,7 @@ #!/usr/bin/env python3 """Generate server9-bad-saltlen.crt -`server9-bad-saltlen.crt (announcing saltlen = 0xDE, signed with another len)`. It can not generate -with normal command. This script is to generate the file. +Generate a certificate signed with RSA-PSS, with an incorrect salt length. """ # Copyright The Mbed TLS Contributors From 6f21dd5694c92ba4d8d188ddce62df07350fa3ee Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 24 Oct 2023 15:45:41 +0800 Subject: [PATCH 0376/1674] move script to `tests/scripts` Signed-off-by: Jerry Yu --- tests/data_files/Makefile | 4 ++-- .../scripts}/generate_server9_bad_saltlen.py | 0 2 files changed, 2 insertions(+), 2 deletions(-) rename {scripts/mbedtls_dev => tests/scripts}/generate_server9_bad_saltlen.py (100%) diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 4ab5786e1..1d5257fa7 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -586,8 +586,8 @@ all_final += server9-bad-mgfhash.crt server9-bad-saltlen.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa) \ opensslcnf/server9.crt.v3_ext \ - ../../scripts/mbedtls_dev/generate_server9_bad_saltlen.py - ../../scripts/mbedtls_dev/generate_server9_bad_saltlen.py --ca-name test-ca \ + ../scripts/generate_server9_bad_saltlen.py + ../scripts/generate_server9_bad_saltlen.py --ca-name test-ca \ --ca-password $(test_ca_pwd_rsa) --csr server9.csr \ --openssl-extfile opensslcnf/server9.crt.v3_ext \ --anounce_saltlen 0xde --actual_saltlen 0x20 \ diff --git a/scripts/mbedtls_dev/generate_server9_bad_saltlen.py b/tests/scripts/generate_server9_bad_saltlen.py similarity index 100% rename from scripts/mbedtls_dev/generate_server9_bad_saltlen.py rename to tests/scripts/generate_server9_bad_saltlen.py From 7b711710b289f6d5c36d2c240ec6fde06e8c3d6d Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 24 Oct 2023 17:07:14 +0800 Subject: [PATCH 0377/1674] Add check_ticket_flags helper function Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 6 ++++++ library/ssl_tls13_server.c | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index a99bb3343..9444c29c2 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2779,6 +2779,12 @@ static inline unsigned int mbedtls_ssl_session_get_ticket_flags( (flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK); } +static inline unsigned int mbedtls_ssl_session_check_ticket_flags( + mbedtls_ssl_session *session, unsigned int flags) +{ + return mbedtls_ssl_session_get_ticket_flags(session, flags) == 0; +} + static inline void mbedtls_ssl_session_set_ticket_flags( mbedtls_ssl_session *session, unsigned int flags) { diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 87eaa192f..2561239a0 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -998,7 +998,7 @@ static int ssl_tls13_ticket_permission_check(mbedtls_ssl_context *ssl, { #if defined(MBEDTLS_SSL_SESSION_TICKETS) if (ssl->handshake->resume) { - if (!mbedtls_ssl_session_get_ticket_flags( + if (mbedtls_ssl_session_check_ticket_flags( ssl->session_negotiate, kex_mode)) { return 0; } From f842868dd9dfe3105d0357a66246ec1ca0d10de9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 24 Oct 2023 14:18:38 +0100 Subject: [PATCH 0378/1674] Fix MBEDTLS_MAYBE_UNUSED for IAR Signed-off-by: Dave Rodgman --- library/common.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/common.h b/library/common.h index 570b97eca..73b3d6127 100644 --- a/library/common.h +++ b/library/common.h @@ -344,8 +344,11 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, # define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) #endif #if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__IAR_SYSTEMS_ICC__) && defined(__VER__) +/* IAR does support __attribute__((unused)), but only if the -e flag (extended language support) + * is given; the pragma always works. + * Unfortunately the pragma affects the rest of the file where it is used, but this is harmless. */ # if (__VER__ >= 8010000) // IAR 8.1 or later -# define MBEDTLS_MAYBE_UNUSED __attribute__((unused)) +# define MBEDTLS_MAYBE_UNUSED _Pragma("diag_suppress=Pe177") # endif #endif #if !defined(MBEDTLS_MAYBE_UNUSED) && defined(_MSC_VER) From 27e3c87fc1b33438a7a17b11e4aa9f1a69cfbc1a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 8 Oct 2023 10:29:26 +0100 Subject: [PATCH 0379/1674] Suppport AESCE on A32 and T32 Signed-off-by: Dave Rodgman --- library/aes.c | 6 ++-- library/aesce.c | 84 ++++++++++++++++++++++++++++++++++++++++++++++--- library/aesce.h | 2 +- 3 files changed, 84 insertions(+), 8 deletions(-) diff --git a/library/aes.c b/library/aes.c index b61d089fa..037a91837 100644 --- a/library/aes.c +++ b/library/aes.c @@ -35,9 +35,9 @@ #include "mbedtls/error.h" #if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) -#if !((defined(MBEDTLS_ARCH_IS_ARM64) && defined(MBEDTLS_AESCE_C)) || \ - (defined(MBEDTLS_ARCH_IS_X64) && defined(MBEDTLS_AESNI_C)) || \ - (defined(MBEDTLS_ARCH_IS_X86) && defined(MBEDTLS_AESNI_C))) +#if !((defined(MBEDTLS_ARCH_IS_ARMV8) && defined(MBEDTLS_AESCE_C)) || \ + (defined(MBEDTLS_ARCH_IS_X64) && defined(MBEDTLS_AESNI_C)) || \ + (defined(MBEDTLS_ARCH_IS_X86) && defined(MBEDTLS_AESNI_C))) #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites" #endif #endif diff --git a/library/aesce.c b/library/aesce.c index 8b42b034f..cc0015bc7 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -17,8 +17,17 @@ * limitations under the License. */ -#if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ - defined(__clang__) && __clang_major__ >= 4 +#if defined(__clang__) && (__clang_major__ >= 4) + +/* Ideally, we would simply use MBEDTLS_ARCH_IS_ARMV8 in the following #if, + * but that is defined by build_info.h, and we need this block to happen first. */ +#if defined(__ARM_ARCH) +#if __ARM_ARCH >= 8 +#define MBEDTLS_AESCE_ARCH_IS_ARMV8 +#endif +#endif + +#if defined(MBEDTLS_AESCE_ARCH_IS_ARMV8) && !defined(__ARM_FEATURE_CRYPTO) /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: @@ -39,6 +48,8 @@ #define MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG #endif +#endif /* defined(__clang__) && (__clang_major__ >= 4) */ + #include #include "common.h" @@ -46,7 +57,7 @@ #include "aesce.h" -#if defined(MBEDTLS_ARCH_IS_ARM64) +#if defined(MBEDTLS_ARCH_IS_ARMV8) /* Compiler version checks. */ #if defined(__clang__) @@ -68,6 +79,71 @@ #ifdef __ARM_NEON #include + +#if defined(MBEDTLS_ARCH_IS_ARM32) +#if defined(__clang__) +/* On clang for A32/T32, work around some missing intrinsics and types */ + +#ifndef vreinterpretq_p64_u8 +#define vreinterpretq_p64_u8 (poly64x2_t) +#endif +#ifndef vreinterpretq_u8_p128 +#define vreinterpretq_u8_p128 (uint8x16_t) +#endif +#ifndef vreinterpretq_u64_p64 +#define vreinterpretq_u64_p64 (uint64x2_t) +#endif + +typedef uint8x16_t poly128_t; + +static inline poly128_t vmull_p64(poly64_t a, poly64_t b) +{ + poly128_t r; + asm ("vmull.p64 %[r], %[a], %[b]": [r] "=w" (r) : [a] "w" (a), [b] "w" (b) :); + return r; +} + +static inline poly64x1_t vget_low_p64(poly64x2_t a) +{ + return (poly64x1_t) vget_low_u64(vreinterpretq_u64_p64(a)); +} + +static inline poly128_t vmull_high_p64(poly64x2_t a, poly64x2_t b) +{ + return vmull_p64((poly64_t) (vget_high_u64((uint64x2_t) a)), + (poly64_t) (vget_high_u64((uint64x2_t) b))); +} + +#endif /* defined(__clang__) */ + +static inline uint8x16_t vrbitq_u8(uint8x16_t x) +{ + /* There is no vrbitq_u8 instruction in A32/T32, so provide + * an equivalent non-Neon implementation. Reverse bit order in each + * byte with 4x rbit, rev. */ + asm ("ldm %[p], { r2-r5 } \n\t" + "rbit r2, r2 \n\t" + "rev r2, r2 \n\t" + "rbit r3, r3 \n\t" + "rev r3, r3 \n\t" + "rbit r4, r4 \n\t" + "rev r4, r4 \n\t" + "rbit r5, r5 \n\t" + "rev r5, r5 \n\t" + "stm %[p], { r2-r5 } \n\t" + : + /* Output: 16 bytes of memory pointed to by &x */ + "+m" (*(uint8_t(*)[16]) &x) + : + [p] "r" (&x) + : + "r2", "r3", "r4", "r5" + ); + return x; +} + +#endif /* defined(MBEDTLS_ARCH_IS_ARM32) */ + #else #error "Target does not support NEON instructions" #endif @@ -510,6 +586,6 @@ void mbedtls_aesce_gcm_mult(unsigned char c[16], #undef MBEDTLS_POP_TARGET_PRAGMA #endif -#endif /* MBEDTLS_ARCH_IS_ARM64 */ +#endif /* MBEDTLS_ARCH_IS_ARMV8 */ #endif /* MBEDTLS_AESCE_C */ diff --git a/library/aesce.h b/library/aesce.h index d24c423b8..97e242416 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -31,7 +31,7 @@ #include "mbedtls/aes.h" -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARM64) +#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARMV8) #define MBEDTLS_AESCE_HAVE_CODE From 851cf5a325c6c1e3a794009e873cec02b4597b1d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 8 Oct 2023 12:26:41 +0100 Subject: [PATCH 0380/1674] Fix runtime detection on A32/T32 Signed-off-by: Dave Rodgman --- library/aesce.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/library/aesce.c b/library/aesce.c index cc0015bc7..11a22f6b6 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -190,6 +190,16 @@ int mbedtls_aesce_has_support_impl(void) * once, but that is harmless. */ if (mbedtls_aesce_has_support_result == -1) { +#if defined(MBEDTLS_ARCH_IS_ARM32) + unsigned long auxval = getauxval(AT_HWCAP); + unsigned long auxval2 = getauxval(AT_HWCAP2); + if (((auxval & HWCAP_NEON) == HWCAP_NEON) && + ((auxval2 & HWCAP2_AES) == HWCAP2_AES)) { + mbedtls_aesce_has_support_result = 1; + } else { + mbedtls_aesce_has_support_result = 0; + } +#else unsigned long auxval = getauxval(AT_HWCAP); if ((auxval & (HWCAP_ASIMD | HWCAP_AES)) == (HWCAP_ASIMD | HWCAP_AES)) { @@ -197,6 +207,7 @@ int mbedtls_aesce_has_support_impl(void) } else { mbedtls_aesce_has_support_result = 0; } +#endif } return mbedtls_aesce_has_support_result; } From 0c584039896625b0784519547d03f68a79528439 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 8 Oct 2023 12:26:54 +0100 Subject: [PATCH 0381/1674] Add build tests for AESCE on A32/T32 Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f76edda4e..638696468 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4391,6 +4391,38 @@ component_build_aes_aesce_armcc () { armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto" } +support_build_aes_armce() { + # clang >= 4 is required to build with AES extensions + ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" + [ "${ver}" -ge 4 ] +} + +component_build_aes_armce () { + # Test variations of AES with Armv8 crypto extensions + scripts/config.py set MBEDTLS_AESCE_C + scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY + + msg "MBEDTLS_AES_USE_HARDWARE_ONLY, clang, aarch64" + make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + + msg "MBEDTLS_AES_USE_HARDWARE_ONLY, clang, arm" + make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" + + msg "MBEDTLS_AES_USE_HARDWARE_ONLY, clang, thumb" + make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + + scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY + + msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, aarch64" + make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + + msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, arm" + make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" + + msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, thumb" + make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" +} + support_build_sha_armce() { if command -v clang > /dev/null ; then # clang >= 4 is required to build with SHA extensions From 18838f6c1ac0db987afe6c3036884bd58211963e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 8 Oct 2023 12:28:51 +0100 Subject: [PATCH 0382/1674] Fix docs for MBEDTLS_AESCE_C Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 73229ea91..f8811055a 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2247,7 +2247,7 @@ /** * \def MBEDTLS_AESCE_C * - * Enable AES cryptographic extension support on 64-bit Arm. + * Enable AES cryptographic extension support on Armv8. * * Module: library/aesce.c * Caller: library/aes.c From f82e0c470186a6489b182c184a087d3a512f566f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 8 Oct 2023 12:30:49 +0100 Subject: [PATCH 0383/1674] Changelog Signed-off-by: Dave Rodgman --- ChangeLog.d/armv8-aesce.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/armv8-aesce.txt diff --git a/ChangeLog.d/armv8-aesce.txt b/ChangeLog.d/armv8-aesce.txt new file mode 100644 index 000000000..bc26e617a --- /dev/null +++ b/ChangeLog.d/armv8-aesce.txt @@ -0,0 +1,3 @@ +Features + * Support use of Arm Crypto Extensions for hardware acclerated AES on + Thumb and Arm targets. From ece803b0aeb1956d75f1b7fee557d63e45b71bf1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 8 Oct 2023 20:24:48 +0100 Subject: [PATCH 0384/1674] Fix behaviour for Armv8 targets without Neon Signed-off-by: Dave Rodgman --- library/aesce.c | 2 +- library/aesce.h | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 11a22f6b6..ba09288fa 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -57,7 +57,7 @@ #include "aesce.h" -#if defined(MBEDTLS_ARCH_IS_ARMV8) +#if defined(MBEDTLS_ARCH_IS_ARMV8) && defined(__ARM_NEON) /* Compiler version checks. */ #if defined(__clang__) diff --git a/library/aesce.h b/library/aesce.h index 97e242416..2cec2f3a1 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -2,7 +2,7 @@ * \file aesce.h * * \brief Support hardware AES acceleration on Armv8-A processors with - * the Armv8-A Cryptographic Extension in AArch64 execution state. + * the Armv8-A Cryptographic Extension. * * \warning These functions are only for internal use by other library * functions; you must not call them directly. @@ -31,7 +31,7 @@ #include "mbedtls/aes.h" -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARMV8) +#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARMV8) && defined(__ARM_NEON) #define MBEDTLS_AESCE_HAVE_CODE @@ -128,6 +128,12 @@ int mbedtls_aesce_setkey_enc(unsigned char *rk, } #endif -#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARM64 */ +#else + +#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) +#error "AES hardware acceleration not supported on this platform" +#endif + +#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARMV8 && __ARM_NEON */ #endif /* MBEDTLS_AESCE_H */ From 4b8e8dc04304241e97378a562a2bb6901e086395 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 8 Oct 2023 21:41:40 +0100 Subject: [PATCH 0385/1674] Improve compiler version checking + docs + testing for armclang Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 7 ++++--- library/aesce.c | 9 +++++++++ library/aesce.h | 2 +- tests/scripts/all.sh | 13 ++++++++++--- 4 files changed, 24 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index f8811055a..4be2a21a0 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2258,13 +2258,14 @@ * system, Armv8-A Cryptographic Extensions must be supported by * the CPU when this option is enabled. * - * \note Minimum compiler versions for this feature are Clang 4.0, - * armclang 6.6, GCC 6.0 or MSVC 2019 version 16.11.2. + * \note Minimum compiler versions for this feature are Clang 4.0; + * armclang 6.6 when targeting aarch64, or 6.20 when targeting + * Thumb or 32-bit Arm; GCC 6.0; or MSVC 2019 version 16.11.2. * * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 * - * This module adds support for the AES Armv8-A Cryptographic Extensions on Aarch64 systems. + * This module adds support for the AES Armv8-A Cryptographic Extensions on Armv8 systems. */ #define MBEDTLS_AESCE_C diff --git a/library/aesce.c b/library/aesce.c index ba09288fa..2b45a9f99 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -75,6 +75,15 @@ # if _MSC_VER < 1929 # error "Minimum version of MSVC for MBEDTLS_AESCE_C is 2019 version 16.11.2." # endif +#elif defined(__ARMCC_VERSION) +# if defined(MBEDTLS_ARCH_IS_ARM32) && (__ARMCC_VERSION < 6200002) +/* TODO: We haven't verified armclang for 32-bit Arm/Thumb prior to 6.20. + * If someone verified that, please update this and document of + * `MBEDTLS_AESCE_C` in `mbedtls_config.h`. */ +# error "Minimum version of armclang for MBEDTLS_AESCE_C on 32-bit Arm is 6.20." +# elif defined(MBEDTLS_ARCH_IS_ARM64) && (__ARMCC_VERSION < 6060000) +# error "Minimum version of armclang for MBEDTLS_AESCE_C on aarch64 is 6.6." +# endif #endif #ifdef __ARM_NEON diff --git a/library/aesce.h b/library/aesce.h index 2cec2f3a1..149845976 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -130,7 +130,7 @@ int mbedtls_aesce_setkey_enc(unsigned char *rk, #else -#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) +#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && defined(MBEDTLS_ARCH_IS_ARMV8) #error "AES hardware acceleration not supported on this platform" #endif diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 638696468..9f2952d2a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -5044,6 +5044,9 @@ component_build_armcc () { # armc[56] don't support SHA-512 intrinsics scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT + # older versions of armcc/armclang don't support AESCE_C on 32-bit Arm + scripts/config.py unset MBEDTLS_AESCE_C + # Stop armclang warning about feature detection for A64_CRYPTO. # With this enabled, the library does build correctly under armclang, # but in baremetal builds (as tested here), feature detection is @@ -5078,14 +5081,18 @@ component_build_armcc () { # ARM Compiler 6 - Target ARMv8-M armc6_build_test "-O1 --target=arm-arm-none-eabi -march=armv8-m.main" - # ARM Compiler 6 - Target ARMv8.2-A - AArch64 - armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8.2-a+crypto" - # ARM Compiler 6 - Target Cortex-M0 - no optimisation armc6_build_test "-O0 --target=arm-arm-none-eabi -mcpu=cortex-m0" # ARM Compiler 6 - Target Cortex-M0 armc6_build_test "-Os --target=arm-arm-none-eabi -mcpu=cortex-m0" + + # ARM Compiler 6 - Target ARMv8.2-A - AArch64 + # + # Re-enable MBEDTLS_AESCE_C as this should be supported by the version of armclang + # that we have in our CI + scripts/config.py set MBEDTLS_AESCE_C + armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8.2-a+crypto" } support_build_armcc () { From 472a1906d5d37a2a17cbac5e91b5ae74e929b4b6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 8 Oct 2023 22:14:41 +0100 Subject: [PATCH 0386/1674] fix tabs Signed-off-by: Dave Rodgman --- library/aesce.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/aesce.c b/library/aesce.c index 2b45a9f99..3ba6a6059 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -108,7 +108,7 @@ typedef uint8x16_t poly128_t; static inline poly128_t vmull_p64(poly64_t a, poly64_t b) { poly128_t r; - asm ("vmull.p64 %[r], %[a], %[b]": [r] "=w" (r) : [a] "w" (a), [b] "w" (b) :); + asm ("vmull.p64 %[r], %[a], %[b]": [r] "=w" (r) : [a] "w" (a), [b] "w" (b) :); return r; } From b622ff8ac0586ea85706df4c8f390461a5427011 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 8 Oct 2023 22:25:16 +0100 Subject: [PATCH 0387/1674] Fix tests for older versions of clang Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9f2952d2a..91d0a255e 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4403,7 +4403,7 @@ component_build_aes_armce () { scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY msg "MBEDTLS_AES_USE_HARDWARE_ONLY, clang, aarch64" - make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a+crypto" msg "MBEDTLS_AES_USE_HARDWARE_ONLY, clang, arm" make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" @@ -4414,7 +4414,7 @@ component_build_aes_armce () { scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, aarch64" - make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a" + make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a+crypto" msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, arm" make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" From 48b965d9413515a6dedd60c2bc7e09dd5bcb1485 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 9 Oct 2023 12:19:44 +0100 Subject: [PATCH 0388/1674] Update clang version requirements Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 7 ++++--- library/aesce.c | 6 ++++-- tests/scripts/all.sh | 2 +- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 4be2a21a0..cbcffa4c3 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2258,9 +2258,10 @@ * system, Armv8-A Cryptographic Extensions must be supported by * the CPU when this option is enabled. * - * \note Minimum compiler versions for this feature are Clang 4.0; - * armclang 6.6 when targeting aarch64, or 6.20 when targeting - * Thumb or 32-bit Arm; GCC 6.0; or MSVC 2019 version 16.11.2. + * \note Minimum compiler versions for this feature when targeting aarch64 + * are Clang 4.0; armclang 6.6; GCC 6.0; or MSVC 2019 version 16.11.2. + * Minimum compiler versions for this feature when targeting 32-bit + * Arm or Thumb are Clang 11.0; armclang 6.20; or GCC 6.0. * * \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for * armclang <= 6.9 diff --git a/library/aesce.c b/library/aesce.c index 3ba6a6059..caf9560cd 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -61,8 +61,10 @@ /* Compiler version checks. */ #if defined(__clang__) -# if __clang_major__ < 4 -# error "Minimum version of Clang for MBEDTLS_AESCE_C is 4.0." +# if defined(MBEDTLS_ARCH_IS_ARM32) && (__clang_major__ < 11) +# error "Minimum version of Clang for MBEDTLS_AESCE_C on 32-bit Arm or Thumb is 111.0." +# elif defined(MBEDTLS_ARCH_IS_ARM64) && (__clang_major__ < 4) +# error "Minimum version of Clang for MBEDTLS_AESCE_C on aarch64 is 4.0." # endif #elif defined(__GNUC__) # if __GNUC__ < 6 diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 91d0a255e..d84bdb7bd 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4394,7 +4394,7 @@ component_build_aes_aesce_armcc () { support_build_aes_armce() { # clang >= 4 is required to build with AES extensions ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" - [ "${ver}" -ge 4 ] + [ "${ver}" -ge 11 ] } component_build_aes_armce () { From f60e44d0633d2585cc2a0b2336dd565c6076ed08 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 9 Oct 2023 13:40:36 +0100 Subject: [PATCH 0389/1674] Add link to ACLE docs in comment Co-authored-by: Jerry Yu Signed-off-by: Dave Rodgman --- library/aesce.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/aesce.c b/library/aesce.c index caf9560cd..6a6504331 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -93,7 +93,7 @@ #if defined(MBEDTLS_ARCH_IS_ARM32) #if defined(__clang__) -/* On clang for A32/T32, work around some missing intrinsics and types */ +/* On clang for A32/T32, work around some missing intrinsics and types which are listed in [ACLE](https://arm-software.github.io/acle/neon_intrinsics/advsimd.html#polynomial-1) */ #ifndef vreinterpretq_p64_u8 #define vreinterpretq_p64_u8 (poly64x2_t) From 2c25bdb7cfbb74b69cda03e8e60ebabaeb987c92 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 9 Oct 2023 13:41:51 +0100 Subject: [PATCH 0390/1674] Don't use #ifdef on vreinterpretq_xxx Co-authored-by: Jerry Yu Signed-off-by: Dave Rodgman --- library/aesce.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 6a6504331..8c1db91fc 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -95,15 +95,9 @@ #if defined(__clang__) /* On clang for A32/T32, work around some missing intrinsics and types which are listed in [ACLE](https://arm-software.github.io/acle/neon_intrinsics/advsimd.html#polynomial-1) */ -#ifndef vreinterpretq_p64_u8 #define vreinterpretq_p64_u8 (poly64x2_t) -#endif -#ifndef vreinterpretq_u8_p128 #define vreinterpretq_u8_p128 (uint8x16_t) -#endif -#ifndef vreinterpretq_u64_p64 #define vreinterpretq_u64_p64 (uint64x2_t) -#endif typedef uint8x16_t poly128_t; From f4ee5d4c94d834e3814ecafeac4ff1bde22ae047 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 9 Oct 2023 13:42:38 +0100 Subject: [PATCH 0391/1674] Code style Signed-off-by: Dave Rodgman --- library/aesce.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/aesce.c b/library/aesce.c index 8c1db91fc..4c85941b2 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -104,7 +104,7 @@ typedef uint8x16_t poly128_t; static inline poly128_t vmull_p64(poly64_t a, poly64_t b) { poly128_t r; - asm ("vmull.p64 %[r], %[a], %[b]": [r] "=w" (r) : [a] "w" (a), [b] "w" (b) :); + asm ("vmull.p64 %[r], %[a], %[b]" : [r] "=w" (r) : [a] "w" (a), [b] "w" (b) :); return r; } From 46267f6a2d80902aaea2c7468e0849d1cfc1d273 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 9 Oct 2023 14:47:50 +0100 Subject: [PATCH 0392/1674] Tidy-up: move GCM code into one place Signed-off-by: Dave Rodgman --- library/aesce.c | 131 +++++++++++++++++++++++++----------------------- 1 file changed, 68 insertions(+), 63 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 4c85941b2..ffebbfd27 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -90,65 +90,6 @@ #ifdef __ARM_NEON #include - -#if defined(MBEDTLS_ARCH_IS_ARM32) -#if defined(__clang__) -/* On clang for A32/T32, work around some missing intrinsics and types which are listed in [ACLE](https://arm-software.github.io/acle/neon_intrinsics/advsimd.html#polynomial-1) */ - -#define vreinterpretq_p64_u8 (poly64x2_t) -#define vreinterpretq_u8_p128 (uint8x16_t) -#define vreinterpretq_u64_p64 (uint64x2_t) - -typedef uint8x16_t poly128_t; - -static inline poly128_t vmull_p64(poly64_t a, poly64_t b) -{ - poly128_t r; - asm ("vmull.p64 %[r], %[a], %[b]" : [r] "=w" (r) : [a] "w" (a), [b] "w" (b) :); - return r; -} - -static inline poly64x1_t vget_low_p64(poly64x2_t a) -{ - return (poly64x1_t) vget_low_u64(vreinterpretq_u64_p64(a)); -} - -static inline poly128_t vmull_high_p64(poly64x2_t a, poly64x2_t b) -{ - return vmull_p64((poly64_t) (vget_high_u64((uint64x2_t) a)), - (poly64_t) (vget_high_u64((uint64x2_t) b))); -} - -#endif /* defined(__clang__) */ - -static inline uint8x16_t vrbitq_u8(uint8x16_t x) -{ - /* There is no vrbitq_u8 instruction in A32/T32, so provide - * an equivalent non-Neon implementation. Reverse bit order in each - * byte with 4x rbit, rev. */ - asm ("ldm %[p], { r2-r5 } \n\t" - "rbit r2, r2 \n\t" - "rev r2, r2 \n\t" - "rbit r3, r3 \n\t" - "rev r3, r3 \n\t" - "rbit r4, r4 \n\t" - "rev r4, r4 \n\t" - "rbit r5, r5 \n\t" - "rev r5, r5 \n\t" - "stm %[p], { r2-r5 } \n\t" - : - /* Output: 16 bytes of memory pointed to by &x */ - "+m" (*(uint8_t(*)[16]) &x) - : - [p] "r" (&x) - : - "r2", "r3", "r4", "r5" - ); - return x; -} - -#endif /* defined(MBEDTLS_ARCH_IS_ARM32) */ - #else #error "Target does not support NEON instructions" #endif @@ -457,24 +398,87 @@ int mbedtls_aesce_setkey_enc(unsigned char *rk, #if defined(MBEDTLS_GCM_C) -#if !defined(__clang__) && defined(__GNUC__) && __GNUC__ == 5 +#if defined(MBEDTLS_ARCH_IS_ARM32) + +#if defined(__clang__) +/* On clang for A32/T32, work around some missing intrinsics and types which are listed in + * [ACLE](https://arm-software.github.io/acle/neon_intrinsics/advsimd.html#polynomial-1) + * These are only required for GCM. + */ +#define vreinterpretq_p64_u8(a) ((poly64x2_t) a) +#define vreinterpretq_u8_p128(a) ((uint8x16_t) a) +#define vreinterpretq_u64_p64(a) ((uint64x2_t) a) + +typedef uint8x16_t poly128_t; + +static inline poly128_t vmull_p64(poly64_t a, poly64_t b) +{ + poly128_t r; + asm ("vmull.p64 %[r], %[a], %[b]" : [r] "=w" (r) : [a] "w" (a), [b] "w" (b) :); + return r; +} + +static inline poly64x1_t vget_low_p64(poly64x2_t a) +{ + uint64x1_t r = vget_low_u64(vreinterpretq_u64_p64(a)); + return (poly64x1_t) r; +} + +static inline poly128_t vmull_high_p64(poly64x2_t a, poly64x2_t b) +{ + return vmull_p64((poly64_t) (vget_high_u64((uint64x2_t) a)), + (poly64_t) (vget_high_u64((uint64x2_t) b))); +} + +#endif /* defined(__clang__) */ + +static inline uint8x16_t vrbitq_u8(uint8x16_t x) +{ + /* There is no vrbitq_u8 instruction in A32/T32, so provide + * an equivalent non-Neon implementation. Reverse bit order in each + * byte with 4x rbit, rev. */ + asm ("ldm %[p], { r2-r5 } \n\t" + "rbit r2, r2 \n\t" + "rev r2, r2 \n\t" + "rbit r3, r3 \n\t" + "rev r3, r3 \n\t" + "rbit r4, r4 \n\t" + "rev r4, r4 \n\t" + "rbit r5, r5 \n\t" + "rev r5, r5 \n\t" + "stm %[p], { r2-r5 } \n\t" + : + /* Output: 16 bytes of memory pointed to by &x */ + "+m" (*(uint8_t(*)[16]) &x) + : + [p] "r" (&x) + : + "r2", "r3", "r4", "r5" + ); + return x; +} +#endif /* defined(MBEDTLS_ARCH_IS_ARM32) */ + + +#if defined(MBEDTLS_COMPILER_IS_GCC) && __GNUC__ == 5 /* Some intrinsics are not available for GCC 5.X. */ #define vreinterpretq_p64_u8(a) ((poly64x2_t) a) #define vreinterpretq_u8_p128(a) ((uint8x16_t) a) + static inline poly64_t vget_low_p64(poly64x2_t __a) { uint64x2_t tmp = (uint64x2_t) (__a); uint64x1_t lo = vcreate_u64(vgetq_lane_u64(tmp, 0)); return (poly64_t) (lo); } -#endif /* !__clang__ && __GNUC__ && __GNUC__ == 5*/ +#endif /* MBEDTLS_COMPILER_IS_GCC && __GNUC__ == 5 */ /* vmull_p64/vmull_high_p64 wrappers. * * Older compilers miss some intrinsic functions for `poly*_t`. We use * uint8x16_t and uint8x16x3_t as input/output parameters. */ -#if defined(__GNUC__) && !defined(__clang__) +#if defined(MBEDTLS_COMPILER_IS_GCC) /* GCC reports incompatible type error without cast. GCC think poly64_t and * poly64x1_t are different, that is different with MSVC and Clang. */ #define MBEDTLS_VMULL_P64(a, b) vmull_p64((poly64_t) a, (poly64_t) b) @@ -483,7 +487,8 @@ static inline poly64_t vget_low_p64(poly64x2_t __a) * error with/without cast. And I think poly64_t and poly64x1_t are same, no * cast for clang also. */ #define MBEDTLS_VMULL_P64(a, b) vmull_p64(a, b) -#endif +#endif /* MBEDTLS_COMPILER_IS_GCC */ + static inline uint8x16_t pmull_low(uint8x16_t a, uint8x16_t b) { From 7057c08d10a3772e78ba2c456b1242d8602885e4 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 9 Oct 2023 17:54:29 +0100 Subject: [PATCH 0393/1674] Don't fail tests if hwcap.h not present Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d84bdb7bd..53810014c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4411,16 +4411,21 @@ component_build_aes_armce () { msg "MBEDTLS_AES_USE_HARDWARE_ONLY, clang, thumb" make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" - scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY + # we need asm/hwcap.h available for runtime detection + if (echo '#include ' | clang -E - >/dev/null 2>&1); then + scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY - msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, aarch64" - make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a+crypto" + msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, aarch64" + make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a+crypto" - msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, arm" - make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" + msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, arm" + make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" - msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, thumb" - make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, thumb" + make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" + else + msg "can't include - skipping runtime detection tests" + fi } support_build_sha_armce() { From 90291dfe3354bf7084e0e97b6212ed8a53fffee8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 09:51:16 +0100 Subject: [PATCH 0394/1674] Share some definitions that are common for clang and GCC 5 Signed-off-by: Dave Rodgman --- library/aesce.c | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index ffebbfd27..8ce8fe29c 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -405,8 +405,6 @@ int mbedtls_aesce_setkey_enc(unsigned char *rk, * [ACLE](https://arm-software.github.io/acle/neon_intrinsics/advsimd.html#polynomial-1) * These are only required for GCM. */ -#define vreinterpretq_p64_u8(a) ((poly64x2_t) a) -#define vreinterpretq_u8_p128(a) ((uint8x16_t) a) #define vreinterpretq_u64_p64(a) ((uint64x2_t) a) typedef uint8x16_t poly128_t; @@ -418,11 +416,8 @@ static inline poly128_t vmull_p64(poly64_t a, poly64_t b) return r; } -static inline poly64x1_t vget_low_p64(poly64x2_t a) -{ - uint64x1_t r = vget_low_u64(vreinterpretq_u64_p64(a)); - return (poly64x1_t) r; -} +/* This is set to cause some more missing intrinsics to be defined below */ +#define COMMON_MISSING_INTRINSICS static inline poly128_t vmull_high_p64(poly64x2_t a, poly64x2_t b) { @@ -457,21 +452,30 @@ static inline uint8x16_t vrbitq_u8(uint8x16_t x) ); return x; } -#endif /* defined(MBEDTLS_ARCH_IS_ARM32) */ +#endif /* defined(MBEDTLS_ARCH_IS_ARM32) */ #if defined(MBEDTLS_COMPILER_IS_GCC) && __GNUC__ == 5 /* Some intrinsics are not available for GCC 5.X. */ -#define vreinterpretq_p64_u8(a) ((poly64x2_t) a) +#define COMMON_MISSING_INTRINSICS +#endif /* MBEDTLS_COMPILER_IS_GCC && __GNUC__ == 5 */ + + +#if defined(COMMON_MISSING_INTRINSICS) + +/* Missing intrinsics common to both GCC 5, and Clang on 32-bit */ + +#define vreinterpretq_p64_u8(a) ((poly64x2_t) a) #define vreinterpretq_u8_p128(a) ((uint8x16_t) a) -static inline poly64_t vget_low_p64(poly64x2_t __a) +static inline poly64x1_t vget_low_p64(poly64x2_t a) { - uint64x2_t tmp = (uint64x2_t) (__a); - uint64x1_t lo = vcreate_u64(vgetq_lane_u64(tmp, 0)); - return (poly64_t) (lo); + uint64x1_t r = vget_low_u64(vreinterpretq_u64_p64(a)); + return (poly64x1_t) r; + } -#endif /* MBEDTLS_COMPILER_IS_GCC && __GNUC__ == 5 */ + +#endif /* COMMON_MISSING_INTRINSICS */ /* vmull_p64/vmull_high_p64 wrappers. * From b34fe8b88b9f4c0bfa55c5699a635aa11b0a8ec2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 09:52:46 +0100 Subject: [PATCH 0395/1674] Fix #error typo Signed-off-by: Dave Rodgman --- library/aesce.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/aesce.c b/library/aesce.c index 8ce8fe29c..752e00822 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -62,7 +62,7 @@ /* Compiler version checks. */ #if defined(__clang__) # if defined(MBEDTLS_ARCH_IS_ARM32) && (__clang_major__ < 11) -# error "Minimum version of Clang for MBEDTLS_AESCE_C on 32-bit Arm or Thumb is 111.0." +# error "Minimum version of Clang for MBEDTLS_AESCE_C on 32-bit Arm or Thumb is 11.0." # elif defined(MBEDTLS_ARCH_IS_ARM64) && (__clang_major__ < 4) # error "Minimum version of Clang for MBEDTLS_AESCE_C on aarch64 is 4.0." # endif From cb5c9fb0c23a3ecf3e69a5be0e3dc11f1bed148f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 10:06:02 +0100 Subject: [PATCH 0396/1674] Add volatile to prevent asm being optimised out Signed-off-by: Dave Rodgman --- library/aesce.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/aesce.c b/library/aesce.c index 752e00822..e36c6d42d 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -568,7 +568,7 @@ static inline uint8x16_t poly_mult_reduce(uint8x16x3_t input) /* use 'asm' as an optimisation barrier to prevent loading MODULO from * memory. It is for GNUC compatible compilers. */ - asm ("" : "+w" (r)); + asm volatile ("" : "+w" (r)); #endif uint8x16_t const MODULO = vreinterpretq_u8_u64(vshrq_n_u64(r, 64 - 8)); uint8x16_t h, m, l; /* input high/middle/low 128b */ From 9fd1b526c332d314b3cb235e28cd1fc12a1ace19 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 15:23:44 +0100 Subject: [PATCH 0397/1674] Use MBEDTLS_ARCH_IS_ARMV8_A not MBEDTLS_ARCH_IS_ARMV8 Signed-off-by: Dave Rodgman --- library/aes.c | 6 +++--- library/aesce.c | 10 +++++----- library/aesce.h | 6 +++--- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/library/aes.c b/library/aes.c index 037a91837..4972fba1a 100644 --- a/library/aes.c +++ b/library/aes.c @@ -35,9 +35,9 @@ #include "mbedtls/error.h" #if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) -#if !((defined(MBEDTLS_ARCH_IS_ARMV8) && defined(MBEDTLS_AESCE_C)) || \ - (defined(MBEDTLS_ARCH_IS_X64) && defined(MBEDTLS_AESNI_C)) || \ - (defined(MBEDTLS_ARCH_IS_X86) && defined(MBEDTLS_AESNI_C))) +#if !((defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(MBEDTLS_AESCE_C)) || \ + (defined(MBEDTLS_ARCH_IS_X64) && defined(MBEDTLS_AESNI_C)) || \ + (defined(MBEDTLS_ARCH_IS_X86) && defined(MBEDTLS_AESNI_C))) #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites" #endif #endif diff --git a/library/aesce.c b/library/aesce.c index e36c6d42d..2f9ccb541 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -19,15 +19,15 @@ #if defined(__clang__) && (__clang_major__ >= 4) -/* Ideally, we would simply use MBEDTLS_ARCH_IS_ARMV8 in the following #if, +/* Ideally, we would simply use MBEDTLS_ARCH_IS_ARMV8_A in the following #if, * but that is defined by build_info.h, and we need this block to happen first. */ #if defined(__ARM_ARCH) #if __ARM_ARCH >= 8 -#define MBEDTLS_AESCE_ARCH_IS_ARMV8 +#define MBEDTLS_AESCE_ARCH_IS_ARMV8_A #endif #endif -#if defined(MBEDTLS_AESCE_ARCH_IS_ARMV8) && !defined(__ARM_FEATURE_CRYPTO) +#if defined(MBEDTLS_AESCE_ARCH_IS_ARMV8_A) && !defined(__ARM_FEATURE_CRYPTO) /* TODO: Re-consider above after https://reviews.llvm.org/D131064 merged. * * The intrinsic declaration are guarded by predefined ACLE macros in clang: @@ -57,7 +57,7 @@ #include "aesce.h" -#if defined(MBEDTLS_ARCH_IS_ARMV8) && defined(__ARM_NEON) +#if defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(__ARM_NEON) /* Compiler version checks. */ #if defined(__clang__) @@ -611,6 +611,6 @@ void mbedtls_aesce_gcm_mult(unsigned char c[16], #undef MBEDTLS_POP_TARGET_PRAGMA #endif -#endif /* MBEDTLS_ARCH_IS_ARMV8 */ +#endif /* MBEDTLS_ARCH_IS_ARMV8_A */ #endif /* MBEDTLS_AESCE_C */ diff --git a/library/aesce.h b/library/aesce.h index 149845976..819413bea 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -31,7 +31,7 @@ #include "mbedtls/aes.h" -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARMV8) && defined(__ARM_NEON) +#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(__ARM_NEON) #define MBEDTLS_AESCE_HAVE_CODE @@ -130,10 +130,10 @@ int mbedtls_aesce_setkey_enc(unsigned char *rk, #else -#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && defined(MBEDTLS_ARCH_IS_ARMV8) +#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && defined(MBEDTLS_ARCH_IS_ARMV8_A) #error "AES hardware acceleration not supported on this platform" #endif -#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARMV8 && __ARM_NEON */ +#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARMV8_A && __ARM_NEON */ #endif /* MBEDTLS_AESCE_H */ From 2fe5b8563741441a1fc18c0de4485b1c94dfa58b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 10 Oct 2023 15:26:45 +0100 Subject: [PATCH 0398/1674] Update Changelog to specify Armv8-A Signed-off-by: Dave Rodgman --- ChangeLog.d/armv8-aesce.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/armv8-aesce.txt b/ChangeLog.d/armv8-aesce.txt index bc26e617a..999d439ed 100644 --- a/ChangeLog.d/armv8-aesce.txt +++ b/ChangeLog.d/armv8-aesce.txt @@ -1,3 +1,3 @@ Features - * Support use of Arm Crypto Extensions for hardware acclerated AES on + * Support use of Armv8-A Crypto Extensions for hardware acclerated AES on Thumb and Arm targets. From f3501b454fe9cf6f3a45dcb5c34e07b84d168e13 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 11 Oct 2023 16:21:25 +0100 Subject: [PATCH 0399/1674] Test for presence/absence of AES instructions Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 53810014c..3c2c632b0 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4426,6 +4426,31 @@ component_build_aes_armce () { else msg "can't include - skipping runtime detection tests" fi + + # test for presence of AES instructions + scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY + msg "clang, test A32 crypto instructions built" + make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S" + grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o + msg "clang, test T32 crypto instructions built" + make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S" + grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o + msg "clang, test aarch64 crypto instructions built" + make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S" + grep -E 'aes[a-z]+\s*[qv]' library/aesce.o + + # test for absence of AES instructions + scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY + scripts/config.py unset MBEDTLS_AESCE_C + msg "clang, test A32 crypto instructions not built" + make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S" + not grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o + msg "clang, test T32 crypto instructions not built" + make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S" + not grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o + msg "clang, test aarch64 crypto instructions not built" + make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S" + not grep -E 'aes[a-z]+\s*[qv]' library/aesce.o } support_build_sha_armce() { From c61990634cb26da933f3e882ab3fe46dae37fe74 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 12 Oct 2023 11:59:04 +0100 Subject: [PATCH 0400/1674] Clarify changelog Signed-off-by: Dave Rodgman --- ChangeLog.d/armv8-aesce.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog.d/armv8-aesce.txt b/ChangeLog.d/armv8-aesce.txt index 999d439ed..ec5889c1b 100644 --- a/ChangeLog.d/armv8-aesce.txt +++ b/ChangeLog.d/armv8-aesce.txt @@ -1,3 +1,3 @@ Features - * Support use of Armv8-A Crypto Extensions for hardware acclerated AES on - Thumb and Arm targets. + * Support use of Armv8-A Cryptographic Extensions for hardware acclerated + AES when compiling for Thumb (T32) or 32-bit Arm (A32). From 5e41937eba275522033cdc4235644d28570189a6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 23 Oct 2023 15:30:20 +0100 Subject: [PATCH 0401/1674] Remove dependency on asm/hwcap.h Signed-off-by: Dave Rodgman --- library/aesce.c | 13 ++++++++++++- tests/scripts/all.sh | 19 +++++++------------ 2 files changed, 19 insertions(+), 13 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 2f9ccb541..f547eaa93 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -118,8 +118,19 @@ #if defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) -#include #include +#if !defined(HWCAP_NEON) +#define HWCAP_NEON (1 << 12) +#endif +#if !defined(HWCAP2_AES) +#define HWCAP2_AES (1 << 0) +#endif +#if !defined(HWCAP_AES) +#define HWCAP_AES (1 << 3) +#endif +#if !defined(HWCAP_ASIMD) +#define HWCAP_ASIMD (1 << 1) +#endif signed char mbedtls_aesce_has_support_result = -1; diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 3c2c632b0..73bcc856d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4411,21 +4411,16 @@ component_build_aes_armce () { msg "MBEDTLS_AES_USE_HARDWARE_ONLY, clang, thumb" make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" - # we need asm/hwcap.h available for runtime detection - if (echo '#include ' | clang -E - >/dev/null 2>&1); then - scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY + scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY - msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, aarch64" - make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a+crypto" + msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, aarch64" + make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a+crypto" - msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, arm" - make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" + msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, arm" + make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm" - msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, thumb" - make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" - else - msg "can't include - skipping runtime detection tests" - fi + msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, thumb" + make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb" # test for presence of AES instructions scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY From b6b301fa8d9bbd8f42bb7df69605e58867bbb9b3 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 4 Oct 2023 12:05:05 +0200 Subject: [PATCH 0402/1674] test: add component accelerating both ciphers and AEADs This also adds a new task in analyze_outcomes.py for checking the accelaration coverage against the reference element. Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 96 ++++++++++++++++++++++++++++++- tests/scripts/analyze_outcomes.py | 11 ++++ 2 files changed, 106 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f76edda4e..a0430abd5 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -204,7 +204,7 @@ pre_initialize_variables () { # CFLAGS and LDFLAGS for Asan builds that don't use CMake # default to -O2, use -Ox _after_ this if you want another level - ASAN_CFLAGS='-O2 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' + ASAN_CFLAGS='-O0 -g -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' # Platform tests have an allocation that returns null export ASAN_OPTIONS="allocator_may_return_null=1" @@ -3596,6 +3596,100 @@ component_test_psa_crypto_config_accel_aead () { make test } +# The 2 following test components, i.e. +# - component_test_psa_crypto_config_accel_cipher_aead +# - component_test_psa_crypto_config_reference_cipher_aead +# are meant to be used together in analyze_outcomes.py script in order to test +# driver's coverage for ciphers and AEADs. +component_test_psa_crypto_config_accel_cipher_aead () { + msg "test: crypto config with accelerated cipher and AEAD" + + loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB ALG_OFB ALG_XTS \ + ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 \ + KEY_TYPE_DES KEY_TYPE_AES KEY_TYPE_ARIA KEY_TYPE_CHACHA20 KEY_TYPE_CAMELLIA" + + # Configure + # --------- + + # Start from the crypto config (no X509 and TLS) + helper_libtestdriver1_adjust_config "crypto" + + # There is no intended accelerator support for ALG CMAC. Therefore, asking + # for it in the build implies the inclusion of the Mbed TLS cipher + # operations. As we want to test here with cipher operations solely + # supported by accelerators, disabled this PSA configuration option. + # (Note: the same applies to STREAM_CIPHER and ECB_NO_PADDING, which are + # already disabled by helper_libtestdriver1_adjust_config above.) + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CMAC + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 + + # Disable the things that are being accelerated + scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC + scripts/config.py unset MBEDTLS_CIPHER_PADDING_PKCS7 + scripts/config.py unset MBEDTLS_CIPHER_MODE_CTR + scripts/config.py unset MBEDTLS_CIPHER_MODE_CFB + scripts/config.py unset MBEDTLS_CIPHER_MODE_OFB + scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS + scripts/config.py unset MBEDTLS_GCM_C + scripts/config.py unset MBEDTLS_CCM_C + scripts/config.py unset MBEDTLS_CHACHAPOLY_C + scripts/config.py unset MBEDTLS_DES_C + scripts/config.py unset MBEDTLS_AES_C + scripts/config.py unset MBEDTLS_ARIA_C + scripts/config.py unset MBEDTLS_CHACHA20_C + scripts/config.py unset MBEDTLS_CAMELLIA_C + + # Disable dependencies + scripts/config.py unset MBEDTLS_CTR_DRBG_C + scripts/config.py unset MBEDTLS_CMAC_C + scripts/config.py unset MBEDTLS_NIST_KW_C + + # Build + # ----- + + helper_libtestdriver1_make_drivers "$loc_accel_list" + + helper_libtestdriver1_make_main "$loc_accel_list" + + # Make sure this was not re-enabled by accident (additive config) + not grep mbedtls_des* library/des.o + not grep mbedtls_aes* library/aes.o + not grep mbedtls_aria* library/aria.o + not grep mbedtls_camellia* library/camellia.o + not grep mbedtls_ccm library/ccm.o + not grep mbedtls_gcm library/gcm.o + not grep mbedtls_chachapoly library/chachapoly.o + not grep mbedtls_cmac library/cmac.o + + # Run the tests + # ------------- + + msg "test: crypto config with accelerated cipher and AEAD" + make test +} + +component_test_psa_crypto_config_reference_cipher_aead () { + helper_libtestdriver1_adjust_config "crypto" + + # Disable the same dependencies and undesired components as in the + # accelerated counterpart + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CMAC + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 + scripts/config.py unset MBEDTLS_CTR_DRBG_C + scripts/config.py unset MBEDTLS_CMAC_C + scripts/config.py unset MBEDTLS_NIST_KW_C + + # ALG_PBKDF2_AES_CMAC_PRF_128 is disabled on the accelerated counterpart + # so we disable PKCS5/12 here for simmetry + scripts/config.py unset MBEDTLS_PKCS5_C + scripts/config.py unset MBEDTLS_PKCS12_C + + msg "test: crypto config with non-accelerated cipher and AEAD" + make test +} + component_test_aead_chachapoly_disabled() { msg "build: full minus CHACHAPOLY" scripts/config.py full diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 925433118..b7fb5775c 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -214,6 +214,17 @@ KNOWN_TASKS = { } } }, + 'analyze_driver_vs_reference_cipher_aead': { + 'test_function': do_analyze_driver_vs_reference, + 'args': { + 'component_ref': 'test_psa_crypto_config_reference_cipher_aead', + 'component_driver': 'test_psa_crypto_config_accel_cipher_aead', + 'ignored_suites': [ + ], + 'ignored_tests': { + } + } + }, 'analyze_driver_vs_reference_ecp_light_only': { 'test_function': do_analyze_driver_vs_reference, 'args': { From d3bdccc0635a550994f4c63d715cbcc4e8918548 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 4 Oct 2023 12:09:06 +0200 Subject: [PATCH 0403/1674] test_suite_cipher: successfully quit test if no cipher is supported Signed-off-by: Valerio Setti --- tests/suites/test_suite_cipher.function | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 3140ba9ed..336357e84 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -173,8 +173,8 @@ void cipher_invalid_param_unconditional() unsigned char valid_buffer[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }; int valid_size = sizeof(valid_buffer); int valid_bitlen = valid_size * 8; - const mbedtls_cipher_info_t *valid_info = mbedtls_cipher_info_from_type( - *(mbedtls_cipher_list())); + const int *cipher_list = mbedtls_cipher_list(); + const mbedtls_cipher_info_t *valid_info; size_t size_t_var; (void) valid_mode; /* In some configurations this is unused */ @@ -182,6 +182,12 @@ void cipher_invalid_param_unconditional() mbedtls_cipher_init(&valid_ctx); mbedtls_cipher_init(&invalid_ctx); + /* Ensure that there is at least 1 supported cipher, otherwise exit gracefully */ + if (*cipher_list == 0) { + goto exit; + } + valid_info = mbedtls_cipher_info_from_type(*cipher_list); + TEST_ASSERT(mbedtls_cipher_setup(&valid_ctx, valid_info) == 0); /* mbedtls_cipher_setup() */ From 7448cee8f017d660db69751c0938fc20a84531d7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 4 Oct 2023 15:46:42 +0200 Subject: [PATCH 0404/1674] analyze_outcomes.py: skip tests that depends on builtin features Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 61 +++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index b7fb5775c..bc99a043f 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -219,9 +219,70 @@ KNOWN_TASKS = { 'args': { 'component_ref': 'test_psa_crypto_config_reference_cipher_aead', 'component_driver': 'test_psa_crypto_config_accel_cipher_aead', + # Ignore suites that are being accelerated 'ignored_suites': [ + 'aes.cbc', + 'aes.cfb', + 'aes.ecb', + 'aes.ofb', + 'aes.rest', + 'aes.xts', + 'aria', + 'camellia', + 'ccm', + 'chacha20', + 'chachapoly', + 'cipher.aes', + 'cipher.aria', + 'cipher.camellia', + 'cipher.ccm', + 'cipher.chacha20', + 'cipher.chachapoly', + 'cipher.des', + 'cipher.gcm', + 'cipher.nist_kw', + 'cipher.padding', + 'des', + 'gcm.aes128_de', + 'gcm.aes128_en', + 'gcm.aes192_de', + 'gcm.aes192_en', + 'gcm.aes256_de', + 'gcm.aes256_en', + 'gcm.camellia', + 'gcm.misc', ], 'ignored_tests': { + # Following tests depends on AES_C/DES_C + 'test_suite_pem': [ + 'PEM read (AES-128-CBC + invalid iv)' + 'PEM read (DES-CBC + invalid iv)', + 'PEM read (DES-EDE3-CBC + invalid iv)', + 'PEM read (malformed PEM AES-128-CBC)', + 'PEM read (malformed PEM DES-CBC)', + 'PEM read (malformed PEM DES-EDE3-CBC)', + 'PEM read (unknown encryption algorithm)', + 'PEM read (AES-128-CBC + invalid iv)', + 'PEM read (DES-CBC + invalid iv)', + ], + # Following tests depends on AES_C/DES_C + 'test_suite_error': [ + 'Low and high error', + 'Single low error' + ], + # Following tests depends on AES_C/DES_C/GCM_C/CTR + 'test_suite_psa_crypto': [ + 'PSA AEAD encrypt/decrypt: DES-CCM not supported', + 'PSA AEAD encrypt/decrypt: invalid algorithm (CTR)', + 'PSA cipher setup: bad algorithm (unknown cipher algorithm)', + 'PSA cipher setup: incompatible key ChaCha20 for CTR', + 'PSA cipher setup: invalid key type, CTR', + 'PSA symmetric decrypt: CCM*-no-tag, input too short (15 bytes)', + ], + # Following test depends on AES_C + 'test_suite_version': [ + 'Check for MBEDTLS_AES_C when already present', + ] } } }, From 58d2b1aff262c25fcc78dbbea715d84daf206314 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 12 Oct 2023 15:24:12 +0200 Subject: [PATCH 0405/1674] all.sh: fix minor issues Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a0430abd5..a484df011 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -204,7 +204,7 @@ pre_initialize_variables () { # CFLAGS and LDFLAGS for Asan builds that don't use CMake # default to -O2, use -Ox _after_ this if you want another level - ASAN_CFLAGS='-O0 -g -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' + ASAN_CFLAGS='-O2 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' # Platform tests have an allocation that returns null export ASAN_OPTIONS="allocator_may_return_null=1" @@ -3652,10 +3652,10 @@ component_test_psa_crypto_config_accel_cipher_aead () { helper_libtestdriver1_make_main "$loc_accel_list" # Make sure this was not re-enabled by accident (additive config) - not grep mbedtls_des* library/des.o - not grep mbedtls_aes* library/aes.o - not grep mbedtls_aria* library/aria.o - not grep mbedtls_camellia* library/camellia.o + not grep mbedtls_des library/des.o + not grep mbedtls_aes library/aes.o + not grep mbedtls_aria library/aria.o + not grep mbedtls_camellia library/camellia.o not grep mbedtls_ccm library/ccm.o not grep mbedtls_gcm library/gcm.o not grep mbedtls_chachapoly library/chachapoly.o From e86677d0c3b0672072d2526ddd2252bb7cdd4ef6 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 12 Oct 2023 16:05:10 +0200 Subject: [PATCH 0406/1674] pkparse: fix missing guards for pkcs5/12 functions Signed-off-by: Valerio Setti --- library/pkparse.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index b4299518f..ef57cee80 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1424,7 +1424,7 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der( unsigned char *buf; unsigned char *p, *end; mbedtls_asn1_buf pbe_alg_oid, pbe_params; -#if defined(MBEDTLS_PKCS12_C) +#if defined(MBEDTLS_PKCS12_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7) mbedtls_cipher_type_t cipher_alg; mbedtls_md_type_t md_alg; #endif @@ -1472,7 +1472,7 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der( /* * Decrypt EncryptedData with appropriate PBE */ -#if defined(MBEDTLS_PKCS12_C) +#if defined(MBEDTLS_PKCS12_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7) if (mbedtls_oid_get_pkcs12_pbe_alg(&pbe_alg_oid, &md_alg, &cipher_alg) == 0) { if ((ret = mbedtls_pkcs12_pbe_ext(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, cipher_alg, md_alg, @@ -1487,7 +1487,7 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der( decrypted = 1; } else #endif /* MBEDTLS_PKCS12_C */ -#if defined(MBEDTLS_PKCS5_C) +#if defined(MBEDTLS_PKCS5_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7) if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS5_PBES2, &pbe_alg_oid) == 0) { if ((ret = mbedtls_pkcs5_pbes2_ext(&pbe_params, MBEDTLS_PKCS5_DECRYPT, pwd, pwdlen, p, len, buf, len, &outlen)) != 0) { From a6c0761c43cb1c70c762db940ab672561b709a2b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 12 Oct 2023 18:48:24 +0200 Subject: [PATCH 0407/1674] cipher_wrap: fix guards for GCM/CCM AES Signed-off-by: Valerio Setti --- library/cipher_wrap.c | 38 +++++++++++++++++++------------------- library/cipher_wrap.h | 6 ++++++ 2 files changed, 25 insertions(+), 19 deletions(-) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 4e1e996c6..d977e4757 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -568,17 +568,18 @@ static const mbedtls_cipher_info_t aes_256_xts_info = { }; #endif #endif /* MBEDTLS_CIPHER_MODE_XTS */ +#endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C) static int gcm_aes_setkey_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES, key, key_bitlen); } -#endif /* MBEDTLS_GCM_C */ +#endif /* MBEDTLS_GCM_C && MBEDTLS_AES_C */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_base_t gcm_aes_info = { MBEDTLS_CIPHER_ID_AES, NULL, @@ -612,9 +613,9 @@ static const mbedtls_cipher_base_t gcm_aes_info = { NULL, #endif /* MBEDTLS_GCM_C */ }; -#endif /* MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA */ -#if defined(MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA) +#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_info_t aes_128_gcm_info = { "AES-128-GCM", 16, @@ -649,18 +650,18 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = { MBEDTLS_CIPHER_BASE_INDEX_GCM_AES }; #endif -#endif /* MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA */ +#endif /* MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA */ -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C) static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES, key, key_bitlen); } -#endif /* MBEDTLS_CCM_C */ +#endif /* MBEDTLS_CCM_C && MBEDTLS_AES_C */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_base_t ccm_aes_info = { MBEDTLS_CIPHER_ID_AES, NULL, @@ -694,9 +695,9 @@ static const mbedtls_cipher_base_t ccm_aes_info = { NULL, #endif }; -#endif /* MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_info_t aes_128_ccm_info = { "AES-128-CCM", 16, @@ -731,9 +732,9 @@ static const mbedtls_cipher_info_t aes_256_ccm_info = { MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif -#endif /* MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA */ -#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_VIA_LEGACY_OR_USE_PSA) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_AES_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_info_t aes_128_ccm_star_no_tag_info = { "AES-128-CCM*-NO-TAG", 16, @@ -768,9 +769,8 @@ static const mbedtls_cipher_info_t aes_256_ccm_star_no_tag_info = { MBEDTLS_CIPHER_BASE_INDEX_CCM_AES }; #endif -#endif /* MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_VIA_LEGACY_OR_USE_PSA */ +#endif /* MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_AES_VIA_LEGACY_OR_USE_PSA */ -#endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -2269,28 +2269,28 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] = { MBEDTLS_CIPHER_AES_256_XTS, &aes_256_xts_info }, #endif #endif -#if defined(MBEDTLS_CIPHER_HAVE_GCM_VIA_LEGACY_OR_USE_PSA) +#endif /* MBEDTLS_AES_C */ +#if defined(MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA) { MBEDTLS_CIPHER_AES_128_GCM, &aes_128_gcm_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_GCM, &aes_192_gcm_info }, { MBEDTLS_CIPHER_AES_256_GCM, &aes_256_gcm_info }, #endif #endif -#if defined(MBEDTLS_CIPHER_HAVE_CCM_VIA_LEGACY_OR_USE_PSA) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA) { MBEDTLS_CIPHER_AES_128_CCM, &aes_128_ccm_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM, &aes_192_ccm_info }, { MBEDTLS_CIPHER_AES_256_CCM, &aes_256_ccm_info }, #endif #endif -#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_VIA_LEGACY_OR_USE_PSA) +#if defined(MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_AES_VIA_LEGACY_OR_USE_PSA) { MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG, &aes_128_ccm_star_no_tag_info }, #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) { MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG, &aes_192_ccm_star_no_tag_info }, { MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG, &aes_256_ccm_star_no_tag_info }, #endif #endif -#endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) { MBEDTLS_CIPHER_CAMELLIA_128_ECB, &camellia_128_ecb_info }, diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h index c1915bce9..85a011caf 100644 --- a/library/cipher_wrap.h +++ b/library/cipher_wrap.h @@ -62,6 +62,12 @@ extern "C" { #define MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_VIA_LEGACY_OR_USE_PSA #endif +#if (defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) && \ + defined(PSA_WANT_KEY_TYPE_AES)) +#define MBEDTLS_CIPHER_HAVE_CCM_STAR_NO_TAG_AES_VIA_LEGACY_OR_USE_PSA +#endif + #if defined(MBEDTLS_CHACHAPOLY_C) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CHACHA20_POLY1305)) #define MBEDTLS_CIPHER_HAVE_CHACHAPOLY_VIA_LEGACY_OR_USE_PSA From 79a02de79fe9f73a80e198dc914ff4aaa4551634 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 12 Oct 2023 18:48:55 +0200 Subject: [PATCH 0408/1674] cipher: check that ctx_alloc_func is not NULL before calling it Signed-off-by: Valerio Setti --- library/cipher.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/cipher.c b/library/cipher.c index 9f9f1075c..fd04a7de1 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -263,7 +263,8 @@ int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, memset(ctx, 0, sizeof(mbedtls_cipher_context_t)); - if (NULL == (ctx->cipher_ctx = mbedtls_cipher_get_base(cipher_info)->ctx_alloc_func())) { + if ((mbedtls_cipher_get_base(cipher_info)->ctx_alloc_func != NULL) && + (ctx->cipher_ctx = mbedtls_cipher_get_base(cipher_info)->ctx_alloc_func()) == NULL) { return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; } From 29bcd01cf34b03bcfbaf63467e2cb3a19620dfd4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 12 Oct 2023 18:54:58 +0200 Subject: [PATCH 0409/1674] all.sh: move [accel/reference]_cipher_aead to crypto_full Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a484df011..3b4cdd38a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -204,7 +204,7 @@ pre_initialize_variables () { # CFLAGS and LDFLAGS for Asan builds that don't use CMake # default to -O2, use -Ox _after_ this if you want another level - ASAN_CFLAGS='-O2 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' + ASAN_CFLAGS='-O0 -g -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' # Platform tests have an allocation that returns null export ASAN_OPTIONS="allocator_may_return_null=1" @@ -3612,7 +3612,7 @@ component_test_psa_crypto_config_accel_cipher_aead () { # --------- # Start from the crypto config (no X509 and TLS) - helper_libtestdriver1_adjust_config "crypto" + helper_libtestdriver1_adjust_config "crypto_full" # There is no intended accelerator support for ALG CMAC. Therefore, asking # for it in the build implies the inclusion of the Mbed TLS cipher @@ -3669,7 +3669,7 @@ component_test_psa_crypto_config_accel_cipher_aead () { } component_test_psa_crypto_config_reference_cipher_aead () { - helper_libtestdriver1_adjust_config "crypto" + helper_libtestdriver1_adjust_config "crypto_full" # Disable the same dependencies and undesired components as in the # accelerated counterpart From 93941440c13585c9aa75ecd7ae36cf19fdd393b4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 13 Oct 2023 09:19:52 +0200 Subject: [PATCH 0410/1674] all.sh: keep PKCS5/12 enabled in the reference component This commit also add proper "ignore" fields to the "analyze_outcomes.py" script. Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 5 - tests/scripts/analyze_outcomes.py | 255 +++++++++++++++++++++++++++++- 2 files changed, 254 insertions(+), 6 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 3b4cdd38a..83aa7a2b1 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3681,11 +3681,6 @@ component_test_psa_crypto_config_reference_cipher_aead () { scripts/config.py unset MBEDTLS_CMAC_C scripts/config.py unset MBEDTLS_NIST_KW_C - # ALG_PBKDF2_AES_CMAC_PRF_128 is disabled on the accelerated counterpart - # so we disable PKCS5/12 here for simmetry - scripts/config.py unset MBEDTLS_PKCS5_C - scripts/config.py unset MBEDTLS_PKCS12_C - msg "test: crypto config with non-accelerated cipher and AEAD" make test } diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index bc99a043f..52aadb6f6 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -282,7 +282,260 @@ KNOWN_TASKS = { # Following test depends on AES_C 'test_suite_version': [ 'Check for MBEDTLS_AES_C when already present', - ] + ], + # Following tests depends on PCKS7 + 'test_suite_pkcs12': [ + 'PBE Decrypt, (Invalid padding & PKCS7 padding enabled)', + 'PBE Decrypt, pad = 7 (OK)', + 'PBE Decrypt, pad = 8 (Invalid output size)', + 'PBE Decrypt, pad = 8 (OK)', + 'PBE Encrypt, pad = 7 (OK)', + 'PBE Encrypt, pad = 8 (Invalid output size)', + 'PBE Encrypt, pad = 8 (OK)', + ], + # Following tests depends on PCKS7 + 'test_suite_pkcs5': [ + 'PBES2 Decrypt (Invalid output size)', + 'PBES2 Decrypt (Invalid padding & PKCS7 padding enabled)', + 'PBES2 Decrypt (KDF != PBKDF2)', + 'PBES2 Decrypt (OK)', + 'PBES2 Decrypt (OK, PBKDF2 params explicit keylen)', + 'PBES2 Decrypt (OK, PBKDF2 params explicit prf_alg)', + 'PBES2 Decrypt (bad KDF AlgId: not a sequence)', + 'PBES2 Decrypt (bad KDF AlgId: overlong)', + 'PBES2 Decrypt (bad PBKDF2 params explicit keylen: overlong)', + 'PBES2 Decrypt (bad PBKDF2 params iter: not an int)', + 'PBES2 Decrypt (bad PBKDF2 params iter: overlong)', + 'PBES2 Decrypt (bad PBKDF2 params salt: not an octet string)', + 'PBES2 Decrypt (bad PBKDF2 params salt: overlong)', + 'PBES2 Decrypt (bad PBKDF2 params: not a sequence)', + 'PBES2 Decrypt (bad PBKDF2 params: overlong)', + 'PBES2 Decrypt (bad enc_scheme_alg params: len != iv_len)', + 'PBES2 Decrypt (bad enc_scheme_alg params: not an octet string)', + 'PBES2 Decrypt (bad enc_scheme_alg params: overlong)', + 'PBES2 Decrypt (bad enc_scheme_alg: not a sequence)', + 'PBES2 Decrypt (bad enc_scheme_alg: overlong)', + 'PBES2 Decrypt (bad enc_scheme_alg: unknown oid)', + 'PBES2 Decrypt (bad iter value)', + 'PBES2 Decrypt (bad params tag)', + 'PBES2 Decrypt (bad password)', + 'PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg != HMAC-SHA*)', + 'PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg not a sequence)', + 'PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg overlong)', + 'PBES2 Decrypt (bad, PBKDF2 params extra data)', + 'PBES2 Encrypt, pad=6 (OK)', + 'PBES2 Encrypt, pad=8 (Invalid output size)', + 'PBES2 Encrypt, pad=8 (OK)', + ], + # Following tests depends on DES + 'test_suite_pkparse': [ + 'Key ASN1 (Encrypted key PKCS12, trailing garbage data)', + 'Key ASN1 (Encrypted key PKCS5, trailing garbage data)', + 'Parse RSA Key #20 (PKCS#8 encrypted SHA1-3DES)', + 'Parse RSA Key #20.1 (PKCS#8 encrypted SHA1-3DES, wrong PW)', + 'Parse RSA Key #20.2 (PKCS#8 encrypted SHA1-3DES, no PW)', + 'Parse RSA Key #21 (PKCS#8 encrypted SHA1-3DES, 2048-bit)', + 'Parse RSA Key #21.1 (PKCS#8 encrypted SHA1-3DES, 2048-bit, wrong PW)', + 'Parse RSA Key #21.2 (PKCS#8 encrypted SHA1-3DES, 2048-bit, no PW)', + 'Parse RSA Key #22 (PKCS#8 encrypted SHA1-3DES, 4096-bit)', + 'Parse RSA Key #22.1 (PKCS#8 encrypted SHA1-3DES, 4096-bit, wrong PW)', + 'Parse RSA Key #22.2 (PKCS#8 encrypted SHA1-3DES, 4096-bit, no PW)', + 'Parse RSA Key #23 (PKCS#8 encrypted SHA1-3DES DER)', + 'Parse RSA Key #24 (PKCS#8 encrypted SHA1-3DES DER, 2048-bit)', + 'Parse RSA Key #25 (PKCS#8 encrypted SHA1-3DES DER, 4096-bit)', + 'Parse RSA Key #26 (PKCS#8 encrypted SHA1-2DES)', + 'Parse RSA Key #26.1 (PKCS#8 encrypted SHA1-2DES, wrong PW)', + 'Parse RSA Key #26.2 (PKCS#8 encrypted SHA1-2DES, no PW)', + 'Parse RSA Key #27 (PKCS#8 encrypted SHA1-2DES, 2048-bit)', + 'Parse RSA Key #27.1 (PKCS#8 encrypted SHA1-2DES, 2048-bit, wrong PW)', + 'Parse RSA Key #27.2 (PKCS#8 encrypted SHA1-2DES, 2048-bit no PW)', + 'Parse RSA Key #28 (PKCS#8 encrypted SHA1-2DES, 4096-bit)', + 'Parse RSA Key #28.1 (PKCS#8 encrypted SHA1-2DES, 4096-bit, wrong PW)', + 'Parse RSA Key #28.2 (PKCS#8 encrypted SHA1-2DES, 4096-bit, no PW)', + 'Parse RSA Key #29 (PKCS#8 encrypted SHA1-2DES DER)', + 'Parse RSA Key #30 (PKCS#8 encrypted SHA1-2DES DER, 2048-bit)', + 'Parse RSA Key #31 (PKCS#8 encrypted SHA1-2DES DER, 4096-bit)', + 'Parse RSA Key #38 (PKCS#8 encrypted v2 PBKDF2 3DES)', + 'Parse RSA Key #38.1 (PKCS#8 encrypted v2 PBKDF2 3DES, wrong PW)', + 'Parse RSA Key #38.2 (PKCS#8 encrypted v2 PBKDF2 3DES, no PW)', + 'Parse RSA Key #39 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit)', + 'Parse RSA Key #39.1 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit, wrong PW)', + 'Parse RSA Key #39.2 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit, no PW)', + 'Parse RSA Key #40 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit)', + 'Parse RSA Key #40.1 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit, wrong PW)', + 'Parse RSA Key #40.2 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit, no PW)', + 'Parse RSA Key #41 (PKCS#8 encrypted v2 PBKDF2 3DES DER)', + 'Parse RSA Key #41.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, wrong PW)', + 'Parse RSA Key #41.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, no PW)', + 'Parse RSA Key #42 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit)', + 'Parse RSA Key #42.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit, wrong PW)', + 'Parse RSA Key #42.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit, no PW)', + 'Parse RSA Key #43 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit)', + 'Parse RSA Key #43.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit, wrong PW)', + 'Parse RSA Key #43.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit, no PW)', + 'Parse RSA Key #44 (PKCS#8 encrypted v2 PBKDF2 DES)', + 'Parse RSA Key #44.1 (PKCS#8 encrypted v2 PBKDF2 DES, wrong PW)', + 'Parse RSA Key #44.2 (PKCS#8 encrypted v2 PBKDF2 DES, no PW)', + 'Parse RSA Key #45 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit)', + 'Parse RSA Key #45.1 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit, wrong PW)', + 'Parse RSA Key #45.2 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit, no PW)', + 'Parse RSA Key #46 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit)', + 'Parse RSA Key #46.1 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit, wrong PW)', + 'Parse RSA Key #46.2 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit, no PW)', + 'Parse RSA Key #47 (PKCS#8 encrypted v2 PBKDF2 DES DER)', + 'Parse RSA Key #47.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, wrong PW)', + 'Parse RSA Key #47.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, no PW)', + 'Parse RSA Key #48 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit)', + 'Parse RSA Key #48.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit, wrong PW)', + 'Parse RSA Key #48.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit, no PW)', + 'Parse RSA Key #49 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit)', + 'Parse RSA Key #49.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit, wrong PW)', + 'Parse RSA Key #49.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit, no PW)', + 'Parse RSA Key #50 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224)', + 'Parse RSA Key #50.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, wrong PW)', + 'Parse RSA Key #50.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, no PW)', + 'Parse RSA Key #51 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit)', + 'Parse RSA Key #51.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, wrong PW)', + 'Parse RSA Key #51.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, no PW)', + 'Parse RSA Key #52 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit)', + 'Parse RSA Key #52.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, wrong PW)', + 'Parse RSA Key #52.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, no PW)', + 'Parse RSA Key #53 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER)', + 'Parse RSA Key #53.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, wrong PW)', + 'Parse RSA Key #53.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, no PW)', + 'Parse RSA Key #54 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit)', + 'Parse RSA Key #54.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, wrong PW)', + 'Parse RSA Key #54.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, no PW)', + 'Parse RSA Key #55 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit)', + 'Parse RSA Key #55.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, wrong PW)', + 'Parse RSA Key #55.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, no PW)', + 'Parse RSA Key #56 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224)', + 'Parse RSA Key #56.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, wrong PW)', + 'Parse RSA Key #56.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, no PW)', + 'Parse RSA Key #57 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit)', + 'Parse RSA Key #57.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, wrong PW)', + 'Parse RSA Key #57.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, no PW)', + 'Parse RSA Key #58 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit)', + 'Parse RSA Key #58.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, wrong PW)', + 'Parse RSA Key #58.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, no PW)', + 'Parse RSA Key #59 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER)', + 'Parse RSA Key #59.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, wrong PW)', + 'Parse RSA Key #59.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, no PW)', + 'Parse RSA Key #60 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit)', + 'Parse RSA Key #60.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, wrong PW)', + 'Parse RSA Key #60.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, no PW)', + 'Parse RSA Key #61 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit)', + 'Parse RSA Key #61.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, wrong PW)', + 'Parse RSA Key #61.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, no PW)', + 'Parse RSA Key #62 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256)', + 'Parse RSA Key #62.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, wrong PW)', + 'Parse RSA Key #62.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, no PW)', + 'Parse RSA Key #63 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit)', + 'Parse RSA Key #63.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit, wrong PW)', + 'Parse RSA Key #63.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit, no PW)', + 'Parse RSA Key #64 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit)', + 'Parse RSA Key #64.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit, wrong PW)', + 'Parse RSA Key #64.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit, no PW)', + 'Parse RSA Key #65 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER)', + 'Parse RSA Key #65.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, wrong PW)', + 'Parse RSA Key #65.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, no PW)', + 'Parse RSA Key #66 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit)', + 'Parse RSA Key #66.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit, wrong PW)', + 'Parse RSA Key #66.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit, no PW)', + 'Parse RSA Key #67 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit)', + 'Parse RSA Key #68.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit, wrong PW)', + 'Parse RSA Key #68.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit, no PW)', + 'Parse RSA Key #69 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256)', + 'Parse RSA Key #69.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, wrong PW)', + 'Parse RSA Key #69.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, no PW)', + 'Parse RSA Key #70 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit)', + 'Parse RSA Key #70.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit, wrong PW)', + 'Parse RSA Key #70.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit, no PW)', + 'Parse RSA Key #71 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit)', + 'Parse RSA Key #71.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit, wrong PW)', + 'Parse RSA Key #71.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit, no PW)', + 'Parse RSA Key #72 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER)', + 'Parse RSA Key #72.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, wrong PW)', + 'Parse RSA Key #72.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, no PW)', + 'Parse RSA Key #73 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit)', + 'Parse RSA Key #73.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit, wrong PW)', + 'Parse RSA Key #73.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit, no PW)', + 'Parse RSA Key #74 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit)', + 'Parse RSA Key #74.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit, wrong PW)', + 'Parse RSA Key #74.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit, no PW)', + 'Parse RSA Key #75 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384)', + 'Parse RSA Key #75.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, wrong PW)', + 'Parse RSA Key #75.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, no PW)', + 'Parse RSA Key #76 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit)', + 'Parse RSA Key #76.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, wrong PW)', + 'Parse RSA Key #76.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, no PW)', + 'Parse RSA Key #77 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit)', + 'Parse RSA Key #77.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, wrong PW)', + 'Parse RSA Key #77.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, no PW)', + 'Parse RSA Key #78 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER)', + 'Parse RSA Key #78.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, wrong PW)', + 'Parse RSA Key #78.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, no PW)', + 'Parse RSA Key #79 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit)', + 'Parse RSA Key #79.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, wrong PW)', + 'Parse RSA Key #79.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, no PW)', + 'Parse RSA Key #80 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit)', + 'Parse RSA Key #80.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, wrong PW)', + 'Parse RSA Key #80.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, no PW)', + 'Parse RSA Key #81 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384)', + 'Parse RSA Key #81.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, wrong PW)', + 'Parse RSA Key #81.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, no PW)', + 'Parse RSA Key #82 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit)', + 'Parse RSA Key #82.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, wrong PW)', + 'Parse RSA Key #82.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, no PW)', + 'Parse RSA Key #83 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit)', + 'Parse RSA Key #83.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, wrong PW)', + 'Parse RSA Key #83.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, no PW)', + 'Parse RSA Key #84 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER)', + 'Parse RSA Key #84.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, wrong PW)', + 'Parse RSA Key #85.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, no PW)', + 'Parse RSA Key #86 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit)', + 'Parse RSA Key #86.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, wrong PW)', + 'Parse RSA Key #86.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, no PW)', + 'Parse RSA Key #87 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit)', + 'Parse RSA Key #87.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, wrong PW)', + 'Parse RSA Key #87.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, no PW)', + 'Parse RSA Key #88 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512)', + 'Parse RSA Key #88.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, wrong PW)', + 'Parse RSA Key #88.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, no PW)', + 'Parse RSA Key #89 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit)', + 'Parse RSA Key #89.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit, wrong PW)', + 'Parse RSA Key #89.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit, no PW)', + 'Parse RSA Key #90 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit)', + 'Parse RSA Key #90.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit, wrong PW)', + 'Parse RSA Key #90.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit, no PW)', + 'Parse RSA Key #91 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER)', + 'Parse RSA Key #91.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, wrong PW)', + 'Parse RSA Key #91.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, no PW)', + 'Parse RSA Key #92 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit)', + 'Parse RSA Key #92.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit, wrong PW)', + 'Parse RSA Key #92.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit, no PW)', + 'Parse RSA Key #93 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit)', + 'Parse RSA Key #93.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit, wrong PW)', + 'Parse RSA Key #93.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit, no PW)', + 'Parse RSA Key #94 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512)', + 'Parse RSA Key #94.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, wrong PW)', + 'Parse RSA Key #94.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, no PW)', + 'Parse RSA Key #95 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit)', + 'Parse RSA Key #95.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit, wrong PW)', + 'Parse RSA Key #95.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit, no PW)', + 'Parse RSA Key #96 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit)', + 'Parse RSA Key #96.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit, wrong PW)', + 'Parse RSA Key #96.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit, no PW)', + 'Parse RSA Key #97 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER)', + 'Parse RSA Key #97.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, wrong PW)', + 'Parse RSA Key #97.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, no PW)', + 'Parse RSA Key #98 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit)', + 'Parse RSA Key #98.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit, wrong PW)', + 'Parse RSA Key #98.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit, no PW)', + 'Parse RSA Key #99 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit)', + 'Parse RSA Key #99.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit, wrong PW)', + 'Parse RSA Key #99.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit, no PW)', + ], } } }, From b680fc4f0b2830844fa0944e3d5822a31a53965b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 13 Oct 2023 09:29:37 +0200 Subject: [PATCH 0411/1674] all.sh: add a common configuration function for accel/reference components Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 39 ++++++++++++++++----------------------- 1 file changed, 16 insertions(+), 23 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 83aa7a2b1..459567da3 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -204,7 +204,7 @@ pre_initialize_variables () { # CFLAGS and LDFLAGS for Asan builds that don't use CMake # default to -O2, use -Ox _after_ this if you want another level - ASAN_CFLAGS='-O0 -g -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' + ASAN_CFLAGS='-O2 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' # Platform tests have an allocation that returns null export ASAN_OPTIONS="allocator_may_return_null=1" @@ -3596,6 +3596,19 @@ component_test_psa_crypto_config_accel_aead () { make test } +# This is a common configuration function used in: +# - component_test_psa_crypto_config_accel_cipher_aead +# - component_test_psa_crypto_config_reference_cipher_aead +common_psa_crypto_config_accel_cipher_aead() { + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CMAC + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 + scripts/config.py unset MBEDTLS_CTR_DRBG_C + scripts/config.py unset MBEDTLS_CMAC_C + scripts/config.py unset MBEDTLS_NIST_KW_C +} + # The 2 following test components, i.e. # - component_test_psa_crypto_config_accel_cipher_aead # - component_test_psa_crypto_config_reference_cipher_aead @@ -3614,14 +3627,7 @@ component_test_psa_crypto_config_accel_cipher_aead () { # Start from the crypto config (no X509 and TLS) helper_libtestdriver1_adjust_config "crypto_full" - # There is no intended accelerator support for ALG CMAC. Therefore, asking - # for it in the build implies the inclusion of the Mbed TLS cipher - # operations. As we want to test here with cipher operations solely - # supported by accelerators, disabled this PSA configuration option. - # (Note: the same applies to STREAM_CIPHER and ECB_NO_PADDING, which are - # already disabled by helper_libtestdriver1_adjust_config above.) - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CMAC - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 + common_psa_crypto_config_accel_cipher_aead # Disable the things that are being accelerated scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC @@ -3639,11 +3645,6 @@ component_test_psa_crypto_config_accel_cipher_aead () { scripts/config.py unset MBEDTLS_CHACHA20_C scripts/config.py unset MBEDTLS_CAMELLIA_C - # Disable dependencies - scripts/config.py unset MBEDTLS_CTR_DRBG_C - scripts/config.py unset MBEDTLS_CMAC_C - scripts/config.py unset MBEDTLS_NIST_KW_C - # Build # ----- @@ -3671,15 +3672,7 @@ component_test_psa_crypto_config_accel_cipher_aead () { component_test_psa_crypto_config_reference_cipher_aead () { helper_libtestdriver1_adjust_config "crypto_full" - # Disable the same dependencies and undesired components as in the - # accelerated counterpart - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CMAC - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 - scripts/config.py unset MBEDTLS_CTR_DRBG_C - scripts/config.py unset MBEDTLS_CMAC_C - scripts/config.py unset MBEDTLS_NIST_KW_C + common_psa_crypto_config_accel_cipher_aead msg "test: crypto config with non-accelerated cipher and AEAD" make test From 5cd18f91504a94723b424a05a0b2d0b86b486388 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 13 Oct 2023 15:14:07 +0200 Subject: [PATCH 0412/1674] analyze_oucomes.py: ignore line-too-long error for skipped tests Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 52aadb6f6..327e923c4 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -328,6 +328,7 @@ KNOWN_TASKS = { 'PBES2 Encrypt, pad=8 (OK)', ], # Following tests depends on DES + # pylint: disable=line-too-long 'test_suite_pkparse': [ 'Key ASN1 (Encrypted key PKCS12, trailing garbage data)', 'Key ASN1 (Encrypted key PKCS5, trailing garbage data)', From 9d9b4b547f22489915e576f8261ff78249e2c7eb Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 19 Oct 2023 10:51:03 +0200 Subject: [PATCH 0413/1674] test_suite_cipher: use TEST_ASSUME() to evaluate supported ciphers Signed-off-by: Valerio Setti --- tests/suites/test_suite_cipher.function | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function index 336357e84..aca415095 100644 --- a/tests/suites/test_suite_cipher.function +++ b/tests/suites/test_suite_cipher.function @@ -183,9 +183,7 @@ void cipher_invalid_param_unconditional() mbedtls_cipher_init(&invalid_ctx); /* Ensure that there is at least 1 supported cipher, otherwise exit gracefully */ - if (*cipher_list == 0) { - goto exit; - } + TEST_ASSUME(*cipher_list != 0); valid_info = mbedtls_cipher_info_from_type(*cipher_list); TEST_ASSERT(mbedtls_cipher_setup(&valid_ctx, valid_info) == 0); From 3b1559060a46468d132bb4bfd28656308110f1f4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 23 Oct 2023 09:38:54 +0200 Subject: [PATCH 0414/1674] test_suite_psa_crypto: replace builtin dependencies with PSA_WANT Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 9 --------- tests/suites/test_suite_psa_crypto.data | 12 ++++++------ 2 files changed, 6 insertions(+), 15 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 327e923c4..b669d4b79 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -270,15 +270,6 @@ KNOWN_TASKS = { 'Low and high error', 'Single low error' ], - # Following tests depends on AES_C/DES_C/GCM_C/CTR - 'test_suite_psa_crypto': [ - 'PSA AEAD encrypt/decrypt: DES-CCM not supported', - 'PSA AEAD encrypt/decrypt: invalid algorithm (CTR)', - 'PSA cipher setup: bad algorithm (unknown cipher algorithm)', - 'PSA cipher setup: incompatible key ChaCha20 for CTR', - 'PSA cipher setup: invalid key type, CTR', - 'PSA symmetric decrypt: CCM*-no-tag, input too short (15 bytes)', - ], # Following test depends on AES_C 'test_suite_version': [ 'Check for MBEDTLS_AES_C when already present', diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 7b1974865..f790a118d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2205,7 +2205,7 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_SUCCESS PSA cipher setup: bad algorithm (unknown cipher algorithm) -depends_on:MBEDTLS_AES_C +depends_on:PSA_WANT_KEY_TYPE_AES cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CATEGORY_CIPHER:PSA_ERROR_NOT_SUPPORTED PSA cipher setup: bad algorithm (not a cipher algorithm) @@ -2213,12 +2213,12 @@ depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT PSA cipher setup: invalid key type, CTR -depends_on:MBEDTLS_CIPHER_MODE_CTR +depends_on:PSA_WANT_ALG_CTR # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here cipher_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED PSA cipher setup: incompatible key ChaCha20 for CTR -depends_on:PSA_WANT_KEY_TYPE_CHACHA20:MBEDTLS_CIPHER_MODE_CTR +depends_on:PSA_WANT_KEY_TYPE_CHACHA20:PSA_WANT_ALG_CTR # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here cipher_setup:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f10111213141516171819202122232425":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED @@ -2419,7 +2419,7 @@ depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES cipher_decrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: CCM*-no-tag, input too short (15 bytes) -depends_on:PSA_WANT_ALG_CCM_STAR_NO_TAG:MBEDTLS_AES_C +depends_on:PSA_WANT_ALG_CCM_STAR_NO_TAG:PSA_WANT_KEY_TYPE_AES cipher_decrypt_fail:PSA_ALG_CCM_STAR_NO_TAG:PSA_KEY_TYPE_AES:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"2a2a2a2a2a2a2a2a":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-ECB, 0 bytes, good @@ -2805,7 +2805,7 @@ depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS PSA AEAD encrypt/decrypt: DES-CCM not supported -depends_on:MBEDTLS_DES_C:MBEDTLS_CCM_C +depends_on:PSA_WANT_KEY_TYPE_DES:PSA_WANT_ALG_CCM aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED PSA AEAD encrypt: AES-CCM, 23 bytes @@ -3201,7 +3201,7 @@ depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20 aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"07000000404142434445464700":"":"a0784d7a4716f3feb4f64e7f4b39bf04":"":PSA_ERROR_INVALID_ARGUMENT PSA AEAD encrypt/decrypt: invalid algorithm (CTR) -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_GCM aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"":"":PSA_ERROR_INVALID_ARGUMENT PSA AEAD encrypt/decrypt: invalid algorithm (ChaCha20) From 97454fde546e21fd5d316f87f2d4a696f41111ec Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 25 Oct 2023 12:27:12 +0200 Subject: [PATCH 0415/1674] all.sh: accelerate CMAC in test_psa_crypto_config_accel_cipher_aead() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 6 ++---- tests/scripts/analyze_outcomes.py | 1 + 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 459567da3..d169b58da 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3600,12 +3600,9 @@ component_test_psa_crypto_config_accel_aead () { # - component_test_psa_crypto_config_accel_cipher_aead # - component_test_psa_crypto_config_reference_cipher_aead common_psa_crypto_config_accel_cipher_aead() { - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CMAC scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_STREAM_CIPHER scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 scripts/config.py unset MBEDTLS_CTR_DRBG_C - scripts/config.py unset MBEDTLS_CMAC_C scripts/config.py unset MBEDTLS_NIST_KW_C } @@ -3618,7 +3615,7 @@ component_test_psa_crypto_config_accel_cipher_aead () { msg "test: crypto config with accelerated cipher and AEAD" loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB ALG_OFB ALG_XTS \ - ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 \ + ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 ALG_CMAC \ KEY_TYPE_DES KEY_TYPE_AES KEY_TYPE_ARIA KEY_TYPE_CHACHA20 KEY_TYPE_CAMELLIA" # Configure @@ -3639,6 +3636,7 @@ component_test_psa_crypto_config_accel_cipher_aead () { scripts/config.py unset MBEDTLS_GCM_C scripts/config.py unset MBEDTLS_CCM_C scripts/config.py unset MBEDTLS_CHACHAPOLY_C + scripts/config.py unset MBEDTLS_CMAC_C scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_AES_C scripts/config.py unset MBEDTLS_ARIA_C diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index b669d4b79..e1d465d1d 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -251,6 +251,7 @@ KNOWN_TASKS = { 'gcm.aes256_en', 'gcm.camellia', 'gcm.misc', + 'cmac', ], 'ignored_tests': { # Following tests depends on AES_C/DES_C From ad8b7f0306a7a51779332c3eb39617e9e691f84a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 25 Oct 2023 12:39:50 +0200 Subject: [PATCH 0416/1674] all.sh: accelerate ALG_[STREAM_CIPHER/ECB_NO_PADDING] in accel_cipher_aead() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d169b58da..b0b32fed5 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3600,8 +3600,6 @@ component_test_psa_crypto_config_accel_aead () { # - component_test_psa_crypto_config_accel_cipher_aead # - component_test_psa_crypto_config_reference_cipher_aead common_psa_crypto_config_accel_cipher_aead() { - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py unset MBEDTLS_NIST_KW_C } @@ -3614,7 +3612,8 @@ common_psa_crypto_config_accel_cipher_aead() { component_test_psa_crypto_config_accel_cipher_aead () { msg "test: crypto config with accelerated cipher and AEAD" - loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB ALG_OFB ALG_XTS \ + loc_accel_list="ALG_ECB_NO_PADDING ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB \ + ALG_OFB ALG_XTS ALG_STREAM_CIPHER \ ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 ALG_CMAC \ KEY_TYPE_DES KEY_TYPE_AES KEY_TYPE_ARIA KEY_TYPE_CHACHA20 KEY_TYPE_CAMELLIA" From d1c4fb07eead59921b25cfa21dc606788c57539f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 25 Oct 2023 15:07:35 +0100 Subject: [PATCH 0417/1674] Support older IAR versions Signed-off-by: Dave Rodgman --- library/common.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/library/common.h b/library/common.h index 73b3d6127..87fae171c 100644 --- a/library/common.h +++ b/library/common.h @@ -346,8 +346,11 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__IAR_SYSTEMS_ICC__) && defined(__VER__) /* IAR does support __attribute__((unused)), but only if the -e flag (extended language support) * is given; the pragma always works. - * Unfortunately the pragma affects the rest of the file where it is used, but this is harmless. */ -# if (__VER__ >= 8010000) // IAR 8.1 or later + * Unfortunately the pragma affects the rest of the file where it is used, but this is harmless. + * Check for version 5.2 or later - this pragma may be supported by earlier versions, but I wasn't + * able to find documentation). + */ +# if (__VER__ >= 5020000) # define MBEDTLS_MAYBE_UNUSED _Pragma("diag_suppress=Pe177") # endif #endif From bf3c3fa122dc80b0d495dc80a616f393aadfdb16 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 25 Oct 2023 17:40:19 +0200 Subject: [PATCH 0418/1674] Define try_chdir everywhere Signed-off-by: Gilles Peskine --- tests/suites/host_test.function | 9 ++++++++- tests/suites/main_test.function | 4 +--- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index 736883fe1..d8ff49ef1 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -442,7 +442,7 @@ static void write_outcome_result(FILE *outcome_file, * * Failures are silent. */ -static void try_chdir(const char *argv0) +static void try_chdir_if_supported(const char *argv0) { /* We might want to allow backslash as well, for Windows. But then we also * need to consider chdir() vs _chdir(), and different conventions @@ -467,6 +467,13 @@ static void try_chdir(const char *argv0) } mbedtls_free(path); } +#else /* MBEDTLS_HAVE_CHDIR */ +/* No chdir() or no support for parsing argv[0] on this platform. */ +static void try_chdir_if_supported(const char *argv0) +{ + (void) argv0; + return; +} #endif /* MBEDTLS_HAVE_CHDIR */ /** diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index eb74e8f0c..6ab4a5618 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -237,7 +237,6 @@ int main(int argc, const char *argv[]) #endif #endif -#ifdef MBEDTLS_HAVE_CHDIR /* Try changing to the directory containing the executable, if * using the default data file. This allows running the executable * from another directory (e.g. the project root) and still access @@ -249,8 +248,7 @@ int main(int argc, const char *argv[]) * test-specific files such as the outcome file, which is arguably * not desirable and should be fixed later. */ - try_chdir(argv[0]); -#endif /* MBEDTLS_HAVE_CHDIR */ + try_chdir_if_supported(argv[0]); int ret = mbedtls_test_platform_setup(); if (ret != 0) { From cc2bbfe905253ac7920b65d130198954aff38b9d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 25 Oct 2023 17:43:51 +0200 Subject: [PATCH 0419/1674] Fix invocation with explicit .datax file Don't chdir when invoking a test suite executable with an explicit .datax file. The point of the chdir is to automatically find the .datax file (and the relative location of the data_files directory) in typical cases. This conflicts with the expectation that passing a relative path to a .datax file will work. (This is what I had originally intended, and what is documented in the comment, but I forgot to add the argc check in the initial commit.) Signed-off-by: Gilles Peskine --- tests/suites/main_test.function | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function index 6ab4a5618..ef1898ba3 100644 --- a/tests/suites/main_test.function +++ b/tests/suites/main_test.function @@ -248,7 +248,9 @@ int main(int argc, const char *argv[]) * test-specific files such as the outcome file, which is arguably * not desirable and should be fixed later. */ - try_chdir_if_supported(argv[0]); + if (argc == 1) { + try_chdir_if_supported(argv[0]); + } int ret = mbedtls_test_platform_setup(); if (ret != 0) { From bbc46b4cc2c743951c9c436c4e3e04877faad689 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 26 Oct 2023 09:00:21 +0200 Subject: [PATCH 0420/1674] cipher: improve code readibility in mbedtls_cipher_setup() Signed-off-by: Valerio Setti --- library/cipher.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index fd04a7de1..67ed0e320 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -263,9 +263,11 @@ int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, memset(ctx, 0, sizeof(mbedtls_cipher_context_t)); - if ((mbedtls_cipher_get_base(cipher_info)->ctx_alloc_func != NULL) && - (ctx->cipher_ctx = mbedtls_cipher_get_base(cipher_info)->ctx_alloc_func()) == NULL) { - return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; + if (mbedtls_cipher_get_base(cipher_info)->ctx_alloc_func != NULL) { + ctx->cipher_ctx = mbedtls_cipher_get_base(cipher_info)->ctx_alloc_func(); + if (ctx->cipher_ctx == NULL) { + return MBEDTLS_ERR_CIPHER_ALLOC_FAILED; + } } ctx->cipher_info = cipher_info; From 3bcda449c08aea258029b2542e0e86dc745172c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 26 Oct 2023 10:03:49 +0200 Subject: [PATCH 0421/1674] Things forgotten in the previous commit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- docs/architecture/psa-migration/md-cipher-dispatch.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index 11c5f21fb..ca98a5107 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -518,13 +518,14 @@ need it, namely: CCM, GCM. Note: CCM and GCM currently depend on the full replaced by the above auto-enablement. Cipher light includes: -- info functions; +- some info functions; - support for block ciphers in ECB mode, encrypt only (note: in Cipher, "ECB" means just one block, contrary to PSA); -- the one-shot API as well as (part of) the streaming API; +- part of the streaming API for unauthenticated ciphers; - only AES, Aria and Camellia. This excludes: +- the one-shot API for unauthenticated ciphers; - the AEAD/KW API (both one-shot and streaming); - support for stream ciphers; - support for other modes of block ciphers (CBC, CTR, CFB, etc.); From 507e08f9af5d052a7df21497acfed3f2ad2a973d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 26 Oct 2023 09:44:06 +0200 Subject: [PATCH 0422/1674] analyze_outcomes: update cipher/aead data Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 55 ++++++++++--------------------- 1 file changed, 17 insertions(+), 38 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index e1d465d1d..706421f6c 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -219,42 +219,18 @@ KNOWN_TASKS = { 'args': { 'component_ref': 'test_psa_crypto_config_reference_cipher_aead', 'component_driver': 'test_psa_crypto_config_accel_cipher_aead', - # Ignore suites that are being accelerated + # Modules replaced by drivers. 'ignored_suites': [ - 'aes.cbc', - 'aes.cfb', - 'aes.ecb', - 'aes.ofb', - 'aes.rest', - 'aes.xts', - 'aria', - 'camellia', - 'ccm', - 'chacha20', - 'chachapoly', - 'cipher.aes', - 'cipher.aria', - 'cipher.camellia', - 'cipher.ccm', - 'cipher.chacha20', - 'cipher.chachapoly', - 'cipher.des', - 'cipher.gcm', - 'cipher.nist_kw', - 'cipher.padding', - 'des', - 'gcm.aes128_de', - 'gcm.aes128_en', - 'gcm.aes192_de', - 'gcm.aes192_en', - 'gcm.aes256_de', - 'gcm.aes256_en', - 'gcm.camellia', - 'gcm.misc', - 'cmac', + # low-level (block/stream) cipher modules + 'aes', 'aria', 'camellia', 'des', 'chacha20', + # AEAD modes + 'ccm', 'chachapoly', 'cmac', 'gcm', + # The Cipher abstraction layer + 'cipher', ], 'ignored_tests': { - # Following tests depends on AES_C/DES_C + # PEM decryption is not supported so far. + # The rest of PEM (write, unencrypted read) works though. 'test_suite_pem': [ 'PEM read (AES-128-CBC + invalid iv)' 'PEM read (DES-CBC + invalid iv)', @@ -266,16 +242,18 @@ KNOWN_TASKS = { 'PEM read (AES-128-CBC + invalid iv)', 'PEM read (DES-CBC + invalid iv)', ], - # Following tests depends on AES_C/DES_C + # Following tests depend on AES_C/DES_C but are not about + # them really, just need to know some error code is there. 'test_suite_error': [ 'Low and high error', 'Single low error' ], - # Following test depends on AES_C + # Similar to test_suite_error above. 'test_suite_version': [ 'Check for MBEDTLS_AES_C when already present', ], - # Following tests depends on PCKS7 + # The en/decryption part of PKCS#12 is not supported so far. + # The rest of PKCS#12 (key derivation) works though. 'test_suite_pkcs12': [ 'PBE Decrypt, (Invalid padding & PKCS7 padding enabled)', 'PBE Decrypt, pad = 7 (OK)', @@ -285,7 +263,8 @@ KNOWN_TASKS = { 'PBE Encrypt, pad = 8 (Invalid output size)', 'PBE Encrypt, pad = 8 (OK)', ], - # Following tests depends on PCKS7 + # The en/decryption part of PKCS#5 is not supported so far. + # The rest of PKCS#5 (PBKDF2) works though. 'test_suite_pkcs5': [ 'PBES2 Decrypt (Invalid output size)', 'PBES2 Decrypt (Invalid padding & PKCS7 padding enabled)', @@ -319,7 +298,7 @@ KNOWN_TASKS = { 'PBES2 Encrypt, pad=8 (Invalid output size)', 'PBES2 Encrypt, pad=8 (OK)', ], - # Following tests depends on DES + # Encrypted keys are not supported so far. # pylint: disable=line-too-long 'test_suite_pkparse': [ 'Key ASN1 (Encrypted key PKCS12, trailing garbage data)', From 6b3643117b404767c246f019bc0d977c2bff220a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 26 Oct 2023 11:02:17 +0200 Subject: [PATCH 0423/1674] Document chosen goals and priorities for 3.x MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- .../psa-migration/md-cipher-dispatch.md | 33 +++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index ca98a5107..d75a4dcd4 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -99,8 +99,8 @@ We can classify code that implements or uses cryptographic mechanisms into sever * Software implementations of primitive cryptographic mechanisms. These are not expected to change. * Software implementations of constructed cryptographic mechanisms (e.g. HMAC, CTR_DRBG, RSA (calling a hash for PSS/OAEP, and needing to know the hash length in PKCS1v1.5 sign/verify), …). These need to keep working whenever a legacy implementation of the auxiliary mechanism is available, regardless of whether a PSA implementation is also available. * Code implementing the PSA crypto interface. This is not expected to change, except perhaps to expose some internal functionality to overhauled glue code. -* Code that's subject to `MBEDTLS_USE_PSA_CRYPTO`: `pk.h`, X.509, TLS (excluding TLS 1.3). -* Code that always uses PSA for crypto: TLS 1.3, LMS. +* Code that's subject to `MBEDTLS_USE_PSA_CRYPTO`: `pk.h`, X.509, TLS (excluding parts specific TLS 1.3). +* Code that always uses PSA for crypto: TLS 1.3 (except things common with 1.2), LMS. For the purposes of this work, three domains emerge: @@ -319,6 +319,35 @@ These problems are easily solvable. * We can make names and HMAC optional. The mixed-domain hash interface won't be the full `MBEDTLS_MD_C` but a subset. * We can optimize `md.c` without making API changes to `md.h`. +### Scope reductions and priorities for 3.x + +This section documents things that we chose to temporarily exclude from the scope in the 3.x branch (which will eventually be in scope again after 4.0) as well as things we chose to prioritize if we don't have time to support everything. + +#### Don't support PK, X.509 and TLS without `MBEDTLS_USE_PSA_CRYPTO` + +We do not need to support driver-only hashes and ciphers in PK. X.509 and TLS without `MBEDTLS_USE_PSA_CRYPTO`. Users who want to take full advantage of drivers will need to enabled this macro. + +Note that this applies to TLS 1.3 as well, as some uses of hashes and all uses of ciphers there are common with TLS 1.2, hence governed by `MBEDTLS_USE_PSA_CRYPTO`, see [this macro's extended documentation](../../docs/use-psa-crypto.html). + +This will go away naturally in 4.0 when this macros is not longer an option (because it's always on). + +#### Don't support for `MBEDTLS_PSA_CRYPTO_CLIENT` without `MBEDTLS_PSA_CRYPTO_C` + +We generally don't really support builds with `MBEDTLS_PSA_CRYPTO_CLIENT` without `MBEDTLS_PSA_CRYPTO_C`. For example, both `MBEDTLS_USE_PSA_CRYPTO` and `MBEDTLS_SSL_PROTO_TLS1_3` require `MBEDTLS_PSA_CRYPTO_C`, while in principle they should only require `MBEDTLS_PSA_CRYPTO_CLIENT`. + +Considering this existing restriction which we do not plan to lift before 4.0, it is acceptable driver-only hashes and cipher support to have the same restriction in 3.x. + +It is however desirable for the design to keep support for `MBEDTLS_PSA_CRYPTO_CLIENT` in mind, in order to avoid making it more difficult to add in the future. + +#### For cipher: prioritize constrained devices and modern TLS + +The primary target is a configuration like TF-M's medium profile, plus TLS with only AEAD ciphersuites. + +This excludes things like: +- Support for encrypted PEM, PKCS5 and PKCS12 encryption, and PKCS8 encrypted keys in PK parse. (Not widely used on highly constrained devices.) +- Support for NIST-KW. (Same justification.) +- Support for CBC ciphersuites in TLS. (They've been recommended against for a while now.) + ## Specification ### MD light From a365efc6f13e206d07732261b2156087091fad1c Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 23 Oct 2023 11:54:30 +0100 Subject: [PATCH 0424/1674] Threading design: fix internal links Signed-off-by: Janos Follath --- docs/architecture/psa-thread-safety.md | 40 +++++++++++++------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md index 3a3e9bda6..0d03e324d 100644 --- a/docs/architecture/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety.md @@ -1,8 +1,8 @@ # Thread safety of the PSA subsystem -Currently PSA Crypto API calls in Mbed TLS releases are not thread-safe. In Mbed TLS 3.6 we are planning to add a minimal support for thread-safety of the PSA Crypto API (see #strategy-for-3.6). +Currently PSA Crypto API calls in Mbed TLS releases are not thread-safe. In Mbed TLS 3.6 we are planning to add a minimal support for thread-safety of the PSA Crypto API (see section [Strategy for 3.6](#strategy-for-36)). -In the #design-analysis section we analyse design choices. This discussion is not constrained to what is planned for 3.6 and considers future developments. It also leaves some questions open and discusses options that have been (or probably will be) rejected. +In the [Design analysis](#design-analysis) section we analyse design choices. This discussion is not constrained to what is planned for 3.6 and considers future developments. It also leaves some questions open and discusses options that have been (or probably will be) rejected. ## Design analysis @@ -294,7 +294,7 @@ A high-level view of state transitions: * `psa_unlock_key_slot`: READING → UNUSED or READING. * `psa_finish_key_creation`: WRITING → READING. * `psa_fail_key_creation`: WRITING → UNUSED. -* `psa_wipe_key_slot`: any → UNUSED. If the slot is READING or WRITING on entry, this function must wait until the writer or all readers have finished. (By the way, the WRITING state is possible if `mbedtls_psa_crypto_free` is called while a key creation is in progress.) See [“Destruction of a key in use”](#destruction of a key in use). +* `psa_wipe_key_slot`: any → UNUSED. If the slot is READING or WRITING on entry, this function must wait until the writer or all readers have finished. (By the way, the WRITING state is possible if `mbedtls_psa_crypto_free` is called while a key creation is in progress.) See [“Destruction of a key in use”](#destruction-of-a-key-in-use). The current `state->lock_count` corresponds to the difference between UNUSED and READING: a slot is in use iff its lock count is nonzero, so `lock_count == 0` corresponds to UNUSED and `lock_count != 0` corresponds to READING. @@ -302,7 +302,7 @@ There is currently no indication of when a slot is in the WRITING state. This on #### Destruction of a key in use -Problem: In #key-destruction-long-term-requirements we require that the key slot is destroyed (by `psa_wipe_key_slot`) even while it's in use (READING or WRITING). +Problem: In [Key destruction long-term requirements](#key-destruction-long-term-requirements) we require that the key slot is destroyed (by `psa_wipe_key_slot`) even while it's in use (READING or WRITING). How do we ensure that? This needs something more sophisticated than mutexes (concurrency number >2)! Even a per-slot mutex isn't enough (we'd need a reader-writer lock). @@ -316,7 +316,7 @@ When calling `psa_wipe_key_slot` it is the callers responsibility to set the slo `psa_destroy_key` marks the slot as deleted, deletes persistent keys and opaque keys and returns. This only works if drivers are protected by a mutex (and the persistent storage as well if needed). When the last reading operation finishes, it wipes the key slot. This will free the key ID, but the slot might be still in use. In case of volatile keys freeing up the ID while the slot is still in use does not provide any benefit and we don't need to do it. -These are serious limitations, but this can be implemented with mutexes only and arguably satisfies the #key-destruction-short-term-requirements. +These are serious limitations, but this can be implemented with mutexes only and arguably satisfies the [Key destruction short-term requirements](#key-destruction-short-term-requirements). Variations: @@ -325,7 +325,7 @@ Variations: The second variant can't be implemented as a backward compatible improvement on the first as multipart operations that were successfully completed in the first case, would fail in the second. If we want to implement these incrementally, multipart operations in a multithreaded environment must be left unsupported in the first variant. This makes the first variant impractical (multipart operations returning an error in builds with multithreading enabled is not a behaviour that would be very useful to release). -We can't reuse the `lock_count` field to mark key slots deleted, as we still need to keep track the lock count while the slot is marked for deletion. This means that we will need to add a new field to key slots. This new field can be reused to indicate whether the slot is occupied (see #determining-whether-a-key-slot-is-occupied). (There would be three states: deleted, occupied, empty.) +We can't reuse the `lock_count` field to mark key slots deleted, as we still need to keep track the lock count while the slot is marked for deletion. This means that we will need to add a new field to key slots. This new field can be reused to indicate whether the slot is occupied (see section [Determining whether a key slot is occupied](#determining-whether-a-key-slot-is-occupied)). (There would be three states: deleted, occupied, empty.) #### Condition variables @@ -333,7 +333,7 @@ Clean UNUSED -> WRITING transition works as before. `psa_wipe_all_key_slots` and `psa_destroy_key` mark the slot as deleted and go to sleep until the slot state becomes UNUSED. When waking up, they wipe the slot, and return. -If the slot is already marked as deleted the threads calling `psa_wipe_all_key_slots` and `psa_destroy_key` go to sleep until the deletion completes. To satisfy #key-destruction-long-term-requirements none of the threads may return from the call until the slot is deleted completely. This can be achieved by signalling them when the slot has already been wiped and ready for use, that is not marked for deletion anymore. To handle spurious wake-ups, these threads need to be able to tell whether the slot was already deleted. This is not trivial, because by the time the thread wakes up, theoretically the slot might be in any state. It might have been reused and maybe even marked for deletion again. +If the slot is already marked as deleted the threads calling `psa_wipe_all_key_slots` and `psa_destroy_key` go to sleep until the deletion completes. To satisfy [Key destruction long-term requirements](#key-destruction-long-term-requirements) none of the threads may return from the call until the slot is deleted completely. This can be achieved by signalling them when the slot has already been wiped and ready for use, that is not marked for deletion anymore. To handle spurious wake-ups, these threads need to be able to tell whether the slot was already deleted. This is not trivial, because by the time the thread wakes up, theoretically the slot might be in any state. It might have been reused and maybe even marked for deletion again. To resolve this, we can either: @@ -342,7 +342,7 @@ To resolve this, we can either: ##### Platform abstraction -Introducing condition variables to the platform abstraction layer would be best done in a major version. If we can't wait until that, we will need to introduce a new compile time flag. Considering that this only will be needed on the PSA Crypto side and the upcoming split, it makes sense to make this flag responsible for the entire PSA Crypto threading support. Therefore if we want to keep the option open for implementing this in a backward compatible manner, we need to introduce and use this new flag already when implementing #mutex-only. (If we keep the abstraction layer for mutexes the same, this shouldn't mean increase in code size and would mean only minimal effort on the porting side.) +Introducing condition variables to the platform abstraction layer would be best done in a major version. If we can't wait until that, we will need to introduce a new compile time flag. Considering that this only will be needed on the PSA Crypto side and the upcoming split, it makes sense to make this flag responsible for the entire PSA Crypto threading support. Therefore if we want to keep the option open for implementing this in a backward compatible manner, we need to introduce and use this new flag already when implementing [Mutex only](#mutex-only). (If we keep the abstraction layer for mutexes the same, this shouldn't mean increase in code size and would mean only minimal effort on the porting side.) #### Operation contexts @@ -358,7 +358,7 @@ Each driver that hasn’t got the "thread_safe” property set has a dedicated Implementing "thread_safe” drivers depends on the condition variable protection in the key store, as we must guarantee that the core never starts the destruction of a key while there are operations in progress on it. -Start with implementing threading for drivers without the "thread_safe” property (all drivers behave like the property wasn't set). Add "thread_safe" drivers at some point after the #condition-variables approach is implemented in the core. +Start with implementing threading for drivers without the "thread_safe” property (all drivers behave like the property wasn't set). Add "thread_safe" drivers at some point after the [Condition variables](#condition-variables) approach is implemented in the core. ##### Reentrancy @@ -366,7 +366,7 @@ It is natural sometimes to want to perform cryptographic operations from a drive **Non-thread-safe drivers:** -A driver is non-thread-safe if the `thread-safe` property (see #driver-requirements) is set to false. +A driver is non-thread-safe if the `thread-safe` property (see [Driver requirements](#driver-requirements)) is set to false. In the non-thread-safe case we have these natural assumptions/requirements: 1. Drivers don't call the core for any operation for which they provide an entry point @@ -384,15 +384,15 @@ The first is too restrictive, the second and the third would require making it a **Thread-safe drivers:** -A driver is non-thread-safe if the `thread-safe` property (see #driver-requirements) is set to true. +A driver is non-thread-safe if the `thread-safe` property (see [Driver requirements](#driver-requirements)) is set to true. To make reentrancy in non-thread-safe drivers work, thread-safe drivers must not make a call to the core when handling a call that is on the non-thread-safe driver core API whitelist. Thread-safe drivers have less guarantees from the core and need to implement more complex logic and we can reasonably expect them to be more flexible in terms of reentrancy as well. At this point it is hard to see what further guarantees would be useful and feasible. Therefore, we don't provide any further guarantees for now. -Thread-safe drivers must not make any assumption about the operation of the core beyond what is discussed in the #reentrancy and #driver-requirements sections. +Thread-safe drivers must not make any assumption about the operation of the core beyond what is discussed in the [Reentrancy](#reentrancy) and [Driver requirements](#driver-requirements) sections. -#### Global Data +#### Global data PSA Crypto makes use of a `global_data` variable that will be accessible from multiple threads and needs to be protected. Any function accessing this variable (or its members) must take the corresponding lock first. Since `global_data` holds the RNG state, these will involve relatively expensive operations and therefore ideally `global_data` should be protected by its own, dedicated lock (different from the one protecting the key store). @@ -413,10 +413,10 @@ To avoid performance degradation, functions must hold mutexes for as short time The goal is to provide viable threading support without extending the platform abstraction. (Condition variables should be added in 4.0.) This means that we will be relying on mutexes only. - Key Store - - Slot states are described in #slot-states. They guarantee safe concurrent access to slot contents. - - Slot states will be protected by a global mutex as described in the introduction of #global-lock-excluding-slot-content. - - Simple key destruction strategy as described in #mutex-only (variant 2). - - The slot state and key attributes will be separated as described in the last paragraph of #determining-whether-a-key-slot-is-occupied. -- The main `global_data` (the one in `psa_crypto.c`) shall be protected by its own mutex as described in #global-data. -- The solution shall use the pre-existing `MBEDTLS_THREADING_C` threading abstraction. That is, the flag proposed in #platform-abstraction won't be implemented. -- The core makes no additional guarantees for drivers. That is, Policy 1 in #driver-requirements applies. + - Slot states are described in the [Slot states](#slot-states) section. They guarantee safe concurrent access to slot contents. + - Slot states will be protected by a global mutex as described in the introduction of the [Global lock excluding slot content](#global-lock-excluding-slot-content) section. + - Simple key destruction strategy as described in the [Mutex only](#mutex-only) section (variant 2). + - The slot state and key attributes will be separated as described in the last paragraph of the [Determining whether a key slot is occupied](#determining-whether-a-key-slot-is-occupied) section. +- The main `global_data` (the one in `psa_crypto.c`) shall be protected by its own mutex as described in the [Global data](#global-data) section. +- The solution shall use the pre-existing `MBEDTLS_THREADING_C` threading abstraction. That is, the flag proposed in the [Platform abstraction](#platform-abstraction) section won't be implemented. +- The core makes no additional guarantees for drivers. That is, Policy 1 in section [Driver requirements](#driver-requirements) applies. From 4823d2c94e021994671fcb0f9208c1338253f782 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 26 Oct 2023 12:56:39 +0200 Subject: [PATCH 0425/1674] Extend design discussion MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- .../psa-migration/md-cipher-dispatch.md | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index d75a4dcd4..a4c8fccf0 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -346,8 +346,39 @@ The primary target is a configuration like TF-M's medium profile, plus TLS with This excludes things like: - Support for encrypted PEM, PKCS5 and PKCS12 encryption, and PKCS8 encrypted keys in PK parse. (Not widely used on highly constrained devices.) - Support for NIST-KW. (Same justification.) +- Support for CMAC. (Same justification, plus can be directly accelerated.) - Support for CBC ciphersuites in TLS. (They've been recommended against for a while now.) +### Dual-dispatch for block cipher primitives + +Considering the priorities stated above, initially we want to support GCM, CCM and CTR-DRBG. All trhee of them use the block cipher primitive only in the encrypt direction. Currently, GCM and CCM use the Cipher layer in order to work with AES, Aria and Camellia (DES is excluded by the standards due to its smaller block size) and CTR-DRBG directly uses the low-level API from `aes.h`. In all cases, access to the "block cipher primitive" is done by using "ECB mode" (which for both Cipher and `aes.h` only allows a single block, contrary to PSA which implements actual ECB mode). + +The two AEAD modes, GCM and CCM, have very similar needs and positions in the stack, strongly suggesting using the same design for both. On the other hand, there are a number of differences between CTR-DRBG and them. +- CTR-DRBG only uses AES (and there is no plan to extend it to other block ciphers at the moment), while GCM and CCM need to work with 3 block ciphers already. +- CTR-DRBG holds a special position in the stack: most users don't care about it per se, they only care about getting random numbers - in fact PSA users don't even need to know what DRBG is used. In particular, no part of the stack is asking questions like "is CTR-DRBG-AES available?" - an RNG needs to be available and that's it - contrary to similar questions about AES-GCM etc. which are asked for example by TLS. + +So, it makes sense to use different designs for CTR-DRBG on one hand, and GCM/CCM on the other hand: +- CTR-DRBG can just check if `AES_C` is present and "fall back" to PSA is not. +- GCM and CCM need an common abstraction layer that allows: + - Using AES, Aria or Camellia in a uniform way. + - Dispatching to built-in or driver. + +The abstraction layer used by GCM and CCM may either be a new internal module, or a subset of the existing Cipher API, extended with the ability to dispatch to a PSA driver. + +Reasons for making this layer's API a subset of the existing Cipher API: +- No need to design, implement and test a new module. (Will need to test the new subset though, as well as the extended behaviour.) +- No code change in GCM and CCM - only need to update dependencies. +- No risk for code duplication between a potential new module and Cipher: source-level, and in in particular in builds that still have `CIPHER_C` enabled. (Compiled-code duplication could be avoided by excluding the new module in such builds, though.) +- If want to support other users of Cipher later (such as NIST-KW, CMAC, PKCS5 and PKCS12), we can just extend dual-dispatch support to other modes/operations in Cipher and keep those extra modules unchanged as well. + +Possible costs of re-using (a subset of) the existing Cipher API instead of defining a new one: +- We carry over costs associated with `cipher_info_t` structures. (Currently the info structure is used for 3 things: (1) to check if the cipher is supported, (2) to check its block size, (3) because `setup()` requires it). +- We carry over questionable implementation decisions, like dynamic allocation of context. + +Those costs could be avoided by refactoring (parts of) Cipher, but that would probably mean either: +- significant differences in how the `cipher.h` API is implemented between builds with the full Cipher or only a subset; +- or more work to apply the simplifications to all of Cipher. + ## Specification ### MD light From 257f6dd57d790d133a60fe5c9794dedae885d7bc Mon Sep 17 00:00:00 2001 From: Tom Cosgrove Date: Thu, 26 Oct 2023 13:58:57 +0100 Subject: [PATCH 0426/1674] Fix builds in conda-forge, which doesn't have CLOCK_BOOTTIME Fixes #8422 Signed-off-by: Tom Cosgrove --- ChangeLog.d/fix-linux-builds-in-conda-forge.txt | 2 ++ library/platform_util.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 ChangeLog.d/fix-linux-builds-in-conda-forge.txt diff --git a/ChangeLog.d/fix-linux-builds-in-conda-forge.txt b/ChangeLog.d/fix-linux-builds-in-conda-forge.txt new file mode 100644 index 000000000..5cfee855a --- /dev/null +++ b/ChangeLog.d/fix-linux-builds-in-conda-forge.txt @@ -0,0 +1,2 @@ +Bugfix + * Fix build failure in conda-forge. Fixes #8422. diff --git a/library/platform_util.c b/library/platform_util.c index 09216edfb..fdafa1fc6 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -265,7 +265,7 @@ mbedtls_ms_time_t mbedtls_ms_time(void) struct timespec tv; mbedtls_ms_time_t current_ms; -#if defined(__linux__) +#if defined(__linux__) && defined(CLOCK_BOOTTIME) ret = clock_gettime(CLOCK_BOOTTIME, &tv); #else ret = clock_gettime(CLOCK_MONOTONIC, &tv); From d609607f2141c13db0650d11d779992deddc0ba1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 26 Oct 2023 16:50:18 +0200 Subject: [PATCH 0427/1674] Fix test suite never executed due to an undefined symbol MBEDTLS_SSL_SOME_SUITES_USE_MAC and MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC are dependencies of defined in an SSL header, so this header needs to be included here. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_constant_time_hmac.function | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suites/test_suite_constant_time_hmac.function b/tests/suites/test_suite_constant_time_hmac.function index 435e4b9e0..9d9aa3c77 100644 --- a/tests/suites/test_suite_constant_time_hmac.function +++ b/tests/suites/test_suite_constant_time_hmac.function @@ -4,6 +4,7 @@ #include #include #include "md_psa.h" +#include #include /* END_HEADER */ From 985c967a146f41b65df79d46addf64f76e528a22 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Sun, 4 Dec 2022 14:06:30 +0800 Subject: [PATCH 0428/1674] tls13: add more checks for server early data - check if it is enabled - check if it is psk mode - check if it is resumption - check if it is tls13 version Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 36 +++++++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 6445a00a1..259996190 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1752,6 +1752,7 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_EARLY_DATA) static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) { + mbedtls_ssl_session *session = ssl->session_negotiate; mbedtls_ssl_handshake_params *handshake = ssl->handshake; if ((handshake->received_extensions & @@ -1762,9 +1763,42 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) return; } - /* We do not accept early data for the time being */ ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED; + if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_DISABLED) { + MBEDTLS_SSL_DEBUG_MSG( + 1, ("EarlyData: rejected. configured disabled.")); + return; + } + + MBEDTLS_SSL_DEBUG_MSG( + 3, ("EarlyData: conf->max_early_data_size = %u", + (unsigned int) ssl->conf->max_early_data_size)); + + if (!mbedtls_ssl_conf_tls13_some_psk_enabled(ssl)) { + MBEDTLS_SSL_DEBUG_MSG( + 1, + ("EarlyData: rejected. psk or psk_ephemeral is not available.")); + return; + } + + if (handshake && handshake->resume != 1) { + MBEDTLS_SSL_DEBUG_MSG( + 1, ("EarlyData: rejected. not resumption session.")); + return; + } + + if (session->tls_version != MBEDTLS_SSL_VERSION_TLS1_3) { + MBEDTLS_SSL_DEBUG_MSG( + 1, + ("EarlyData: rejected. not a TLS 1.3 ticket.")); + return; + } + + /* TODO: Add more checks here. */ + + ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED; + } #endif /* MBEDTLS_SSL_EARLY_DATA */ From 71c14f1db61611c480c7898566060dcd47a4f22c Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 12 Dec 2022 11:10:35 +0800 Subject: [PATCH 0429/1674] write early data indication in EE msg Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 259996190..cc8a0a178 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2458,6 +2458,16 @@ static int ssl_tls13_write_encrypted_extensions_body(mbedtls_ssl_context *ssl, p += output_len; #endif /* MBEDTLS_SSL_ALPN */ +#if defined(MBEDTLS_SSL_EARLY_DATA) + if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { + ret = mbedtls_ssl_tls13_write_early_data_ext(ssl, p, end, &output_len); + if (ret != 0) { + return ret; + } + p += output_len; + } +#endif /* MBEDTLS_SSL_EARLY_DATA */ + extensions_len = (p - p_extensions_len) - 2; MBEDTLS_PUT_UINT16_BE(extensions_len, p_extensions_len, 0); From 0edafa94492f85fce79227382f627cd544ea414f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 8 Feb 2023 15:09:32 +0800 Subject: [PATCH 0430/1674] Add test case for writing early data in EE Signed-off-by: Jerry Yu --- tests/opt-testcases/tls13-misc.sh | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index d5efc9edc..c11dd7053 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -493,6 +493,9 @@ run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_all." \ -S "No suitable key exchange mode" \ -s "found matched identity" +EARLY_DATA_INPUT_LEN_BLOCKS=$(( ( $( cat $EARLY_DATA_INPUT | wc -c ) + 31 ) / 32 )) +EARLY_DATA_INPUT_LEN=$(( $EARLY_DATA_INPUT_LEN_BLOCKS * 32 )) + requires_gnutls_next requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ @@ -508,3 +511,19 @@ run_test "TLS 1.3 G->m: EarlyData: feature is disabled, fail." \ -s "EncryptedExtensions: early_data(42) extension does not exist." \ -s "NewSessionTicket: early_data(42) extension does not exist." \ -s "Last error was: -29056 - SSL - Verification of the message MAC failed" + +requires_gnutls_next +requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ + MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ + MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +run_test "TLS 1.3 G->m: EarlyData: psk*: feature is enabled, fail." \ + "$P_SRV force_version=tls13 debug_level=4 max_early_data_size=$EARLY_DATA_INPUT_LEN $(get_srv_psk_list)" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK \ + -d 10 -r --earlydata $EARLY_DATA_INPUT \ + --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \ + 1 \ + -s "ClientHello: early_data(42) extension exists." \ + -s "EncryptedExtensions: early_data(42) extension exists." \ + -s "NewSessionTicket: early_data(42) extension does not exist." From 2db16b7b16d0397c43fd6afbe48163317ac8092f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 15 Aug 2023 16:52:25 +0800 Subject: [PATCH 0431/1674] disable tests when ecp is not available Signed-off-by: Jerry Yu --- tests/opt-testcases/tls13-misc.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index c11dd7053..dbc2e4346 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -500,7 +500,7 @@ requires_gnutls_next requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ - MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE + MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_ECP_LIGHT requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 G->m: EarlyData: feature is disabled, fail." \ @@ -515,7 +515,7 @@ run_test "TLS 1.3 G->m: EarlyData: feature is disabled, fail." \ requires_gnutls_next requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ - MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE + MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_ECP_LIGHT requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 G->m: EarlyData: psk*: feature is enabled, fail." \ From c1d50b631452cddb8b5cf0dda7d074535ca67cfc Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 25 Aug 2023 09:20:00 +0200 Subject: [PATCH 0432/1674] check_config: fix dependency of PSA_CRYPTO_C on CIPHER_C Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 619f8428e..1251cdfa7 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -766,7 +766,9 @@ #error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites (missing RNG)" #endif -#if defined(MBEDTLS_PSA_CRYPTO_C) && !defined(MBEDTLS_CIPHER_C ) +#if defined(MBEDTLS_PSA_CRYPTO_C) && \ + (defined(PSA_HAVE_SOFT_BLOCK_CIPHER) || defined(PSA_HAVE_SOFT_BLOCK_AEAD)) && \ + !defined(MBEDTLS_CIPHER_C) #error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites" #endif From c5d9dd262b96d2b99a0ff2c08e81bc6e29bb405b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 25 Aug 2023 09:21:31 +0200 Subject: [PATCH 0433/1674] adjust_psa_from_legacy: enable ALG_STREAM_CIPHER on when CIPHER_C is defined Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_psa_from_legacy.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/config_adjust_psa_from_legacy.h b/include/mbedtls/config_adjust_psa_from_legacy.h index 088711d37..296d62461 100644 --- a/include/mbedtls/config_adjust_psa_from_legacy.h +++ b/include/mbedtls/config_adjust_psa_from_legacy.h @@ -238,9 +238,12 @@ #if defined(MBEDTLS_CHACHA20_C) #define PSA_WANT_KEY_TYPE_CHACHA20 1 -#define PSA_WANT_ALG_STREAM_CIPHER 1 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20 1 +/* ALG_STREAM_CIPHER requires CIPHER_C in order to be supported in PSA */ +#if defined(MBEDTLS_CIPHER_C) +#define PSA_WANT_ALG_STREAM_CIPHER 1 #define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1 +#endif #if defined(MBEDTLS_CHACHAPOLY_C) #define PSA_WANT_ALG_CHACHA20_POLY1305 1 #define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1 From 2c2adedd829f318047d58063992b95f7f9c5b8f3 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 25 Aug 2023 09:22:19 +0200 Subject: [PATCH 0434/1674] psa_crypto_aead: add guard for CIPHER_C dependency Signed-off-by: Valerio Setti --- library/psa_crypto_aead.c | 9 +++++---- library/psa_crypto_cipher.c | 2 ++ library/psa_crypto_cipher.h | 2 ++ 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c index 85d1f39be..73d8b01e9 100644 --- a/library/psa_crypto_aead.c +++ b/library/psa_crypto_aead.c @@ -43,13 +43,13 @@ static psa_status_t psa_aead_setup( psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - size_t key_bits; - const mbedtls_cipher_info_t *cipher_info; - mbedtls_cipher_id_t cipher_id; (void) key_buffer_size; - key_bits = attributes->core.bits; +#if defined(MBEDTLS_CIPHER_C) + const mbedtls_cipher_info_t *cipher_info; + mbedtls_cipher_id_t cipher_id; + size_t key_bits = attributes->core.bits; cipher_info = mbedtls_cipher_info_from_psa(alg, attributes->core.type, key_bits, @@ -57,6 +57,7 @@ static psa_status_t psa_aead_setup( if (cipher_info == NULL) { return PSA_ERROR_NOT_SUPPORTED; } +#endif /* MBEDTLS_CIPHER_C */ switch (PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index b997a07cf..c881d65b6 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -31,6 +31,7 @@ #include +#if defined(MBEDTLS_CIPHER_C) const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( psa_algorithm_t alg, psa_key_type_t key_type, @@ -158,6 +159,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( return mbedtls_cipher_info_from_values(cipher_id_tmp, (int) key_bits, mode); } +#endif /* MBEDTLS_CIPHER_C */ #if defined(MBEDTLS_PSA_BUILTIN_CIPHER) diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index bf43ff08a..933092ddd 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -24,6 +24,7 @@ #include #include +#if defined(MBEDTLS_CIPHER_C) /** Get Mbed TLS cipher information given the cipher algorithm PSA identifier * as well as the PSA type and size of the key to be used with the cipher * algorithm. @@ -39,6 +40,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( psa_algorithm_t alg, psa_key_type_t key_type, size_t key_bits, mbedtls_cipher_id_t *cipher_id); +#endif /* MBEDTLS_CIPHER_C */ /** * \brief Set the key for a multipart symmetric encryption operation. From 4a249828a8ab2773661be9225c3bd26acc3648f2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 18 Oct 2023 12:34:54 +0200 Subject: [PATCH 0435/1674] psa_crypto_cipher: add mbedtls_cipher_values_from_psa() This commit splits mbedtls_cipher_info_from_psa() in 2 parts: - mbedtls_cipher_values_from_psa() that performs parameters' validation and return cipher's values - mbedtls_cipher_info_from_psa() which then use those values to return the proper cipher_info pointer. Of course this depends on CIPHER_C. Signed-off-by: Valerio Setti --- library/psa_crypto_aead.c | 19 ++++------ library/psa_crypto_cipher.c | 69 ++++++++++++++++++++++++------------- library/psa_crypto_cipher.h | 21 +++++++++++ 3 files changed, 73 insertions(+), 36 deletions(-) diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c index 73d8b01e9..6f026a0d7 100644 --- a/library/psa_crypto_aead.c +++ b/library/psa_crypto_aead.c @@ -43,21 +43,16 @@ static psa_status_t psa_aead_setup( psa_algorithm_t alg) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - + mbedtls_cipher_id_t cipher_id; + mbedtls_cipher_mode_t mode; + size_t key_bits = attributes->core.bits; (void) key_buffer_size; -#if defined(MBEDTLS_CIPHER_C) - const mbedtls_cipher_info_t *cipher_info; - mbedtls_cipher_id_t cipher_id; - size_t key_bits = attributes->core.bits; - - cipher_info = mbedtls_cipher_info_from_psa(alg, - attributes->core.type, key_bits, - &cipher_id); - if (cipher_info == NULL) { - return PSA_ERROR_NOT_SUPPORTED; + status = mbedtls_cipher_values_from_psa(alg, attributes->core.type, + &key_bits, &mode, &cipher_id); + if (status != PSA_SUCCESS) { + return status; } -#endif /* MBEDTLS_CIPHER_C */ switch (PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0)) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index c881d65b6..7e81dfee7 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -31,15 +31,15 @@ #include -#if defined(MBEDTLS_CIPHER_C) -const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( +psa_status_t mbedtls_cipher_values_from_psa( psa_algorithm_t alg, psa_key_type_t key_type, - size_t key_bits, + size_t *key_bits, + mbedtls_cipher_mode_t *mode, mbedtls_cipher_id_t *cipher_id) { - mbedtls_cipher_mode_t mode; mbedtls_cipher_id_t cipher_id_tmp; + (void) key_bits; if (PSA_ALG_IS_AEAD(alg)) { alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0); @@ -49,66 +49,66 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( switch (alg) { #if defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) case PSA_ALG_STREAM_CIPHER: - mode = MBEDTLS_MODE_STREAM; + *mode = MBEDTLS_MODE_STREAM; break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) case PSA_ALG_CTR: - mode = MBEDTLS_MODE_CTR; + *mode = MBEDTLS_MODE_CTR; break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) case PSA_ALG_CFB: - mode = MBEDTLS_MODE_CFB; + *mode = MBEDTLS_MODE_CFB; break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) case PSA_ALG_OFB: - mode = MBEDTLS_MODE_OFB; + *mode = MBEDTLS_MODE_OFB; break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) case PSA_ALG_ECB_NO_PADDING: - mode = MBEDTLS_MODE_ECB; + *mode = MBEDTLS_MODE_ECB; break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) case PSA_ALG_CBC_NO_PADDING: - mode = MBEDTLS_MODE_CBC; + *mode = MBEDTLS_MODE_CBC; break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) case PSA_ALG_CBC_PKCS7: - mode = MBEDTLS_MODE_CBC; + *mode = MBEDTLS_MODE_CBC; break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG) case PSA_ALG_CCM_STAR_NO_TAG: - mode = MBEDTLS_MODE_CCM_STAR_NO_TAG; + *mode = MBEDTLS_MODE_CCM_STAR_NO_TAG; break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0): - mode = MBEDTLS_MODE_CCM; + *mode = MBEDTLS_MODE_CCM; break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0): - mode = MBEDTLS_MODE_GCM; + *mode = MBEDTLS_MODE_GCM; break; #endif #if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305) case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0): - mode = MBEDTLS_MODE_CHACHAPOLY; + *mode = MBEDTLS_MODE_CHACHAPOLY; break; #endif default: - return NULL; + return PSA_ERROR_NOT_SUPPORTED; } } else if (alg == PSA_ALG_CMAC) { - mode = MBEDTLS_MODE_ECB; + *mode = MBEDTLS_MODE_ECB; } else { - return NULL; + return PSA_ERROR_NOT_SUPPORTED; } switch (key_type) { @@ -126,7 +126,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( case PSA_KEY_TYPE_DES: /* key_bits is 64 for Single-DES, 128 for two-key Triple-DES, * and 192 for three-key Triple-DES. */ - if (key_bits == 64) { + if (*key_bits == 64) { cipher_id_tmp = MBEDTLS_CIPHER_ID_DES; } else { cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES; @@ -134,8 +134,8 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( /* mbedtls doesn't recognize two-key Triple-DES as an algorithm, * but two-key Triple-DES is functionally three-key Triple-DES * with K1=K3, so that's how we present it to mbedtls. */ - if (key_bits == 128) { - key_bits = 192; + if (*key_bits == 128) { + *key_bits = 192; } break; #endif @@ -150,14 +150,35 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( break; #endif default: - return NULL; + return PSA_ERROR_NOT_SUPPORTED; } if (cipher_id != NULL) { *cipher_id = cipher_id_tmp; } - return mbedtls_cipher_info_from_values(cipher_id_tmp, - (int) key_bits, mode); + return PSA_SUCCESS; +} + +#if defined(MBEDTLS_CIPHER_C) +const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa( + psa_algorithm_t alg, + psa_key_type_t key_type, + size_t key_bits, + mbedtls_cipher_id_t *cipher_id) +{ + mbedtls_cipher_mode_t mode; + psa_status_t status; + mbedtls_cipher_id_t cipher_id_tmp; + + status = mbedtls_cipher_values_from_psa(alg, key_type, &key_bits, &mode, &cipher_id_tmp); + if (status != PSA_SUCCESS) { + return NULL; + } + if (cipher_id != NULL) { + *cipher_id = cipher_id_tmp; + } + + return mbedtls_cipher_info_from_values(cipher_id_tmp, (int) key_bits, mode); } #endif /* MBEDTLS_CIPHER_C */ diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index 933092ddd..5ed8a7779 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -24,6 +24,27 @@ #include #include +/** Get Mbed TLS cipher information given the cipher algorithm PSA identifier + * as well as the PSA type and size of the key to be used with the cipher + * algorithm. + * + * \param[in] alg PSA cipher algorithm identifier + * \param[in] key_type PSA key type + * \param[in,out] key_bits Size of the key in bits. The value provided in input + * might be updated if necessary. + * \param[out] mode Mbed TLS cipher mode + * \param[out] cipher_id Mbed TLS cipher algorithm identifier + * + * \return On success \c PSA_SUCCESS is returned and key_bits, mode and cipher_id + * are properly updated. + * \c PSA_ERROR_NOT_SUPPORTED is returned if the cipher algorithm is not + * supported. + */ + +psa_status_t mbedtls_cipher_values_from_psa(psa_algorithm_t alg, psa_key_type_t key_type, + size_t *key_bits, mbedtls_cipher_mode_t *mode, + mbedtls_cipher_id_t *cipher_id); + #if defined(MBEDTLS_CIPHER_C) /** Get Mbed TLS cipher information given the cipher algorithm PSA identifier * as well as the PSA type and size of the key to be used with the cipher From 7e710e8272d9803c4a8e3eded629c64723113e45 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 25 Aug 2023 09:14:15 +0200 Subject: [PATCH 0436/1674] all.sh: add components as full_no_cipher with CRYPTO_C and CRYPTO_CONFIG Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 87 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 85 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b0b32fed5..db6bed835 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1488,7 +1488,7 @@ component_test_crypto_full_md_light_only () { } component_test_full_no_cipher () { - msg "build: full minus CIPHER" + msg "build: full - CIPHER - PSA_CRYPTO_C" scripts/config.py full scripts/config.py unset MBEDTLS_CIPHER_C # Don't pull in cipher via PSA mechanisms @@ -1518,10 +1518,93 @@ component_test_full_no_cipher () { scripts/config.py unset MBEDTLS_LMS_PRIVATE make - msg "test: full minus CIPHER" + msg "test: full - CIPHER - PSA_CRYPTO_C" make test } +# This is a common configurator and test function that is used in: +# - component_test_full_no_cipher_with_crypto +# - component_test_full_no_cipher_with_crypto_config +# It accepts 2 input parameters: +# - $1: boolean value which basically reflects status of MBEDTLS_PSA_CRYPTO_CONFIG +# - $2: a text string which describes the test component +common_test_full_no_cipher_with_crypto () { + USE_CRYPTO_CONFIG="$1" + COMPONENT_DESCRIPTION="$2" + + msg "build: $COMPONENT_DESCRIPTION" + + scripts/config.py full + scripts/config.py unset MBEDTLS_CIPHER_C + + if [ "$USE_CRYPTO_CONFIG" -eq 1 ]; then + # Direct dependencies from PSA config + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM_STAR_NO_TAG + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_GCM + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CMAC + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CBC_NO_PADDING + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CBC_PKCS7 + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CFB + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CTR + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECB_NO_PADDING + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_OFB + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_AES + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_DES + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_CAMELLIA + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_ARIA + else + # Don't pull in cipher via PSA mechanisms + scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG + fi + # Direct dependencies + scripts/config.py unset MBEDTLS_CCM_C + scripts/config.py unset MBEDTLS_CMAC_C + scripts/config.py unset MBEDTLS_GCM_C + scripts/config.py unset MBEDTLS_NIST_KW_C + scripts/config.py unset MBEDTLS_PKCS12_C + scripts/config.py unset MBEDTLS_PKCS5_C + scripts/config.py unset MBEDTLS_SSL_TLS_C + scripts/config.py unset MBEDTLS_SSL_TICKET_C + # Disable cipher modes/keys that make PSA depend on CIPHER_C. + # Keep CHACHA20 enabled since it does not depend on CIPHER_C. + scripts/config.py unset-all MBEDTLS_CIPHER_MODE + scripts/config.py unset MBEDTLS_AES_C + scripts/config.py unset MBEDTLS_DES_C + scripts/config.py unset MBEDTLS_ARIA_C + scripts/config.py unset MBEDTLS_CAMELLIA_C + # Dependencies on AES_C + scripts/config.py unset MBEDTLS_CTR_DRBG_C + # Disable dependencies on the AEAD algs + scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION + # Indirect dependencies + scripts/config.py unset MBEDTLS_SSL_CLI_C + scripts/config.py unset MBEDTLS_SSL_DTLS_ANTI_REPLAY + scripts/config.py unset MBEDTLS_SSL_DTLS_CONNECTION_ID + scripts/config.py unset MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT + scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_SRV_C + scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO + scripts/config.py unset MBEDTLS_LMS_C + scripts/config.py unset MBEDTLS_LMS_PRIVATE + make + + # Ensure that CIPHER_C was not re-enabled + not grep mbedtls_cipher_init library/cipher.o + + msg "test: $COMPONENT_DESCRIPTION" + make test +} + +component_test_full_no_cipher_with_crypto() { + common_test_full_no_cipher_with_crypto 0 "full - CIPHER - CRYPTO_CONFIG" +} + +component_test_full_no_cipher_with_crypto_config() { + common_test_full_no_cipher_with_crypto 1 "full - CIPHER" +} + component_test_full_no_bignum () { msg "build: full minus bignum" scripts/config.py full From 1e21f26d886bb9e86476c185bd761e20b5905329 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 20 Oct 2023 16:24:07 +0200 Subject: [PATCH 0437/1674] psa_crypto_cipher: add helper to validate PSA cipher values Signed-off-by: Valerio Setti --- library/psa_crypto_cipher.c | 54 ++++++++++++++++++++++++++++++++++++- 1 file changed, 53 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 7e81dfee7..b195bb9fd 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -31,6 +31,58 @@ #include +/* mbedtls_cipher_values_from_psa() below only checks if the proper build symbols + * are enabled, but it does not provide any compatibility check between them + * (i.e. if the specified key works with the specified algorithm). This helper + * function is meant to provide this support. + * mbedtls_cipher_info_from_psa() might be used for the same purpose, but it + * requires CIPHER_C to be enabled. + */ +static psa_status_t mbedtls_cipher_validate_values( + psa_algorithm_t alg, + psa_key_type_t key_type) +{ + switch (alg) { + case PSA_ALG_STREAM_CIPHER: + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0): + if (key_type != PSA_KEY_TYPE_CHACHA20) { + return PSA_ERROR_NOT_SUPPORTED; + } + break; + + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0): + case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0): + case PSA_ALG_CCM_STAR_NO_TAG: + if ((key_type != PSA_KEY_TYPE_AES) && + (key_type != PSA_KEY_TYPE_ARIA) && + (key_type != PSA_KEY_TYPE_CAMELLIA)) { + return PSA_ERROR_NOT_SUPPORTED; + } + break; + + case PSA_ALG_CTR: + case PSA_ALG_CFB: + case PSA_ALG_OFB: + case PSA_ALG_XTS: + case PSA_ALG_ECB_NO_PADDING: + case PSA_ALG_CBC_NO_PADDING: + case PSA_ALG_CBC_PKCS7: + case PSA_ALG_CMAC: + if ((key_type != PSA_KEY_TYPE_AES) && + (key_type != PSA_KEY_TYPE_ARIA) && + (key_type != PSA_KEY_TYPE_DES) && + (key_type != PSA_KEY_TYPE_CAMELLIA)) { + return PSA_ERROR_NOT_SUPPORTED; + } + break; + + default: + return PSA_ERROR_NOT_SUPPORTED; + } + + return PSA_SUCCESS; +} + psa_status_t mbedtls_cipher_values_from_psa( psa_algorithm_t alg, psa_key_type_t key_type, @@ -156,7 +208,7 @@ psa_status_t mbedtls_cipher_values_from_psa( *cipher_id = cipher_id_tmp; } - return PSA_SUCCESS; + return mbedtls_cipher_validate_values(alg, key_type); } #if defined(MBEDTLS_CIPHER_C) From 36fe8b9f4b4b65432d84bbd26ebcad97e6d6e593 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 23 Oct 2023 14:12:23 +0200 Subject: [PATCH 0438/1674] psa_crypto_cipher: add guard for unused variable Signed-off-by: Valerio Setti --- library/psa_crypto_cipher.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index b195bb9fd..38be84b0b 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -91,7 +91,10 @@ psa_status_t mbedtls_cipher_values_from_psa( mbedtls_cipher_id_t *cipher_id) { mbedtls_cipher_id_t cipher_id_tmp; + /* Only DES modifies key_bits */ +#if !defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) (void) key_bits; +#endif if (PSA_ALG_IS_AEAD(alg)) { alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0); From df17a102e50e7a0db66c8ee9649d54485870d26a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 23 Oct 2023 14:14:19 +0200 Subject: [PATCH 0439/1674] all.sh: replace minus sign in text messages with "no" Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index db6bed835..8f5263759 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1488,7 +1488,7 @@ component_test_crypto_full_md_light_only () { } component_test_full_no_cipher () { - msg "build: full - CIPHER - PSA_CRYPTO_C" + msg "build: full no CIPHER no PSA_CRYPTO_C" scripts/config.py full scripts/config.py unset MBEDTLS_CIPHER_C # Don't pull in cipher via PSA mechanisms @@ -1518,7 +1518,7 @@ component_test_full_no_cipher () { scripts/config.py unset MBEDTLS_LMS_PRIVATE make - msg "test: full - CIPHER - PSA_CRYPTO_C" + msg "test: full no CIPHER no PSA_CRYPTO_C" make test } @@ -1598,11 +1598,11 @@ common_test_full_no_cipher_with_crypto () { } component_test_full_no_cipher_with_crypto() { - common_test_full_no_cipher_with_crypto 0 "full - CIPHER - CRYPTO_CONFIG" + common_test_full_no_cipher_with_crypto 0 "full no CIPHER no CRYPTO_CONFIG" } component_test_full_no_cipher_with_crypto_config() { - common_test_full_no_cipher_with_crypto 1 "full - CIPHER" + common_test_full_no_cipher_with_crypto 1 "full no CIPHER" } component_test_full_no_bignum () { From c84d940704a4608e7085f2cf639100746900d89d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 23 Oct 2023 14:58:25 +0200 Subject: [PATCH 0440/1674] all.sh: fix comments in common_test_full_no_cipher_with_crypto() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8f5263759..d0e0c6098 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1538,7 +1538,7 @@ common_test_full_no_cipher_with_crypto () { scripts/config.py unset MBEDTLS_CIPHER_C if [ "$USE_CRYPTO_CONFIG" -eq 1 ]; then - # Direct dependencies from PSA config + # The built-in implementation of these modes currently depends on CIPHER_C scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM_STAR_NO_TAG scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_GCM @@ -1558,7 +1558,7 @@ common_test_full_no_cipher_with_crypto () { # Don't pull in cipher via PSA mechanisms scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG fi - # Direct dependencies + # The following modules directly depends on CIPHER_C scripts/config.py unset MBEDTLS_CCM_C scripts/config.py unset MBEDTLS_CMAC_C scripts/config.py unset MBEDTLS_GCM_C From fb0b0ffaa4b3d3745cb7d43d0932c6f2f37a3ad2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 23 Oct 2023 14:58:55 +0200 Subject: [PATCH 0441/1674] all.sh: keep symbols that don't depend on CIPHER_C (directly or indirectly) Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d0e0c6098..c27923ce8 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1576,18 +1576,7 @@ common_test_full_no_cipher_with_crypto () { scripts/config.py unset MBEDTLS_CAMELLIA_C # Dependencies on AES_C scripts/config.py unset MBEDTLS_CTR_DRBG_C - # Disable dependencies on the AEAD algs - scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION - # Indirect dependencies - scripts/config.py unset MBEDTLS_SSL_CLI_C - scripts/config.py unset MBEDTLS_SSL_DTLS_ANTI_REPLAY - scripts/config.py unset MBEDTLS_SSL_DTLS_CONNECTION_ID - scripts/config.py unset MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT - scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_SRV_C - scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO - scripts/config.py unset MBEDTLS_LMS_C - scripts/config.py unset MBEDTLS_LMS_PRIVATE + make # Ensure that CIPHER_C was not re-enabled From 4529d65e30179d25e38dd09301c1f1350c109079 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 24 Oct 2023 11:51:58 +0200 Subject: [PATCH 0442/1674] all.sh: improve test_full_no_cipher() - remove unnecessary disabled items (most of them were already disabled automatically once MBEDTLS_SSL_TLS_C was disabled) - improve dependencies' comments, especially the last one which list items depending on PSA_CRYPTO_C Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c27923ce8..0e4d0e22a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1494,7 +1494,7 @@ component_test_full_no_cipher () { # Don't pull in cipher via PSA mechanisms # (currently ignored anyway because we completely disable PSA) scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG - # Direct dependencies + # Disable features that depend on CIPHER_C scripts/config.py unset MBEDTLS_CCM_C scripts/config.py unset MBEDTLS_CMAC_C scripts/config.py unset MBEDTLS_GCM_C @@ -1504,15 +1504,9 @@ component_test_full_no_cipher () { scripts/config.py unset MBEDTLS_PSA_CRYPTO_C scripts/config.py unset MBEDTLS_SSL_TLS_C scripts/config.py unset MBEDTLS_SSL_TICKET_C - # Indirect dependencies - scripts/config.py unset MBEDTLS_SSL_CLI_C + # Disable features that depend on PSA_CRYPTO_C scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C - scripts/config.py unset MBEDTLS_SSL_DTLS_ANTI_REPLAY - scripts/config.py unset MBEDTLS_SSL_DTLS_CONNECTION_ID - scripts/config.py unset MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT - scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_SRV_C scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE From 5b4039f36dc27c65a442d941cb187bfa6081a730 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 24 Oct 2023 13:41:44 +0200 Subject: [PATCH 0443/1674] all.sh: rename common config/test function Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 0e4d0e22a..b33795176 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1522,7 +1522,7 @@ component_test_full_no_cipher () { # It accepts 2 input parameters: # - $1: boolean value which basically reflects status of MBEDTLS_PSA_CRYPTO_CONFIG # - $2: a text string which describes the test component -common_test_full_no_cipher_with_crypto () { +common_test_full_no_cipher_with_psa_crypto () { USE_CRYPTO_CONFIG="$1" COMPONENT_DESCRIPTION="$2" @@ -1581,11 +1581,11 @@ common_test_full_no_cipher_with_crypto () { } component_test_full_no_cipher_with_crypto() { - common_test_full_no_cipher_with_crypto 0 "full no CIPHER no CRYPTO_CONFIG" + common_test_full_no_cipher_with_psa_crypto 0 "full no CIPHER no CRYPTO_CONFIG" } component_test_full_no_cipher_with_crypto_config() { - common_test_full_no_cipher_with_crypto 1 "full no CIPHER" + common_test_full_no_cipher_with_psa_crypto 1 "full no CIPHER" } component_test_full_no_bignum () { From 862021a1189f50f6690f97b78af7897c7bce5574 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 24 Oct 2023 13:52:06 +0200 Subject: [PATCH 0444/1674] all.sh: improve comments in common_test_full_no_cipher_with_psa_crypto Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b33795176..eb12a89d7 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1532,7 +1532,10 @@ common_test_full_no_cipher_with_psa_crypto () { scripts/config.py unset MBEDTLS_CIPHER_C if [ "$USE_CRYPTO_CONFIG" -eq 1 ]; then - # The built-in implementation of these modes currently depends on CIPHER_C + # The built-in implementation of the following algs/key-types depends + # on CIPHER_C so we disable them. + # This does not hold for KEY_TYPE_CHACHA20 and ALG_CHACHA20_POLY1305 + # so we keep them enabled. scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM_STAR_NO_TAG scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_GCM @@ -1562,7 +1565,7 @@ common_test_full_no_cipher_with_psa_crypto () { scripts/config.py unset MBEDTLS_SSL_TLS_C scripts/config.py unset MBEDTLS_SSL_TICKET_C # Disable cipher modes/keys that make PSA depend on CIPHER_C. - # Keep CHACHA20 enabled since it does not depend on CIPHER_C. + # Keep CHACHA20 and CHACHAPOLY enabled since they do not depend on CIPHER_C. scripts/config.py unset-all MBEDTLS_CIPHER_MODE scripts/config.py unset MBEDTLS_AES_C scripts/config.py unset MBEDTLS_DES_C From 287f6d1f5c1c967195054edd46ca66f0ff484fda Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 24 Oct 2023 14:12:59 +0200 Subject: [PATCH 0445/1674] all.sh: unset MBEDTLS symbols for modes/keys only when !PSA_CRYPTO_CONFIG Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index eb12a89d7..1eea025cb 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1554,6 +1554,15 @@ common_test_full_no_cipher_with_psa_crypto () { else # Don't pull in cipher via PSA mechanisms scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG + # Disable cipher modes/keys that make PSA depend on CIPHER_C. + # Keep CHACHA20 and CHACHAPOLY enabled since they do not depend on CIPHER_C. + scripts/config.py unset-all MBEDTLS_CIPHER_MODE + scripts/config.py unset MBEDTLS_AES_C + scripts/config.py unset MBEDTLS_DES_C + scripts/config.py unset MBEDTLS_ARIA_C + scripts/config.py unset MBEDTLS_CAMELLIA_C + # Dependencies on AES_C + scripts/config.py unset MBEDTLS_CTR_DRBG_C fi # The following modules directly depends on CIPHER_C scripts/config.py unset MBEDTLS_CCM_C @@ -1564,15 +1573,6 @@ common_test_full_no_cipher_with_psa_crypto () { scripts/config.py unset MBEDTLS_PKCS5_C scripts/config.py unset MBEDTLS_SSL_TLS_C scripts/config.py unset MBEDTLS_SSL_TICKET_C - # Disable cipher modes/keys that make PSA depend on CIPHER_C. - # Keep CHACHA20 and CHACHAPOLY enabled since they do not depend on CIPHER_C. - scripts/config.py unset-all MBEDTLS_CIPHER_MODE - scripts/config.py unset MBEDTLS_AES_C - scripts/config.py unset MBEDTLS_DES_C - scripts/config.py unset MBEDTLS_ARIA_C - scripts/config.py unset MBEDTLS_CAMELLIA_C - # Dependencies on AES_C - scripts/config.py unset MBEDTLS_CTR_DRBG_C make From 4da369f74136d975c8d01eaf68d7261638faecb7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 18 Oct 2023 09:40:32 +0200 Subject: [PATCH 0446/1674] analyze_outcomes: minor code cleanup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/analyze_outcomes.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 706421f6c..ae3450d39 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -112,15 +112,18 @@ def analyze_driver_vs_reference(results: Results, outcomes, hits = outcomes[key].hits() if key in outcomes else 0 if hits == 0: continue - # Skip ignored test suites - full_test_suite = key.split(';')[0] # retrieve full test suite name - test_string = key.split(';')[1] # retrieve the text string of this test + + # key is like "test_suite_foo.bar;Description of test case" + (full_test_suite, test_string) = key.split(';') test_suite = full_test_suite.split('.')[0] # retrieve main part of test suite name + # Skip fully-ignored test suites if test_suite in ignored_suites or full_test_suite in ignored_suites: continue + # Skip ignored test cases inside test suites if ((full_test_suite in ignored_test) and (test_string in ignored_test[full_test_suite])): continue + # Search for tests that run in reference component and not in driver component driver_test_passed = False reference_test_passed = False From 881ce01db3ffc62989ff0641a1dd71b7581f5807 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 18 Oct 2023 10:22:07 +0200 Subject: [PATCH 0447/1674] analyze_outcomes: add regex match for ignored tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/analyze_outcomes.py | 38 +++++++++++++++---------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index ae3450d39..60717442f 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -95,9 +95,22 @@ def analyze_coverage(results, outcomes, allow_list, full_coverage): else: results.warning('Allow listed test case was executed: {}', key) +def name_matches_pattern(name, str_or_re): + """Check if name matches a pattern, that may be a string or regex. + - If the pattern is a string, name must be equal to match. + - If the pattern is a regex, name must fully match. + """ + if isinstance(str_or_re, re.Pattern): + if str_or_re.fullmatch(name): + return True + else: + if str_or_re == name: + return True + return False + def analyze_driver_vs_reference(results: Results, outcomes, component_ref, component_driver, - ignored_suites, ignored_test=None): + ignored_suites, ignored_tests=None): """Check that all tests executed in the reference component are also executed in the corresponding driver component. Skip: @@ -120,9 +133,10 @@ def analyze_driver_vs_reference(results: Results, outcomes, if test_suite in ignored_suites or full_test_suite in ignored_suites: continue # Skip ignored test cases inside test suites - if ((full_test_suite in ignored_test) and - (test_string in ignored_test[full_test_suite])): - continue + if full_test_suite in ignored_tests: + for str_or_re in ignored_tests[full_test_suite]: + if name_matches_pattern(test_string, str_or_re): + continue # Search for tests that run in reference component and not in driver component driver_test_passed = False @@ -921,21 +935,7 @@ KNOWN_TASKS = { ], 'test_suite_asn1write': [ # Following tests depends on BIGNUM_C - 'ASN.1 Write mpi 0 (1 limb)', - 'ASN.1 Write mpi 0 (null)', - 'ASN.1 Write mpi 0x100', - 'ASN.1 Write mpi 0x7f', - 'ASN.1 Write mpi 0x7f with leading 0 limb', - 'ASN.1 Write mpi 0x80', - 'ASN.1 Write mpi 0x80 with leading 0 limb', - 'ASN.1 Write mpi 0xff', - 'ASN.1 Write mpi 1', - 'ASN.1 Write mpi, 127*8 bits', - 'ASN.1 Write mpi, 127*8+1 bits', - 'ASN.1 Write mpi, 127*8-1 bits', - 'ASN.1 Write mpi, 255*8 bits', - 'ASN.1 Write mpi, 255*8-1 bits', - 'ASN.1 Write mpi, 256*8-1 bits', + re.compile('ASN.1 Write mpi.*'), ], } } From 371165aec0cc4ea2570a77ec763b989ffc815c2f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 18 Oct 2023 12:44:54 +0200 Subject: [PATCH 0448/1674] analyze_outcomes: useless ignores are now errors MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Change from iterating on all available tests to iterating on tests with an outcome: initially we were iterating on available tests but immediately ignoring those that were always skipped. That last part played poorly with the new error (we want to know if the test ignored due to a pattern was skipped in the reference component), but when removing it, we were left with iterating on all available tests then skipping those that don't have outcomes entries: this is equivalent to iterating on tests with an outcome entry, which is more readable. Also, give an error if the outcome file contains no passing test from the reference component: probably means we're using the wrong outcome file. Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/analyze_outcomes.py | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 60717442f..6611373fe 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -118,25 +118,24 @@ def analyze_driver_vs_reference(results: Results, outcomes, - only some specific test inside a test suite, for which the corresponding output string is provided """ - available = check_test_cases.collect_available_test_cases() - - for key in available: - # Continue if test was not executed by any component - hits = outcomes[key].hits() if key in outcomes else 0 - if hits == 0: - continue - + seen_reference_passing = False + for key in outcomes: # key is like "test_suite_foo.bar;Description of test case" (full_test_suite, test_string) = key.split(';') test_suite = full_test_suite.split('.')[0] # retrieve main part of test suite name - # Skip fully-ignored test suites + + # Immediately skip fully-ignored test suites if test_suite in ignored_suites or full_test_suite in ignored_suites: continue - # Skip ignored test cases inside test suites + + # For ignored test cases inside test suites, just remember and: + # don't issue an error if they're skipped with drivers, + # but issue an error if they're not (means we have a bad entry). + ignored = False if full_test_suite in ignored_tests: for str_or_re in ignored_tests[full_test_suite]: if name_matches_pattern(test_string, str_or_re): - continue + ignored = True # Search for tests that run in reference component and not in driver component driver_test_passed = False @@ -146,8 +145,16 @@ def analyze_driver_vs_reference(results: Results, outcomes, driver_test_passed = True if component_ref in entry: reference_test_passed = True + seen_reference_passing = True if(reference_test_passed and not driver_test_passed): - results.error("Did not pass with driver: {}", key) + if not ignored: + results.error("PASS -> SKIP/FAIL: {}", key) + else: + if ignored: + results.error("uselessly ignored: {}", key) + + if not seen_reference_passing: + results.error("no passing test in reference component: bad outcome file?") def analyze_outcomes(results: Results, outcomes, args): """Run all analyses on the given outcome collection.""" From b4558bd6e46af48eb83181e84f233d3dae745e96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 18 Oct 2023 13:00:49 +0200 Subject: [PATCH 0449/1674] analyze_outcomes: remove useless ignore entries MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/analyze_outcomes.py | 99 ------------------------------- 1 file changed, 99 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 6611373fe..7c6b47d20 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -587,14 +587,6 @@ KNOWN_TASKS = { 'ECP test vectors secp384r1 rfc 5114', 'ECP test vectors secp521r1 rfc 5114', ], - 'test_suite_psa_crypto': [ - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1', - ], 'test_suite_ssl': [ 'Test configuration of groups for DHE through mbedtls_ssl_conf_curves()', ], @@ -618,21 +610,6 @@ KNOWN_TASKS = { 'test_suite_random': [ 'PSA classic wrapper: ECDSA signature (SECP256R1)', ], - 'test_suite_psa_crypto': [ - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1', - 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)', - ], 'test_suite_pkparse': [ # When PK_PARSE_C and ECP_C are defined then PK_PARSE_EC_COMPRESSED # is automatically enabled in build_info.h (backward compatibility) @@ -686,21 +663,6 @@ KNOWN_TASKS = { 'test_suite_random': [ 'PSA classic wrapper: ECDSA signature (SECP256R1)', ], - 'test_suite_psa_crypto': [ - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1', - 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)', - ], 'test_suite_pkparse': [ # See the description provided above in the # analyze_driver_vs_reference_no_ecp_at_all component. @@ -783,21 +745,6 @@ KNOWN_TASKS = { 'test_suite_random': [ 'PSA classic wrapper: ECDSA signature (SECP256R1)', ], - 'test_suite_psa_crypto': [ - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp384r1', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1', - 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)', - ], 'test_suite_pkparse': [ # See the description provided above in the # analyze_driver_vs_reference_no_ecp_at_all component. @@ -887,55 +834,9 @@ KNOWN_TASKS = { 'ignored_tests': { # Ignore all tests that require DERIVE support which is disabled # in the driver version - 'test_suite_psa_crypto': [ - 'PSA key agreement setup: ECDH + HKDF-SHA-256: good', - ('PSA key agreement setup: ECDH + HKDF-SHA-256: good, key algorithm broader ' - 'than required'), - 'PSA key agreement setup: ECDH + HKDF-SHA-256: public key not on curve', - 'PSA key agreement setup: KDF instead of a key agreement algorithm', - 'PSA key agreement setup: bad key agreement algorithm', - 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160', - 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 0+32', - 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 1+31', - 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 31+1', - 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+0', - 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32+32', - 'PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 64+0', - 'PSA key derivation: ECDH on P256 with HKDF-SHA256, info first', - 'PSA key derivation: ECDH on P256 with HKDF-SHA256, key output', - 'PSA key derivation: ECDH on P256 with HKDF-SHA256, missing info', - 'PSA key derivation: ECDH on P256 with HKDF-SHA256, omitted salt', - 'PSA key derivation: ECDH on P256 with HKDF-SHA256, raw output', - 'PSA key derivation: ECDH on P256 with HKDF-SHA256, salt after secret', - 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, good case', - 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label', - 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label and secret', - 'PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, no inputs', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)', - 'PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA', - 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 0+48, ka', - 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 24+24, ka', - 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, SHA-256, 48+0, ka', - 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #1, ka', - 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #3, ka', - 'PSA key derivation: TLS 1.2 Mix-PSK-to-MS, bad state #4, ka', - 'PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC MONTGOMERY (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled)', - 'PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled)', - 'PSA raw key agreement: ECDH SECP256R1 (RFC 5903)', - ], 'test_suite_random': [ 'PSA classic wrapper: ECDSA signature (SECP256R1)', ], - 'test_suite_psa_crypto_pake': [ - 'PSA PAKE: ecjpake size macros', - ], 'test_suite_asn1parse': [ # This test depends on BIGNUM_C 'INTEGER too large for mpi', From 4fd5a6ac9ed8e7873cca7c5514b584378865516a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 20 Oct 2023 10:21:09 +0200 Subject: [PATCH 0450/1674] analyze_outcomes: use regexes with ECC components MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/analyze_outcomes.py | 231 ++++++------------------------ 1 file changed, 45 insertions(+), 186 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 7c6b47d20..641d114c1 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -541,11 +541,13 @@ KNOWN_TASKS = { 'component_ref': 'test_psa_crypto_config_reference_ecc_ecp_light_only', 'component_driver': 'test_psa_crypto_config_accel_ecc_ecp_light_only', 'ignored_suites': [ - 'ecdsa', - 'ecdh', - 'ecjpake', + # Modules replaced by drivers + 'ecdsa', 'ecdh', 'ecjpake', ], 'ignored_tests': { + # This test wants a legacy function that takes f_rng, p_rng + # arguments, and uses legacy ECDSA for that. The test is + # really about the wrapper around the PSA RNG, not ECDSA. 'test_suite_random': [ 'PSA classic wrapper: ECDSA signature (SECP256R1)', ], @@ -553,41 +555,14 @@ KNOWN_TASKS = { # so we must ignore disparities in the tests for which ECP_C # is required. 'test_suite_ecp': [ - 'ECP check public-private #1 (OK)', - 'ECP check public-private #2 (group none)', - 'ECP check public-private #3 (group mismatch)', - 'ECP check public-private #4 (Qx mismatch)', - 'ECP check public-private #5 (Qy mismatch)', - 'ECP check public-private #6 (wrong Qx)', - 'ECP check public-private #7 (wrong Qy)', - 'ECP gen keypair [#1]', - 'ECP gen keypair [#2]', - 'ECP gen keypair [#3]', - 'ECP gen keypair wrapper', - 'ECP point muladd secp256r1 #1', - 'ECP point muladd secp256r1 #2', - 'ECP point multiplication Curve25519 (element of order 2: origin) #3', - 'ECP point multiplication Curve25519 (element of order 4: 1) #4', - 'ECP point multiplication Curve25519 (element of order 8) #5', - 'ECP point multiplication Curve25519 (normalized) #1', - 'ECP point multiplication Curve25519 (not normalized) #2', - 'ECP point multiplication rng fail Curve25519', - 'ECP point multiplication rng fail secp256r1', - 'ECP test vectors Curve25519', - 'ECP test vectors Curve448 (RFC 7748 6.2, after decodeUCoordinate)', - 'ECP test vectors brainpoolP256r1 rfc 7027', - 'ECP test vectors brainpoolP384r1 rfc 7027', - 'ECP test vectors brainpoolP512r1 rfc 7027', - 'ECP test vectors secp192k1', - 'ECP test vectors secp192r1 rfc 5114', - 'ECP test vectors secp224k1', - 'ECP test vectors secp224r1 rfc 5114', - 'ECP test vectors secp256k1', - 'ECP test vectors secp256r1 rfc 5114', - 'ECP test vectors secp384r1 rfc 5114', - 'ECP test vectors secp521r1 rfc 5114', + re.compile(r'ECP check public-private .*'), + re.compile(r'ECP gen keypair .*'), + re.compile(r'ECP point muladd .*'), + re.compile(r'ECP point multiplication .*'), + re.compile(r'ECP test vectors .*'), ], 'test_suite_ssl': [ + # This deprecated function is only present when ECP_C is On. 'Test configuration of groups for DHE through mbedtls_ssl_conf_curves()', ], } @@ -599,14 +574,11 @@ KNOWN_TASKS = { 'component_ref': 'test_psa_crypto_config_reference_ecc_no_ecp_at_all', 'component_driver': 'test_psa_crypto_config_accel_ecc_no_ecp_at_all', 'ignored_suites': [ - # Ignore test suites for the modules that are disabled in the - # accelerated test case. - 'ecp', - 'ecdsa', - 'ecdh', - 'ecjpake', + # Modules replaced by drivers + 'ecp', 'ecdsa', 'ecdh', 'ecjpake', ], 'ignored_tests': { + # See ecp_light_only 'test_suite_random': [ 'PSA classic wrapper: ECDSA signature (SECP256R1)', ], @@ -617,23 +589,10 @@ KNOWN_TASKS = { # consequence compressed points are supported in the reference # component but not in the accelerated one, so they should be skipped # while checking driver's coverage. - 'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)', - 'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)', - 'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)', - 'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)', - 'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)', - 'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)', - 'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)', - 'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)', - 'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)', - 'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)', - 'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)', - 'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)', - 'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)', - 'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)', - 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)', - 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)', + re.compile(r'Parse EC Key .*compressed\)'), + re.compile(r'Parse Public EC Key .*compressed\)'), ], + # See ecp_light_only 'test_suite_ssl': [ 'Test configuration of groups for DHE through mbedtls_ssl_conf_curves()', ], @@ -646,75 +605,31 @@ KNOWN_TASKS = { 'component_ref': 'test_psa_crypto_config_reference_ecc_no_bignum', 'component_driver': 'test_psa_crypto_config_accel_ecc_no_bignum', 'ignored_suites': [ - # Ignore test suites for the modules that are disabled in the - # accelerated test case. - 'ecp', - 'ecdsa', - 'ecdh', - 'ecjpake', - 'bignum_core', - 'bignum_random', - 'bignum_mod', - 'bignum_mod_raw', - 'bignum.generated', - 'bignum.misc', + # Modules replaced by drivers + 'ecp', 'ecdsa', 'ecdh', 'ecjpake', + 'bignum_core', 'bignum_random', 'bignum_mod', 'bignum_mod_raw', + 'bignum.generated', 'bignum.misc', ], 'ignored_tests': { + # See ecp_light_only 'test_suite_random': [ 'PSA classic wrapper: ECDSA signature (SECP256R1)', ], + # See no_ecp_at_all 'test_suite_pkparse': [ - # See the description provided above in the - # analyze_driver_vs_reference_no_ecp_at_all component. - 'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)', - 'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)', - 'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)', - 'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)', - 'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)', - 'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)', - 'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)', - 'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)', - 'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)', - 'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)', - 'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)', - 'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)', - 'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)', - 'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)', - 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)', - 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)', + re.compile(r'Parse EC Key .*compressed\)'), + re.compile(r'Parse Public EC Key .*compressed\)'), ], 'test_suite_asn1parse': [ - # This test depends on BIGNUM_C 'INTEGER too large for mpi', ], 'test_suite_asn1write': [ - # Following tests depends on BIGNUM_C - 'ASN.1 Write mpi 0 (1 limb)', - 'ASN.1 Write mpi 0 (null)', - 'ASN.1 Write mpi 0x100', - 'ASN.1 Write mpi 0x7f', - 'ASN.1 Write mpi 0x7f with leading 0 limb', - 'ASN.1 Write mpi 0x80', - 'ASN.1 Write mpi 0x80 with leading 0 limb', - 'ASN.1 Write mpi 0xff', - 'ASN.1 Write mpi 1', - 'ASN.1 Write mpi, 127*8 bits', - 'ASN.1 Write mpi, 127*8+1 bits', - 'ASN.1 Write mpi, 127*8-1 bits', - 'ASN.1 Write mpi, 255*8 bits', - 'ASN.1 Write mpi, 255*8-1 bits', - 'ASN.1 Write mpi, 256*8-1 bits', + re.compile(r'ASN.1 Write mpi.*'), ], 'test_suite_debug': [ - # Following tests depends on BIGNUM_C - 'Debug print mbedtls_mpi #2: 3 bits', - 'Debug print mbedtls_mpi: 0 (empty representation)', - 'Debug print mbedtls_mpi: 0 (non-empty representation)', - 'Debug print mbedtls_mpi: 49 bits', - 'Debug print mbedtls_mpi: 759 bits', - 'Debug print mbedtls_mpi: 764 bits #1', - 'Debug print mbedtls_mpi: 764 bits #2', + re.compile(r'Debug print mbedtls_mpi.*'), ], + # See ecp_light_only 'test_suite_ssl': [ 'Test configuration of groups for DHE through mbedtls_ssl_conf_curves()', ], @@ -727,76 +642,31 @@ KNOWN_TASKS = { 'component_ref': 'test_psa_crypto_config_reference_ecc_ffdh_no_bignum', 'component_driver': 'test_psa_crypto_config_accel_ecc_ffdh_no_bignum', 'ignored_suites': [ - # Ignore test suites for the modules that are disabled in the - # accelerated test case. - 'ecp', - 'ecdsa', - 'ecdh', - 'ecjpake', - 'bignum_core', - 'bignum_random', - 'bignum_mod', - 'bignum_mod_raw', - 'bignum.generated', - 'bignum.misc', - 'dhm', + # Modules replaced by drivers + 'ecp', 'ecdsa', 'ecdh', 'ecjpake', 'dhm', + 'bignum_core', 'bignum_random', 'bignum_mod', 'bignum_mod_raw', + 'bignum.generated', 'bignum.misc', ], 'ignored_tests': { + # See ecp_light_only 'test_suite_random': [ 'PSA classic wrapper: ECDSA signature (SECP256R1)', ], + # See no_ecp_at_all 'test_suite_pkparse': [ - # See the description provided above in the - # analyze_driver_vs_reference_no_ecp_at_all component. - 'Parse EC Key #10a (SEC1 PEM, secp384r1, compressed)', - 'Parse EC Key #11a (SEC1 PEM, secp521r1, compressed)', - 'Parse EC Key #12a (SEC1 PEM, bp256r1, compressed)', - 'Parse EC Key #13a (SEC1 PEM, bp384r1, compressed)', - 'Parse EC Key #14a (SEC1 PEM, bp512r1, compressed)', - 'Parse EC Key #2a (SEC1 PEM, secp192r1, compressed)', - 'Parse EC Key #8a (SEC1 PEM, secp224r1, compressed)', - 'Parse EC Key #9a (SEC1 PEM, secp256r1, compressed)', - 'Parse Public EC Key #2a (RFC 5480, PEM, secp192r1, compressed)', - 'Parse Public EC Key #3a (RFC 5480, secp224r1, compressed)', - 'Parse Public EC Key #4a (RFC 5480, secp256r1, compressed)', - 'Parse Public EC Key #5a (RFC 5480, secp384r1, compressed)', - 'Parse Public EC Key #6a (RFC 5480, secp521r1, compressed)', - 'Parse Public EC Key #7a (RFC 5480, brainpoolP256r1, compressed)', - 'Parse Public EC Key #8a (RFC 5480, brainpoolP384r1, compressed)', - 'Parse Public EC Key #9a (RFC 5480, brainpoolP512r1, compressed)', + re.compile(r'Parse EC Key .*compressed\)'), + re.compile(r'Parse Public EC Key .*compressed\)'), ], 'test_suite_asn1parse': [ - # This test depends on BIGNUM_C 'INTEGER too large for mpi', ], 'test_suite_asn1write': [ - # Following tests depends on BIGNUM_C - 'ASN.1 Write mpi 0 (1 limb)', - 'ASN.1 Write mpi 0 (null)', - 'ASN.1 Write mpi 0x100', - 'ASN.1 Write mpi 0x7f', - 'ASN.1 Write mpi 0x7f with leading 0 limb', - 'ASN.1 Write mpi 0x80', - 'ASN.1 Write mpi 0x80 with leading 0 limb', - 'ASN.1 Write mpi 0xff', - 'ASN.1 Write mpi 1', - 'ASN.1 Write mpi, 127*8 bits', - 'ASN.1 Write mpi, 127*8+1 bits', - 'ASN.1 Write mpi, 127*8-1 bits', - 'ASN.1 Write mpi, 255*8 bits', - 'ASN.1 Write mpi, 255*8-1 bits', - 'ASN.1 Write mpi, 256*8-1 bits', + re.compile(r'ASN.1 Write mpi.*'), ], 'test_suite_debug': [ - # Following tests depends on BIGNUM_C - 'Debug print mbedtls_mpi #2: 3 bits', - 'Debug print mbedtls_mpi: 0 (empty representation)', - 'Debug print mbedtls_mpi: 0 (non-empty representation)', - 'Debug print mbedtls_mpi: 49 bits', - 'Debug print mbedtls_mpi: 759 bits', - 'Debug print mbedtls_mpi: 764 bits #1', - 'Debug print mbedtls_mpi: 764 bits #2', + re.compile(r'Debug print mbedtls_mpi.*'), ], + # See ecp_light_only 'test_suite_ssl': [ 'Test configuration of groups for DHE through mbedtls_ssl_conf_curves()', ], @@ -818,32 +688,21 @@ KNOWN_TASKS = { 'component_ref': 'test_tfm_config', 'component_driver': 'test_tfm_config_p256m_driver_accel_ec', 'ignored_suites': [ - # Ignore test suites for the modules that are disabled in the - # accelerated test case. - 'ecp', - 'ecdsa', - 'ecdh', - 'ecjpake', - 'bignum_core', - 'bignum_random', - 'bignum_mod', - 'bignum_mod_raw', - 'bignum.generated', - 'bignum.misc', + # Modules replaced by drivers + 'ecp', 'ecdsa', 'ecdh', 'ecjpake', + 'bignum_core', 'bignum_random', 'bignum_mod', 'bignum_mod_raw', + 'bignum.generated', 'bignum.misc', ], 'ignored_tests': { - # Ignore all tests that require DERIVE support which is disabled - # in the driver version + # See ecp_light_only 'test_suite_random': [ 'PSA classic wrapper: ECDSA signature (SECP256R1)', ], 'test_suite_asn1parse': [ - # This test depends on BIGNUM_C 'INTEGER too large for mpi', ], 'test_suite_asn1write': [ - # Following tests depends on BIGNUM_C - re.compile('ASN.1 Write mpi.*'), + re.compile(r'ASN.1 Write mpi.*'), ], } } From 62d6131e5e78f5dabee836264c77862cb1b1d745 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 20 Oct 2023 10:51:57 +0200 Subject: [PATCH 0451/1674] analyze_outcomes: minor output fix MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/analyze_outcomes.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 641d114c1..a5340bd62 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -741,7 +741,7 @@ def main(): tasks_list = re.split(r'[, ]+', options.specified_tasks) for task in tasks_list: if task not in KNOWN_TASKS: - sys.stderr.write('invalid task: {}'.format(task)) + sys.stderr.write('invalid task: {}\n'.format(task)) sys.exit(2) KNOWN_TASKS['analyze_coverage']['args']['full_coverage'] = options.full_coverage From b26954375ff3026ef071caaac8ca023b9172f472 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 23 Oct 2023 09:30:40 +0200 Subject: [PATCH 0452/1674] analyze_outcome: work around old Python in CI MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/analyze_outcomes.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index a5340bd62..a0127be86 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -100,7 +100,9 @@ def name_matches_pattern(name, str_or_re): - If the pattern is a string, name must be equal to match. - If the pattern is a regex, name must fully match. """ - if isinstance(str_or_re, re.Pattern): + # The CI's python is too old for re.Pattern + #if isinstance(str_or_re, re.Pattern): + if not isinstance(str_or_re, str): if str_or_re.fullmatch(name): return True else: From 9d9c2344ea526312e6178fc379ec1906cf76d1cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 26 Oct 2023 09:37:40 +0200 Subject: [PATCH 0453/1674] analyze_outcome: Simplify some code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/analyze_outcomes.py | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index a0127be86..11a8cbf79 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -103,12 +103,9 @@ def name_matches_pattern(name, str_or_re): # The CI's python is too old for re.Pattern #if isinstance(str_or_re, re.Pattern): if not isinstance(str_or_re, str): - if str_or_re.fullmatch(name): - return True + return str_or_re.fullmatch(name) else: - if str_or_re == name: - return True - return False + return str_or_re == name def analyze_driver_vs_reference(results: Results, outcomes, component_ref, component_driver, From d36a37f0deecc7a309038855c1148807e9bf7fd5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 26 Oct 2023 09:41:59 +0200 Subject: [PATCH 0454/1674] analyze_outcomes: ignore patterns apply to whole suite MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This may come in handy when ignoring patterns in test_suite_cipher for example which is split in several .data files where we'll want to ignore the same patterns. Currently none of the entries had a '.' in the test suite name, so this doesn't change anything for existing entries. Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/analyze_outcomes.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 11a8cbf79..8f45dae78 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -132,7 +132,7 @@ def analyze_driver_vs_reference(results: Results, outcomes, # but issue an error if they're not (means we have a bad entry). ignored = False if full_test_suite in ignored_tests: - for str_or_re in ignored_tests[full_test_suite]: + for str_or_re in ignored_tests[test_suite]: if name_matches_pattern(test_string, str_or_re): ignored = True From 01c7356944a03756b5c686b1545830fdb4b2a685 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 27 Oct 2023 17:03:20 +0800 Subject: [PATCH 0455/1674] Add deprecated flag in document for sig_hashes Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 03a8b1f14..ed54926dc 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3751,6 +3751,8 @@ void mbedtls_ssl_conf_groups(mbedtls_ssl_config *conf, * used for certificate signature are controlled by the * verification profile, see \c mbedtls_ssl_conf_cert_profile(). * + * \deprecated Superseded by mbedtls_ssl_conf_sig_algs(). + * * \note This list should be ordered by decreasing preference * (preferred hash first). * From 24552ff84edddb1a341b828cd092ad46333f1aee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Thu, 17 Aug 2023 15:10:03 +0100 Subject: [PATCH 0456/1674] ssl-opt/run_test: Introduce -l option to list test case names MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Add an option in ssl-opt test case to list all the run_test calls and their names. This allows to show the parameters used and can make us avoid having to parse ssl-opt to look for extra parameters in the future. Signed-off-by: Tomás González --- tests/ssl-opt.sh | 39 ++++++++++++++++++++++++++++----------- 1 file changed, 28 insertions(+), 11 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0dd7fe6d3..b9380bad9 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -123,6 +123,7 @@ FILTER='.*' EXCLUDE='^$' SHOW_TEST_NUMBER=0 +LIST_TESTS=0 RUN_TEST_NUMBER='' PRESERVE_LOGS=0 @@ -140,6 +141,7 @@ print_usage() { printf " -f|--filter\tOnly matching tests are executed (substring or BRE)\n" printf " -e|--exclude\tMatching tests are excluded (substring or BRE)\n" printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n" + printf " -l|--list-tests\tList test names and exit\n" printf " -s|--show-numbers\tShow test numbers in front of test names\n" printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n" printf " --outcome-file\tFile where test outcomes are written\n" @@ -167,6 +169,9 @@ get_options() { -s|--show-numbers) SHOW_TEST_NUMBER=1 ;; + -l|--list-tests) + LIST_TESTS=1 + ;; -p|--preserve-logs) PRESERVE_LOGS=1 ;; @@ -862,9 +867,13 @@ print_name() { LINE="$LINE$1" printf "%s " "$LINE" - LEN=$(( 72 - `echo "$LINE" | wc -c` )) - for i in `seq 1 $LEN`; do printf '.'; done - printf ' ' + if [ "$LIST_TESTS" -gt 0 ]; then + printf "\n" + else + LEN=$(( 72 - `echo "$LINE" | wc -c` )) + for i in `seq 1 $LEN`; do printf '.'; done + printf ' ' + fi } @@ -1580,6 +1589,10 @@ run_test() { print_name "$NAME" + if [ "$LIST_TESTS" -gt 0 ]; then + return + fi + # Do we only run numbered tests? if [ -n "$RUN_TEST_NUMBER" ]; then case ",$RUN_TEST_NUMBER," in @@ -13375,17 +13388,21 @@ requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_max_content_len 16384 run_tests_memory_after_hanshake -# Final report +if [ "$LIST_TESTS" -eq 0 ]; then -echo "------------------------------------------------------------------------" + # Final report + + echo "------------------------------------------------------------------------" + + if [ $FAILS = 0 ]; then + printf "PASSED" + else + printf "FAILED" + fi + PASSES=$(( $TESTS - $FAILS )) + echo " ($PASSES / $TESTS tests ($SKIPS skipped))" -if [ $FAILS = 0 ]; then - printf "PASSED" -else - printf "FAILED" fi -PASSES=$(( $TESTS - $FAILS )) -echo " ($PASSES / $TESTS tests ($SKIPS skipped))" if [ $FAILS -gt 255 ]; then # Clamp at 255 as caller gets exit code & 0xFF From 754f8cd9594245ba8c3787d2a3870ca7178c4e52 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Thu, 17 Aug 2023 15:11:10 +0100 Subject: [PATCH 0457/1674] tests/check_test_cases: Use ssl-opt.sh -l option instead of parsing MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Use the newly added ssl-opt.sh -l option to list all the tests cases and their used parameters instead of having to parse the file to discover them. This avoids having to add further parsing complexity in the future as discussed in https://github.com/Mbed-TLS/mbedtls/pull/8080#issuecomment-1681064743 Signed-off-by: Tomás González --- tests/scripts/check_test_cases.py | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py index 1395d4d90..be5b834b0 100755 --- a/tests/scripts/check_test_cases.py +++ b/tests/scripts/check_test_cases.py @@ -27,6 +27,8 @@ import os import re import subprocess import sys +import subprocess + class Results: """Store file and line information about errors or warnings in test suites.""" @@ -100,17 +102,11 @@ state may override this method. def walk_ssl_opt_sh(self, file_name): """Iterate over the test cases in ssl-opt.sh or a file with a similar format.""" descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none - with open(file_name, 'rb') as file_contents: - for line_number, line in enumerate(file_contents, 1): - # Assume that all run_test calls have the same simple form - # with the test description entirely on the same line as the - # function name. - m = re.match(br'\s*run_test\s+"((?:[^\\"]|\\.)*)"', line) - if not m: - continue - description = m.group(1) - self.process_test_case(descriptions, - file_name, line_number, description) + listed = subprocess.run(['tests/ssl-opt.sh', '-l'], + capture_output=True) + listed = set(map(lambda x: x.rstrip(), listed.stdout.splitlines())) + for description in listed: + self.process_test_case(descriptions, file_name, None, description) def walk_compat_sh(self, file_name): """Iterate over the test cases compat.sh with a similar format.""" From 546fc9ce9e0dc1cd04b48fa31fd821a128377d2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Thu, 17 Aug 2023 16:56:42 +0100 Subject: [PATCH 0458/1674] Revert "Add opt-testcases into check list" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ssl-opt.sh now takes care of looking at the files in the opt-testcases subdirectory, so use ssl-opt.sh directly in walk_ssl_opt_sh(). * Revert commit f17a60f147ec3ba6a9f76da38d3802a7f9f05227. Signed-off-by: Tomás González --- tests/scripts/check_test_cases.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py index be5b834b0..96e383977 100755 --- a/tests/scripts/check_test_cases.py +++ b/tests/scripts/check_test_cases.py @@ -143,9 +143,6 @@ state may override this method. ssl_opt_sh = os.path.join(directory, 'ssl-opt.sh') if os.path.exists(ssl_opt_sh): self.walk_ssl_opt_sh(ssl_opt_sh) - for ssl_opt_file_name in glob.glob(os.path.join(directory, 'opt-testcases', - '*.sh')): - self.walk_ssl_opt_sh(ssl_opt_file_name) compat_sh = os.path.join(directory, 'compat.sh') if os.path.exists(compat_sh): self.walk_compat_sh(compat_sh) From 079eaee8ca54918f0b851692c6c57e522c97f689 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Thu, 17 Aug 2023 17:02:04 +0100 Subject: [PATCH 0459/1674] Use file_name parameter in walk_ssl_opt_sh() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Remove hardcoded file_name and use the parameter provided in the function. Signed-off-by: Tomás González --- tests/scripts/check_test_cases.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py index 96e383977..0ca0defde 100755 --- a/tests/scripts/check_test_cases.py +++ b/tests/scripts/check_test_cases.py @@ -102,7 +102,7 @@ state may override this method. def walk_ssl_opt_sh(self, file_name): """Iterate over the test cases in ssl-opt.sh or a file with a similar format.""" descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none - listed = subprocess.run(['tests/ssl-opt.sh', '-l'], + listed = subprocess.run([f'{file_name}', '-l'], capture_output=True) listed = set(map(lambda x: x.rstrip(), listed.stdout.splitlines())) for description in listed: From 970b39fb38d01dbed08bd6abd7d6224e821fb6a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Thu, 17 Aug 2023 17:07:53 +0100 Subject: [PATCH 0460/1674] tests/check_test_cases: Use subprocess.check_output instead of run MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Tomás González --- tests/scripts/check_test_cases.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py index 0ca0defde..8d7e8baf3 100755 --- a/tests/scripts/check_test_cases.py +++ b/tests/scripts/check_test_cases.py @@ -102,9 +102,8 @@ state may override this method. def walk_ssl_opt_sh(self, file_name): """Iterate over the test cases in ssl-opt.sh or a file with a similar format.""" descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none - listed = subprocess.run([f'{file_name}', '-l'], - capture_output=True) - listed = set(map(lambda x: x.rstrip(), listed.stdout.splitlines())) + listed = subprocess.check_output([f'{file_name}', '-l']) + listed = set(map(lambda x: x.rstrip(), listed.splitlines())) for description in listed: self.process_test_case(descriptions, file_name, None, description) From 3a65d6368a492234352fcb707ab00b69641e99fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Fri, 18 Aug 2023 09:45:19 +0100 Subject: [PATCH 0461/1674] Remove formatted string to make pylint happy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Tomás González --- tests/scripts/check_test_cases.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py index 8d7e8baf3..4301b3210 100755 --- a/tests/scripts/check_test_cases.py +++ b/tests/scripts/check_test_cases.py @@ -102,7 +102,7 @@ state may override this method. def walk_ssl_opt_sh(self, file_name): """Iterate over the test cases in ssl-opt.sh or a file with a similar format.""" descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none - listed = subprocess.check_output([f'{file_name}', '-l']) + listed = subprocess.check_output([file_name, '-l']) listed = set(map(lambda x: x.rstrip(), listed.splitlines())) for description in listed: self.process_test_case(descriptions, file_name, None, description) From 787428a08c94662a0c6440f029a2d06f46ab3ed0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Wed, 23 Aug 2023 15:27:19 +0100 Subject: [PATCH 0462/1674] Avoid skipping test when printing MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Tomás González --- tests/ssl-opt.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index b9380bad9..7c5db293a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1581,18 +1581,18 @@ run_test() { NAME="$1" shift 1 - if is_excluded "$NAME"; then - SKIP_NEXT="NO" - # There was no request to run the test, so don't record its outcome. - return - fi - print_name "$NAME" if [ "$LIST_TESTS" -gt 0 ]; then return fi + if is_excluded "$NAME"; then + SKIP_NEXT="NO" + # There was no request to run the test, so don't record its outcome. + return + fi + # Do we only run numbered tests? if [ -n "$RUN_TEST_NUMBER" ]; then case ",$RUN_TEST_NUMBER," in From 0e8a08a1f7fbe5c7591a9083e32908e863d674fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Wed, 23 Aug 2023 15:29:57 +0100 Subject: [PATCH 0463/1674] Get options at beginning of program MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Tomás González --- tests/ssl-opt.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 7c5db293a..62dcbacb3 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -201,6 +201,8 @@ get_options() { done } +get_options "$@" + # Read boolean configuration options from mbedtls_config.h for easy and quick # testing. Skip non-boolean options (with something other than spaces # and a comment after "#define SYMBOL"). The variable contains a @@ -1788,8 +1790,6 @@ cleanup() { # MAIN # -get_options "$@" - # Make the outcome file path relative to the original directory, not # to .../tests case "$MBEDTLS_TEST_OUTCOME_FILE" in From f162b4f497685fe0740152c8010c83ae48d17a6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Wed, 23 Aug 2023 15:31:12 +0100 Subject: [PATCH 0464/1674] Only use CONFIGS_ENABLED when not listing tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Tomás González --- tests/ssl-opt.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 62dcbacb3..05eba3d40 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -207,7 +207,11 @@ get_options "$@" # testing. Skip non-boolean options (with something other than spaces # and a comment after "#define SYMBOL"). The variable contains a # space-separated list of symbols. -CONFIGS_ENABLED=" $(echo `$P_QUERY -l` )" +if [ "$LIST_TESTS" -eq 0 ];then + CONFIGS_ENABLED=" $(echo `$P_QUERY -l` )" +else + CONFIGS_ENABLED="" +fi # Skip next test; use this macro to skip tests which are legitimate # in theory and expected to be re-introduced at some point, but # aren't expected to succeed at the moment due to problems outside From 06956a12aa83c22690004496e082d9813f6bbd2b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Wed, 23 Aug 2023 15:46:20 +0100 Subject: [PATCH 0465/1674] Skip unnecessary logic when -l option is used MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Tomás González --- tests/ssl-opt.sh | 263 +++++++++++++++++++++++++++-------------------- 1 file changed, 154 insertions(+), 109 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 05eba3d40..31114c94a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -223,6 +223,9 @@ skip_next_test() { # Check if the required configuration ($1) is enabled is_config_enabled() { + if [ "$LIST_TESTS" -gt 0 ];then + return 0; + fi case $CONFIGS_ENABLED in *" $1"[\ =]*) return 0;; *) return 1;; @@ -231,6 +234,9 @@ is_config_enabled() # skip next test if the flag is not enabled in mbedtls_config.h requires_config_enabled() { + if [ "$LIST_TESTS" -gt 0 ];then + return; + fi case $CONFIGS_ENABLED in *" $1"[\ =]*) :;; *) SKIP_NEXT="YES";; @@ -239,12 +245,18 @@ requires_config_enabled() { # skip next test if the flag is enabled in mbedtls_config.h requires_config_disabled() { + if [ "$LIST_TESTS" -gt 0 ];then + return; + fi case $CONFIGS_ENABLED in *" $1"[\ =]*) SKIP_NEXT="YES";; esac } requires_all_configs_enabled() { + if [ "$LIST_TESTS" -gt 0 ];then + return; + fi if ! $P_QUERY -all $* then SKIP_NEXT="YES" @@ -252,6 +264,9 @@ requires_all_configs_enabled() { } requires_all_configs_disabled() { + if [ "$LIST_TESTS" -gt 0 ];then + return; + fi if $P_QUERY -any $* then SKIP_NEXT="YES" @@ -259,6 +274,9 @@ requires_all_configs_disabled() { } requires_any_configs_enabled() { + if [ "$LIST_TESTS" -gt 0 ];then + return; + fi if ! $P_QUERY -any $* then SKIP_NEXT="YES" @@ -266,6 +284,9 @@ requires_any_configs_enabled() { } requires_any_configs_disabled() { + if [ "$LIST_TESTS" -gt 0 ];then + return; + fi if $P_QUERY -all $* then SKIP_NEXT="YES" @@ -290,6 +311,9 @@ TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \ MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED" requires_key_exchange_with_cert_in_tls12_or_tls13_enabled() { + if [ "$LIST_TESTS" -gt 0 ];then + return; + fi if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_2 then requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT @@ -307,10 +331,18 @@ get_config_value_or_default() { # # Note that if the configuration is not defined or is defined to nothing, # the output of this function will be an empty string. - ${P_SRV} "query_config=${1}" + if [ "$LIST_TESTS" -eq 0 ];then + ${P_SRV} "query_config=${1}" + else + echo "1" + fi + } requires_config_value_at_least() { + if [ "$LIST_TESTS" -gt 0 ];then + return; + fi VAL="$( get_config_value_or_default "$1" )" if [ -z "$VAL" ]; then # Should never happen @@ -322,6 +354,9 @@ requires_config_value_at_least() { } requires_config_value_at_most() { + if [ "$LIST_TESTS" -gt 0 ];then + return; + fi VAL=$( get_config_value_or_default "$1" ) if [ -z "$VAL" ]; then # Should never happen @@ -333,6 +368,9 @@ requires_config_value_at_most() { } requires_config_value_equals() { + if [ "$LIST_TESTS" -gt 0 ];then + return; + fi VAL=$( get_config_value_or_default "$1" ) if [ -z "$VAL" ]; then # Should never happen @@ -348,6 +386,9 @@ requires_config_value_equals() { # Inputs: # * $1: protocol version in mbedtls syntax (argument to force_version=) requires_protocol_version() { + if [ "$LIST_TESTS" -gt 0 ];then + return; + fi # Support for DTLS is detected separately in detect_dtls(). case "$1" in tls12|dtls12) requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2;; @@ -818,19 +859,20 @@ requires_not_i686() { fi } -# Calculate the input & output maximum content lengths set in the config MAX_CONTENT_LEN=16384 MAX_IN_LEN=$( get_config_value_or_default "MBEDTLS_SSL_IN_CONTENT_LEN" ) MAX_OUT_LEN=$( get_config_value_or_default "MBEDTLS_SSL_OUT_CONTENT_LEN" ) +if [ "$LIST_TESTS" -eq 0 ];then + # Calculate the input & output maximum content lengths set in the config -# Calculate the maximum content length that fits both -if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then - MAX_CONTENT_LEN="$MAX_IN_LEN" + # Calculate the maximum content length that fits both + if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then + MAX_CONTENT_LEN="$MAX_IN_LEN" + fi + if [ "$MAX_OUT_LEN" -lt "$MAX_CONTENT_LEN" ]; then + MAX_CONTENT_LEN="$MAX_OUT_LEN" + fi fi -if [ "$MAX_OUT_LEN" -lt "$MAX_CONTENT_LEN" ]; then - MAX_CONTENT_LEN="$MAX_OUT_LEN" -fi - # skip the next test if the SSL output buffer is less than 16KB requires_full_size_output_buffer() { if [ "$MAX_OUT_LEN" -ne 16384 ]; then @@ -1844,109 +1886,112 @@ else } fi -# sanity checks, avoid an avalanche of errors -P_SRV_BIN="${P_SRV%%[ ]*}" -P_CLI_BIN="${P_CLI%%[ ]*}" -P_PXY_BIN="${P_PXY%%[ ]*}" -if [ ! -x "$P_SRV_BIN" ]; then - echo "Command '$P_SRV_BIN' is not an executable file" - exit 1 -fi -if [ ! -x "$P_CLI_BIN" ]; then - echo "Command '$P_CLI_BIN' is not an executable file" - exit 1 -fi -if [ ! -x "$P_PXY_BIN" ]; then - echo "Command '$P_PXY_BIN' is not an executable file" - exit 1 -fi -if [ "$MEMCHECK" -gt 0 ]; then - if which valgrind >/dev/null 2>&1; then :; else - echo "Memcheck not possible. Valgrind not found" +if [ "$LIST_TESTS" -eq 0 ];then + + # sanity checks, avoid an avalanche of errors + P_SRV_BIN="${P_SRV%%[ ]*}" + P_CLI_BIN="${P_CLI%%[ ]*}" + P_PXY_BIN="${P_PXY%%[ ]*}" + if [ ! -x "$P_SRV_BIN" ]; then + echo "Command '$P_SRV_BIN' is not an executable file" exit 1 fi + if [ ! -x "$P_CLI_BIN" ]; then + echo "Command '$P_CLI_BIN' is not an executable file" + exit 1 + fi + if [ ! -x "$P_PXY_BIN" ]; then + echo "Command '$P_PXY_BIN' is not an executable file" + exit 1 + fi + if [ "$MEMCHECK" -gt 0 ]; then + if which valgrind >/dev/null 2>&1; then :; else + echo "Memcheck not possible. Valgrind not found" + exit 1 + fi + fi + if which $OPENSSL >/dev/null 2>&1; then :; else + echo "Command '$OPENSSL' not found" + exit 1 + fi + + # used by watchdog + MAIN_PID="$$" + + # We use somewhat arbitrary delays for tests: + # - how long do we wait for the server to start (when lsof not available)? + # - how long do we allow for the client to finish? + # (not to check performance, just to avoid waiting indefinitely) + # Things are slower with valgrind, so give extra time here. + # + # Note: without lsof, there is a trade-off between the running time of this + # script and the risk of spurious errors because we didn't wait long enough. + # The watchdog delay on the other hand doesn't affect normal running time of + # the script, only the case where a client or server gets stuck. + if [ "$MEMCHECK" -gt 0 ]; then + START_DELAY=6 + DOG_DELAY=60 + else + START_DELAY=2 + DOG_DELAY=20 + fi + + # some particular tests need more time: + # - for the client, we multiply the usual watchdog limit by a factor + # - for the server, we sleep for a number of seconds after the client exits + # see client_need_more_time() and server_needs_more_time() + CLI_DELAY_FACTOR=1 + SRV_DELAY_SECONDS=0 + + # fix commands to use this port, force IPv4 while at it + # +SRV_PORT will be replaced by either $SRV_PORT or $PXY_PORT later + # Note: Using 'localhost' rather than 127.0.0.1 here is unwise, as on many + # machines that will resolve to ::1, and we don't want ipv6 here. + P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT" + P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT" + P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}" + O_SRV="$O_SRV -accept $SRV_PORT" + O_CLI="$O_CLI -connect 127.0.0.1:+SRV_PORT" + G_SRV="$G_SRV -p $SRV_PORT" + G_CLI="$G_CLI -p +SRV_PORT" + + # Newer versions of OpenSSL have a syntax to enable all "ciphers", even + # low-security ones. This covers not just cipher suites but also protocol + # versions. It is necessary, for example, to use (D)TLS 1.0/1.1 on + # OpenSSL 1.1.1f from Ubuntu 20.04. The syntax was only introduced in + # OpenSSL 1.1.0 (21e0c1d23afff48601eb93135defddae51f7e2e3) and I can't find + # a way to discover it from -help, so check the openssl version. + case $($OPENSSL version) in + "OpenSSL 0"*|"OpenSSL 1.0"*) :;; + *) + O_CLI="$O_CLI -cipher ALL@SECLEVEL=0" + O_SRV="$O_SRV -cipher ALL@SECLEVEL=0" + ;; + esac + + if [ -n "${OPENSSL_NEXT:-}" ]; then + O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT" + O_NEXT_SRV_NO_CERT="$O_NEXT_SRV_NO_CERT -accept $SRV_PORT" + O_NEXT_SRV_EARLY_DATA="$O_NEXT_SRV_EARLY_DATA -accept $SRV_PORT" + O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT" + O_NEXT_CLI_NO_CERT="$O_NEXT_CLI_NO_CERT -connect 127.0.0.1:+SRV_PORT" + fi + + if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then + G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT" + G_NEXT_SRV_NO_CERT="$G_NEXT_SRV_NO_CERT -p $SRV_PORT" + fi + + if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then + G_NEXT_CLI="$G_NEXT_CLI -p +SRV_PORT" + G_NEXT_CLI_NO_CERT="$G_NEXT_CLI_NO_CERT -p +SRV_PORT localhost" + fi + + # Allow SHA-1, because many of our test certificates use it + P_SRV="$P_SRV allow_sha1=1" + P_CLI="$P_CLI allow_sha1=1" + fi -if which $OPENSSL >/dev/null 2>&1; then :; else - echo "Command '$OPENSSL' not found" - exit 1 -fi - -# used by watchdog -MAIN_PID="$$" - -# We use somewhat arbitrary delays for tests: -# - how long do we wait for the server to start (when lsof not available)? -# - how long do we allow for the client to finish? -# (not to check performance, just to avoid waiting indefinitely) -# Things are slower with valgrind, so give extra time here. -# -# Note: without lsof, there is a trade-off between the running time of this -# script and the risk of spurious errors because we didn't wait long enough. -# The watchdog delay on the other hand doesn't affect normal running time of -# the script, only the case where a client or server gets stuck. -if [ "$MEMCHECK" -gt 0 ]; then - START_DELAY=6 - DOG_DELAY=60 -else - START_DELAY=2 - DOG_DELAY=20 -fi - -# some particular tests need more time: -# - for the client, we multiply the usual watchdog limit by a factor -# - for the server, we sleep for a number of seconds after the client exits -# see client_need_more_time() and server_needs_more_time() -CLI_DELAY_FACTOR=1 -SRV_DELAY_SECONDS=0 - -# fix commands to use this port, force IPv4 while at it -# +SRV_PORT will be replaced by either $SRV_PORT or $PXY_PORT later -# Note: Using 'localhost' rather than 127.0.0.1 here is unwise, as on many -# machines that will resolve to ::1, and we don't want ipv6 here. -P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT" -P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT" -P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}" -O_SRV="$O_SRV -accept $SRV_PORT" -O_CLI="$O_CLI -connect 127.0.0.1:+SRV_PORT" -G_SRV="$G_SRV -p $SRV_PORT" -G_CLI="$G_CLI -p +SRV_PORT" - -# Newer versions of OpenSSL have a syntax to enable all "ciphers", even -# low-security ones. This covers not just cipher suites but also protocol -# versions. It is necessary, for example, to use (D)TLS 1.0/1.1 on -# OpenSSL 1.1.1f from Ubuntu 20.04. The syntax was only introduced in -# OpenSSL 1.1.0 (21e0c1d23afff48601eb93135defddae51f7e2e3) and I can't find -# a way to discover it from -help, so check the openssl version. -case $($OPENSSL version) in - "OpenSSL 0"*|"OpenSSL 1.0"*) :;; - *) - O_CLI="$O_CLI -cipher ALL@SECLEVEL=0" - O_SRV="$O_SRV -cipher ALL@SECLEVEL=0" - ;; -esac - -if [ -n "${OPENSSL_NEXT:-}" ]; then - O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT" - O_NEXT_SRV_NO_CERT="$O_NEXT_SRV_NO_CERT -accept $SRV_PORT" - O_NEXT_SRV_EARLY_DATA="$O_NEXT_SRV_EARLY_DATA -accept $SRV_PORT" - O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT" - O_NEXT_CLI_NO_CERT="$O_NEXT_CLI_NO_CERT -connect 127.0.0.1:+SRV_PORT" -fi - -if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then - G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT" - G_NEXT_SRV_NO_CERT="$G_NEXT_SRV_NO_CERT -p $SRV_PORT" -fi - -if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then - G_NEXT_CLI="$G_NEXT_CLI -p +SRV_PORT" - G_NEXT_CLI_NO_CERT="$G_NEXT_CLI_NO_CERT -p +SRV_PORT localhost" -fi - -# Allow SHA-1, because many of our test certificates use it -P_SRV="$P_SRV allow_sha1=1" -P_CLI="$P_CLI allow_sha1=1" - # Also pick a unique name for intermediate files SRV_OUT="srv_out.$$" CLI_OUT="cli_out.$$" From be2c66e548db0c95be7f74b38c203c48c9a84856 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Fri, 1 Sep 2023 10:34:49 +0100 Subject: [PATCH 0466/1674] ssl-opt.sh: Simplify the implementation of the -l option MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Instead of verifying if the LIST_TESTS variable has been set in every function to avoid using the P_QUERY variable and avoid calling a program that has not necessarily been compiled yet: * Define P_QUERY=":" when LIST_TESTS has been set. Signed-off-by: Tomás González --- tests/ssl-opt.sh | 37 +------------------------------------ 1 file changed, 1 insertion(+), 36 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 31114c94a..b925a0133 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -210,6 +210,7 @@ get_options "$@" if [ "$LIST_TESTS" -eq 0 ];then CONFIGS_ENABLED=" $(echo `$P_QUERY -l` )" else + P_QUERY=":" CONFIGS_ENABLED="" fi # Skip next test; use this macro to skip tests which are legitimate @@ -223,9 +224,6 @@ skip_next_test() { # Check if the required configuration ($1) is enabled is_config_enabled() { - if [ "$LIST_TESTS" -gt 0 ];then - return 0; - fi case $CONFIGS_ENABLED in *" $1"[\ =]*) return 0;; *) return 1;; @@ -234,9 +232,6 @@ is_config_enabled() # skip next test if the flag is not enabled in mbedtls_config.h requires_config_enabled() { - if [ "$LIST_TESTS" -gt 0 ];then - return; - fi case $CONFIGS_ENABLED in *" $1"[\ =]*) :;; *) SKIP_NEXT="YES";; @@ -245,18 +240,12 @@ requires_config_enabled() { # skip next test if the flag is enabled in mbedtls_config.h requires_config_disabled() { - if [ "$LIST_TESTS" -gt 0 ];then - return; - fi case $CONFIGS_ENABLED in *" $1"[\ =]*) SKIP_NEXT="YES";; esac } requires_all_configs_enabled() { - if [ "$LIST_TESTS" -gt 0 ];then - return; - fi if ! $P_QUERY -all $* then SKIP_NEXT="YES" @@ -264,9 +253,6 @@ requires_all_configs_enabled() { } requires_all_configs_disabled() { - if [ "$LIST_TESTS" -gt 0 ];then - return; - fi if $P_QUERY -any $* then SKIP_NEXT="YES" @@ -274,9 +260,6 @@ requires_all_configs_disabled() { } requires_any_configs_enabled() { - if [ "$LIST_TESTS" -gt 0 ];then - return; - fi if ! $P_QUERY -any $* then SKIP_NEXT="YES" @@ -284,9 +267,6 @@ requires_any_configs_enabled() { } requires_any_configs_disabled() { - if [ "$LIST_TESTS" -gt 0 ];then - return; - fi if $P_QUERY -all $* then SKIP_NEXT="YES" @@ -311,9 +291,6 @@ TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \ MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED" requires_key_exchange_with_cert_in_tls12_or_tls13_enabled() { - if [ "$LIST_TESTS" -gt 0 ];then - return; - fi if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_2 then requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT @@ -340,9 +317,6 @@ get_config_value_or_default() { } requires_config_value_at_least() { - if [ "$LIST_TESTS" -gt 0 ];then - return; - fi VAL="$( get_config_value_or_default "$1" )" if [ -z "$VAL" ]; then # Should never happen @@ -354,9 +328,6 @@ requires_config_value_at_least() { } requires_config_value_at_most() { - if [ "$LIST_TESTS" -gt 0 ];then - return; - fi VAL=$( get_config_value_or_default "$1" ) if [ -z "$VAL" ]; then # Should never happen @@ -368,9 +339,6 @@ requires_config_value_at_most() { } requires_config_value_equals() { - if [ "$LIST_TESTS" -gt 0 ];then - return; - fi VAL=$( get_config_value_or_default "$1" ) if [ -z "$VAL" ]; then # Should never happen @@ -386,9 +354,6 @@ requires_config_value_equals() { # Inputs: # * $1: protocol version in mbedtls syntax (argument to force_version=) requires_protocol_version() { - if [ "$LIST_TESTS" -gt 0 ];then - return; - fi # Support for DTLS is detected separately in detect_dtls(). case "$1" in tls12|dtls12) requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2;; From 37a8739e4d6c4d9a65691fdfd94f1deb9fa8991d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Fri, 1 Sep 2023 11:25:44 +0100 Subject: [PATCH 0467/1674] ssl-opt.sh: Don't affect the order at which functions are printed MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When adding the LIST_TESTS option, print_name can be called before checking if the test case should be excluded or not. Change this back to its previous state while still taking into account the LIST_TESTS option. Signed-off-by: Tomás González --- tests/ssl-opt.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index b925a0133..de4c83a11 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1594,18 +1594,18 @@ run_test() { NAME="$1" shift 1 - print_name "$NAME" - - if [ "$LIST_TESTS" -gt 0 ]; then - return - fi - if is_excluded "$NAME"; then SKIP_NEXT="NO" # There was no request to run the test, so don't record its outcome. return fi + print_name "$NAME" + + if [ "$LIST_TESTS" -gt 0 ]; then + return + fi + # Do we only run numbered tests? if [ -n "$RUN_TEST_NUMBER" ]; then case ",$RUN_TEST_NUMBER," in From 4a86da2460fba520bfd22547675af29faacd84a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Fri, 1 Sep 2023 17:41:16 +0100 Subject: [PATCH 0468/1674] check_test_cases: Unify walk_compat_sh and walk_opt_sh into one MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit walk_compat_sh and walk_opt_sh are basically the same now, so: * Merge them into one function. * Use the --list-test-cases option for both of them. * Rename this merged function as collect_from_script which seems more appropriate as since it isn't iterating the script but calling it. Signed-off-by: Tomás González --- tests/compat.sh | 8 +++---- tests/scripts/check_test_cases.py | 36 +++++++++++-------------------- tests/ssl-opt.sh | 4 ++-- 3 files changed, 19 insertions(+), 29 deletions(-) diff --git a/tests/compat.sh b/tests/compat.sh index 6506e6c09..570c8e83d 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -127,7 +127,7 @@ print_usage() { printf " \tAlso available: GnuTLS (needs v3.2.15 or higher)\n" printf " -M|--memcheck\tCheck memory leaks and errors.\n" printf " -v|--verbose\tSet verbose output.\n" - printf " --list-test-case\tList all potential test cases (No Execution)\n" + printf " -l|--list-test-cases\tList all potential test cases (No Execution)\n" printf " --outcome-file\tFile where test outcomes are written\n" printf " \t(default: \$MBEDTLS_TEST_OUTCOME_FILE, none if empty)\n" printf " --preserve-logs\tPreserve logs of successful tests as well\n" @@ -191,8 +191,8 @@ get_options() { MEMCHECK=1 ;; # Please check scripts/check_test_cases.py correspondingly - # if you have to modify option, --list-test-case - --list-test-case) + # if you have to modify option, --list-test-cases + --list-test-cases) list_test_case exit $? ;; @@ -869,7 +869,7 @@ wait_client_done() { } # uniform_title -# $TITLE is considered as test case description for both --list-test-case and +# $TITLE is considered as test case description for both --list-test-cases and # MBEDTLS_TEST_OUTCOME_FILE. This function aims to control the format of # each test case description. uniform_title() { diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py index 4301b3210..2dddf7a16 100755 --- a/tests/scripts/check_test_cases.py +++ b/tests/scripts/check_test_cases.py @@ -27,7 +27,6 @@ import os import re import subprocess import sys -import subprocess class Results: @@ -99,26 +98,18 @@ state may override this method. data_file_name, line_number, line) in_paragraph = True - def walk_ssl_opt_sh(self, file_name): - """Iterate over the test cases in ssl-opt.sh or a file with a similar format.""" + def collect_from_script(self, file_name): + """Collect the test cases in a script by calling its listing test cases +option""" descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none - listed = subprocess.check_output([file_name, '-l']) + listed = subprocess.check_output(['sh', file_name, '--list-test-cases']) + # Assume test file is responsible for printing identical format of + # test case description between --list-test-cases and its OUTCOME.CSV listed = set(map(lambda x: x.rstrip(), listed.splitlines())) - for description in listed: - self.process_test_case(descriptions, file_name, None, description) - - def walk_compat_sh(self, file_name): - """Iterate over the test cases compat.sh with a similar format.""" - descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none - compat_cmd = ['sh', file_name, '--list-test-case'] - compat_output = subprocess.check_output(compat_cmd) - # Assume compat.sh is responsible for printing identical format of - # test case description between --list-test-case and its OUTCOME.CSV - description = compat_output.strip().split(b'\n') # idx indicates the number of test case since there is no line number # in `compat.sh` for each test case. - for idx, descrip in enumerate(description): - self.process_test_case(descriptions, file_name, idx, descrip) + for idx, description in enumerate(listed): + self.process_test_case(descriptions, file_name, idx, description) @staticmethod def collect_test_directories(): @@ -139,12 +130,11 @@ state may override this method. for data_file_name in glob.glob(os.path.join(directory, 'suites', '*.data')): self.walk_test_suite(data_file_name) - ssl_opt_sh = os.path.join(directory, 'ssl-opt.sh') - if os.path.exists(ssl_opt_sh): - self.walk_ssl_opt_sh(ssl_opt_sh) - compat_sh = os.path.join(directory, 'compat.sh') - if os.path.exists(compat_sh): - self.walk_compat_sh(compat_sh) + + for sh_file in ['ssl-opt.sh', 'compat.sh']: + sh_file = os.path.join(directory, sh_file) + if os.path.exists(sh_file): + self.collect_from_script(sh_file) class TestDescriptions(TestDescriptionExplorer): """Collect the available test cases.""" diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index de4c83a11..04be26f2e 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -141,7 +141,7 @@ print_usage() { printf " -f|--filter\tOnly matching tests are executed (substring or BRE)\n" printf " -e|--exclude\tMatching tests are excluded (substring or BRE)\n" printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n" - printf " -l|--list-tests\tList test names and exit\n" + printf " -l|--list-test-cases\tList all potential test cases (No Execution)\n" printf " -s|--show-numbers\tShow test numbers in front of test names\n" printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n" printf " --outcome-file\tFile where test outcomes are written\n" @@ -169,7 +169,7 @@ get_options() { -s|--show-numbers) SHOW_TEST_NUMBER=1 ;; - -l|--list-tests) + -l|--list-test-cases) LIST_TESTS=1 ;; -p|--preserve-logs) From 38ecf9fa1e6151656c542419d2a0cb8bca182673 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Mon, 4 Sep 2023 10:23:04 +0100 Subject: [PATCH 0469/1674] check_test_cases: Avoid removing duplicated test cases MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit One of the jobs of check_test_cases is to check for duplicate test descriptions and to have them ordered: * Stop using a set to collect the different test cases from the test scripts. Signed-off-by: Tomás González --- tests/scripts/check_test_cases.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py index 2dddf7a16..4a3ecef30 100755 --- a/tests/scripts/check_test_cases.py +++ b/tests/scripts/check_test_cases.py @@ -105,11 +105,14 @@ option""" listed = subprocess.check_output(['sh', file_name, '--list-test-cases']) # Assume test file is responsible for printing identical format of # test case description between --list-test-cases and its OUTCOME.CSV - listed = set(map(lambda x: x.rstrip(), listed.splitlines())) + # # idx indicates the number of test case since there is no line number # in `compat.sh` for each test case. - for idx, description in enumerate(listed): - self.process_test_case(descriptions, file_name, idx, description) + for idx, description in enumerate(listed.splitlines()): + self.process_test_case(descriptions, + file_name, + idx, + description.rstrip()) @staticmethod def collect_test_directories(): From 12787c9ba5f573f0ccc051ead6d2347c6366119b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Mon, 4 Sep 2023 10:26:00 +0100 Subject: [PATCH 0470/1674] Remove invalid -l option from test scripts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The -l option mentioned in previous commits for both ssl-opt.sh and compat.sh scripts should only be a --list-test-cases option. Remove -l option from the help list. Signed-off-by: Tomás González --- tests/compat.sh | 2 +- tests/ssl-opt.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/compat.sh b/tests/compat.sh index 570c8e83d..f55bb0e05 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -127,7 +127,7 @@ print_usage() { printf " \tAlso available: GnuTLS (needs v3.2.15 or higher)\n" printf " -M|--memcheck\tCheck memory leaks and errors.\n" printf " -v|--verbose\tSet verbose output.\n" - printf " -l|--list-test-cases\tList all potential test cases (No Execution)\n" + printf " --list-test-cases\tList all potential test cases (No Execution)\n" printf " --outcome-file\tFile where test outcomes are written\n" printf " \t(default: \$MBEDTLS_TEST_OUTCOME_FILE, none if empty)\n" printf " --preserve-logs\tPreserve logs of successful tests as well\n" diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 04be26f2e..156e94406 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -141,9 +141,9 @@ print_usage() { printf " -f|--filter\tOnly matching tests are executed (substring or BRE)\n" printf " -e|--exclude\tMatching tests are excluded (substring or BRE)\n" printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n" - printf " -l|--list-test-cases\tList all potential test cases (No Execution)\n" printf " -s|--show-numbers\tShow test numbers in front of test names\n" printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n" + printf " --list-test-cases\tList all potential test cases (No Execution)\n" printf " --outcome-file\tFile where test outcomes are written\n" printf " \t(default: \$MBEDTLS_TEST_OUTCOME_FILE, none if empty)\n" printf " --port \tTCP/UDP port (default: randomish 1xxxx)\n" From 378e364c3c6bc1638fad25e8f0e78db90b7371bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Mon, 4 Sep 2023 10:41:37 +0100 Subject: [PATCH 0471/1674] ssl-opt.sh: Correct print format for test cases' names MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Avoid printing an extra space when using the --list-test-cases option. Signed-off-by: Tomás González --- tests/ssl-opt.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 156e94406..6644b0de0 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -879,15 +879,16 @@ print_name() { fi LINE="$LINE$1" - printf "%s " "$LINE" if [ "$LIST_TESTS" -gt 0 ]; then - printf "\n" - else - LEN=$(( 72 - `echo "$LINE" | wc -c` )) - for i in `seq 1 $LEN`; do printf '.'; done - printf ' ' + printf "%s\n" "$LINE" + return fi + printf "%s " "$LINE" + LEN=$(( 72 - `echo "$LINE" | wc -c` )) + for i in `seq 1 $LEN`; do printf '.'; done + printf ' ' + } # record_outcome [] From 51cb70434258b656a34742e9810a6b17511c5148 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Thu, 7 Sep 2023 10:21:19 +0100 Subject: [PATCH 0472/1674] Avoid using print_name when --list-test-cases is used MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Tomás González --- tests/ssl-opt.sh | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 6644b0de0..b93d439de 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -879,10 +879,6 @@ print_name() { fi LINE="$LINE$1" - if [ "$LIST_TESTS" -gt 0 ]; then - printf "%s\n" "$LINE" - return - fi printf "%s " "$LINE" LEN=$(( 72 - `echo "$LINE" | wc -c` )) @@ -1601,12 +1597,13 @@ run_test() { return fi - print_name "$NAME" - if [ "$LIST_TESTS" -gt 0 ]; then + printf "%s\n" "$NAME" return fi + print_name "$NAME" + # Do we only run numbered tests? if [ -n "$RUN_TEST_NUMBER" ]; then case ",$RUN_TEST_NUMBER," in From cfe68a0cb6f5ba882c6528034a161d7ff45d0ce9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Thu, 7 Sep 2023 10:37:50 +0100 Subject: [PATCH 0473/1674] ssl-opt.sh: Make record_outcome record the ssl-opt.sh file only MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Ignore the test suite name as file from opt-testcases cannot actually be called separately. Signed-off-by: Tomás González --- tests/ssl-opt.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index b93d439de..36753af8a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -895,7 +895,7 @@ record_outcome() { if [ -n "$MBEDTLS_TEST_OUTCOME_FILE" ]; then printf '%s;%s;%s;%s;%s;%s\n' \ "$MBEDTLS_TEST_PLATFORM" "$MBEDTLS_TEST_CONFIGURATION" \ - "${TEST_SUITE_NAME:-ssl-opt}" "$NAME" \ + "ssl-opt" "$NAME" \ "$1" "${2-}" \ >>"$MBEDTLS_TEST_OUTCOME_FILE" fi From 4fc582461ba4c09f2fb19dded82aa45bba83b325 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Wed, 20 Sep 2023 22:14:06 +0100 Subject: [PATCH 0474/1674] compat.sh: Rename list_test_case to list_test_cases MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Tomás González --- tests/compat.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/compat.sh b/tests/compat.sh index f55bb0e05..a98ed0eec 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -141,8 +141,8 @@ print_test_case() { done } -# list_test_case lists all potential test cases in compat.sh without execution -list_test_case() { +# list_test_cases lists all potential test cases in compat.sh without execution +list_test_cases() { reset_ciphersuites for TYPE in $TYPES; do add_common_ciphersuites @@ -193,7 +193,7 @@ get_options() { # Please check scripts/check_test_cases.py correspondingly # if you have to modify option, --list-test-cases --list-test-cases) - list_test_case + list_test_cases exit $? ;; --outcome-file) From 7f2cddb1aeb939972a634820243c0a243dcaadca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?= Date: Fri, 27 Oct 2023 11:45:26 +0100 Subject: [PATCH 0475/1674] check_test_cases: Minor documentation change MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Make an iteration comment generic to every file it may affect instead of making it specific a particular file. Signed-off-by: Tomás González --- tests/scripts/check_test_cases.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py index 4a3ecef30..30879d763 100755 --- a/tests/scripts/check_test_cases.py +++ b/tests/scripts/check_test_cases.py @@ -107,7 +107,7 @@ option""" # test case description between --list-test-cases and its OUTCOME.CSV # # idx indicates the number of test case since there is no line number - # in `compat.sh` for each test case. + # in the script for each test case. for idx, description in enumerate(listed.splitlines()): self.process_test_case(descriptions, file_name, From 800f2b7c020678a84abfa9688962b91c36e6693d Mon Sep 17 00:00:00 2001 From: Beniamin Sandu Date: Fri, 27 Oct 2023 16:58:00 +0100 Subject: [PATCH 0476/1674] AES-NI: use target attributes for x86 32-bit intrinsics This way we build with 32-bit gcc/clang out of the box. We also fallback to assembly for 64-bit clang-cl if needed cpu flags are not provided, instead of throwing an error. Signed-off-by: Beniamin Sandu --- library/aesni.c | 20 ++++++++++++++++++++ library/aesni.h | 8 +++++--- 2 files changed, 25 insertions(+), 3 deletions(-) diff --git a/library/aesni.c b/library/aesni.c index 57d6e090e..864d0d613 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -43,6 +43,17 @@ #include #endif +#if defined(MBEDTLS_ARCH_IS_X86) +#if defined(MBEDTLS_COMPILER_IS_GCC) +#pragma GCC push_options +#pragma GCC target ("pclmul,sse2,aes") +#define MBEDTLS_POP_TARGET_PRAGMA +#elif defined(__clang__) +#pragma clang attribute push (__attribute__((target("pclmul,sse2,aes"))), apply_to=function) +#define MBEDTLS_POP_TARGET_PRAGMA +#endif +#endif + #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) /* * AES-NI support detection routine @@ -398,6 +409,15 @@ static void aesni_setkey_enc_256(unsigned char *rk_bytes, } #endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ +#if defined(MBEDTLS_POP_TARGET_PRAGMA) +#if defined(__clang__) +#pragma clang attribute pop +#elif defined(__GNUC__) +#pragma GCC pop_options +#endif +#undef MBEDTLS_POP_TARGET_PRAGMA +#endif + #else /* MBEDTLS_AESNI_HAVE_CODE == 1 */ #if defined(__has_feature) diff --git a/library/aesni.h b/library/aesni.h index 952e13850..f007735a6 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -50,6 +50,10 @@ #if (defined(__GNUC__) || defined(__clang__)) && defined(__AES__) && defined(__PCLMUL__) #define MBEDTLS_AESNI_HAVE_INTRINSICS #endif +/* For 32-bit, we only support intrinsics */ +#if defined(MBEDTLS_ARCH_IS_X86) && (defined(__GNUC__) || defined(__clang__)) +#define MBEDTLS_AESNI_HAVE_INTRINSICS +#endif /* Choose the implementation of AESNI, if one is available. * @@ -60,13 +64,11 @@ #if defined(MBEDTLS_AESNI_HAVE_INTRINSICS) #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics #elif defined(MBEDTLS_HAVE_ASM) && \ - defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X64) + (defined(__GNUC__) || defined(__clang__)) && defined(MBEDTLS_ARCH_IS_X64) /* Can we do AESNI with inline assembly? * (Only implemented with gas syntax, only for 64-bit.) */ #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly -#elif defined(__GNUC__) || defined(__clang__) -# error "Must use `-mpclmul -msse2 -maes` for MBEDTLS_AESNI_C" #else #error "MBEDTLS_AESNI_C defined, but neither intrinsics nor assembly available" #endif From 3bca7817e512cc39d06910f6ebd60a2655cc2033 Mon Sep 17 00:00:00 2001 From: Beniamin Sandu Date: Tue, 24 Oct 2023 18:55:36 +0100 Subject: [PATCH 0477/1674] tests/scripts/all.sh: add test for 32-bit AES-NI intrinsics with clang Signed-off-by: Beniamin Sandu --- tests/scripts/all.sh | 38 +++++++++++++++++++++++++++++++++----- 1 file changed, 33 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b0b32fed5..bdd6a3fe2 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4400,8 +4400,6 @@ component_test_aesni () { # ~ 60s not grep -q "AES note: built-in implementation." ./programs/test/selftest } - - support_test_aesni_m32() { support_test_m32_o0 && (lscpu | grep -qw aes) } @@ -4417,10 +4415,10 @@ component_test_aesni_m32 () { # ~ 60s scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY scripts/config.py set MBEDTLS_HAVE_ASM - # test the intrinsics implementation - msg "AES tests, test intrinsics" + # test the intrinsics implementation with gcc + msg "AES tests, test intrinsics (gcc)" make clean - make CC=gcc CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' LDFLAGS='-m32' + make CC=gcc CFLAGS='-m32 -Werror -Wall -Wextra' LDFLAGS='-m32' # check that we built intrinsics - this should be used by default when supported by the compiler ./programs/test/selftest aes | grep "AESNI code" | grep -q "intrinsics" grep -q "AES note: using AESNI" ./programs/test/selftest @@ -4442,6 +4440,36 @@ component_test_aesni_m32 () { # ~ 60s not grep -q mbedtls_aesni_has_support ./programs/test/selftest } +support_test_aesni_m32_clang() { + support_test_aesni_m32 && if command -v clang > /dev/null ; then + # clang >= 4 is required to build with target attributes + clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" + [[ "${clang_ver}" -ge 4 ]] + else + # clang not available + false + fi +} + +component_test_aesni_m32_clang() { + + scripts/config.py set MBEDTLS_AESNI_C + scripts/config.py set MBEDTLS_PADLOCK_C + scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY + scripts/config.py set MBEDTLS_HAVE_ASM + + # test the intrinsics implementation with clang + msg "AES tests, test intrinsics (clang)" + make clean + make CC=clang CFLAGS='-m32 -Werror -Wall -Wextra' LDFLAGS='-m32' + # check that we built intrinsics - this should be used by default when supported by the compiler + ./programs/test/selftest aes | grep "AESNI code" | grep -q "intrinsics" + grep -q "AES note: using AESNI" ./programs/test/selftest + grep -q "AES note: built-in implementation." ./programs/test/selftest + grep -q "AES note: using VIA Padlock" ./programs/test/selftest + grep -q mbedtls_aesni_has_support ./programs/test/selftest +} + # For timebeing, no aarch64 gcc available in CI and no arm64 CI node. component_build_aes_aesce_armcc () { msg "Build: AESCE test on arm64 platform without plain C." From cfb23b8090611a1fa866ef489e021c5f659aedc7 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Mon, 30 Oct 2023 15:26:26 +0800 Subject: [PATCH 0478/1674] tls13: server: parse pre_shared_key only when some psk is selectable Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 2561239a0..456621b5d 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1728,9 +1728,8 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, * - The content up to but excluding the PSK extension, if present. */ /* If we've settled on a PSK-based exchange, parse PSK identity ext */ - if (mbedtls_ssl_tls13_some_psk_enabled(ssl) && - mbedtls_ssl_conf_tls13_some_psk_enabled(ssl) && - (handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(PRE_SHARED_KEY))) { + if (ssl_tls13_check_psk_key_exchange(ssl) || + ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) { ret = handshake->update_checksum(ssl, buf, pre_shared_key_ext - buf); if (0 != ret) { From 83536c23f334ec30c28ab56f99f194fca5a32e9f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 30 Oct 2023 16:17:34 +0800 Subject: [PATCH 0479/1674] Add translation ruler into document Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index ed54926dc..8a35c2b89 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3751,7 +3751,8 @@ void mbedtls_ssl_conf_groups(mbedtls_ssl_config *conf, * used for certificate signature are controlled by the * verification profile, see \c mbedtls_ssl_conf_cert_profile(). * - * \deprecated Superseded by mbedtls_ssl_conf_sig_algs(). + * \deprecated Superseded by `mbedtls_ssl_conf_sig_algs()`. See + * `mbedtls_ssl_conf_sig_algs()` also. * * \note This list should be ordered by decreasing preference * (preferred hash first). @@ -3783,7 +3784,9 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf, * \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms, * terminated by \c MBEDTLS_TLS1_3_SIG_NONE. The list must remain * available throughout the lifetime of the conf object. Supported - * values are available as \c MBEDTLS_TLS1_3_SIG_XXXX + * values are available as \c MBEDTLS_TLS1_3_SIG_XXXX . Using + * this for TLS 1.2, items in this parameter should be + * `(HashAlgorithm << 8) | SignatureAlgorithm`. */ void mbedtls_ssl_conf_sig_algs(mbedtls_ssl_config *conf, const uint16_t *sig_algs); From 9dd0cc06e56bf34fd8888d6c79ebf0503405fabd Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 18 Oct 2023 11:25:30 +0800 Subject: [PATCH 0480/1674] disable stdout in require_*_configs_* functions Signed-off-by: Jerry Yu --- tests/ssl-opt.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0dd7fe6d3..659719cf0 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -234,28 +234,28 @@ requires_config_disabled() { } requires_all_configs_enabled() { - if ! $P_QUERY -all $* + if ! $P_QUERY -all $* 2>&1 > /dev/null then SKIP_NEXT="YES" fi } requires_all_configs_disabled() { - if $P_QUERY -any $* + if $P_QUERY -any $* 2>&1 > /dev/null then SKIP_NEXT="YES" fi } requires_any_configs_enabled() { - if ! $P_QUERY -any $* + if ! $P_QUERY -any $* 2>&1 > /dev/null then SKIP_NEXT="YES" fi } requires_any_configs_disabled() { - if $P_QUERY -all $* + if $P_QUERY -all $* 2>&1 > /dev/null then SKIP_NEXT="YES" fi From 06b364fdfd9a1816abaef3de336a4c701e760b3a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 18 Oct 2023 11:22:50 +0800 Subject: [PATCH 0481/1674] fix miss sent extensions mask Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index c6fa3b390..90f54f94b 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1022,6 +1022,8 @@ int mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext( MBEDTLS_SSL_DEBUG_BUF(3, "pre_shared_key identities", buf, p - buf); + mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_PRE_SHARED_KEY); + return 0; } From cd84a290a9f47e236d9ef2033d26c03075316cfa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 27 Oct 2023 09:24:44 +0200 Subject: [PATCH 0482/1674] analyze_outcomes: use regexes for cipher/aead MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/analyze_outcomes.py | 257 +----------------------------- 1 file changed, 6 insertions(+), 251 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 8f45dae78..81e3ca37f 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -255,15 +255,7 @@ KNOWN_TASKS = { # PEM decryption is not supported so far. # The rest of PEM (write, unencrypted read) works though. 'test_suite_pem': [ - 'PEM read (AES-128-CBC + invalid iv)' - 'PEM read (DES-CBC + invalid iv)', - 'PEM read (DES-EDE3-CBC + invalid iv)', - 'PEM read (malformed PEM AES-128-CBC)', - 'PEM read (malformed PEM DES-CBC)', - 'PEM read (malformed PEM DES-EDE3-CBC)', - 'PEM read (unknown encryption algorithm)', - 'PEM read (AES-128-CBC + invalid iv)', - 'PEM read (DES-CBC + invalid iv)', + re.compile(r'PEM read .*(AES|DES|\bencrypt).*'), ], # Following tests depend on AES_C/DES_C but are not about # them really, just need to know some error code is there. @@ -278,258 +270,21 @@ KNOWN_TASKS = { # The en/decryption part of PKCS#12 is not supported so far. # The rest of PKCS#12 (key derivation) works though. 'test_suite_pkcs12': [ - 'PBE Decrypt, (Invalid padding & PKCS7 padding enabled)', - 'PBE Decrypt, pad = 7 (OK)', - 'PBE Decrypt, pad = 8 (Invalid output size)', - 'PBE Decrypt, pad = 8 (OK)', - 'PBE Encrypt, pad = 7 (OK)', - 'PBE Encrypt, pad = 8 (Invalid output size)', - 'PBE Encrypt, pad = 8 (OK)', + re.compile(r'PBE Encrypt, .*'), + re.compile(r'PBE Decrypt, .*'), ], # The en/decryption part of PKCS#5 is not supported so far. # The rest of PKCS#5 (PBKDF2) works though. 'test_suite_pkcs5': [ - 'PBES2 Decrypt (Invalid output size)', - 'PBES2 Decrypt (Invalid padding & PKCS7 padding enabled)', - 'PBES2 Decrypt (KDF != PBKDF2)', - 'PBES2 Decrypt (OK)', - 'PBES2 Decrypt (OK, PBKDF2 params explicit keylen)', - 'PBES2 Decrypt (OK, PBKDF2 params explicit prf_alg)', - 'PBES2 Decrypt (bad KDF AlgId: not a sequence)', - 'PBES2 Decrypt (bad KDF AlgId: overlong)', - 'PBES2 Decrypt (bad PBKDF2 params explicit keylen: overlong)', - 'PBES2 Decrypt (bad PBKDF2 params iter: not an int)', - 'PBES2 Decrypt (bad PBKDF2 params iter: overlong)', - 'PBES2 Decrypt (bad PBKDF2 params salt: not an octet string)', - 'PBES2 Decrypt (bad PBKDF2 params salt: overlong)', - 'PBES2 Decrypt (bad PBKDF2 params: not a sequence)', - 'PBES2 Decrypt (bad PBKDF2 params: overlong)', - 'PBES2 Decrypt (bad enc_scheme_alg params: len != iv_len)', - 'PBES2 Decrypt (bad enc_scheme_alg params: not an octet string)', - 'PBES2 Decrypt (bad enc_scheme_alg params: overlong)', - 'PBES2 Decrypt (bad enc_scheme_alg: not a sequence)', - 'PBES2 Decrypt (bad enc_scheme_alg: overlong)', - 'PBES2 Decrypt (bad enc_scheme_alg: unknown oid)', - 'PBES2 Decrypt (bad iter value)', - 'PBES2 Decrypt (bad params tag)', - 'PBES2 Decrypt (bad password)', - 'PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg != HMAC-SHA*)', - 'PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg not a sequence)', - 'PBES2 Decrypt (bad, PBKDF2 params explicit prf_alg overlong)', - 'PBES2 Decrypt (bad, PBKDF2 params extra data)', - 'PBES2 Encrypt, pad=6 (OK)', - 'PBES2 Encrypt, pad=8 (Invalid output size)', - 'PBES2 Encrypt, pad=8 (OK)', + re.compile(r'PBES2 Encrypt, .*'), + re.compile(r'PBES2 Decrypt .*'), ], # Encrypted keys are not supported so far. # pylint: disable=line-too-long 'test_suite_pkparse': [ 'Key ASN1 (Encrypted key PKCS12, trailing garbage data)', 'Key ASN1 (Encrypted key PKCS5, trailing garbage data)', - 'Parse RSA Key #20 (PKCS#8 encrypted SHA1-3DES)', - 'Parse RSA Key #20.1 (PKCS#8 encrypted SHA1-3DES, wrong PW)', - 'Parse RSA Key #20.2 (PKCS#8 encrypted SHA1-3DES, no PW)', - 'Parse RSA Key #21 (PKCS#8 encrypted SHA1-3DES, 2048-bit)', - 'Parse RSA Key #21.1 (PKCS#8 encrypted SHA1-3DES, 2048-bit, wrong PW)', - 'Parse RSA Key #21.2 (PKCS#8 encrypted SHA1-3DES, 2048-bit, no PW)', - 'Parse RSA Key #22 (PKCS#8 encrypted SHA1-3DES, 4096-bit)', - 'Parse RSA Key #22.1 (PKCS#8 encrypted SHA1-3DES, 4096-bit, wrong PW)', - 'Parse RSA Key #22.2 (PKCS#8 encrypted SHA1-3DES, 4096-bit, no PW)', - 'Parse RSA Key #23 (PKCS#8 encrypted SHA1-3DES DER)', - 'Parse RSA Key #24 (PKCS#8 encrypted SHA1-3DES DER, 2048-bit)', - 'Parse RSA Key #25 (PKCS#8 encrypted SHA1-3DES DER, 4096-bit)', - 'Parse RSA Key #26 (PKCS#8 encrypted SHA1-2DES)', - 'Parse RSA Key #26.1 (PKCS#8 encrypted SHA1-2DES, wrong PW)', - 'Parse RSA Key #26.2 (PKCS#8 encrypted SHA1-2DES, no PW)', - 'Parse RSA Key #27 (PKCS#8 encrypted SHA1-2DES, 2048-bit)', - 'Parse RSA Key #27.1 (PKCS#8 encrypted SHA1-2DES, 2048-bit, wrong PW)', - 'Parse RSA Key #27.2 (PKCS#8 encrypted SHA1-2DES, 2048-bit no PW)', - 'Parse RSA Key #28 (PKCS#8 encrypted SHA1-2DES, 4096-bit)', - 'Parse RSA Key #28.1 (PKCS#8 encrypted SHA1-2DES, 4096-bit, wrong PW)', - 'Parse RSA Key #28.2 (PKCS#8 encrypted SHA1-2DES, 4096-bit, no PW)', - 'Parse RSA Key #29 (PKCS#8 encrypted SHA1-2DES DER)', - 'Parse RSA Key #30 (PKCS#8 encrypted SHA1-2DES DER, 2048-bit)', - 'Parse RSA Key #31 (PKCS#8 encrypted SHA1-2DES DER, 4096-bit)', - 'Parse RSA Key #38 (PKCS#8 encrypted v2 PBKDF2 3DES)', - 'Parse RSA Key #38.1 (PKCS#8 encrypted v2 PBKDF2 3DES, wrong PW)', - 'Parse RSA Key #38.2 (PKCS#8 encrypted v2 PBKDF2 3DES, no PW)', - 'Parse RSA Key #39 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit)', - 'Parse RSA Key #39.1 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit, wrong PW)', - 'Parse RSA Key #39.2 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit, no PW)', - 'Parse RSA Key #40 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit)', - 'Parse RSA Key #40.1 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit, wrong PW)', - 'Parse RSA Key #40.2 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit, no PW)', - 'Parse RSA Key #41 (PKCS#8 encrypted v2 PBKDF2 3DES DER)', - 'Parse RSA Key #41.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, wrong PW)', - 'Parse RSA Key #41.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, no PW)', - 'Parse RSA Key #42 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit)', - 'Parse RSA Key #42.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit, wrong PW)', - 'Parse RSA Key #42.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit, no PW)', - 'Parse RSA Key #43 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit)', - 'Parse RSA Key #43.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit, wrong PW)', - 'Parse RSA Key #43.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit, no PW)', - 'Parse RSA Key #44 (PKCS#8 encrypted v2 PBKDF2 DES)', - 'Parse RSA Key #44.1 (PKCS#8 encrypted v2 PBKDF2 DES, wrong PW)', - 'Parse RSA Key #44.2 (PKCS#8 encrypted v2 PBKDF2 DES, no PW)', - 'Parse RSA Key #45 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit)', - 'Parse RSA Key #45.1 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit, wrong PW)', - 'Parse RSA Key #45.2 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit, no PW)', - 'Parse RSA Key #46 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit)', - 'Parse RSA Key #46.1 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit, wrong PW)', - 'Parse RSA Key #46.2 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit, no PW)', - 'Parse RSA Key #47 (PKCS#8 encrypted v2 PBKDF2 DES DER)', - 'Parse RSA Key #47.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, wrong PW)', - 'Parse RSA Key #47.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, no PW)', - 'Parse RSA Key #48 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit)', - 'Parse RSA Key #48.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit, wrong PW)', - 'Parse RSA Key #48.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit, no PW)', - 'Parse RSA Key #49 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit)', - 'Parse RSA Key #49.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit, wrong PW)', - 'Parse RSA Key #49.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit, no PW)', - 'Parse RSA Key #50 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224)', - 'Parse RSA Key #50.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, wrong PW)', - 'Parse RSA Key #50.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, no PW)', - 'Parse RSA Key #51 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit)', - 'Parse RSA Key #51.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, wrong PW)', - 'Parse RSA Key #51.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, no PW)', - 'Parse RSA Key #52 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit)', - 'Parse RSA Key #52.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, wrong PW)', - 'Parse RSA Key #52.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, no PW)', - 'Parse RSA Key #53 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER)', - 'Parse RSA Key #53.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, wrong PW)', - 'Parse RSA Key #53.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, no PW)', - 'Parse RSA Key #54 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit)', - 'Parse RSA Key #54.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, wrong PW)', - 'Parse RSA Key #54.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, no PW)', - 'Parse RSA Key #55 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit)', - 'Parse RSA Key #55.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, wrong PW)', - 'Parse RSA Key #55.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, no PW)', - 'Parse RSA Key #56 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224)', - 'Parse RSA Key #56.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, wrong PW)', - 'Parse RSA Key #56.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, no PW)', - 'Parse RSA Key #57 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit)', - 'Parse RSA Key #57.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, wrong PW)', - 'Parse RSA Key #57.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, no PW)', - 'Parse RSA Key #58 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit)', - 'Parse RSA Key #58.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, wrong PW)', - 'Parse RSA Key #58.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, no PW)', - 'Parse RSA Key #59 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER)', - 'Parse RSA Key #59.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, wrong PW)', - 'Parse RSA Key #59.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, no PW)', - 'Parse RSA Key #60 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit)', - 'Parse RSA Key #60.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, wrong PW)', - 'Parse RSA Key #60.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, no PW)', - 'Parse RSA Key #61 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit)', - 'Parse RSA Key #61.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, wrong PW)', - 'Parse RSA Key #61.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, no PW)', - 'Parse RSA Key #62 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256)', - 'Parse RSA Key #62.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, wrong PW)', - 'Parse RSA Key #62.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, no PW)', - 'Parse RSA Key #63 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit)', - 'Parse RSA Key #63.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit, wrong PW)', - 'Parse RSA Key #63.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit, no PW)', - 'Parse RSA Key #64 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit)', - 'Parse RSA Key #64.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit, wrong PW)', - 'Parse RSA Key #64.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit, no PW)', - 'Parse RSA Key #65 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER)', - 'Parse RSA Key #65.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, wrong PW)', - 'Parse RSA Key #65.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, no PW)', - 'Parse RSA Key #66 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit)', - 'Parse RSA Key #66.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit, wrong PW)', - 'Parse RSA Key #66.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit, no PW)', - 'Parse RSA Key #67 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit)', - 'Parse RSA Key #68.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit, wrong PW)', - 'Parse RSA Key #68.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit, no PW)', - 'Parse RSA Key #69 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256)', - 'Parse RSA Key #69.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, wrong PW)', - 'Parse RSA Key #69.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, no PW)', - 'Parse RSA Key #70 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit)', - 'Parse RSA Key #70.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit, wrong PW)', - 'Parse RSA Key #70.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit, no PW)', - 'Parse RSA Key #71 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit)', - 'Parse RSA Key #71.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit, wrong PW)', - 'Parse RSA Key #71.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit, no PW)', - 'Parse RSA Key #72 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER)', - 'Parse RSA Key #72.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, wrong PW)', - 'Parse RSA Key #72.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, no PW)', - 'Parse RSA Key #73 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit)', - 'Parse RSA Key #73.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit, wrong PW)', - 'Parse RSA Key #73.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit, no PW)', - 'Parse RSA Key #74 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit)', - 'Parse RSA Key #74.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit, wrong PW)', - 'Parse RSA Key #74.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit, no PW)', - 'Parse RSA Key #75 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384)', - 'Parse RSA Key #75.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, wrong PW)', - 'Parse RSA Key #75.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, no PW)', - 'Parse RSA Key #76 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit)', - 'Parse RSA Key #76.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, wrong PW)', - 'Parse RSA Key #76.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, no PW)', - 'Parse RSA Key #77 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit)', - 'Parse RSA Key #77.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, wrong PW)', - 'Parse RSA Key #77.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, no PW)', - 'Parse RSA Key #78 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER)', - 'Parse RSA Key #78.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, wrong PW)', - 'Parse RSA Key #78.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, no PW)', - 'Parse RSA Key #79 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit)', - 'Parse RSA Key #79.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, wrong PW)', - 'Parse RSA Key #79.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, no PW)', - 'Parse RSA Key #80 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit)', - 'Parse RSA Key #80.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, wrong PW)', - 'Parse RSA Key #80.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, no PW)', - 'Parse RSA Key #81 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384)', - 'Parse RSA Key #81.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, wrong PW)', - 'Parse RSA Key #81.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, no PW)', - 'Parse RSA Key #82 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit)', - 'Parse RSA Key #82.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, wrong PW)', - 'Parse RSA Key #82.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, no PW)', - 'Parse RSA Key #83 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit)', - 'Parse RSA Key #83.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, wrong PW)', - 'Parse RSA Key #83.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, no PW)', - 'Parse RSA Key #84 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER)', - 'Parse RSA Key #84.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, wrong PW)', - 'Parse RSA Key #85.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, no PW)', - 'Parse RSA Key #86 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit)', - 'Parse RSA Key #86.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, wrong PW)', - 'Parse RSA Key #86.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, no PW)', - 'Parse RSA Key #87 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit)', - 'Parse RSA Key #87.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, wrong PW)', - 'Parse RSA Key #87.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, no PW)', - 'Parse RSA Key #88 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512)', - 'Parse RSA Key #88.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, wrong PW)', - 'Parse RSA Key #88.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, no PW)', - 'Parse RSA Key #89 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit)', - 'Parse RSA Key #89.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit, wrong PW)', - 'Parse RSA Key #89.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit, no PW)', - 'Parse RSA Key #90 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit)', - 'Parse RSA Key #90.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit, wrong PW)', - 'Parse RSA Key #90.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit, no PW)', - 'Parse RSA Key #91 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER)', - 'Parse RSA Key #91.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, wrong PW)', - 'Parse RSA Key #91.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, no PW)', - 'Parse RSA Key #92 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit)', - 'Parse RSA Key #92.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit, wrong PW)', - 'Parse RSA Key #92.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit, no PW)', - 'Parse RSA Key #93 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit)', - 'Parse RSA Key #93.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit, wrong PW)', - 'Parse RSA Key #93.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit, no PW)', - 'Parse RSA Key #94 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512)', - 'Parse RSA Key #94.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, wrong PW)', - 'Parse RSA Key #94.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, no PW)', - 'Parse RSA Key #95 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit)', - 'Parse RSA Key #95.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit, wrong PW)', - 'Parse RSA Key #95.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit, no PW)', - 'Parse RSA Key #96 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit)', - 'Parse RSA Key #96.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit, wrong PW)', - 'Parse RSA Key #96.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit, no PW)', - 'Parse RSA Key #97 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER)', - 'Parse RSA Key #97.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, wrong PW)', - 'Parse RSA Key #97.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, no PW)', - 'Parse RSA Key #98 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit)', - 'Parse RSA Key #98.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit, wrong PW)', - 'Parse RSA Key #98.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit, no PW)', - 'Parse RSA Key #99 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit)', - 'Parse RSA Key #99.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit, wrong PW)', - 'Parse RSA Key #99.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit, no PW)', + re.compile(r'Parse RSA Key .*\(PKCS#8 encrypted .*\)'), ], } } From c51c411cc1228a6916c2ba44ac1135cfdca37725 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 30 Oct 2023 10:21:22 +0100 Subject: [PATCH 0483/1674] analyze_outcome: only warn on ignored tests that pass MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The previous check also warned when on tests that were already skipped in the reference config, which are not really a problem. The purpose of this "uselessly ignored" check is to make sure that the ignore list (together with the config common to driver and reference in all.sh) always correct reflects what works or doesn't in driver-only builds. For this it's enough to warn when a test is ignored but passing. The previous, stricter check, was causing issues like: Error: uselessly ignored: test_suite_pkcs12;PBE Encrypt, pad = 8 (PKCS7 padding disabled) Error: uselessly ignored: test_suite_pkcs12;PBE Decrypt, (Invalid padding & PKCS7 padding disabled) Error: uselessly ignored: test_suite_pkcs5;PBES2 Decrypt (Invalid padding & PKCS7 padding disabled) These are skipped in the reference config because is has PKCS7 padding enabled, and that's OK. Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/analyze_outcomes.py | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 81e3ca37f..80b6459cd 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -145,12 +145,10 @@ def analyze_driver_vs_reference(results: Results, outcomes, if component_ref in entry: reference_test_passed = True seen_reference_passing = True - if(reference_test_passed and not driver_test_passed): - if not ignored: - results.error("PASS -> SKIP/FAIL: {}", key) - else: - if ignored: - results.error("uselessly ignored: {}", key) + if reference_test_passed and not driver_test_passed and not ignored: + results.error("PASS -> SKIP/FAIL: {}", key) + if ignored and driver_test_passed: + results.error("uselessly ignored: {}", key) if not seen_reference_passing: results.error("no passing test in reference component: bad outcome file?") From 2c46ca3474e585ab6f0dacb6ef1245123b1d2cde Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 30 Oct 2023 17:32:20 +0800 Subject: [PATCH 0484/1674] fix various issues Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 8a35c2b89..5ebb00f7d 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3751,8 +3751,7 @@ void mbedtls_ssl_conf_groups(mbedtls_ssl_config *conf, * used for certificate signature are controlled by the * verification profile, see \c mbedtls_ssl_conf_cert_profile(). * - * \deprecated Superseded by `mbedtls_ssl_conf_sig_algs()`. See - * `mbedtls_ssl_conf_sig_algs()` also. + * \deprecated Superseded by mbedtls_ssl_conf_sig_algs(). * * \note This list should be ordered by decreasing preference * (preferred hash first). @@ -3778,7 +3777,7 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf, #endif /* !MBEDTLS_DEPRECATED_REMOVED && MBEDTLS_SSL_PROTO_TLS1_2 */ /** - * \brief Configure allowed signature algorithms for use in TLS 1.3 + * \brief Configure allowed signature algorithms * * \param conf The SSL configuration to use. * \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms, @@ -3786,7 +3785,7 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf, * available throughout the lifetime of the conf object. Supported * values are available as \c MBEDTLS_TLS1_3_SIG_XXXX . Using * this for TLS 1.2, items in this parameter should be - * `(HashAlgorithm << 8) | SignatureAlgorithm`. + * "(HashAlgorithm << 8) | SignatureAlgorithm". */ void mbedtls_ssl_conf_sig_algs(mbedtls_ssl_config *conf, const uint16_t *sig_algs); From 05c25cbaf9864622a2565f3c3a51f4b108468d46 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 30 Oct 2023 11:07:18 +0100 Subject: [PATCH 0485/1674] test_driver_extension: manage curves' acceleration the same as other PSA_WANT symbols Signed-off-by: Valerio Setti --- .../crypto_config_test_driver_extension.h | 122 +++++++++++++++--- 1 file changed, 104 insertions(+), 18 deletions(-) diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h index 0eedb8b10..d39e9c158 100644 --- a/tests/include/test/drivers/crypto_config_test_driver_extension.h +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -64,6 +64,110 @@ #endif #endif +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) +#if defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) +#undef MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 +#else +#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) +#if defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) +#undef MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 +#else +#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) +#if defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) +#undef MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 +#else +#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_MONTGOMERY_255) +#if defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) +#undef MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 +#else +#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_MONTGOMERY_448) +#if defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) +#undef MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 +#else +#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_K1_192) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_K1_224) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_K1_256) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_192) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_224) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_256) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_384) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 1 +#endif +#endif + +#if defined(PSA_WANT_ECC_SECP_R1_521) +#if defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) +#undef MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 +#else +#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 1 +#endif +#endif + #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) #if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) #undef MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA @@ -427,24 +531,6 @@ #define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1 #define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1 -#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) && \ - defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) -#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 1 -#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 1 -#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 1 -#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 1 -#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 1 -#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 1 -#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 1 -#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 1 -#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 1 -#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 1 -#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 1 -#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 1 -#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 1 -#endif - #define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1 #define MBEDTLS_PSA_ACCEL_KEY_TYPE_DES 1 From 3fe105b04221f0b0d3c3b06ecf345f9be19e73ad Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 30 Oct 2023 11:08:12 +0100 Subject: [PATCH 0486/1674] all.sh: fix test components using accelerated curves Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 83 +++++++++++++++----------------------------- 1 file changed, 28 insertions(+), 55 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b0b32fed5..1836a105c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2294,12 +2294,8 @@ component_test_psa_crypto_config_accel_ecdsa () { # Algorithms and key types to accelerate loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ - $(helper_get_psa_key_type_list "ECC")" - - # Note: Those are handled in a special way by the libtestdriver machinery, - # so we only want to include them in the accel list when building the main - # libraries, hence the use of a separate variable. - loc_curve_list="$(helper_get_psa_curve_list)" + $(helper_get_psa_key_type_list "ECC") \ + $(helper_get_psa_curve_list)" # Configure # --------- @@ -2324,7 +2320,7 @@ component_test_psa_crypto_config_accel_ecdsa () { helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" - helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + helper_libtestdriver1_make_main "$loc_accel_list" # Make sure this was not re-enabled by accident (additive config) not grep mbedtls_ecdsa_ library/ecdsa.o @@ -2341,12 +2337,8 @@ component_test_psa_crypto_config_accel_ecdh () { # Algorithms and key types to accelerate loc_accel_list="ALG_ECDH \ - $(helper_get_psa_key_type_list "ECC")" - - # Note: Those are handled in a special way by the libtestdriver machinery, - # so we only want to include them in the accel list when building the main - # libraries, hence the use of a separate variable. - loc_curve_list="$(helper_get_psa_curve_list)" + $(helper_get_psa_key_type_list "ECC") \ + $(helper_get_psa_curve_list)" # Configure # --------- @@ -2369,7 +2361,7 @@ component_test_psa_crypto_config_accel_ecdh () { helper_libtestdriver1_make_drivers "$loc_accel_list" - helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + helper_libtestdriver1_make_main "$loc_accel_list" # Make sure this was not re-enabled by accident (additive config) not grep mbedtls_ecdh_ library/ecdh.o @@ -2443,12 +2435,8 @@ component_test_psa_crypto_config_accel_pake() { msg "build: full with accelerated PAKE" loc_accel_list="ALG_JPAKE \ - $(helper_get_psa_key_type_list "ECC")" - - # Note: Those are handled in a special way by the libtestdriver machinery, - # so we only want to include them in the accel list when building the main - # libraries, hence the use of a separate variable. - loc_curve_list="$(helper_get_psa_curve_list)" + $(helper_get_psa_key_type_list "ECC") \ + $(helper_get_psa_curve_list)" # Configure # --------- @@ -2464,7 +2452,7 @@ component_test_psa_crypto_config_accel_pake() { helper_libtestdriver1_make_drivers "$loc_accel_list" - helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + helper_libtestdriver1_make_main "$loc_accel_list" # Make sure this was not re-enabled by accident (additive config) not grep mbedtls_ecjpake_init library/ecjpake.o @@ -2487,12 +2475,8 @@ component_test_psa_crypto_config_accel_ecc_some_key_types () { KEY_TYPE_ECC_PUBLIC_KEY \ KEY_TYPE_ECC_KEY_PAIR_BASIC \ KEY_TYPE_ECC_KEY_PAIR_IMPORT \ - KEY_TYPE_ECC_KEY_PAIR_EXPORT" - - # Note: Curves are handled in a special way by the libtestdriver machinery, - # so we only want to include them in the accel list when building the main - # libraries, hence the use of a separate variable. - loc_curve_list="$(helper_get_psa_curve_list)" + KEY_TYPE_ECC_KEY_PAIR_EXPORT \ + $(helper_get_psa_curve_list)" # Configure # --------- @@ -2525,7 +2509,7 @@ component_test_psa_crypto_config_accel_ecc_some_key_types () { ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" - helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + helper_libtestdriver1_make_main "$loc_accel_list" # ECP should be re-enabled but not the others not grep mbedtls_ecdh_ library/ecdh.o @@ -2554,12 +2538,6 @@ common_test_psa_crypto_config_accel_ecc_some_curves () { msg "build: crypto_full minus PK with accelerated EC algs and $desc curves" - # Algorithms and key types to accelerate - loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ - ALG_ECDH \ - ALG_JPAKE \ - $(helper_get_psa_key_type_list "ECC")" - # Note: Curves are handled in a special way by the libtestdriver machinery, # so we only want to include them in the accel list when building the main # libraries, hence the use of a separate variable. @@ -2583,6 +2561,13 @@ common_test_psa_crypto_config_accel_ecc_some_curves () { loc_curve_list=$loc_non_weierstrass_list fi + # Algorithms and key types to accelerate + loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ + ALG_ECDH \ + ALG_JPAKE \ + $(helper_get_psa_key_type_list "ECC") \ + $loc_curve_list" + # Configure # --------- @@ -2702,12 +2687,8 @@ component_test_psa_crypto_config_accel_ecc_ecp_light_only () { loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ ALG_ECDH \ ALG_JPAKE \ - $(helper_get_psa_key_type_list "ECC")" - - # Note: Those are handled in a special way by the libtestdriver machinery, - # so we only want to include them in the accel list when building the main - # libraries, hence the use of a separate variable. - loc_curve_list="$(helper_get_psa_curve_list)" + $(helper_get_psa_key_type_list "ECC") \ + $(helper_get_psa_curve_list)" # Configure # --------- @@ -2727,7 +2708,7 @@ component_test_psa_crypto_config_accel_ecc_ecp_light_only () { ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" - helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + helper_libtestdriver1_make_main "$loc_accel_list" # Make sure any built-in EC alg was not re-enabled by accident (additive config) not grep mbedtls_ecdsa_ library/ecdsa.o @@ -2810,12 +2791,8 @@ component_test_psa_crypto_config_accel_ecc_no_ecp_at_all () { loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ ALG_ECDH \ ALG_JPAKE \ - $(helper_get_psa_key_type_list "ECC")" - - # Note: Those are handled in a special way by the libtestdriver machinery, - # so we only want to include them in the accel list when building the main - # libraries, hence the use of a separate variable. - loc_curve_list="$(helper_get_psa_curve_list)" + $(helper_get_psa_key_type_list "ECC") \ + $(helper_get_psa_curve_list)" # Configure # --------- @@ -2835,7 +2812,7 @@ component_test_psa_crypto_config_accel_ecc_no_ecp_at_all () { helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" - helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + helper_libtestdriver1_make_main "$loc_accel_list" # Make sure any built-in EC alg was not re-enabled by accident (additive config) not grep mbedtls_ecdsa_ library/ecdsa.o @@ -2981,7 +2958,8 @@ common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () { loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \ ALG_ECDH \ ALG_JPAKE \ - $(helper_get_psa_key_type_list "ECC")" + $(helper_get_psa_key_type_list "ECC") \ + $(helper_get_psa_curve_list)" # Optionally we can also add DH to the list of accelerated items if [ "$test_target" = "ECC_DH" ]; then loc_accel_list="$loc_accel_list \ @@ -2989,11 +2967,6 @@ common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () { $(helper_get_psa_key_type_list "DH")" fi - # Note: Those are handled in a special way by the libtestdriver machinery, - # so we only want to include them in the accel list when building the main - # libraries, hence the use of a separate variable. - loc_curve_list="$(helper_get_psa_curve_list)" - # Configure # --------- @@ -3012,7 +2985,7 @@ common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () { helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" - helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + helper_libtestdriver1_make_main "$loc_accel_list" # Make sure any built-in EC alg was not re-enabled by accident (additive config) not grep mbedtls_ecdsa_ library/ecdsa.o From 852d26c70d268574eb621ed75a1cb5754429b2b1 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 27 Oct 2023 11:47:03 +0200 Subject: [PATCH 0487/1674] all.sh: enable SSL_TLS and SSL_TICKET in full_no_cipher with PSA_CRYPTO Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1eea025cb..b3be84c21 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1571,8 +1571,6 @@ common_test_full_no_cipher_with_psa_crypto () { scripts/config.py unset MBEDTLS_NIST_KW_C scripts/config.py unset MBEDTLS_PKCS12_C scripts/config.py unset MBEDTLS_PKCS5_C - scripts/config.py unset MBEDTLS_SSL_TLS_C - scripts/config.py unset MBEDTLS_SSL_TICKET_C make From d531dab4f6bd33f46c19903c4f94d508c6c9f429 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 27 Oct 2023 11:49:22 +0200 Subject: [PATCH 0488/1674] check_config: let SSL_TLS depend on either CIPHER_C or USE_PSA_CRYPTO TLS code already implements proper dispatching to either builtin or PSA implementations based on USE_PSA guards, so we can improve the check_config guards to reflect this. Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 1251cdfa7..7c53a238b 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -949,7 +949,8 @@ #error "MBEDTLS_SSL_ASYNC_PRIVATE defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SSL_TLS_C) && !defined(MBEDTLS_CIPHER_C) +#if defined(MBEDTLS_SSL_TLS_C) && !(defined(MBEDTLS_CIPHER_C) || \ + defined(MBEDTLS_USE_PSA_CRYPTO)) #error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites" #endif From 31ad3a14cccb8a1e416eea6d739f92136406de4c Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 27 Oct 2023 11:55:02 +0200 Subject: [PATCH 0489/1674] ssl_helpers: allow mbedtls_test_ssl_build_transforms to work without CIPHER_C A new internal function is added to get cipher's info (mode, key bits and iv len) without relying on CIPHER_C. This function is basically a lookup table used only for test purposes. Signed-off-by: Valerio Setti --- tests/src/test_helpers/ssl_helpers.c | 157 ++++++++++++++++++++++++--- 1 file changed, 140 insertions(+), 17 deletions(-) diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 5c305cb0a..072a1779b 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -1108,6 +1108,123 @@ int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, #endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_CIPHER_MODE_CBC && MBEDTLS_AES_C */ +static void mbedtls_test_ssl_cipher_info_from_type(mbedtls_cipher_type_t cipher_type, + mbedtls_cipher_mode_t *cipher_mode, + size_t *key_bits, size_t *iv_len) +{ + switch (cipher_type) { + case MBEDTLS_CIPHER_AES_128_CBC: + *cipher_mode = MBEDTLS_MODE_CBC; + *key_bits = 128; + *iv_len = 16; + break; + case MBEDTLS_CIPHER_AES_256_CBC: + *cipher_mode = MBEDTLS_MODE_CBC; + *key_bits = 256; + *iv_len = 16; + break; + case MBEDTLS_CIPHER_ARIA_128_CBC: + *cipher_mode = MBEDTLS_MODE_CBC; + *key_bits = 128; + *iv_len = 16; + break; + case MBEDTLS_CIPHER_ARIA_256_CBC: + *cipher_mode = MBEDTLS_MODE_CBC; + *key_bits = 256; + *iv_len = 16; + break; + case MBEDTLS_CIPHER_CAMELLIA_128_CBC: + *cipher_mode = MBEDTLS_MODE_CBC; + *key_bits = 128; + *iv_len = 16; + break; + case MBEDTLS_CIPHER_CAMELLIA_256_CBC: + *cipher_mode = MBEDTLS_MODE_CBC; + *key_bits = 256; + *iv_len = 16; + break; + + case MBEDTLS_CIPHER_AES_128_CCM: + *cipher_mode = MBEDTLS_MODE_CCM; + *key_bits = 128; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_AES_192_CCM: + *cipher_mode = MBEDTLS_MODE_CCM; + *key_bits = 192; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_AES_256_CCM: + *cipher_mode = MBEDTLS_MODE_CCM; + *key_bits = 256; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_CAMELLIA_128_CCM: + *cipher_mode = MBEDTLS_MODE_CCM; + *key_bits = 128; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_CAMELLIA_192_CCM: + *cipher_mode = MBEDTLS_MODE_CCM; + *key_bits = 192; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_CAMELLIA_256_CCM: + *cipher_mode = MBEDTLS_MODE_CCM; + *key_bits = 256; + *iv_len = 12; + break; + + case MBEDTLS_CIPHER_AES_128_GCM: + *cipher_mode = MBEDTLS_MODE_GCM; + *key_bits = 128; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_AES_192_GCM: + *cipher_mode = MBEDTLS_MODE_GCM; + *key_bits = 192; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_AES_256_GCM: + *cipher_mode = MBEDTLS_MODE_GCM; + *key_bits = 256; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_CAMELLIA_128_GCM: + *cipher_mode = MBEDTLS_MODE_GCM; + *key_bits = 128; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_CAMELLIA_192_GCM: + *cipher_mode = MBEDTLS_MODE_GCM; + *key_bits = 192; + *iv_len = 12; + break; + case MBEDTLS_CIPHER_CAMELLIA_256_GCM: + *cipher_mode = MBEDTLS_MODE_GCM; + *key_bits = 256; + *iv_len = 12; + break; + + case MBEDTLS_CIPHER_CHACHA20_POLY1305: + *cipher_mode = MBEDTLS_MODE_CHACHAPOLY; + *key_bits = 256; + *iv_len = 12; + break; + + case MBEDTLS_CIPHER_NULL: + *cipher_mode = MBEDTLS_MODE_STREAM; + *key_bits = 0; + *iv_len = 0; + break; + + default: + *cipher_mode = MBEDTLS_MODE_NONE; + *key_bits = 0; + *iv_len = 0; + } +} + int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, mbedtls_ssl_transform *t_out, int cipher_type, int hash_id, @@ -1116,18 +1233,22 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, size_t cid0_len, size_t cid1_len) { - mbedtls_cipher_info_t const *cipher_info; + mbedtls_cipher_mode_t cipher_mode = MBEDTLS_MODE_NONE; + size_t key_bits = 0; int ret = 0; #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_key_type_t key_type; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg; - size_t key_bits; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; #endif - size_t keylen, maclen, ivlen; +#if defined(MBEDTLS_CIPHER_C) + mbedtls_cipher_info_t const *cipher_info; +#endif + + size_t keylen, maclen, ivlen = 0; unsigned char *key0 = NULL, *key1 = NULL; unsigned char *md0 = NULL, *md1 = NULL; unsigned char iv_enc[16], iv_dec[16]; @@ -1144,15 +1265,11 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ maclen = 0; - - /* Pick cipher */ - cipher_info = mbedtls_cipher_info_from_type((mbedtls_cipher_type_t) cipher_type); - CHK(cipher_info != NULL); - CHK(mbedtls_cipher_info_get_iv_size(cipher_info) <= 16); - CHK(mbedtls_cipher_info_get_key_bitlen(cipher_info) % 8 == 0); + mbedtls_test_ssl_cipher_info_from_type((mbedtls_cipher_type_t) cipher_type, + &cipher_mode, &key_bits, &ivlen); /* Pick keys */ - keylen = mbedtls_cipher_info_get_key_bitlen(cipher_info) / 8; + keylen = key_bits / 8; /* Allocate `keylen + 1` bytes to ensure that we get * a non-NULL pointers from `mbedtls_calloc` even if * `keylen == 0` in the case of the NULL cipher. */ @@ -1161,6 +1278,12 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, memset(key0, 0x1, keylen); memset(key1, 0x2, keylen); +#if defined(MBEDTLS_CIPHER_C) + /* Pick cipher */ + cipher_info = mbedtls_cipher_info_from_type((mbedtls_cipher_type_t) cipher_type); + CHK(cipher_info != NULL); + CHK(mbedtls_cipher_info_get_iv_size(cipher_info) <= 16); + CHK(mbedtls_cipher_info_get_key_bitlen(cipher_info) % 8 == 0); #if !defined(MBEDTLS_USE_PSA_CRYPTO) /* Setup cipher contexts */ CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_enc, cipher_info) == 0); @@ -1169,7 +1292,7 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, CHK(mbedtls_cipher_setup(&t_out->cipher_ctx_dec, cipher_info) == 0); #if defined(MBEDTLS_CIPHER_MODE_CBC) - if (cipher_info->mode == MBEDTLS_MODE_CBC) { + if (cipher_mode == MBEDTLS_MODE_CBC) { CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_enc, MBEDTLS_PADDING_NONE) == 0); CHK(mbedtls_cipher_set_padding_mode(&t_in->cipher_ctx_dec, @@ -1197,12 +1320,13 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, (keylen << 3 > INT_MAX) ? INT_MAX : (int) keylen << 3, MBEDTLS_DECRYPT) == 0); -#endif +#endif /* !MBEDTLS_USE_PSA_CRYPTO */ +#endif /* MBEDTLS_CIPHER_C */ /* Setup MAC contexts */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) - if (cipher_info->mode == MBEDTLS_MODE_CBC || - cipher_info->mode == MBEDTLS_MODE_STREAM) { + if (cipher_mode == MBEDTLS_MODE_CBC || + cipher_mode == MBEDTLS_MODE_STREAM) { #if !defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_md_info_t const *md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) hash_id); CHK(md_info != NULL); @@ -1240,7 +1364,7 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, md1, maclen, &t_out->psa_mac_enc) == PSA_SUCCESS); - if (cipher_info->mode == MBEDTLS_MODE_STREAM || + if (cipher_mode == MBEDTLS_MODE_STREAM || etm == MBEDTLS_SSL_ETM_DISABLED) { /* mbedtls_ct_hmac() requires the key to be exportable */ psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT | @@ -1279,7 +1403,6 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, /* Pick IV's (regardless of whether they * are being used by the transform). */ - ivlen = mbedtls_cipher_info_get_iv_size(cipher_info); memset(iv_enc, 0x3, sizeof(iv_enc)); memset(iv_dec, 0x4, sizeof(iv_dec)); @@ -1300,7 +1423,7 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, t_out->ivlen = ivlen; t_in->ivlen = ivlen; - switch (cipher_info->mode) { + switch (cipher_mode) { case MBEDTLS_MODE_GCM: case MBEDTLS_MODE_CCM: #if defined(MBEDTLS_SSL_PROTO_TLS1_3) From bdf04e840aa35c6d2395b4e2618c6f151a807317 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 27 Oct 2023 12:02:45 +0200 Subject: [PATCH 0490/1674] ssl_server2: support ticket_aead only when CIPHER_C is defined Cipher parsing requires mbedtls_cipher_info_from_string() which depends on CIPHER_C. Signed-off-by: Valerio Setti --- programs/ssl/ssl_server2.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index c99703dd5..ccdabe47b 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -283,6 +283,7 @@ int main(void) #else #define USAGE_PSK "" #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */ + #if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) #define USAGE_CA_CALLBACK \ " ca_callback=%%d default: 0 (disabled)\n" \ @@ -290,13 +291,21 @@ int main(void) #else #define USAGE_CA_CALLBACK "" #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ + #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) +#if defined(MBEDTLS_CIPHER_C) #define USAGE_TICKETS \ " tickets=%%d default: 1 (enabled)\n" \ " ticket_rotate=%%d default: 0 (disabled)\n" \ " ticket_timeout=%%d default: 86400 (one day)\n" \ " ticket_aead=%%s default: \"AES-256-GCM\"\n" -#else +#else /* MBEDTLS_CIPHER_C */ +#define USAGE_TICKETS \ + " tickets=%%d default: 1 (enabled)\n" \ + " ticket_rotate=%%d default: 0 (disabled)\n" \ + " ticket_timeout=%%d default: 86400 (one day)\n" +#endif /* MBEDTLS_CIPHER_C */ +#else /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_TICKET_C */ #define USAGE_TICKETS "" #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_TICKET_C */ @@ -2146,14 +2155,18 @@ usage: if (opt.ticket_timeout < 0) { goto usage; } - } else if (strcmp(p, "ticket_aead") == 0) { + } else +#if defined(MBEDTLS_CIPHER_C) + if (strcmp(p, "ticket_aead") == 0) { const mbedtls_cipher_info_t *ci = mbedtls_cipher_info_from_string(q); if (ci == NULL) { goto usage; } opt.ticket_aead = mbedtls_cipher_info_get_type(ci); - } else if (strcmp(p, "cache_max") == 0) { + } else +#endif + if (strcmp(p, "cache_max") == 0) { opt.cache_max = atoi(q); if (opt.cache_max < 0) { goto usage; From dc55470341925d9187cdea2a16d6139a7c8dfff0 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 27 Oct 2023 12:12:53 +0200 Subject: [PATCH 0491/1674] ssl_context_info: add guards for CIPHER_C mbedtls_cipher_info_from_type() is only available when CIPHER_C is defined. So when it is not we just print the cipher type decimal value on the output instead of the cipher's name. Signed-off-by: Valerio Setti --- programs/ssl/ssl_context_info.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index 9744c58d5..fca6afdcb 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -559,7 +559,6 @@ void print_deserialized_ssl_session(const uint8_t *ssl, uint32_t len, if (ciphersuite_info == NULL) { printf_err("Cannot find ciphersuite info\n"); } else { - const mbedtls_cipher_info_t *cipher_info; #if defined(MBEDTLS_MD_C) const mbedtls_md_info_t *md_info; #endif @@ -567,12 +566,18 @@ void print_deserialized_ssl_session(const uint8_t *ssl, uint32_t len, printf("\tciphersuite : %s\n", ciphersuite_info->name); printf("\tcipher flags : 0x%02X\n", ciphersuite_info->flags); +#if defined(MBEDTLS_CIPHER_C) + const mbedtls_cipher_info_t *cipher_info; cipher_info = mbedtls_cipher_info_from_type(ciphersuite_info->cipher); if (cipher_info == NULL) { printf_err("Cannot find cipher info\n"); } else { printf("\tcipher : %s\n", cipher_info->name); } +#else /* MBEDTLS_CIPHER_C */ + printf("\tcipher type : %d\n", ciphersuite_info->cipher); +#endif /* MBEDTLS_CIPHER_C */ + #if defined(MBEDTLS_MD_C) md_info = mbedtls_md_info_from_type(ciphersuite_info->mac); if (md_info == NULL) { From 1ebb6cd68d633ac354dcd81ab459faf0790c4213 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 27 Oct 2023 16:44:27 +0200 Subject: [PATCH 0492/1674] ssl_misc: add internal MBEDTLS_SSL_HAVE_[AES/ARIA/CAMELLIA]_CBC symbols These are used in tests to determine whether there is support for one of those keys for CBC mode. Signed-off-by: Valerio Setti --- library/ssl_misc.h | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 2d78fd47c..ac8a2970b 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -261,6 +261,33 @@ uint32_t mbedtls_ssl_get_extension_mask(unsigned int extension_type); * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256). */ +/* Some internal helpers to determine which keys are availble for CBC mode. */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(PSA_WANT_ALG_CBC_NO_PADDING) || defined(PSA_WANT_ALG_CBC_PKCS7) +#if defined(PSA_WANT_KEY_TYPE_AES) +#define MBEDTLS_SSL_HAVE_AES_CBC +#endif +#if defined(PSA_WANT_KEY_TYPE_ARIA) +#define MBEDTLS_SSL_HAVE_ARIA_CBC +#endif +#if defined(PSA_WANT_KEY_TYPE_CAMELLIA) +#define MBEDTLS_SSL_HAVE_CAMELLIA_CBC +#endif +#endif /* PSA_WANT_ALG_CBC_NO_PADDING || PSA_WANT_ALG_CBC_PKCS7 */ +#else /* MBEDTLS_USE_PSA_CRYPTO */ +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MEDTLS_AES_C) +#define MBEDTLS_SSL_HAVE_AES_CBC +#endif +#if defined(MEDTLS_ARIA_C) +#define MBEDTLS_SSL_HAVE_ARIA_CBC +#endif +#if defined(MEDTLS_CAMELLIA_C) +#define MBEDTLS_SSL_HAVE_CAMELLIA_CBC +#endif +#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_USE_PSA_CRYPTO*/ + #if defined(MBEDTLS_SSL_PROTO_TLS1_2) /* This macro determines whether CBC is supported. */ From 74d5f23c3fca7283364b10abc82881915650f13f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 27 Oct 2023 16:45:49 +0200 Subject: [PATCH 0493/1674] test_suite_ssl: use new internal symbols in tests using CBC Signed-off-by: Valerio Setti --- tests/suites/test_suite_ssl.data | 648 +++++++++--------- tests/suites/test_suite_ssl_decrypt.misc.data | 192 +++--- 2 files changed, 420 insertions(+), 420 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index faf44e4be..029dac821 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -373,7 +373,7 @@ depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1: handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:0 Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:0 Handshake, ECDHE-ECDSA-WITH-AES-256-CCM @@ -381,11 +381,11 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAV handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:0 Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0 Handshake, PSK-WITH-AES-128-CBC-SHA -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0 DTLS Handshake, tls1_2 @@ -401,7 +401,7 @@ depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1: handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:1 DTLS Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:1 DTLS Handshake, ECDHE-ECDSA-WITH-AES-256-CCM @@ -409,11 +409,11 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAV handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:1 DTLS Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:1 DTLS Handshake, PSK-WITH-AES-128-CBC-SHA -depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_MD_CAN_SHA1:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_MD_CAN_SHA1:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":1 DTLS Handshake with serialization, tls1_2 @@ -437,39 +437,39 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE handshake_version:0:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_TLS1_3 Handshake, select RSA-WITH-AES-256-CBC-SHA256, non-opaque -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad alg -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad usage -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, bad alg -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, bad usage -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, no psk -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque @@ -541,39 +541,39 @@ depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDS handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad alg -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad usage -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_SHA_384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing alg -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing usage -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_CAMELLIA_C:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Sending app data via TLS, MFL=512 without fragmentation @@ -806,51 +806,51 @@ depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS no legacy renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS no legacy renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS no legacy renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" SSL DTLS replay: initial state, seqnum 0 @@ -962,579 +962,579 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SRV_C ssl_session_serialize_version_check:0:0:0:1:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3 Record crypt, AES-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-GCM, 1.2 @@ -1834,579 +1834,579 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-GCM, 1.2 diff --git a/tests/suites/test_suite_ssl_decrypt.misc.data b/tests/suites/test_suite_ssl_decrypt.misc.data index f663b262d..d86fad2d6 100644 --- a/tests/suites/test_suite_ssl_decrypt.misc.data +++ b/tests/suites/test_suite_ssl_decrypt.misc.data @@ -15,385 +15,385 @@ depends_on:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_null:MBEDTLS_MD_SHA384 Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-1 Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-2 Decrypt CBC !EtM, AES MD5 !trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0 Decrypt CBC !EtM, AES MD5 !trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:240 Decrypt CBC !EtM, AES MD5 !trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:1 Decrypt CBC !EtM, AES MD5 !trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:241 Decrypt CBC !EtM, AES MD5 !trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:15 Decrypt CBC !EtM, AES MD5 !trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:255 Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-1 Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-2 Decrypt CBC !EtM, AES SHA1 !trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0 Decrypt CBC !EtM, AES SHA1 !trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:240 Decrypt CBC !EtM, AES SHA1 !trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:1 Decrypt CBC !EtM, AES SHA1 !trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:241 Decrypt CBC !EtM, AES SHA1 !trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:15 Decrypt CBC !EtM, AES SHA1 !trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:255 Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-1 Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-2 Decrypt CBC !EtM, AES SHA256 !trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0 Decrypt CBC !EtM, AES SHA256 !trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:240 Decrypt CBC !EtM, AES SHA256 !trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:1 Decrypt CBC !EtM, AES SHA256 !trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:241 Decrypt CBC !EtM, AES SHA256 !trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:15 Decrypt CBC !EtM, AES SHA256 !trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:255 Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-1 Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-2 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:240 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:241 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:15 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:255 Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-1 Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-2 Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0 Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:240 Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:1 Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:241 Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:15 Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:255 Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-1 Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-2 Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0 Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:240 Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:1 Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:241 Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:15 Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:255 Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-1 Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-2 Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0 Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:240 Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:1 Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:241 Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:15 Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:255 Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-1 Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-2 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:240 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:241 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:15 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:255 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-1 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-2 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:240 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:1 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:241 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:15 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:255 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-1 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-2 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:240 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:1 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:241 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:15 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:255 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-1 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-2 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:240 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:1 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:241 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:15 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:255 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-1 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-2 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:240 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:241 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:15 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:255 From 847213120c596ba0e4460f419f7ba6d3f9dbd2e4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 27 Oct 2023 14:43:51 +0200 Subject: [PATCH 0494/1674] test_suite_psa_crypto_metadata: remove unnecessary CIPHER_C dependencies Signed-off-by: Valerio Setti --- .../test_suite_psa_crypto_metadata.data | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index b1672ec10..4a250364a 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -71,19 +71,19 @@ depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_SHA_512 hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):64:128 MAC: CBC_MAC-AES-128 -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_C +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128 MAC: CBC_MAC-AES-192 -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192 MAC: CBC_MAC-AES-256 -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:MBEDTLS_CIPHER_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256 MAC: CBC_MAC-3DES -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES:MBEDTLS_CIPHER_C +depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_DES mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192 MAC: CMAC-AES-128 @@ -107,31 +107,31 @@ depends_on:PSA_WANT_ALG_STREAM_CIPHER cipher_algorithm:PSA_ALG_STREAM_CIPHER:ALG_IS_STREAM_CIPHER Cipher: CTR -depends_on:PSA_WANT_ALG_CTR:MBEDTLS_CIPHER_C +depends_on:PSA_WANT_ALG_CTR cipher_algorithm:PSA_ALG_CTR:ALG_IS_STREAM_CIPHER Cipher: CFB -depends_on:PSA_WANT_ALG_CFB:MBEDTLS_CIPHER_C +depends_on:PSA_WANT_ALG_CFB cipher_algorithm:PSA_ALG_CFB:ALG_IS_STREAM_CIPHER Cipher: OFB -depends_on:PSA_WANT_ALG_OFB:MBEDTLS_CIPHER_C +depends_on:PSA_WANT_ALG_OFB cipher_algorithm:PSA_ALG_OFB:ALG_IS_STREAM_CIPHER Cipher: ECB-nopad -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:MBEDTLS_CIPHER_C +depends_on:PSA_WANT_ALG_ECB_NO_PADDING cipher_algorithm:PSA_ALG_ECB_NO_PADDING:0 Cipher: CBC-nopad -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:MBEDTLS_CIPHER_C +depends_on:PSA_WANT_ALG_CBC_NO_PADDING cipher_algorithm:PSA_ALG_CBC_NO_PADDING:0 Cipher: CBC-PKCS#7 -depends_on:PSA_WANT_ALG_CBC_PKCS7:MBEDTLS_CIPHER_C +depends_on:PSA_WANT_ALG_CBC_PKCS7 cipher_algorithm:PSA_ALG_CBC_PKCS7:0 Cipher: XTS -depends_on:PSA_WANT_ALG_XTS:MBEDTLS_CIPHER_C +depends_on:PSA_WANT_ALG_XTS cipher_algorithm:PSA_ALG_XTS:0 Cipher: CCM* From 467271dede1bef7f87c5d9e88581b2cf5c87a382 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 30 Oct 2023 11:40:32 +0100 Subject: [PATCH 0495/1674] ssl_misc: ignore ALG_CBC_PKCS7 for MBEDTLS_SSL_HAVE_xxx_CBC Signed-off-by: Valerio Setti --- library/ssl_misc.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index ac8a2970b..82bdc14e5 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -263,7 +263,7 @@ uint32_t mbedtls_ssl_get_extension_mask(unsigned int extension_type); /* Some internal helpers to determine which keys are availble for CBC mode. */ #if defined(MBEDTLS_USE_PSA_CRYPTO) -#if defined(PSA_WANT_ALG_CBC_NO_PADDING) || defined(PSA_WANT_ALG_CBC_PKCS7) +#if defined(PSA_WANT_ALG_CBC_NO_PADDING) #if defined(PSA_WANT_KEY_TYPE_AES) #define MBEDTLS_SSL_HAVE_AES_CBC #endif @@ -273,7 +273,7 @@ uint32_t mbedtls_ssl_get_extension_mask(unsigned int extension_type); #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) #define MBEDTLS_SSL_HAVE_CAMELLIA_CBC #endif -#endif /* PSA_WANT_ALG_CBC_NO_PADDING || PSA_WANT_ALG_CBC_PKCS7 */ +#endif /* PSA_WANT_ALG_CBC_NO_PADDING */ #else /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_CIPHER_MODE_CBC) #if defined(MEDTLS_AES_C) From 3d59ebef2c2e2d7aac84ed1658bc0a741de3fdf7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 30 Oct 2023 11:56:56 +0100 Subject: [PATCH 0496/1674] ssl_helpers: remove CIPHER_C guards in mbedtls_test_ssl_build_transforms() Use !USE_PSA_CRYPTO instead. Signed-off-by: Valerio Setti --- tests/src/test_helpers/ssl_helpers.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 072a1779b..d6267d18c 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -1242,9 +1242,7 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_algorithm_t alg; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; -#endif - -#if defined(MBEDTLS_CIPHER_C) +#else mbedtls_cipher_info_t const *cipher_info; #endif @@ -1278,13 +1276,13 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, memset(key0, 0x1, keylen); memset(key1, 0x2, keylen); -#if defined(MBEDTLS_CIPHER_C) +#if !defined(MBEDTLS_USE_PSA_CRYPTO) /* Pick cipher */ cipher_info = mbedtls_cipher_info_from_type((mbedtls_cipher_type_t) cipher_type); CHK(cipher_info != NULL); CHK(mbedtls_cipher_info_get_iv_size(cipher_info) <= 16); CHK(mbedtls_cipher_info_get_key_bitlen(cipher_info) % 8 == 0); -#if !defined(MBEDTLS_USE_PSA_CRYPTO) + /* Setup cipher contexts */ CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_enc, cipher_info) == 0); CHK(mbedtls_cipher_setup(&t_in->cipher_ctx_dec, cipher_info) == 0); @@ -1321,7 +1319,6 @@ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, MBEDTLS_DECRYPT) == 0); #endif /* !MBEDTLS_USE_PSA_CRYPTO */ -#endif /* MBEDTLS_CIPHER_C */ /* Setup MAC contexts */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) From 29daf4a36b95ea711c0cd3a53df4a8f9517b26f8 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Mon, 30 Oct 2023 17:13:30 +0800 Subject: [PATCH 0497/1674] tls13: server: fully check ticket_flags with available kex mode. We need to fully check if the provided session ticket could be used in the handshake, so that we wouldn't cause handshake failure in some cases. Here we bring f8e50a9 back. Example scenario: A client proposes to a server, that supports only the psk_ephemeral key exchange mode, two tickets, the first one is allowed only for pure PSK key exchange mode and the second one is psk_ephemeral only. We need to select the second tickets instead of the first one whose ticket_flags forbid psk_ephemeral and thus cause a handshake failure. Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 456621b5d..08ed55c3e 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -106,6 +106,10 @@ static int ssl_tls13_parse_key_exchange_modes_ext(mbedtls_ssl_context *ssl, #define SSL_TLS1_3_OFFERED_PSK_MATCH 0 #if defined(MBEDTLS_SSL_SESSION_TICKETS) +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_check_psk_key_exchange(mbedtls_ssl_context *ssl); +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_check_psk_ephemeral_key_exchange(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_offered_psks_check_identity_match_ticket( @@ -117,6 +121,8 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *ticket_buffer; + unsigned int ticket_flags; + unsigned int key_exchanges; #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t now; uint64_t age_in_s; @@ -172,13 +178,21 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( * We regard the ticket with incompatible key exchange modes as not match. */ ret = MBEDTLS_ERR_ERROR_GENERIC_ERROR; - MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, - session->ticket_flags); - if (mbedtls_ssl_tls13_check_kex_modes( - ssl, - mbedtls_ssl_session_get_ticket_flags( - session, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL))) { + MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags); + ticket_flags = mbedtls_ssl_session_get_ticket_flags( + session, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); + + key_exchanges = 0; + if ((ticket_flags & MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION) && + ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) { + key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; + } + if ((ticket_flags & MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION) && + ssl_tls13_check_psk_key_exchange(ssl)) { + key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; + } + + if (key_exchanges == 0) { MBEDTLS_SSL_DEBUG_MSG(3, ("No suitable key exchange mode")); goto exit; } From dbd1e0d986e3090b65bbf6030d9a6d0336bb031f Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 31 Oct 2023 10:08:10 +0800 Subject: [PATCH 0498/1674] tls13: add helpers to check if psk[_ephemeral] allowed by ticket Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 14 ++++++++++++++ library/ssl_tls13_server.c | 7 ++----- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 9444c29c2..b468c6ca1 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2785,6 +2785,20 @@ static inline unsigned int mbedtls_ssl_session_check_ticket_flags( return mbedtls_ssl_session_get_ticket_flags(session, flags) == 0; } +static inline unsigned int mbedtls_ssl_session_ticket_allow_psk( + mbedtls_ssl_session *session) +{ + return !mbedtls_ssl_session_check_ticket_flags(session, + MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION); +} + +static inline unsigned int mbedtls_ssl_session_ticket_allow_psk_ephemeral( + mbedtls_ssl_session *session) +{ + return !mbedtls_ssl_session_check_ticket_flags(session, + MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION); +} + static inline void mbedtls_ssl_session_set_ticket_flags( mbedtls_ssl_session *session, unsigned int flags) { diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 08ed55c3e..49324d83c 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -121,7 +121,6 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *ticket_buffer; - unsigned int ticket_flags; unsigned int key_exchanges; #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t now; @@ -179,15 +178,13 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( */ ret = MBEDTLS_ERR_ERROR_GENERIC_ERROR; MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags); - ticket_flags = mbedtls_ssl_session_get_ticket_flags( - session, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); key_exchanges = 0; - if ((ticket_flags & MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION) && + if (mbedtls_ssl_session_ticket_allow_psk_ephemeral(session) && ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) { key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; } - if ((ticket_flags & MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION) && + if (mbedtls_ssl_session_ticket_allow_psk(session) && ssl_tls13_check_psk_key_exchange(ssl)) { key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; } From f2814ff97bb79bbd7368d01b13a01e75b9f67b6d Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Fri, 27 Oct 2023 10:38:34 +0800 Subject: [PATCH 0499/1674] Move common config to common function Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 2d807205f..f84afd551 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3669,6 +3669,9 @@ component_test_psa_crypto_config_accel_aead () { # - component_test_psa_crypto_config_accel_cipher_aead # - component_test_psa_crypto_config_reference_cipher_aead common_psa_crypto_config_accel_cipher_aead() { + # Start from the crypto config (no X509 and TLS) + helper_libtestdriver1_adjust_config "crypto_full" + scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py unset MBEDTLS_NIST_KW_C } @@ -3689,9 +3692,6 @@ component_test_psa_crypto_config_accel_cipher_aead () { # Configure # --------- - # Start from the crypto config (no X509 and TLS) - helper_libtestdriver1_adjust_config "crypto_full" - common_psa_crypto_config_accel_cipher_aead # Disable the things that are being accelerated @@ -3736,8 +3736,6 @@ component_test_psa_crypto_config_accel_cipher_aead () { } component_test_psa_crypto_config_reference_cipher_aead () { - helper_libtestdriver1_adjust_config "crypto_full" - common_psa_crypto_config_accel_cipher_aead msg "test: crypto config with non-accelerated cipher and AEAD" From 78657d0c1d0afaeca859bcbc6f77062d8253cecb Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Fri, 27 Oct 2023 11:00:32 +0800 Subject: [PATCH 0500/1674] Change base config to full minus SSL Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f84afd551..5154663bc 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3669,8 +3669,11 @@ component_test_psa_crypto_config_accel_aead () { # - component_test_psa_crypto_config_accel_cipher_aead # - component_test_psa_crypto_config_reference_cipher_aead common_psa_crypto_config_accel_cipher_aead() { - # Start from the crypto config (no X509 and TLS) - helper_libtestdriver1_adjust_config "crypto_full" + # Start from the full config + helper_libtestdriver1_adjust_config "full" + + # For time being, we don't support SSL module. + scripts/config.py unset MBEDTLS_SSL_TLS_C scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py unset MBEDTLS_NIST_KW_C From b67b47425ed1163a3c44bd6ca526b83b44901367 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 31 Oct 2023 17:10:32 +0800 Subject: [PATCH 0501/1674] Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT Signed-off-by: Yanray Wang --- ChangeLog.d/add-cipher-encrypt-only.txt | 2 +- include/mbedtls/aes.h | 8 +- include/mbedtls/aria.h | 4 +- include/mbedtls/camellia.h | 4 +- include/mbedtls/check_config.h | 4 +- include/mbedtls/config_adjust_legacy_crypto.h | 6 +- library/aes.c | 18 +-- library/aesce.c | 8 +- library/aesce.h | 4 +- library/aesni.c | 10 +- library/aesni.h | 4 +- library/aria.c | 8 +- library/camellia.c | 8 +- library/cipher.c | 2 +- library/cipher_wrap.c | 42 +++---- library/cipher_wrap.h | 2 +- programs/pkey/dh_client.c | 4 +- tests/suites/test_suite_aes.function | 6 +- tests/suites/test_suite_aria.function | 2 +- tests/suites/test_suite_camellia.function | 2 +- tests/suites/test_suite_cipher.aes.data | 116 +++++++++--------- 21 files changed, 132 insertions(+), 132 deletions(-) diff --git a/ChangeLog.d/add-cipher-encrypt-only.txt b/ChangeLog.d/add-cipher-encrypt-only.txt index 434c294d2..d56c08da3 100644 --- a/ChangeLog.d/add-cipher-encrypt-only.txt +++ b/ChangeLog.d/add-cipher-encrypt-only.txt @@ -1,7 +1,7 @@ Features * Add support to remove xxx_setkey_dec and xxx_decrypt for cipher type of AES, ARIA, CAMELLIA and DES. This is achieved by implicitly enabling - MBEDTLS_CIPHER_ENCRYPT_ONLY when + MBEDTLS_BLOCK_CIPHER_NO_DECRYPT when - ECB and CBC cipher modes are not requested via the PSA API. - ECB, CBC, XTS and KW are not enabled in the legacy API. - DES is not requested in the PSA API and the legacy API. diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 0780ece3b..c53f817c1 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -167,7 +167,7 @@ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits); -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) /** * \brief This function sets the decryption key. * @@ -186,7 +186,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits); -#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ #if defined(MBEDTLS_CIPHER_MODE_XTS) /** @@ -606,7 +606,7 @@ int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16]); -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) /** * \brief Internal AES block decryption function. This is only * exposed to allow overriding it using see @@ -622,7 +622,7 @@ MBEDTLS_CHECK_RETURN_TYPICAL int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16]); -#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ #if defined(MBEDTLS_SELF_TEST) /** diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h index e725ea044..2750840d1 100644 --- a/include/mbedtls/aria.h +++ b/include/mbedtls/aria.h @@ -110,7 +110,7 @@ int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx, const unsigned char *key, unsigned int keybits); -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) /** * \brief This function sets the decryption key. * @@ -129,7 +129,7 @@ int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx, int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx, const unsigned char *key, unsigned int keybits); -#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ /** * \brief This function performs an ARIA single-block encryption or diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h index 74a8e3434..f9e488dcc 100644 --- a/include/mbedtls/camellia.h +++ b/include/mbedtls/camellia.h @@ -93,7 +93,7 @@ int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx, const unsigned char *key, unsigned int keybits); -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) /** * \brief Perform a CAMELLIA key schedule operation for decryption. * @@ -109,7 +109,7 @@ int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx, int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx, const unsigned char *key, unsigned int keybits); -#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ /** * \brief Perform a CAMELLIA-ECB block encryption/decryption operation. diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 5de8eb334..c580bf792 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -183,12 +183,12 @@ #error "MBEDTLS_NIST_KW_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) && \ +#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) && \ (!defined(MBEDTLS_PSA_CRYPTO_CONFIG) || \ (defined(MBEDTLS_CIPHER_MODE_CBC) || \ defined(MBEDTLS_CIPHER_MODE_XTS) || \ defined(MBEDTLS_NIST_KW_C))) -#error "MBEDTLS_CIPHER_ENCRYPT_ONLY defined, but not all prerequisites" +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT defined, but not all prerequisites" #endif #if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 2ac522e47..677772126 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -36,11 +36,11 @@ /* * ECB, CBC, XTS, KW modes require both ENCRYPT and DECRYPT directions. - * MBEDTLS_CIPHER_ENCRYPT_ONLY is only enabled when those modes + * MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is only enabled when those modes * are not requested via the PSA API and are not enabled in the legacy API. * * DES only supports ECB and CBC modes in Mbed TLS. As it's a deprecated and - * insecure block cipher, MBEDTLS_CIPHER_ENCRYPT_ONLY is enabled when DES + * insecure block cipher, MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is enabled when DES * is not requested via the PSA API and is not enabled in the legacy API. * * Note: XTS, KW are not yet supported via the PSA API in Mbed TLS. @@ -54,7 +54,7 @@ !defined(MBEDTLS_CIPHER_MODE_XTS) && \ !defined(MBEDTLS_DES_C) && \ !defined(MBEDTLS_NIST_KW_C) -#define MBEDTLS_CIPHER_ENCRYPT_ONLY 1 +#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 1 #endif #endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ diff --git a/library/aes.c b/library/aes.c index f0a3dc909..940ea0296 100644 --- a/library/aes.c +++ b/library/aes.c @@ -67,7 +67,7 @@ #include "mbedtls/platform.h" #if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) && \ - !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) + !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) #define MBEDTLS_AES_NEED_REVERSE_TABLES #endif @@ -691,7 +691,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, /* * AES key schedule (decryption) */ -#if !defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits) { @@ -760,7 +760,7 @@ exit: return ret; } -#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT && !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT && !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ #if defined(MBEDTLS_CIPHER_MODE_XTS) static int mbedtls_aes_xts_decode_keys(const unsigned char *key, @@ -949,7 +949,7 @@ int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx, /* * AES-ECB block decryption */ -#if !defined(MBEDTLS_AES_DECRYPT_ALT) && !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_AES_DECRYPT_ALT) && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16]) @@ -1006,7 +1006,7 @@ int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, return 0; } -#endif /* !MBEDTLS_AES_DECRYPT_ALT && !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* !MBEDTLS_AES_DECRYPT_ALT && !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ /* VIA Padlock and our intrinsics-based implementation of AESNI require * the round keys to be aligned on a 16-byte boundary. We take care of this @@ -1061,7 +1061,7 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, #endif #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) if (mode == MBEDTLS_AES_ENCRYPT) { return mbedtls_internal_aes_encrypt(ctx, input, output); } else { @@ -1496,7 +1496,7 @@ exit: * * http://csrc.nist.gov/archive/aes/rijndael/rijndael-vals.zip */ -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) static const unsigned char aes_test_ecb_dec[][16] = { { 0x44, 0x41, 0x6A, 0xC2, 0xD1, 0xF5, 0x3C, 0x58, @@ -1901,7 +1901,7 @@ int mbedtls_aes_self_test(int verbose) mbedtls_printf(" AES-ECB-%3u (%s): ", keybits, (mode == MBEDTLS_AES_DECRYPT) ? "dec" : "enc"); } -#if defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) if (mode == MBEDTLS_AES_DECRYPT) { if (verbose != 0) { mbedtls_printf("skipped\n"); @@ -1912,7 +1912,7 @@ int mbedtls_aes_self_test(int verbose) memset(buf, 0, 16); -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) if (mode == MBEDTLS_AES_DECRYPT) { ret = mbedtls_aes_setkey_dec(&ctx, key, keybits); aes_tests = aes_test_ecb_dec[u]; diff --git a/library/aesce.c b/library/aesce.c index 46449084a..79c02e367 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -199,7 +199,7 @@ rounds_10: /* Two rounds of AESCE decryption */ #define AESCE_DECRYPT_ROUND_X2 AESCE_DECRYPT_ROUND; AESCE_DECRYPT_ROUND -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) static uint8x16_t aesce_decrypt_block(uint8x16_t block, unsigned char *keys, int rounds) @@ -244,7 +244,7 @@ int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx, uint8x16_t block = vld1q_u8(&input[0]); unsigned char *keys = (unsigned char *) (ctx->buf + ctx->rk_offset); -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) if (mode == MBEDTLS_AES_ENCRYPT) { block = aesce_encrypt_block(block, keys, ctx->nr); } else { @@ -253,7 +253,7 @@ int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx, #else (void) mode; block = aesce_encrypt_block(block, keys, ctx->nr); -#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ vst1q_u8(&output[0], block); return 0; @@ -262,7 +262,7 @@ int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx, /* * Compute decryption round keys from encryption round keys */ -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) void mbedtls_aesce_inverse_key(unsigned char *invkey, const unsigned char *fwdkey, int nr) diff --git a/library/aesce.h b/library/aesce.h index 25d2b41a7..bda376d51 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -99,7 +99,7 @@ void mbedtls_aesce_gcm_mult(unsigned char c[16], const unsigned char b[16]); -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) /** * \brief Internal round key inversion. This function computes * decryption round keys from the encryption round keys. @@ -111,7 +111,7 @@ void mbedtls_aesce_gcm_mult(unsigned char c[16], void mbedtls_aesce_inverse_key(unsigned char *invkey, const unsigned char *fwdkey, int nr); -#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ /** * \brief Internal key expansion for encryption diff --git a/library/aesni.c b/library/aesni.c index f7c99df51..0c509acc0 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -93,7 +93,7 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, ++rk; --nr; -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) if (mode == MBEDTLS_AES_ENCRYPT) { while (nr != 0) { state = _mm_aesenc_si128(state, *rk); @@ -118,7 +118,7 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, --nr; } state = _mm_aesenclast_si128(state, *rk); -#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ memcpy(output, &state, 16); return 0; @@ -228,7 +228,7 @@ void mbedtls_aesni_gcm_mult(unsigned char c[16], /* * Compute decryption round keys from encryption round keys */ -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) void mbedtls_aesni_inverse_key(unsigned char *invkey, const unsigned char *fwdkey, int nr) { @@ -468,7 +468,7 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, "jnz 1b \n\t" "movdqu (%1), %%xmm1 \n\t" // load round key AESENCLAST(xmm1_xmm0) // last round -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) "jmp 3f \n\t" "2: \n\t" // decryption loop @@ -606,7 +606,7 @@ void mbedtls_aesni_gcm_mult(unsigned char c[16], /* * Compute decryption round keys from encryption round keys */ -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) void mbedtls_aesni_inverse_key(unsigned char *invkey, const unsigned char *fwdkey, int nr) { diff --git a/library/aesni.h b/library/aesni.h index d1bfaf6ef..7708c443a 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -129,7 +129,7 @@ void mbedtls_aesni_gcm_mult(unsigned char c[16], const unsigned char a[16], const unsigned char b[16]); -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) /** * \brief Internal round key inversion. This function computes * decryption round keys from the encryption round keys. @@ -144,7 +144,7 @@ void mbedtls_aesni_gcm_mult(unsigned char c[16], void mbedtls_aesni_inverse_key(unsigned char *invkey, const unsigned char *fwdkey, int nr); -#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ /** * \brief Internal key expansion for encryption diff --git a/library/aria.c b/library/aria.c index 0bd489e68..f09ffe7b2 100644 --- a/library/aria.c +++ b/library/aria.c @@ -425,7 +425,7 @@ int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx, /* * Set decryption key */ -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx, const unsigned char *key, unsigned int keybits) { @@ -455,7 +455,7 @@ int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx, return 0; } -#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ /* * Encrypt a block @@ -886,12 +886,12 @@ int mbedtls_aria_self_test(int verbose) /* test ECB decryption */ if (verbose) { mbedtls_printf(" ARIA-ECB-%d (dec): ", 128 + 64 * i); -#if defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) mbedtls_printf("skipped\n"); #endif } -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) mbedtls_aria_setkey_dec(&ctx, aria_test1_ecb_key, 128 + 64 * i); mbedtls_aria_crypt_ecb(&ctx, aria_test1_ecb_ct[i], blk); ARIA_SELF_TEST_ASSERT( diff --git a/library/camellia.c b/library/camellia.c index 634978294..122700be7 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -411,7 +411,7 @@ int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx, /* * Camellia key schedule (decryption) */ -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx, const unsigned char *key, unsigned int keybits) @@ -457,7 +457,7 @@ exit: return ret; } -#endif /* !MBEDTLS_CIPHER_ENCRYPT_ONLY */ +#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ /* * Camellia-ECB block encryption/decryption @@ -902,7 +902,7 @@ int mbedtls_camellia_self_test(int verbose) (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc"); } -#if defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) if (v == MBEDTLS_CAMELLIA_DECRYPT) { if (verbose != 0) { mbedtls_printf("skipped\n"); @@ -914,7 +914,7 @@ int mbedtls_camellia_self_test(int verbose) for (i = 0; i < CAMELLIA_TESTS_ECB; i++) { memcpy(key, camellia_test_ecb_key[u][i], 16 + 8 * u); -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) if (v == MBEDTLS_CAMELLIA_DECRYPT) { mbedtls_camellia_setkey_dec(&ctx, key, 128 + u * 64); memcpy(src, camellia_test_ecb_cipher[u][i], 16); diff --git a/library/cipher.c b/library/cipher.c index 823987bf8..60c13a9f7 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -386,7 +386,7 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, ctx->key_bitlen = key_bitlen; ctx->operation = operation; -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) /* * For OFB, CFB and CTR mode always use the encryption key schedule */ diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 3bdfa951f..b44ca9c3b 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -238,7 +238,7 @@ static int aes_crypt_xts_wrap(void *ctx, mbedtls_operation_t operation, } #endif /* MBEDTLS_CIPHER_MODE_XTS */ -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) static int aes_setkey_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { @@ -293,7 +293,7 @@ static const mbedtls_cipher_base_t aes_info = { NULL, #endif aes_setkey_enc_wrap, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) aes_setkey_dec_wrap, #endif aes_ctx_alloc, @@ -603,7 +603,7 @@ static const mbedtls_cipher_base_t gcm_aes_info = { NULL, #endif gcm_aes_setkey_wrap, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) gcm_aes_setkey_wrap, #endif gcm_ctx_alloc, @@ -676,7 +676,7 @@ static const mbedtls_cipher_base_t ccm_aes_info = { NULL, #endif ccm_aes_setkey_wrap, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) ccm_aes_setkey_wrap, #endif ccm_ctx_alloc, @@ -795,7 +795,7 @@ static int camellia_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off, } #endif /* MBEDTLS_CIPHER_MODE_CTR */ -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) static int camellia_setkey_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { @@ -851,7 +851,7 @@ static const mbedtls_cipher_base_t camellia_info = { NULL, #endif camellia_setkey_enc_wrap, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) camellia_setkey_dec_wrap, #endif camellia_ctx_alloc, @@ -1026,7 +1026,7 @@ static const mbedtls_cipher_base_t gcm_camellia_info = { NULL, #endif gcm_camellia_setkey_wrap, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) gcm_camellia_setkey_wrap, #endif gcm_ctx_alloc, @@ -1097,7 +1097,7 @@ static const mbedtls_cipher_base_t ccm_camellia_info = { NULL, #endif ccm_camellia_setkey_wrap, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) ccm_camellia_setkey_wrap, #endif ccm_ctx_alloc, @@ -1213,7 +1213,7 @@ static int aria_crypt_ctr_wrap(void *ctx, size_t length, size_t *nc_off, } #endif /* MBEDTLS_CIPHER_MODE_CTR */ -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) static int aria_setkey_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { @@ -1269,7 +1269,7 @@ static const mbedtls_cipher_base_t aria_info = { NULL, #endif aria_setkey_enc_wrap, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) aria_setkey_dec_wrap, #endif aria_ctx_alloc, @@ -1444,7 +1444,7 @@ static const mbedtls_cipher_base_t gcm_aria_info = { NULL, #endif gcm_aria_setkey_wrap, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) gcm_aria_setkey_wrap, #endif gcm_ctx_alloc, @@ -1515,7 +1515,7 @@ static const mbedtls_cipher_base_t ccm_aria_info = { NULL, #endif ccm_aria_setkey_wrap, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) ccm_aria_setkey_wrap, #endif ccm_ctx_alloc, @@ -1625,7 +1625,7 @@ static int des3_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t } #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) static int des_setkey_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { @@ -1643,7 +1643,7 @@ static int des_setkey_enc_wrap(void *ctx, const unsigned char *key, return mbedtls_des_setkey_enc((mbedtls_des_context *) ctx, key); } -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) static int des3_set2key_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { @@ -1661,7 +1661,7 @@ static int des3_set2key_enc_wrap(void *ctx, const unsigned char *key, return mbedtls_des3_set2key_enc((mbedtls_des3_context *) ctx, key); } -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) static int des3_set3key_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { @@ -1740,7 +1740,7 @@ static const mbedtls_cipher_base_t des_info = { NULL, #endif des_setkey_enc_wrap, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) des_setkey_dec_wrap, #endif des_ctx_alloc, @@ -1793,7 +1793,7 @@ static const mbedtls_cipher_base_t des_ede_info = { NULL, #endif des3_set2key_enc_wrap, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) des3_set2key_dec_wrap, #endif des3_ctx_alloc, @@ -1846,7 +1846,7 @@ static const mbedtls_cipher_base_t des_ede3_info = { NULL, #endif des3_set3key_enc_wrap, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) des3_set3key_dec_wrap, #endif des3_ctx_alloc, @@ -1949,7 +1949,7 @@ static const mbedtls_cipher_base_t chacha20_base_info = { chacha20_stream_wrap, #endif chacha20_setkey_wrap, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) chacha20_setkey_wrap, #endif chacha20_ctx_alloc, @@ -2026,7 +2026,7 @@ static const mbedtls_cipher_base_t chachapoly_base_info = { NULL, #endif chachapoly_setkey_wrap, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) chachapoly_setkey_wrap, #endif chachapoly_ctx_alloc, @@ -2096,7 +2096,7 @@ static const mbedtls_cipher_base_t null_base_info = { null_crypt_stream, #endif null_setkey, -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) null_setkey, #endif null_ctx_alloc, diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h index 2cbc21671..bf1291da4 100644 --- a/library/cipher_wrap.h +++ b/library/cipher_wrap.h @@ -93,7 +93,7 @@ struct mbedtls_cipher_base_t { int (*setkey_enc_func)(void *ctx, const unsigned char *key, unsigned int key_bitlen); -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) /** Set key for decryption purposes */ int (*setkey_dec_func)(void *ctx, const unsigned char *key, unsigned int key_bitlen); diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 9dd38bc6e..0d4172bb1 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -57,10 +57,10 @@ int main(void) mbedtls_exit(0); } -#elif defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#elif defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) int main(void) { - mbedtls_printf("MBEDTLS_CIPHER_ENCRYPT_ONLY implicitly defined.\n"); + mbedtls_printf("MBEDTLS_BLOCK_CIPHER_NO_DECRYPT implicitly defined.\n"); mbedtls_exit(0); } #else diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index 2aa27d320..2ca3f7f20 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -6,7 +6,7 @@ * master, enc and dec must be AES context objects. They don't need to * be initialized, and are left freed. */ -#if !defined(MBEDTLS_CIPHER_ENCRYPT_ONLY) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) static int test_copy(const data_t *key, mbedtls_aes_context *master, mbedtls_aes_context *enc, @@ -88,7 +88,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:!MBEDTLS_CIPHER_ENCRYPT_ONLY */ +/* BEGIN_CASE depends_on:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ void aes_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst, int setkey_result) { @@ -525,7 +525,7 @@ void aes_misc_params() } /* END_CASE */ -/* BEGIN_CASE depends_on:!MBEDTLS_CIPHER_ENCRYPT_ONLY */ +/* BEGIN_CASE depends_on:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ void aes_ecb_copy_context(data_t *key) { /* We test context copying multiple times, with different alignments diff --git a/tests/suites/test_suite_aria.function b/tests/suites/test_suite_aria.function index ab1ce00ec..f1748d114 100644 --- a/tests/suites/test_suite_aria.function +++ b/tests/suites/test_suite_aria.function @@ -86,7 +86,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:!MBEDTLS_CIPHER_ENCRYPT_ONLY */ +/* BEGIN_CASE depends_on:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ void aria_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *expected_output, int setkey_result) { diff --git a/tests/suites/test_suite_camellia.function b/tests/suites/test_suite_camellia.function index 8454c5ffe..6930679f2 100644 --- a/tests/suites/test_suite_camellia.function +++ b/tests/suites/test_suite_camellia.function @@ -67,7 +67,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:!MBEDTLS_CIPHER_ENCRYPT_ONLY */ +/* BEGIN_CASE depends_on:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ void camellia_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst, int setkey_result) { diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data index 11a723b27..99a662b83 100644 --- a/tests/suites/test_suite_cipher.aes.data +++ b/tests/suites/test_suite_cipher.aes.data @@ -1595,47 +1595,47 @@ depends_on:MBEDTLS_AES_C test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"fffffffffffffffffffffffff8000000":"2ca8209d63274cd9a29bb74bcd77683a":0 AES-128-ECB Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"db4f1aa530967d6732ce4715eb0ee24b":"ff000000000000000000000000000000":0 AES-128-ECB Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"a81738252621dd180a34f3455b4baa2f":"ff800000000000000000000000000000":0 AES-128-ECB Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"77e2b508db7fd89234caf7939ee5621a":"ffc00000000000000000000000000000":0 AES-128-ECB Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"dc43be40be0e53712f7e2bf5ca707209":"6a118a874519e64e9963798a503f1d35":0 AES-128-ECB Decrypt NIST KAT #5 -depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"92beedab1895a94faa69b632e5cc47ce":"cb9fceec81286ca3e989bd979b0cb284":0 AES-128-ECB Decrypt NIST KAT #6 -depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"459264f4798f6a78bacb89c15ed3d601":"b26aeb1874e47ca8358ff22378f09144":0 AES-128-ECB Decrypt NIST KAT #7 -depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"b69418a85332240dc82492353956ae0c":"a303d940ded8f0baff6f75414cac5243":"00000000000000000000000000000000":0 AES-128-ECB Decrypt NIST KAT #8 -depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"71b5c08a1993e1362e4d0ce9b22b78d5":"c2dabd117f8a3ecabfbb11d12194d9d0":"00000000000000000000000000000000":0 AES-128-ECB Decrypt NIST KAT #9 -depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"e234cdca2606b81f29408d5f6da21206":"fff60a4740086b3b9c56195b98d91a7b":"00000000000000000000000000000000":0 AES-128-ECB Decrypt NIST KAT #10 -depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff0000000000000000":"84be19e053635f09f2665e7bae85b42d":"00000000000000000000000000000000":0 AES-128-ECB Decrypt NIST KAT #11 -depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff8000000000000000":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0 AES-192-ECB Encrypt NIST KAT #1 @@ -1687,51 +1687,51 @@ depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffffe00000000000000000000":"00000000000000000000000000000000":"fd5548bcf3f42565f7efa94562528d46":0 AES-192-ECB Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff000000000000000":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff800000000000000":"1b9f5fbd5e8a4264c0a85b80409afa5e":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffc00000000000000":"30dab809f85a917fe924733f424ac589":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #5 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"b0ab0a6a818baef2d11fa33eac947284fb7d748cfb75e570":"d2eafd86f63b109b91f5dbb3a3fb7e13":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #6 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"ee053aa011c8b428cdcc3636313c54d6a03cac01c71579d6":"9b9fdd1c5975655f539998b306a324af":"00000000000000000000000000000000":0 AES-192-ECB Decrypt NIST KAT #7 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0 AES-192-ECB Decrypt NIST KAT #8 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"c9b8135ff1b5adc413dfd053b21bd96d":"9c2d8842e5f48f57648205d39a239af1":0 AES-192-ECB Decrypt NIST KAT #9 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"4a3650c3371ce2eb35e389a171427440":"bff52510095f518ecca60af4205444bb":0 AES-192-ECB Decrypt NIST KAT #10 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0 AES-192-ECB Decrypt NIST KAT #11 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"a6cae46fb6fadfe7a2c302a34242817b":"ffffffffffffffffffffe00000000000":0 AES-192-ECB Decrypt NIST KAT #12 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"026a7024d6a902e0b3ffccbaa910cc3f":"fffffffffffffffffffff00000000000":0 AES-256-ECB Encrypt NIST KAT #1 @@ -1783,51 +1783,51 @@ depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffffe000000000000000000000000000":"00000000000000000000000000000000":"dcf4e129136c1a4b7a0f38935cc34b2b":0 AES-256-ECB Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff80000000000000000":"6168b00ba7859e0970ecfd757efecf7c":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffffc0000000000000000":"d1415447866230d28bb1ea18a4cdfd02":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #5 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"797f8b3d176dac5b7e34a2d539c4ef367a16f8635f6264737591c5c07bf57a3e":"a74289fe73a4c123ca189ea1e1b49ad5":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #6 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"6838d40caf927749c13f0329d331f448e202c73ef52c5f73a37ca635d4c47707":"b91d4ea4488644b56cf0812fa7fcf5fc":"00000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #7 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0 AES-256-ECB Decrypt NIST KAT #8 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"38f2c7ae10612415d27ca190d27da8b4":"8a560769d605868ad80d819bdba03771":0 AES-256-ECB Decrypt NIST KAT #9 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"1bc704f1bce135ceb810341b216d7abe":"91fbef2d15a97816060bee1feaa49afe":0 AES-256-ECB Decrypt NIST KAT #10 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #11 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"0a6bdc6d4c1e6280301fd8e97ddbe601":"c0000000000000000000000000000000":0 AES-256-ECB Decrypt NIST KAT #12 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"9b80eefb7ebe2d2b16247aa0efc72f5d":"e0000000000000000000000000000000":0 AES-128-ECB crypt Encrypt NIST KAT #1 @@ -1843,15 +1843,15 @@ depends_on:MBEDTLS_AES_C test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"ffffffffffffffc00000000000000000":"3a4d354f02bb5a5e47d39666867f246a":0:0 AES-128-ECB crypt Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"db4f1aa530967d6732ce4715eb0ee24b":"ff000000000000000000000000000000":0:0 AES-128-ECB crypt Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"b69418a85332240dc82492353956ae0c":"":"a303d940ded8f0baff6f75414cac5243":"00000000000000000000000000000000":0:0 AES-128-ECB crypt Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff8000000000000000":"":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0:0 AES-192-ECB crypt Encrypt NIST KAT #1 @@ -1871,19 +1871,19 @@ depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffff800000000000000000000":"":"00000000000000000000000000000000":"8dd274bd0f1b58ae345d9e7233f9b8f3":0:0 AES-192-ECB crypt Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff000000000000000":"":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0:0 AES-192-ECB crypt Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0:0 AES-192-ECB crypt Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:0 AES-192-ECB crypt Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0:0 AES-256-ECB crypt Encrypt NIST KAT #1 @@ -1903,19 +1903,19 @@ depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffff8000000000000000000000000000":"":"00000000000000000000000000000000":"45d089c36d5c5a4efc689e3b0de10dd5":0:0 AES-256-ECB crypt Decrypt NIST KAT #1 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0:0 AES-256-ECB crypt Decrypt NIST KAT #2 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0:0 AES-256-ECB crypt Decrypt NIST KAT #3 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0:0 AES-256-ECB crypt Decrypt NIST KAT #4 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:0 AES-128-CBC crypt Encrypt NIST KAT #1 @@ -2127,19 +2127,19 @@ depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES: test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:1 AES-128-ECB crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0:1 AES-128-ECB crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0:1 AES-128-ECB crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0:1 AES-128-ECB crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:1 AES-192-ECB crypt Encrypt NIST KAT #1 PSA @@ -2159,19 +2159,19 @@ depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES: test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:1 AES-192-ECB crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:1 AES-192-ECB crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:1 AES-192-ECB crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:1 AES-192-ECB crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:1 AES-256-ECB crypt Encrypt NIST KAT #1 PSA @@ -2191,19 +2191,19 @@ depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES: test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:1 AES-256-ECB crypt Decrypt NIST KAT #1 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:1 AES-256-ECB crypt Decrypt NIST KAT #2 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:1 AES-256-ECB crypt Decrypt NIST KAT #3 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:1 AES-256-ECB crypt Decrypt NIST KAT #4 PSA -depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_CIPHER_ENCRYPT_ONLY +depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_DEPRECATED:PSA_WANT_KEY_TYPE_AES:PSA_WANT_ALG_ECB_NO_PADDING:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:1 AES-128-CCM*-NO-TAG crypt Encrypt NIST VPT AES-128 #15 From 2151ba55f620ad1801609abbde0f587d595b4d6c Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 31 Oct 2023 18:12:04 +0800 Subject: [PATCH 0502/1674] test_suite_x509write: use plaintext key file Some test cases are using encrypted key file, thus have dependency on low-level block cipher modules (e.g. AES). This commit adds unencrypted key file so that we could get rid of those dependencies. Signed-off-by: Pengyu Lv --- tests/data_files/Makefile | 5 +- tests/data_files/test-ca_unenc.key | 27 +++++++ tests/suites/test_suite_x509write.data | 100 ++++++++++++------------- 3 files changed, 81 insertions(+), 51 deletions(-) create mode 100644 tests/data_files/test-ca_unenc.key diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 21ca489c1..51a5d7e20 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -38,12 +38,15 @@ all_final := # files used by tests test_ca_crt = test-ca.crt test_ca_key_file_rsa = test-ca.key +test_ca_key_file_rsa_unenc = test-ca_unenc.key test_ca_pwd_rsa = PolarSSLTest test_ca_config_file = test-ca.opensslconf $(test_ca_key_file_rsa): $(OPENSSL) genrsa -aes-128-cbc -passout pass:$(test_ca_pwd_rsa) -out $@ 2048 -all_final += $(test_ca_key_file_rsa) +$(test_ca_key_file_rsa_unenc): $(test_ca_key_file_rsa) + $(OPENSSL) rsa -passin pass:$(test_ca_pwd_rsa) -in $< -out $@ +all_final += $(test_ca_key_file_rsa) $(test_ca_key_file_rsa_unenc) test-ca.req.sha256: $(test_ca_key_file_rsa) $(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_rsa) password=$(test_ca_pwd_rsa) subject_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" md=SHA256 diff --git a/tests/data_files/test-ca_unenc.key b/tests/data_files/test-ca_unenc.key new file mode 100644 index 000000000..2941bbedd --- /dev/null +++ b/tests/data_files/test-ca_unenc.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAwN83/Be74JadP4beljJ9RKUWoM0h8ZnU7OrLfBhYCJSl7JvF +i98aHpk4mYcee8CNOd84XXB4B9Oe2ZPouXJRxc6jMFKp8udAcBTLRKJyC8LlQPk+ +5aYOs/nsSmPAuCkAdJxXO6ilBJBx8b2D2T/WpeI8Ko/vJ2DDxp/LuuxgfbfmhDK+ +T/tYJiIDW9S01fv145YucMDkLr38Lu7iQVXANC59JHJpy0exFECDfWf0hvYxq/F5 +pLK1LhL5hBfwYm8nPhNYsVQNIZpzN6Ewz2+S3Pbp/KzbLijRfgJLI6AV8jhlZAnq +DG6OGxegccizm8mr6cPyz4eWj4ACMp6ZWG+i1QIDAQABAoIBAD/3B9M0b9vJN7eE +3DdF4WOtuLZ1scc1tHcqW3f5fuDBo9G3y6lawYfaWvoX5NU4A95omIHstfIqjeks +86blMhd/M4HoOHLVnPpO+yb1FQuvhGarAuAY1ZF81o/JS3YIKx2BaDDh+nBsE04Q +AzU+xcpYIIohGDigD+3Eu0Vv9YRbsM9OnVgTazU1aaHSxPLBSAQgUblrpF2lS4SI +Q0iZLLukl9bWGPbsXNExScnyjwtN7wkC/n39u68rg5QixKc+ZvXgV9zy7Sw+gXR2 +HpZvdB4yDhQx0HTw9Ae9w9EiwqiVkgZ/QwKRvN0jAYmUIERk9R1n0o/oaaUpJeZQ +nOPpy3UCgYEA4ik+qmvVWR6c5kfVttfj8Y6e6YNfEJ9j7AREzD/42ToX4E/+2E3N +RlR0vwrEZ5yn2IllTP1YKkcP9De2VbAd7ac5/E+jxHU6o5inRfVmy3xl+4Aj5v/9 +mR+Oa/9ek2bfbG/D9jgu/2m1rK67xnEWa9D4Itn4onIg0uI6cEveqy8CgYEA2lGb +uLIqFHVYQI0ncPoxSLAgITT6TFeoEYjzp64h6bYr0c2n+NgMinYiNUTOPyUpg315 +pzHW7LK/2jS29rI783haBIMzPqLigYIT1DUXY5uexI2RTAN3x3Fb7oNt1XiI9ix5 +wkq0eZBwv980VpZx4w5okbzqyzPAvkXX/DD9ATsCgYEA0p8qtzgZxxeVc3iu9ct1 +g38ZS8uG+0oVmrYXBEkHjfZmSgb2BaffZoI8/7YdV4kzX5wFdX/zXdw0ZXKFIqQU +G0HD5NCeadXrOHRwQ9zZUOSXbXPW+8in+rTCxJ1dDNWfebNUwrdsPX3LLfjE83ha +Myq4DG0G+vJi00LQvchKpQ0CgYEA1KmQFd6/LMSNnfuhwuSD43llItO3SWxNlB8i +sWDnOgCxOKKrD7RsqueeNON8QHhTsvkj6qCa6mDIj6av3ykJSwYeMa0X2tjR6TOr +WxgIW4f4pR/9u9zY7ZdX5MNz1vCeAaabSI56tLvliJHFKt9LutCLPgOXdy9HflEM +rmWN3ocCgYAgJA/Sr8IoO5cgspJJ6wloQLK+0cODlDQ41snsNAn5QW1cQpT3BPwy +OWm8HPs+YZjAgNg2R8Ntwi7ngSoXNGQwTpa7Jha5QTb+itZTfKrsOUJQ7+OzASgy +ym31mh6fN77+OCAikYzNlQLyTW8atEPwGd9lwJLnnS8J5+xpqMKPDQ== +-----END RSA PRIVATE KEY----- diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 0f190286b..28cef301c 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -59,100 +59,100 @@ depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0 Certificate write check Server1 SHA1 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.crt":0:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, not before 1970 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"19700210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"19700210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, not after 2050 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, not before 1970, not after 2050 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"19700210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"19700210144406":"20500210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, not before 2050, not after 2059 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20500210144406":"20590210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20500210144406":"20590210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, key_usage -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:"NULL":0:0:1:-1:"data_files/server1.key_usage.crt":0:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:"NULL":0:0:1:-1:"data_files/server1.key_usage.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, one ext_key_usage -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:"serverAuth":0:0:1:-1:"data_files/server1.key_ext_usage.crt":0:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:"serverAuth":0:0:1:-1:"data_files/server1.key_ext_usage.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, two ext_key_usages -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:"codeSigning,timeStamping":0:0:1:-1:"data_files/server1.key_ext_usages.crt":0:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:"codeSigning,timeStamping":0:0:1:-1:"data_files/server1.key_ext_usages.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, ns_cert_type -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, version 1 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, CA -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.ca.crt":0:1:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.ca.crt":0:1:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, RSA_ALT -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:0:-1:"data_files/server1.noauthid.crt":1:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:0:-1:"data_files/server1.noauthid.crt":1:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, RSA_ALT, key_usage -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:"NULL":0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:"NULL":0:0:0:-1:"data_files/server1.key_usage_noauthid.crt":1:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, RSA_ALT, ns_cert_type -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:0:-1:"data_files/server1.cert_type_noauthid.crt":1:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, RSA_ALT, version 1 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:0:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":1:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, RSA_ALT, CA -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:0:-1:"data_files/server1.ca_noauthid.crt":1:1:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:0:-1:"data_files/server1.ca_noauthid.crt":1:1:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, Opaque -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.crt":2:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.crt":2:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, Opaque, key_usage -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:"NULL":0:0:1:-1:"data_files/server1.key_usage.crt":2:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION | MBEDTLS_X509_KU_KEY_ENCIPHERMENT:1:"NULL":0:0:1:-1:"data_files/server1.key_usage.crt":2:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, Opaque, ns_cert_type -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":2:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":MBEDTLS_X509_NS_CERT_TYPE_SSL_SERVER:1:1:-1:"data_files/server1.cert_type.crt":2:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, Opaque, version 1 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":2:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:MBEDTLS_X509_CRT_VERSION_1:"data_files/server1.v1.crt":2:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, Opaque, CA -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.ca.crt":2:1:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5:MBEDTLS_USE_PSA_CRYPTO +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.ca.crt":2:1:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, Full length serial -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"112233445566778899aabbccddeeff0011223344":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.long_serial.crt":0:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"112233445566778899aabbccddeeff0011223344":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.long_serial.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, Serial starting with 0x80 -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"8011223344":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.80serial.crt":0:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"8011223344":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.80serial.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server1 SHA1, All 0xFF full length serial -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5 -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"ffffffffffffffffffffffffffffffff":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.long_serial_FF.crt":0:0:"data_files/test-ca.crt":0 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"ffffffffffffffffffffffffffffffff":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.long_serial_FF.crt":0:0:"data_files/test-ca.crt":0 Certificate write check Server5 ECDSA depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_ECP_HAVE_SECP256R1 @@ -163,8 +163,8 @@ depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECDSA_DETERMI x509_crt_check:"data_files/server5.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca2.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=Polarssl Test EC CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA256:0:0:"NULL":0:0:1:-1:"":2:0:"data_files/test-ca2.crt":0 Certificate write check Server1 SHA1, SubjectAltNames -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_MD5:MBEDTLS_AES_C -x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.allSubjectAltNames.crt":0:0:"data_files/test-ca.crt":1 +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_MD5 +x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca_unenc.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"01":"20190210144406":"20290210144406":MBEDTLS_MD_SHA1:0:0:"NULL":0:0:1:-1:"data_files/server1.allSubjectAltNames.crt":0:0:"data_files/test-ca.crt":1 X509 String to Names #1 mbedtls_x509_string_to_names:"C=NL,O=Offspark\\, Inc., OU=PolarSSL":"C=NL, O=Offspark\\, Inc., OU=PolarSSL":0:0 From ac7a809ac337a2ab8112c7d4e804a3f107c558c3 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 31 Oct 2023 12:23:44 +0100 Subject: [PATCH 0503/1674] all.sh: remove leftover loc_curve_list usage Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1836a105c..9793b0a0d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2609,7 +2609,7 @@ common_test_psa_crypto_config_accel_ecc_some_curves () { ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" - helper_libtestdriver1_make_main "$loc_accel_list $loc_curve_list" + helper_libtestdriver1_make_main "$loc_accel_list" # We expect ECDH to be re-enabled for the missing curves grep mbedtls_ecdh_ library/ecdh.o From 6dcb63bc6dd2d9739998249b113a7f85adac66d0 Mon Sep 17 00:00:00 2001 From: Tom Cosgrove Date: Tue, 31 Oct 2023 15:39:25 +0000 Subject: [PATCH 0504/1674] Fix broken link to psa-driver-example-and-guide in psa-driver-wrappers-codegen-migration-guide.md Fixes #8453 Signed-off-by: Tom Cosgrove --- docs/proposed/psa-driver-wrappers-codegen-migration-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/proposed/psa-driver-wrappers-codegen-migration-guide.md b/docs/proposed/psa-driver-wrappers-codegen-migration-guide.md index 8875921b2..f9b108ddf 100644 --- a/docs/proposed/psa-driver-wrappers-codegen-migration-guide.md +++ b/docs/proposed/psa-driver-wrappers-codegen-migration-guide.md @@ -4,7 +4,7 @@ Migrating to an auto generated psa_crypto_driver_wrappers.h file This document describes how to migrate to the auto generated psa_crypto_driver_wrappers.h file. It is meant to give the library user migration guidelines while the Mbed TLS project tides over multiple minor revs of version 1.0, after which this will be merged into psa-driver-interface.md. -For a practical guide with a description of the current state of drivers Mbed TLS, see our [PSA Cryptoprocessor driver development examples](../psa-driver-example-and-guide.html). +For a practical guide with a description of the current state of drivers Mbed TLS, see our [PSA Cryptoprocessor driver development examples](../psa-driver-example-and-guide.md). ## Introduction From fb24a8425a509a692099ab614b149870debacd65 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 12 Jul 2023 13:16:49 +0100 Subject: [PATCH 0505/1674] Introduce MBEDTLS_ASSUME Signed-off-by: Dave Rodgman --- library/common.h | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/library/common.h b/library/common.h index 87fae171c..4f4c222fa 100644 --- a/library/common.h +++ b/library/common.h @@ -318,6 +318,21 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #define MBEDTLS_UNLIKELY(x) x #endif +#if defined(__has_builtin) +#if __has_builtin(__builtin_assume) +/* MBEDTLS_ASSUME may be used to provide additional information to the compiler + * which can result in smaller code-size. */ +#define MBEDTLS_ASSUME(x) __builtin_assume(x) +// clang provides __builtin_assume +#elif __has_builtin(__builtin_unreachable) +#define MBEDTLS_ASSUME(x) do { if (!(x)) __builtin_unreachable(); } while (0) +// For gcc, use __builtin_unreachable +#endif +#endif +#if !defined(MBEDTLS_ASSUME) +#define MBEDTLS_ASSUME(x) +#endif + #if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \ && !defined(__llvm__) && !defined(__INTEL_COMPILER) /* Defined if the compiler really is gcc and not clang, etc */ From 6d2c1b37488d8da9b656315f25dc53676a1a7435 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 31 Oct 2023 17:54:42 +0000 Subject: [PATCH 0506/1674] Restructure mbedtls_cipher_validate_values Signed-off-by: Dave Rodgman --- library/psa_crypto_cipher.c | 69 +++++++++++++++++-------------------- 1 file changed, 32 insertions(+), 37 deletions(-) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 38be84b0b..3f2ddbdb5 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -42,45 +42,40 @@ static psa_status_t mbedtls_cipher_validate_values( psa_algorithm_t alg, psa_key_type_t key_type) { - switch (alg) { - case PSA_ALG_STREAM_CIPHER: - case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0): - if (key_type != PSA_KEY_TYPE_CHACHA20) { - return PSA_ERROR_NOT_SUPPORTED; - } - break; - - case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0): - case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0): - case PSA_ALG_CCM_STAR_NO_TAG: - if ((key_type != PSA_KEY_TYPE_AES) && - (key_type != PSA_KEY_TYPE_ARIA) && - (key_type != PSA_KEY_TYPE_CAMELLIA)) { - return PSA_ERROR_NOT_SUPPORTED; - } - break; - - case PSA_ALG_CTR: - case PSA_ALG_CFB: - case PSA_ALG_OFB: - case PSA_ALG_XTS: - case PSA_ALG_ECB_NO_PADDING: - case PSA_ALG_CBC_NO_PADDING: - case PSA_ALG_CBC_PKCS7: - case PSA_ALG_CMAC: - if ((key_type != PSA_KEY_TYPE_AES) && - (key_type != PSA_KEY_TYPE_ARIA) && - (key_type != PSA_KEY_TYPE_DES) && - (key_type != PSA_KEY_TYPE_CAMELLIA)) { - return PSA_ERROR_NOT_SUPPORTED; - } - break; - - default: - return PSA_ERROR_NOT_SUPPORTED; + if (alg == PSA_ALG_STREAM_CIPHER || + alg == PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0)) { + if (key_type == PSA_KEY_TYPE_CHACHA20) { + return PSA_SUCCESS; + } } - return PSA_SUCCESS; + if (alg == PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0) || + alg == PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0) || + alg == PSA_ALG_CCM_STAR_NO_TAG) { + if (key_type == PSA_KEY_TYPE_AES || + key_type == PSA_KEY_TYPE_ARIA || + key_type == PSA_KEY_TYPE_CAMELLIA) { + return PSA_SUCCESS; + } + } + + if (alg == PSA_ALG_CTR || + alg == PSA_ALG_CFB || + alg == PSA_ALG_OFB || + alg == PSA_ALG_XTS || + alg == PSA_ALG_ECB_NO_PADDING || + alg == PSA_ALG_CBC_NO_PADDING || + alg == PSA_ALG_CBC_PKCS7 || + alg == PSA_ALG_CMAC) { + if (key_type == PSA_KEY_TYPE_AES || + key_type == PSA_KEY_TYPE_ARIA || + key_type == PSA_KEY_TYPE_DES || + key_type == PSA_KEY_TYPE_CAMELLIA) { + return PSA_SUCCESS; + } + } + + return PSA_ERROR_NOT_SUPPORTED; } psa_status_t mbedtls_cipher_values_from_psa( From 3e5cc175e0992d1b362f18b75d484fc86d7b8f05 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 31 Oct 2023 17:54:58 +0000 Subject: [PATCH 0507/1674] Reduce code size in mbedtls_cipher_validate_values Signed-off-by: Dave Rodgman --- library/psa_crypto_cipher.c | 57 +++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 3f2ddbdb5..f4fc499ba 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -42,6 +42,63 @@ static psa_status_t mbedtls_cipher_validate_values( psa_algorithm_t alg, psa_key_type_t key_type) { + /* Reduce code size - hinting to the compiler about what it can assume allows the compiler to + eliminate bits of the logic below. */ +#if !defined(PSA_WANT_KEY_TYPE_AES) + MBEDTLS_ASSUME(key_type != PSA_KEY_TYPE_AES); +#endif +#if !defined(PSA_WANT_KEY_TYPE_ARIA) + MBEDTLS_ASSUME(key_type != PSA_KEY_TYPE_ARIA); +#endif +#if !defined(PSA_WANT_KEY_TYPE_CAMELLIA) + MBEDTLS_ASSUME(key_type != PSA_KEY_TYPE_CAMELLIA); +#endif +#if !defined(PSA_WANT_KEY_TYPE_CHACHA20) + MBEDTLS_ASSUME(key_type != PSA_KEY_TYPE_CHACHA20); +#endif +#if !defined(PSA_WANT_KEY_TYPE_DES) + MBEDTLS_ASSUME(key_type != PSA_KEY_TYPE_DES); +#endif +#if !defined(PSA_WANT_ALG_CCM) + MBEDTLS_ASSUME(alg != PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0)); +#endif +#if !defined(PSA_WANT_ALG_GCM) + MBEDTLS_ASSUME(alg != PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0)); +#endif +#if !defined(PSA_WANT_ALG_STREAM_CIPHER) + MBEDTLS_ASSUME(alg != PSA_ALG_STREAM_CIPHER); +#endif +#if !defined(PSA_WANT_ALG_CHACHA20_POLY1305) + MBEDTLS_ASSUME(alg != PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0)); +#endif +#if !defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) + MBEDTLS_ASSUME(alg != PSA_ALG_CCM_STAR_NO_TAG); +#endif +#if !defined(PSA_WANT_ALG_CTR) + MBEDTLS_ASSUME(alg != PSA_ALG_CTR); +#endif +#if !defined(PSA_WANT_ALG_CFB) + MBEDTLS_ASSUME(alg != PSA_ALG_CFB); +#endif +#if !defined(PSA_WANT_ALG_OFB) + MBEDTLS_ASSUME(alg != PSA_ALG_OFB); +#endif +#if !defined(PSA_WANT_ALG_XTS) + MBEDTLS_ASSUME(alg != PSA_ALG_XTS); +#endif +#if !defined(PSA_WANT_ALG_ECB_NO_PADDING) + MBEDTLS_ASSUME(alg != PSA_ALG_ECB_NO_PADDING); +#endif +#if !defined(PSA_WANT_ALG_CBC_NO_PADDING) + MBEDTLS_ASSUME(alg != PSA_ALG_CBC_NO_PADDING); +#endif +#if !defined(PSA_WANT_ALG_CBC_PKCS7) + MBEDTLS_ASSUME(alg != PSA_ALG_CBC_PKCS7); +#endif +#if !defined(PSA_WANT_ALG_CMAC) + MBEDTLS_ASSUME(alg != PSA_ALG_CMAC); +#endif + if (alg == PSA_ALG_STREAM_CIPHER || alg == PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0)) { if (key_type == PSA_KEY_TYPE_CHACHA20) { From 52e7052b6cc61fa831cbfff8a815ad9bf3efcd18 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 31 Oct 2023 23:26:44 +0000 Subject: [PATCH 0508/1674] tidy up comments Signed-off-by: Dave Rodgman --- library/common.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/common.h b/library/common.h index 4f4c222fa..3e81e81ea 100644 --- a/library/common.h +++ b/library/common.h @@ -318,15 +318,15 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #define MBEDTLS_UNLIKELY(x) x #endif -#if defined(__has_builtin) -#if __has_builtin(__builtin_assume) /* MBEDTLS_ASSUME may be used to provide additional information to the compiler * which can result in smaller code-size. */ +#if defined(__has_builtin) +#if __has_builtin(__builtin_assume) +/* clang provides __builtin_assume */ #define MBEDTLS_ASSUME(x) __builtin_assume(x) -// clang provides __builtin_assume #elif __has_builtin(__builtin_unreachable) +/* gcc can use __builtin_unreachable */ #define MBEDTLS_ASSUME(x) do { if (!(x)) __builtin_unreachable(); } while (0) -// For gcc, use __builtin_unreachable #endif #endif #if !defined(MBEDTLS_ASSUME) From 64bdeb89b94f30416d90d3a06cf8a5b179a4d8fd Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 31 Oct 2023 23:27:04 +0000 Subject: [PATCH 0509/1674] Use non-empty definition for fallback Signed-off-by: Dave Rodgman --- library/common.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/common.h b/library/common.h index 3e81e81ea..7652e5685 100644 --- a/library/common.h +++ b/library/common.h @@ -330,7 +330,7 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #endif #endif #if !defined(MBEDTLS_ASSUME) -#define MBEDTLS_ASSUME(x) +#define MBEDTLS_ASSUME(x) do { } while (0) #endif #if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \ From 90c8ac22054822e7ef481f6aca27860dd3c05252 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 31 Oct 2023 23:27:24 +0000 Subject: [PATCH 0510/1674] Add case for MSVC Signed-off-by: Dave Rodgman --- library/common.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/library/common.h b/library/common.h index 7652e5685..fe4d21399 100644 --- a/library/common.h +++ b/library/common.h @@ -330,8 +330,13 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #endif #endif #if !defined(MBEDTLS_ASSUME) +#if defined(_MSC_VER) +/* Supported by MSVC since VS 2005 */ +#define MBEDTLS_ASSUME(x) __assume(x) +#else #define MBEDTLS_ASSUME(x) do { } while (0) #endif +#endif #if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \ && !defined(__llvm__) && !defined(__INTEL_COMPILER) From 9ba640d3187e39fe014de571f4058810eac44ae2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 31 Oct 2023 23:30:09 +0000 Subject: [PATCH 0511/1674] Simplify use of __has_builtin Signed-off-by: Dave Rodgman --- library/common.h | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/library/common.h b/library/common.h index fe4d21399..49f457c8b 100644 --- a/library/common.h +++ b/library/common.h @@ -306,37 +306,35 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #define MBEDTLS_STATIC_ASSERT(expr, msg) #endif -/* Define compiler branch hints */ #if defined(__has_builtin) -#if __has_builtin(__builtin_expect) +#define MBEDTLS_HAS_BUILTIN(x) __has_builtin(x) +#else +#define MBEDTLS_HAS_BUILTIN(x) 0 +#endif + +/* Define compiler branch hints */ +#if MBEDTLS_HAS_BUILTIN(__builtin_expect) #define MBEDTLS_LIKELY(x) __builtin_expect(!!(x), 1) #define MBEDTLS_UNLIKELY(x) __builtin_expect(!!(x), 0) -#endif -#endif -#if !defined(MBEDTLS_LIKELY) +#else #define MBEDTLS_LIKELY(x) x #define MBEDTLS_UNLIKELY(x) x #endif /* MBEDTLS_ASSUME may be used to provide additional information to the compiler * which can result in smaller code-size. */ -#if defined(__has_builtin) -#if __has_builtin(__builtin_assume) +#if MBEDTLS_HAS_BUILTIN(__builtin_assume) /* clang provides __builtin_assume */ #define MBEDTLS_ASSUME(x) __builtin_assume(x) -#elif __has_builtin(__builtin_unreachable) +#elif MBEDTLS_HAS_BUILTIN(__builtin_unreachable) /* gcc can use __builtin_unreachable */ #define MBEDTLS_ASSUME(x) do { if (!(x)) __builtin_unreachable(); } while (0) -#endif -#endif -#if !defined(MBEDTLS_ASSUME) -#if defined(_MSC_VER) +#elif defined(_MSC_VER) /* Supported by MSVC since VS 2005 */ #define MBEDTLS_ASSUME(x) __assume(x) #else #define MBEDTLS_ASSUME(x) do { } while (0) #endif -#endif #if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \ && !defined(__llvm__) && !defined(__INTEL_COMPILER) From 454dda3e250597b94069918ea2cbf54959f72618 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Oct 2023 15:13:54 +0800 Subject: [PATCH 0512/1674] fix various issues - improve output message - Remove unnecessary checks - Simplify test command Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 21 +++++++-------------- tests/opt-testcases/tls13-misc.sh | 18 ++++++++++-------- 2 files changed, 17 insertions(+), 22 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index cc8a0a178..44abb4b62 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1766,32 +1766,25 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED; if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_DISABLED) { - MBEDTLS_SSL_DEBUG_MSG( - 1, ("EarlyData: rejected. configured disabled.")); - return; - } - - MBEDTLS_SSL_DEBUG_MSG( - 3, ("EarlyData: conf->max_early_data_size = %u", - (unsigned int) ssl->conf->max_early_data_size)); - - if (!mbedtls_ssl_conf_tls13_some_psk_enabled(ssl)) { MBEDTLS_SSL_DEBUG_MSG( 1, - ("EarlyData: rejected. psk or psk_ephemeral is not available.")); + ("EarlyData: rejected, feature disabled in server configuration.")); return; } - if (handshake && handshake->resume != 1) { + if (!handshake->resume) { + /* We currently support early data only in the case of PSKs established + via a NewSessionTicket message thus in the case of a session + resumption. */ MBEDTLS_SSL_DEBUG_MSG( - 1, ("EarlyData: rejected. not resumption session.")); + 1, ("EarlyData: rejected, not resumption session.")); return; } if (session->tls_version != MBEDTLS_SSL_VERSION_TLS1_3) { MBEDTLS_SSL_DEBUG_MSG( 1, - ("EarlyData: rejected. not a TLS 1.3 ticket.")); + ("EarlyData: rejected, not a TLS 1.3 ticket.")); return; } diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index dbc2e4346..ffa914e92 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -500,7 +500,7 @@ requires_gnutls_next requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ - MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_ECP_LIGHT + MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED run_test "TLS 1.3 G->m: EarlyData: feature is disabled, fail." \ @@ -513,17 +513,19 @@ run_test "TLS 1.3 G->m: EarlyData: feature is disabled, fail." \ -s "Last error was: -29056 - SSL - Verification of the message MAC failed" requires_gnutls_next + requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ - MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_ECP_LIGHT + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ + MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED -run_test "TLS 1.3 G->m: EarlyData: psk*: feature is enabled, fail." \ - "$P_SRV force_version=tls13 debug_level=4 max_early_data_size=$EARLY_DATA_INPUT_LEN $(get_srv_psk_list)" \ - "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK \ - -d 10 -r --earlydata $EARLY_DATA_INPUT \ - --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \ +run_test "TLS 1.3 G->m: EarlyData: feature is enabled, fail." \ + "$P_SRV force_version=tls13 debug_level=4 max_early_data_size=$EARLY_DATA_INPUT_LEN" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL:+KX-ALL \ + -d 10 -r --earlydata $EARLY_DATA_INPUT " \ 1 \ -s "ClientHello: early_data(42) extension exists." \ -s "EncryptedExtensions: early_data(42) extension exists." \ - -s "NewSessionTicket: early_data(42) extension does not exist." + -s "NewSessionTicket: early_data(42) extension does not exist." \ + -s "Last error was: -29056 - SSL - Verification of the message MAC failed" From ce3b95e2c9cd26cc39fd2b4c79d6c79fe2fb3336 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Oct 2023 16:02:04 +0800 Subject: [PATCH 0513/1674] move ticket version check Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 44abb4b62..5a0c69fa7 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -159,6 +159,13 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( /* We delete the temporary buffer */ mbedtls_free(ticket_buffer); +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (ret == 0 && session->tls_version != MBEDTLS_SSL_VERSION_TLS1_3) { + MBEDTLS_SSL_DEBUG_MSG(3, ("ticket version invalid.")); + ret = MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION; + } +#endif + if (ret != 0) { goto exit; } @@ -1752,7 +1759,6 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_EARLY_DATA) static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) { - mbedtls_ssl_session *session = ssl->session_negotiate; mbedtls_ssl_handshake_params *handshake = ssl->handshake; if ((handshake->received_extensions & @@ -1781,12 +1787,6 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) return; } - if (session->tls_version != MBEDTLS_SSL_VERSION_TLS1_3) { - MBEDTLS_SSL_DEBUG_MSG( - 1, - ("EarlyData: rejected, not a TLS 1.3 ticket.")); - return; - } /* TODO: Add more checks here. */ From 82fd6c11bda1f50babd303776c02ed025fabdbb5 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Oct 2023 16:32:19 +0800 Subject: [PATCH 0514/1674] Add selected key and ciphersuite check Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 5a0c69fa7..2288a1ae2 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1787,6 +1787,35 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) return; } + /* RFC 8446 4.2.10 + * + * In order to accept early data, the server MUST have accepted a PSK cipher + * suite and selected the first key offered in the client's "pre_shared_key" + * extension. In addition, it MUST verify that the following values are the + * same as those associated with the selected PSK: + * - The TLS version number + * - The selected cipher suite + * - The selected ALPN [RFC7301] protocol, if any + * + * NOTE: + * - ALPN hasn't been checked. + * - TLS version is checked in + * ssl_tls13_offered_psks_check_identity_match_ticket() + */ + + if (handshake->selected_identity != 0) { + MBEDTLS_SSL_DEBUG_MSG( + 1, ("EarlyData: rejected, first psk key is not offered.")); + return; + } + + if (handshake->ciphersuite_info->id != + ssl->session_negotiate->ciphersuite) { + MBEDTLS_SSL_DEBUG_MSG( + 1, ("EarlyData: rejected, selected ciphersuite mismatch.")); + return; + + } /* TODO: Add more checks here. */ From 960b7ebbcf16b5684b56afa4f9fb88c179ae2d66 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Oct 2023 16:40:01 +0800 Subject: [PATCH 0515/1674] move psk check to EE message on client side early_data extension is sent in EE. So it should not be checked in SH message. Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 66 ++++++++++++++++++++------------------ 1 file changed, 34 insertions(+), 32 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index c6fa3b390..7e59af320 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1906,36 +1906,6 @@ static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl) ret = MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; goto cleanup; } -#if defined(MBEDTLS_SSL_EARLY_DATA) - if (handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(EARLY_DATA) && - (handshake->selected_identity != 0 || - handshake->ciphersuite_info->id != - ssl->session_negotiate->ciphersuite)) { - /* RFC8446 4.2.11 - * If the server supplies an "early_data" extension, the - * client MUST verify that the server's selected_identity - * is 0. If any other value is returned, the client MUST - * abort the handshake with an "illegal_parameter" alert. - * - * RFC 8446 4.2.10 - * In order to accept early data, the server MUST have accepted a PSK - * cipher suite and selected the first key offered in the client's - * "pre_shared_key" extension. In addition, it MUST verify that the - * following values are the same as those associated with the - * selected PSK: - * - The TLS version number - * - The selected cipher suite - * - The selected ALPN [RFC7301] protocol, if any - * - * We check here that when early data is involved the server - * selected the cipher suite associated to the pre-shared key - * as it must have. - */ - MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, - MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); - return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; - } -#endif if (!mbedtls_ssl_conf_tls13_check_kex_modes( ssl, handshake->key_exchange_mode)) { @@ -2211,6 +2181,9 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) int ret; unsigned char *buf; size_t buf_len; +#if defined(MBEDTLS_SSL_EARLY_DATA) + mbedtls_ssl_handshake_params *handshake = ssl->handshake; +#endif MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse encrypted extensions")); @@ -2223,8 +2196,37 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) ssl_tls13_parse_encrypted_extensions(ssl, buf, buf + buf_len)); #if defined(MBEDTLS_SSL_EARLY_DATA) - if (ssl->handshake->received_extensions & - MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) { + if (handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) { + /* RFC8446 4.2.11 + * If the server supplies an "early_data" extension, the + * client MUST verify that the server's selected_identity + * is 0. If any other value is returned, the client MUST + * abort the handshake with an "illegal_parameter" alert. + * + * RFC 8446 4.2.10 + * In order to accept early data, the server MUST have accepted a PSK + * cipher suite and selected the first key offered in the client's + * "pre_shared_key" extension. In addition, it MUST verify that the + * following values are the same as those associated with the + * selected PSK: + * - The TLS version number + * - The selected cipher suite + * - The selected ALPN [RFC7301] protocol, if any + * + * We check here that when early data is involved the server + * selected the cipher suite associated to the pre-shared key + * as it must have. + */ + if (handshake->selected_identity != 0 || + handshake->ciphersuite_info->id != + ssl->session_negotiate->ciphersuite) { + + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, + MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + } + ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED; } #endif From 59afe498d456da14b581563d9a92707816bee6fb Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 1 Nov 2023 14:50:44 +0800 Subject: [PATCH 0516/1674] test: tls13: change server output check tls13 server now does not parse pre-shared key extension unless there are some psk key exchange modes really available. For `ephemeral_all/psk_or_ephemeral` configuration pairs, there wouldn't be any psk key exchange mode available, so the check of "Pre shared key found" should be inverse. Signed-off-by: Pengyu Lv --- tests/opt-testcases/tls13-kex-modes.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/opt-testcases/tls13-kex-modes.sh b/tests/opt-testcases/tls13-kex-modes.sh index 758da1da5..ce10307ce 100755 --- a/tests/opt-testcases/tls13-kex-modes.sh +++ b/tests/opt-testcases/tls13-kex-modes.sh @@ -562,7 +562,7 @@ run_test "TLS 1.3: G->m: psk_or_ephemeral/ephemeral_all, good" \ -s "found pre_shared_key extension" \ -S "Found PSK_EPHEMERAL KEX MODE" \ -s "Found PSK KEX MODE" \ - -s "Pre shared key found" \ + -S "Pre shared key found" \ -S "No matched PSK or ticket" \ -S "key exchange mode: psk$" \ -S "key exchange mode: psk_ephemeral" \ @@ -745,7 +745,7 @@ run_test "TLS 1.3: G->m: ephemeral_all/psk_or_ephemeral, good" \ -s "found pre_shared_key extension" \ -s "Found PSK_EPHEMERAL KEX MODE" \ -S "Found PSK KEX MODE" \ - -s "Pre shared key found" \ + -S "Pre shared key found" \ -S "No matched PSK or ticket" \ -S "key exchange mode: psk$" \ -S "key exchange mode: psk_ephemeral" \ @@ -1425,7 +1425,7 @@ run_test "TLS 1.3: O->m: ephemeral_all/psk_or_ephemeral, good" \ -s "found pre_shared_key extension" \ -s "Found PSK_EPHEMERAL KEX MODE" \ -S "Found PSK KEX MODE" \ - -s "Pre shared key found" \ + -S "Pre shared key found" \ -S "No matched PSK or ticket" \ -S "key exchange mode: psk$" \ -S "key exchange mode: psk_ephemeral" \ From e367e47be00bc36e6e8122758fa2ffe2ac0d5f76 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 31 Oct 2023 17:23:04 +0800 Subject: [PATCH 0517/1674] mbedtls_config: add new config option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT With the introduction of negative option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT, we don't need to implicitly enable it through PSA. Signed-off-by: Yanray Wang --- include/mbedtls/config_adjust_legacy_crypto.h | 24 ------------------- include/mbedtls/mbedtls_config.h | 19 +++++++++++++++ 2 files changed, 19 insertions(+), 24 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 677772126..495cd5ab3 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -34,30 +34,6 @@ #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H #define MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H -/* - * ECB, CBC, XTS, KW modes require both ENCRYPT and DECRYPT directions. - * MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is only enabled when those modes - * are not requested via the PSA API and are not enabled in the legacy API. - * - * DES only supports ECB and CBC modes in Mbed TLS. As it's a deprecated and - * insecure block cipher, MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is enabled when DES - * is not requested via the PSA API and is not enabled in the legacy API. - * - * Note: XTS, KW are not yet supported via the PSA API in Mbed TLS. - */ -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) -#if !defined(PSA_WANT_ALG_ECB_NO_PADDING) && \ - !defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ - !defined(PSA_WANT_ALG_CBC_PKCS7) && \ - !defined(PSA_WANT_KEY_TYPE_DES) && \ - !defined(MBEDTLS_CIPHER_MODE_CBC) && \ - !defined(MBEDTLS_CIPHER_MODE_XTS) && \ - !defined(MBEDTLS_DES_C) && \ - !defined(MBEDTLS_NIST_KW_C) -#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 1 -#endif -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ - /* Auto-enable MBEDTLS_MD_LIGHT based on MBEDTLS_MD_C. * This allows checking for MD_LIGHT rather than MD_LIGHT || MD_C. */ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index af0761395..3caea9cc5 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2383,6 +2383,25 @@ */ #define MBEDTLS_BASE64_C +/** + * \def MBEDTLS_BLOCK_CIPHER_NO_DECRYPT + * + * Remove decryption operation for AES, ARIA and Camellia block cipher. + * + * \note This feature is incompatible with insecure block cipher, + * MBEDTLS_DES_C, and cipher modes which always require decryption + * operation, MBEDTLS_CIPHER_MODE_CBC, MBEDTLS_CIPHER_MODE_XTS and + * MBEDTLS_NIST_KW_C. + * + * Module: library/aes.c + * library/aesce.c + * library/aesni.c + * library/aria.c + * library/camellia.c + * library/cipher.c + */ +//#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT + /** * \def MBEDTLS_BIGNUM_C * From b799eea123254ce205cd9f81be6039481e6a23ff Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 31 Oct 2023 17:41:47 +0800 Subject: [PATCH 0518/1674] check_config: add checks for MBEDTLS_BLOCK_CIPHER_NO_DECRYPT Signed-off-by: Yanray Wang --- include/mbedtls/check_config.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index c580bf792..436ca0592 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -184,11 +184,12 @@ #endif #if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) && \ - (!defined(MBEDTLS_PSA_CRYPTO_CONFIG) || \ (defined(MBEDTLS_CIPHER_MODE_CBC) || \ defined(MBEDTLS_CIPHER_MODE_XTS) || \ - defined(MBEDTLS_NIST_KW_C))) -#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT defined, but not all prerequisites" + defined(MBEDTLS_DES_C) || \ + defined(MBEDTLS_NIST_KW_C)) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_CIPHER_MODE_CBC/MBEDTLS_CIPHER_MODE_XTS/MBEDTLS_DES_C/MBEDTLS_NIST_KW_C \ +cannot be defined simultaneously" #endif #if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C) From 66111393e4a8b8f4801c42e0e7c337df839ae913 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 31 Oct 2023 18:54:54 +0800 Subject: [PATCH 0519/1674] all.sh: modify components to test BLOCK_CIPHER_NO_DECRYPT Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 97 ++++++++++++++++++-------------------------- 1 file changed, 39 insertions(+), 58 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 2540b5e49..4daae6c41 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4488,25 +4488,19 @@ component_test_aes_fewer_tables_and_rom_tables () { make test } -component_test_cipher_encrypt_only_aesni () { - # pre-setup to implicitly enable CIPHER_ENCRYPT_ONLY - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG +component_test_block_cipher_no_decrypt_aesni () { + # enable BLOCK_CIPHER_NO_DECRYPT and disable its incompatible configs + scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_NIST_KW_C - echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' > psa_cipher_encrypt_only.h - echo '#undef PSA_WANT_ALG_CBC_PKCS7' >> psa_cipher_encrypt_only.h - echo '#undef PSA_WANT_ALG_ECB_NO_PADDING' >> psa_cipher_encrypt_only.h - echo '#undef PSA_WANT_KEY_TYPE_DES' >> psa_cipher_encrypt_only.h - # test AESNI intrinsics scripts/config.py set MBEDTLS_AESNI_C - msg "build: implicitly enable CIPHER_ENCRYPT_ONLY with AESNI intrinsics" + msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI intrinsics" make clean - make CC=gcc CFLAGS="-Werror -Wall -Wextra -mpclmul -msse2 -maes \ - -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + make CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes' # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA not grep mbedtls_aes_setkey_dec library/aes.o @@ -4515,18 +4509,17 @@ component_test_cipher_encrypt_only_aesni () { # Make sure we don't have mbedtls_internal_aes_decrypt in AES not grep mbedtls_internal_aes_decrypt library/aes.o - msg "test: implicitly enable CIPHER_ENCRYPT_ONLY with AESNI intrinsics" + msg "test: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI intrinsics" make test - msg "selftest: implicitly enable CIPHER_ENCRYPT_ONLY with AESNI intrinsics" + msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI intrinsics" programs/test/selftest # test AESNI assembly scripts/config.py set MBEDTLS_AESNI_C - msg "build: implicitly enable CIPHER_ENCRYPT_ONLY with AESNI assembly" + msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI assembly" make clean - make CC=gcc CFLAGS="-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes \ - -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + make CC=gcc CFLAGS='-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes' # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA not grep mbedtls_aes_setkey_dec library/aes.o @@ -4535,18 +4528,17 @@ component_test_cipher_encrypt_only_aesni () { # Make sure we don't have mbedtls_internal_aes_decrypt in AES not grep mbedtls_internal_aes_decrypt library/aes.o - msg "test: implicitly enable CIPHER_ENCRYPT_ONLY with AESNI assembly" + msg "test: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI assembly" make test - msg "selftest: implicitly enable CIPHER_ENCRYPT_ONLY with AESNI assembly" + msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI assembly" programs/test/selftest # test AES C implementation - msg "build: implicitly enable CIPHER_ENCRYPT_ONLY with AES C Implementation" + msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AES C Implementation" scripts/config.py unset MBEDTLS_AESNI_C make clean - make CC=gcc CFLAGS="-Werror -Wall -Wextra \ - -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + make CC=gcc CFLAGS='-Werror -Wall -Wextra' # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA not grep mbedtls_aes_setkey_dec library/aes.o @@ -4555,35 +4547,27 @@ component_test_cipher_encrypt_only_aesni () { # Make sure we don't have mbedtls_internal_aes_decrypt in AES not grep mbedtls_internal_aes_decrypt library/aes.o - msg "test: implicitly enable CIPHER_ENCRYPT_ONLY with AES C Implementation" + msg "test: default config + BLOCK_CIPHER_NO_DECRYPT with AES C Implementation" make test - msg "selftest: implicitly enable CIPHER_ENCRYPT_ONLY with AES C Implementation" + msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT with AES C Implementation" programs/test/selftest - - rm -f psa_cipher_encrypt_only.h } -component_test_cipher_encrypt_only_aesni_m32 () { - # pre-setup to implicitly enable CIPHER_ENCRYPT_ONLY - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG +component_test_block_cipher_no_decrypt_aesni_m32 () { + # enable BLOCK_CIPHER_NO_DECRYPT and disable its incompatible configs + scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_NIST_KW_C - echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' > psa_cipher_encrypt_only.h - echo '#undef PSA_WANT_ALG_CBC_PKCS7' >> psa_cipher_encrypt_only.h - echo '#undef PSA_WANT_ALG_ECB_NO_PADDING' >> psa_cipher_encrypt_only.h - echo '#undef PSA_WANT_KEY_TYPE_DES' >> psa_cipher_encrypt_only.h - # test AESNI intrinsics for i386 with VIA PADLOCK scripts/config.py set MBEDTLS_AESNI_C scripts/config.py set MBEDTLS_PADLOCK_C - msg "build: implicitly enable CIPHER_ENCRYPT_ONLY for i386 with VIA PADLOCK" + msg "build: default config + BLOCK_CIPHER_NO_DECRYPT for i386 with VIA PADLOCK" make clean - make CC=gcc LDFLAGS='-m32' CFLAGS="-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes\ - -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + make CC=gcc LDFLAGS='-m32' CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA not grep mbedtls_aes_setkey_dec library/aes.o @@ -4592,19 +4576,18 @@ component_test_cipher_encrypt_only_aesni_m32 () { # Make sure we don't have mbedtls_internal_aes_decrypt in AES not grep mbedtls_internal_aes_decrypt library/aes.o - msg "test: implicitly enable CIPHER_ENCRYPT_ONLY for i386 with VIA PADLOCK" + msg "test: default config + BLOCK_CIPHER_NO_DECRYPT for i386 with VIA PADLOCK" make test - msg "selftest: implicitly enable CIPHER_ENCRYPT_ONLY for i386 with VIA PADLOCK" + msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT for i386 with VIA PADLOCK" programs/test/selftest # test AESNI intrinsics for i386 without VIA PADLOCK scripts/config.py set MBEDTLS_AESNI_C scripts/config.py unset MBEDTLS_PADLOCK_C - msg "build: implicitly enable CIPHER_ENCRYPT_ONLY for i386 without VIA PADLOCK" + msg "build: default config + BLOCK_CIPHER_NO_DECRYPT for i386 without VIA PADLOCK" make clean - make CC=gcc LDFLAGS='-m32' CFLAGS="-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes\ - -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + make CC=gcc LDFLAGS='-m32' CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA not grep mbedtls_aes_setkey_dec library/aes.o @@ -4613,21 +4596,19 @@ component_test_cipher_encrypt_only_aesni_m32 () { # Make sure we don't have mbedtls_internal_aes_decrypt in AES not grep mbedtls_internal_aes_decrypt library/aes.o - msg "test: implicitly enable CIPHER_ENCRYPT_ONLY for i386 without VIA PADLOCK" + msg "test: default config + BLOCK_CIPHER_NO_DECRYPT for i386 without VIA PADLOCK" make test - msg "selftest: implicitly enable CIPHER_ENCRYPT_ONLY for i386 without VIA PADLOCK" + msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT for i386 without VIA PADLOCK" programs/test/selftest - - rm -f psa_cipher_encrypt_only.h } -support_test_cipher_encrypt_only_aesce_armcc () { +support_test_block_cipher_no_decrypt_aesce_armcc () { armc6_cc="$ARMC6_BIN_DIR/armclang" (check_tools "$armc6_cc" > /dev/null 2>&1) } -component_test_cipher_encrypt_only_aesce_armcc () { +component_test_block_cipher_no_decrypt_aesce_armcc () { scripts/config.py baremetal # armc[56] don't support SHA-512 intrinsics @@ -4642,23 +4623,25 @@ component_test_cipher_encrypt_only_aesce_armcc () { scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_HAVE_ASM - # pre-setup to implicitly enable CIPHER_ENCRYPT_ONLY - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + # enable BLOCK_CIPHER_NO_DECRYPT and disable its incompatible configs + scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_NIST_KW_C - echo '#undef PSA_WANT_ALG_CBC_NO_PADDING' > psa_cipher_encrypt_only.h - echo '#undef PSA_WANT_ALG_CBC_PKCS7' >> psa_cipher_encrypt_only.h - echo '#undef PSA_WANT_ALG_ECB_NO_PADDING' >> psa_cipher_encrypt_only.h - echo '#undef PSA_WANT_KEY_TYPE_DES' >> psa_cipher_encrypt_only.h + # Enable support for cryptographic mechanisms through the PSA API. + # Note: XTS, KW are not yet supported via the PSA API in Mbed TLS. + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_DES # test AESCE baremetal build scripts/config.py set MBEDTLS_AESCE_C - msg "build: implicitly enable CIPHER_ENCRYPT_ONLY with AESCE" - armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto \ - -I '$PWD' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_cipher_encrypt_only.h\"'" + msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AESCE" + armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto" # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA not grep mbedtls_aes_setkey_dec library/aes.o @@ -4666,8 +4649,6 @@ component_test_cipher_encrypt_only_aesce_armcc () { not grep mbedtls_camellia_setkey_dec library/camellia.o # Make sure we don't have mbedtls_internal_aes_decrypt in AES not grep mbedtls_internal_aes_decrypt library/aes.o - - rm -f psa_cipher_encrypt_only.h } component_test_ctr_drbg_aes_256_sha_256 () { From eefd2695d2d4dce2b8a4f71ad811cc1e6c18e5df Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 31 Oct 2023 19:09:01 +0800 Subject: [PATCH 0520/1674] test_suite_psa_crypto: add dependency for decrypt test cases If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT, we can't test decrypt for AES-ECB, so adding this dependency for some test cases Signed-off-by: Yanray Wang --- tests/suites/test_suite_psa_crypto.data | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 7b1974865..5220b273e 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2271,11 +2271,11 @@ depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"" PSA symmetric encrypt: AES-ECB, 16 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"3ad77bb40d7a3660a89ecaf32466ef97" PSA symmetric encrypt: AES-ECB, 32 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1" PSA symmetric encrypt: 2-key 3DES-ECB, 8 bytes, good @@ -2427,11 +2427,11 @@ depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"" PSA symmetric decrypt: AES-ECB, 16 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":"63cecc46a382414d5fa7d2b79387437f" PSA symmetric decrypt: AES-ECB, 32 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97" PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good @@ -2491,11 +2491,11 @@ depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":0:0:0:"":PSA_SUCCESS PSA symmetric decrypt multipart: AES-ECB, 16 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"63cecc46a382414d5fa7d2b79387437f":PSA_SUCCESS PSA symmetric decrypt multipart: AES-ECB, 32 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef972249a2638c6f1c755a84f9681a9f08c1":32:32:0:"6bc1bee22e409f96e93d7e117393172a3ad77bb40d7a3660a89ecaf32466ef97":PSA_SUCCESS PSA symmetric decrypt multipart: AES-CBC-nopad, 16 bytes, good @@ -2551,7 +2551,7 @@ depends_on:PSA_WANT_ALG_CCM_STAR_NO_TAG:PSA_WANT_KEY_TYPE_AES cipher_decrypt_multipart:PSA_ALG_CCM_STAR_NO_TAG:PSA_KEY_TYPE_AES:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":10:10:14:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":PSA_SUCCESS PSA symmetric encrypt/decrypt: AES-ECB, 16 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_verify_output:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a" PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good @@ -2663,15 +2663,15 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_encrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric decryption multipart: AES-ECB, 16+16 bytes -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":16:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-ECB, 11+21 bytes -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":11:0:32:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-ECB, 28+4 bytes -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"3ad77bb40d7a3660a89ecaf32466ef9755ed5e9e066820fa52c729886d18854c":28:16:16:"6bc1bee22e409f96e93d7e117393172a5434f378a597bcef1389318c7fc865ef":PSA_SUCCESS PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes @@ -2735,7 +2735,7 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":16:16:0:"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS PSA symmetric encrypt/decrypt multipart: AES-ECB, 16 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_verify_output_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":16 PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 16 bytes, good From e91d7c5d68f0b4334241a61e563e1d3a77a2570e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 2 Nov 2023 10:36:38 +0000 Subject: [PATCH 0521/1674] Update comment to mention IAR Signed-off-by: Dave Rodgman --- library/common.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/common.h b/library/common.h index 49f457c8b..0c5e1e181 100644 --- a/library/common.h +++ b/library/common.h @@ -327,7 +327,7 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, /* clang provides __builtin_assume */ #define MBEDTLS_ASSUME(x) __builtin_assume(x) #elif MBEDTLS_HAS_BUILTIN(__builtin_unreachable) -/* gcc can use __builtin_unreachable */ +/* gcc and IAR can use __builtin_unreachable */ #define MBEDTLS_ASSUME(x) do { if (!(x)) __builtin_unreachable(); } while (0) #elif defined(_MSC_VER) /* Supported by MSVC since VS 2005 */ From 74d48c89fa54b5b4caccc4aee3abf770a802dba4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 2 Nov 2023 16:43:55 +0100 Subject: [PATCH 0522/1674] ssl_server2: small improvement of code readability Signed-off-by: Valerio Setti --- programs/ssl/ssl_server2.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index ccdabe47b..c5e1cf44e 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2155,18 +2155,18 @@ usage: if (opt.ticket_timeout < 0) { goto usage; } - } else + } #if defined(MBEDTLS_CIPHER_C) - if (strcmp(p, "ticket_aead") == 0) { + else if (strcmp(p, "ticket_aead") == 0) { const mbedtls_cipher_info_t *ci = mbedtls_cipher_info_from_string(q); if (ci == NULL) { goto usage; } opt.ticket_aead = mbedtls_cipher_info_get_type(ci); - } else + } #endif - if (strcmp(p, "cache_max") == 0) { + else if (strcmp(p, "cache_max") == 0) { opt.cache_max = atoi(q); if (opt.cache_max < 0) { goto usage; From 16799db69a2947b1c30e4fb17116901a93a7918b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 2 Nov 2023 19:47:20 +0000 Subject: [PATCH 0523/1674] update headers Signed-off-by: Dave Rodgman --- .uncrustify.cfg | 14 +--------- configs/config-ccm-psk-dtls1_2.h | 14 +--------- configs/config-ccm-psk-tls1_2.h | 14 +--------- configs/config-no-entropy.h | 14 +--------- configs/config-suite-b.h | 14 +--------- configs/config-symmetric-only.h | 14 +--------- configs/config-thread.h | 14 +--------- configs/crypto-config-ccm-aes-sha256.h | 14 +--------- .../tfm_mbedcrypto_config_profile_medium.h | 14 +--------- docs/architecture/psa-migration/syms.sh | 14 +--------- doxygen/input/doc_encdec.h | 14 +--------- doxygen/input/doc_hashing.h | 14 +--------- doxygen/input/doc_mainpage.h | 14 +--------- doxygen/input/doc_rng.h | 14 +--------- doxygen/input/doc_ssltls.h | 14 +--------- doxygen/input/doc_tcpip.h | 14 +--------- doxygen/input/doc_x509.h | 14 +--------- include/mbedtls/aes.h | 14 +--------- include/mbedtls/aria.h | 14 +--------- include/mbedtls/asn1.h | 14 +--------- include/mbedtls/asn1write.h | 14 +--------- include/mbedtls/base64.h | 14 +--------- include/mbedtls/bignum.h | 14 +--------- include/mbedtls/build_info.h | 14 +--------- include/mbedtls/camellia.h | 14 +--------- include/mbedtls/ccm.h | 14 +--------- include/mbedtls/chacha20.h | 14 +--------- include/mbedtls/chachapoly.h | 14 +--------- include/mbedtls/check_config.h | 14 +--------- include/mbedtls/cipher.h | 14 +--------- include/mbedtls/cmac.h | 14 +--------- include/mbedtls/compat-2.x.h | 14 +--------- include/mbedtls/config_adjust_legacy_crypto.h | 14 +--------- .../mbedtls/config_adjust_legacy_from_psa.h | 14 +--------- .../mbedtls/config_adjust_psa_from_legacy.h | 14 +--------- .../config_adjust_psa_superset_legacy.h | 14 +--------- include/mbedtls/config_adjust_ssl.h | 14 +--------- include/mbedtls/config_adjust_x509.h | 14 +--------- include/mbedtls/config_psa.h | 14 +--------- include/mbedtls/constant_time.h | 14 +--------- include/mbedtls/ctr_drbg.h | 14 +--------- include/mbedtls/debug.h | 14 +--------- include/mbedtls/des.h | 14 +--------- include/mbedtls/dhm.h | 14 +--------- include/mbedtls/ecdh.h | 14 +--------- include/mbedtls/ecdsa.h | 14 +--------- include/mbedtls/ecjpake.h | 14 +--------- include/mbedtls/ecp.h | 14 +--------- include/mbedtls/entropy.h | 14 +--------- include/mbedtls/error.h | 14 +--------- include/mbedtls/gcm.h | 14 +--------- include/mbedtls/hkdf.h | 14 +--------- include/mbedtls/hmac_drbg.h | 14 +--------- include/mbedtls/lms.h | 14 +--------- include/mbedtls/mbedtls_config.h | 14 +--------- include/mbedtls/md.h | 14 +--------- include/mbedtls/md5.h | 14 +--------- include/mbedtls/memory_buffer_alloc.h | 14 +--------- include/mbedtls/net_sockets.h | 14 +--------- include/mbedtls/nist_kw.h | 14 +--------- include/mbedtls/oid.h | 14 +--------- include/mbedtls/pem.h | 14 +--------- include/mbedtls/pk.h | 14 +--------- include/mbedtls/pkcs12.h | 14 +--------- include/mbedtls/pkcs5.h | 14 +--------- include/mbedtls/pkcs7.h | 14 +--------- include/mbedtls/platform.h | 14 +--------- include/mbedtls/platform_time.h | 14 +--------- include/mbedtls/platform_util.h | 14 +--------- include/mbedtls/poly1305.h | 14 +--------- include/mbedtls/private_access.h | 14 +--------- include/mbedtls/psa_util.h | 14 +--------- include/mbedtls/ripemd160.h | 14 +--------- include/mbedtls/rsa.h | 14 +--------- include/mbedtls/sha1.h | 14 +--------- include/mbedtls/sha256.h | 14 +--------- include/mbedtls/sha3.h | 14 +--------- include/mbedtls/sha512.h | 14 +--------- include/mbedtls/ssl.h | 14 +--------- include/mbedtls/ssl_cache.h | 14 +--------- include/mbedtls/ssl_ciphersuites.h | 14 +--------- include/mbedtls/ssl_cookie.h | 14 +--------- include/mbedtls/ssl_ticket.h | 14 +--------- include/mbedtls/threading.h | 14 +--------- include/mbedtls/timing.h | 14 +--------- include/mbedtls/version.h | 14 +--------- include/mbedtls/x509.h | 14 +--------- include/mbedtls/x509_crl.h | 14 +--------- include/mbedtls/x509_crt.h | 14 +--------- include/mbedtls/x509_csr.h | 14 +--------- include/psa/build_info.h | 14 +--------- include/psa/crypto.h | 14 +--------- include/psa/crypto_adjust_auto_enabled.h | 14 +--------- .../psa/crypto_adjust_config_key_pair_types.h | 14 +--------- include/psa/crypto_adjust_config_synonyms.h | 14 +--------- include/psa/crypto_builtin_composites.h | 14 +--------- include/psa/crypto_builtin_key_derivation.h | 14 +--------- include/psa/crypto_builtin_primitives.h | 14 +--------- include/psa/crypto_compat.h | 14 +--------- include/psa/crypto_config.h | 14 +--------- include/psa/crypto_driver_common.h | 14 +--------- .../psa/crypto_driver_contexts_composites.h | 14 +--------- .../crypto_driver_contexts_key_derivation.h | 14 +--------- .../psa/crypto_driver_contexts_primitives.h | 14 +--------- include/psa/crypto_extra.h | 14 +--------- include/psa/crypto_legacy.h | 14 +--------- include/psa/crypto_platform.h | 14 +--------- include/psa/crypto_se_driver.h | 14 +--------- include/psa/crypto_sizes.h | 14 +--------- include/psa/crypto_struct.h | 14 +--------- include/psa/crypto_types.h | 14 +--------- include/psa/crypto_values.h | 14 +--------- library/aes.c | 14 +--------- library/aesce.c | 14 +--------- library/aesce.h | 14 +--------- library/aesni.c | 14 +--------- library/aesni.h | 14 +--------- library/alignment.h | 14 +--------- library/aria.c | 14 +--------- library/asn1parse.c | 14 +--------- library/asn1write.c | 14 +--------- library/base64.c | 14 +--------- library/base64_internal.h | 14 +--------- library/bignum.c | 14 +--------- library/bignum_core.c | 14 +--------- library/bignum_core.h | 14 +--------- library/bignum_mod.c | 14 +--------- library/bignum_mod.h | 14 +--------- library/bignum_mod_raw.c | 14 +--------- library/bignum_mod_raw.h | 14 +--------- library/bignum_mod_raw_invasive.h | 14 +--------- library/bn_mul.h | 14 +--------- library/camellia.c | 14 +--------- library/ccm.c | 14 +--------- library/chacha20.c | 14 +--------- library/chachapoly.c | 14 +--------- library/check_crypto_config.h | 14 +--------- library/cipher.c | 14 +--------- library/cipher_wrap.c | 14 +--------- library/cipher_wrap.h | 14 +--------- library/cmac.c | 14 +--------- library/common.h | 14 +--------- library/constant_time.c | 14 +--------- library/constant_time_impl.h | 14 +--------- library/constant_time_internal.h | 14 +--------- library/ctr_drbg.c | 14 +--------- library/debug.c | 14 +--------- library/des.c | 14 +--------- library/dhm.c | 14 +--------- library/ecdh.c | 14 +--------- library/ecdsa.c | 14 +--------- library/ecjpake.c | 14 +--------- library/ecp.c | 14 +--------- library/ecp_curves.c | 14 +--------- library/ecp_curves_new.c | 14 +--------- library/ecp_internal_alt.h | 14 +--------- library/ecp_invasive.h | 14 +--------- library/entropy.c | 14 +--------- library/entropy_poll.c | 14 +--------- library/entropy_poll.h | 14 +--------- library/gcm.c | 14 +--------- library/hkdf.c | 14 +--------- library/hmac_drbg.c | 14 +--------- library/lmots.c | 14 +--------- library/lmots.h | 14 +--------- library/lms.c | 14 +--------- library/md.c | 14 +--------- library/md5.c | 14 +--------- library/md_psa.h | 14 +--------- library/md_wrap.h | 14 +--------- library/memory_buffer_alloc.c | 14 +--------- library/mps_common.h | 14 +--------- library/mps_error.h | 14 +--------- library/mps_reader.c | 14 +--------- library/mps_reader.h | 14 +--------- library/mps_trace.c | 14 +--------- library/mps_trace.h | 14 +--------- library/net_sockets.c | 14 +--------- library/nist_kw.c | 14 +--------- library/oid.c | 14 +--------- library/padlock.c | 14 +--------- library/padlock.h | 14 +--------- library/pem.c | 14 +--------- library/pk.c | 14 +--------- library/pk_internal.h | 14 +--------- library/pk_wrap.c | 14 +--------- library/pk_wrap.h | 14 +--------- library/pkcs12.c | 14 +--------- library/pkcs5.c | 14 +--------- library/pkcs7.c | 14 +--------- library/pkparse.c | 14 +--------- library/pkwrite.c | 14 +--------- library/pkwrite.h | 14 +--------- library/platform.c | 14 +--------- library/platform_util.c | 14 +--------- library/poly1305.c | 14 +--------- library/psa_crypto.c | 14 +--------- library/psa_crypto_aead.c | 14 +--------- library/psa_crypto_aead.h | 14 +--------- library/psa_crypto_cipher.c | 14 +--------- library/psa_crypto_cipher.h | 14 +--------- library/psa_crypto_client.c | 14 +--------- library/psa_crypto_core.h | 14 +--------- library/psa_crypto_core_common.h | 14 +--------- .../psa_crypto_driver_wrappers_no_static.h | 14 +--------- library/psa_crypto_ecp.c | 14 +--------- library/psa_crypto_ecp.h | 14 +--------- library/psa_crypto_ffdh.c | 14 +--------- library/psa_crypto_ffdh.h | 14 +--------- library/psa_crypto_hash.c | 14 +--------- library/psa_crypto_hash.h | 14 +--------- library/psa_crypto_invasive.h | 14 +--------- library/psa_crypto_its.h | 14 +--------- library/psa_crypto_mac.c | 14 +--------- library/psa_crypto_mac.h | 14 +--------- library/psa_crypto_pake.c | 14 +--------- library/psa_crypto_pake.h | 14 +--------- library/psa_crypto_random_impl.h | 14 +--------- library/psa_crypto_rsa.c | 14 +--------- library/psa_crypto_rsa.h | 14 +--------- library/psa_crypto_se.c | 14 +--------- library/psa_crypto_se.h | 14 +--------- library/psa_crypto_slot_management.c | 14 +--------- library/psa_crypto_slot_management.h | 14 +--------- library/psa_crypto_storage.c | 14 +--------- library/psa_crypto_storage.h | 14 +--------- library/psa_its_file.c | 14 +--------- library/psa_util.c | 14 +--------- library/psa_util_internal.h | 14 +--------- library/ripemd160.c | 14 +--------- library/rsa.c | 14 +--------- library/rsa_alt_helpers.c | 14 +--------- library/rsa_alt_helpers.h | 14 +--------- library/sha1.c | 14 +--------- library/sha256.c | 14 +--------- library/sha3.c | 14 +--------- library/sha512.c | 14 +--------- library/ssl_cache.c | 14 +--------- library/ssl_ciphersuites.c | 14 +--------- library/ssl_client.c | 14 +--------- library/ssl_client.h | 14 +--------- library/ssl_cookie.c | 14 +--------- library/ssl_debug_helpers.h | 14 +--------- library/ssl_misc.h | 14 +--------- library/ssl_msg.c | 14 +--------- library/ssl_ticket.c | 14 +--------- library/ssl_tls.c | 14 +--------- library/ssl_tls12_client.c | 14 +--------- library/ssl_tls12_server.c | 14 +--------- library/ssl_tls13_client.c | 14 +--------- library/ssl_tls13_generic.c | 14 +--------- library/ssl_tls13_invasive.h | 14 +--------- library/ssl_tls13_keys.c | 2 +- library/ssl_tls13_keys.h | 2 +- library/ssl_tls13_server.c | 14 +--------- library/threading.c | 14 +--------- library/timing.c | 14 +--------- library/version.c | 14 +--------- library/x509.c | 14 +--------- library/x509_create.c | 14 +--------- library/x509_crl.c | 14 +--------- library/x509_crt.c | 14 +--------- library/x509_csr.c | 14 +--------- library/x509write.c | 14 +--------- library/x509write_crt.c | 14 +--------- library/x509write_csr.c | 14 +--------- programs/aes/crypt_and_hash.c | 14 +--------- programs/cipher/cipher_aead_demo.c | 14 +--------- programs/hash/generic_sum.c | 14 +--------- programs/hash/hello.c | 14 +--------- programs/hash/md_hmac_demo.c | 14 +--------- programs/pkey/dh_client.c | 14 +--------- programs/pkey/dh_genprime.c | 14 +--------- programs/pkey/dh_server.c | 14 +--------- programs/pkey/ecdh_curve25519.c | 14 +--------- programs/pkey/ecdsa.c | 14 +--------- programs/pkey/gen_key.c | 14 +--------- programs/pkey/key_app.c | 14 +--------- programs/pkey/key_app_writer.c | 14 +--------- programs/pkey/mpi_demo.c | 14 +--------- programs/pkey/pk_decrypt.c | 14 +--------- programs/pkey/pk_encrypt.c | 14 +--------- programs/pkey/pk_sign.c | 14 +--------- programs/pkey/pk_verify.c | 14 +--------- programs/pkey/rsa_decrypt.c | 14 +--------- programs/pkey/rsa_encrypt.c | 14 +--------- programs/pkey/rsa_genkey.c | 14 +--------- programs/pkey/rsa_sign.c | 14 +--------- programs/pkey/rsa_sign_pss.c | 14 +--------- programs/pkey/rsa_verify.c | 14 +--------- programs/pkey/rsa_verify_pss.c | 14 +--------- programs/psa/aead_demo.c | 14 +--------- programs/psa/crypto_examples.c | 14 +--------- programs/psa/hmac_demo.c | 14 +--------- programs/psa/key_ladder_demo.c | 14 +--------- programs/psa/key_ladder_demo.sh | 14 +--------- programs/psa/psa_constant_names.c | 14 +--------- programs/psa/psa_hash.c | 14 +--------- programs/random/gen_entropy.c | 14 +--------- programs/random/gen_random_ctr_drbg.c | 14 +--------- programs/ssl/dtls_client.c | 14 +--------- programs/ssl/dtls_server.c | 14 +--------- programs/ssl/mini_client.c | 14 +--------- programs/ssl/ssl_client1.c | 14 +--------- programs/ssl/ssl_client2.c | 14 +--------- programs/ssl/ssl_context_info.c | 14 +--------- programs/ssl/ssl_fork_server.c | 14 +--------- programs/ssl/ssl_mail_client.c | 14 +--------- programs/ssl/ssl_pthread_server.c | 14 +--------- programs/ssl/ssl_server.c | 14 +--------- programs/ssl/ssl_server2.c | 14 +--------- programs/ssl/ssl_test_common_source.c | 14 +--------- programs/ssl/ssl_test_lib.c | 14 +--------- programs/ssl/ssl_test_lib.h | 14 +--------- programs/test/benchmark.c | 14 +--------- programs/test/cmake_package/cmake_package.c | 14 +--------- .../cmake_package_install.c | 14 +--------- .../test/cmake_subproject/cmake_subproject.c | 14 +--------- programs/test/dlopen.c | 14 +--------- programs/test/dlopen_demo.sh | 14 +--------- programs/test/generate_cpp_dummy_build.sh | 27 ++---------------- programs/test/query_compile_time_config.c | 14 +--------- programs/test/query_config.h | 14 +--------- programs/test/query_included_headers.c | 14 +--------- programs/test/selftest.c | 14 +--------- programs/test/udp_proxy.c | 14 +--------- programs/test/udp_proxy_wrapper.sh | 14 +--------- programs/test/zeroize.c | 14 +--------- programs/util/pem2der.c | 14 +--------- programs/util/strerror.c | 14 +--------- programs/wince_main.c | 14 +--------- programs/x509/cert_app.c | 14 +--------- programs/x509/cert_req.c | 14 +--------- programs/x509/cert_write.c | 14 +--------- programs/x509/crl_app.c | 14 +--------- programs/x509/load_roots.c | 14 +--------- programs/x509/req_app.c | 14 +--------- scripts/abi_check.py | 14 +--------- scripts/apidoc_full.sh | 14 +--------- scripts/assemble_changelog.py | 14 +--------- scripts/bump_version.sh | 14 +--------- scripts/code_size_compare.py | 14 +--------- scripts/code_style.py | 14 +--------- scripts/config.pl | 13 +-------- scripts/config.py | 13 +-------- .../psa_crypto_driver_wrappers.h.jinja | 14 +--------- ...a_crypto_driver_wrappers_no_static.c.jinja | 14 +--------- scripts/data_files/error.fmt | 14 +--------- scripts/data_files/query_config.fmt | 14 +--------- scripts/data_files/version_features.fmt | 14 +--------- scripts/ecc-heap.sh | 14 +--------- scripts/ecp_comb_table.py | 14 +--------- scripts/footprint.sh | 14 +--------- scripts/generate_driver_wrappers.py | 14 +--------- scripts/generate_errors.pl | 14 +--------- scripts/generate_features.pl | 14 +--------- scripts/generate_psa_constants.py | 14 +--------- scripts/generate_query_config.pl | 14 +--------- scripts/generate_ssl_debug_helpers.py | 27 ++---------------- scripts/generate_visualc_files.pl | 14 +--------- scripts/lcov.sh | 14 +--------- scripts/massif_max.pl | 14 +--------- scripts/mbedtls_dev/asymmetric_key_data.py | 13 +-------- scripts/mbedtls_dev/bignum_common.py | 13 +-------- scripts/mbedtls_dev/bignum_core.py | 13 +-------- scripts/mbedtls_dev/bignum_data.py | 13 +-------- scripts/mbedtls_dev/bignum_mod.py | 13 +-------- scripts/mbedtls_dev/bignum_mod_raw.py | 13 +-------- scripts/mbedtls_dev/build_tree.py | 13 +-------- scripts/mbedtls_dev/c_build_helper.py | 13 +-------- scripts/mbedtls_dev/crypto_data_tests.py | 13 +-------- scripts/mbedtls_dev/crypto_knowledge.py | 13 +-------- scripts/mbedtls_dev/ecp.py | 13 +-------- scripts/mbedtls_dev/logging_util.py | 13 +-------- scripts/mbedtls_dev/macro_collector.py | 13 +-------- scripts/mbedtls_dev/psa_information.py | 13 +-------- scripts/mbedtls_dev/psa_storage.py | 13 +-------- scripts/mbedtls_dev/test_case.py | 13 +-------- scripts/mbedtls_dev/test_data_generation.py | 13 +-------- scripts/mbedtls_dev/typing_util.py | 13 +-------- scripts/memory.sh | 14 +--------- scripts/min_requirements.py | 14 +--------- scripts/output_env.sh | 14 +--------- scripts/prepare_release.sh | 14 +--------- scripts/tmp_ignore_makefiles.sh | 14 +--------- tests/compat-in-docker.sh | 14 +--------- tests/compat.sh | 14 +--------- tests/configs/tls13-only.h | 14 +--------- tests/configs/user-config-for-test.h | 14 +--------- tests/configs/user-config-malloc-0-null.h | 14 +--------- tests/configs/user-config-zeroize-memset.h | 14 +--------- tests/context-info.sh | 14 +--------- tests/data_files/dir-maxpath/long.sh | 14 +--------- tests/data_files/print_c.pl | 14 +--------- tests/data_files/test_certs.h.jinja2 | 14 +--------- tests/docker/bionic/Dockerfile | 14 +--------- tests/git-scripts/pre-push.sh | 14 +--------- tests/include/alt-dummy/aes_alt.h | 14 +--------- tests/include/alt-dummy/aria_alt.h | 14 +--------- tests/include/alt-dummy/camellia_alt.h | 14 +--------- tests/include/alt-dummy/ccm_alt.h | 14 +--------- tests/include/alt-dummy/chacha20_alt.h | 14 +--------- tests/include/alt-dummy/chachapoly_alt.h | 14 +--------- tests/include/alt-dummy/cmac_alt.h | 14 +--------- tests/include/alt-dummy/des_alt.h | 14 +--------- tests/include/alt-dummy/dhm_alt.h | 14 +--------- tests/include/alt-dummy/ecjpake_alt.h | 14 +--------- tests/include/alt-dummy/ecp_alt.h | 14 +--------- tests/include/alt-dummy/gcm_alt.h | 14 +--------- tests/include/alt-dummy/md5_alt.h | 14 +--------- tests/include/alt-dummy/nist_kw_alt.h | 14 +--------- tests/include/alt-dummy/platform_alt.h | 14 +--------- tests/include/alt-dummy/poly1305_alt.h | 14 +--------- tests/include/alt-dummy/ripemd160_alt.h | 14 +--------- tests/include/alt-dummy/rsa_alt.h | 14 +--------- tests/include/alt-dummy/sha1_alt.h | 14 +--------- tests/include/alt-dummy/sha256_alt.h | 14 +--------- tests/include/alt-dummy/sha512_alt.h | 14 +--------- tests/include/alt-dummy/threading_alt.h | 14 +--------- tests/include/alt-dummy/timing_alt.h | 14 +--------- tests/include/baremetal-override/time.h | 14 +--------- tests/include/spe/crypto_spe.h | 14 +--------- tests/include/test/arguments.h | 14 +--------- tests/include/test/asn1_helpers.h | 14 +--------- tests/include/test/bignum_helpers.h | 14 +--------- tests/include/test/certs.h | 14 +--------- tests/include/test/constant_flow.h | 14 +--------- tests/include/test/drivers/aead.h | 14 +--------- .../test/drivers/asymmetric_encryption.h | 14 +--------- tests/include/test/drivers/cipher.h | 14 +--------- .../include/test/drivers/config_test_driver.h | 14 +--------- tests/include/test/drivers/hash.h | 14 +--------- tests/include/test/drivers/key_agreement.h | 14 +--------- tests/include/test/drivers/key_management.h | 14 +--------- tests/include/test/drivers/mac.h | 14 +--------- tests/include/test/drivers/pake.h | 14 +--------- tests/include/test/drivers/signature.h | 14 +--------- tests/include/test/drivers/test_driver.h | 14 +--------- .../include/test/fake_external_rng_for_test.h | 14 +--------- tests/include/test/helpers.h | 14 +--------- tests/include/test/macros.h | 14 +--------- tests/include/test/psa_crypto_helpers.h | 14 +--------- tests/include/test/psa_exercise_key.h | 14 +--------- tests/include/test/psa_helpers.h | 14 +--------- tests/include/test/random.h | 14 +--------- tests/include/test/ssl_helpers.h | 14 +--------- tests/make-in-docker.sh | 14 +--------- tests/opt-testcases/tls13-compat.sh | 14 +--------- tests/opt-testcases/tls13-kex-modes.sh | 14 +--------- tests/opt-testcases/tls13-misc.sh | 14 +--------- tests/scripts/all-in-docker.sh | 14 +--------- tests/scripts/all.sh | 14 +--------- tests/scripts/audit-validity-dates.py | 14 +--------- tests/scripts/basic-build-test.sh | 14 +--------- tests/scripts/basic-in-docker.sh | 14 +--------- tests/scripts/check-doxy-blocks.pl | 14 +--------- tests/scripts/check-generated-files.sh | 14 +--------- tests/scripts/check-python-files.sh | 14 +--------- tests/scripts/check_files.py | 14 +--------- tests/scripts/check_names.py | 14 +--------- tests/scripts/check_test_cases.py | 14 +--------- tests/scripts/depends.py | 14 +--------- tests/scripts/docker_env.sh | 14 +--------- tests/scripts/doxygen.sh | 14 +--------- tests/scripts/gen_ctr_drbg.pl | 14 +--------- tests/scripts/gen_gcm_decrypt.pl | 14 +--------- tests/scripts/gen_gcm_encrypt.pl | 14 +--------- tests/scripts/gen_pkcs1_v21_sign_verify.pl | 14 +--------- tests/scripts/generate-afl-tests.sh | 14 +--------- tests/scripts/generate_bignum_tests.py | 14 +--------- tests/scripts/generate_ecp_tests.py | 14 +--------- tests/scripts/generate_pkcs7_tests.py | 14 +--------- tests/scripts/generate_psa_tests.py | 14 +--------- tests/scripts/generate_test_cert_macros.py | 14 +--------- tests/scripts/generate_test_code.py | 14 +--------- tests/scripts/generate_tls13_compat_tests.py | 28 ++----------------- tests/scripts/list-identifiers.sh | 14 +--------- tests/scripts/list_internal_identifiers.py | 14 +--------- tests/scripts/psa_collect_statuses.py | 14 +--------- tests/scripts/recursion.pl | 14 +--------- tests/scripts/run-test-suites.pl | 14 +--------- tests/scripts/scripts_path.py | 13 +-------- tests/scripts/set_psa_test_dependencies.py | 14 +--------- tests/scripts/tcp_client.pl | 14 +--------- tests/scripts/test-ref-configs.pl | 14 +--------- tests/scripts/test_config_script.py | 13 +-------- tests/scripts/test_generate_test_code.py | 14 +--------- tests/scripts/test_psa_compliance.py | 14 +--------- tests/scripts/test_psa_constant_names.py | 14 +--------- tests/scripts/test_zeroize.gdb | 14 +--------- tests/scripts/translate_ciphers.py | 14 +--------- tests/scripts/travis-log-failure.sh | 14 +--------- tests/src/asn1_helpers.c | 14 +--------- tests/src/bignum_helpers.c | 14 +--------- tests/src/certs.c | 14 +--------- tests/src/drivers/hash.c | 14 +--------- tests/src/drivers/platform_builtin_keys.c | 14 +--------- tests/src/drivers/test_driver_aead.c | 14 +--------- .../test_driver_asymmetric_encryption.c | 14 +--------- tests/src/drivers/test_driver_cipher.c | 14 +--------- tests/src/drivers/test_driver_key_agreement.c | 14 +--------- .../src/drivers/test_driver_key_management.c | 14 +--------- tests/src/drivers/test_driver_mac.c | 14 +--------- tests/src/drivers/test_driver_pake.c | 14 +--------- tests/src/drivers/test_driver_signature.c | 14 +--------- tests/src/fake_external_rng_for_test.c | 14 +--------- tests/src/helpers.c | 14 +--------- tests/src/psa_crypto_helpers.c | 14 +--------- tests/src/psa_exercise_key.c | 14 +--------- tests/src/random.c | 14 +--------- tests/src/test_certs.h | 14 +--------- tests/src/test_helpers/ssl_helpers.c | 14 +--------- tests/src/threading_helpers.c | 14 +--------- tests/ssl-opt-in-docker.sh | 14 +--------- tests/ssl-opt.sh | 14 +--------- 515 files changed, 518 insertions(+), 6686 deletions(-) diff --git a/.uncrustify.cfg b/.uncrustify.cfg index 92b8ce9cd..8dc9db049 100644 --- a/.uncrustify.cfg +++ b/.uncrustify.cfg @@ -4,19 +4,7 @@ # to Mbed TLS. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # Wrap lines at 100 characters diff --git a/configs/config-ccm-psk-dtls1_2.h b/configs/config-ccm-psk-dtls1_2.h index af2415fe1..19e09d957 100644 --- a/configs/config-ccm-psk-dtls1_2.h +++ b/configs/config-ccm-psk-dtls1_2.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Minimal configuration for DTLS 1.2 with PSK and AES-CCM ciphersuites diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index 62c1d8013..d49adfd72 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index 1964e8e55..ddb00b41e 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Minimal configuration of features that do not require an entropy source diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 56a700f74..9bba6e6cb 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Minimal configuration for TLS NSA Suite B Profile (RFC 6460) diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h index a014b5273..512dd7616 100644 --- a/configs/config-symmetric-only.h +++ b/configs/config-symmetric-only.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* System support */ diff --git a/configs/config-thread.h b/configs/config-thread.h index e05b557ed..2f81f9007 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/configs/crypto-config-ccm-aes-sha256.h b/configs/crypto-config-ccm-aes-sha256.h index 6c12bd7b6..7f8d58768 100644 --- a/configs/crypto-config-ccm-aes-sha256.h +++ b/configs/crypto-config-ccm-aes-sha256.h @@ -6,19 +6,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_CONFIG_H diff --git a/configs/tfm_mbedcrypto_config_profile_medium.h b/configs/tfm_mbedcrypto_config_profile_medium.h index 88736b54b..3234cd672 100644 --- a/configs/tfm_mbedcrypto_config_profile_medium.h +++ b/configs/tfm_mbedcrypto_config_profile_medium.h @@ -9,19 +9,7 @@ */ /* * Copyright (C) 2006-2022, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of mbed TLS (https://tls.mbed.org) */ diff --git a/docs/architecture/psa-migration/syms.sh b/docs/architecture/psa-migration/syms.sh index 1e1ec8c29..6c9686eb2 100755 --- a/docs/architecture/psa-migration/syms.sh +++ b/docs/architecture/psa-migration/syms.sh @@ -1,19 +1,7 @@ #!/bin/sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/doxygen/input/doc_encdec.h b/doxygen/input/doc_encdec.h index ec149aef7..cf77690b3 100644 --- a/doxygen/input/doc_encdec.h +++ b/doxygen/input/doc_encdec.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/doxygen/input/doc_hashing.h b/doxygen/input/doc_hashing.h index 931e6e928..83613bfa9 100644 --- a/doxygen/input/doc_hashing.h +++ b/doxygen/input/doc_hashing.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index b67237fbc..f465a454b 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/doxygen/input/doc_rng.h b/doxygen/input/doc_rng.h index 7da13cd73..22608a879 100644 --- a/doxygen/input/doc_rng.h +++ b/doxygen/input/doc_rng.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/doxygen/input/doc_ssltls.h b/doxygen/input/doc_ssltls.h index 6961124e4..5757574f3 100644 --- a/doxygen/input/doc_ssltls.h +++ b/doxygen/input/doc_ssltls.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/doxygen/input/doc_tcpip.h b/doxygen/input/doc_tcpip.h index a705de146..f8d8c6905 100644 --- a/doxygen/input/doc_tcpip.h +++ b/doxygen/input/doc_tcpip.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/doxygen/input/doc_x509.h b/doxygen/input/doc_x509.h index 904967501..945830f11 100644 --- a/doxygen/input/doc_x509.h +++ b/doxygen/input/doc_x509.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 7c92162d1..77ecffd86 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -22,19 +22,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_AES_H diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h index 7e55df7ec..abb8a3d76 100644 --- a/include/mbedtls/aria.h +++ b/include/mbedtls/aria.h @@ -11,19 +11,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ARIA_H diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index a044543af..3c3bfad9d 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ASN1_H #define MBEDTLS_ASN1_H diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 6fe57c8f0..7af4aba41 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ASN1_WRITE_H #define MBEDTLS_ASN1_WRITE_H diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h index 635be713d..8f459b74c 100644 --- a/include/mbedtls/base64.h +++ b/include/mbedtls/base64.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BASE64_H #define MBEDTLS_BASE64_H diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index eb8446ea8..931e06d2c 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BIGNUM_H #define MBEDTLS_BIGNUM_H diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 4f72669b5..2c3d43876 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BUILD_INFO_H diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h index 8033c13ff..6c674fe04 100644 --- a/include/mbedtls/camellia.h +++ b/include/mbedtls/camellia.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CAMELLIA_H #define MBEDTLS_CAMELLIA_H diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index e00e747de..a98111b4e 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -29,19 +29,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CCM_H diff --git a/include/mbedtls/chacha20.h b/include/mbedtls/chacha20.h index e24e56b98..680fe3604 100644 --- a/include/mbedtls/chacha20.h +++ b/include/mbedtls/chacha20.h @@ -14,19 +14,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CHACHA20_H diff --git a/include/mbedtls/chachapoly.h b/include/mbedtls/chachapoly.h index 19baadefd..3dc21e380 100644 --- a/include/mbedtls/chachapoly.h +++ b/include/mbedtls/chachapoly.h @@ -14,19 +14,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CHACHAPOLY_H diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 1251cdfa7..a568d6fb5 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CHECK_CONFIG_H diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 9c8701d38..2596baa92 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CIPHER_H diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index b2aca5d04..97b86fc42 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CMAC_H diff --git a/include/mbedtls/compat-2.x.h b/include/mbedtls/compat-2.x.h index cdf81dcbb..096341ba7 100644 --- a/include/mbedtls/compat-2.x.h +++ b/include/mbedtls/compat-2.x.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if defined(MBEDTLS_DEPRECATED_WARNING) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 90b522a1e..aafd42e7a 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -16,19 +16,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index 66d9887e1..6356bddc1 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -10,19 +10,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H diff --git a/include/mbedtls/config_adjust_psa_from_legacy.h b/include/mbedtls/config_adjust_psa_from_legacy.h index 296d62461..60b00c1e4 100644 --- a/include/mbedtls/config_adjust_psa_from_legacy.h +++ b/include/mbedtls/config_adjust_psa_from_legacy.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H diff --git a/include/mbedtls/config_adjust_psa_superset_legacy.h b/include/mbedtls/config_adjust_psa_superset_legacy.h index 3d9029b57..3a55c3f6e 100644 --- a/include/mbedtls/config_adjust_psa_superset_legacy.h +++ b/include/mbedtls/config_adjust_psa_superset_legacy.h @@ -11,19 +11,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H diff --git a/include/mbedtls/config_adjust_ssl.h b/include/mbedtls/config_adjust_ssl.h index 2275f3add..8415f3e5f 100644 --- a/include/mbedtls/config_adjust_ssl.h +++ b/include/mbedtls/config_adjust_ssl.h @@ -16,19 +16,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_ADJUST_SSL_H diff --git a/include/mbedtls/config_adjust_x509.h b/include/mbedtls/config_adjust_x509.h index 99a0ace2f..346c8ae6d 100644 --- a/include/mbedtls/config_adjust_x509.h +++ b/include/mbedtls/config_adjust_x509.h @@ -16,19 +16,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_ADJUST_X509_H diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 2d2397197..17da61b3e 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_PSA_H diff --git a/include/mbedtls/constant_time.h b/include/mbedtls/constant_time.h index ebecf35b0..d31bff677 100644 --- a/include/mbedtls/constant_time.h +++ b/include/mbedtls/constant_time.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONSTANT_TIME_H diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 0348281e4..d1f19e607 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -23,19 +23,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CTR_DRBG_H diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index d6dd15224..0aef2ed65 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_DEBUG_H #define MBEDTLS_DEBUG_H diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h index f445102d9..2b097a13d 100644 --- a/include/mbedtls/des.h +++ b/include/mbedtls/des.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ #ifndef MBEDTLS_DES_H diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 0232a71fd..fcba3d2af 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -45,19 +45,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_DHM_H diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 67c94f0fa..792db79fd 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -14,19 +14,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECDH_H diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 3b2b418f1..2ecf34911 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECDSA_H diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h index 0008d7312..c2148a2bd 100644 --- a/include/mbedtls/ecjpake.h +++ b/include/mbedtls/ecjpake.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECJPAKE_H #define MBEDTLS_ECJPAKE_H diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index bf95b907a..7f5e88080 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -16,19 +16,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECP_H diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h index c2bba41d2..20fd6872b 100644 --- a/include/mbedtls/entropy.h +++ b/include/mbedtls/entropy.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ENTROPY_H #define MBEDTLS_ENTROPY_H diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index a7454f234..186589ac5 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ERROR_H #define MBEDTLS_ERROR_H diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index c3343e6aa..837cecc09 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -13,19 +13,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_GCM_H diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h index 699c6d9e9..930e93f32 100644 --- a/include/mbedtls/hkdf.h +++ b/include/mbedtls/hkdf.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_HKDF_H #define MBEDTLS_HKDF_H diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 2e5aa6d06..18b1b75a6 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_HMAC_DRBG_H #define MBEDTLS_HMAC_DRBG_H diff --git a/include/mbedtls/lms.h b/include/mbedtls/lms.h index 5c8df42f8..95fce2133 100644 --- a/include/mbedtls/lms.h +++ b/include/mbedtls/lms.h @@ -10,19 +10,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_LMS_H #define MBEDTLS_LMS_H diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 73229ea91..6a940d44a 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index e5b30d045..478e9f766 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_MD_H diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h index 808188694..6bf0754a4 100644 --- a/include/mbedtls/md5.h +++ b/include/mbedtls/md5.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_MD5_H #define MBEDTLS_MD5_H diff --git a/include/mbedtls/memory_buffer_alloc.h b/include/mbedtls/memory_buffer_alloc.h index 9694d2458..b527d9b66 100644 --- a/include/mbedtls/memory_buffer_alloc.h +++ b/include/mbedtls/memory_buffer_alloc.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_MEMORY_BUFFER_ALLOC_H #define MBEDTLS_MEMORY_BUFFER_ALLOC_H diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h index 1096d66d9..026f627ce 100644 --- a/include/mbedtls/net_sockets.h +++ b/include/mbedtls/net_sockets.h @@ -21,19 +21,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_NET_SOCKETS_H #define MBEDTLS_NET_SOCKETS_H diff --git a/include/mbedtls/nist_kw.h b/include/mbedtls/nist_kw.h index 0c95c902e..d353f3d1a 100644 --- a/include/mbedtls/nist_kw.h +++ b/include/mbedtls/nist_kw.h @@ -17,19 +17,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_NIST_KW_H diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 954507229..e48817d68 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_OID_H #define MBEDTLS_OID_H diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h index a33fc65e5..cc617a9bc 100644 --- a/include/mbedtls/pem.h +++ b/include/mbedtls/pem.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PEM_H #define MBEDTLS_PEM_H diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index aea602be7..24b11886b 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PK_H diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index ba1a2edf0..42e84538a 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PKCS12_H #define MBEDTLS_PKCS12_H diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h index 8b086aa2e..e004f4555 100644 --- a/include/mbedtls/pkcs5.h +++ b/include/mbedtls/pkcs5.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PKCS5_H #define MBEDTLS_PKCS5_H diff --git a/include/mbedtls/pkcs7.h b/include/mbedtls/pkcs7.h index 1231e3402..70b25a9c6 100644 --- a/include/mbedtls/pkcs7.h +++ b/include/mbedtls/pkcs7.h @@ -6,19 +6,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index 3fc1fd0c1..de3d71d9d 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -21,19 +21,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PLATFORM_H #define MBEDTLS_PLATFORM_H diff --git a/include/mbedtls/platform_time.h b/include/mbedtls/platform_time.h index 21b369745..97f1963ab 100644 --- a/include/mbedtls/platform_time.h +++ b/include/mbedtls/platform_time.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PLATFORM_TIME_H #define MBEDTLS_PLATFORM_TIME_H diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h index 3f23fef55..cba02ab3d 100644 --- a/include/mbedtls/platform_util.h +++ b/include/mbedtls/platform_util.h @@ -6,19 +6,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PLATFORM_UTIL_H #define MBEDTLS_PLATFORM_UTIL_H diff --git a/include/mbedtls/poly1305.h b/include/mbedtls/poly1305.h index 3025ef1f2..61bcaa6b6 100644 --- a/include/mbedtls/poly1305.h +++ b/include/mbedtls/poly1305.h @@ -14,19 +14,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_POLY1305_H diff --git a/include/mbedtls/private_access.h b/include/mbedtls/private_access.h index 61fa8777b..580f3eb44 100644 --- a/include/mbedtls/private_access.h +++ b/include/mbedtls/private_access.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PRIVATE_ACCESS_H diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 8ce15927b..643e8aac4 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PSA_UTIL_H diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h index acec3c52d..279f92b51 100644 --- a/include/mbedtls/ripemd160.h +++ b/include/mbedtls/ripemd160.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_RIPEMD160_H #define MBEDTLS_RIPEMD160_H diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 69f3981ed..df665240d 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -11,19 +11,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_RSA_H #define MBEDTLS_RSA_H diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h index 18bde93d3..592ffd13f 100644 --- a/include/mbedtls/sha1.h +++ b/include/mbedtls/sha1.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SHA1_H #define MBEDTLS_SHA1_H diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 45a5f902a..ca568e291 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SHA256_H #define MBEDTLS_SHA256_H diff --git a/include/mbedtls/sha3.h b/include/mbedtls/sha3.h index 77748be1f..3eeee65e6 100644 --- a/include/mbedtls/sha3.h +++ b/include/mbedtls/sha3.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SHA3_H diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index ea5467829..1c20e4c22 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SHA512_H #define MBEDTLS_SHA512_H diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 03a8b1f14..c9110dead 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_H #define MBEDTLS_SSL_H diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h index 7a90191c3..a1307b450 100644 --- a/include/mbedtls/ssl_cache.h +++ b/include/mbedtls/ssl_cache.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_CACHE_H #define MBEDTLS_SSL_CACHE_H diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 07f2facef..8cecbb625 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_CIPHERSUITES_H #define MBEDTLS_SSL_CIPHERSUITES_H diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h index 5cd1847d0..71c258ea4 100644 --- a/include/mbedtls/ssl_cookie.h +++ b/include/mbedtls/ssl_cookie.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_COOKIE_H #define MBEDTLS_SSL_COOKIE_H diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h index 0cefe43a1..6d59c12da 100644 --- a/include/mbedtls/ssl_ticket.h +++ b/include/mbedtls/ssl_ticket.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_TICKET_H #define MBEDTLS_SSL_TICKET_H diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index 6a336c3ed..ed16a23b1 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_THREADING_H #define MBEDTLS_THREADING_H diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h index 830dcee63..62ae1022d 100644 --- a/include/mbedtls/timing.h +++ b/include/mbedtls/timing.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_TIMING_H #define MBEDTLS_TIMING_H diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index 073211a19..637f9d38b 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * This set of run-time variables can be used to determine the version number of diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index a9267c791..e2e06679b 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_X509_H #define MBEDTLS_X509_H diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h index 62694ae7f..6625a44f4 100644 --- a/include/mbedtls/x509_crl.h +++ b/include/mbedtls/x509_crl.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_X509_CRL_H #define MBEDTLS_X509_CRL_H diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 3f9b25075..3f1a1e761 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_X509_CRT_H #define MBEDTLS_X509_CRT_H diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index 513a83edd..e54010b10 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_X509_CSR_H #define MBEDTLS_X509_CSR_H diff --git a/include/psa/build_info.h b/include/psa/build_info.h index 34a138d72..3ee6cd7b1 100644 --- a/include/psa/build_info.h +++ b/include/psa/build_info.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_BUILD_INFO_H diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6b06187bf..fe10ee0e4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4,19 +4,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_H diff --git a/include/psa/crypto_adjust_auto_enabled.h b/include/psa/crypto_adjust_auto_enabled.h index 5e18298c6..63fb29e85 100644 --- a/include/psa/crypto_adjust_auto_enabled.h +++ b/include/psa/crypto_adjust_auto_enabled.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_ADJUST_AUTO_ENABLED_H diff --git a/include/psa/crypto_adjust_config_key_pair_types.h b/include/psa/crypto_adjust_config_key_pair_types.h index 7736e752d..63afc0e40 100644 --- a/include/psa/crypto_adjust_config_key_pair_types.h +++ b/include/psa/crypto_adjust_config_key_pair_types.h @@ -13,19 +13,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_ADJUST_KEYPAIR_TYPES_H diff --git a/include/psa/crypto_adjust_config_synonyms.h b/include/psa/crypto_adjust_config_synonyms.h index 5142ef0ae..cf33465b5 100644 --- a/include/psa/crypto_adjust_config_synonyms.h +++ b/include/psa/crypto_adjust_config_synonyms.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h index d9473ac00..35c2e29b9 100644 --- a/include/psa/crypto_builtin_composites.h +++ b/include/psa/crypto_builtin_composites.h @@ -15,19 +15,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_BUILTIN_COMPOSITES_H diff --git a/include/psa/crypto_builtin_key_derivation.h b/include/psa/crypto_builtin_key_derivation.h index 8a2143a7e..6b91ae73f 100644 --- a/include/psa/crypto_builtin_key_derivation.h +++ b/include/psa/crypto_builtin_key_derivation.h @@ -15,19 +15,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index d3e069223..98ab4d333 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -15,19 +15,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_BUILTIN_PRIMITIVES_H diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 70fa14e87..f896fae1c 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_COMPAT_H diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h index d34cbf339..5bf00f402 100644 --- a/include/psa/crypto_config.h +++ b/include/psa/crypto_config.h @@ -32,19 +32,7 @@ #endif /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_CONFIG_H diff --git a/include/psa/crypto_driver_common.h b/include/psa/crypto_driver_common.h index 26363c6b2..cc11d3b9a 100644 --- a/include/psa/crypto_driver_common.h +++ b/include/psa/crypto_driver_common.h @@ -17,19 +17,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_DRIVER_COMMON_H #define PSA_CRYPTO_DRIVER_COMMON_H diff --git a/include/psa/crypto_driver_contexts_composites.h b/include/psa/crypto_driver_contexts_composites.h index d0188647f..d717c5190 100644 --- a/include/psa/crypto_driver_contexts_composites.h +++ b/include/psa/crypto_driver_contexts_composites.h @@ -16,19 +16,7 @@ * to define the implementation-defined types of PSA multi-part state objects. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H diff --git a/include/psa/crypto_driver_contexts_key_derivation.h b/include/psa/crypto_driver_contexts_key_derivation.h index 3fb29ff7f..21190515c 100644 --- a/include/psa/crypto_driver_contexts_key_derivation.h +++ b/include/psa/crypto_driver_contexts_key_derivation.h @@ -15,19 +15,7 @@ * to define the implementation-defined types of PSA multi-part state objects. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_KEY_DERIVATION_H diff --git a/include/psa/crypto_driver_contexts_primitives.h b/include/psa/crypto_driver_contexts_primitives.h index b27a768e8..c90a5fbe7 100644 --- a/include/psa/crypto_driver_contexts_primitives.h +++ b/include/psa/crypto_driver_contexts_primitives.h @@ -15,19 +15,7 @@ * to define the implementation-defined types of PSA multi-part state objects. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 4b0cc7041..ef29b77db 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -10,19 +10,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_EXTRA_H diff --git a/include/psa/crypto_legacy.h b/include/psa/crypto_legacy.h index 7a038d945..7df3614d6 100644 --- a/include/psa/crypto_legacy.h +++ b/include/psa/crypto_legacy.h @@ -13,19 +13,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PSA_CRYPTO_LEGACY_H diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index 8c81ded34..4d0343547 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -15,19 +15,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_PLATFORM_H diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index f39e2294c..9ce14bba6 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -17,19 +17,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_SE_DRIVER_H #define PSA_CRYPTO_SE_DRIVER_H diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 31e45fe6a..836c28cc2 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -22,19 +22,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_SIZES_H diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 6c461914d..5639ad05d 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -43,19 +43,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_STRUCT_H diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 8d894b470..e2ebd8af3 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -15,19 +15,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TYPES_H diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 241b7c80d..5e33f6bd5 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -21,19 +21,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_VALUES_H diff --git a/library/aes.c b/library/aes.c index b61d089fa..05f4c3c23 100644 --- a/library/aes.c +++ b/library/aes.c @@ -2,19 +2,7 @@ * FIPS-197 compliant AES implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The AES block cipher was designed by Vincent Rijmen and Joan Daemen. diff --git a/library/aesce.c b/library/aesce.c index 8b42b034f..f2bdce2db 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -2,19 +2,7 @@ * Armv8-A Cryptographic Extension support functions for Aarch64 * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ diff --git a/library/aesce.h b/library/aesce.h index d24c423b8..9206a6b3b 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_AESCE_H #define MBEDTLS_AESCE_H diff --git a/library/aesni.c b/library/aesni.c index 864d0d613..b92c73c29 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -2,19 +2,7 @@ * AES-NI support functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/aesni.h b/library/aesni.h index f007735a6..e22ae167c 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_AESNI_H #define MBEDTLS_AESNI_H diff --git a/library/alignment.h b/library/alignment.h index ab15986e5..4bca10e8f 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_LIBRARY_ALIGNMENT_H diff --git a/library/aria.c b/library/aria.c index 098036225..07a434f8f 100644 --- a/library/aria.c +++ b/library/aria.c @@ -2,19 +2,7 @@ * ARIA implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/asn1parse.c b/library/asn1parse.c index abdd0b1bd..c02b233ec 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -2,19 +2,7 @@ * Generic ASN.1 parsing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/asn1write.c b/library/asn1write.c index 2e9b98ad5..114091d63 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -2,19 +2,7 @@ * ASN.1 buffer writing functionality * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/base64.c b/library/base64.c index fa22e5375..a58717d6b 100644 --- a/library/base64.c +++ b/library/base64.c @@ -2,19 +2,7 @@ * RFC 1521 base64 encoding/decoding * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/library/base64_internal.h b/library/base64_internal.h index f9f56d78d..a09bd2377 100644 --- a/library/base64_internal.h +++ b/library/base64_internal.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BASE64_INTERNAL diff --git a/library/bignum.c b/library/bignum.c index 7c265e04d..09ce0301f 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2,19 +2,7 @@ * Multi-precision integer library * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/bignum_core.c b/library/bignum_core.c index dbf6d1df4..dfed60d55 100644 --- a/library/bignum_core.c +++ b/library/bignum_core.c @@ -2,19 +2,7 @@ * Core bignum functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/bignum_core.h b/library/bignum_core.h index e5500f117..b56be0a71 100644 --- a/library/bignum_core.h +++ b/library/bignum_core.h @@ -62,19 +62,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BIGNUM_CORE_H diff --git a/library/bignum_mod.c b/library/bignum_mod.c index 2f0e9ed09..dfd332a70 100644 --- a/library/bignum_mod.c +++ b/library/bignum_mod.c @@ -2,19 +2,7 @@ * Modular bignum functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/bignum_mod.h b/library/bignum_mod.h index 39e8fd218..963d8881a 100644 --- a/library/bignum_mod.h +++ b/library/bignum_mod.h @@ -63,19 +63,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BIGNUM_MOD_H diff --git a/library/bignum_mod_raw.c b/library/bignum_mod_raw.c index 5ee1b19b2..5343bc650 100644 --- a/library/bignum_mod_raw.c +++ b/library/bignum_mod_raw.c @@ -2,19 +2,7 @@ * Low-level modular bignum functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/bignum_mod_raw.h b/library/bignum_mod_raw.h index c5ff9378e..7bb4ca3cf 100644 --- a/library/bignum_mod_raw.h +++ b/library/bignum_mod_raw.h @@ -60,19 +60,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BIGNUM_MOD_RAW_H diff --git a/library/bignum_mod_raw_invasive.h b/library/bignum_mod_raw_invasive.h index ead83942c..94a0d06cf 100644 --- a/library/bignum_mod_raw_invasive.h +++ b/library/bignum_mod_raw_invasive.h @@ -6,19 +6,7 @@ */ /** * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BIGNUM_MOD_RAW_INVASIVE_H diff --git a/library/bn_mul.h b/library/bn_mul.h index ab1a66ae5..0738469db 100644 --- a/library/bn_mul.h +++ b/library/bn_mul.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Multiply source vector [s] with b, add result diff --git a/library/camellia.c b/library/camellia.c index 409727d04..86c8bbfcd 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -2,19 +2,7 @@ * Camellia implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The Camellia block cipher was designed by NTT and Mitsubishi Electric diff --git a/library/ccm.c b/library/ccm.c index 237ef9f31..2cccd2809 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -2,19 +2,7 @@ * NIST SP800-38C compliant CCM implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/chacha20.c b/library/chacha20.c index cbb01f4ad..acaae5b2e 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -6,19 +6,7 @@ * \author Daniel King * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/chachapoly.c b/library/chachapoly.c index aebc646aa..a1314eab6 100644 --- a/library/chachapoly.c +++ b/library/chachapoly.c @@ -4,19 +4,7 @@ * \brief ChaCha20-Poly1305 AEAD construction based on RFC 7539. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/check_crypto_config.h b/library/check_crypto_config.h index b7d87fe07..6469e9f43 100644 --- a/library/check_crypto_config.h +++ b/library/check_crypto_config.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/cipher.c b/library/cipher.c index 67ed0e320..c8217b9de 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -6,19 +6,7 @@ * \author Adriaan de Jong * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index d977e4757..ef3aa8df0 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -6,19 +6,7 @@ * \author Adriaan de Jong * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h index 85a011caf..a9254fddc 100644 --- a/library/cipher_wrap.h +++ b/library/cipher_wrap.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CIPHER_WRAP_H #define MBEDTLS_CIPHER_WRAP_H diff --git a/library/cmac.c b/library/cmac.c index c07968685..f40cae20c 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -4,19 +4,7 @@ * \brief NIST SP800-38B compliant CMAC implementation for AES and 3DES * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/common.h b/library/common.h index 87fae171c..f392b7f05 100644 --- a/library/common.h +++ b/library/common.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_LIBRARY_COMMON_H diff --git a/library/constant_time.c b/library/constant_time.c index 8b41aed19..c7077c352 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -2,19 +2,7 @@ * Constant-time functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 7759ac384..f0b2fc02f 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -2,19 +2,7 @@ * Constant-time functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONSTANT_TIME_IMPL_H diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index cc26edcd1..61a5c6d4e 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -2,19 +2,7 @@ * Constant-time functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONSTANT_TIME_INTERNAL_H diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index fdd753d1c..cf3816e9f 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -2,19 +2,7 @@ * CTR_DRBG implementation based on AES-256 (NIST SP 800-90) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The NIST SP 800-90 DRBGs are described in the following publication. diff --git a/library/debug.c b/library/debug.c index 0983cb0fb..c7bbd41bd 100644 --- a/library/debug.c +++ b/library/debug.c @@ -2,19 +2,7 @@ * Debugging routines * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/des.c b/library/des.c index eaddf282a..f0032b3b5 100644 --- a/library/des.c +++ b/library/des.c @@ -2,19 +2,7 @@ * FIPS-46-3 compliant Triple-DES implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * DES, on which TDES is based, was originally designed by Horst Feistel diff --git a/library/dhm.c b/library/dhm.c index 174137d54..3daf0c2d4 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -2,19 +2,7 @@ * Diffie-Hellman-Merkle key exchange * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The following sources were referenced in the design of this implementation diff --git a/library/ecdh.c b/library/ecdh.c index 58ef881f0..e060b1883 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -2,19 +2,7 @@ * Elliptic curve Diffie-Hellman * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/ecdsa.c b/library/ecdsa.c index 6e55f2205..2f7a996a7 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -2,19 +2,7 @@ * Elliptic curve DSA * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/ecjpake.c b/library/ecjpake.c index 6355b5ea5..fb13a395b 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -2,19 +2,7 @@ * Elliptic curve J-PAKE * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/ecp.c b/library/ecp.c index dfa095782..b6ea070a6 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2,19 +2,7 @@ * Elliptic curves over GF(p): generic functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 7b850e5e8..577e23b7a 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -2,19 +2,7 @@ * Elliptic curves over GF(p): curve-specific data and functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ecp_curves_new.c b/library/ecp_curves_new.c index d431dcf24..4ee0f5800 100644 --- a/library/ecp_curves_new.c +++ b/library/ecp_curves_new.c @@ -2,19 +2,7 @@ * Elliptic curves over GF(p): curve-specific data and functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ecp_internal_alt.h b/library/ecp_internal_alt.h index f663d6737..668edc74c 100644 --- a/library/ecp_internal_alt.h +++ b/library/ecp_internal_alt.h @@ -6,19 +6,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/ecp_invasive.h b/library/ecp_invasive.h index bb3b127ff..ff9f9ecf1 100644 --- a/library/ecp_invasive.h +++ b/library/ecp_invasive.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECP_INVASIVE_H #define MBEDTLS_ECP_INVASIVE_H diff --git a/library/entropy.c b/library/entropy.c index 00079176a..e3bc8516e 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -2,19 +2,7 @@ * Entropy accumulator implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/entropy_poll.c b/library/entropy_poll.c index 9d5b1e652..e8c669f9c 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -2,19 +2,7 @@ * Platform-specific and custom entropy polling functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if defined(__linux__) && !defined(_GNU_SOURCE) diff --git a/library/entropy_poll.h b/library/entropy_poll.h index be4943cce..6b4aec03e 100644 --- a/library/entropy_poll.h +++ b/library/entropy_poll.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ENTROPY_POLL_H #define MBEDTLS_ENTROPY_POLL_H diff --git a/library/gcm.c b/library/gcm.c index c8618be7c..42fd02078 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -2,19 +2,7 @@ * NIST SP800-38D compliant GCM implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/hkdf.c b/library/hkdf.c index a3f071ece..631ac24e5 100644 --- a/library/hkdf.c +++ b/library/hkdf.c @@ -2,19 +2,7 @@ * HKDF implementation -- RFC 5869 * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index af205aacb..90174d5d1 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -2,19 +2,7 @@ * HMAC_DRBG implementation (NIST SP 800-90) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/lmots.c b/library/lmots.c index 9d796943c..e09e3e529 100644 --- a/library/lmots.c +++ b/library/lmots.c @@ -2,19 +2,7 @@ * The LM-OTS one-time public-key signature scheme * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/lmots.h b/library/lmots.h index 98d1941d5..8e495c9dd 100644 --- a/library/lmots.h +++ b/library/lmots.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_LMOTS_H diff --git a/library/lms.c b/library/lms.c index c06f9c260..0c470a0c3 100644 --- a/library/lms.c +++ b/library/lms.c @@ -2,19 +2,7 @@ * The LMS stateful-hash public-key signature scheme * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/md.c b/library/md.c index 6dfbba78d..12a3ea237 100644 --- a/library/md.c +++ b/library/md.c @@ -6,19 +6,7 @@ * \author Adriaan de Jong * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/md5.c b/library/md5.c index 7e7e3ad9e..e4a87a2e0 100644 --- a/library/md5.c +++ b/library/md5.c @@ -2,19 +2,7 @@ * RFC 1321 compliant MD5 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The MD5 algorithm was designed by Ron Rivest in 1991. diff --git a/library/md_psa.h b/library/md_psa.h index 8e00bb149..b201263b1 100644 --- a/library/md_psa.h +++ b/library/md_psa.h @@ -5,19 +5,7 @@ * PSA Crypto; it is a helper for the transition period. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_MD_PSA_H #define MBEDTLS_MD_PSA_H diff --git a/library/md_wrap.h b/library/md_wrap.h index 166b43b99..dad123540 100644 --- a/library/md_wrap.h +++ b/library/md_wrap.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_MD_WRAP_H #define MBEDTLS_MD_WRAP_H diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c index e5052ce5a..79b0a8b8f 100644 --- a/library/memory_buffer_alloc.c +++ b/library/memory_buffer_alloc.c @@ -2,19 +2,7 @@ * Buffer-based memory allocator * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/mps_common.h b/library/mps_common.h index 301d52532..49e17535a 100644 --- a/library/mps_common.h +++ b/library/mps_common.h @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS (https://tls.mbed.org) */ diff --git a/library/mps_error.h b/library/mps_error.h index 5113959be..8a714a3a5 100644 --- a/library/mps_error.h +++ b/library/mps_error.h @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS (https://tls.mbed.org) */ diff --git a/library/mps_reader.c b/library/mps_reader.c index dc2a91cbc..48b393685 100644 --- a/library/mps_reader.c +++ b/library/mps_reader.c @@ -2,19 +2,7 @@ * Message Processing Stack, Reader implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS (https://tls.mbed.org) */ diff --git a/library/mps_reader.h b/library/mps_reader.h index bb912ec17..d877ee54a 100644 --- a/library/mps_reader.h +++ b/library/mps_reader.h @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS (https://tls.mbed.org) */ diff --git a/library/mps_trace.c b/library/mps_trace.c index 9ba1f85e5..cb69c6be6 100644 --- a/library/mps_trace.c +++ b/library/mps_trace.c @@ -2,19 +2,7 @@ * Message Processing Stack, Trace module * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS (https://tls.mbed.org) */ diff --git a/library/mps_trace.h b/library/mps_trace.h index f8e0a5d80..a13edd87f 100644 --- a/library/mps_trace.h +++ b/library/mps_trace.h @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS (https://tls.mbed.org) */ diff --git a/library/net_sockets.c b/library/net_sockets.c index db80447a3..2b120c551 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -2,19 +2,7 @@ * TCP/IP or UDP/IP networking functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* Enable definition of getaddrinfo() even when compiling with -std=c99. Must diff --git a/library/nist_kw.c b/library/nist_kw.c index 7bdc807bc..f15425b8b 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -3,19 +3,7 @@ * only * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Definition of Key Wrapping: diff --git a/library/oid.c b/library/oid.c index d139a6d0d..6184abe40 100644 --- a/library/oid.c +++ b/library/oid.c @@ -4,19 +4,7 @@ * \brief Object Identifier (OID) database * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/padlock.c b/library/padlock.c index 563d40e7c..1b03069ca 100644 --- a/library/padlock.c +++ b/library/padlock.c @@ -2,19 +2,7 @@ * VIA PadLock support functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * This implementation is based on the VIA PadLock Programming Guide: diff --git a/library/padlock.h b/library/padlock.h index a00afe04f..92d72af51 100644 --- a/library/padlock.h +++ b/library/padlock.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PADLOCK_H #define MBEDTLS_PADLOCK_H diff --git a/library/pem.c b/library/pem.c index bd269dda7..9500ffcf7 100644 --- a/library/pem.c +++ b/library/pem.c @@ -2,19 +2,7 @@ * Privacy Enhanced Mail (PEM) decoding * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/pk.c b/library/pk.c index 96b8ef922..5a1698f12 100644 --- a/library/pk.c +++ b/library/pk.c @@ -2,19 +2,7 @@ * Public Key abstraction layer * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/pk_internal.h b/library/pk_internal.h index 04bdbbcce..571b57e8b 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -6,19 +6,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PK_INTERNAL_H #define MBEDTLS_PK_INTERNAL_H diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 2c6783674..182d07f72 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -2,19 +2,7 @@ * Public Key abstraction layer: wrapper functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/pk_wrap.h b/library/pk_wrap.h index b1e02180a..28c815a77 100644 --- a/library/pk_wrap.h +++ b/library/pk_wrap.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PK_WRAP_H diff --git a/library/pkcs12.c b/library/pkcs12.c index 42e4fb438..160dc4768 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -2,19 +2,7 @@ * PKCS#12 Personal Information Exchange Syntax * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The PKCS #12 Personal Information Exchange Syntax Standard v1.1 diff --git a/library/pkcs5.c b/library/pkcs5.c index d10a1937c..d6209bd11 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -6,19 +6,7 @@ * \author Mathias Olsson * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * PKCS#5 includes PBKDF2 and more diff --git a/library/pkcs7.c b/library/pkcs7.c index cf05afd2c..36b49f53b 100644 --- a/library/pkcs7.c +++ b/library/pkcs7.c @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/pkparse.c b/library/pkparse.c index ef57cee80..3bb5f7be2 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -2,19 +2,7 @@ * Public Key layer for parsing key files and structures * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/pkwrite.c b/library/pkwrite.c index e38bc27de..11c020473 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -2,19 +2,7 @@ * Public Key layer for writing key files and structures * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/pkwrite.h b/library/pkwrite.h index 8cfa64b8e..544ab2f32 100644 --- a/library/pkwrite.h +++ b/library/pkwrite.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PK_WRITE_H diff --git a/library/platform.c b/library/platform.c index b15b7b29a..890c4cbab 100644 --- a/library/platform.c +++ b/library/platform.c @@ -2,19 +2,7 @@ * Platform abstraction layer * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/platform_util.c b/library/platform_util.c index fdafa1fc6..6d2dd144d 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -3,19 +3,7 @@ * library. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/poly1305.c b/library/poly1305.c index f4e1d3f88..c9ebe9e1d 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -4,19 +4,7 @@ * \brief Poly1305 authentication algorithm. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 739b07708..bbd6b24ed 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c index 6f026a0d7..49aa96193 100644 --- a/library/psa_crypto_aead.c +++ b/library/psa_crypto_aead.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_aead.h b/library/psa_crypto_aead.h index 4b24b0f68..a3392199f 100644 --- a/library/psa_crypto_aead.h +++ b/library/psa_crypto_aead.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_AEAD_H diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 38be84b0b..f0bb3aa55 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index 5ed8a7779..cc565851c 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_CIPHER_H diff --git a/library/psa_crypto_client.c b/library/psa_crypto_client.c index c3234275a..564463fed 100644 --- a/library/psa_crypto_client.c +++ b/library/psa_crypto_client.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 29b3b94bf..d406ce459 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_CORE_H diff --git a/library/psa_crypto_core_common.h b/library/psa_crypto_core_common.h index dd72ab162..98fce2cca 100644 --- a/library/psa_crypto_core_common.h +++ b/library/psa_crypto_core_common.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_CORE_COMMON_H diff --git a/library/psa_crypto_driver_wrappers_no_static.h b/library/psa_crypto_driver_wrappers_no_static.h index 4985403cd..cd617f60e 100644 --- a/library/psa_crypto_driver_wrappers_no_static.h +++ b/library/psa_crypto_driver_wrappers_no_static.h @@ -3,19 +3,7 @@ * cryptographic accelerators. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_DRIVER_WRAPPERS_NO_STATIC_H diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 5c7786504..e4a372d24 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h index f4ad3d277..a9f5d59de 100644 --- a/library/psa_crypto_ecp.h +++ b/library/psa_crypto_ecp.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_ECP_H diff --git a/library/psa_crypto_ffdh.c b/library/psa_crypto_ffdh.c index 20dfd2dcf..a57f02e5e 100644 --- a/library/psa_crypto_ffdh.c +++ b/library/psa_crypto_ffdh.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_ffdh.h b/library/psa_crypto_ffdh.h index 67e5444fc..baeb9286c 100644 --- a/library/psa_crypto_ffdh.h +++ b/library/psa_crypto_ffdh.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_FFDH_H diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index dad182616..eeb7666c1 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index 2dfb0115e..0a7be8055 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_HASH_H diff --git a/library/psa_crypto_invasive.h b/library/psa_crypto_invasive.h index 408c39bfe..8b445a106 100644 --- a/library/psa_crypto_invasive.h +++ b/library/psa_crypto_invasive.h @@ -10,19 +10,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_INVASIVE_H diff --git a/library/psa_crypto_its.h b/library/psa_crypto_its.h index 3ceee49be..877063b87 100644 --- a/library/psa_crypto_its.h +++ b/library/psa_crypto_its.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_ITS_H diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index 2f2c51dce..8fe621811 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h index 4f8024a9e..2f614bcc6 100644 --- a/library/psa_crypto_mac.h +++ b/library/psa_crypto_mac.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_MAC_H diff --git a/library/psa_crypto_pake.c b/library/psa_crypto_pake.c index db00cbd28..9ac2e8c48 100644 --- a/library/psa_crypto_pake.c +++ b/library/psa_crypto_pake.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_pake.h b/library/psa_crypto_pake.h index f21b0e672..3d3ee0cc9 100644 --- a/library/psa_crypto_pake.h +++ b/library/psa_crypto_pake.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_PAKE_H diff --git a/library/psa_crypto_random_impl.h b/library/psa_crypto_random_impl.h index 8719d9c70..64b894914 100644 --- a/library/psa_crypto_random_impl.h +++ b/library/psa_crypto_random_impl.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_RANDOM_IMPL_H diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 065e55af1..0679f41ea 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_rsa.h b/library/psa_crypto_rsa.h index bc24ef5d5..e4c5caf6f 100644 --- a/library/psa_crypto_rsa.h +++ b/library/psa_crypto_rsa.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_RSA_H diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 9db3dedce..7a36a4f3a 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index 850ea8f6f..e0bd5acfb 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_SE_H diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 92646c07c..3b8a319cb 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index c8366abeb..6041a3528 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_SLOT_MANAGEMENT_H diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 574d4b05e..13a3c8a90 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 37ca46e28..b6b5e154a 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_STORAGE_H diff --git a/library/psa_its_file.c b/library/psa_its_file.c index 97486165e..3f32d7d4e 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_util.c b/library/psa_util.c index dd5e13455..0225bbf02 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_util_internal.h b/library/psa_util_internal.h index 4a36dbf88..fcc79aef4 100644 --- a/library/psa_util_internal.h +++ b/library/psa_util_internal.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PSA_UTIL_INTERNAL_H diff --git a/library/ripemd160.c b/library/ripemd160.c index 49fee8579..b4fc3cdba 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -2,19 +2,7 @@ * RIPE MD-160 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/rsa.c b/library/rsa.c index 802bf5d24..38c3dd6be 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2,19 +2,7 @@ * The RSA public-key cryptosystem * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/rsa_alt_helpers.c b/library/rsa_alt_helpers.c index 5cc4636e4..5c265a992 100644 --- a/library/rsa_alt_helpers.c +++ b/library/rsa_alt_helpers.c @@ -2,19 +2,7 @@ * Helper functions for the RSA module * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ diff --git a/library/rsa_alt_helpers.h b/library/rsa_alt_helpers.h index 3b22ba853..ca0840b2a 100644 --- a/library/rsa_alt_helpers.h +++ b/library/rsa_alt_helpers.h @@ -36,19 +36,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ diff --git a/library/sha1.c b/library/sha1.c index 28a57b644..dfbe481f3 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -2,19 +2,7 @@ * FIPS-180-1 compliant SHA-1 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The SHA-1 standard was published by NIST in 1993. diff --git a/library/sha256.c b/library/sha256.c index 596b2c533..45ad6d86d 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -2,19 +2,7 @@ * FIPS-180-2 compliant SHA-256 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The SHA-256 Secure Hash Standard was published by NIST in 2002. diff --git a/library/sha3.c b/library/sha3.c index 4c1a1a9d4..d90fefaea 100644 --- a/library/sha3.c +++ b/library/sha3.c @@ -2,19 +2,7 @@ * FIPS-202 compliant SHA3 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The SHA-3 Secure Hash Standard was published by NIST in 2015. diff --git a/library/sha512.c b/library/sha512.c index e739af254..e7af12175 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -2,19 +2,7 @@ * FIPS-180-2 compliant SHA-384/512 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The SHA-512 Secure Hash Standard was published by NIST in 2002. diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 929c28bec..772cb8fdf 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -2,19 +2,7 @@ * SSL session cache implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * These session callbacks use a simple chained list diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 95aa5816c..dc027e555 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -4,19 +4,7 @@ * \brief SSL ciphersuites for Mbed TLS * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ssl_client.c b/library/ssl_client.c index 1a56f1ebe..eabdc75ac 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -2,19 +2,7 @@ * TLS 1.2 and 1.3 client-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS ( https://tls.mbed.org ) */ diff --git a/library/ssl_client.h b/library/ssl_client.h index f57bea33f..05ee7e4cc 100644 --- a/library/ssl_client.h +++ b/library/ssl_client.h @@ -2,19 +2,7 @@ * TLS 1.2 and 1.3 client-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_CLIENT_H diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 098acedd3..ee81eb420 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -2,19 +2,7 @@ * DTLS cookie callbacks implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * These session callbacks use a simple chained list diff --git a/library/ssl_debug_helpers.h b/library/ssl_debug_helpers.h index 5c22ed221..2b0e73772 100644 --- a/library/ssl_debug_helpers.h +++ b/library/ssl_debug_helpers.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_DEBUG_HELPERS_H diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 2d78fd47c..76a2e9fe4 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_MISC_H #define MBEDTLS_SSL_MISC_H diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 12b8f9bf0..cffd1c90f 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -3,19 +3,7 @@ * (record layer + retransmission state machine) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * http://www.ietf.org/rfc/rfc2246.txt diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 1adaa07fe..875abcbb3 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -2,19 +2,7 @@ * TLS server tickets callbacks implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 827b7fbcf..a2c382286 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2,19 +2,7 @@ * TLS shared functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * http://www.ietf.org/rfc/rfc2246.txt diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 27bbafa06..9aa46bd15 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -2,19 +2,7 @@ * TLS client-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 6367e4683..b007e5c66 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -2,19 +2,7 @@ * TLS server-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index c6fa3b390..e06e4c91e 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2,19 +2,7 @@ * TLS 1.3 client-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS ( https://tls.mbed.org ) */ diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 3c8d448c6..cc77a9438 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -2,19 +2,7 @@ * TLS 1.3 functionality shared between client and server * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ssl_tls13_invasive.h b/library/ssl_tls13_invasive.h index 3fb79a95d..b4506f71c 100644 --- a/library/ssl_tls13_invasive.h +++ b/library/ssl_tls13_invasive.h @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_TLS13_INVASIVE_H diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 5ae621005..45c495dfe 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -2,7 +2,7 @@ * TLS 1.3 key schedule * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * Licensed under the Apache License, Version 2.0 ( the "License" ); you may * not use this file except in compliance with the License. diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h index 21e9b4d73..151b7c7c1 100644 --- a/library/ssl_tls13_keys.h +++ b/library/ssl_tls13_keys.h @@ -2,7 +2,7 @@ * TLS 1.3 key schedule * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * Licensed under the Apache License, Version 2.0 ( the "License" ); you may * not use this file except in compliance with the License. diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 6445a00a1..815c0a9f0 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2,19 +2,7 @@ * TLS 1.3 server-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/threading.c b/library/threading.c index 130c6963d..52fe8fca9 100644 --- a/library/threading.c +++ b/library/threading.c @@ -2,19 +2,7 @@ * Threading abstraction layer * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/timing.c b/library/timing.c index 6852033ea..58f1c1ec2 100644 --- a/library/timing.c +++ b/library/timing.c @@ -2,19 +2,7 @@ * Portable interface to the CPU cycle counter * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/version.c b/library/version.c index 4f78c9cb1..04397332b 100644 --- a/library/version.c +++ b/library/version.c @@ -2,19 +2,7 @@ * Version information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/x509.c b/library/x509.c index 990393c31..b7b71f33c 100644 --- a/library/x509.c +++ b/library/x509.c @@ -2,19 +2,7 @@ * X.509 common functions for parsing and verification * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The ITU-T X.509 standard defines a certificate format for PKI. diff --git a/library/x509_create.c b/library/x509_create.c index 62fb119ba..424cce1d9 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -2,19 +2,7 @@ * X.509 base functions for creating certificates / CSRs * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/x509_crl.c b/library/x509_crl.c index 79ace8fa0..cad784eeb 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -2,19 +2,7 @@ * X.509 Certificate Revocation List (CRL) parsing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The ITU-T X.509 standard defines a certificate format for PKI. diff --git a/library/x509_crt.c b/library/x509_crt.c index e9153e710..f41eb47d7 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -2,19 +2,7 @@ * X.509 certificate parsing and verification * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The ITU-T X.509 standard defines a certificate format for PKI. diff --git a/library/x509_csr.c b/library/x509_csr.c index 0b2bb6f3b..b48b3a4ac 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -2,19 +2,7 @@ * X.509 Certificate Signing Request (CSR) parsing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The ITU-T X.509 standard defines a certificate format for PKI. diff --git a/library/x509write.c b/library/x509write.c index 5628c29ef..d434df507 100644 --- a/library/x509write.c +++ b/library/x509write.c @@ -2,19 +2,7 @@ * X.509 internal, common functions for writing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" #if defined(MBEDTLS_X509_CSR_WRITE_C) || defined(MBEDTLS_X509_CRT_WRITE_C) diff --git a/library/x509write_crt.c b/library/x509write_crt.c index a8a3022cb..4c019eee4 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -2,19 +2,7 @@ * X.509 certificate writing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * References: diff --git a/library/x509write_csr.c b/library/x509write_csr.c index d996052ba..4e397553a 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -2,19 +2,7 @@ * X.509 Certificate Signing Request writing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * References: diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index 1d9b522a3..226718bc6 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -3,19 +3,7 @@ * security. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* Enable definition of fileno() even when compiling with -std=c99. Must be diff --git a/programs/cipher/cipher_aead_demo.c b/programs/cipher/cipher_aead_demo.c index ce3925628..853ec202c 100644 --- a/programs/cipher/cipher_aead_demo.c +++ b/programs/cipher/cipher_aead_demo.c @@ -25,19 +25,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index 995694af0..3fd2b0089 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -2,19 +2,7 @@ * generic message digest layer demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/hash/hello.c b/programs/hash/hello.c index 7bb27ad4a..8caae8851 100644 --- a/programs/hash/hello.c +++ b/programs/hash/hello.c @@ -2,19 +2,7 @@ * Classic "Hello, world" demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/hash/md_hmac_demo.c b/programs/hash/md_hmac_demo.c index 4c812fbd8..581816a1d 100644 --- a/programs/hash/md_hmac_demo.c +++ b/programs/hash/md_hmac_demo.c @@ -20,19 +20,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 5a2c30fc2..946e049d7 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -2,19 +2,7 @@ * Diffie-Hellman-Merkle key exchange (client side) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index 1f4cd59ee..6872e61e3 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -2,19 +2,7 @@ * Diffie-Hellman-Merkle key exchange (prime generation) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index c940be0c0..adddbf2fb 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -2,19 +2,7 @@ * Diffie-Hellman-Merkle key exchange (server side) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/ecdh_curve25519.c b/programs/pkey/ecdh_curve25519.c index 980441707..fedfcc9fe 100644 --- a/programs/pkey/ecdh_curve25519.c +++ b/programs/pkey/ecdh_curve25519.c @@ -2,19 +2,7 @@ * Example ECDHE with Curve25519 program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index 953c14450..afd6fb31a 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -2,19 +2,7 @@ * Example ECDSA program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index 99e88505c..f6bb23787 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -2,19 +2,7 @@ * Key generation application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index cd16e3320..194c4102d 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -2,19 +2,7 @@ * Key reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index 179094cb5..c07c56464 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -2,19 +2,7 @@ * Key writing application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/mpi_demo.c b/programs/pkey/mpi_demo.c index 88d745e92..e83aa3259 100644 --- a/programs/pkey/mpi_demo.c +++ b/programs/pkey/mpi_demo.c @@ -2,19 +2,7 @@ * Simple MPI demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index f60c946ed..b8f7943d6 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -2,19 +2,7 @@ * Public key-based simple decryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c index 04e5cc702..a916bc6e2 100644 --- a/programs/pkey/pk_encrypt.c +++ b/programs/pkey/pk_encrypt.c @@ -2,19 +2,7 @@ * RSA simple data encryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 57bd796c8..59347addb 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -2,19 +2,7 @@ * Public key-based signature creation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index bca985b14..3127df540 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -2,19 +2,7 @@ * Public key-based signature verification program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c index 0462ba697..76bfddf5c 100644 --- a/programs/pkey/rsa_decrypt.c +++ b/programs/pkey/rsa_decrypt.c @@ -2,19 +2,7 @@ * RSA simple decryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index 2126a9b9b..4bbb54e7d 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -2,19 +2,7 @@ * RSA simple data encryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index 17f6d6591..dc58215f7 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -2,19 +2,7 @@ * Example RSA key generation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index 64375e9e7..9d8ebe39a 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -2,19 +2,7 @@ * RSA/SHA-256 signature creation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index 999669e66..3a1f7473b 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -2,19 +2,7 @@ * RSASSA-PSS/SHA-256 signature creation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index d525010df..e7d72fd52 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -2,19 +2,7 @@ * RSA/SHA-256 signature verification program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index 8a1fb5908..afbbfa9d4 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -2,19 +2,7 @@ * RSASSA-PSS/SHA-256 signature verification program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/psa/aead_demo.c b/programs/psa/aead_demo.c index 0c2413e61..619166dba 100644 --- a/programs/psa/aead_demo.c +++ b/programs/psa/aead_demo.c @@ -26,19 +26,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 3f109d839..b755f09ef 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "psa/crypto.h" diff --git a/programs/psa/hmac_demo.c b/programs/psa/hmac_demo.c index f25cdeb83..205505407 100644 --- a/programs/psa/hmac_demo.c +++ b/programs/psa/hmac_demo.c @@ -20,19 +20,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index a79fac640..2734ceb7f 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -32,19 +32,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/psa/key_ladder_demo.sh b/programs/psa/key_ladder_demo.sh index bb4a24f75..e55da7ead 100755 --- a/programs/psa/key_ladder_demo.sh +++ b/programs/psa/key_ladder_demo.sh @@ -1,19 +1,7 @@ #!/bin/sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later . "${0%/*}/../demo_common.sh" diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index 88426854d..0baf4a065 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/programs/psa/psa_hash.c b/programs/psa/psa_hash.c index d3a6bf857..c5244d6d4 100644 --- a/programs/psa/psa_hash.c +++ b/programs/psa/psa_hash.c @@ -9,19 +9,7 @@ * * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "psa/crypto.h" diff --git a/programs/random/gen_entropy.c b/programs/random/gen_entropy.c index cc3217169..887b2c988 100644 --- a/programs/random/gen_entropy.c +++ b/programs/random/gen_entropy.c @@ -2,19 +2,7 @@ * \brief Use and generate multiple entropies calls into a file * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/random/gen_random_ctr_drbg.c b/programs/random/gen_random_ctr_drbg.c index e1db16eeb..0eecf0ad4 100644 --- a/programs/random/gen_random_ctr_drbg.c +++ b/programs/random/gen_random_ctr_drbg.c @@ -2,19 +2,7 @@ * \brief Use and generate random data into a file via the CTR_DBRG based on AES * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index f0abcabc7..ddb3c34b9 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -2,19 +2,7 @@ * Simple DTLS client demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index b11a4f5b4..732625e7f 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -2,19 +2,7 @@ * Simple DTLS server demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index e8f4797b8..6bef2085c 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c @@ -3,19 +3,7 @@ * (meant to be used with config-suite-b.h or config-ccm-psk-tls1_2.h) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index 259b8f930..ee734b1ed 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -2,19 +2,7 @@ * SSL client demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 6e6482000..aa3bc40ec 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -2,19 +2,7 @@ * SSL client with certificate authentication * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index 9744c58d5..3867f83ce 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -2,19 +2,7 @@ * Mbed TLS SSL context deserializer from base64 code * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 6734a14d9..f4822b7e6 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -2,19 +2,7 @@ * SSL server demonstration program using fork() for handling multiple clients * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 1e648e8af..febb881c8 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -2,19 +2,7 @@ * SSL client for SMTP servers * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* Enable definition of gethostname() even when compiling with -std=c99. Must diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index 12d3057b4..fcb8f2f4d 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -3,19 +3,7 @@ * clients. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index ad82567f4..6becf8d91 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -2,19 +2,7 @@ * SSL server demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index c99703dd5..7d1ea57fc 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2,19 +2,7 @@ * SSL client with options * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index 67fc06115..1ff2077d4 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -9,19 +9,7 @@ * This file is meant to be #include'd and cannot be compiled separately. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ void eap_tls_key_derivation(void *p_expkey, diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c index aea056b68..6e0c6153f 100644 --- a/programs/ssl/ssl_test_lib.c +++ b/programs/ssl/ssl_test_lib.c @@ -5,19 +5,7 @@ * that cannot be compiled separately in "ssl_test_common_source.c". * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/ssl/ssl_test_lib.h b/programs/ssl/ssl_test_lib.h index ef0dba718..d06e0997d 100644 --- a/programs/ssl/ssl_test_lib.h +++ b/programs/ssl/ssl_test_lib.h @@ -2,19 +2,7 @@ * Common code for SSL test programs * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index d8237f544..3d751d026 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -2,19 +2,7 @@ * Benchmark demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/test/cmake_package/cmake_package.c b/programs/test/cmake_package/cmake_package.c index 86e10776c..729800ad8 100644 --- a/programs/test/cmake_package/cmake_package.c +++ b/programs/test/cmake_package/cmake_package.c @@ -2,19 +2,7 @@ * Simple program to test that Mbed TLS builds correctly as a CMake package. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/test/cmake_package_install/cmake_package_install.c b/programs/test/cmake_package_install/cmake_package_install.c index 9aa4c3b1d..44a2adadf 100644 --- a/programs/test/cmake_package_install/cmake_package_install.c +++ b/programs/test/cmake_package_install/cmake_package_install.c @@ -3,19 +3,7 @@ * package. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/test/cmake_subproject/cmake_subproject.c b/programs/test/cmake_subproject/cmake_subproject.c index d56b9a9cb..8b4f18e28 100644 --- a/programs/test/cmake_subproject/cmake_subproject.c +++ b/programs/test/cmake_subproject/cmake_subproject.c @@ -3,19 +3,7 @@ * work correctly. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/test/dlopen.c b/programs/test/dlopen.c index 2dcda3bb2..f24125423 100644 --- a/programs/test/dlopen.c +++ b/programs/test/dlopen.c @@ -2,19 +2,7 @@ * Test dynamic loading of libmbed* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/test/dlopen_demo.sh b/programs/test/dlopen_demo.sh index b162d7b5f..7280f1d70 100755 --- a/programs/test/dlopen_demo.sh +++ b/programs/test/dlopen_demo.sh @@ -4,19 +4,7 @@ # This is only expected to work when Mbed TLS is built as a shared library. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later . "${0%/*}/../demo_common.sh" diff --git a/programs/test/generate_cpp_dummy_build.sh b/programs/test/generate_cpp_dummy_build.sh index a55051652..0b4bd0b7b 100755 --- a/programs/test/generate_cpp_dummy_build.sh +++ b/programs/test/generate_cpp_dummy_build.sh @@ -14,19 +14,7 @@ EOF fi # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -e @@ -41,19 +29,8 @@ print_cpp () { * can be included and built with a C++ compiler. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/test/query_compile_time_config.c b/programs/test/query_compile_time_config.c index df0fe4a70..a70e6daef 100644 --- a/programs/test/query_compile_time_config.c +++ b/programs/test/query_compile_time_config.c @@ -2,19 +2,7 @@ * Query the Mbed TLS compile time configuration * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/test/query_config.h b/programs/test/query_config.h index ade73d080..43f120bf0 100644 --- a/programs/test/query_config.h +++ b/programs/test/query_config.h @@ -2,19 +2,7 @@ * Query Mbed TLS compile time configurations from mbedtls_config.h * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H diff --git a/programs/test/query_included_headers.c b/programs/test/query_included_headers.c index 383a2ffc8..cdafa1620 100644 --- a/programs/test/query_included_headers.c +++ b/programs/test/query_included_headers.c @@ -1,19 +1,7 @@ /* Ad hoc report on included headers. */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/programs/test/selftest.c b/programs/test/selftest.c index cc5e00ed3..61dde5ed1 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -2,19 +2,7 @@ * Self-test demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 685e336e6..c6b56ec09 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -2,19 +2,7 @@ * UDP proxy: emulate an unreliable UDP connection for DTLS testing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/programs/test/udp_proxy_wrapper.sh b/programs/test/udp_proxy_wrapper.sh index 27de01390..aa6a6d10f 100755 --- a/programs/test/udp_proxy_wrapper.sh +++ b/programs/test/udp_proxy_wrapper.sh @@ -3,19 +3,7 @@ # Usage: udp_proxy_wrapper.sh [PROXY_PARAM...] -- [SERVER_PARAM...] # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -u diff --git a/programs/test/zeroize.c b/programs/test/zeroize.c index b7842c4ef..1e9b98d71 100644 --- a/programs/test/zeroize.c +++ b/programs/test/zeroize.c @@ -10,19 +10,7 @@ * call to mbedtls_platform_zeroize() was not eliminated. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/util/pem2der.c b/programs/util/pem2der.c index 5dd367a0c..d682c2b06 100644 --- a/programs/util/pem2der.c +++ b/programs/util/pem2der.c @@ -2,19 +2,7 @@ * Convert PEM to DER * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/util/strerror.c b/programs/util/strerror.c index 4bfd8a1c2..316f28614 100644 --- a/programs/util/strerror.c +++ b/programs/util/strerror.c @@ -2,19 +2,7 @@ * Translate error code to error string * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/wince_main.c b/programs/wince_main.c index be98eae5e..e817b9f5f 100644 --- a/programs/wince_main.c +++ b/programs/wince_main.c @@ -2,19 +2,7 @@ * Windows CE console application entry point * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if defined(_WIN32_WCE) diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 51a79ecb5..cb1e5bc4e 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -2,19 +2,7 @@ * Certificate reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index 7e2a6bd8e..072441bef 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -2,19 +2,7 @@ * Certificate request generation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index d8660dc95..8395f746f 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -2,19 +2,7 @@ * Certificate generation and signing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index 6c671ff3f..5e3fd5a94 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -2,19 +2,7 @@ * CRL reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/x509/load_roots.c b/programs/x509/load_roots.c index d024e9822..a975405ea 100644 --- a/programs/x509/load_roots.c +++ b/programs/x509/load_roots.c @@ -2,7 +2,7 @@ * Root CA reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later OR GPL-2.0-or-later * * This file is provided under the Apache License 2.0, or the * GNU General Public License v2.0 or later. @@ -10,18 +10,6 @@ * ********** * Apache License 2.0: * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * * ********** * * ********** diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index 64b9f0bb2..fff0983f0 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -2,19 +2,7 @@ * Certificate request reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/scripts/abi_check.py b/scripts/abi_check.py index ac1d60ffd..8a604c4e2 100755 --- a/scripts/abi_check.py +++ b/scripts/abi_check.py @@ -84,19 +84,7 @@ function name and parameter list. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import glob import os diff --git a/scripts/apidoc_full.sh b/scripts/apidoc_full.sh index cf01e1f8e..34daf37b5 100755 --- a/scripts/apidoc_full.sh +++ b/scripts/apidoc_full.sh @@ -8,19 +8,7 @@ # when multiple targets are invoked in the same parallel build. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/scripts/assemble_changelog.py b/scripts/assemble_changelog.py index e8081012a..d5f705c1c 100755 --- a/scripts/assemble_changelog.py +++ b/scripts/assemble_changelog.py @@ -19,19 +19,7 @@ You must run this program from within a git working directory. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse from collections import OrderedDict, namedtuple diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 19d90bce7..86ed74ead 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -1,19 +1,7 @@ #!/bin/bash # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py index e764e9d22..ad9b325bd 100755 --- a/scripts/code_size_compare.py +++ b/scripts/code_size_compare.py @@ -9,19 +9,7 @@ Note: must be run from Mbed TLS root. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import logging diff --git a/scripts/code_style.py b/scripts/code_style.py index ddd0a9800..08ec4af42 100755 --- a/scripts/code_style.py +++ b/scripts/code_style.py @@ -4,19 +4,7 @@ This script must be run from the root of a Git work tree containing Mbed TLS. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import os import re diff --git a/scripts/config.pl b/scripts/config.pl index 5dd89d225..ca02b9046 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -2,19 +2,8 @@ # Backward compatibility redirection ## Copyright The Mbed TLS Contributors -## SPDX-License-Identifier: Apache-2.0 +## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later ## -## Licensed under the Apache License, Version 2.0 (the "License"); you may -## not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. my $py = $0; $py =~ s/\.pl$/.py/ or die "Unable to determine the name of the Python script"; diff --git a/scripts/config.py b/scripts/config.py index 5f49f2d8c..30e55f6a9 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -13,19 +13,8 @@ Basic usage, to read the Mbed TLS configuration: # in parts that are not backported to 2.28. ## Copyright The Mbed TLS Contributors -## SPDX-License-Identifier: Apache-2.0 +## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later ## -## Licensed under the Apache License, Version 2.0 (the "License"); you may -## not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. import os import re diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja index 8670bbde5..924b08cd5 100644 --- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja +++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja @@ -4,19 +4,7 @@ * Warning: This file is now auto-generated. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja index dbe424c03..2aae62850 100644 --- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja +++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja @@ -4,19 +4,7 @@ * Warning: This file is now auto-generated. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index 077500302..781e72a91 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -2,19 +2,7 @@ * Error message information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt index e7e6fc602..b60aba010 100644 --- a/scripts/data_files/query_config.fmt +++ b/scripts/data_files/query_config.fmt @@ -2,19 +2,7 @@ * Query Mbed TLS compile time configurations from mbedtls_config.h * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/scripts/data_files/version_features.fmt b/scripts/data_files/version_features.fmt index 0e4059760..d820d4d1a 100644 --- a/scripts/data_files/version_features.fmt +++ b/scripts/data_files/version_features.fmt @@ -2,19 +2,7 @@ * Version feature information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/scripts/ecc-heap.sh b/scripts/ecc-heap.sh index 43fc7dfa1..3eb2ff449 100755 --- a/scripts/ecc-heap.sh +++ b/scripts/ecc-heap.sh @@ -8,19 +8,7 @@ # scripts/ecc-heap.sh | tee ecc-heap.log # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/scripts/ecp_comb_table.py b/scripts/ecp_comb_table.py index 6719be1c3..6146e881c 100755 --- a/scripts/ecp_comb_table.py +++ b/scripts/ecp_comb_table.py @@ -7,19 +7,7 @@ can use this script to generate codes to define `_T` in ecp_curves.c """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import os import subprocess diff --git a/scripts/footprint.sh b/scripts/footprint.sh index ae95db4a1..614a49309 100755 --- a/scripts/footprint.sh +++ b/scripts/footprint.sh @@ -1,19 +1,7 @@ #!/bin/sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py index e0f282792..2fdc4cd0b 100755 --- a/scripts/generate_driver_wrappers.py +++ b/scripts/generate_driver_wrappers.py @@ -7,19 +7,7 @@ based on template files in script/data_files/driver_templates/. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import sys import os diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 664a349e9..0134c94f0 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -6,19 +6,7 @@ # or generate_errors.pl include_dir data_dir error_file # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; use warnings; diff --git a/scripts/generate_features.pl b/scripts/generate_features.pl index 49cca2ec3..cea8c115a 100755 --- a/scripts/generate_features.pl +++ b/scripts/generate_features.pl @@ -1,19 +1,7 @@ #!/usr/bin/env perl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 960a07986..f13b507d0 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -12,19 +12,7 @@ file is written: """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import os import sys diff --git a/scripts/generate_query_config.pl b/scripts/generate_query_config.pl index 69eca8344..39743da6d 100755 --- a/scripts/generate_query_config.pl +++ b/scripts/generate_query_config.pl @@ -19,19 +19,7 @@ # generate_query_config.pl mbedtls_config_file psa_crypto_config_file template_file output_file # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/scripts/generate_ssl_debug_helpers.py b/scripts/generate_ssl_debug_helpers.py index 19be41521..a0544f153 100755 --- a/scripts/generate_ssl_debug_helpers.py +++ b/scripts/generate_ssl_debug_helpers.py @@ -8,19 +8,7 @@ implemented by fixed codes. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import sys import re import os @@ -356,19 +344,8 @@ OUTPUT_C_TEMPLATE = '''\ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. */ #include "common.h" diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index 4fad322a6..7f5609820 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -7,19 +7,7 @@ # Takes no argument. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; diff --git a/scripts/lcov.sh b/scripts/lcov.sh index 6bba02fd2..7d23636b7 100755 --- a/scripts/lcov.sh +++ b/scripts/lcov.sh @@ -26,19 +26,7 @@ EOF } # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/scripts/massif_max.pl b/scripts/massif_max.pl index eaf56aee7..52ca606b5 100755 --- a/scripts/massif_max.pl +++ b/scripts/massif_max.pl @@ -3,19 +3,7 @@ # Parse a massif.out.xxx file and output peak total memory usage # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; diff --git a/scripts/mbedtls_dev/asymmetric_key_data.py b/scripts/mbedtls_dev/asymmetric_key_data.py index 6fd6223f3..ef3e3a05e 100644 --- a/scripts/mbedtls_dev/asymmetric_key_data.py +++ b/scripts/mbedtls_dev/asymmetric_key_data.py @@ -4,19 +4,8 @@ Meant for use in crypto_knowledge.py. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import binascii import re diff --git a/scripts/mbedtls_dev/bignum_common.py b/scripts/mbedtls_dev/bignum_common.py index 3bef16db6..eebc858b2 100644 --- a/scripts/mbedtls_dev/bignum_common.py +++ b/scripts/mbedtls_dev/bignum_common.py @@ -1,18 +1,7 @@ """Common features for bignum in test generation framework.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. from abc import abstractmethod import enum diff --git a/scripts/mbedtls_dev/bignum_core.py b/scripts/mbedtls_dev/bignum_core.py index 563492b29..909f6a306 100644 --- a/scripts/mbedtls_dev/bignum_core.py +++ b/scripts/mbedtls_dev/bignum_core.py @@ -1,18 +1,7 @@ """Framework classes for generation of bignum core test cases.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import random diff --git a/scripts/mbedtls_dev/bignum_data.py b/scripts/mbedtls_dev/bignum_data.py index 897e31989..5c6c2c81e 100644 --- a/scripts/mbedtls_dev/bignum_data.py +++ b/scripts/mbedtls_dev/bignum_data.py @@ -1,19 +1,8 @@ """Base values and datasets for bignum generated tests and helper functions that produced them.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import random diff --git a/scripts/mbedtls_dev/bignum_mod.py b/scripts/mbedtls_dev/bignum_mod.py index 77c7b1bbd..f554001ec 100644 --- a/scripts/mbedtls_dev/bignum_mod.py +++ b/scripts/mbedtls_dev/bignum_mod.py @@ -1,18 +1,7 @@ """Framework classes for generation of bignum mod test cases.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. from typing import Dict, List diff --git a/scripts/mbedtls_dev/bignum_mod_raw.py b/scripts/mbedtls_dev/bignum_mod_raw.py index 7121f2f49..37ad27a11 100644 --- a/scripts/mbedtls_dev/bignum_mod_raw.py +++ b/scripts/mbedtls_dev/bignum_mod_raw.py @@ -1,18 +1,7 @@ """Framework classes for generation of bignum mod_raw test cases.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. from typing import Iterator, List diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index 2e10c88e2..a657a5138 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import os import inspect diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py index 9bd17d608..f2cbbe4af 100644 --- a/scripts/mbedtls_dev/c_build_helper.py +++ b/scripts/mbedtls_dev/c_build_helper.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import os import platform diff --git a/scripts/mbedtls_dev/crypto_data_tests.py b/scripts/mbedtls_dev/crypto_data_tests.py index 7593952da..a36de692e 100644 --- a/scripts/mbedtls_dev/crypto_data_tests.py +++ b/scripts/mbedtls_dev/crypto_data_tests.py @@ -4,19 +4,8 @@ This module is a work in progress, only implementing a few cases for now. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import hashlib from typing import Callable, Dict, Iterator, List, Optional #pylint: disable=unused-import diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py index 45d253b9b..285d6c638 100644 --- a/scripts/mbedtls_dev/crypto_knowledge.py +++ b/scripts/mbedtls_dev/crypto_knowledge.py @@ -4,19 +4,8 @@ This module is entirely based on the PSA API. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import enum import re diff --git a/scripts/mbedtls_dev/ecp.py b/scripts/mbedtls_dev/ecp.py index 410c77e11..b40f3b126 100644 --- a/scripts/mbedtls_dev/ecp.py +++ b/scripts/mbedtls_dev/ecp.py @@ -1,18 +1,7 @@ """Framework classes for generation of ecp test cases.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. from typing import List diff --git a/scripts/mbedtls_dev/logging_util.py b/scripts/mbedtls_dev/logging_util.py index db1ebfe5c..ddd7c7fd6 100644 --- a/scripts/mbedtls_dev/logging_util.py +++ b/scripts/mbedtls_dev/logging_util.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import logging import sys diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py index 3cad2a3f6..d68be00bd 100644 --- a/scripts/mbedtls_dev/macro_collector.py +++ b/scripts/mbedtls_dev/macro_collector.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import itertools import re diff --git a/scripts/mbedtls_dev/psa_information.py b/scripts/mbedtls_dev/psa_information.py index a82df41df..32e500977 100644 --- a/scripts/mbedtls_dev/psa_information.py +++ b/scripts/mbedtls_dev/psa_information.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import re from typing import Dict, FrozenSet, List, Optional diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py index 737760fd4..b1fc37710 100644 --- a/scripts/mbedtls_dev/psa_storage.py +++ b/scripts/mbedtls_dev/psa_storage.py @@ -7,19 +7,8 @@ before changing how test data is constructed or validated. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import re import struct diff --git a/scripts/mbedtls_dev/test_case.py b/scripts/mbedtls_dev/test_case.py index 8f0870367..6ed5e849d 100644 --- a/scripts/mbedtls_dev/test_case.py +++ b/scripts/mbedtls_dev/test_case.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import binascii import os diff --git a/scripts/mbedtls_dev/test_data_generation.py b/scripts/mbedtls_dev/test_data_generation.py index 02aa51051..a84f7dd2f 100644 --- a/scripts/mbedtls_dev/test_data_generation.py +++ b/scripts/mbedtls_dev/test_data_generation.py @@ -7,19 +7,8 @@ These are used both by generate_psa_tests.py and generate_bignum_tests.py. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import argparse import os diff --git a/scripts/mbedtls_dev/typing_util.py b/scripts/mbedtls_dev/typing_util.py index 4c344492c..2ec448d00 100644 --- a/scripts/mbedtls_dev/typing_util.py +++ b/scripts/mbedtls_dev/typing_util.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. from typing import Any diff --git a/scripts/memory.sh b/scripts/memory.sh index e3ce9d6d1..d119374d5 100755 --- a/scripts/memory.sh +++ b/scripts/memory.sh @@ -7,19 +7,7 @@ # since for memory we want debug information. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/scripts/min_requirements.py b/scripts/min_requirements.py index c00d58e05..9888abe08 100755 --- a/scripts/min_requirements.py +++ b/scripts/min_requirements.py @@ -3,19 +3,7 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import os diff --git a/scripts/output_env.sh b/scripts/output_env.sh index 302f3fdaa..b056ffde6 100755 --- a/scripts/output_env.sh +++ b/scripts/output_env.sh @@ -3,19 +3,7 @@ # output_env.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/scripts/prepare_release.sh b/scripts/prepare_release.sh index 800383d2c..7f972e070 100755 --- a/scripts/prepare_release.sh +++ b/scripts/prepare_release.sh @@ -12,19 +12,7 @@ EOF } # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/scripts/tmp_ignore_makefiles.sh b/scripts/tmp_ignore_makefiles.sh index 558970f54..455f892a2 100755 --- a/scripts/tmp_ignore_makefiles.sh +++ b/scripts/tmp_ignore_makefiles.sh @@ -4,19 +4,7 @@ # git development # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later IGNORE="" diff --git a/tests/compat-in-docker.sh b/tests/compat-in-docker.sh index 29c87877d..e703c5723 100755 --- a/tests/compat-in-docker.sh +++ b/tests/compat-in-docker.sh @@ -22,19 +22,7 @@ # - compat.sh for notes about invocation of that script. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh diff --git a/tests/compat.sh b/tests/compat.sh index 6506e6c09..8d615d563 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -3,19 +3,7 @@ # compat.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/configs/tls13-only.h b/tests/configs/tls13-only.h index 38286d1fd..d825ee92c 100644 --- a/tests/configs/tls13-only.h +++ b/tests/configs/tls13-only.h @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* Enable TLS 1.3 and core 1.3 features */ diff --git a/tests/configs/user-config-for-test.h b/tests/configs/user-config-for-test.h index a9386a236..639496be6 100644 --- a/tests/configs/user-config-for-test.h +++ b/tests/configs/user-config-for-test.h @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if defined(PSA_CRYPTO_DRIVER_TEST_ALL) diff --git a/tests/configs/user-config-malloc-0-null.h b/tests/configs/user-config-malloc-0-null.h index 226f4d187..fada9ee93 100644 --- a/tests/configs/user-config-malloc-0-null.h +++ b/tests/configs/user-config-malloc-0-null.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/configs/user-config-zeroize-memset.h b/tests/configs/user-config-zeroize-memset.h index fcdd1f099..52d4b0833 100644 --- a/tests/configs/user-config-zeroize-memset.h +++ b/tests/configs/user-config-zeroize-memset.h @@ -4,19 +4,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/context-info.sh b/tests/context-info.sh index 88dfcaa5e..55e321943 100755 --- a/tests/context-info.sh +++ b/tests/context-info.sh @@ -3,19 +3,7 @@ # context-info.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # This program is intended for testing the ssl_context_info program # diff --git a/tests/data_files/dir-maxpath/long.sh b/tests/data_files/dir-maxpath/long.sh index d7d879765..4e1fd48dc 100755 --- a/tests/data_files/dir-maxpath/long.sh +++ b/tests/data_files/dir-maxpath/long.sh @@ -1,19 +1,7 @@ #!/bin/sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/tests/data_files/print_c.pl b/tests/data_files/print_c.pl index ce8ed6f8e..5f4b3d0c6 100755 --- a/tests/data_files/print_c.pl +++ b/tests/data_files/print_c.pl @@ -1,19 +1,7 @@ #!/usr/bin/env perl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; use warnings; diff --git a/tests/data_files/test_certs.h.jinja2 b/tests/data_files/test_certs.h.jinja2 index 92131ddc1..4a64b3a79 100644 --- a/tests/data_files/test_certs.h.jinja2 +++ b/tests/data_files/test_certs.h.jinja2 @@ -2,19 +2,7 @@ * X.509 test certificates * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* THIS FILE is generated by `tests/scripts/generate_test_cert_macros.py` */ diff --git a/tests/docker/bionic/Dockerfile b/tests/docker/bionic/Dockerfile index d44cdff25..e4c49fac2 100644 --- a/tests/docker/bionic/Dockerfile +++ b/tests/docker/bionic/Dockerfile @@ -10,19 +10,7 @@ # for the set of Docker images we use on the CI. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later ARG MAKEFLAGS_PARALLEL="" ARG MY_REGISTRY= diff --git a/tests/git-scripts/pre-push.sh b/tests/git-scripts/pre-push.sh index ce43467b4..9192678a5 100755 --- a/tests/git-scripts/pre-push.sh +++ b/tests/git-scripts/pre-push.sh @@ -2,19 +2,7 @@ # pre-push.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/include/alt-dummy/aes_alt.h b/tests/include/alt-dummy/aes_alt.h index 21d85f1ff..dc47dd16c 100644 --- a/tests/include/alt-dummy/aes_alt.h +++ b/tests/include/alt-dummy/aes_alt.h @@ -1,19 +1,7 @@ /* aes_alt.h with dummy types for MBEDTLS_AES_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef AES_ALT_H diff --git a/tests/include/alt-dummy/aria_alt.h b/tests/include/alt-dummy/aria_alt.h index aabec9c9f..94db8c7fb 100644 --- a/tests/include/alt-dummy/aria_alt.h +++ b/tests/include/alt-dummy/aria_alt.h @@ -1,19 +1,7 @@ /* aria_alt.h with dummy types for MBEDTLS_ARIA_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef ARIA_ALT_H diff --git a/tests/include/alt-dummy/camellia_alt.h b/tests/include/alt-dummy/camellia_alt.h index b42613bc2..97bc16b78 100644 --- a/tests/include/alt-dummy/camellia_alt.h +++ b/tests/include/alt-dummy/camellia_alt.h @@ -1,19 +1,7 @@ /* camellia_alt.h with dummy types for MBEDTLS_CAMELLIA_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef CAMELLIA_ALT_H diff --git a/tests/include/alt-dummy/ccm_alt.h b/tests/include/alt-dummy/ccm_alt.h index 5ec7d4e48..c25f42b4a 100644 --- a/tests/include/alt-dummy/ccm_alt.h +++ b/tests/include/alt-dummy/ccm_alt.h @@ -1,19 +1,7 @@ /* ccm_alt.h with dummy types for MBEDTLS_CCM_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef CCM_ALT_H diff --git a/tests/include/alt-dummy/chacha20_alt.h b/tests/include/alt-dummy/chacha20_alt.h index a53a33002..6fd84d031 100644 --- a/tests/include/alt-dummy/chacha20_alt.h +++ b/tests/include/alt-dummy/chacha20_alt.h @@ -1,19 +1,7 @@ /* chacha20_alt.h with dummy types for MBEDTLS_CHACHA20_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef CHACHA20_ALT_H diff --git a/tests/include/alt-dummy/chachapoly_alt.h b/tests/include/alt-dummy/chachapoly_alt.h index 584a42174..de28ced67 100644 --- a/tests/include/alt-dummy/chachapoly_alt.h +++ b/tests/include/alt-dummy/chachapoly_alt.h @@ -1,19 +1,7 @@ /* chachapoly_alt.h with dummy types for MBEDTLS_CHACHAPOLY_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef CHACHAPOLY_ALT_H diff --git a/tests/include/alt-dummy/cmac_alt.h b/tests/include/alt-dummy/cmac_alt.h index 13c998d68..68b53d707 100644 --- a/tests/include/alt-dummy/cmac_alt.h +++ b/tests/include/alt-dummy/cmac_alt.h @@ -1,19 +1,7 @@ /* cmac_alt.h with dummy types for MBEDTLS_CMAC_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef CMAC_ALT_H diff --git a/tests/include/alt-dummy/des_alt.h b/tests/include/alt-dummy/des_alt.h index 3b8abe493..d07986128 100644 --- a/tests/include/alt-dummy/des_alt.h +++ b/tests/include/alt-dummy/des_alt.h @@ -1,19 +1,7 @@ /* des_alt.h with dummy types for MBEDTLS_DES_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ diff --git a/tests/include/alt-dummy/dhm_alt.h b/tests/include/alt-dummy/dhm_alt.h index ccb3bd3c3..3cb51d2ed 100644 --- a/tests/include/alt-dummy/dhm_alt.h +++ b/tests/include/alt-dummy/dhm_alt.h @@ -1,19 +1,7 @@ /* dhm_alt.h with dummy types for MBEDTLS_DHM_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef DHM_ALT_H diff --git a/tests/include/alt-dummy/ecjpake_alt.h b/tests/include/alt-dummy/ecjpake_alt.h index 90c21da8b..4d7524860 100644 --- a/tests/include/alt-dummy/ecjpake_alt.h +++ b/tests/include/alt-dummy/ecjpake_alt.h @@ -1,19 +1,7 @@ /* ecjpake_alt.h with dummy types for MBEDTLS_ECJPAKE_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef ECJPAKE_ALT_H diff --git a/tests/include/alt-dummy/ecp_alt.h b/tests/include/alt-dummy/ecp_alt.h index 56c981095..d204b18d0 100644 --- a/tests/include/alt-dummy/ecp_alt.h +++ b/tests/include/alt-dummy/ecp_alt.h @@ -1,19 +1,7 @@ /* ecp_alt.h with dummy types for MBEDTLS_ECP_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef ECP_ALT_H diff --git a/tests/include/alt-dummy/gcm_alt.h b/tests/include/alt-dummy/gcm_alt.h index 7be5b62f6..cfa73d2a4 100644 --- a/tests/include/alt-dummy/gcm_alt.h +++ b/tests/include/alt-dummy/gcm_alt.h @@ -1,19 +1,7 @@ /* gcm_alt.h with dummy types for MBEDTLS_GCM_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef GCM_ALT_H diff --git a/tests/include/alt-dummy/md5_alt.h b/tests/include/alt-dummy/md5_alt.h index 1f3e5ed9b..e3a15d70f 100644 --- a/tests/include/alt-dummy/md5_alt.h +++ b/tests/include/alt-dummy/md5_alt.h @@ -1,19 +1,7 @@ /* md5_alt.h with dummy types for MBEDTLS_MD5_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MD5_ALT_H diff --git a/tests/include/alt-dummy/nist_kw_alt.h b/tests/include/alt-dummy/nist_kw_alt.h index 8fec116be..1274d4081 100644 --- a/tests/include/alt-dummy/nist_kw_alt.h +++ b/tests/include/alt-dummy/nist_kw_alt.h @@ -1,19 +1,7 @@ /* nist_kw_alt.h with dummy types for MBEDTLS_NIST_KW_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef NIST_KW_ALT_H diff --git a/tests/include/alt-dummy/platform_alt.h b/tests/include/alt-dummy/platform_alt.h index 836f299c8..67573926e 100644 --- a/tests/include/alt-dummy/platform_alt.h +++ b/tests/include/alt-dummy/platform_alt.h @@ -1,19 +1,7 @@ /* platform_alt.h with dummy types for MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PLATFORM_ALT_H diff --git a/tests/include/alt-dummy/poly1305_alt.h b/tests/include/alt-dummy/poly1305_alt.h index 5a8295f16..c8ed1bc06 100644 --- a/tests/include/alt-dummy/poly1305_alt.h +++ b/tests/include/alt-dummy/poly1305_alt.h @@ -1,19 +1,7 @@ /* poly1305_alt.h with dummy types for MBEDTLS_POLY1305_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef POLY1305_ALT_H diff --git a/tests/include/alt-dummy/ripemd160_alt.h b/tests/include/alt-dummy/ripemd160_alt.h index ca3b33827..72ae47efb 100644 --- a/tests/include/alt-dummy/ripemd160_alt.h +++ b/tests/include/alt-dummy/ripemd160_alt.h @@ -1,19 +1,7 @@ /* ripemd160_alt.h with dummy types for MBEDTLS_RIPEMD160_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef RIPEMD160_ALT_H diff --git a/tests/include/alt-dummy/rsa_alt.h b/tests/include/alt-dummy/rsa_alt.h index 24f672bb3..eabc26da1 100644 --- a/tests/include/alt-dummy/rsa_alt.h +++ b/tests/include/alt-dummy/rsa_alt.h @@ -1,19 +1,7 @@ /* rsa_alt.h with dummy types for MBEDTLS_RSA_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef RSA_ALT_H diff --git a/tests/include/alt-dummy/sha1_alt.h b/tests/include/alt-dummy/sha1_alt.h index 36bf71d84..d8ac97191 100644 --- a/tests/include/alt-dummy/sha1_alt.h +++ b/tests/include/alt-dummy/sha1_alt.h @@ -1,19 +1,7 @@ /* sha1_alt.h with dummy types for MBEDTLS_SHA1_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef SHA1_ALT_H diff --git a/tests/include/alt-dummy/sha256_alt.h b/tests/include/alt-dummy/sha256_alt.h index 304734bfc..b1900adee 100644 --- a/tests/include/alt-dummy/sha256_alt.h +++ b/tests/include/alt-dummy/sha256_alt.h @@ -1,19 +1,7 @@ /* sha256_alt.h with dummy types for MBEDTLS_SHA256_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef SHA256_ALT_H diff --git a/tests/include/alt-dummy/sha512_alt.h b/tests/include/alt-dummy/sha512_alt.h index 13e58109e..857bc916a 100644 --- a/tests/include/alt-dummy/sha512_alt.h +++ b/tests/include/alt-dummy/sha512_alt.h @@ -1,19 +1,7 @@ /* sha512_alt.h with dummy types for MBEDTLS_SHA512_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef SHA512_ALT_H diff --git a/tests/include/alt-dummy/threading_alt.h b/tests/include/alt-dummy/threading_alt.h index 400350686..07d5da427 100644 --- a/tests/include/alt-dummy/threading_alt.h +++ b/tests/include/alt-dummy/threading_alt.h @@ -1,19 +1,7 @@ /* threading_alt.h with dummy types for MBEDTLS_THREADING_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef THREADING_ALT_H diff --git a/tests/include/alt-dummy/timing_alt.h b/tests/include/alt-dummy/timing_alt.h index 9d4e100ea..69bee60f6 100644 --- a/tests/include/alt-dummy/timing_alt.h +++ b/tests/include/alt-dummy/timing_alt.h @@ -1,19 +1,7 @@ /* timing_alt.h with dummy types for MBEDTLS_TIMING_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TIMING_ALT_H diff --git a/tests/include/baremetal-override/time.h b/tests/include/baremetal-override/time.h index 40eed2d33..0a44275e7 100644 --- a/tests/include/baremetal-override/time.h +++ b/tests/include/baremetal-override/time.h @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #error "time.h included in a configuration without MBEDTLS_HAVE_TIME" diff --git a/tests/include/spe/crypto_spe.h b/tests/include/spe/crypto_spe.h index de842642d..fdf3a2db5 100644 --- a/tests/include/spe/crypto_spe.h +++ b/tests/include/spe/crypto_spe.h @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ diff --git a/tests/include/test/arguments.h b/tests/include/test/arguments.h index 74bbbd569..6d267b660 100644 --- a/tests/include/test/arguments.h +++ b/tests/include/test/arguments.h @@ -8,19 +8,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_ARGUMENTS_H diff --git a/tests/include/test/asn1_helpers.h b/tests/include/test/asn1_helpers.h index dee3cbda9..2eb917128 100644 --- a/tests/include/test/asn1_helpers.h +++ b/tests/include/test/asn1_helpers.h @@ -2,19 +2,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef ASN1_HELPERS_H diff --git a/tests/include/test/bignum_helpers.h b/tests/include/test/bignum_helpers.h index fc97d23ba..2f6bf8931 100644 --- a/tests/include/test/bignum_helpers.h +++ b/tests/include/test/bignum_helpers.h @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_BIGNUM_HELPERS_H diff --git a/tests/include/test/certs.h b/tests/include/test/certs.h index 65c55829d..db69536a6 100644 --- a/tests/include/test/certs.h +++ b/tests/include/test/certs.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CERTS_H #define MBEDTLS_CERTS_H diff --git a/tests/include/test/constant_flow.h b/tests/include/test/constant_flow.h index f3d676e28..c5658eb40 100644 --- a/tests/include/test/constant_flow.h +++ b/tests/include/test/constant_flow.h @@ -6,19 +6,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_CONSTANT_FLOW_H diff --git a/tests/include/test/drivers/aead.h b/tests/include/test/drivers/aead.h index 037a255ca..a033e399d 100644 --- a/tests/include/test/drivers/aead.h +++ b/tests/include/test/drivers/aead.h @@ -2,19 +2,7 @@ * Test driver for AEAD driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_AEAD_H diff --git a/tests/include/test/drivers/asymmetric_encryption.h b/tests/include/test/drivers/asymmetric_encryption.h index c602d2f22..0ac77087d 100644 --- a/tests/include/test/drivers/asymmetric_encryption.h +++ b/tests/include/test/drivers/asymmetric_encryption.h @@ -2,19 +2,7 @@ * Test driver for asymmetric encryption. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_ASYMMETRIC_ENCRYPTION_H diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 54c37f748..950a17440 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -2,19 +2,7 @@ * Test driver for cipher functions */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_CIPHER_H diff --git a/tests/include/test/drivers/config_test_driver.h b/tests/include/test/drivers/config_test_driver.h index 81f988339..4eb27f024 100644 --- a/tests/include/test/drivers/config_test_driver.h +++ b/tests/include/test/drivers/config_test_driver.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_H diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h index f1da8d3e4..ad48c45d5 100644 --- a/tests/include/test/drivers/hash.h +++ b/tests/include/test/drivers/hash.h @@ -2,19 +2,7 @@ * Test driver for hash driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_HASH_H diff --git a/tests/include/test/drivers/key_agreement.h b/tests/include/test/drivers/key_agreement.h index aaf74a8c5..ca82b3ad9 100644 --- a/tests/include/test/drivers/key_agreement.h +++ b/tests/include/test/drivers/key_agreement.h @@ -2,19 +2,7 @@ * Test driver for key agreement functions. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_AGREEMENT_H diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 43df0d610..9e2c89885 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -2,19 +2,7 @@ * Test driver for generating and verifying keys. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H diff --git a/tests/include/test/drivers/mac.h b/tests/include/test/drivers/mac.h index bdc2b705c..d92eff903 100644 --- a/tests/include/test/drivers/mac.h +++ b/tests/include/test/drivers/mac.h @@ -2,19 +2,7 @@ * Test driver for MAC driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_MAC_H diff --git a/tests/include/test/drivers/pake.h b/tests/include/test/drivers/pake.h index 331ee49da..d292ca0da 100644 --- a/tests/include/test/drivers/pake.h +++ b/tests/include/test/drivers/pake.h @@ -2,19 +2,7 @@ * Test driver for PAKE driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_PAKE_H diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h index 4c56a121c..8c5703edf 100644 --- a/tests/include/test/drivers/signature.h +++ b/tests/include/test/drivers/signature.h @@ -2,19 +2,7 @@ * Test driver for signature functions. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/test_driver.h index 541ee03d0..74605d6b8 100644 --- a/tests/include/test/drivers/test_driver.h +++ b/tests/include/test/drivers/test_driver.h @@ -2,19 +2,7 @@ * Umbrella include for all of the test driver functionality */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVER_H diff --git a/tests/include/test/fake_external_rng_for_test.h b/tests/include/test/fake_external_rng_for_test.h index 01bfb91a4..e3e331d55 100644 --- a/tests/include/test/fake_external_rng_for_test.h +++ b/tests/include/test/fake_external_rng_for_test.h @@ -4,19 +4,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef FAKE_EXTERNAL_RNG_FOR_TEST_H diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index dd4a6a2b4..ba117fbdf 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_HELPERS_H diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h index 3bfbe3333..8de9c4d95 100644 --- a/tests/include/test/macros.h +++ b/tests/include/test/macros.h @@ -6,19 +6,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_MACROS_H diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index 959308af9..04b90b923 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_HELPERS_H diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h index 46f4d0810..0f3ee3db6 100644 --- a/tests/include/test/psa_exercise_key.h +++ b/tests/include/test/psa_exercise_key.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_EXERCISE_KEY_H diff --git a/tests/include/test/psa_helpers.h b/tests/include/test/psa_helpers.h index 2665fac39..b61718939 100644 --- a/tests/include/test/psa_helpers.h +++ b/tests/include/test/psa_helpers.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_HELPERS_H diff --git a/tests/include/test/random.h b/tests/include/test/random.h index c5572088a..6304e05d7 100644 --- a/tests/include/test/random.h +++ b/tests/include/test/random.h @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_RANDOM_H diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h index ddbd6a39e..abdef9032 100644 --- a/tests/include/test/ssl_helpers.h +++ b/tests/include/test/ssl_helpers.h @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef SSL_HELPERS_H diff --git a/tests/make-in-docker.sh b/tests/make-in-docker.sh index 0ee08dc48..e57d09d34 100755 --- a/tests/make-in-docker.sh +++ b/tests/make-in-docker.sh @@ -14,19 +14,7 @@ # for the set of Docker images we use on the CI. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh diff --git a/tests/opt-testcases/tls13-compat.sh b/tests/opt-testcases/tls13-compat.sh index 56d2e2959..1190a87ee 100755 --- a/tests/opt-testcases/tls13-compat.sh +++ b/tests/opt-testcases/tls13-compat.sh @@ -3,19 +3,7 @@ # tls13-compat.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/opt-testcases/tls13-kex-modes.sh b/tests/opt-testcases/tls13-kex-modes.sh index 758da1da5..6556cd4b4 100755 --- a/tests/opt-testcases/tls13-kex-modes.sh +++ b/tests/opt-testcases/tls13-kex-modes.sh @@ -3,19 +3,7 @@ # tls13-kex-modes.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # DO NOT ADD NEW TEST CASES INTO THIS FILE. The left cases will be generated by diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index d5efc9edc..3182b48b2 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -3,19 +3,7 @@ # tls13-misc.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # requires_gnutls_tls1_3 diff --git a/tests/scripts/all-in-docker.sh b/tests/scripts/all-in-docker.sh index 7c03d9135..b2a31c265 100755 --- a/tests/scripts/all-in-docker.sh +++ b/tests/scripts/all-in-docker.sh @@ -17,19 +17,7 @@ # See also all.sh for notes about invocation of that script. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 2d807205f..a4f7965b4 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3,19 +3,7 @@ # all.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later diff --git a/tests/scripts/audit-validity-dates.py b/tests/scripts/audit-validity-dates.py index 5128dc788..96b705a28 100755 --- a/tests/scripts/audit-validity-dates.py +++ b/tests/scripts/audit-validity-dates.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """Audit validity date of X509 crt/crl/csr. diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 72923f62c..52617541d 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -3,19 +3,7 @@ # basic-build-test.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/scripts/basic-in-docker.sh b/tests/scripts/basic-in-docker.sh index 02cafb0cc..3aca3a134 100755 --- a/tests/scripts/basic-in-docker.sh +++ b/tests/scripts/basic-in-docker.sh @@ -18,19 +18,7 @@ # See docker_env.sh for prerequisites and other information. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh diff --git a/tests/scripts/check-doxy-blocks.pl b/tests/scripts/check-doxy-blocks.pl index dd955301f..3199c2ab4 100755 --- a/tests/scripts/check-doxy-blocks.pl +++ b/tests/scripts/check-doxy-blocks.pl @@ -9,19 +9,7 @@ # items that are documented, but not marked as such by mistake. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index d03e5cf6d..67dedeb26 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -1,19 +1,7 @@ #! /usr/bin/env sh # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/scripts/check-python-files.sh b/tests/scripts/check-python-files.sh index 35319d3e1..51e80792b 100755 --- a/tests/scripts/check-python-files.sh +++ b/tests/scripts/check-python-files.sh @@ -1,19 +1,7 @@ #! /usr/bin/env sh # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # Purpose: check Python files for potential programming errors or maintenance # hurdles. Run pylint to detect some potential mistakes and enforce PEP8 diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py index 238a83fab..68871efe4 100755 --- a/tests/scripts/check_files.py +++ b/tests/scripts/check_files.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ This script checks the current state of the source code for minor issues, diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index 86a7c0903..9e8ed219a 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ This script confirms that the naming of all symbols and identifiers in Mbed TLS diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py index 1395d4d90..3b954af22 100755 --- a/tests/scripts/check_test_cases.py +++ b/tests/scripts/check_test_cases.py @@ -7,19 +7,7 @@ independently of the checks. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import glob diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index 96529de7d..29ecfdbea 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # Copyright (c) 2022, Arm Limited, All Rights Reserved. -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # This file is part of Mbed TLS (https://tls.mbed.org) diff --git a/tests/scripts/docker_env.sh b/tests/scripts/docker_env.sh index 3dbc41d92..cfc98dfca 100755 --- a/tests/scripts/docker_env.sh +++ b/tests/scripts/docker_env.sh @@ -27,19 +27,7 @@ # the Docker image. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # default values, can be overridden by the environment diff --git a/tests/scripts/doxygen.sh b/tests/scripts/doxygen.sh index cb87829e2..b6a1d4594 100755 --- a/tests/scripts/doxygen.sh +++ b/tests/scripts/doxygen.sh @@ -3,19 +3,7 @@ # Make sure the doxygen documentation builds without warnings # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # Abort on errors (and uninitialised variables) set -eu diff --git a/tests/scripts/gen_ctr_drbg.pl b/tests/scripts/gen_ctr_drbg.pl index 2345b9e36..ec5e5d891 100755 --- a/tests/scripts/gen_ctr_drbg.pl +++ b/tests/scripts/gen_ctr_drbg.pl @@ -5,19 +5,7 @@ # and concats nonce and personalization for initialization. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/tests/scripts/gen_gcm_decrypt.pl b/tests/scripts/gen_gcm_decrypt.pl index 354e351a4..30d45c307 100755 --- a/tests/scripts/gen_gcm_decrypt.pl +++ b/tests/scripts/gen_gcm_decrypt.pl @@ -4,19 +4,7 @@ # Only first 3 of every set used for compile time saving # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/tests/scripts/gen_gcm_encrypt.pl b/tests/scripts/gen_gcm_encrypt.pl index 101456fed..b4f08494c 100755 --- a/tests/scripts/gen_gcm_encrypt.pl +++ b/tests/scripts/gen_gcm_encrypt.pl @@ -4,19 +4,7 @@ # Only first 3 of every set used for compile time saving # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/tests/scripts/gen_pkcs1_v21_sign_verify.pl b/tests/scripts/gen_pkcs1_v21_sign_verify.pl index 609e5586a..fe2d3f5d3 100755 --- a/tests/scripts/gen_pkcs1_v21_sign_verify.pl +++ b/tests/scripts/gen_pkcs1_v21_sign_verify.pl @@ -1,19 +1,7 @@ #!/usr/bin/env perl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/tests/scripts/generate-afl-tests.sh b/tests/scripts/generate-afl-tests.sh index a51fbc965..d4ef0f3af 100755 --- a/tests/scripts/generate-afl-tests.sh +++ b/tests/scripts/generate-afl-tests.sh @@ -9,19 +9,7 @@ # such as 'test_suite_rsa.data' # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # Abort on errors set -e diff --git a/tests/scripts/generate_bignum_tests.py b/tests/scripts/generate_bignum_tests.py index 6ee6ab39a..8dbb6ed78 100755 --- a/tests/scripts/generate_bignum_tests.py +++ b/tests/scripts/generate_bignum_tests.py @@ -40,19 +40,7 @@ of BaseTarget in test_data_generation.py. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import sys diff --git a/tests/scripts/generate_ecp_tests.py b/tests/scripts/generate_ecp_tests.py index abbfda55f..df1e4696a 100755 --- a/tests/scripts/generate_ecp_tests.py +++ b/tests/scripts/generate_ecp_tests.py @@ -6,19 +6,7 @@ as in generate_bignum_tests.py. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import sys diff --git a/tests/scripts/generate_pkcs7_tests.py b/tests/scripts/generate_pkcs7_tests.py index 0e7385043..0e484b023 100755 --- a/tests/scripts/generate_pkcs7_tests.py +++ b/tests/scripts/generate_pkcs7_tests.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # """ diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index b6f83c111..801f8da8b 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -6,19 +6,7 @@ generate only the specified files. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import enum import re diff --git a/tests/scripts/generate_test_cert_macros.py b/tests/scripts/generate_test_cert_macros.py index 4494917ef..a3bca7e6f 100755 --- a/tests/scripts/generate_test_cert_macros.py +++ b/tests/scripts/generate_test_cert_macros.py @@ -6,19 +6,7 @@ Generate `tests/src/test_certs.h` which includes certficaties/keys/certificate l # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import os diff --git a/tests/scripts/generate_test_code.py b/tests/scripts/generate_test_code.py index 76806de95..5f711bfb1 100755 --- a/tests/scripts/generate_test_code.py +++ b/tests/scripts/generate_test_code.py @@ -2,19 +2,7 @@ # Test suites code generator. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ This script is a key part of Mbed TLS test suites framework. For diff --git a/tests/scripts/generate_tls13_compat_tests.py b/tests/scripts/generate_tls13_compat_tests.py index 05d80a532..fdb264d7b 100755 --- a/tests/scripts/generate_tls13_compat_tests.py +++ b/tests/scripts/generate_tls13_compat_tests.py @@ -3,19 +3,7 @@ # generate_tls13_compat_tests.py # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ Generate TLSv1.3 Compat test cases @@ -536,19 +524,7 @@ SSL_OUTPUT_HEADER = '''#!/bin/sh # {filename} # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/scripts/list-identifiers.sh b/tests/scripts/list-identifiers.sh index 9b930802f..4ccac236e 100755 --- a/tests/scripts/list-identifiers.sh +++ b/tests/scripts/list-identifiers.sh @@ -10,19 +10,7 @@ # Usage: list-identifiers.sh [ -i | --internal ] # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/tests/scripts/list_internal_identifiers.py b/tests/scripts/list_internal_identifiers.py index 6b41607e3..b648ce24f 100755 --- a/tests/scripts/list_internal_identifiers.py +++ b/tests/scripts/list_internal_identifiers.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ This script generates a file called identifiers that contains all Mbed TLS diff --git a/tests/scripts/psa_collect_statuses.py b/tests/scripts/psa_collect_statuses.py index f685bab8e..11bbebcc1 100755 --- a/tests/scripts/psa_collect_statuses.py +++ b/tests/scripts/psa_collect_statuses.py @@ -13,19 +13,7 @@ only supported with make (as opposed to CMake or other build methods). """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import os diff --git a/tests/scripts/recursion.pl b/tests/scripts/recursion.pl index 2a7dba541..3cdeff7f4 100755 --- a/tests/scripts/recursion.pl +++ b/tests/scripts/recursion.pl @@ -9,19 +9,7 @@ # Typical usage: scripts/recursion.pl library/*.c # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; diff --git a/tests/scripts/run-test-suites.pl b/tests/scripts/run-test-suites.pl index cedc0bfa5..e0ee3f515 100755 --- a/tests/scripts/run-test-suites.pl +++ b/tests/scripts/run-test-suites.pl @@ -3,19 +3,7 @@ # run-test-suites.pl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later =head1 SYNOPSIS diff --git a/tests/scripts/scripts_path.py b/tests/scripts/scripts_path.py index 10bf6f852..5d83f29f9 100644 --- a/tests/scripts/scripts_path.py +++ b/tests/scripts/scripts_path.py @@ -6,19 +6,8 @@ Usage: """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import os import sys diff --git a/tests/scripts/set_psa_test_dependencies.py b/tests/scripts/set_psa_test_dependencies.py index 7f4ebeb7f..f68dfcb72 100755 --- a/tests/scripts/set_psa_test_dependencies.py +++ b/tests/scripts/set_psa_test_dependencies.py @@ -4,19 +4,7 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import os import re diff --git a/tests/scripts/tcp_client.pl b/tests/scripts/tcp_client.pl index 17f824e00..9aff22db0 100755 --- a/tests/scripts/tcp_client.pl +++ b/tests/scripts/tcp_client.pl @@ -6,19 +6,7 @@ # RESPONSE: regexp that must match the server's response # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index 15209b4a0..0702074ab 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -3,19 +3,7 @@ # test-ref-configs.pl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/scripts/test_config_script.py b/tests/scripts/test_config_script.py index e230e3c87..e500b3362 100755 --- a/tests/scripts/test_config_script.py +++ b/tests/scripts/test_config_script.py @@ -14,19 +14,8 @@ Sample usage: """ ## Copyright The Mbed TLS Contributors -## SPDX-License-Identifier: Apache-2.0 +## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later ## -## Licensed under the Apache License, Version 2.0 (the "License"); you may -## not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. import argparse import glob diff --git a/tests/scripts/test_generate_test_code.py b/tests/scripts/test_generate_test_code.py index b32d18423..abc46a729 100755 --- a/tests/scripts/test_generate_test_code.py +++ b/tests/scripts/test_generate_test_code.py @@ -2,19 +2,7 @@ # Unit test for generate_test_code.py # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ Unit tests for generate_test_code.py diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 9cd220f85..bed6d849e 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -8,19 +8,7 @@ keep the list of known defects as up to date as possible. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import os diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index e43a0baef..6883e279f 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -8,19 +8,7 @@ or 1 (with a Python backtrace) if there was an operational error. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse from collections import namedtuple diff --git a/tests/scripts/test_zeroize.gdb b/tests/scripts/test_zeroize.gdb index 66c630408..57f771f56 100644 --- a/tests/scripts/test_zeroize.gdb +++ b/tests/scripts/test_zeroize.gdb @@ -1,19 +1,7 @@ # test_zeroize.gdb # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/scripts/translate_ciphers.py b/tests/scripts/translate_ciphers.py index a8db4bb35..90514fca1 100755 --- a/tests/scripts/translate_ciphers.py +++ b/tests/scripts/translate_ciphers.py @@ -3,19 +3,7 @@ # translate_ciphers.py # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ Translate standard ciphersuite names to GnuTLS, OpenSSL and Mbed TLS standards. diff --git a/tests/scripts/travis-log-failure.sh b/tests/scripts/travis-log-failure.sh index 249b3f807..3daecf30d 100755 --- a/tests/scripts/travis-log-failure.sh +++ b/tests/scripts/travis-log-failure.sh @@ -3,19 +3,7 @@ # travis-log-failure.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/src/asn1_helpers.c b/tests/src/asn1_helpers.c index aaf7587aa..c8df1995e 100644 --- a/tests/src/asn1_helpers.c +++ b/tests/src/asn1_helpers.c @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/bignum_helpers.c b/tests/src/bignum_helpers.c index 214530df5..c85e2caaf 100644 --- a/tests/src/bignum_helpers.c +++ b/tests/src/bignum_helpers.c @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/tests/src/certs.c b/tests/src/certs.c index b834e4aa1..879f08882 100644 --- a/tests/src/certs.c +++ b/tests/src/certs.c @@ -2,19 +2,7 @@ * X.509 test certificates * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index 8fb198277..76ec12a22 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -2,19 +2,7 @@ * Test driver for hash entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c index 6334a438e..01fc050bb 100644 --- a/tests/src/drivers/platform_builtin_keys.c +++ b/tests/src/drivers/platform_builtin_keys.c @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c index 6dadf5282..314ce83a2 100644 --- a/tests/src/drivers/test_driver_aead.c +++ b/tests/src/drivers/test_driver_aead.c @@ -2,19 +2,7 @@ * Test driver for AEAD entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_asymmetric_encryption.c b/tests/src/drivers/test_driver_asymmetric_encryption.c index cf0e90cae..c906a664a 100644 --- a/tests/src/drivers/test_driver_asymmetric_encryption.c +++ b/tests/src/drivers/test_driver_asymmetric_encryption.c @@ -2,19 +2,7 @@ * Test driver for asymmetric encryption. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 42e79c490..678d8d5d6 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -3,19 +3,7 @@ * Currently only supports multi-part operations using AES-CTR. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_key_agreement.c b/tests/src/drivers/test_driver_key_agreement.c index 9cf82a37a..8471959e2 100644 --- a/tests/src/drivers/test_driver_key_agreement.c +++ b/tests/src/drivers/test_driver_key_agreement.c @@ -2,19 +2,7 @@ * Test driver for key agreement functions. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 19da47ad6..6442f2231 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -3,19 +3,7 @@ * Currently only supports generating and verifying ECC keys. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index 96c1685f5..9f8120bd4 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -2,19 +2,7 @@ * Test driver for MAC entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_pake.c b/tests/src/drivers/test_driver_pake.c index 69bd4ffe2..a0b6c1cb0 100644 --- a/tests/src/drivers/test_driver_pake.c +++ b/tests/src/drivers/test_driver_pake.c @@ -2,19 +2,7 @@ * Test driver for MAC entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index 7d1f91fdf..00dd3e267 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -4,19 +4,7 @@ * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/fake_external_rng_for_test.c b/tests/src/fake_external_rng_for_test.c index 89af7d34f..c0bfde51a 100644 --- a/tests/src/fake_external_rng_for_test.c +++ b/tests/src/fake_external_rng_for_test.c @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/helpers.c b/tests/src/helpers.c index 7cac6e0a0..eb28919b8 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/psa_crypto_helpers.c b/tests/src/psa_crypto_helpers.c index 52ff03186..d59a8f872 100644 --- a/tests/src/psa_crypto_helpers.c +++ b/tests/src/psa_crypto_helpers.c @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index c4488b56f..f8b36e1fa 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -4,19 +4,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/random.c b/tests/src/random.c index d20103c35..d041f36a1 100644 --- a/tests/src/random.c +++ b/tests/src/random.c @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/tests/src/test_certs.h b/tests/src/test_certs.h index 866d1e003..b313ea88d 100644 --- a/tests/src/test_certs.h +++ b/tests/src/test_certs.h @@ -2,19 +2,7 @@ * X.509 test certificates * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* THIS FILE is generated by `tests/scripts/generate_test_cert_macros.py` */ diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 5c305cb0a..52839eb96 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/threading_helpers.c b/tests/src/threading_helpers.c index ae6e59072..6f405b00c 100644 --- a/tests/src/threading_helpers.c +++ b/tests/src/threading_helpers.c @@ -2,19 +2,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/ssl-opt-in-docker.sh b/tests/ssl-opt-in-docker.sh index 159be4c50..c0c85fc2e 100755 --- a/tests/ssl-opt-in-docker.sh +++ b/tests/ssl-opt-in-docker.sh @@ -22,19 +22,7 @@ # - ssl-opt.sh for notes about invocation of that script. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0dd7fe6d3..cd17a7800 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -3,19 +3,7 @@ # ssl-opt.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # From 8ce51708da7e5066e884be77c108a362f67bb91c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 2 Nov 2023 17:36:49 +0000 Subject: [PATCH 0524/1674] Update documentation Signed-off-by: Dave Rodgman --- CONTRIBUTING.md | 4 +- LICENSE | 351 ++++++++++++++++++++++++++++++++++++++++++++++++ README.md | 2 +- 3 files changed, 354 insertions(+), 3 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 8454fb8ea..261f745ba 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -84,11 +84,11 @@ Mbed TLS is well documented, but if you think documentation is needed, speak out License and Copyright --------------------- -Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license. +Unless specifically indicated otherwise in a file, Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. See the [LICENSE](LICENSE) file for the full text of these licenses. This means that users may choose which of these licenses they take the code under. Contributors must accept that their contributions are made under both the Apache-2.0 AND [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) licenses. This enables LTS (Long Term Support) branches of the software to be provided under either the Apache-2.0 or GPL-2.0-or-later licenses. -All new files should include the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) standard license header where possible. +All new files should include the standard SPDX license identifier where possible, i.e. "SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later". The copyright on contributions is retained by the original authors of the code. Where possible for new files, this should be noted in a comment at the top of the file in the form: "Copyright The Mbed TLS Contributors". diff --git a/LICENSE b/LICENSE index d64569567..776ac77ea 100644 --- a/LICENSE +++ b/LICENSE @@ -1,3 +1,10 @@ +Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) +OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. +This means that users may choose which of these licenses they take the code +under. + +The full text of each of these licenses is given below. + Apache License Version 2.0, January 2004 @@ -200,3 +207,347 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. + + +=============================================================================== + + + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/README.md b/README.md index a3fcd2e15..956d8ba0b 100644 --- a/README.md +++ b/README.md @@ -307,7 +307,7 @@ When using drivers, you will generally want to enable two compilation options (s License ------- -Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license, and [the 'License and Copyright' section in the contributing guidelines](CONTRIBUTING.md#License-and-Copyright) for more information. +Unless specifically indicated otherwise in a file, Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. See the [LICENSE](LICENSE) file for the full text of these licenses, and [the 'License and Copyright' section in the contributing guidelines](CONTRIBUTING.md#License-and-Copyright) for more information. ### Third-party code included in Mbed TLS From 658bcff97ca6ebb61178016353f9eb7d64319045 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 2 Nov 2023 19:01:43 +0000 Subject: [PATCH 0525/1674] Add Changelog for license Signed-off-by: Dave Rodgman --- ChangeLog.d/license.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/license.txt diff --git a/ChangeLog.d/license.txt b/ChangeLog.d/license.txt new file mode 100644 index 000000000..0b6bb1f02 --- /dev/null +++ b/ChangeLog.d/license.txt @@ -0,0 +1,3 @@ +Changes + * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later + license. Users may choose which license they take the code under. From f8be5f6adeb66b190ed063ecaddb7f73c339240a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 2 Nov 2023 20:43:00 +0000 Subject: [PATCH 0526/1674] Fix overlooked files Signed-off-by: Dave Rodgman --- library/ssl_tls13_keys.h | 12 ------------ programs/x509/load_roots.c | 29 +---------------------------- 2 files changed, 1 insertion(+), 40 deletions(-) diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h index 151b7c7c1..d3a4c6c99 100644 --- a/library/ssl_tls13_keys.h +++ b/library/ssl_tls13_keys.h @@ -3,18 +3,6 @@ * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * Licensed under the Apache License, Version 2.0 ( the "License" ); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. */ #if !defined(MBEDTLS_SSL_TLS1_3_KEYS_H) #define MBEDTLS_SSL_TLS1_3_KEYS_H diff --git a/programs/x509/load_roots.c b/programs/x509/load_roots.c index a975405ea..f0e6acf25 100644 --- a/programs/x509/load_roots.c +++ b/programs/x509/load_roots.c @@ -2,34 +2,7 @@ * Root CA reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later OR GPL-2.0-or-later - * - * This file is provided under the Apache License 2.0, or the - * GNU General Public License v2.0 or later. - * - * ********** - * Apache License 2.0: - * - * ********** - * - * ********** - * GNU General Public License v2.0 or later: - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - * - * ********** + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" From fffeae8387bde57093f943ef049c38e06c81f3f2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 09:28:10 +0000 Subject: [PATCH 0527/1674] Update license for p256-m Signed-off-by: Dave Rodgman --- 3rdparty/p256-m/README.md | 4 +- 3rdparty/p256-m/p256-m/LICENSE | 202 -------------------- 3rdparty/p256-m/p256-m/p256-m.c | 2 +- 3rdparty/p256-m/p256-m/p256-m.h | 2 +- 3rdparty/p256-m/p256-m_driver_entrypoints.c | 14 +- 3rdparty/p256-m/p256-m_driver_entrypoints.h | 14 +- README.md | 2 +- 7 files changed, 7 insertions(+), 233 deletions(-) delete mode 100644 3rdparty/p256-m/p256-m/LICENSE diff --git a/3rdparty/p256-m/README.md b/3rdparty/p256-m/README.md index 89648d413..ec90f3446 100644 --- a/3rdparty/p256-m/README.md +++ b/3rdparty/p256-m/README.md @@ -1,4 +1,4 @@ -The files within the `p256-m/` subdirectory originate from the [p256-m GitHub repository](https://github.com/mpg/p256-m), which is distributed under the Apache 2.0 license. They are authored by Manuel Pégourié-Gonnard. p256-m is a minimalistic implementation of ECDH and ECDSA on NIST P-256, especially suited to constrained 32-bit environments. Mbed TLS documentation for integrating drivers uses p256-m as an example of a software accelerator, and describes how it can be integrated alongside Mbed TLS. It should be noted that p256-m files in the Mbed TLS repo will not be updated regularly, so they may not have fixes and improvements present in the upstream project. +The files within the `p256-m/` subdirectory originate from the [p256-m GitHub repository](https://github.com/mpg/p256-m). They are distributed here under a dual Apache-2.0 OR GPL-2.0-or-later license. They are authored by Manuel Pégourié-Gonnard. p256-m is a minimalistic implementation of ECDH and ECDSA on NIST P-256, especially suited to constrained 32-bit environments. Mbed TLS documentation for integrating drivers uses p256-m as an example of a software accelerator, and describes how it can be integrated alongside Mbed TLS. It should be noted that p256-m files in the Mbed TLS repo will not be updated regularly, so they may not have fixes and improvements present in the upstream project. -The files `p256-m.c` and `.h`, along with the license, have been taken from the `p256-m` repository. +The files `p256-m.c`, `p256-m.h` and `README.md` have been taken from the `p256-m` repository. It should be noted that p256-m deliberately does not supply its own cryptographically secure RNG function. As a result, the PSA RNG is used, with `p256_generate_random()` wrapping `psa_generate_random()`. diff --git a/3rdparty/p256-m/p256-m/LICENSE b/3rdparty/p256-m/p256-m/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/3rdparty/p256-m/p256-m/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/3rdparty/p256-m/p256-m/p256-m.c b/3rdparty/p256-m/p256-m/p256-m.c index 3f878f758..42c35b5bf 100644 --- a/3rdparty/p256-m/p256-m/p256-m.c +++ b/3rdparty/p256-m/p256-m/p256-m.c @@ -3,7 +3,7 @@ * * Copyright The Mbed TLS Contributors * Author: Manuel Pégourié-Gonnard. - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "p256-m.h" diff --git a/3rdparty/p256-m/p256-m/p256-m.h b/3rdparty/p256-m/p256-m/p256-m.h index 28d319f39..c26780024 100644 --- a/3rdparty/p256-m/p256-m/p256-m.h +++ b/3rdparty/p256-m/p256-m/p256-m.h @@ -3,7 +3,7 @@ * * Copyright The Mbed TLS Contributors * Author: Manuel Pégourié-Gonnard. - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef P256_M_H #define P256_M_H diff --git a/3rdparty/p256-m/p256-m_driver_entrypoints.c b/3rdparty/p256-m/p256-m_driver_entrypoints.c index 61310a87b..d272dcbb1 100644 --- a/3rdparty/p256-m/p256-m_driver_entrypoints.c +++ b/3rdparty/p256-m/p256-m_driver_entrypoints.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/platform.h" diff --git a/3rdparty/p256-m/p256-m_driver_entrypoints.h b/3rdparty/p256-m/p256-m_driver_entrypoints.h index d92a8f00b..c740c4522 100644 --- a/3rdparty/p256-m/p256-m_driver_entrypoints.h +++ b/3rdparty/p256-m/p256-m_driver_entrypoints.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef P256M_DRIVER_ENTRYPOINTS_H diff --git a/README.md b/README.md index 956d8ba0b..c0fb9d926 100644 --- a/README.md +++ b/README.md @@ -314,7 +314,7 @@ Unless specifically indicated otherwise in a file, Mbed TLS files are provided u This project contains code from other projects. This code is located within the `3rdparty/` directory. The original license text is included within project subdirectories, and in source files. The projects are listed below: * `3rdparty/everest/`: Files stem from [Project Everest](https://project-everest.github.io/) and are distributed under the Apache 2.0 license. -* `3rdparty/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is also used by Mbed TLS under the Apache 2.0 license. We do not plan to regularly update these files, so they may not contain fixes and improvements present in the upstream project. +* `3rdparty/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is distributed in Mbed TLS under a dual Apache-2.0 OR GPL-2.0-or-later license. We do not plan to regularly update these files, so they may not contain fixes and improvements present in the upstream project. Contributing ------------ From 6b190d4f276b6b28028789f4506962ea32a981f9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 1 Nov 2023 13:44:14 +0800 Subject: [PATCH 0528/1674] psa_information.py: generate dep for AES/ARIA/CAMELLIA ECB test case Signed-off-by: Yanray Wang --- scripts/mbedtls_dev/psa_information.py | 34 +++++++++++++++++--------- tests/scripts/generate_psa_tests.py | 3 ++- 2 files changed, 24 insertions(+), 13 deletions(-) diff --git a/scripts/mbedtls_dev/psa_information.py b/scripts/mbedtls_dev/psa_information.py index a82df41df..3c51ee150 100644 --- a/scripts/mbedtls_dev/psa_information.py +++ b/scripts/mbedtls_dev/psa_information.py @@ -17,7 +17,8 @@ # limitations under the License. import re -from typing import Dict, FrozenSet, List, Optional +from collections import OrderedDict +from typing import FrozenSet, List, Optional from . import macro_collector @@ -97,22 +98,31 @@ def automatic_dependencies(*expressions: str) -> List[str]: return sorted(psa_want_symbol(name) for name in used) # Define set of regular expressions and dependencies to optionally append -# extra dependencies for test case. +# extra dependencies for test case based on key description. + +# Skip AES test cases which require 192- or 256-bit key +# if MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH defined AES_128BIT_ONLY_DEP_REGEX = r'AES\s(192|256)' -AES_128BIT_ONLY_DEP = ["!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"] +AES_128BIT_ONLY_DEP = ['!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH'] +# Skip AES/ARIA/CAMELLIA test cases which require decrypt operation in ECB mode +# if MBEDTLS_BLOCK_CIPHER_NO_DECRYPT enabled. +ECB_NO_PADDING_DEP_REGEX = r'(AES|ARIA|CAMELLIA).*ECB_NO_PADDING' +ECB_NO_PADDING_DEP = ['!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT'] -DEPENDENCY_FROM_KEY = { - AES_128BIT_ONLY_DEP_REGEX: AES_128BIT_ONLY_DEP -}#type: Dict[str, List[str]] -def generate_key_dependencies(description: str) -> List[str]: - """Return additional dependencies based on pairs of REGEX and dependencies. +DEPENDENCY_FROM_DESCRIPTION = OrderedDict() +DEPENDENCY_FROM_DESCRIPTION[AES_128BIT_ONLY_DEP_REGEX] = AES_128BIT_ONLY_DEP +DEPENDENCY_FROM_DESCRIPTION[ECB_NO_PADDING_DEP_REGEX] = ECB_NO_PADDING_DEP +def generate_description_dependencies( + dep_list: List[str], + description: str + ) -> List[str]: + """Return additional dependencies based on test case description and REGEX. """ - deps = [] - for regex, dep in DEPENDENCY_FROM_KEY.items(): + for regex, deps in DEPENDENCY_FROM_DESCRIPTION.items(): if re.search(regex, description): - deps += dep + dep_list += deps - return deps + return dep_list # A temporary hack: at the time of writing, not all dependency symbols # are implemented yet. Skip test cases for which the dependency symbols are diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index b6f83c111..04c36f7f9 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -508,7 +508,8 @@ class StorageFormat: key.alg.string, key.alg2.string, ) dependencies = psa_information.finish_family_dependencies(dependencies, key.bits) - dependencies += psa_information.generate_key_dependencies(key.description) + dependencies = psa_information.generate_description_dependencies(dependencies, + key.description) dependencies = psa_information.fix_key_pair_dependencies(dependencies, 'BASIC') tc.set_dependencies(dependencies) tc.set_function('key_storage_' + verb) From ce38adb7319e341d39f45ae2eb2e0654e3767f20 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 10:29:25 +0000 Subject: [PATCH 0529/1674] Fix header in ssl_tls13_keys.c Signed-off-by: Dave Rodgman --- library/ssl_tls13_keys.c | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 45c495dfe..a6a2915d8 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -3,18 +3,6 @@ * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * Licensed under the Apache License, Version 2.0 ( the "License" ); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. */ #include "common.h" From 3f07074efbf5d5ad2e31163f3908566f2e1ef970 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 11:08:05 +0000 Subject: [PATCH 0530/1674] Fix typos in changelog Signed-off-by: Dave Rodgman --- ChangeLog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 85f3665c2..4ba3164f6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -5,8 +5,8 @@ Mbed TLS ChangeLog (Sorted per branch, date) API changes * Mbed TLS 3.4 introduced support for omitting the built-in implementation of ECDSA and/or EC J-PAKE when those are provided by a driver. However, - their was a flaw in the logic checking if the built-in implementation, in - that if failed to check if all the relevant curves were supported by the + there was a flaw in the logic checking if the built-in implementation, in + that it failed to check if all the relevant curves were supported by the accelerator. As a result, it was possible to declare no curves as accelerated and still have the built-in implementation compiled out. Starting with this release, it is necessary to declare which curves are From af54378af45100df8f3c9e44ccf6c830eb935c92 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 11:34:40 +0000 Subject: [PATCH 0531/1674] README improvements to 3rdparty section Signed-off-by: Dave Rodgman --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c0fb9d926..2505d8fd9 100644 --- a/README.md +++ b/README.md @@ -311,10 +311,10 @@ Unless specifically indicated otherwise in a file, Mbed TLS files are provided u ### Third-party code included in Mbed TLS -This project contains code from other projects. This code is located within the `3rdparty/` directory. The original license text is included within project subdirectories, and in source files. The projects are listed below: +This project contains code from other projects. This code is located within the `3rdparty/` directory. The original license text is included within project subdirectories, where it differs from the normal Mbed TLS license, and/or in source files. The projects are listed below: * `3rdparty/everest/`: Files stem from [Project Everest](https://project-everest.github.io/) and are distributed under the Apache 2.0 license. -* `3rdparty/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is distributed in Mbed TLS under a dual Apache-2.0 OR GPL-2.0-or-later license. We do not plan to regularly update these files, so they may not contain fixes and improvements present in the upstream project. +* `3rdparty/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is distributed in Mbed TLS under a dual Apache-2.0 OR GPL-2.0-or-later license with permission from the author. Contributing ------------ From aeaf1d79bafd72c520cfe2d181fff8a7741bda2b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 11:40:56 +0000 Subject: [PATCH 0532/1674] Update license and copyright in config files Signed-off-by: Dave Rodgman --- configs/crypto_config_profile_medium.h | 11 +++++------ configs/tfm_mbedcrypto_config_profile_medium.h | 4 +--- 2 files changed, 6 insertions(+), 9 deletions(-) diff --git a/configs/crypto_config_profile_medium.h b/configs/crypto_config_profile_medium.h index 3fa8552c9..682835a06 100644 --- a/configs/crypto_config_profile_medium.h +++ b/configs/crypto_config_profile_medium.h @@ -1,14 +1,13 @@ -/* - * Copyright (c) 2018-2022, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * - */ /** * \file psa/crypto_config.h * \brief PSA crypto configuration options (set of defines) * */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) /** * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in mbedtls_config.h, diff --git a/configs/tfm_mbedcrypto_config_profile_medium.h b/configs/tfm_mbedcrypto_config_profile_medium.h index 3234cd672..34a3bd4ff 100644 --- a/configs/tfm_mbedcrypto_config_profile_medium.h +++ b/configs/tfm_mbedcrypto_config_profile_medium.h @@ -8,10 +8,8 @@ * memory footprint. */ /* - * Copyright (C) 2006-2022, ARM Limited, All Rights Reserved + * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of mbed TLS (https://tls.mbed.org) */ #ifndef PROFILE_M_MBEDTLS_CONFIG_H From 4eb44e47803b79622550ae2f1aac685ddb64f0ad Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 12:15:12 +0000 Subject: [PATCH 0533/1674] Standardise some more headers Signed-off-by: Dave Rodgman --- library/mps_common.h | 2 -- library/mps_error.h | 2 -- library/mps_reader.c | 2 -- library/mps_reader.h | 2 -- library/mps_trace.c | 2 -- library/mps_trace.h | 2 -- library/ssl_client.c | 2 -- library/ssl_tls13_client.c | 2 -- tests/scripts/depends.py | 4 +--- 9 files changed, 1 insertion(+), 19 deletions(-) diff --git a/library/mps_common.h b/library/mps_common.h index 49e17535a..f9fe09988 100644 --- a/library/mps_common.h +++ b/library/mps_common.h @@ -1,8 +1,6 @@ /* * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/mps_error.h b/library/mps_error.h index 8a714a3a5..016a84ce4 100644 --- a/library/mps_error.h +++ b/library/mps_error.h @@ -1,8 +1,6 @@ /* * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/mps_reader.c b/library/mps_reader.c index 48b393685..27d0c04c1 100644 --- a/library/mps_reader.c +++ b/library/mps_reader.c @@ -3,8 +3,6 @@ * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS (https://tls.mbed.org) */ #include "common.h" diff --git a/library/mps_reader.h b/library/mps_reader.h index d877ee54a..3193a5e33 100644 --- a/library/mps_reader.h +++ b/library/mps_reader.h @@ -1,8 +1,6 @@ /* * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/mps_trace.c b/library/mps_trace.c index cb69c6be6..69f6e5a0f 100644 --- a/library/mps_trace.c +++ b/library/mps_trace.c @@ -3,8 +3,6 @@ * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS (https://tls.mbed.org) */ #include "common.h" diff --git a/library/mps_trace.h b/library/mps_trace.h index a13edd87f..b456b2ffd 100644 --- a/library/mps_trace.h +++ b/library/mps_trace.h @@ -1,8 +1,6 @@ /* * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/ssl_client.c b/library/ssl_client.c index eabdc75ac..7a7840662 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -3,8 +3,6 @@ * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS ( https://tls.mbed.org ) */ #include "common.h" diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index e06e4c91e..97ae51cb7 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -3,8 +3,6 @@ * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS ( https://tls.mbed.org ) */ #include "common.h" diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index 29ecfdbea..38c184a6a 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -1,9 +1,7 @@ #!/usr/bin/env python3 -# Copyright (c) 2022, Arm Limited, All Rights Reserved. +# Copyright The Mbed TLS Contributors # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later -# -# This file is part of Mbed TLS (https://tls.mbed.org) """ Test Mbed TLS with a subset of algorithms. From e3c05853d6a9a6895d5ce690fbf8a485bc91ab97 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 12:21:36 +0000 Subject: [PATCH 0534/1674] Header updates Signed-off-by: Dave Rodgman --- .uncrustify.cfg | 14 +--------- 3rdparty/p256-m/p256-m/p256-m.c | 2 +- 3rdparty/p256-m/p256-m/p256-m.h | 2 +- 3rdparty/p256-m/p256-m_driver_entrypoints.c | 14 +--------- 3rdparty/p256-m/p256-m_driver_entrypoints.h | 14 +--------- configs/config-ccm-psk-dtls1_2.h | 14 +--------- configs/config-ccm-psk-tls1_2.h | 14 +--------- configs/config-no-entropy.h | 14 +--------- configs/config-suite-b.h | 14 +--------- configs/config-symmetric-only.h | 14 +--------- configs/config-thread.h | 14 +--------- configs/crypto-config-ccm-aes-sha256.h | 14 +--------- .../tfm_mbedcrypto_config_profile_medium.h | 14 +--------- docs/architecture/psa-migration/syms.sh | 14 +--------- doxygen/input/doc_encdec.h | 14 +--------- doxygen/input/doc_hashing.h | 14 +--------- doxygen/input/doc_mainpage.h | 14 +--------- doxygen/input/doc_rng.h | 14 +--------- doxygen/input/doc_ssltls.h | 14 +--------- doxygen/input/doc_tcpip.h | 14 +--------- doxygen/input/doc_x509.h | 14 +--------- include/mbedtls/aes.h | 14 +--------- include/mbedtls/aria.h | 14 +--------- include/mbedtls/asn1.h | 14 +--------- include/mbedtls/asn1write.h | 14 +--------- include/mbedtls/base64.h | 14 +--------- include/mbedtls/bignum.h | 14 +--------- include/mbedtls/build_info.h | 14 +--------- include/mbedtls/camellia.h | 14 +--------- include/mbedtls/ccm.h | 14 +--------- include/mbedtls/chacha20.h | 14 +--------- include/mbedtls/chachapoly.h | 14 +--------- include/mbedtls/check_config.h | 14 +--------- include/mbedtls/cipher.h | 14 +--------- include/mbedtls/cmac.h | 14 +--------- include/mbedtls/compat-2.x.h | 14 +--------- include/mbedtls/config_adjust_legacy_crypto.h | 14 +--------- .../mbedtls/config_adjust_legacy_from_psa.h | 14 +--------- .../mbedtls/config_adjust_psa_from_legacy.h | 14 +--------- .../config_adjust_psa_superset_legacy.h | 14 +--------- include/mbedtls/config_adjust_ssl.h | 14 +--------- include/mbedtls/config_adjust_x509.h | 14 +--------- include/mbedtls/config_psa.h | 14 +--------- include/mbedtls/constant_time.h | 14 +--------- include/mbedtls/ctr_drbg.h | 14 +--------- include/mbedtls/debug.h | 14 +--------- include/mbedtls/des.h | 14 +--------- include/mbedtls/dhm.h | 14 +--------- include/mbedtls/ecdh.h | 14 +--------- include/mbedtls/ecdsa.h | 14 +--------- include/mbedtls/ecjpake.h | 14 +--------- include/mbedtls/ecp.h | 14 +--------- include/mbedtls/entropy.h | 14 +--------- include/mbedtls/error.h | 14 +--------- include/mbedtls/gcm.h | 14 +--------- include/mbedtls/hkdf.h | 14 +--------- include/mbedtls/hmac_drbg.h | 14 +--------- include/mbedtls/lms.h | 14 +--------- include/mbedtls/mbedtls_config.h | 14 +--------- include/mbedtls/md.h | 14 +--------- include/mbedtls/md5.h | 14 +--------- include/mbedtls/memory_buffer_alloc.h | 14 +--------- include/mbedtls/net_sockets.h | 14 +--------- include/mbedtls/nist_kw.h | 14 +--------- include/mbedtls/oid.h | 14 +--------- include/mbedtls/pem.h | 14 +--------- include/mbedtls/pk.h | 14 +--------- include/mbedtls/pkcs12.h | 14 +--------- include/mbedtls/pkcs5.h | 14 +--------- include/mbedtls/pkcs7.h | 14 +--------- include/mbedtls/platform.h | 14 +--------- include/mbedtls/platform_time.h | 14 +--------- include/mbedtls/platform_util.h | 14 +--------- include/mbedtls/poly1305.h | 14 +--------- include/mbedtls/private_access.h | 14 +--------- include/mbedtls/psa_util.h | 14 +--------- include/mbedtls/ripemd160.h | 14 +--------- include/mbedtls/rsa.h | 14 +--------- include/mbedtls/sha1.h | 14 +--------- include/mbedtls/sha256.h | 14 +--------- include/mbedtls/sha3.h | 14 +--------- include/mbedtls/sha512.h | 14 +--------- include/mbedtls/ssl.h | 14 +--------- include/mbedtls/ssl_cache.h | 14 +--------- include/mbedtls/ssl_ciphersuites.h | 14 +--------- include/mbedtls/ssl_cookie.h | 14 +--------- include/mbedtls/ssl_ticket.h | 14 +--------- include/mbedtls/threading.h | 14 +--------- include/mbedtls/timing.h | 14 +--------- include/mbedtls/version.h | 14 +--------- include/mbedtls/x509.h | 14 +--------- include/mbedtls/x509_crl.h | 14 +--------- include/mbedtls/x509_crt.h | 14 +--------- include/mbedtls/x509_csr.h | 14 +--------- include/psa/build_info.h | 14 +--------- include/psa/crypto.h | 14 +--------- include/psa/crypto_adjust_auto_enabled.h | 14 +--------- .../psa/crypto_adjust_config_key_pair_types.h | 14 +--------- include/psa/crypto_adjust_config_synonyms.h | 14 +--------- include/psa/crypto_builtin_composites.h | 14 +--------- include/psa/crypto_builtin_key_derivation.h | 14 +--------- include/psa/crypto_builtin_primitives.h | 14 +--------- include/psa/crypto_compat.h | 14 +--------- include/psa/crypto_config.h | 14 +--------- include/psa/crypto_driver_common.h | 14 +--------- .../psa/crypto_driver_contexts_composites.h | 14 +--------- .../crypto_driver_contexts_key_derivation.h | 14 +--------- .../psa/crypto_driver_contexts_primitives.h | 14 +--------- include/psa/crypto_extra.h | 14 +--------- include/psa/crypto_legacy.h | 14 +--------- include/psa/crypto_platform.h | 14 +--------- include/psa/crypto_se_driver.h | 14 +--------- include/psa/crypto_sizes.h | 14 +--------- include/psa/crypto_struct.h | 14 +--------- include/psa/crypto_types.h | 14 +--------- include/psa/crypto_values.h | 14 +--------- library/aes.c | 14 +--------- library/aesce.c | 14 +--------- library/aesce.h | 14 +--------- library/aesni.c | 14 +--------- library/aesni.h | 14 +--------- library/alignment.h | 14 +--------- library/aria.c | 14 +--------- library/asn1parse.c | 14 +--------- library/asn1write.c | 14 +--------- library/base64.c | 14 +--------- library/base64_internal.h | 14 +--------- library/bignum.c | 14 +--------- library/bignum_core.c | 14 +--------- library/bignum_core.h | 14 +--------- library/bignum_mod.c | 14 +--------- library/bignum_mod.h | 14 +--------- library/bignum_mod_raw.c | 14 +--------- library/bignum_mod_raw.h | 14 +--------- library/bignum_mod_raw_invasive.h | 14 +--------- library/bn_mul.h | 14 +--------- library/camellia.c | 14 +--------- library/ccm.c | 14 +--------- library/chacha20.c | 14 +--------- library/chachapoly.c | 14 +--------- library/check_crypto_config.h | 14 +--------- library/cipher.c | 14 +--------- library/cipher_wrap.c | 14 +--------- library/cipher_wrap.h | 14 +--------- library/cmac.c | 14 +--------- library/common.h | 14 +--------- library/constant_time.c | 14 +--------- library/constant_time_impl.h | 14 +--------- library/constant_time_internal.h | 14 +--------- library/ctr_drbg.c | 14 +--------- library/debug.c | 14 +--------- library/des.c | 14 +--------- library/dhm.c | 14 +--------- library/ecdh.c | 14 +--------- library/ecdsa.c | 14 +--------- library/ecjpake.c | 14 +--------- library/ecp.c | 14 +--------- library/ecp_curves.c | 14 +--------- library/ecp_curves_new.c | 14 +--------- library/ecp_internal_alt.h | 14 +--------- library/ecp_invasive.h | 14 +--------- library/entropy.c | 14 +--------- library/entropy_poll.c | 14 +--------- library/entropy_poll.h | 14 +--------- library/error.c | 14 +--------- library/gcm.c | 14 +--------- library/hkdf.c | 14 +--------- library/hmac_drbg.c | 14 +--------- library/lmots.c | 14 +--------- library/lmots.h | 14 +--------- library/lms.c | 14 +--------- library/md.c | 14 +--------- library/md5.c | 14 +--------- library/md_psa.h | 14 +--------- library/md_wrap.h | 14 +--------- library/memory_buffer_alloc.c | 14 +--------- library/mps_common.h | 14 +--------- library/mps_error.h | 14 +--------- library/mps_reader.c | 14 +--------- library/mps_reader.h | 14 +--------- library/mps_trace.c | 14 +--------- library/mps_trace.h | 14 +--------- library/net_sockets.c | 14 +--------- library/nist_kw.c | 14 +--------- library/oid.c | 14 +--------- library/padlock.c | 14 +--------- library/padlock.h | 14 +--------- library/pem.c | 14 +--------- library/pk.c | 14 +--------- library/pk_internal.h | 14 +--------- library/pk_wrap.c | 14 +--------- library/pk_wrap.h | 14 +--------- library/pkcs12.c | 14 +--------- library/pkcs5.c | 14 +--------- library/pkcs7.c | 14 +--------- library/pkparse.c | 14 +--------- library/pkwrite.c | 14 +--------- library/pkwrite.h | 14 +--------- library/platform.c | 14 +--------- library/platform_util.c | 14 +--------- library/poly1305.c | 14 +--------- library/psa_crypto.c | 14 +--------- library/psa_crypto_aead.c | 14 +--------- library/psa_crypto_aead.h | 14 +--------- library/psa_crypto_cipher.c | 14 +--------- library/psa_crypto_cipher.h | 14 +--------- library/psa_crypto_client.c | 14 +--------- library/psa_crypto_core.h | 14 +--------- library/psa_crypto_core_common.h | 14 +--------- library/psa_crypto_driver_wrappers.h | 14 +--------- .../psa_crypto_driver_wrappers_no_static.c | 14 +--------- .../psa_crypto_driver_wrappers_no_static.h | 14 +--------- library/psa_crypto_ecp.c | 14 +--------- library/psa_crypto_ecp.h | 14 +--------- library/psa_crypto_ffdh.c | 14 +--------- library/psa_crypto_ffdh.h | 14 +--------- library/psa_crypto_hash.c | 14 +--------- library/psa_crypto_hash.h | 14 +--------- library/psa_crypto_invasive.h | 14 +--------- library/psa_crypto_its.h | 14 +--------- library/psa_crypto_mac.c | 14 +--------- library/psa_crypto_mac.h | 14 +--------- library/psa_crypto_pake.c | 14 +--------- library/psa_crypto_pake.h | 14 +--------- library/psa_crypto_random_impl.h | 14 +--------- library/psa_crypto_rsa.c | 14 +--------- library/psa_crypto_rsa.h | 14 +--------- library/psa_crypto_se.c | 14 +--------- library/psa_crypto_se.h | 14 +--------- library/psa_crypto_slot_management.c | 14 +--------- library/psa_crypto_slot_management.h | 14 +--------- library/psa_crypto_storage.c | 14 +--------- library/psa_crypto_storage.h | 14 +--------- library/psa_its_file.c | 14 +--------- library/psa_util.c | 14 +--------- library/psa_util_internal.h | 14 +--------- library/ripemd160.c | 14 +--------- library/rsa.c | 14 +--------- library/rsa_alt_helpers.c | 14 +--------- library/rsa_alt_helpers.h | 14 +--------- library/sha1.c | 14 +--------- library/sha256.c | 14 +--------- library/sha3.c | 14 +--------- library/sha512.c | 14 +--------- library/ssl_cache.c | 14 +--------- library/ssl_ciphersuites.c | 14 +--------- library/ssl_client.c | 14 +--------- library/ssl_client.h | 14 +--------- library/ssl_cookie.c | 14 +--------- library/ssl_debug_helpers.h | 14 +--------- library/ssl_debug_helpers_generated.c | 14 +--------- library/ssl_misc.h | 14 +--------- library/ssl_msg.c | 14 +--------- library/ssl_ticket.c | 14 +--------- library/ssl_tls.c | 14 +--------- library/ssl_tls12_client.c | 14 +--------- library/ssl_tls12_server.c | 14 +--------- library/ssl_tls13_client.c | 14 +--------- library/ssl_tls13_generic.c | 14 +--------- library/ssl_tls13_invasive.h | 14 +--------- library/ssl_tls13_keys.c | 2 +- library/ssl_tls13_keys.h | 2 +- library/ssl_tls13_server.c | 14 +--------- library/threading.c | 14 +--------- library/timing.c | 14 +--------- library/version.c | 14 +--------- library/version_features.c | 14 +--------- library/x509.c | 14 +--------- library/x509_create.c | 14 +--------- library/x509_crl.c | 14 +--------- library/x509_crt.c | 14 +--------- library/x509_csr.c | 14 +--------- library/x509write.c | 14 +--------- library/x509write_crt.c | 14 +--------- library/x509write_csr.c | 14 +--------- programs/aes/crypt_and_hash.c | 14 +--------- programs/cipher/cipher_aead_demo.c | 14 +--------- programs/hash/generic_sum.c | 14 +--------- programs/hash/hello.c | 14 +--------- programs/hash/md_hmac_demo.c | 14 +--------- programs/pkey/dh_client.c | 14 +--------- programs/pkey/dh_genprime.c | 14 +--------- programs/pkey/dh_server.c | 14 +--------- programs/pkey/ecdh_curve25519.c | 14 +--------- programs/pkey/ecdsa.c | 14 +--------- programs/pkey/gen_key.c | 14 +--------- programs/pkey/key_app.c | 14 +--------- programs/pkey/key_app_writer.c | 14 +--------- programs/pkey/mpi_demo.c | 14 +--------- programs/pkey/pk_decrypt.c | 14 +--------- programs/pkey/pk_encrypt.c | 14 +--------- programs/pkey/pk_sign.c | 14 +--------- programs/pkey/pk_verify.c | 14 +--------- programs/pkey/rsa_decrypt.c | 14 +--------- programs/pkey/rsa_encrypt.c | 14 +--------- programs/pkey/rsa_genkey.c | 14 +--------- programs/pkey/rsa_sign.c | 14 +--------- programs/pkey/rsa_sign_pss.c | 14 +--------- programs/pkey/rsa_verify.c | 14 +--------- programs/pkey/rsa_verify_pss.c | 14 +--------- programs/psa/aead_demo.c | 14 +--------- programs/psa/crypto_examples.c | 14 +--------- programs/psa/hmac_demo.c | 14 +--------- programs/psa/key_ladder_demo.c | 14 +--------- programs/psa/key_ladder_demo.sh | 14 +--------- programs/psa/psa_constant_names.c | 14 +--------- programs/random/gen_entropy.c | 14 +--------- programs/random/gen_random_ctr_drbg.c | 14 +--------- programs/ssl/dtls_client.c | 14 +--------- programs/ssl/dtls_server.c | 14 +--------- programs/ssl/mini_client.c | 14 +--------- programs/ssl/ssl_client1.c | 14 +--------- programs/ssl/ssl_client2.c | 14 +--------- programs/ssl/ssl_context_info.c | 14 +--------- programs/ssl/ssl_fork_server.c | 14 +--------- programs/ssl/ssl_mail_client.c | 14 +--------- programs/ssl/ssl_pthread_server.c | 14 +--------- programs/ssl/ssl_server.c | 14 +--------- programs/ssl/ssl_server2.c | 14 +--------- programs/ssl/ssl_test_common_source.c | 14 +--------- programs/ssl/ssl_test_lib.c | 14 +--------- programs/ssl/ssl_test_lib.h | 14 +--------- programs/test/benchmark.c | 14 +--------- programs/test/cmake_package/cmake_package.c | 14 +--------- .../cmake_package_install.c | 14 +--------- .../test/cmake_subproject/cmake_subproject.c | 14 +--------- programs/test/dlopen.c | 14 +--------- programs/test/dlopen_demo.sh | 14 +--------- programs/test/generate_cpp_dummy_build.sh | 27 ++---------------- programs/test/query_compile_time_config.c | 14 +--------- programs/test/query_config.c | 14 +--------- programs/test/query_config.h | 14 +--------- programs/test/query_included_headers.c | 14 +--------- programs/test/selftest.c | 14 +--------- programs/test/udp_proxy.c | 14 +--------- programs/test/udp_proxy_wrapper.sh | 14 +--------- programs/test/zeroize.c | 14 +--------- programs/util/pem2der.c | 14 +--------- programs/util/strerror.c | 14 +--------- programs/wince_main.c | 14 +--------- programs/x509/cert_app.c | 14 +--------- programs/x509/cert_req.c | 14 +--------- programs/x509/cert_write.c | 14 +--------- programs/x509/crl_app.c | 14 +--------- programs/x509/load_roots.c | 14 +--------- programs/x509/req_app.c | 14 +--------- scripts/abi_check.py | 14 +--------- scripts/apidoc_full.sh | 14 +--------- scripts/assemble_changelog.py | 14 +--------- scripts/bump_version.sh | 14 +--------- scripts/code_size_compare.py | 14 +--------- scripts/code_style.py | 14 +--------- scripts/config.pl | 13 +-------- scripts/config.py | 13 +-------- .../psa_crypto_driver_wrappers.h.jinja | 14 +--------- ...a_crypto_driver_wrappers_no_static.c.jinja | 14 +--------- scripts/data_files/error.fmt | 14 +--------- scripts/data_files/query_config.fmt | 14 +--------- scripts/data_files/version_features.fmt | 14 +--------- scripts/ecc-heap.sh | 14 +--------- scripts/ecp_comb_table.py | 14 +--------- scripts/footprint.sh | 14 +--------- scripts/generate_driver_wrappers.py | 14 +--------- scripts/generate_errors.pl | 14 +--------- scripts/generate_features.pl | 14 +--------- scripts/generate_psa_constants.py | 14 +--------- scripts/generate_query_config.pl | 14 +--------- scripts/generate_ssl_debug_helpers.py | 27 ++---------------- scripts/generate_visualc_files.pl | 14 +--------- scripts/lcov.sh | 14 +--------- scripts/massif_max.pl | 14 +--------- scripts/mbedtls_dev/asymmetric_key_data.py | 13 +-------- scripts/mbedtls_dev/bignum_common.py | 13 +-------- scripts/mbedtls_dev/bignum_core.py | 13 +-------- scripts/mbedtls_dev/bignum_data.py | 13 +-------- scripts/mbedtls_dev/bignum_mod.py | 13 +-------- scripts/mbedtls_dev/bignum_mod_raw.py | 13 +-------- scripts/mbedtls_dev/build_tree.py | 13 +-------- scripts/mbedtls_dev/c_build_helper.py | 13 +-------- scripts/mbedtls_dev/crypto_data_tests.py | 13 +-------- scripts/mbedtls_dev/crypto_knowledge.py | 13 +-------- scripts/mbedtls_dev/ecp.py | 13 +-------- scripts/mbedtls_dev/logging_util.py | 13 +-------- scripts/mbedtls_dev/macro_collector.py | 13 +-------- scripts/mbedtls_dev/psa_information.py | 13 +-------- scripts/mbedtls_dev/psa_storage.py | 13 +-------- scripts/mbedtls_dev/test_case.py | 13 +-------- scripts/mbedtls_dev/test_data_generation.py | 13 +-------- scripts/mbedtls_dev/typing_util.py | 13 +-------- scripts/memory.sh | 14 +--------- scripts/min_requirements.py | 14 +--------- scripts/output_env.sh | 14 +--------- scripts/prepare_release.sh | 14 +--------- scripts/tmp_ignore_makefiles.sh | 14 +--------- tests/compat-in-docker.sh | 14 +--------- tests/compat.sh | 14 +--------- tests/configs/tls13-only.h | 14 +--------- tests/configs/user-config-for-test.h | 14 +--------- tests/configs/user-config-malloc-0-null.h | 14 +--------- tests/configs/user-config-zeroize-memset.h | 14 +--------- tests/context-info.sh | 14 +--------- tests/data_files/dir-maxpath/long.sh | 14 +--------- tests/data_files/print_c.pl | 14 +--------- tests/data_files/test_certs.h.jinja2 | 14 +--------- tests/docker/bionic/Dockerfile | 14 +--------- tests/git-scripts/pre-push.sh | 14 +--------- tests/include/alt-dummy/aes_alt.h | 14 +--------- tests/include/alt-dummy/aria_alt.h | 14 +--------- tests/include/alt-dummy/camellia_alt.h | 14 +--------- tests/include/alt-dummy/ccm_alt.h | 14 +--------- tests/include/alt-dummy/chacha20_alt.h | 14 +--------- tests/include/alt-dummy/chachapoly_alt.h | 14 +--------- tests/include/alt-dummy/cmac_alt.h | 14 +--------- tests/include/alt-dummy/des_alt.h | 14 +--------- tests/include/alt-dummy/dhm_alt.h | 14 +--------- tests/include/alt-dummy/ecjpake_alt.h | 14 +--------- tests/include/alt-dummy/ecp_alt.h | 14 +--------- tests/include/alt-dummy/gcm_alt.h | 14 +--------- tests/include/alt-dummy/md5_alt.h | 14 +--------- tests/include/alt-dummy/nist_kw_alt.h | 14 +--------- tests/include/alt-dummy/platform_alt.h | 14 +--------- tests/include/alt-dummy/poly1305_alt.h | 14 +--------- tests/include/alt-dummy/ripemd160_alt.h | 14 +--------- tests/include/alt-dummy/rsa_alt.h | 14 +--------- tests/include/alt-dummy/sha1_alt.h | 14 +--------- tests/include/alt-dummy/sha256_alt.h | 14 +--------- tests/include/alt-dummy/sha512_alt.h | 14 +--------- tests/include/alt-dummy/threading_alt.h | 14 +--------- tests/include/alt-dummy/timing_alt.h | 14 +--------- tests/include/baremetal-override/time.h | 14 +--------- tests/include/spe/crypto_spe.h | 14 +--------- tests/include/test/arguments.h | 14 +--------- tests/include/test/asn1_helpers.h | 14 +--------- tests/include/test/bignum_helpers.h | 14 +--------- tests/include/test/certs.h | 14 +--------- tests/include/test/constant_flow.h | 14 +--------- tests/include/test/drivers/aead.h | 14 +--------- .../test/drivers/asymmetric_encryption.h | 14 +--------- tests/include/test/drivers/cipher.h | 14 +--------- .../include/test/drivers/config_test_driver.h | 14 +--------- tests/include/test/drivers/hash.h | 14 +--------- tests/include/test/drivers/key_agreement.h | 14 +--------- tests/include/test/drivers/key_management.h | 14 +--------- tests/include/test/drivers/mac.h | 14 +--------- tests/include/test/drivers/pake.h | 14 +--------- tests/include/test/drivers/signature.h | 14 +--------- tests/include/test/drivers/test_driver.h | 14 +--------- .../include/test/fake_external_rng_for_test.h | 14 +--------- tests/include/test/helpers.h | 14 +--------- tests/include/test/macros.h | 14 +--------- tests/include/test/psa_crypto_helpers.h | 14 +--------- tests/include/test/psa_exercise_key.h | 14 +--------- tests/include/test/psa_helpers.h | 14 +--------- tests/include/test/random.h | 14 +--------- tests/include/test/ssl_helpers.h | 14 +--------- tests/make-in-docker.sh | 14 +--------- tests/opt-testcases/tls13-compat.sh | 14 +--------- tests/opt-testcases/tls13-kex-modes.sh | 14 +--------- tests/opt-testcases/tls13-misc.sh | 14 +--------- tests/scripts/all-in-docker.sh | 14 +--------- tests/scripts/all.sh | 14 +--------- tests/scripts/audit-validity-dates.py | 14 +--------- tests/scripts/basic-build-test.sh | 14 +--------- tests/scripts/basic-in-docker.sh | 14 +--------- tests/scripts/check-doxy-blocks.pl | 14 +--------- tests/scripts/check-generated-files.sh | 14 +--------- tests/scripts/check-python-files.sh | 14 +--------- tests/scripts/check_files.py | 14 +--------- tests/scripts/check_names.py | 14 +--------- tests/scripts/check_test_cases.py | 14 +--------- tests/scripts/depends.py | 14 +--------- tests/scripts/docker_env.sh | 14 +--------- tests/scripts/doxygen.sh | 14 +--------- tests/scripts/gen_ctr_drbg.pl | 14 +--------- tests/scripts/gen_gcm_decrypt.pl | 14 +--------- tests/scripts/gen_gcm_encrypt.pl | 14 +--------- tests/scripts/gen_pkcs1_v21_sign_verify.pl | 14 +--------- tests/scripts/generate-afl-tests.sh | 14 +--------- tests/scripts/generate_bignum_tests.py | 14 +--------- tests/scripts/generate_ecp_tests.py | 14 +--------- tests/scripts/generate_pkcs7_tests.py | 14 +--------- tests/scripts/generate_psa_tests.py | 14 +--------- tests/scripts/generate_test_cert_macros.py | 14 +--------- tests/scripts/generate_test_code.py | 14 +--------- tests/scripts/generate_tls13_compat_tests.py | 28 ++----------------- tests/scripts/list-identifiers.sh | 14 +--------- tests/scripts/list_internal_identifiers.py | 14 +--------- tests/scripts/psa_collect_statuses.py | 14 +--------- tests/scripts/recursion.pl | 14 +--------- tests/scripts/run-test-suites.pl | 14 +--------- tests/scripts/scripts_path.py | 13 +-------- tests/scripts/set_psa_test_dependencies.py | 14 +--------- tests/scripts/tcp_client.pl | 14 +--------- tests/scripts/test-ref-configs.pl | 14 +--------- tests/scripts/test_config_script.py | 13 +-------- tests/scripts/test_generate_test_code.py | 14 +--------- tests/scripts/test_psa_compliance.py | 14 +--------- tests/scripts/test_psa_constant_names.py | 14 +--------- tests/scripts/test_zeroize.gdb | 14 +--------- tests/scripts/translate_ciphers.py | 14 +--------- tests/scripts/travis-log-failure.sh | 14 +--------- tests/src/asn1_helpers.c | 14 +--------- tests/src/bignum_helpers.c | 14 +--------- tests/src/certs.c | 14 +--------- tests/src/drivers/hash.c | 14 +--------- tests/src/drivers/platform_builtin_keys.c | 14 +--------- tests/src/drivers/test_driver_aead.c | 14 +--------- .../test_driver_asymmetric_encryption.c | 14 +--------- tests/src/drivers/test_driver_cipher.c | 14 +--------- tests/src/drivers/test_driver_key_agreement.c | 14 +--------- .../src/drivers/test_driver_key_management.c | 14 +--------- tests/src/drivers/test_driver_mac.c | 14 +--------- tests/src/drivers/test_driver_pake.c | 14 +--------- tests/src/drivers/test_driver_signature.c | 14 +--------- tests/src/fake_external_rng_for_test.c | 14 +--------- tests/src/helpers.c | 14 +--------- tests/src/psa_crypto_helpers.c | 14 +--------- tests/src/psa_exercise_key.c | 14 +--------- tests/src/random.c | 14 +--------- tests/src/test_certs.h | 14 +--------- tests/src/test_helpers/ssl_helpers.c | 14 +--------- tests/src/threading_helpers.c | 14 +--------- tests/ssl-opt-in-docker.sh | 14 +--------- tests/ssl-opt.sh | 14 +--------- 524 files changed, 527 insertions(+), 6779 deletions(-) diff --git a/.uncrustify.cfg b/.uncrustify.cfg index 92b8ce9cd..8dc9db049 100644 --- a/.uncrustify.cfg +++ b/.uncrustify.cfg @@ -4,19 +4,7 @@ # to Mbed TLS. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # Wrap lines at 100 characters diff --git a/3rdparty/p256-m/p256-m/p256-m.c b/3rdparty/p256-m/p256-m/p256-m.c index 3f878f758..42c35b5bf 100644 --- a/3rdparty/p256-m/p256-m/p256-m.c +++ b/3rdparty/p256-m/p256-m/p256-m.c @@ -3,7 +3,7 @@ * * Copyright The Mbed TLS Contributors * Author: Manuel Pégourié-Gonnard. - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "p256-m.h" diff --git a/3rdparty/p256-m/p256-m/p256-m.h b/3rdparty/p256-m/p256-m/p256-m.h index 28d319f39..c26780024 100644 --- a/3rdparty/p256-m/p256-m/p256-m.h +++ b/3rdparty/p256-m/p256-m/p256-m.h @@ -3,7 +3,7 @@ * * Copyright The Mbed TLS Contributors * Author: Manuel Pégourié-Gonnard. - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef P256_M_H #define P256_M_H diff --git a/3rdparty/p256-m/p256-m_driver_entrypoints.c b/3rdparty/p256-m/p256-m_driver_entrypoints.c index 61310a87b..d272dcbb1 100644 --- a/3rdparty/p256-m/p256-m_driver_entrypoints.c +++ b/3rdparty/p256-m/p256-m_driver_entrypoints.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/platform.h" diff --git a/3rdparty/p256-m/p256-m_driver_entrypoints.h b/3rdparty/p256-m/p256-m_driver_entrypoints.h index d92a8f00b..c740c4522 100644 --- a/3rdparty/p256-m/p256-m_driver_entrypoints.h +++ b/3rdparty/p256-m/p256-m_driver_entrypoints.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef P256M_DRIVER_ENTRYPOINTS_H diff --git a/configs/config-ccm-psk-dtls1_2.h b/configs/config-ccm-psk-dtls1_2.h index af2415fe1..19e09d957 100644 --- a/configs/config-ccm-psk-dtls1_2.h +++ b/configs/config-ccm-psk-dtls1_2.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Minimal configuration for DTLS 1.2 with PSK and AES-CCM ciphersuites diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index 62c1d8013..d49adfd72 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index 1964e8e55..ddb00b41e 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Minimal configuration of features that do not require an entropy source diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 56a700f74..9bba6e6cb 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Minimal configuration for TLS NSA Suite B Profile (RFC 6460) diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h index a014b5273..512dd7616 100644 --- a/configs/config-symmetric-only.h +++ b/configs/config-symmetric-only.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* System support */ diff --git a/configs/config-thread.h b/configs/config-thread.h index e05b557ed..2f81f9007 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/configs/crypto-config-ccm-aes-sha256.h b/configs/crypto-config-ccm-aes-sha256.h index 6c12bd7b6..7f8d58768 100644 --- a/configs/crypto-config-ccm-aes-sha256.h +++ b/configs/crypto-config-ccm-aes-sha256.h @@ -6,19 +6,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_CONFIG_H diff --git a/configs/tfm_mbedcrypto_config_profile_medium.h b/configs/tfm_mbedcrypto_config_profile_medium.h index 88736b54b..3234cd672 100644 --- a/configs/tfm_mbedcrypto_config_profile_medium.h +++ b/configs/tfm_mbedcrypto_config_profile_medium.h @@ -9,19 +9,7 @@ */ /* * Copyright (C) 2006-2022, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of mbed TLS (https://tls.mbed.org) */ diff --git a/docs/architecture/psa-migration/syms.sh b/docs/architecture/psa-migration/syms.sh index 1e1ec8c29..6c9686eb2 100755 --- a/docs/architecture/psa-migration/syms.sh +++ b/docs/architecture/psa-migration/syms.sh @@ -1,19 +1,7 @@ #!/bin/sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/doxygen/input/doc_encdec.h b/doxygen/input/doc_encdec.h index ec149aef7..cf77690b3 100644 --- a/doxygen/input/doc_encdec.h +++ b/doxygen/input/doc_encdec.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/doxygen/input/doc_hashing.h b/doxygen/input/doc_hashing.h index 931e6e928..83613bfa9 100644 --- a/doxygen/input/doc_hashing.h +++ b/doxygen/input/doc_hashing.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index b67237fbc..f465a454b 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/doxygen/input/doc_rng.h b/doxygen/input/doc_rng.h index 7da13cd73..22608a879 100644 --- a/doxygen/input/doc_rng.h +++ b/doxygen/input/doc_rng.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/doxygen/input/doc_ssltls.h b/doxygen/input/doc_ssltls.h index 6961124e4..5757574f3 100644 --- a/doxygen/input/doc_ssltls.h +++ b/doxygen/input/doc_ssltls.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/doxygen/input/doc_tcpip.h b/doxygen/input/doc_tcpip.h index a705de146..f8d8c6905 100644 --- a/doxygen/input/doc_tcpip.h +++ b/doxygen/input/doc_tcpip.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/doxygen/input/doc_x509.h b/doxygen/input/doc_x509.h index 904967501..945830f11 100644 --- a/doxygen/input/doc_x509.h +++ b/doxygen/input/doc_x509.h @@ -6,19 +6,7 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 7c92162d1..77ecffd86 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -22,19 +22,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_AES_H diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h index 7e55df7ec..abb8a3d76 100644 --- a/include/mbedtls/aria.h +++ b/include/mbedtls/aria.h @@ -11,19 +11,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ARIA_H diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index c7aae0ff8..830458b55 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ASN1_H #define MBEDTLS_ASN1_H diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 6fe57c8f0..7af4aba41 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ASN1_WRITE_H #define MBEDTLS_ASN1_WRITE_H diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h index 635be713d..8f459b74c 100644 --- a/include/mbedtls/base64.h +++ b/include/mbedtls/base64.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BASE64_H #define MBEDTLS_BASE64_H diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index eb8446ea8..931e06d2c 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BIGNUM_H #define MBEDTLS_BIGNUM_H diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 842f15c58..9b2b27255 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BUILD_INFO_H diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h index 8033c13ff..6c674fe04 100644 --- a/include/mbedtls/camellia.h +++ b/include/mbedtls/camellia.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CAMELLIA_H #define MBEDTLS_CAMELLIA_H diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index e00e747de..a98111b4e 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -29,19 +29,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CCM_H diff --git a/include/mbedtls/chacha20.h b/include/mbedtls/chacha20.h index e24e56b98..680fe3604 100644 --- a/include/mbedtls/chacha20.h +++ b/include/mbedtls/chacha20.h @@ -14,19 +14,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CHACHA20_H diff --git a/include/mbedtls/chachapoly.h b/include/mbedtls/chachapoly.h index 19baadefd..3dc21e380 100644 --- a/include/mbedtls/chachapoly.h +++ b/include/mbedtls/chachapoly.h @@ -14,19 +14,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CHACHAPOLY_H diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index e18e9a5fc..e479ef3a0 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CHECK_CONFIG_H diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 9c8701d38..2596baa92 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CIPHER_H diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index b2aca5d04..97b86fc42 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CMAC_H diff --git a/include/mbedtls/compat-2.x.h b/include/mbedtls/compat-2.x.h index cdf81dcbb..096341ba7 100644 --- a/include/mbedtls/compat-2.x.h +++ b/include/mbedtls/compat-2.x.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if defined(MBEDTLS_DEPRECATED_WARNING) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 6ec59f193..f76976591 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -16,19 +16,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index e3c2ed117..ab18d985d 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -10,19 +10,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H diff --git a/include/mbedtls/config_adjust_psa_from_legacy.h b/include/mbedtls/config_adjust_psa_from_legacy.h index 088711d37..c31a46243 100644 --- a/include/mbedtls/config_adjust_psa_from_legacy.h +++ b/include/mbedtls/config_adjust_psa_from_legacy.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H diff --git a/include/mbedtls/config_adjust_psa_superset_legacy.h b/include/mbedtls/config_adjust_psa_superset_legacy.h index 3d9029b57..3a55c3f6e 100644 --- a/include/mbedtls/config_adjust_psa_superset_legacy.h +++ b/include/mbedtls/config_adjust_psa_superset_legacy.h @@ -11,19 +11,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H diff --git a/include/mbedtls/config_adjust_ssl.h b/include/mbedtls/config_adjust_ssl.h index 2275f3add..8415f3e5f 100644 --- a/include/mbedtls/config_adjust_ssl.h +++ b/include/mbedtls/config_adjust_ssl.h @@ -16,19 +16,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_ADJUST_SSL_H diff --git a/include/mbedtls/config_adjust_x509.h b/include/mbedtls/config_adjust_x509.h index 99a0ace2f..346c8ae6d 100644 --- a/include/mbedtls/config_adjust_x509.h +++ b/include/mbedtls/config_adjust_x509.h @@ -16,19 +16,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_ADJUST_X509_H diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 2d2397197..17da61b3e 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_PSA_H diff --git a/include/mbedtls/constant_time.h b/include/mbedtls/constant_time.h index ebecf35b0..d31bff677 100644 --- a/include/mbedtls/constant_time.h +++ b/include/mbedtls/constant_time.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONSTANT_TIME_H diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index 0348281e4..d1f19e607 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -23,19 +23,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CTR_DRBG_H diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index d6dd15224..0aef2ed65 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_DEBUG_H #define MBEDTLS_DEBUG_H diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h index f445102d9..2b097a13d 100644 --- a/include/mbedtls/des.h +++ b/include/mbedtls/des.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ #ifndef MBEDTLS_DES_H diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index 0232a71fd..fcba3d2af 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -45,19 +45,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_DHM_H diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 67c94f0fa..792db79fd 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -14,19 +14,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECDH_H diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 3b2b418f1..2ecf34911 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECDSA_H diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h index 0008d7312..c2148a2bd 100644 --- a/include/mbedtls/ecjpake.h +++ b/include/mbedtls/ecjpake.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECJPAKE_H #define MBEDTLS_ECJPAKE_H diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index bf95b907a..7f5e88080 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -16,19 +16,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECP_H diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h index c2bba41d2..20fd6872b 100644 --- a/include/mbedtls/entropy.h +++ b/include/mbedtls/entropy.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ENTROPY_H #define MBEDTLS_ENTROPY_H diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index a7454f234..186589ac5 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ERROR_H #define MBEDTLS_ERROR_H diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index c3343e6aa..837cecc09 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -13,19 +13,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_GCM_H diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h index 699c6d9e9..930e93f32 100644 --- a/include/mbedtls/hkdf.h +++ b/include/mbedtls/hkdf.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_HKDF_H #define MBEDTLS_HKDF_H diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 2e5aa6d06..18b1b75a6 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_HMAC_DRBG_H #define MBEDTLS_HMAC_DRBG_H diff --git a/include/mbedtls/lms.h b/include/mbedtls/lms.h index 5c8df42f8..95fce2133 100644 --- a/include/mbedtls/lms.h +++ b/include/mbedtls/lms.h @@ -10,19 +10,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_LMS_H #define MBEDTLS_LMS_H diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index af0761395..1d8433e2d 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index c9a7858f3..ff7b13365 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_MD_H diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h index 808188694..6bf0754a4 100644 --- a/include/mbedtls/md5.h +++ b/include/mbedtls/md5.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_MD5_H #define MBEDTLS_MD5_H diff --git a/include/mbedtls/memory_buffer_alloc.h b/include/mbedtls/memory_buffer_alloc.h index 9694d2458..b527d9b66 100644 --- a/include/mbedtls/memory_buffer_alloc.h +++ b/include/mbedtls/memory_buffer_alloc.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_MEMORY_BUFFER_ALLOC_H #define MBEDTLS_MEMORY_BUFFER_ALLOC_H diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h index 1096d66d9..026f627ce 100644 --- a/include/mbedtls/net_sockets.h +++ b/include/mbedtls/net_sockets.h @@ -21,19 +21,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_NET_SOCKETS_H #define MBEDTLS_NET_SOCKETS_H diff --git a/include/mbedtls/nist_kw.h b/include/mbedtls/nist_kw.h index 0c95c902e..d353f3d1a 100644 --- a/include/mbedtls/nist_kw.h +++ b/include/mbedtls/nist_kw.h @@ -17,19 +17,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_NIST_KW_H diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 954507229..e48817d68 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_OID_H #define MBEDTLS_OID_H diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h index a33fc65e5..cc617a9bc 100644 --- a/include/mbedtls/pem.h +++ b/include/mbedtls/pem.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PEM_H #define MBEDTLS_PEM_H diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index aea602be7..24b11886b 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PK_H diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index ba1a2edf0..42e84538a 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PKCS12_H #define MBEDTLS_PKCS12_H diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h index 8b086aa2e..e004f4555 100644 --- a/include/mbedtls/pkcs5.h +++ b/include/mbedtls/pkcs5.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PKCS5_H #define MBEDTLS_PKCS5_H diff --git a/include/mbedtls/pkcs7.h b/include/mbedtls/pkcs7.h index 1231e3402..70b25a9c6 100644 --- a/include/mbedtls/pkcs7.h +++ b/include/mbedtls/pkcs7.h @@ -6,19 +6,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index 3fc1fd0c1..de3d71d9d 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -21,19 +21,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PLATFORM_H #define MBEDTLS_PLATFORM_H diff --git a/include/mbedtls/platform_time.h b/include/mbedtls/platform_time.h index 21b369745..97f1963ab 100644 --- a/include/mbedtls/platform_time.h +++ b/include/mbedtls/platform_time.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PLATFORM_TIME_H #define MBEDTLS_PLATFORM_TIME_H diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h index 3f23fef55..cba02ab3d 100644 --- a/include/mbedtls/platform_util.h +++ b/include/mbedtls/platform_util.h @@ -6,19 +6,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PLATFORM_UTIL_H #define MBEDTLS_PLATFORM_UTIL_H diff --git a/include/mbedtls/poly1305.h b/include/mbedtls/poly1305.h index 3025ef1f2..61bcaa6b6 100644 --- a/include/mbedtls/poly1305.h +++ b/include/mbedtls/poly1305.h @@ -14,19 +14,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_POLY1305_H diff --git a/include/mbedtls/private_access.h b/include/mbedtls/private_access.h index 61fa8777b..580f3eb44 100644 --- a/include/mbedtls/private_access.h +++ b/include/mbedtls/private_access.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PRIVATE_ACCESS_H diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 8ce15927b..643e8aac4 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PSA_UTIL_H diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h index acec3c52d..279f92b51 100644 --- a/include/mbedtls/ripemd160.h +++ b/include/mbedtls/ripemd160.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_RIPEMD160_H #define MBEDTLS_RIPEMD160_H diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 69f3981ed..df665240d 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -11,19 +11,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_RSA_H #define MBEDTLS_RSA_H diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h index 18bde93d3..592ffd13f 100644 --- a/include/mbedtls/sha1.h +++ b/include/mbedtls/sha1.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SHA1_H #define MBEDTLS_SHA1_H diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 87e259f5b..4ee780f7d 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SHA256_H #define MBEDTLS_SHA256_H diff --git a/include/mbedtls/sha3.h b/include/mbedtls/sha3.h index 77748be1f..3eeee65e6 100644 --- a/include/mbedtls/sha3.h +++ b/include/mbedtls/sha3.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SHA3_H diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index ea5467829..1c20e4c22 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SHA512_H #define MBEDTLS_SHA512_H diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index debb1cc2c..89f7b8164 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_H #define MBEDTLS_SSL_H diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h index 7a90191c3..a1307b450 100644 --- a/include/mbedtls/ssl_cache.h +++ b/include/mbedtls/ssl_cache.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_CACHE_H #define MBEDTLS_SSL_CACHE_H diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 07f2facef..8cecbb625 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_CIPHERSUITES_H #define MBEDTLS_SSL_CIPHERSUITES_H diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h index 5cd1847d0..71c258ea4 100644 --- a/include/mbedtls/ssl_cookie.h +++ b/include/mbedtls/ssl_cookie.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_COOKIE_H #define MBEDTLS_SSL_COOKIE_H diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h index 0cefe43a1..6d59c12da 100644 --- a/include/mbedtls/ssl_ticket.h +++ b/include/mbedtls/ssl_ticket.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_TICKET_H #define MBEDTLS_SSL_TICKET_H diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index 6a336c3ed..ed16a23b1 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_THREADING_H #define MBEDTLS_THREADING_H diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h index 830dcee63..62ae1022d 100644 --- a/include/mbedtls/timing.h +++ b/include/mbedtls/timing.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_TIMING_H #define MBEDTLS_TIMING_H diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index 073211a19..637f9d38b 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * This set of run-time variables can be used to determine the version number of diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index a9267c791..e2e06679b 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_X509_H #define MBEDTLS_X509_H diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h index 62694ae7f..6625a44f4 100644 --- a/include/mbedtls/x509_crl.h +++ b/include/mbedtls/x509_crl.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_X509_CRL_H #define MBEDTLS_X509_CRL_H diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 3f9b25075..3f1a1e761 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_X509_CRT_H #define MBEDTLS_X509_CRT_H diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index 513a83edd..e54010b10 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_X509_CSR_H #define MBEDTLS_X509_CSR_H diff --git a/include/psa/build_info.h b/include/psa/build_info.h index 34a138d72..3ee6cd7b1 100644 --- a/include/psa/build_info.h +++ b/include/psa/build_info.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_BUILD_INFO_H diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 6b06187bf..fe10ee0e4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4,19 +4,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_H diff --git a/include/psa/crypto_adjust_auto_enabled.h b/include/psa/crypto_adjust_auto_enabled.h index 5e18298c6..63fb29e85 100644 --- a/include/psa/crypto_adjust_auto_enabled.h +++ b/include/psa/crypto_adjust_auto_enabled.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_ADJUST_AUTO_ENABLED_H diff --git a/include/psa/crypto_adjust_config_key_pair_types.h b/include/psa/crypto_adjust_config_key_pair_types.h index 7736e752d..63afc0e40 100644 --- a/include/psa/crypto_adjust_config_key_pair_types.h +++ b/include/psa/crypto_adjust_config_key_pair_types.h @@ -13,19 +13,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_ADJUST_KEYPAIR_TYPES_H diff --git a/include/psa/crypto_adjust_config_synonyms.h b/include/psa/crypto_adjust_config_synonyms.h index 5142ef0ae..cf33465b5 100644 --- a/include/psa/crypto_adjust_config_synonyms.h +++ b/include/psa/crypto_adjust_config_synonyms.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h index d9473ac00..35c2e29b9 100644 --- a/include/psa/crypto_builtin_composites.h +++ b/include/psa/crypto_builtin_composites.h @@ -15,19 +15,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_BUILTIN_COMPOSITES_H diff --git a/include/psa/crypto_builtin_key_derivation.h b/include/psa/crypto_builtin_key_derivation.h index 8a2143a7e..6b91ae73f 100644 --- a/include/psa/crypto_builtin_key_derivation.h +++ b/include/psa/crypto_builtin_key_derivation.h @@ -15,19 +15,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index d3e069223..98ab4d333 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -15,19 +15,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_BUILTIN_PRIMITIVES_H diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index 70fa14e87..f896fae1c 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_COMPAT_H diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h index d34cbf339..5bf00f402 100644 --- a/include/psa/crypto_config.h +++ b/include/psa/crypto_config.h @@ -32,19 +32,7 @@ #endif /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_CONFIG_H diff --git a/include/psa/crypto_driver_common.h b/include/psa/crypto_driver_common.h index 26363c6b2..cc11d3b9a 100644 --- a/include/psa/crypto_driver_common.h +++ b/include/psa/crypto_driver_common.h @@ -17,19 +17,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_DRIVER_COMMON_H #define PSA_CRYPTO_DRIVER_COMMON_H diff --git a/include/psa/crypto_driver_contexts_composites.h b/include/psa/crypto_driver_contexts_composites.h index d0188647f..d717c5190 100644 --- a/include/psa/crypto_driver_contexts_composites.h +++ b/include/psa/crypto_driver_contexts_composites.h @@ -16,19 +16,7 @@ * to define the implementation-defined types of PSA multi-part state objects. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H diff --git a/include/psa/crypto_driver_contexts_key_derivation.h b/include/psa/crypto_driver_contexts_key_derivation.h index 3fb29ff7f..21190515c 100644 --- a/include/psa/crypto_driver_contexts_key_derivation.h +++ b/include/psa/crypto_driver_contexts_key_derivation.h @@ -15,19 +15,7 @@ * to define the implementation-defined types of PSA multi-part state objects. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_KEY_DERIVATION_H diff --git a/include/psa/crypto_driver_contexts_primitives.h b/include/psa/crypto_driver_contexts_primitives.h index b27a768e8..c90a5fbe7 100644 --- a/include/psa/crypto_driver_contexts_primitives.h +++ b/include/psa/crypto_driver_contexts_primitives.h @@ -15,19 +15,7 @@ * to define the implementation-defined types of PSA multi-part state objects. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 4b0cc7041..ef29b77db 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -10,19 +10,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_EXTRA_H diff --git a/include/psa/crypto_legacy.h b/include/psa/crypto_legacy.h index 7a038d945..7df3614d6 100644 --- a/include/psa/crypto_legacy.h +++ b/include/psa/crypto_legacy.h @@ -13,19 +13,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PSA_CRYPTO_LEGACY_H diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index ee41c897f..f32a10146 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -15,19 +15,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_PLATFORM_H diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index f39e2294c..9ce14bba6 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -17,19 +17,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_SE_DRIVER_H #define PSA_CRYPTO_SE_DRIVER_H diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 1d5ed6c26..d22bf1017 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -22,19 +22,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_SIZES_H diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index b309bc854..d5ea8d51b 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -43,19 +43,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_STRUCT_H diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 445657eb9..5a1318de0 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -15,19 +15,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TYPES_H diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 241b7c80d..5e33f6bd5 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -21,19 +21,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_VALUES_H diff --git a/library/aes.c b/library/aes.c index 0a7b26ce9..feb455b6f 100644 --- a/library/aes.c +++ b/library/aes.c @@ -2,19 +2,7 @@ * FIPS-197 compliant AES implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The AES block cipher was designed by Vincent Rijmen and Joan Daemen. diff --git a/library/aesce.c b/library/aesce.c index 8b42b034f..f2bdce2db 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -2,19 +2,7 @@ * Armv8-A Cryptographic Extension support functions for Aarch64 * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ diff --git a/library/aesce.h b/library/aesce.h index d24c423b8..9206a6b3b 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_AESCE_H #define MBEDTLS_AESCE_H diff --git a/library/aesni.c b/library/aesni.c index 5f25a8249..59bcd3d92 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -2,19 +2,7 @@ * AES-NI support functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/aesni.h b/library/aesni.h index ba1429029..165859ac3 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_AESNI_H #define MBEDTLS_AESNI_H diff --git a/library/alignment.h b/library/alignment.h index ab15986e5..4bca10e8f 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_LIBRARY_ALIGNMENT_H diff --git a/library/aria.c b/library/aria.c index 098036225..07a434f8f 100644 --- a/library/aria.c +++ b/library/aria.c @@ -2,19 +2,7 @@ * ARIA implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/asn1parse.c b/library/asn1parse.c index abdd0b1bd..c02b233ec 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -2,19 +2,7 @@ * Generic ASN.1 parsing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/asn1write.c b/library/asn1write.c index 2e9b98ad5..114091d63 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -2,19 +2,7 @@ * ASN.1 buffer writing functionality * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/base64.c b/library/base64.c index fa22e5375..a58717d6b 100644 --- a/library/base64.c +++ b/library/base64.c @@ -2,19 +2,7 @@ * RFC 1521 base64 encoding/decoding * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/library/base64_internal.h b/library/base64_internal.h index f9f56d78d..a09bd2377 100644 --- a/library/base64_internal.h +++ b/library/base64_internal.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BASE64_INTERNAL diff --git a/library/bignum.c b/library/bignum.c index 7c265e04d..09ce0301f 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2,19 +2,7 @@ * Multi-precision integer library * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/bignum_core.c b/library/bignum_core.c index dbf6d1df4..dfed60d55 100644 --- a/library/bignum_core.c +++ b/library/bignum_core.c @@ -2,19 +2,7 @@ * Core bignum functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/bignum_core.h b/library/bignum_core.h index e5500f117..b56be0a71 100644 --- a/library/bignum_core.h +++ b/library/bignum_core.h @@ -62,19 +62,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BIGNUM_CORE_H diff --git a/library/bignum_mod.c b/library/bignum_mod.c index 2f0e9ed09..dfd332a70 100644 --- a/library/bignum_mod.c +++ b/library/bignum_mod.c @@ -2,19 +2,7 @@ * Modular bignum functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/bignum_mod.h b/library/bignum_mod.h index 39e8fd218..963d8881a 100644 --- a/library/bignum_mod.h +++ b/library/bignum_mod.h @@ -63,19 +63,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BIGNUM_MOD_H diff --git a/library/bignum_mod_raw.c b/library/bignum_mod_raw.c index 5ee1b19b2..5343bc650 100644 --- a/library/bignum_mod_raw.c +++ b/library/bignum_mod_raw.c @@ -2,19 +2,7 @@ * Low-level modular bignum functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/bignum_mod_raw.h b/library/bignum_mod_raw.h index c5ff9378e..7bb4ca3cf 100644 --- a/library/bignum_mod_raw.h +++ b/library/bignum_mod_raw.h @@ -60,19 +60,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BIGNUM_MOD_RAW_H diff --git a/library/bignum_mod_raw_invasive.h b/library/bignum_mod_raw_invasive.h index ead83942c..94a0d06cf 100644 --- a/library/bignum_mod_raw_invasive.h +++ b/library/bignum_mod_raw_invasive.h @@ -6,19 +6,7 @@ */ /** * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_BIGNUM_MOD_RAW_INVASIVE_H diff --git a/library/bn_mul.h b/library/bn_mul.h index ab1a66ae5..0738469db 100644 --- a/library/bn_mul.h +++ b/library/bn_mul.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Multiply source vector [s] with b, add result diff --git a/library/camellia.c b/library/camellia.c index 409727d04..86c8bbfcd 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -2,19 +2,7 @@ * Camellia implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The Camellia block cipher was designed by NTT and Mitsubishi Electric diff --git a/library/ccm.c b/library/ccm.c index 237ef9f31..2cccd2809 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -2,19 +2,7 @@ * NIST SP800-38C compliant CCM implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/chacha20.c b/library/chacha20.c index cbb01f4ad..acaae5b2e 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -6,19 +6,7 @@ * \author Daniel King * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/chachapoly.c b/library/chachapoly.c index aebc646aa..a1314eab6 100644 --- a/library/chachapoly.c +++ b/library/chachapoly.c @@ -4,19 +4,7 @@ * \brief ChaCha20-Poly1305 AEAD construction based on RFC 7539. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/check_crypto_config.h b/library/check_crypto_config.h index b7d87fe07..6469e9f43 100644 --- a/library/check_crypto_config.h +++ b/library/check_crypto_config.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/cipher.c b/library/cipher.c index 9f9f1075c..e9ad2ba96 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -6,19 +6,7 @@ * \author Adriaan de Jong * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index bbf57ceee..7e12de630 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -6,19 +6,7 @@ * \author Adriaan de Jong * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h index c85a4efa8..ab10aa295 100644 --- a/library/cipher_wrap.h +++ b/library/cipher_wrap.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CIPHER_WRAP_H #define MBEDTLS_CIPHER_WRAP_H diff --git a/library/cmac.c b/library/cmac.c index c07968685..f40cae20c 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -4,19 +4,7 @@ * \brief NIST SP800-38B compliant CMAC implementation for AES and 3DES * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/common.h b/library/common.h index 3c472c685..c6ed14b68 100644 --- a/library/common.h +++ b/library/common.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_LIBRARY_COMMON_H diff --git a/library/constant_time.c b/library/constant_time.c index 8b41aed19..c7077c352 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -2,19 +2,7 @@ * Constant-time functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 7759ac384..f0b2fc02f 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -2,19 +2,7 @@ * Constant-time functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONSTANT_TIME_IMPL_H diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index cc26edcd1..61a5c6d4e 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -2,19 +2,7 @@ * Constant-time functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONSTANT_TIME_INTERNAL_H diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index fdd753d1c..cf3816e9f 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -2,19 +2,7 @@ * CTR_DRBG implementation based on AES-256 (NIST SP 800-90) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The NIST SP 800-90 DRBGs are described in the following publication. diff --git a/library/debug.c b/library/debug.c index 0983cb0fb..c7bbd41bd 100644 --- a/library/debug.c +++ b/library/debug.c @@ -2,19 +2,7 @@ * Debugging routines * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/des.c b/library/des.c index eaddf282a..f0032b3b5 100644 --- a/library/des.c +++ b/library/des.c @@ -2,19 +2,7 @@ * FIPS-46-3 compliant Triple-DES implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * DES, on which TDES is based, was originally designed by Horst Feistel diff --git a/library/dhm.c b/library/dhm.c index 174137d54..3daf0c2d4 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -2,19 +2,7 @@ * Diffie-Hellman-Merkle key exchange * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The following sources were referenced in the design of this implementation diff --git a/library/ecdh.c b/library/ecdh.c index 58ef881f0..e060b1883 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -2,19 +2,7 @@ * Elliptic curve Diffie-Hellman * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/ecdsa.c b/library/ecdsa.c index 6e55f2205..2f7a996a7 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -2,19 +2,7 @@ * Elliptic curve DSA * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/ecjpake.c b/library/ecjpake.c index 6355b5ea5..fb13a395b 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -2,19 +2,7 @@ * Elliptic curve J-PAKE * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/ecp.c b/library/ecp.c index 5f2a7b0c0..dad744ce3 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2,19 +2,7 @@ * Elliptic curves over GF(p): generic functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 7b850e5e8..577e23b7a 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -2,19 +2,7 @@ * Elliptic curves over GF(p): curve-specific data and functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ecp_curves_new.c b/library/ecp_curves_new.c index d431dcf24..4ee0f5800 100644 --- a/library/ecp_curves_new.c +++ b/library/ecp_curves_new.c @@ -2,19 +2,7 @@ * Elliptic curves over GF(p): curve-specific data and functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ecp_internal_alt.h b/library/ecp_internal_alt.h index f663d6737..668edc74c 100644 --- a/library/ecp_internal_alt.h +++ b/library/ecp_internal_alt.h @@ -6,19 +6,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/ecp_invasive.h b/library/ecp_invasive.h index bb3b127ff..ff9f9ecf1 100644 --- a/library/ecp_invasive.h +++ b/library/ecp_invasive.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ECP_INVASIVE_H #define MBEDTLS_ECP_INVASIVE_H diff --git a/library/entropy.c b/library/entropy.c index 00079176a..e3bc8516e 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -2,19 +2,7 @@ * Entropy accumulator implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/entropy_poll.c b/library/entropy_poll.c index 9d5b1e652..e8c669f9c 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -2,19 +2,7 @@ * Platform-specific and custom entropy polling functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if defined(__linux__) && !defined(_GNU_SOURCE) diff --git a/library/entropy_poll.h b/library/entropy_poll.h index be4943cce..6b4aec03e 100644 --- a/library/entropy_poll.h +++ b/library/entropy_poll.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_ENTROPY_POLL_H #define MBEDTLS_ENTROPY_POLL_H diff --git a/library/error.c b/library/error.c index 2656e13b9..1687e1fa0 100644 --- a/library/error.c +++ b/library/error.c @@ -2,19 +2,7 @@ * Error message information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/gcm.c b/library/gcm.c index c8618be7c..42fd02078 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -2,19 +2,7 @@ * NIST SP800-38D compliant GCM implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/hkdf.c b/library/hkdf.c index a3f071ece..631ac24e5 100644 --- a/library/hkdf.c +++ b/library/hkdf.c @@ -2,19 +2,7 @@ * HKDF implementation -- RFC 5869 * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index af205aacb..90174d5d1 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -2,19 +2,7 @@ * HMAC_DRBG implementation (NIST SP 800-90) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/lmots.c b/library/lmots.c index 9d796943c..e09e3e529 100644 --- a/library/lmots.c +++ b/library/lmots.c @@ -2,19 +2,7 @@ * The LM-OTS one-time public-key signature scheme * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/lmots.h b/library/lmots.h index 98d1941d5..8e495c9dd 100644 --- a/library/lmots.h +++ b/library/lmots.h @@ -8,19 +8,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_LMOTS_H diff --git a/library/lms.c b/library/lms.c index c06f9c260..0c470a0c3 100644 --- a/library/lms.c +++ b/library/lms.c @@ -2,19 +2,7 @@ * The LMS stateful-hash public-key signature scheme * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/md.c b/library/md.c index 6dfbba78d..12a3ea237 100644 --- a/library/md.c +++ b/library/md.c @@ -6,19 +6,7 @@ * \author Adriaan de Jong * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/md5.c b/library/md5.c index 7e7e3ad9e..e4a87a2e0 100644 --- a/library/md5.c +++ b/library/md5.c @@ -2,19 +2,7 @@ * RFC 1321 compliant MD5 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The MD5 algorithm was designed by Ron Rivest in 1991. diff --git a/library/md_psa.h b/library/md_psa.h index 8e00bb149..b201263b1 100644 --- a/library/md_psa.h +++ b/library/md_psa.h @@ -5,19 +5,7 @@ * PSA Crypto; it is a helper for the transition period. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_MD_PSA_H #define MBEDTLS_MD_PSA_H diff --git a/library/md_wrap.h b/library/md_wrap.h index 166b43b99..dad123540 100644 --- a/library/md_wrap.h +++ b/library/md_wrap.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_MD_WRAP_H #define MBEDTLS_MD_WRAP_H diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c index e5052ce5a..79b0a8b8f 100644 --- a/library/memory_buffer_alloc.c +++ b/library/memory_buffer_alloc.c @@ -2,19 +2,7 @@ * Buffer-based memory allocator * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/mps_common.h b/library/mps_common.h index 301d52532..49e17535a 100644 --- a/library/mps_common.h +++ b/library/mps_common.h @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS (https://tls.mbed.org) */ diff --git a/library/mps_error.h b/library/mps_error.h index 5113959be..8a714a3a5 100644 --- a/library/mps_error.h +++ b/library/mps_error.h @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS (https://tls.mbed.org) */ diff --git a/library/mps_reader.c b/library/mps_reader.c index dc2a91cbc..48b393685 100644 --- a/library/mps_reader.c +++ b/library/mps_reader.c @@ -2,19 +2,7 @@ * Message Processing Stack, Reader implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS (https://tls.mbed.org) */ diff --git a/library/mps_reader.h b/library/mps_reader.h index bb912ec17..d877ee54a 100644 --- a/library/mps_reader.h +++ b/library/mps_reader.h @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS (https://tls.mbed.org) */ diff --git a/library/mps_trace.c b/library/mps_trace.c index 9ba1f85e5..cb69c6be6 100644 --- a/library/mps_trace.c +++ b/library/mps_trace.c @@ -2,19 +2,7 @@ * Message Processing Stack, Trace module * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS (https://tls.mbed.org) */ diff --git a/library/mps_trace.h b/library/mps_trace.h index f8e0a5d80..a13edd87f 100644 --- a/library/mps_trace.h +++ b/library/mps_trace.h @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS (https://tls.mbed.org) */ diff --git a/library/net_sockets.c b/library/net_sockets.c index db80447a3..2b120c551 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -2,19 +2,7 @@ * TCP/IP or UDP/IP networking functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* Enable definition of getaddrinfo() even when compiling with -std=c99. Must diff --git a/library/nist_kw.c b/library/nist_kw.c index 7bdc807bc..f15425b8b 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -3,19 +3,7 @@ * only * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Definition of Key Wrapping: diff --git a/library/oid.c b/library/oid.c index d139a6d0d..6184abe40 100644 --- a/library/oid.c +++ b/library/oid.c @@ -4,19 +4,7 @@ * \brief Object Identifier (OID) database * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/padlock.c b/library/padlock.c index 563d40e7c..1b03069ca 100644 --- a/library/padlock.c +++ b/library/padlock.c @@ -2,19 +2,7 @@ * VIA PadLock support functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * This implementation is based on the VIA PadLock Programming Guide: diff --git a/library/padlock.h b/library/padlock.h index a00afe04f..92d72af51 100644 --- a/library/padlock.h +++ b/library/padlock.h @@ -9,19 +9,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PADLOCK_H #define MBEDTLS_PADLOCK_H diff --git a/library/pem.c b/library/pem.c index bd269dda7..9500ffcf7 100644 --- a/library/pem.c +++ b/library/pem.c @@ -2,19 +2,7 @@ * Privacy Enhanced Mail (PEM) decoding * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/pk.c b/library/pk.c index 96b8ef922..5a1698f12 100644 --- a/library/pk.c +++ b/library/pk.c @@ -2,19 +2,7 @@ * Public Key abstraction layer * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/pk_internal.h b/library/pk_internal.h index 004660e09..26373a3d1 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -6,19 +6,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PK_INTERNAL_H #define MBEDTLS_PK_INTERNAL_H diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 4a3fef7ce..b5b460399 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -2,19 +2,7 @@ * Public Key abstraction layer: wrapper functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/pk_wrap.h b/library/pk_wrap.h index b1e02180a..28c815a77 100644 --- a/library/pk_wrap.h +++ b/library/pk_wrap.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PK_WRAP_H diff --git a/library/pkcs12.c b/library/pkcs12.c index dd3a24037..374e8e81c 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -2,19 +2,7 @@ * PKCS#12 Personal Information Exchange Syntax * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The PKCS #12 Personal Information Exchange Syntax Standard v1.1 diff --git a/library/pkcs5.c b/library/pkcs5.c index 2756d058e..c4572331f 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -6,19 +6,7 @@ * \author Mathias Olsson * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * PKCS#5 includes PBKDF2 and more diff --git a/library/pkcs7.c b/library/pkcs7.c index cf05afd2c..36b49f53b 100644 --- a/library/pkcs7.c +++ b/library/pkcs7.c @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/pkparse.c b/library/pkparse.c index e1422df77..b8e3c741e 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -2,19 +2,7 @@ * Public Key layer for parsing key files and structures * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/pkwrite.c b/library/pkwrite.c index 03db1454a..260bbd4c4 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -2,19 +2,7 @@ * Public Key layer for writing key files and structures * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/pkwrite.h b/library/pkwrite.h index 8cfa64b8e..544ab2f32 100644 --- a/library/pkwrite.h +++ b/library/pkwrite.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PK_WRITE_H diff --git a/library/platform.c b/library/platform.c index b15b7b29a..890c4cbab 100644 --- a/library/platform.c +++ b/library/platform.c @@ -2,19 +2,7 @@ * Platform abstraction layer * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/platform_util.c b/library/platform_util.c index 09216edfb..1f15260c2 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -3,19 +3,7 @@ * library. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/poly1305.c b/library/poly1305.c index f4e1d3f88..c9ebe9e1d 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -4,19 +4,7 @@ * \brief Poly1305 authentication algorithm. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1faf1dd6c..54b578ab7 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c index 85d1f39be..b7ddbf5ba 100644 --- a/library/psa_crypto_aead.c +++ b/library/psa_crypto_aead.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_aead.h b/library/psa_crypto_aead.h index 4b24b0f68..a3392199f 100644 --- a/library/psa_crypto_aead.h +++ b/library/psa_crypto_aead.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_AEAD_H diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index b997a07cf..977ca1c07 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index bf43ff08a..2478d5860 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_CIPHER_H diff --git a/library/psa_crypto_client.c b/library/psa_crypto_client.c index c3234275a..564463fed 100644 --- a/library/psa_crypto_client.c +++ b/library/psa_crypto_client.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 575f302d4..304075ade 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_CORE_H diff --git a/library/psa_crypto_core_common.h b/library/psa_crypto_core_common.h index dd72ab162..98fce2cca 100644 --- a/library/psa_crypto_core_common.h +++ b/library/psa_crypto_core_common.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_CORE_COMMON_H diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index 6ab959769..c05e43c30 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -4,19 +4,7 @@ * Warning: This file is now auto-generated. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ diff --git a/library/psa_crypto_driver_wrappers_no_static.c b/library/psa_crypto_driver_wrappers_no_static.c index de1511bad..66a6059bb 100644 --- a/library/psa_crypto_driver_wrappers_no_static.c +++ b/library/psa_crypto_driver_wrappers_no_static.c @@ -4,19 +4,7 @@ * Warning: This file is now auto-generated. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ diff --git a/library/psa_crypto_driver_wrappers_no_static.h b/library/psa_crypto_driver_wrappers_no_static.h index 4985403cd..cd617f60e 100644 --- a/library/psa_crypto_driver_wrappers_no_static.h +++ b/library/psa_crypto_driver_wrappers_no_static.h @@ -3,19 +3,7 @@ * cryptographic accelerators. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_DRIVER_WRAPPERS_NO_STATIC_H diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 5c7786504..e4a372d24 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h index f4ad3d277..a9f5d59de 100644 --- a/library/psa_crypto_ecp.h +++ b/library/psa_crypto_ecp.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_ECP_H diff --git a/library/psa_crypto_ffdh.c b/library/psa_crypto_ffdh.c index 20dfd2dcf..a57f02e5e 100644 --- a/library/psa_crypto_ffdh.c +++ b/library/psa_crypto_ffdh.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_ffdh.h b/library/psa_crypto_ffdh.h index 67e5444fc..baeb9286c 100644 --- a/library/psa_crypto_ffdh.h +++ b/library/psa_crypto_ffdh.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_FFDH_H diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index dad182616..eeb7666c1 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index 2dfb0115e..0a7be8055 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_HASH_H diff --git a/library/psa_crypto_invasive.h b/library/psa_crypto_invasive.h index a900dd8ff..6897bdd66 100644 --- a/library/psa_crypto_invasive.h +++ b/library/psa_crypto_invasive.h @@ -10,19 +10,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_INVASIVE_H diff --git a/library/psa_crypto_its.h b/library/psa_crypto_its.h index 3ceee49be..877063b87 100644 --- a/library/psa_crypto_its.h +++ b/library/psa_crypto_its.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_ITS_H diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index 2f2c51dce..8fe621811 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h index 4f8024a9e..2f614bcc6 100644 --- a/library/psa_crypto_mac.h +++ b/library/psa_crypto_mac.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_MAC_H diff --git a/library/psa_crypto_pake.c b/library/psa_crypto_pake.c index 7a904d9de..fc9623379 100644 --- a/library/psa_crypto_pake.c +++ b/library/psa_crypto_pake.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_pake.h b/library/psa_crypto_pake.h index f21b0e672..3d3ee0cc9 100644 --- a/library/psa_crypto_pake.h +++ b/library/psa_crypto_pake.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_PAKE_H diff --git a/library/psa_crypto_random_impl.h b/library/psa_crypto_random_impl.h index 8719d9c70..64b894914 100644 --- a/library/psa_crypto_random_impl.h +++ b/library/psa_crypto_random_impl.h @@ -12,19 +12,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_RANDOM_IMPL_H diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 065e55af1..0679f41ea 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_rsa.h b/library/psa_crypto_rsa.h index bc24ef5d5..e4c5caf6f 100644 --- a/library/psa_crypto_rsa.h +++ b/library/psa_crypto_rsa.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_RSA_H diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 9db3dedce..7a36a4f3a 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index a1e5e0922..ebe378989 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_SE_H diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 92646c07c..3b8a319cb 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index c8366abeb..6041a3528 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_SLOT_MANAGEMENT_H diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 574d4b05e..13a3c8a90 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index 37ca46e28..b6b5e154a 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_STORAGE_H diff --git a/library/psa_its_file.c b/library/psa_its_file.c index 97486165e..3f32d7d4e 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_util.c b/library/psa_util.c index dd5e13455..0225bbf02 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/psa_util_internal.h b/library/psa_util_internal.h index 4a36dbf88..fcc79aef4 100644 --- a/library/psa_util_internal.h +++ b/library/psa_util_internal.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PSA_UTIL_INTERNAL_H diff --git a/library/ripemd160.c b/library/ripemd160.c index 49fee8579..b4fc3cdba 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -2,19 +2,7 @@ * RIPE MD-160 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/rsa.c b/library/rsa.c index 3c538bf43..db0b0f74f 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2,19 +2,7 @@ * The RSA public-key cryptosystem * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/rsa_alt_helpers.c b/library/rsa_alt_helpers.c index 5cc4636e4..5c265a992 100644 --- a/library/rsa_alt_helpers.c +++ b/library/rsa_alt_helpers.c @@ -2,19 +2,7 @@ * Helper functions for the RSA module * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ diff --git a/library/rsa_alt_helpers.h b/library/rsa_alt_helpers.h index 3b22ba853..ca0840b2a 100644 --- a/library/rsa_alt_helpers.h +++ b/library/rsa_alt_helpers.h @@ -36,19 +36,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ diff --git a/library/sha1.c b/library/sha1.c index 28a57b644..dfbe481f3 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -2,19 +2,7 @@ * FIPS-180-1 compliant SHA-1 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The SHA-1 standard was published by NIST in 1993. diff --git a/library/sha256.c b/library/sha256.c index 223badf00..31afec258 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -2,19 +2,7 @@ * FIPS-180-2 compliant SHA-256 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The SHA-256 Secure Hash Standard was published by NIST in 2002. diff --git a/library/sha3.c b/library/sha3.c index 4c1a1a9d4..d90fefaea 100644 --- a/library/sha3.c +++ b/library/sha3.c @@ -2,19 +2,7 @@ * FIPS-202 compliant SHA3 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The SHA-3 Secure Hash Standard was published by NIST in 2015. diff --git a/library/sha512.c b/library/sha512.c index e739af254..e7af12175 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -2,19 +2,7 @@ * FIPS-180-2 compliant SHA-384/512 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The SHA-512 Secure Hash Standard was published by NIST in 2002. diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 929c28bec..772cb8fdf 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -2,19 +2,7 @@ * SSL session cache implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * These session callbacks use a simple chained list diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 736b1423b..555d5db5e 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -4,19 +4,7 @@ * \brief SSL ciphersuites for Mbed TLS * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ssl_client.c b/library/ssl_client.c index 1a56f1ebe..eabdc75ac 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -2,19 +2,7 @@ * TLS 1.2 and 1.3 client-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS ( https://tls.mbed.org ) */ diff --git a/library/ssl_client.h b/library/ssl_client.h index f57bea33f..05ee7e4cc 100644 --- a/library/ssl_client.h +++ b/library/ssl_client.h @@ -2,19 +2,7 @@ * TLS 1.2 and 1.3 client-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_CLIENT_H diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 098acedd3..ee81eb420 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -2,19 +2,7 @@ * DTLS cookie callbacks implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * These session callbacks use a simple chained list diff --git a/library/ssl_debug_helpers.h b/library/ssl_debug_helpers.h index 5c22ed221..2b0e73772 100644 --- a/library/ssl_debug_helpers.h +++ b/library/ssl_debug_helpers.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_DEBUG_HELPERS_H diff --git a/library/ssl_debug_helpers_generated.c b/library/ssl_debug_helpers_generated.c index a8cca54c8..d2cb2bed4 100644 --- a/library/ssl_debug_helpers_generated.c +++ b/library/ssl_debug_helpers_generated.c @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ssl_misc.h b/library/ssl_misc.h index a99bb3343..e4d20d6d6 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_MISC_H #define MBEDTLS_SSL_MISC_H diff --git a/library/ssl_msg.c b/library/ssl_msg.c index c312d816e..933e25d94 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -3,19 +3,7 @@ * (record layer + retransmission state machine) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * http://www.ietf.org/rfc/rfc2246.txt diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 1adaa07fe..875abcbb3 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -2,19 +2,7 @@ * TLS server tickets callbacks implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ssl_tls.c b/library/ssl_tls.c index fc3fb85d7..cfb279818 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2,19 +2,7 @@ * TLS shared functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * http://www.ietf.org/rfc/rfc2246.txt diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 27bbafa06..9aa46bd15 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -2,19 +2,7 @@ * TLS client-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 6ebd5064f..0a592d8c0 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -2,19 +2,7 @@ * TLS server-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index d018bee74..ad448109f 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2,19 +2,7 @@ * TLS 1.3 client-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * This file is part of Mbed TLS ( https://tls.mbed.org ) */ diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 7072677f1..5db4ff0a8 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -2,19 +2,7 @@ * TLS 1.3 functionality shared between client and server * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/ssl_tls13_invasive.h b/library/ssl_tls13_invasive.h index 3fb79a95d..b4506f71c 100644 --- a/library/ssl_tls13_invasive.h +++ b/library/ssl_tls13_invasive.h @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_SSL_TLS13_INVASIVE_H diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index afd84a974..b64f9b026 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -2,7 +2,7 @@ * TLS 1.3 key schedule * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * Licensed under the Apache License, Version 2.0 ( the "License" ); you may * not use this file except in compliance with the License. diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h index 21e9b4d73..151b7c7c1 100644 --- a/library/ssl_tls13_keys.h +++ b/library/ssl_tls13_keys.h @@ -2,7 +2,7 @@ * TLS 1.3 key schedule * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * * Licensed under the Apache License, Version 2.0 ( the "License" ); you may * not use this file except in compliance with the License. diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 89bba04b3..04c7d0c36 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2,19 +2,7 @@ * TLS 1.3 server-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/threading.c b/library/threading.c index 130c6963d..52fe8fca9 100644 --- a/library/threading.c +++ b/library/threading.c @@ -2,19 +2,7 @@ * Threading abstraction layer * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/library/timing.c b/library/timing.c index 6852033ea..58f1c1ec2 100644 --- a/library/timing.c +++ b/library/timing.c @@ -2,19 +2,7 @@ * Portable interface to the CPU cycle counter * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/version.c b/library/version.c index 4f78c9cb1..04397332b 100644 --- a/library/version.c +++ b/library/version.c @@ -2,19 +2,7 @@ * Version information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/version_features.c b/library/version_features.c index a89cef997..b48f4f6da 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -2,19 +2,7 @@ * Version feature information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/x509.c b/library/x509.c index 990393c31..b7b71f33c 100644 --- a/library/x509.c +++ b/library/x509.c @@ -2,19 +2,7 @@ * X.509 common functions for parsing and verification * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The ITU-T X.509 standard defines a certificate format for PKI. diff --git a/library/x509_create.c b/library/x509_create.c index 2583cdd0f..5e732d67f 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -2,19 +2,7 @@ * X.509 base functions for creating certificates / CSRs * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/library/x509_crl.c b/library/x509_crl.c index 79ace8fa0..cad784eeb 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -2,19 +2,7 @@ * X.509 Certificate Revocation List (CRL) parsing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The ITU-T X.509 standard defines a certificate format for PKI. diff --git a/library/x509_crt.c b/library/x509_crt.c index e9153e710..f41eb47d7 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -2,19 +2,7 @@ * X.509 certificate parsing and verification * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The ITU-T X.509 standard defines a certificate format for PKI. diff --git a/library/x509_csr.c b/library/x509_csr.c index 0b2bb6f3b..b48b3a4ac 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -2,19 +2,7 @@ * X.509 Certificate Signing Request (CSR) parsing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * The ITU-T X.509 standard defines a certificate format for PKI. diff --git a/library/x509write.c b/library/x509write.c index cd3c7394d..e0331b128 100644 --- a/library/x509write.c +++ b/library/x509write.c @@ -2,19 +2,7 @@ * X.509 internal, common functions for writing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" #if defined(MBEDTLS_X509_CSR_WRITE_C) || defined(MBEDTLS_X509_CRT_WRITE_C) diff --git a/library/x509write_crt.c b/library/x509write_crt.c index a8a3022cb..4c019eee4 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -2,19 +2,7 @@ * X.509 certificate writing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * References: diff --git a/library/x509write_csr.c b/library/x509write_csr.c index d996052ba..4e397553a 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -2,19 +2,7 @@ * X.509 Certificate Signing Request writing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * References: diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index 1d9b522a3..226718bc6 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -3,19 +3,7 @@ * security. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* Enable definition of fileno() even when compiling with -std=c99. Must be diff --git a/programs/cipher/cipher_aead_demo.c b/programs/cipher/cipher_aead_demo.c index ce3925628..853ec202c 100644 --- a/programs/cipher/cipher_aead_demo.c +++ b/programs/cipher/cipher_aead_demo.c @@ -25,19 +25,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index 995694af0..3fd2b0089 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -2,19 +2,7 @@ * generic message digest layer demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/hash/hello.c b/programs/hash/hello.c index 7bb27ad4a..8caae8851 100644 --- a/programs/hash/hello.c +++ b/programs/hash/hello.c @@ -2,19 +2,7 @@ * Classic "Hello, world" demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/hash/md_hmac_demo.c b/programs/hash/md_hmac_demo.c index 4c812fbd8..581816a1d 100644 --- a/programs/hash/md_hmac_demo.c +++ b/programs/hash/md_hmac_demo.c @@ -20,19 +20,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 5a2c30fc2..946e049d7 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -2,19 +2,7 @@ * Diffie-Hellman-Merkle key exchange (client side) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index 1f4cd59ee..6872e61e3 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -2,19 +2,7 @@ * Diffie-Hellman-Merkle key exchange (prime generation) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index c940be0c0..adddbf2fb 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -2,19 +2,7 @@ * Diffie-Hellman-Merkle key exchange (server side) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/ecdh_curve25519.c b/programs/pkey/ecdh_curve25519.c index 980441707..fedfcc9fe 100644 --- a/programs/pkey/ecdh_curve25519.c +++ b/programs/pkey/ecdh_curve25519.c @@ -2,19 +2,7 @@ * Example ECDHE with Curve25519 program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index 953c14450..afd6fb31a 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -2,19 +2,7 @@ * Example ECDSA program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index 99e88505c..f6bb23787 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -2,19 +2,7 @@ * Key generation application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index cd16e3320..194c4102d 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -2,19 +2,7 @@ * Key reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index 179094cb5..c07c56464 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -2,19 +2,7 @@ * Key writing application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/mpi_demo.c b/programs/pkey/mpi_demo.c index 88d745e92..e83aa3259 100644 --- a/programs/pkey/mpi_demo.c +++ b/programs/pkey/mpi_demo.c @@ -2,19 +2,7 @@ * Simple MPI demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index f60c946ed..b8f7943d6 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -2,19 +2,7 @@ * Public key-based simple decryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c index 04e5cc702..a916bc6e2 100644 --- a/programs/pkey/pk_encrypt.c +++ b/programs/pkey/pk_encrypt.c @@ -2,19 +2,7 @@ * RSA simple data encryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 57bd796c8..59347addb 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -2,19 +2,7 @@ * Public key-based signature creation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index bca985b14..3127df540 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -2,19 +2,7 @@ * Public key-based signature verification program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c index 0462ba697..76bfddf5c 100644 --- a/programs/pkey/rsa_decrypt.c +++ b/programs/pkey/rsa_decrypt.c @@ -2,19 +2,7 @@ * RSA simple decryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index 2126a9b9b..4bbb54e7d 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -2,19 +2,7 @@ * RSA simple data encryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index 17f6d6591..dc58215f7 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -2,19 +2,7 @@ * Example RSA key generation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index 64375e9e7..9d8ebe39a 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -2,19 +2,7 @@ * RSA/SHA-256 signature creation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index 999669e66..3a1f7473b 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -2,19 +2,7 @@ * RSASSA-PSS/SHA-256 signature creation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index d525010df..e7d72fd52 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -2,19 +2,7 @@ * RSA/SHA-256 signature verification program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index 8a1fb5908..afbbfa9d4 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -2,19 +2,7 @@ * RSASSA-PSS/SHA-256 signature verification program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/psa/aead_demo.c b/programs/psa/aead_demo.c index 0c2413e61..619166dba 100644 --- a/programs/psa/aead_demo.c +++ b/programs/psa/aead_demo.c @@ -26,19 +26,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index 3f109d839..b755f09ef 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "psa/crypto.h" diff --git a/programs/psa/hmac_demo.c b/programs/psa/hmac_demo.c index f25cdeb83..205505407 100644 --- a/programs/psa/hmac_demo.c +++ b/programs/psa/hmac_demo.c @@ -20,19 +20,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index a79fac640..2734ceb7f 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -32,19 +32,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/psa/key_ladder_demo.sh b/programs/psa/key_ladder_demo.sh index e21d1abf0..9d62228b4 100755 --- a/programs/psa/key_ladder_demo.sh +++ b/programs/psa/key_ladder_demo.sh @@ -1,19 +1,7 @@ #!/bin/sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -e -u diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index 88426854d..0baf4a065 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/programs/random/gen_entropy.c b/programs/random/gen_entropy.c index cc3217169..887b2c988 100644 --- a/programs/random/gen_entropy.c +++ b/programs/random/gen_entropy.c @@ -2,19 +2,7 @@ * \brief Use and generate multiple entropies calls into a file * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/random/gen_random_ctr_drbg.c b/programs/random/gen_random_ctr_drbg.c index e1db16eeb..0eecf0ad4 100644 --- a/programs/random/gen_random_ctr_drbg.c +++ b/programs/random/gen_random_ctr_drbg.c @@ -2,19 +2,7 @@ * \brief Use and generate random data into a file via the CTR_DBRG based on AES * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index f0abcabc7..ddb3c34b9 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -2,19 +2,7 @@ * Simple DTLS client demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index b11a4f5b4..732625e7f 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -2,19 +2,7 @@ * Simple DTLS server demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index e8f4797b8..6bef2085c 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c @@ -3,19 +3,7 @@ * (meant to be used with config-suite-b.h or config-ccm-psk-tls1_2.h) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index 259b8f930..ee734b1ed 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -2,19 +2,7 @@ * SSL client demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 7c2c818d8..b41c45e7c 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -2,19 +2,7 @@ * SSL client with certificate authentication * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index 855b0911f..d809aa958 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -2,19 +2,7 @@ * MbedTLS SSL context deserializer from base64 code * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index 6734a14d9..f4822b7e6 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -2,19 +2,7 @@ * SSL server demonstration program using fork() for handling multiple clients * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 1e648e8af..febb881c8 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -2,19 +2,7 @@ * SSL client for SMTP servers * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* Enable definition of gethostname() even when compiling with -std=c99. Must diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index 12d3057b4..fcb8f2f4d 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -3,19 +3,7 @@ * clients. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index ad82567f4..6becf8d91 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -2,19 +2,7 @@ * SSL server demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 0efcb7f9a..72c3dd49d 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2,19 +2,7 @@ * SSL client with options * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index 67fc06115..1ff2077d4 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -9,19 +9,7 @@ * This file is meant to be #include'd and cannot be compiled separately. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ void eap_tls_key_derivation(void *p_expkey, diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c index aea056b68..6e0c6153f 100644 --- a/programs/ssl/ssl_test_lib.c +++ b/programs/ssl/ssl_test_lib.c @@ -5,19 +5,7 @@ * that cannot be compiled separately in "ssl_test_common_source.c". * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/ssl/ssl_test_lib.h b/programs/ssl/ssl_test_lib.h index ef0dba718..d06e0997d 100644 --- a/programs/ssl/ssl_test_lib.h +++ b/programs/ssl/ssl_test_lib.h @@ -2,19 +2,7 @@ * Common code for SSL test programs * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index ecc4e94a6..a6de92cf5 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -2,19 +2,7 @@ * Benchmark demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/test/cmake_package/cmake_package.c b/programs/test/cmake_package/cmake_package.c index 86e10776c..729800ad8 100644 --- a/programs/test/cmake_package/cmake_package.c +++ b/programs/test/cmake_package/cmake_package.c @@ -2,19 +2,7 @@ * Simple program to test that Mbed TLS builds correctly as a CMake package. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/test/cmake_package_install/cmake_package_install.c b/programs/test/cmake_package_install/cmake_package_install.c index 9aa4c3b1d..44a2adadf 100644 --- a/programs/test/cmake_package_install/cmake_package_install.c +++ b/programs/test/cmake_package_install/cmake_package_install.c @@ -3,19 +3,7 @@ * package. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/test/cmake_subproject/cmake_subproject.c b/programs/test/cmake_subproject/cmake_subproject.c index d56b9a9cb..8b4f18e28 100644 --- a/programs/test/cmake_subproject/cmake_subproject.c +++ b/programs/test/cmake_subproject/cmake_subproject.c @@ -3,19 +3,7 @@ * work correctly. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/test/dlopen.c b/programs/test/dlopen.c index 2dcda3bb2..f24125423 100644 --- a/programs/test/dlopen.c +++ b/programs/test/dlopen.c @@ -2,19 +2,7 @@ * Test dynamic loading of libmbed* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/test/dlopen_demo.sh b/programs/test/dlopen_demo.sh index a6a9022fc..7b8868801 100755 --- a/programs/test/dlopen_demo.sh +++ b/programs/test/dlopen_demo.sh @@ -4,19 +4,7 @@ # This is only expected to work when Mbed TLS is built as a shared library. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -e -u diff --git a/programs/test/generate_cpp_dummy_build.sh b/programs/test/generate_cpp_dummy_build.sh index a55051652..0b4bd0b7b 100755 --- a/programs/test/generate_cpp_dummy_build.sh +++ b/programs/test/generate_cpp_dummy_build.sh @@ -14,19 +14,7 @@ EOF fi # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -e @@ -41,19 +29,8 @@ print_cpp () { * can be included and built with a C++ compiler. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/test/query_compile_time_config.c b/programs/test/query_compile_time_config.c index df0fe4a70..a70e6daef 100644 --- a/programs/test/query_compile_time_config.c +++ b/programs/test/query_compile_time_config.c @@ -2,19 +2,7 @@ * Query the Mbed TLS compile time configuration * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/test/query_config.c b/programs/test/query_config.c index cb92f256b..4b851210f 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -2,19 +2,7 @@ * Query Mbed TLS compile time configurations from mbedtls_config.h * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/test/query_config.h b/programs/test/query_config.h index ade73d080..43f120bf0 100644 --- a/programs/test/query_config.h +++ b/programs/test/query_config.h @@ -2,19 +2,7 @@ * Query Mbed TLS compile time configurations from mbedtls_config.h * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H diff --git a/programs/test/query_included_headers.c b/programs/test/query_included_headers.c index 383a2ffc8..cdafa1620 100644 --- a/programs/test/query_included_headers.c +++ b/programs/test/query_included_headers.c @@ -1,19 +1,7 @@ /* Ad hoc report on included headers. */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/programs/test/selftest.c b/programs/test/selftest.c index cc5e00ed3..61dde5ed1 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -2,19 +2,7 @@ * Self-test demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 685e336e6..c6b56ec09 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -2,19 +2,7 @@ * UDP proxy: emulate an unreliable UDP connection for DTLS testing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/programs/test/udp_proxy_wrapper.sh b/programs/test/udp_proxy_wrapper.sh index 27de01390..aa6a6d10f 100755 --- a/programs/test/udp_proxy_wrapper.sh +++ b/programs/test/udp_proxy_wrapper.sh @@ -3,19 +3,7 @@ # Usage: udp_proxy_wrapper.sh [PROXY_PARAM...] -- [SERVER_PARAM...] # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -u diff --git a/programs/test/zeroize.c b/programs/test/zeroize.c index b7842c4ef..1e9b98d71 100644 --- a/programs/test/zeroize.c +++ b/programs/test/zeroize.c @@ -10,19 +10,7 @@ * call to mbedtls_platform_zeroize() was not eliminated. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/util/pem2der.c b/programs/util/pem2der.c index 5dd367a0c..d682c2b06 100644 --- a/programs/util/pem2der.c +++ b/programs/util/pem2der.c @@ -2,19 +2,7 @@ * Convert PEM to DER * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/util/strerror.c b/programs/util/strerror.c index 4bfd8a1c2..316f28614 100644 --- a/programs/util/strerror.c +++ b/programs/util/strerror.c @@ -2,19 +2,7 @@ * Translate error code to error string * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/wince_main.c b/programs/wince_main.c index be98eae5e..e817b9f5f 100644 --- a/programs/wince_main.c +++ b/programs/wince_main.c @@ -2,19 +2,7 @@ * Windows CE console application entry point * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if defined(_WIN32_WCE) diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 51a79ecb5..cb1e5bc4e 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -2,19 +2,7 @@ * Certificate reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index 558d8cc73..cb908923c 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -2,19 +2,7 @@ * Certificate request generation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 40b1871f3..e2f5dacbd 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -2,19 +2,7 @@ * Certificate generation and signing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index 6c671ff3f..5e3fd5a94 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -2,19 +2,7 @@ * CRL reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/programs/x509/load_roots.c b/programs/x509/load_roots.c index d024e9822..a975405ea 100644 --- a/programs/x509/load_roots.c +++ b/programs/x509/load_roots.c @@ -2,7 +2,7 @@ * Root CA reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later OR GPL-2.0-or-later * * This file is provided under the Apache License 2.0, or the * GNU General Public License v2.0 or later. @@ -10,18 +10,6 @@ * ********** * Apache License 2.0: * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * * ********** * * ********** diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index 64b9f0bb2..fff0983f0 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -2,19 +2,7 @@ * Certificate request reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/scripts/abi_check.py b/scripts/abi_check.py index ac1d60ffd..8a604c4e2 100755 --- a/scripts/abi_check.py +++ b/scripts/abi_check.py @@ -84,19 +84,7 @@ function name and parameter list. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import glob import os diff --git a/scripts/apidoc_full.sh b/scripts/apidoc_full.sh index cf01e1f8e..34daf37b5 100755 --- a/scripts/apidoc_full.sh +++ b/scripts/apidoc_full.sh @@ -8,19 +8,7 @@ # when multiple targets are invoked in the same parallel build. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/scripts/assemble_changelog.py b/scripts/assemble_changelog.py index f3aca7070..dcdf9fc2f 100755 --- a/scripts/assemble_changelog.py +++ b/scripts/assemble_changelog.py @@ -19,19 +19,7 @@ You must run this program from within a git working directory. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse from collections import OrderedDict, namedtuple diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 19d90bce7..86ed74ead 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -1,19 +1,7 @@ #!/bin/bash # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py index 53d859edf..3f8a4ed8d 100755 --- a/scripts/code_size_compare.py +++ b/scripts/code_size_compare.py @@ -9,19 +9,7 @@ Note: must be run from Mbed TLS root. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import logging diff --git a/scripts/code_style.py b/scripts/code_style.py index ddd0a9800..08ec4af42 100755 --- a/scripts/code_style.py +++ b/scripts/code_style.py @@ -4,19 +4,7 @@ This script must be run from the root of a Git work tree containing Mbed TLS. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import os import re diff --git a/scripts/config.pl b/scripts/config.pl index 5dd89d225..ca02b9046 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -2,19 +2,8 @@ # Backward compatibility redirection ## Copyright The Mbed TLS Contributors -## SPDX-License-Identifier: Apache-2.0 +## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later ## -## Licensed under the Apache License, Version 2.0 (the "License"); you may -## not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. my $py = $0; $py =~ s/\.pl$/.py/ or die "Unable to determine the name of the Python script"; diff --git a/scripts/config.py b/scripts/config.py index 17fbe653a..d48c73a10 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -13,19 +13,8 @@ Basic usage, to read the Mbed TLS configuration: # in parts that are not backported to 2.28. ## Copyright The Mbed TLS Contributors -## SPDX-License-Identifier: Apache-2.0 +## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later ## -## Licensed under the Apache License, Version 2.0 (the "License"); you may -## not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. import os import re diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja index de16284bd..e31a292d8 100644 --- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja +++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja @@ -4,19 +4,7 @@ * Warning: This file is now auto-generated. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja index dbe424c03..2aae62850 100644 --- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja +++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja @@ -4,19 +4,7 @@ * Warning: This file is now auto-generated. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index 077500302..781e72a91 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -2,19 +2,7 @@ * Error message information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt index e7e6fc602..b60aba010 100644 --- a/scripts/data_files/query_config.fmt +++ b/scripts/data_files/query_config.fmt @@ -2,19 +2,7 @@ * Query Mbed TLS compile time configurations from mbedtls_config.h * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/scripts/data_files/version_features.fmt b/scripts/data_files/version_features.fmt index 0e4059760..d820d4d1a 100644 --- a/scripts/data_files/version_features.fmt +++ b/scripts/data_files/version_features.fmt @@ -2,19 +2,7 @@ * Version feature information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/scripts/ecc-heap.sh b/scripts/ecc-heap.sh index 43fc7dfa1..3eb2ff449 100755 --- a/scripts/ecc-heap.sh +++ b/scripts/ecc-heap.sh @@ -8,19 +8,7 @@ # scripts/ecc-heap.sh | tee ecc-heap.log # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/scripts/ecp_comb_table.py b/scripts/ecp_comb_table.py index 6719be1c3..6146e881c 100755 --- a/scripts/ecp_comb_table.py +++ b/scripts/ecp_comb_table.py @@ -7,19 +7,7 @@ can use this script to generate codes to define `_T` in ecp_curves.c """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import os import subprocess diff --git a/scripts/footprint.sh b/scripts/footprint.sh index ae95db4a1..614a49309 100755 --- a/scripts/footprint.sh +++ b/scripts/footprint.sh @@ -1,19 +1,7 @@ #!/bin/sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py index e0f282792..2fdc4cd0b 100755 --- a/scripts/generate_driver_wrappers.py +++ b/scripts/generate_driver_wrappers.py @@ -7,19 +7,7 @@ based on template files in script/data_files/driver_templates/. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import sys import os diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 664a349e9..0134c94f0 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -6,19 +6,7 @@ # or generate_errors.pl include_dir data_dir error_file # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; use warnings; diff --git a/scripts/generate_features.pl b/scripts/generate_features.pl index 49cca2ec3..cea8c115a 100755 --- a/scripts/generate_features.pl +++ b/scripts/generate_features.pl @@ -1,19 +1,7 @@ #!/usr/bin/env perl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 960a07986..f13b507d0 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -12,19 +12,7 @@ file is written: """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import os import sys diff --git a/scripts/generate_query_config.pl b/scripts/generate_query_config.pl index 69eca8344..39743da6d 100755 --- a/scripts/generate_query_config.pl +++ b/scripts/generate_query_config.pl @@ -19,19 +19,7 @@ # generate_query_config.pl mbedtls_config_file psa_crypto_config_file template_file output_file # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/scripts/generate_ssl_debug_helpers.py b/scripts/generate_ssl_debug_helpers.py index 19be41521..a0544f153 100755 --- a/scripts/generate_ssl_debug_helpers.py +++ b/scripts/generate_ssl_debug_helpers.py @@ -8,19 +8,7 @@ implemented by fixed codes. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import sys import re import os @@ -356,19 +344,8 @@ OUTPUT_C_TEMPLATE = '''\ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. */ #include "common.h" diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index 4fad322a6..7f5609820 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -7,19 +7,7 @@ # Takes no argument. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; diff --git a/scripts/lcov.sh b/scripts/lcov.sh index 6bba02fd2..7d23636b7 100755 --- a/scripts/lcov.sh +++ b/scripts/lcov.sh @@ -26,19 +26,7 @@ EOF } # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/scripts/massif_max.pl b/scripts/massif_max.pl index eaf56aee7..52ca606b5 100755 --- a/scripts/massif_max.pl +++ b/scripts/massif_max.pl @@ -3,19 +3,7 @@ # Parse a massif.out.xxx file and output peak total memory usage # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; diff --git a/scripts/mbedtls_dev/asymmetric_key_data.py b/scripts/mbedtls_dev/asymmetric_key_data.py index 6fd6223f3..ef3e3a05e 100644 --- a/scripts/mbedtls_dev/asymmetric_key_data.py +++ b/scripts/mbedtls_dev/asymmetric_key_data.py @@ -4,19 +4,8 @@ Meant for use in crypto_knowledge.py. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import binascii import re diff --git a/scripts/mbedtls_dev/bignum_common.py b/scripts/mbedtls_dev/bignum_common.py index 3bef16db6..eebc858b2 100644 --- a/scripts/mbedtls_dev/bignum_common.py +++ b/scripts/mbedtls_dev/bignum_common.py @@ -1,18 +1,7 @@ """Common features for bignum in test generation framework.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. from abc import abstractmethod import enum diff --git a/scripts/mbedtls_dev/bignum_core.py b/scripts/mbedtls_dev/bignum_core.py index 563492b29..909f6a306 100644 --- a/scripts/mbedtls_dev/bignum_core.py +++ b/scripts/mbedtls_dev/bignum_core.py @@ -1,18 +1,7 @@ """Framework classes for generation of bignum core test cases.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import random diff --git a/scripts/mbedtls_dev/bignum_data.py b/scripts/mbedtls_dev/bignum_data.py index 897e31989..5c6c2c81e 100644 --- a/scripts/mbedtls_dev/bignum_data.py +++ b/scripts/mbedtls_dev/bignum_data.py @@ -1,19 +1,8 @@ """Base values and datasets for bignum generated tests and helper functions that produced them.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import random diff --git a/scripts/mbedtls_dev/bignum_mod.py b/scripts/mbedtls_dev/bignum_mod.py index 77c7b1bbd..f554001ec 100644 --- a/scripts/mbedtls_dev/bignum_mod.py +++ b/scripts/mbedtls_dev/bignum_mod.py @@ -1,18 +1,7 @@ """Framework classes for generation of bignum mod test cases.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. from typing import Dict, List diff --git a/scripts/mbedtls_dev/bignum_mod_raw.py b/scripts/mbedtls_dev/bignum_mod_raw.py index 7121f2f49..37ad27a11 100644 --- a/scripts/mbedtls_dev/bignum_mod_raw.py +++ b/scripts/mbedtls_dev/bignum_mod_raw.py @@ -1,18 +1,7 @@ """Framework classes for generation of bignum mod_raw test cases.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. from typing import Iterator, List diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index b48a27711..f63c3c828 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import os import inspect diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py index 9bd17d608..f2cbbe4af 100644 --- a/scripts/mbedtls_dev/c_build_helper.py +++ b/scripts/mbedtls_dev/c_build_helper.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import os import platform diff --git a/scripts/mbedtls_dev/crypto_data_tests.py b/scripts/mbedtls_dev/crypto_data_tests.py index 7593952da..a36de692e 100644 --- a/scripts/mbedtls_dev/crypto_data_tests.py +++ b/scripts/mbedtls_dev/crypto_data_tests.py @@ -4,19 +4,8 @@ This module is a work in progress, only implementing a few cases for now. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import hashlib from typing import Callable, Dict, Iterator, List, Optional #pylint: disable=unused-import diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py index 45d253b9b..285d6c638 100644 --- a/scripts/mbedtls_dev/crypto_knowledge.py +++ b/scripts/mbedtls_dev/crypto_knowledge.py @@ -4,19 +4,8 @@ This module is entirely based on the PSA API. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import enum import re diff --git a/scripts/mbedtls_dev/ecp.py b/scripts/mbedtls_dev/ecp.py index 410c77e11..b40f3b126 100644 --- a/scripts/mbedtls_dev/ecp.py +++ b/scripts/mbedtls_dev/ecp.py @@ -1,18 +1,7 @@ """Framework classes for generation of ecp test cases.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. from typing import List diff --git a/scripts/mbedtls_dev/logging_util.py b/scripts/mbedtls_dev/logging_util.py index db1ebfe5c..ddd7c7fd6 100644 --- a/scripts/mbedtls_dev/logging_util.py +++ b/scripts/mbedtls_dev/logging_util.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import logging import sys diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py index 3cad2a3f6..d68be00bd 100644 --- a/scripts/mbedtls_dev/macro_collector.py +++ b/scripts/mbedtls_dev/macro_collector.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import itertools import re diff --git a/scripts/mbedtls_dev/psa_information.py b/scripts/mbedtls_dev/psa_information.py index a82df41df..32e500977 100644 --- a/scripts/mbedtls_dev/psa_information.py +++ b/scripts/mbedtls_dev/psa_information.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import re from typing import Dict, FrozenSet, List, Optional diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py index a2e4c74a4..00a8beaab 100644 --- a/scripts/mbedtls_dev/psa_storage.py +++ b/scripts/mbedtls_dev/psa_storage.py @@ -7,19 +7,8 @@ before changing how test data is constructed or validated. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import re import struct diff --git a/scripts/mbedtls_dev/test_case.py b/scripts/mbedtls_dev/test_case.py index 8f0870367..6ed5e849d 100644 --- a/scripts/mbedtls_dev/test_case.py +++ b/scripts/mbedtls_dev/test_case.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import binascii import os diff --git a/scripts/mbedtls_dev/test_data_generation.py b/scripts/mbedtls_dev/test_data_generation.py index 02aa51051..a84f7dd2f 100644 --- a/scripts/mbedtls_dev/test_data_generation.py +++ b/scripts/mbedtls_dev/test_data_generation.py @@ -7,19 +7,8 @@ These are used both by generate_psa_tests.py and generate_bignum_tests.py. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import argparse import os diff --git a/scripts/mbedtls_dev/typing_util.py b/scripts/mbedtls_dev/typing_util.py index 4c344492c..2ec448d00 100644 --- a/scripts/mbedtls_dev/typing_util.py +++ b/scripts/mbedtls_dev/typing_util.py @@ -2,19 +2,8 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. from typing import Any diff --git a/scripts/memory.sh b/scripts/memory.sh index e3ce9d6d1..d119374d5 100755 --- a/scripts/memory.sh +++ b/scripts/memory.sh @@ -7,19 +7,7 @@ # since for memory we want debug information. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/scripts/min_requirements.py b/scripts/min_requirements.py index c00d58e05..9888abe08 100755 --- a/scripts/min_requirements.py +++ b/scripts/min_requirements.py @@ -3,19 +3,7 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import os diff --git a/scripts/output_env.sh b/scripts/output_env.sh index 535613298..d3eac22bb 100755 --- a/scripts/output_env.sh +++ b/scripts/output_env.sh @@ -3,19 +3,7 @@ # output_env.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/scripts/prepare_release.sh b/scripts/prepare_release.sh index 800383d2c..7f972e070 100755 --- a/scripts/prepare_release.sh +++ b/scripts/prepare_release.sh @@ -12,19 +12,7 @@ EOF } # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/scripts/tmp_ignore_makefiles.sh b/scripts/tmp_ignore_makefiles.sh index 558970f54..455f892a2 100755 --- a/scripts/tmp_ignore_makefiles.sh +++ b/scripts/tmp_ignore_makefiles.sh @@ -4,19 +4,7 @@ # git development # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later IGNORE="" diff --git a/tests/compat-in-docker.sh b/tests/compat-in-docker.sh index 29c87877d..e703c5723 100755 --- a/tests/compat-in-docker.sh +++ b/tests/compat-in-docker.sh @@ -22,19 +22,7 @@ # - compat.sh for notes about invocation of that script. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh diff --git a/tests/compat.sh b/tests/compat.sh index 252736bb2..6abbe69e7 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -3,19 +3,7 @@ # compat.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/configs/tls13-only.h b/tests/configs/tls13-only.h index 38286d1fd..d825ee92c 100644 --- a/tests/configs/tls13-only.h +++ b/tests/configs/tls13-only.h @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* Enable TLS 1.3 and core 1.3 features */ diff --git a/tests/configs/user-config-for-test.h b/tests/configs/user-config-for-test.h index a9386a236..639496be6 100644 --- a/tests/configs/user-config-for-test.h +++ b/tests/configs/user-config-for-test.h @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #if defined(PSA_CRYPTO_DRIVER_TEST_ALL) diff --git a/tests/configs/user-config-malloc-0-null.h b/tests/configs/user-config-malloc-0-null.h index 226f4d187..fada9ee93 100644 --- a/tests/configs/user-config-malloc-0-null.h +++ b/tests/configs/user-config-malloc-0-null.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/configs/user-config-zeroize-memset.h b/tests/configs/user-config-zeroize-memset.h index fcdd1f099..52d4b0833 100644 --- a/tests/configs/user-config-zeroize-memset.h +++ b/tests/configs/user-config-zeroize-memset.h @@ -4,19 +4,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/context-info.sh b/tests/context-info.sh index 88dfcaa5e..55e321943 100755 --- a/tests/context-info.sh +++ b/tests/context-info.sh @@ -3,19 +3,7 @@ # context-info.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # This program is intended for testing the ssl_context_info program # diff --git a/tests/data_files/dir-maxpath/long.sh b/tests/data_files/dir-maxpath/long.sh index d7d879765..4e1fd48dc 100755 --- a/tests/data_files/dir-maxpath/long.sh +++ b/tests/data_files/dir-maxpath/long.sh @@ -1,19 +1,7 @@ #!/bin/sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/tests/data_files/print_c.pl b/tests/data_files/print_c.pl index ce8ed6f8e..5f4b3d0c6 100755 --- a/tests/data_files/print_c.pl +++ b/tests/data_files/print_c.pl @@ -1,19 +1,7 @@ #!/usr/bin/env perl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; use warnings; diff --git a/tests/data_files/test_certs.h.jinja2 b/tests/data_files/test_certs.h.jinja2 index 92131ddc1..4a64b3a79 100644 --- a/tests/data_files/test_certs.h.jinja2 +++ b/tests/data_files/test_certs.h.jinja2 @@ -2,19 +2,7 @@ * X.509 test certificates * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* THIS FILE is generated by `tests/scripts/generate_test_cert_macros.py` */ diff --git a/tests/docker/bionic/Dockerfile b/tests/docker/bionic/Dockerfile index d44cdff25..e4c49fac2 100644 --- a/tests/docker/bionic/Dockerfile +++ b/tests/docker/bionic/Dockerfile @@ -10,19 +10,7 @@ # for the set of Docker images we use on the CI. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later ARG MAKEFLAGS_PARALLEL="" ARG MY_REGISTRY= diff --git a/tests/git-scripts/pre-push.sh b/tests/git-scripts/pre-push.sh index ce43467b4..9192678a5 100755 --- a/tests/git-scripts/pre-push.sh +++ b/tests/git-scripts/pre-push.sh @@ -2,19 +2,7 @@ # pre-push.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/include/alt-dummy/aes_alt.h b/tests/include/alt-dummy/aes_alt.h index 21d85f1ff..dc47dd16c 100644 --- a/tests/include/alt-dummy/aes_alt.h +++ b/tests/include/alt-dummy/aes_alt.h @@ -1,19 +1,7 @@ /* aes_alt.h with dummy types for MBEDTLS_AES_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef AES_ALT_H diff --git a/tests/include/alt-dummy/aria_alt.h b/tests/include/alt-dummy/aria_alt.h index aabec9c9f..94db8c7fb 100644 --- a/tests/include/alt-dummy/aria_alt.h +++ b/tests/include/alt-dummy/aria_alt.h @@ -1,19 +1,7 @@ /* aria_alt.h with dummy types for MBEDTLS_ARIA_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef ARIA_ALT_H diff --git a/tests/include/alt-dummy/camellia_alt.h b/tests/include/alt-dummy/camellia_alt.h index b42613bc2..97bc16b78 100644 --- a/tests/include/alt-dummy/camellia_alt.h +++ b/tests/include/alt-dummy/camellia_alt.h @@ -1,19 +1,7 @@ /* camellia_alt.h with dummy types for MBEDTLS_CAMELLIA_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef CAMELLIA_ALT_H diff --git a/tests/include/alt-dummy/ccm_alt.h b/tests/include/alt-dummy/ccm_alt.h index 5ec7d4e48..c25f42b4a 100644 --- a/tests/include/alt-dummy/ccm_alt.h +++ b/tests/include/alt-dummy/ccm_alt.h @@ -1,19 +1,7 @@ /* ccm_alt.h with dummy types for MBEDTLS_CCM_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef CCM_ALT_H diff --git a/tests/include/alt-dummy/chacha20_alt.h b/tests/include/alt-dummy/chacha20_alt.h index a53a33002..6fd84d031 100644 --- a/tests/include/alt-dummy/chacha20_alt.h +++ b/tests/include/alt-dummy/chacha20_alt.h @@ -1,19 +1,7 @@ /* chacha20_alt.h with dummy types for MBEDTLS_CHACHA20_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef CHACHA20_ALT_H diff --git a/tests/include/alt-dummy/chachapoly_alt.h b/tests/include/alt-dummy/chachapoly_alt.h index 584a42174..de28ced67 100644 --- a/tests/include/alt-dummy/chachapoly_alt.h +++ b/tests/include/alt-dummy/chachapoly_alt.h @@ -1,19 +1,7 @@ /* chachapoly_alt.h with dummy types for MBEDTLS_CHACHAPOLY_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef CHACHAPOLY_ALT_H diff --git a/tests/include/alt-dummy/cmac_alt.h b/tests/include/alt-dummy/cmac_alt.h index 13c998d68..68b53d707 100644 --- a/tests/include/alt-dummy/cmac_alt.h +++ b/tests/include/alt-dummy/cmac_alt.h @@ -1,19 +1,7 @@ /* cmac_alt.h with dummy types for MBEDTLS_CMAC_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef CMAC_ALT_H diff --git a/tests/include/alt-dummy/des_alt.h b/tests/include/alt-dummy/des_alt.h index 3b8abe493..d07986128 100644 --- a/tests/include/alt-dummy/des_alt.h +++ b/tests/include/alt-dummy/des_alt.h @@ -1,19 +1,7 @@ /* des_alt.h with dummy types for MBEDTLS_DES_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ diff --git a/tests/include/alt-dummy/dhm_alt.h b/tests/include/alt-dummy/dhm_alt.h index ccb3bd3c3..3cb51d2ed 100644 --- a/tests/include/alt-dummy/dhm_alt.h +++ b/tests/include/alt-dummy/dhm_alt.h @@ -1,19 +1,7 @@ /* dhm_alt.h with dummy types for MBEDTLS_DHM_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef DHM_ALT_H diff --git a/tests/include/alt-dummy/ecjpake_alt.h b/tests/include/alt-dummy/ecjpake_alt.h index 90c21da8b..4d7524860 100644 --- a/tests/include/alt-dummy/ecjpake_alt.h +++ b/tests/include/alt-dummy/ecjpake_alt.h @@ -1,19 +1,7 @@ /* ecjpake_alt.h with dummy types for MBEDTLS_ECJPAKE_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef ECJPAKE_ALT_H diff --git a/tests/include/alt-dummy/ecp_alt.h b/tests/include/alt-dummy/ecp_alt.h index 56c981095..d204b18d0 100644 --- a/tests/include/alt-dummy/ecp_alt.h +++ b/tests/include/alt-dummy/ecp_alt.h @@ -1,19 +1,7 @@ /* ecp_alt.h with dummy types for MBEDTLS_ECP_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef ECP_ALT_H diff --git a/tests/include/alt-dummy/gcm_alt.h b/tests/include/alt-dummy/gcm_alt.h index 7be5b62f6..cfa73d2a4 100644 --- a/tests/include/alt-dummy/gcm_alt.h +++ b/tests/include/alt-dummy/gcm_alt.h @@ -1,19 +1,7 @@ /* gcm_alt.h with dummy types for MBEDTLS_GCM_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef GCM_ALT_H diff --git a/tests/include/alt-dummy/md5_alt.h b/tests/include/alt-dummy/md5_alt.h index 1f3e5ed9b..e3a15d70f 100644 --- a/tests/include/alt-dummy/md5_alt.h +++ b/tests/include/alt-dummy/md5_alt.h @@ -1,19 +1,7 @@ /* md5_alt.h with dummy types for MBEDTLS_MD5_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MD5_ALT_H diff --git a/tests/include/alt-dummy/nist_kw_alt.h b/tests/include/alt-dummy/nist_kw_alt.h index 8fec116be..1274d4081 100644 --- a/tests/include/alt-dummy/nist_kw_alt.h +++ b/tests/include/alt-dummy/nist_kw_alt.h @@ -1,19 +1,7 @@ /* nist_kw_alt.h with dummy types for MBEDTLS_NIST_KW_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef NIST_KW_ALT_H diff --git a/tests/include/alt-dummy/platform_alt.h b/tests/include/alt-dummy/platform_alt.h index 836f299c8..67573926e 100644 --- a/tests/include/alt-dummy/platform_alt.h +++ b/tests/include/alt-dummy/platform_alt.h @@ -1,19 +1,7 @@ /* platform_alt.h with dummy types for MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PLATFORM_ALT_H diff --git a/tests/include/alt-dummy/poly1305_alt.h b/tests/include/alt-dummy/poly1305_alt.h index 5a8295f16..c8ed1bc06 100644 --- a/tests/include/alt-dummy/poly1305_alt.h +++ b/tests/include/alt-dummy/poly1305_alt.h @@ -1,19 +1,7 @@ /* poly1305_alt.h with dummy types for MBEDTLS_POLY1305_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef POLY1305_ALT_H diff --git a/tests/include/alt-dummy/ripemd160_alt.h b/tests/include/alt-dummy/ripemd160_alt.h index ca3b33827..72ae47efb 100644 --- a/tests/include/alt-dummy/ripemd160_alt.h +++ b/tests/include/alt-dummy/ripemd160_alt.h @@ -1,19 +1,7 @@ /* ripemd160_alt.h with dummy types for MBEDTLS_RIPEMD160_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef RIPEMD160_ALT_H diff --git a/tests/include/alt-dummy/rsa_alt.h b/tests/include/alt-dummy/rsa_alt.h index 24f672bb3..eabc26da1 100644 --- a/tests/include/alt-dummy/rsa_alt.h +++ b/tests/include/alt-dummy/rsa_alt.h @@ -1,19 +1,7 @@ /* rsa_alt.h with dummy types for MBEDTLS_RSA_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef RSA_ALT_H diff --git a/tests/include/alt-dummy/sha1_alt.h b/tests/include/alt-dummy/sha1_alt.h index 36bf71d84..d8ac97191 100644 --- a/tests/include/alt-dummy/sha1_alt.h +++ b/tests/include/alt-dummy/sha1_alt.h @@ -1,19 +1,7 @@ /* sha1_alt.h with dummy types for MBEDTLS_SHA1_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef SHA1_ALT_H diff --git a/tests/include/alt-dummy/sha256_alt.h b/tests/include/alt-dummy/sha256_alt.h index 304734bfc..b1900adee 100644 --- a/tests/include/alt-dummy/sha256_alt.h +++ b/tests/include/alt-dummy/sha256_alt.h @@ -1,19 +1,7 @@ /* sha256_alt.h with dummy types for MBEDTLS_SHA256_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef SHA256_ALT_H diff --git a/tests/include/alt-dummy/sha512_alt.h b/tests/include/alt-dummy/sha512_alt.h index 13e58109e..857bc916a 100644 --- a/tests/include/alt-dummy/sha512_alt.h +++ b/tests/include/alt-dummy/sha512_alt.h @@ -1,19 +1,7 @@ /* sha512_alt.h with dummy types for MBEDTLS_SHA512_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef SHA512_ALT_H diff --git a/tests/include/alt-dummy/threading_alt.h b/tests/include/alt-dummy/threading_alt.h index 400350686..07d5da427 100644 --- a/tests/include/alt-dummy/threading_alt.h +++ b/tests/include/alt-dummy/threading_alt.h @@ -1,19 +1,7 @@ /* threading_alt.h with dummy types for MBEDTLS_THREADING_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef THREADING_ALT_H diff --git a/tests/include/alt-dummy/timing_alt.h b/tests/include/alt-dummy/timing_alt.h index 9d4e100ea..69bee60f6 100644 --- a/tests/include/alt-dummy/timing_alt.h +++ b/tests/include/alt-dummy/timing_alt.h @@ -1,19 +1,7 @@ /* timing_alt.h with dummy types for MBEDTLS_TIMING_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TIMING_ALT_H diff --git a/tests/include/baremetal-override/time.h b/tests/include/baremetal-override/time.h index 40eed2d33..0a44275e7 100644 --- a/tests/include/baremetal-override/time.h +++ b/tests/include/baremetal-override/time.h @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #error "time.h included in a configuration without MBEDTLS_HAVE_TIME" diff --git a/tests/include/spe/crypto_spe.h b/tests/include/spe/crypto_spe.h index de842642d..fdf3a2db5 100644 --- a/tests/include/spe/crypto_spe.h +++ b/tests/include/spe/crypto_spe.h @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * */ diff --git a/tests/include/test/arguments.h b/tests/include/test/arguments.h index 74bbbd569..6d267b660 100644 --- a/tests/include/test/arguments.h +++ b/tests/include/test/arguments.h @@ -8,19 +8,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_ARGUMENTS_H diff --git a/tests/include/test/asn1_helpers.h b/tests/include/test/asn1_helpers.h index dee3cbda9..2eb917128 100644 --- a/tests/include/test/asn1_helpers.h +++ b/tests/include/test/asn1_helpers.h @@ -2,19 +2,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef ASN1_HELPERS_H diff --git a/tests/include/test/bignum_helpers.h b/tests/include/test/bignum_helpers.h index fc97d23ba..2f6bf8931 100644 --- a/tests/include/test/bignum_helpers.h +++ b/tests/include/test/bignum_helpers.h @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_BIGNUM_HELPERS_H diff --git a/tests/include/test/certs.h b/tests/include/test/certs.h index 65c55829d..db69536a6 100644 --- a/tests/include/test/certs.h +++ b/tests/include/test/certs.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CERTS_H #define MBEDTLS_CERTS_H diff --git a/tests/include/test/constant_flow.h b/tests/include/test/constant_flow.h index f3d676e28..c5658eb40 100644 --- a/tests/include/test/constant_flow.h +++ b/tests/include/test/constant_flow.h @@ -6,19 +6,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_CONSTANT_FLOW_H diff --git a/tests/include/test/drivers/aead.h b/tests/include/test/drivers/aead.h index 037a255ca..a033e399d 100644 --- a/tests/include/test/drivers/aead.h +++ b/tests/include/test/drivers/aead.h @@ -2,19 +2,7 @@ * Test driver for AEAD driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_AEAD_H diff --git a/tests/include/test/drivers/asymmetric_encryption.h b/tests/include/test/drivers/asymmetric_encryption.h index c602d2f22..0ac77087d 100644 --- a/tests/include/test/drivers/asymmetric_encryption.h +++ b/tests/include/test/drivers/asymmetric_encryption.h @@ -2,19 +2,7 @@ * Test driver for asymmetric encryption. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_ASYMMETRIC_ENCRYPTION_H diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 54c37f748..950a17440 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -2,19 +2,7 @@ * Test driver for cipher functions */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_CIPHER_H diff --git a/tests/include/test/drivers/config_test_driver.h b/tests/include/test/drivers/config_test_driver.h index 81f988339..4eb27f024 100644 --- a/tests/include/test/drivers/config_test_driver.h +++ b/tests/include/test/drivers/config_test_driver.h @@ -7,19 +7,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef MBEDTLS_CONFIG_H diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h index f1da8d3e4..ad48c45d5 100644 --- a/tests/include/test/drivers/hash.h +++ b/tests/include/test/drivers/hash.h @@ -2,19 +2,7 @@ * Test driver for hash driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_HASH_H diff --git a/tests/include/test/drivers/key_agreement.h b/tests/include/test/drivers/key_agreement.h index aaf74a8c5..ca82b3ad9 100644 --- a/tests/include/test/drivers/key_agreement.h +++ b/tests/include/test/drivers/key_agreement.h @@ -2,19 +2,7 @@ * Test driver for key agreement functions. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_AGREEMENT_H diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 43df0d610..9e2c89885 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -2,19 +2,7 @@ * Test driver for generating and verifying keys. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H diff --git a/tests/include/test/drivers/mac.h b/tests/include/test/drivers/mac.h index bdc2b705c..d92eff903 100644 --- a/tests/include/test/drivers/mac.h +++ b/tests/include/test/drivers/mac.h @@ -2,19 +2,7 @@ * Test driver for MAC driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_MAC_H diff --git a/tests/include/test/drivers/pake.h b/tests/include/test/drivers/pake.h index 331ee49da..d292ca0da 100644 --- a/tests/include/test/drivers/pake.h +++ b/tests/include/test/drivers/pake.h @@ -2,19 +2,7 @@ * Test driver for PAKE driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_PAKE_H diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h index 4c56a121c..8c5703edf 100644 --- a/tests/include/test/drivers/signature.h +++ b/tests/include/test/drivers/signature.h @@ -2,19 +2,7 @@ * Test driver for signature functions. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/test_driver.h index 541ee03d0..74605d6b8 100644 --- a/tests/include/test/drivers/test_driver.h +++ b/tests/include/test/drivers/test_driver.h @@ -2,19 +2,7 @@ * Umbrella include for all of the test driver functionality */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_TEST_DRIVER_H diff --git a/tests/include/test/fake_external_rng_for_test.h b/tests/include/test/fake_external_rng_for_test.h index 01bfb91a4..e3e331d55 100644 --- a/tests/include/test/fake_external_rng_for_test.h +++ b/tests/include/test/fake_external_rng_for_test.h @@ -4,19 +4,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef FAKE_EXTERNAL_RNG_FOR_TEST_H diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index dd4a6a2b4..ba117fbdf 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_HELPERS_H diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h index 3bfbe3333..8de9c4d95 100644 --- a/tests/include/test/macros.h +++ b/tests/include/test/macros.h @@ -6,19 +6,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_MACROS_H diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index 9ba7dbcd9..58457320b 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_CRYPTO_HELPERS_H diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h index 46f4d0810..0f3ee3db6 100644 --- a/tests/include/test/psa_exercise_key.h +++ b/tests/include/test/psa_exercise_key.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_EXERCISE_KEY_H diff --git a/tests/include/test/psa_helpers.h b/tests/include/test/psa_helpers.h index 2665fac39..b61718939 100644 --- a/tests/include/test/psa_helpers.h +++ b/tests/include/test/psa_helpers.h @@ -3,19 +3,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PSA_HELPERS_H diff --git a/tests/include/test/random.h b/tests/include/test/random.h index c5572088a..6304e05d7 100644 --- a/tests/include/test/random.h +++ b/tests/include/test/random.h @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef TEST_RANDOM_H diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h index ddbd6a39e..abdef9032 100644 --- a/tests/include/test/ssl_helpers.h +++ b/tests/include/test/ssl_helpers.h @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef SSL_HELPERS_H diff --git a/tests/make-in-docker.sh b/tests/make-in-docker.sh index 0ee08dc48..e57d09d34 100755 --- a/tests/make-in-docker.sh +++ b/tests/make-in-docker.sh @@ -14,19 +14,7 @@ # for the set of Docker images we use on the CI. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh diff --git a/tests/opt-testcases/tls13-compat.sh b/tests/opt-testcases/tls13-compat.sh index 56d2e2959..1190a87ee 100755 --- a/tests/opt-testcases/tls13-compat.sh +++ b/tests/opt-testcases/tls13-compat.sh @@ -3,19 +3,7 @@ # tls13-compat.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/opt-testcases/tls13-kex-modes.sh b/tests/opt-testcases/tls13-kex-modes.sh index 758da1da5..6556cd4b4 100755 --- a/tests/opt-testcases/tls13-kex-modes.sh +++ b/tests/opt-testcases/tls13-kex-modes.sh @@ -3,19 +3,7 @@ # tls13-kex-modes.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # DO NOT ADD NEW TEST CASES INTO THIS FILE. The left cases will be generated by diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index f30384d39..a56696a22 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -3,19 +3,7 @@ # tls13-misc.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # requires_gnutls_tls1_3 diff --git a/tests/scripts/all-in-docker.sh b/tests/scripts/all-in-docker.sh index 7c03d9135..b2a31c265 100755 --- a/tests/scripts/all-in-docker.sh +++ b/tests/scripts/all-in-docker.sh @@ -17,19 +17,7 @@ # See also all.sh for notes about invocation of that script. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9e1d84f5d..fe2d73f0c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3,19 +3,7 @@ # all.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later diff --git a/tests/scripts/audit-validity-dates.py b/tests/scripts/audit-validity-dates.py index 623fd2352..b2230dd47 100755 --- a/tests/scripts/audit-validity-dates.py +++ b/tests/scripts/audit-validity-dates.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """Audit validity date of X509 crt/crl/csr. diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 43a91eed2..1f8ade663 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -3,19 +3,7 @@ # basic-build-test.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/scripts/basic-in-docker.sh b/tests/scripts/basic-in-docker.sh index 02cafb0cc..3aca3a134 100755 --- a/tests/scripts/basic-in-docker.sh +++ b/tests/scripts/basic-in-docker.sh @@ -18,19 +18,7 @@ # See docker_env.sh for prerequisites and other information. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh diff --git a/tests/scripts/check-doxy-blocks.pl b/tests/scripts/check-doxy-blocks.pl index dd955301f..3199c2ab4 100755 --- a/tests/scripts/check-doxy-blocks.pl +++ b/tests/scripts/check-doxy-blocks.pl @@ -9,19 +9,7 @@ # items that are documented, but not marked as such by mistake. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index d03e5cf6d..67dedeb26 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -1,19 +1,7 @@ #! /usr/bin/env sh # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/scripts/check-python-files.sh b/tests/scripts/check-python-files.sh index 35319d3e1..51e80792b 100755 --- a/tests/scripts/check-python-files.sh +++ b/tests/scripts/check-python-files.sh @@ -1,19 +1,7 @@ #! /usr/bin/env sh # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # Purpose: check Python files for potential programming errors or maintenance # hurdles. Run pylint to detect some potential mistakes and enforce PEP8 diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py index 352b55eaa..e3593662b 100755 --- a/tests/scripts/check_files.py +++ b/tests/scripts/check_files.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ This script checks the current state of the source code for minor issues, diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index f812929c7..635552e76 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ This script confirms that the naming of all symbols and identifiers in Mbed TLS diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py index 1395d4d90..3b954af22 100755 --- a/tests/scripts/check_test_cases.py +++ b/tests/scripts/check_test_cases.py @@ -7,19 +7,7 @@ independently of the checks. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import glob diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index e92564151..33a62d71e 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # Copyright (c) 2022, Arm Limited, All Rights Reserved. -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # This file is part of Mbed TLS (https://tls.mbed.org) diff --git a/tests/scripts/docker_env.sh b/tests/scripts/docker_env.sh index 3dbc41d92..cfc98dfca 100755 --- a/tests/scripts/docker_env.sh +++ b/tests/scripts/docker_env.sh @@ -27,19 +27,7 @@ # the Docker image. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # default values, can be overridden by the environment diff --git a/tests/scripts/doxygen.sh b/tests/scripts/doxygen.sh index cb87829e2..b6a1d4594 100755 --- a/tests/scripts/doxygen.sh +++ b/tests/scripts/doxygen.sh @@ -3,19 +3,7 @@ # Make sure the doxygen documentation builds without warnings # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # Abort on errors (and uninitialised variables) set -eu diff --git a/tests/scripts/gen_ctr_drbg.pl b/tests/scripts/gen_ctr_drbg.pl index 2345b9e36..ec5e5d891 100755 --- a/tests/scripts/gen_ctr_drbg.pl +++ b/tests/scripts/gen_ctr_drbg.pl @@ -5,19 +5,7 @@ # and concats nonce and personalization for initialization. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/tests/scripts/gen_gcm_decrypt.pl b/tests/scripts/gen_gcm_decrypt.pl index 354e351a4..30d45c307 100755 --- a/tests/scripts/gen_gcm_decrypt.pl +++ b/tests/scripts/gen_gcm_decrypt.pl @@ -4,19 +4,7 @@ # Only first 3 of every set used for compile time saving # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/tests/scripts/gen_gcm_encrypt.pl b/tests/scripts/gen_gcm_encrypt.pl index 101456fed..b4f08494c 100755 --- a/tests/scripts/gen_gcm_encrypt.pl +++ b/tests/scripts/gen_gcm_encrypt.pl @@ -4,19 +4,7 @@ # Only first 3 of every set used for compile time saving # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/tests/scripts/gen_pkcs1_v21_sign_verify.pl b/tests/scripts/gen_pkcs1_v21_sign_verify.pl index 609e5586a..fe2d3f5d3 100755 --- a/tests/scripts/gen_pkcs1_v21_sign_verify.pl +++ b/tests/scripts/gen_pkcs1_v21_sign_verify.pl @@ -1,19 +1,7 @@ #!/usr/bin/env perl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use strict; diff --git a/tests/scripts/generate-afl-tests.sh b/tests/scripts/generate-afl-tests.sh index a51fbc965..d4ef0f3af 100755 --- a/tests/scripts/generate-afl-tests.sh +++ b/tests/scripts/generate-afl-tests.sh @@ -9,19 +9,7 @@ # such as 'test_suite_rsa.data' # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # Abort on errors set -e diff --git a/tests/scripts/generate_bignum_tests.py b/tests/scripts/generate_bignum_tests.py index 6ee6ab39a..8dbb6ed78 100755 --- a/tests/scripts/generate_bignum_tests.py +++ b/tests/scripts/generate_bignum_tests.py @@ -40,19 +40,7 @@ of BaseTarget in test_data_generation.py. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import sys diff --git a/tests/scripts/generate_ecp_tests.py b/tests/scripts/generate_ecp_tests.py index abbfda55f..df1e4696a 100755 --- a/tests/scripts/generate_ecp_tests.py +++ b/tests/scripts/generate_ecp_tests.py @@ -6,19 +6,7 @@ as in generate_bignum_tests.py. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import sys diff --git a/tests/scripts/generate_pkcs7_tests.py b/tests/scripts/generate_pkcs7_tests.py index 0e7385043..0e484b023 100755 --- a/tests/scripts/generate_pkcs7_tests.py +++ b/tests/scripts/generate_pkcs7_tests.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # """ diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index b6f83c111..801f8da8b 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -6,19 +6,7 @@ generate only the specified files. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import enum import re diff --git a/tests/scripts/generate_test_cert_macros.py b/tests/scripts/generate_test_cert_macros.py index 4494917ef..a3bca7e6f 100755 --- a/tests/scripts/generate_test_cert_macros.py +++ b/tests/scripts/generate_test_cert_macros.py @@ -6,19 +6,7 @@ Generate `tests/src/test_certs.h` which includes certficaties/keys/certificate l # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import os diff --git a/tests/scripts/generate_test_code.py b/tests/scripts/generate_test_code.py index 76806de95..5f711bfb1 100755 --- a/tests/scripts/generate_test_code.py +++ b/tests/scripts/generate_test_code.py @@ -2,19 +2,7 @@ # Test suites code generator. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ This script is a key part of Mbed TLS test suites framework. For diff --git a/tests/scripts/generate_tls13_compat_tests.py b/tests/scripts/generate_tls13_compat_tests.py index 05d80a532..fdb264d7b 100755 --- a/tests/scripts/generate_tls13_compat_tests.py +++ b/tests/scripts/generate_tls13_compat_tests.py @@ -3,19 +3,7 @@ # generate_tls13_compat_tests.py # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ Generate TLSv1.3 Compat test cases @@ -536,19 +524,7 @@ SSL_OUTPUT_HEADER = '''#!/bin/sh # {filename} # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/scripts/list-identifiers.sh b/tests/scripts/list-identifiers.sh index 9b930802f..4ccac236e 100755 --- a/tests/scripts/list-identifiers.sh +++ b/tests/scripts/list-identifiers.sh @@ -10,19 +10,7 @@ # Usage: list-identifiers.sh [ -i | --internal ] # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later set -eu diff --git a/tests/scripts/list_internal_identifiers.py b/tests/scripts/list_internal_identifiers.py index 6b41607e3..b648ce24f 100755 --- a/tests/scripts/list_internal_identifiers.py +++ b/tests/scripts/list_internal_identifiers.py @@ -1,19 +1,7 @@ #!/usr/bin/env python3 # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ This script generates a file called identifiers that contains all Mbed TLS diff --git a/tests/scripts/psa_collect_statuses.py b/tests/scripts/psa_collect_statuses.py index f685bab8e..11bbebcc1 100755 --- a/tests/scripts/psa_collect_statuses.py +++ b/tests/scripts/psa_collect_statuses.py @@ -13,19 +13,7 @@ only supported with make (as opposed to CMake or other build methods). """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import os diff --git a/tests/scripts/recursion.pl b/tests/scripts/recursion.pl index 2a7dba541..3cdeff7f4 100755 --- a/tests/scripts/recursion.pl +++ b/tests/scripts/recursion.pl @@ -9,19 +9,7 @@ # Typical usage: scripts/recursion.pl library/*.c # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; diff --git a/tests/scripts/run-test-suites.pl b/tests/scripts/run-test-suites.pl index cedc0bfa5..e0ee3f515 100755 --- a/tests/scripts/run-test-suites.pl +++ b/tests/scripts/run-test-suites.pl @@ -3,19 +3,7 @@ # run-test-suites.pl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later =head1 SYNOPSIS diff --git a/tests/scripts/scripts_path.py b/tests/scripts/scripts_path.py index 10bf6f852..5d83f29f9 100644 --- a/tests/scripts/scripts_path.py +++ b/tests/scripts/scripts_path.py @@ -6,19 +6,8 @@ Usage: """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. import os import sys diff --git a/tests/scripts/set_psa_test_dependencies.py b/tests/scripts/set_psa_test_dependencies.py index 7f4ebeb7f..f68dfcb72 100755 --- a/tests/scripts/set_psa_test_dependencies.py +++ b/tests/scripts/set_psa_test_dependencies.py @@ -4,19 +4,7 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import os import re diff --git a/tests/scripts/tcp_client.pl b/tests/scripts/tcp_client.pl index 17f824e00..9aff22db0 100755 --- a/tests/scripts/tcp_client.pl +++ b/tests/scripts/tcp_client.pl @@ -6,19 +6,7 @@ # RESPONSE: regexp that must match the server's response # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later use warnings; use strict; diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index 15209b4a0..0702074ab 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -3,19 +3,7 @@ # test-ref-configs.pl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/scripts/test_config_script.py b/tests/scripts/test_config_script.py index e230e3c87..e500b3362 100755 --- a/tests/scripts/test_config_script.py +++ b/tests/scripts/test_config_script.py @@ -14,19 +14,8 @@ Sample usage: """ ## Copyright The Mbed TLS Contributors -## SPDX-License-Identifier: Apache-2.0 +## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later ## -## Licensed under the Apache License, Version 2.0 (the "License"); you may -## not use this file except in compliance with the License. -## You may obtain a copy of the License at -## -## http://www.apache.org/licenses/LICENSE-2.0 -## -## Unless required by applicable law or agreed to in writing, software -## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -## See the License for the specific language governing permissions and -## limitations under the License. import argparse import glob diff --git a/tests/scripts/test_generate_test_code.py b/tests/scripts/test_generate_test_code.py index b32d18423..abc46a729 100755 --- a/tests/scripts/test_generate_test_code.py +++ b/tests/scripts/test_generate_test_code.py @@ -2,19 +2,7 @@ # Unit test for generate_test_code.py # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ Unit tests for generate_test_code.py diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 359043620..52169e285 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -8,19 +8,7 @@ keep the list of known defects as up to date as possible. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse import os diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index e43a0baef..6883e279f 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -8,19 +8,7 @@ or 1 (with a Python backtrace) if there was an operational error. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import argparse from collections import namedtuple diff --git a/tests/scripts/test_zeroize.gdb b/tests/scripts/test_zeroize.gdb index 66c630408..57f771f56 100644 --- a/tests/scripts/test_zeroize.gdb +++ b/tests/scripts/test_zeroize.gdb @@ -1,19 +1,7 @@ # test_zeroize.gdb # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/scripts/translate_ciphers.py b/tests/scripts/translate_ciphers.py index a8db4bb35..90514fca1 100755 --- a/tests/scripts/translate_ciphers.py +++ b/tests/scripts/translate_ciphers.py @@ -3,19 +3,7 @@ # translate_ciphers.py # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later """ Translate standard ciphersuite names to GnuTLS, OpenSSL and Mbed TLS standards. diff --git a/tests/scripts/travis-log-failure.sh b/tests/scripts/travis-log-failure.sh index 249b3f807..3daecf30d 100755 --- a/tests/scripts/travis-log-failure.sh +++ b/tests/scripts/travis-log-failure.sh @@ -3,19 +3,7 @@ # travis-log-failure.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # diff --git a/tests/src/asn1_helpers.c b/tests/src/asn1_helpers.c index aaf7587aa..c8df1995e 100644 --- a/tests/src/asn1_helpers.c +++ b/tests/src/asn1_helpers.c @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/bignum_helpers.c b/tests/src/bignum_helpers.c index 214530df5..c85e2caaf 100644 --- a/tests/src/bignum_helpers.c +++ b/tests/src/bignum_helpers.c @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/tests/src/certs.c b/tests/src/certs.c index b834e4aa1..879f08882 100644 --- a/tests/src/certs.c +++ b/tests/src/certs.c @@ -2,19 +2,7 @@ * X.509 test certificates * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "common.h" diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index 8fb198277..76ec12a22 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -2,19 +2,7 @@ * Test driver for hash entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c index 6334a438e..01fc050bb 100644 --- a/tests/src/drivers/platform_builtin_keys.c +++ b/tests/src/drivers/platform_builtin_keys.c @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c index 6dadf5282..314ce83a2 100644 --- a/tests/src/drivers/test_driver_aead.c +++ b/tests/src/drivers/test_driver_aead.c @@ -2,19 +2,7 @@ * Test driver for AEAD entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_asymmetric_encryption.c b/tests/src/drivers/test_driver_asymmetric_encryption.c index cf0e90cae..c906a664a 100644 --- a/tests/src/drivers/test_driver_asymmetric_encryption.c +++ b/tests/src/drivers/test_driver_asymmetric_encryption.c @@ -2,19 +2,7 @@ * Test driver for asymmetric encryption. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 42e79c490..678d8d5d6 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -3,19 +3,7 @@ * Currently only supports multi-part operations using AES-CTR. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_key_agreement.c b/tests/src/drivers/test_driver_key_agreement.c index 9cf82a37a..8471959e2 100644 --- a/tests/src/drivers/test_driver_key_agreement.c +++ b/tests/src/drivers/test_driver_key_agreement.c @@ -2,19 +2,7 @@ * Test driver for key agreement functions. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 19da47ad6..6442f2231 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -3,19 +3,7 @@ * Currently only supports generating and verifying ECC keys. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index 96c1685f5..9f8120bd4 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -2,19 +2,7 @@ * Test driver for MAC entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_pake.c b/tests/src/drivers/test_driver_pake.c index 69bd4ffe2..a0b6c1cb0 100644 --- a/tests/src/drivers/test_driver_pake.c +++ b/tests/src/drivers/test_driver_pake.c @@ -2,19 +2,7 @@ * Test driver for MAC entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index c312477c8..bd723b8bd 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -4,19 +4,7 @@ * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/fake_external_rng_for_test.c b/tests/src/fake_external_rng_for_test.c index 89af7d34f..c0bfde51a 100644 --- a/tests/src/fake_external_rng_for_test.c +++ b/tests/src/fake_external_rng_for_test.c @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/helpers.c b/tests/src/helpers.c index 7cac6e0a0..eb28919b8 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -1,18 +1,6 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/psa_crypto_helpers.c b/tests/src/psa_crypto_helpers.c index 52ff03186..d59a8f872 100644 --- a/tests/src/psa_crypto_helpers.c +++ b/tests/src/psa_crypto_helpers.c @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index c4488b56f..f8b36e1fa 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -4,19 +4,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/random.c b/tests/src/random.c index d20103c35..d041f36a1 100644 --- a/tests/src/random.c +++ b/tests/src/random.c @@ -7,19 +7,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* diff --git a/tests/src/test_certs.h b/tests/src/test_certs.h index 866d1e003..b313ea88d 100644 --- a/tests/src/test_certs.h +++ b/tests/src/test_certs.h @@ -2,19 +2,7 @@ * X.509 test certificates * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* THIS FILE is generated by `tests/scripts/generate_test_cert_macros.py` */ diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 5c305cb0a..52839eb96 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -5,19 +5,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/src/threading_helpers.c b/tests/src/threading_helpers.c index ae6e59072..6f405b00c 100644 --- a/tests/src/threading_helpers.c +++ b/tests/src/threading_helpers.c @@ -2,19 +2,7 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include diff --git a/tests/ssl-opt-in-docker.sh b/tests/ssl-opt-in-docker.sh index 159be4c50..c0c85fc2e 100755 --- a/tests/ssl-opt-in-docker.sh +++ b/tests/ssl-opt-in-docker.sh @@ -22,19 +22,7 @@ # - ssl-opt.sh for notes about invocation of that script. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later source tests/scripts/docker_env.sh diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index efcbd2686..48b3c0cb2 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -3,19 +3,7 @@ # ssl-opt.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later # # Purpose # From a9b6c64a690ac29aad2b5a2acc15203ee2c138c2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 12:24:58 +0000 Subject: [PATCH 0535/1674] Fix some non-standard headers Signed-off-by: Dave Rodgman --- configs/crypto_config_profile_medium.h | 6 ++-- .../tfm_mbedcrypto_config_profile_medium.h | 4 +-- library/mps_common.h | 2 -- library/mps_error.h | 2 -- library/mps_reader.c | 2 -- library/mps_reader.h | 2 -- library/mps_trace.c | 2 -- library/mps_trace.h | 2 -- library/ssl_client.c | 2 -- library/ssl_tls13_client.c | 2 -- library/ssl_tls13_keys.h | 12 -------- programs/x509/load_roots.c | 29 +------------------ tests/scripts/depends.py | 4 +-- 13 files changed, 5 insertions(+), 66 deletions(-) diff --git a/configs/crypto_config_profile_medium.h b/configs/crypto_config_profile_medium.h index 3fa8552c9..f9b2c2fdd 100644 --- a/configs/crypto_config_profile_medium.h +++ b/configs/crypto_config_profile_medium.h @@ -1,8 +1,6 @@ /* - * Copyright (c) 2018-2022, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /** * \file psa/crypto_config.h diff --git a/configs/tfm_mbedcrypto_config_profile_medium.h b/configs/tfm_mbedcrypto_config_profile_medium.h index 3234cd672..34a3bd4ff 100644 --- a/configs/tfm_mbedcrypto_config_profile_medium.h +++ b/configs/tfm_mbedcrypto_config_profile_medium.h @@ -8,10 +8,8 @@ * memory footprint. */ /* - * Copyright (C) 2006-2022, ARM Limited, All Rights Reserved + * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of mbed TLS (https://tls.mbed.org) */ #ifndef PROFILE_M_MBEDTLS_CONFIG_H diff --git a/library/mps_common.h b/library/mps_common.h index 49e17535a..f9fe09988 100644 --- a/library/mps_common.h +++ b/library/mps_common.h @@ -1,8 +1,6 @@ /* * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/mps_error.h b/library/mps_error.h index 8a714a3a5..016a84ce4 100644 --- a/library/mps_error.h +++ b/library/mps_error.h @@ -1,8 +1,6 @@ /* * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/mps_reader.c b/library/mps_reader.c index 48b393685..27d0c04c1 100644 --- a/library/mps_reader.c +++ b/library/mps_reader.c @@ -3,8 +3,6 @@ * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS (https://tls.mbed.org) */ #include "common.h" diff --git a/library/mps_reader.h b/library/mps_reader.h index d877ee54a..3193a5e33 100644 --- a/library/mps_reader.h +++ b/library/mps_reader.h @@ -1,8 +1,6 @@ /* * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/mps_trace.c b/library/mps_trace.c index cb69c6be6..69f6e5a0f 100644 --- a/library/mps_trace.c +++ b/library/mps_trace.c @@ -3,8 +3,6 @@ * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS (https://tls.mbed.org) */ #include "common.h" diff --git a/library/mps_trace.h b/library/mps_trace.h index a13edd87f..b456b2ffd 100644 --- a/library/mps_trace.h +++ b/library/mps_trace.h @@ -1,8 +1,6 @@ /* * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/ssl_client.c b/library/ssl_client.c index eabdc75ac..7a7840662 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -3,8 +3,6 @@ * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS ( https://tls.mbed.org ) */ #include "common.h" diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index ad448109f..58226ebd2 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -3,8 +3,6 @@ * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * This file is part of Mbed TLS ( https://tls.mbed.org ) */ #include "common.h" diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h index 151b7c7c1..d3a4c6c99 100644 --- a/library/ssl_tls13_keys.h +++ b/library/ssl_tls13_keys.h @@ -3,18 +3,6 @@ * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * - * Licensed under the Apache License, Version 2.0 ( the "License" ); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. */ #if !defined(MBEDTLS_SSL_TLS1_3_KEYS_H) #define MBEDTLS_SSL_TLS1_3_KEYS_H diff --git a/programs/x509/load_roots.c b/programs/x509/load_roots.c index a975405ea..f0e6acf25 100644 --- a/programs/x509/load_roots.c +++ b/programs/x509/load_roots.c @@ -2,34 +2,7 @@ * Root CA reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later OR GPL-2.0-or-later - * - * This file is provided under the Apache License 2.0, or the - * GNU General Public License v2.0 or later. - * - * ********** - * Apache License 2.0: - * - * ********** - * - * ********** - * GNU General Public License v2.0 or later: - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - * - * ********** + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #include "mbedtls/build_info.h" diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index 33a62d71e..e355dfd94 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -1,9 +1,7 @@ #!/usr/bin/env python3 -# Copyright (c) 2022, Arm Limited, All Rights Reserved. +# Copyright The Mbed TLS Contributors # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later -# -# This file is part of Mbed TLS (https://tls.mbed.org) """ Test Mbed TLS with a subset of algorithms. From 2c9049c4062611a587c44bab354faefc2dc083b4 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 2 Nov 2023 17:36:49 +0000 Subject: [PATCH 0536/1674] Update documentation Signed-off-by: Dave Rodgman --- CONTRIBUTING.md | 4 +- LICENSE | 351 ++++++++++++++++++++++++++++++++++++++++++++++++ README.md | 2 +- 3 files changed, 354 insertions(+), 3 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 8454fb8ea..261f745ba 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -84,11 +84,11 @@ Mbed TLS is well documented, but if you think documentation is needed, speak out License and Copyright --------------------- -Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license. +Unless specifically indicated otherwise in a file, Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. See the [LICENSE](LICENSE) file for the full text of these licenses. This means that users may choose which of these licenses they take the code under. Contributors must accept that their contributions are made under both the Apache-2.0 AND [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) licenses. This enables LTS (Long Term Support) branches of the software to be provided under either the Apache-2.0 or GPL-2.0-or-later licenses. -All new files should include the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) standard license header where possible. +All new files should include the standard SPDX license identifier where possible, i.e. "SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later". The copyright on contributions is retained by the original authors of the code. Where possible for new files, this should be noted in a comment at the top of the file in the form: "Copyright The Mbed TLS Contributors". diff --git a/LICENSE b/LICENSE index d64569567..776ac77ea 100644 --- a/LICENSE +++ b/LICENSE @@ -1,3 +1,10 @@ +Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) +OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. +This means that users may choose which of these licenses they take the code +under. + +The full text of each of these licenses is given below. + Apache License Version 2.0, January 2004 @@ -200,3 +207,347 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. + + +=============================================================================== + + + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/README.md b/README.md index a3fcd2e15..956d8ba0b 100644 --- a/README.md +++ b/README.md @@ -307,7 +307,7 @@ When using drivers, you will generally want to enable two compilation options (s License ------- -Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license, and [the 'License and Copyright' section in the contributing guidelines](CONTRIBUTING.md#License-and-Copyright) for more information. +Unless specifically indicated otherwise in a file, Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. See the [LICENSE](LICENSE) file for the full text of these licenses, and [the 'License and Copyright' section in the contributing guidelines](CONTRIBUTING.md#License-and-Copyright) for more information. ### Third-party code included in Mbed TLS From b1c40519d65b236fc04f5d544c97465eaec00bcc Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 2 Nov 2023 19:01:43 +0000 Subject: [PATCH 0537/1674] Add Changelog for license Signed-off-by: Dave Rodgman --- ChangeLog.d/license.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/license.txt diff --git a/ChangeLog.d/license.txt b/ChangeLog.d/license.txt new file mode 100644 index 000000000..0b6bb1f02 --- /dev/null +++ b/ChangeLog.d/license.txt @@ -0,0 +1,3 @@ +Changes + * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later + license. Users may choose which license they take the code under. From a334690973b36c43de5345f5c3e3efb283bc835e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 09:28:10 +0000 Subject: [PATCH 0538/1674] Update license for p256-m Signed-off-by: Dave Rodgman --- 3rdparty/p256-m/README.md | 4 +- 3rdparty/p256-m/p256-m/LICENSE | 202 --------------------------------- README.md | 2 +- 3 files changed, 3 insertions(+), 205 deletions(-) delete mode 100644 3rdparty/p256-m/p256-m/LICENSE diff --git a/3rdparty/p256-m/README.md b/3rdparty/p256-m/README.md index 89648d413..ec90f3446 100644 --- a/3rdparty/p256-m/README.md +++ b/3rdparty/p256-m/README.md @@ -1,4 +1,4 @@ -The files within the `p256-m/` subdirectory originate from the [p256-m GitHub repository](https://github.com/mpg/p256-m), which is distributed under the Apache 2.0 license. They are authored by Manuel Pégourié-Gonnard. p256-m is a minimalistic implementation of ECDH and ECDSA on NIST P-256, especially suited to constrained 32-bit environments. Mbed TLS documentation for integrating drivers uses p256-m as an example of a software accelerator, and describes how it can be integrated alongside Mbed TLS. It should be noted that p256-m files in the Mbed TLS repo will not be updated regularly, so they may not have fixes and improvements present in the upstream project. +The files within the `p256-m/` subdirectory originate from the [p256-m GitHub repository](https://github.com/mpg/p256-m). They are distributed here under a dual Apache-2.0 OR GPL-2.0-or-later license. They are authored by Manuel Pégourié-Gonnard. p256-m is a minimalistic implementation of ECDH and ECDSA on NIST P-256, especially suited to constrained 32-bit environments. Mbed TLS documentation for integrating drivers uses p256-m as an example of a software accelerator, and describes how it can be integrated alongside Mbed TLS. It should be noted that p256-m files in the Mbed TLS repo will not be updated regularly, so they may not have fixes and improvements present in the upstream project. -The files `p256-m.c` and `.h`, along with the license, have been taken from the `p256-m` repository. +The files `p256-m.c`, `p256-m.h` and `README.md` have been taken from the `p256-m` repository. It should be noted that p256-m deliberately does not supply its own cryptographically secure RNG function. As a result, the PSA RNG is used, with `p256_generate_random()` wrapping `psa_generate_random()`. diff --git a/3rdparty/p256-m/p256-m/LICENSE b/3rdparty/p256-m/p256-m/LICENSE deleted file mode 100644 index d64569567..000000000 --- a/3rdparty/p256-m/p256-m/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/README.md b/README.md index 956d8ba0b..c0fb9d926 100644 --- a/README.md +++ b/README.md @@ -314,7 +314,7 @@ Unless specifically indicated otherwise in a file, Mbed TLS files are provided u This project contains code from other projects. This code is located within the `3rdparty/` directory. The original license text is included within project subdirectories, and in source files. The projects are listed below: * `3rdparty/everest/`: Files stem from [Project Everest](https://project-everest.github.io/) and are distributed under the Apache 2.0 license. -* `3rdparty/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is also used by Mbed TLS under the Apache 2.0 license. We do not plan to regularly update these files, so they may not contain fixes and improvements present in the upstream project. +* `3rdparty/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is distributed in Mbed TLS under a dual Apache-2.0 OR GPL-2.0-or-later license. We do not plan to regularly update these files, so they may not contain fixes and improvements present in the upstream project. Contributing ------------ From 2bc3bdf37a0ab1f6250609d9ea707f98bc40243d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 11:34:40 +0000 Subject: [PATCH 0539/1674] README improvements to 3rdparty section Signed-off-by: Dave Rodgman --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c0fb9d926..2505d8fd9 100644 --- a/README.md +++ b/README.md @@ -311,10 +311,10 @@ Unless specifically indicated otherwise in a file, Mbed TLS files are provided u ### Third-party code included in Mbed TLS -This project contains code from other projects. This code is located within the `3rdparty/` directory. The original license text is included within project subdirectories, and in source files. The projects are listed below: +This project contains code from other projects. This code is located within the `3rdparty/` directory. The original license text is included within project subdirectories, where it differs from the normal Mbed TLS license, and/or in source files. The projects are listed below: * `3rdparty/everest/`: Files stem from [Project Everest](https://project-everest.github.io/) and are distributed under the Apache 2.0 license. -* `3rdparty/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is distributed in Mbed TLS under a dual Apache-2.0 OR GPL-2.0-or-later license. We do not plan to regularly update these files, so they may not contain fixes and improvements present in the upstream project. +* `3rdparty/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is distributed in Mbed TLS under a dual Apache-2.0 OR GPL-2.0-or-later license with permission from the author. Contributing ------------ From 0a403d4fd6ec98df1361e3de45fbb87a3fbc66af Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 12:28:08 +0000 Subject: [PATCH 0540/1674] assemble Changelog Signed-off-by: Dave Rodgman --- ChangeLog | 6 ++++++ ChangeLog.d/license.txt | 3 --- 2 files changed, 6 insertions(+), 3 deletions(-) delete mode 100644 ChangeLog.d/license.txt diff --git a/ChangeLog b/ChangeLog index 85f3665c2..f0dc08c8d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ Mbed TLS ChangeLog (Sorted per branch, date) += Mbed TLS 3.5.1 branch released 2023-11-06 + +Changes + * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later + license. Users may choose which license they take the code under. + = Mbed TLS 3.5.0 branch released 2023-10-05 API changes diff --git a/ChangeLog.d/license.txt b/ChangeLog.d/license.txt deleted file mode 100644 index 0b6bb1f02..000000000 --- a/ChangeLog.d/license.txt +++ /dev/null @@ -1,3 +0,0 @@ -Changes - * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later - license. Users may choose which license they take the code under. From b63134a9103a77c1a7f835a6a6871bcc21fc2d76 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Fri, 6 Oct 2023 11:48:44 +0100 Subject: [PATCH 0541/1674] Fix 3rdparty target names for custom config Use the correct names qualified by MBEDTLS_TARGET_PREFIX. Signed-off-by: David Horstmann --- 3rdparty/everest/CMakeLists.txt | 4 ++-- 3rdparty/p256-m/CMakeLists.txt | 4 ++-- ChangeLog.d/fix-3rdparty-target-prefix.txt | 3 +++ 3 files changed, 7 insertions(+), 4 deletions(-) create mode 100644 ChangeLog.d/fix-3rdparty-target-prefix.txt diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt index eefc15151..e0e5adecd 100644 --- a/3rdparty/everest/CMakeLists.txt +++ b/3rdparty/everest/CMakeLists.txt @@ -18,11 +18,11 @@ target_include_directories(${everest_target} # everest is not directly linked against any mbedtls targets # so does not inherit the compile definitions. if(MBEDTLS_CONFIG_FILE) - target_compile_definitions(everest + target_compile_definitions(${everest_target} PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") endif() if(MBEDTLS_USER_CONFIG_FILE) - target_compile_definitions(everest + target_compile_definitions(${everest_target} PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") endif() diff --git a/3rdparty/p256-m/CMakeLists.txt b/3rdparty/p256-m/CMakeLists.txt index 41be3c4a3..2ef0d48b7 100644 --- a/3rdparty/p256-m/CMakeLists.txt +++ b/3rdparty/p256-m/CMakeLists.txt @@ -16,11 +16,11 @@ target_include_directories(${p256m_target} # p256m is not directly linked against any mbedtls targets # so does not inherit the compile definitions. if(MBEDTLS_CONFIG_FILE) - target_compile_definitions(p256m + target_compile_definitions(${p256m_target} PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") endif() if(MBEDTLS_USER_CONFIG_FILE) - target_compile_definitions(p256m + target_compile_definitions(${p256m_target} PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") endif() diff --git a/ChangeLog.d/fix-3rdparty-target-prefix.txt b/ChangeLog.d/fix-3rdparty-target-prefix.txt new file mode 100644 index 000000000..db8ed07ee --- /dev/null +++ b/ChangeLog.d/fix-3rdparty-target-prefix.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix accidental omission of MBEDTLS_TARGET_PREFIX in 3rdparty modules + in CMake. From c0e1f3e88ecbde086c8fa5a07517d0aa02879dfd Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 11:08:05 +0000 Subject: [PATCH 0542/1674] Fix typos in changelog Signed-off-by: Dave Rodgman --- ChangeLog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index f0dc08c8d..3e3dc1086 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,8 +11,8 @@ Changes API changes * Mbed TLS 3.4 introduced support for omitting the built-in implementation of ECDSA and/or EC J-PAKE when those are provided by a driver. However, - their was a flaw in the logic checking if the built-in implementation, in - that if failed to check if all the relevant curves were supported by the + there was a flaw in the logic checking if the built-in implementation, in + that it failed to check if all the relevant curves were supported by the accelerator. As a result, it was possible to declare no curves as accelerated and still have the built-in implementation compiled out. Starting with this release, it is necessary to declare which curves are From bb5a18344a5e4d4ff2293ff476c1f7b50c4556c1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 12:31:29 +0000 Subject: [PATCH 0543/1674] Bump version ./scripts/bump_version.sh --version 3.5.1 --so-crypto 15 --so-x509 6 --so-tls 20 Signed-off-by: Dave Rodgman --- CMakeLists.txt | 2 +- doxygen/input/doc_mainpage.h | 2 +- doxygen/mbedtls.doxyfile | 2 +- include/mbedtls/build_info.h | 8 ++++---- library/CMakeLists.txt | 6 +++--- tests/suites/test_suite_version.data | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 3c93b15c6..87a41d75c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -377,7 +377,7 @@ if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL) write_basic_package_version_file( "cmake/MbedTLSConfigVersion.cmake" COMPATIBILITY SameMajorVersion - VERSION 3.5.0) + VERSION 3.5.1) install( FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfig.cmake" diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index f465a454b..c391c59ce 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -10,7 +10,7 @@ */ /** - * @mainpage Mbed TLS v3.5.0 API Documentation + * @mainpage Mbed TLS v3.5.1 API Documentation * * This documentation describes the internal structure of Mbed TLS. It was * automatically generated from specially formatted comment blocks in diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 98b2d7973..89048f221 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -1,4 +1,4 @@ -PROJECT_NAME = "Mbed TLS v3.5.0" +PROJECT_NAME = "Mbed TLS v3.5.1" OUTPUT_DIRECTORY = ../apidoc/ FULL_PATH_NAMES = NO OPTIMIZE_OUTPUT_FOR_C = YES diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 9b2b27255..c4fab1205 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -26,16 +26,16 @@ */ #define MBEDTLS_VERSION_MAJOR 3 #define MBEDTLS_VERSION_MINOR 5 -#define MBEDTLS_VERSION_PATCH 0 +#define MBEDTLS_VERSION_PATCH 1 /** * The single version number has the following structure: * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x03050000 -#define MBEDTLS_VERSION_STRING "3.5.0" -#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.5.0" +#define MBEDTLS_VERSION_NUMBER 0x03050100 +#define MBEDTLS_VERSION_STRING "3.5.1" +#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.5.1" /* Macros for build-time platform detection */ diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 6a4ce51b4..eeda06aee 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -296,7 +296,7 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR}) add_library(${mbedcrypto_target} SHARED ${src_crypto}) - set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.5.0 SOVERSION 15) + set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.5.1 SOVERSION 15) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) if(TARGET ${everest_target}) @@ -308,11 +308,11 @@ if(USE_SHARED_MBEDTLS_LIBRARY) endif() add_library(${mbedx509_target} SHARED ${src_x509}) - set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.5.0 SOVERSION 6) + set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.5.1 SOVERSION 6) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) add_library(${mbedtls_target} SHARED ${src_tls}) - set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.5.0 SOVERSION 20) + set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.5.1 SOVERSION 20) target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) endif(USE_SHARED_MBEDTLS_LIBRARY) diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index 11c41b0d0..faa31662a 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ Check compile time library version -check_compiletime_version:"3.5.0" +check_compiletime_version:"3.5.1" Check runtime library version -check_runtime_version:"3.5.0" +check_runtime_version:"3.5.1" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0 From be8b02b65cc0c72a51dbefb80a2d1f49b4debf87 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 14:08:38 +0000 Subject: [PATCH 0544/1674] Remove not-needed sentence Signed-off-by: Dave Rodgman --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 261f745ba..d793434ce 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -86,7 +86,7 @@ License and Copyright Unless specifically indicated otherwise in a file, Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. See the [LICENSE](LICENSE) file for the full text of these licenses. This means that users may choose which of these licenses they take the code under. -Contributors must accept that their contributions are made under both the Apache-2.0 AND [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) licenses. This enables LTS (Long Term Support) branches of the software to be provided under either the Apache-2.0 or GPL-2.0-or-later licenses. +Contributors must accept that their contributions are made under both the Apache-2.0 AND [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) licenses. All new files should include the standard SPDX license identifier where possible, i.e. "SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later". From 990030bce0b2e91088c0dd74aed59b82533b3b0f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 3 Nov 2023 13:55:00 +0100 Subject: [PATCH 0545/1674] Sort imports Signed-off-by: Gilles Peskine --- tests/scripts/check_files.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py index 68871efe4..31edf8b61 100755 --- a/tests/scripts/check_files.py +++ b/tests/scripts/check_files.py @@ -10,10 +10,10 @@ trailing whitespace, and presence of UTF-8 BOM. Note: requires python 3, must be run from Mbed TLS root. """ -import os import argparse -import logging import codecs +import logging +import os import re import subprocess import sys From f2fb9f667c42244415911609d623df1270b38813 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 3 Nov 2023 14:13:55 +0100 Subject: [PATCH 0546/1674] Check copyright statements and SPDX license identifier Enforce a specific copyright statement and a specific SPDX license identifier where they are present. Binary files, third-party modules and a few other exceptions are not checked. There is currently no check that copyright statements and license identifiers are present. Signed-off-by: Gilles Peskine --- tests/scripts/check_files.py | 80 ++++++++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py index 31edf8b61..554ed4797 100755 --- a/tests/scripts/check_files.py +++ b/tests/scripts/check_files.py @@ -12,6 +12,7 @@ Note: requires python 3, must be run from Mbed TLS root. import argparse import codecs +import inspect import logging import os import re @@ -345,6 +346,84 @@ class MergeArtifactIssueTracker(LineIssueTracker): return False +THIS_FILE_BASE_NAME = \ + os.path.basename(inspect.getframeinfo(inspect.currentframe()).filename) +LINE_NUMBER_BEFORE_LICENSE_ISSUE_TRACKER = \ + inspect.getframeinfo(inspect.currentframe()).lineno +class LicenseIssueTracker(LineIssueTracker): + """Check copyright statements and license indications. + + This class only checks that statements are correct if present. It does + not enforce the presence of statements in each file. + """ + + heading = "License issue:" + + LICENSE_EXEMPTION_RE_LIST = [ + # Third-party code, other than whitelisted third-party modules, + # may be under a different license. + r'3rdparty/(?!(p256-m)/.*)', + # Documentation explaining the license may have accidental + # false positives. + r'(ChangeLog|LICENSE|[-0-9A-Z_a-z]+\.md)\Z', + # Files imported from TF-M, and not used except in test builds, + # may be under a different license. + r'configs/crypto_config_profile_medium\.h\Z', + r'configs/tfm_mbedcrypto_config_profile_medium\.h\Z', + # Third-party file. + r'dco\.txt\Z', + ] + path_exemptions = re.compile('|'.join(BINARY_FILE_PATH_RE_LIST + + LICENSE_EXEMPTION_RE_LIST)) + + COPYRIGHT_HOLDER = rb'The Mbed TLS Contributors' + # Catch "Copyright foo", "Copyright (C) foo", "Copyright © foo", etc. + COPYRIGHT_RE = re.compile(rb'.*\bcopyright\s+((?:\w|\s|[()]|[^ -~])*\w)', re.I) + + SPDX_HEADER_KEY = b'SPDX-License-Identifier' + LICENSE_IDENTIFIER = b'Apache-2.0 OR GPL-2.0-or-later' + SPDX_RE = re.compile(br'.*?(' + + re.escape(SPDX_HEADER_KEY) + + br')(:\s*(.*?)\W*\Z|.*)', re.I) + + def __init__(self): + super().__init__() + # Record what problem was caused. We can't easily report it due to + # the structure of the script. To be fixed after + # https://github.com/Mbed-TLS/mbedtls/pull/2506 + self.problem = None + + def issue_with_line(self, line, filepath, line_number): + # Use endswith() rather than the more correct os.path.basename() + # because experimentally, it makes a significant difference to + # the running time. + if filepath.endswith(THIS_FILE_BASE_NAME) and \ + line_number > LINE_NUMBER_BEFORE_LICENSE_ISSUE_TRACKER: + # Avoid false positives from the code in this class. + # Also skip the rest of this file, which is highly unlikely to + # contain any problematic statements since we put those near the + # top of files. + return False + + m = self.COPYRIGHT_RE.match(line) + if m and m.group(1) != self.COPYRIGHT_HOLDER: + self.problem = 'Invalid copyright line' + return True + + m = self.SPDX_RE.match(line) + if m: + if m.group(1) != self.SPDX_HEADER_KEY: + self.problem = 'Misspelled ' + self.SPDX_HEADER_KEY.decode() + return True + if not m.group(3): + self.problem = 'Improperly formatted SPDX license identifier' + return True + if m.group(3) != self.LICENSE_IDENTIFIER: + self.problem = 'Wrong SPDX license identifier' + return True + return False + + class IntegrityChecker: """Sanity-check files under the current directory.""" @@ -365,6 +444,7 @@ class IntegrityChecker: TrailingWhitespaceIssueTracker(), TabIssueTracker(), MergeArtifactIssueTracker(), + LicenseIssueTracker(), ] def setup_logger(self, log_file, level=logging.INFO): From 3b9facd8ac44f1c03b698a2e5ebdcc5d71ff6aa4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 3 Nov 2023 14:35:28 +0100 Subject: [PATCH 0547/1674] Also complain if licenses are mentioned Signed-off-by: Gilles Peskine --- tests/scripts/check_files.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py index 554ed4797..3eb60d724 100755 --- a/tests/scripts/check_files.py +++ b/tests/scripts/check_files.py @@ -386,6 +386,11 @@ class LicenseIssueTracker(LineIssueTracker): re.escape(SPDX_HEADER_KEY) + br')(:\s*(.*?)\W*\Z|.*)', re.I) + LICENSE_MENTION_RE = re.compile(rb'.*(?:' + rb'|'.join([ + rb'Apache License', + rb'General Public License', + ]) + rb')', re.I) + def __init__(self): super().__init__() # Record what problem was caused. We can't easily report it due to @@ -394,6 +399,8 @@ class LicenseIssueTracker(LineIssueTracker): self.problem = None def issue_with_line(self, line, filepath, line_number): + #pylint: disable=too-many-return-statements + # Use endswith() rather than the more correct os.path.basename() # because experimentally, it makes a significant difference to # the running time. @@ -421,6 +428,12 @@ class LicenseIssueTracker(LineIssueTracker): if m.group(3) != self.LICENSE_IDENTIFIER: self.problem = 'Wrong SPDX license identifier' return True + + m = self.LICENSE_MENTION_RE.match(line) + if m: + self.problem = 'Suspicious license mention' + return True + return False From ce78200fb5d1698ae09e540783007a1397b6fcbd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 3 Nov 2023 14:49:12 +0100 Subject: [PATCH 0548/1674] Pacify mypy Signed-off-by: Gilles Peskine --- tests/scripts/check_files.py | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py index 3eb60d724..a2a9dfa8d 100755 --- a/tests/scripts/check_files.py +++ b/tests/scripts/check_files.py @@ -346,10 +346,13 @@ class MergeArtifactIssueTracker(LineIssueTracker): return False -THIS_FILE_BASE_NAME = \ - os.path.basename(inspect.getframeinfo(inspect.currentframe()).filename) -LINE_NUMBER_BEFORE_LICENSE_ISSUE_TRACKER = \ - inspect.getframeinfo(inspect.currentframe()).lineno +def this_location(): + frame = inspect.currentframe() + assert frame is not None + info = inspect.getframeinfo(frame) + return os.path.basename(info.filename), info.lineno +THIS_FILE_BASE_NAME, LINE_NUMBER_BEFORE_LICENSE_ISSUE_TRACKER = this_location() + class LicenseIssueTracker(LineIssueTracker): """Check copyright statements and license indications. From be0890856472517b58bd6a3ea6dbb2ef9fe9113b Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 1 Nov 2023 14:06:30 +0800 Subject: [PATCH 0549/1674] config.py: exclude MBEDTLS_BLOCK_CIPHER_NO_DECRYPT from full Signed-off-by: Yanray Wang --- scripts/config.py | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/config.py b/scripts/config.py index 17fbe653a..b1ace279b 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -191,6 +191,7 @@ EXCLUDE_FROM_FULL = frozenset([ #pylint: disable=line-too-long 'MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH', # interacts with CTR_DRBG_128_BIT_KEY 'MBEDTLS_AES_USE_HARDWARE_ONLY', # hardware dependency + 'MBEDTLS_BLOCK_CIPHER_NO_DECRYPT', # incompatible with DES/CBC/XTS/NIST_KW 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', # interacts with ENTROPY_FORCE_SHA256 'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options 'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options From f24bbd987a62ce445e48f3178f1ba27e9ce1df55 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 1 Nov 2023 14:47:14 +0800 Subject: [PATCH 0550/1674] dh_client.c: modify prompt message Signed-off-by: Yanray Wang --- programs/pkey/dh_client.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 0d4172bb1..08eb549b3 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -60,7 +60,7 @@ int main(void) #elif defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) int main(void) { - mbedtls_printf("MBEDTLS_BLOCK_CIPHER_NO_DECRYPT implicitly defined.\n"); + mbedtls_printf("MBEDTLS_BLOCK_CIPHER_NO_DECRYPT defined.\n"); mbedtls_exit(0); } #else From de0e2599ad8a2ba5c8c4c64a5ef4b12de591347b Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 1 Nov 2023 15:44:27 +0800 Subject: [PATCH 0551/1674] cipher_wrap.c: remove unnecessary NO_DECRYPT guard for DES Signed-off-by: Yanray Wang --- library/cipher_wrap.c | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index b44ca9c3b..a21e37023 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -1625,7 +1625,6 @@ static int des3_crypt_cbc_wrap(void *ctx, mbedtls_operation_t operation, size_t } #endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) static int des_setkey_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { @@ -1633,7 +1632,6 @@ static int des_setkey_dec_wrap(void *ctx, const unsigned char *key, return mbedtls_des_setkey_dec((mbedtls_des_context *) ctx, key); } -#endif static int des_setkey_enc_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) @@ -1643,7 +1641,6 @@ static int des_setkey_enc_wrap(void *ctx, const unsigned char *key, return mbedtls_des_setkey_enc((mbedtls_des_context *) ctx, key); } -#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) static int des3_set2key_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { @@ -1651,7 +1648,6 @@ static int des3_set2key_dec_wrap(void *ctx, const unsigned char *key, return mbedtls_des3_set2key_dec((mbedtls_des3_context *) ctx, key); } -#endif static int des3_set2key_enc_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) @@ -1661,7 +1657,6 @@ static int des3_set2key_enc_wrap(void *ctx, const unsigned char *key, return mbedtls_des3_set2key_enc((mbedtls_des3_context *) ctx, key); } -#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) static int des3_set3key_dec_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { @@ -1669,7 +1664,6 @@ static int des3_set3key_dec_wrap(void *ctx, const unsigned char *key, return mbedtls_des3_set3key_dec((mbedtls_des3_context *) ctx, key); } -#endif static int des3_set3key_enc_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) @@ -1740,9 +1734,7 @@ static const mbedtls_cipher_base_t des_info = { NULL, #endif des_setkey_enc_wrap, -#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) des_setkey_dec_wrap, -#endif des_ctx_alloc, des_ctx_free }; @@ -1793,9 +1785,7 @@ static const mbedtls_cipher_base_t des_ede_info = { NULL, #endif des3_set2key_enc_wrap, -#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) des3_set2key_dec_wrap, -#endif des3_ctx_alloc, des3_ctx_free }; @@ -1846,9 +1836,7 @@ static const mbedtls_cipher_base_t des_ede3_info = { NULL, #endif des3_set3key_enc_wrap, -#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) des3_set3key_dec_wrap, -#endif des3_ctx_alloc, des3_ctx_free }; From f1496400210f56944ab07b368f484009a28674ee Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 1 Nov 2023 18:55:13 +0800 Subject: [PATCH 0552/1674] all.sh: add components to test BLOCK_CIPHER_NO_DECRYPT with PSA Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 135 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 133 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 4daae6c41..fe3332c9d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4488,7 +4488,7 @@ component_test_aes_fewer_tables_and_rom_tables () { make test } -component_test_block_cipher_no_decrypt_aesni () { +component_test_block_cipher_no_decrypt_aesni_legacy () { # enable BLOCK_CIPHER_NO_DECRYPT and disable its incompatible configs scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC @@ -4554,7 +4554,7 @@ component_test_block_cipher_no_decrypt_aesni () { programs/test/selftest } -component_test_block_cipher_no_decrypt_aesni_m32 () { +component_test_block_cipher_no_decrypt_aesni_use_psa () { # enable BLOCK_CIPHER_NO_DECRYPT and disable its incompatible configs scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC @@ -4562,6 +4562,137 @@ component_test_block_cipher_no_decrypt_aesni_m32 () { scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_NIST_KW_C + # Enable support for cryptographic mechanisms through the PSA API. + # Note: XTS, KW are not yet supported via the PSA API in Mbed TLS. + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_DES + + # test AESNI intrinsics + scripts/config.py set MBEDTLS_AESNI_C + msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI intrinsics" + make clean + make CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes' + + # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA + not grep mbedtls_aes_setkey_dec library/aes.o + not grep mbedtls_aria_setkey_dec library/aria.o + not grep mbedtls_camellia_setkey_dec library/camellia.o + # Make sure we don't have mbedtls_internal_aes_decrypt in AES + not grep mbedtls_internal_aes_decrypt library/aes.o + + msg "test: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI intrinsics" + make test + + msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI intrinsics" + programs/test/selftest + + # test AESNI assembly + scripts/config.py set MBEDTLS_AESNI_C + msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI assembly" + make clean + make CC=gcc CFLAGS='-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes' + + # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA + not grep mbedtls_aes_setkey_dec library/aes.o + not grep mbedtls_aria_setkey_dec library/aria.o + not grep mbedtls_camellia_setkey_dec library/camellia.o + # Make sure we don't have mbedtls_internal_aes_decrypt in AES + not grep mbedtls_internal_aes_decrypt library/aes.o + + msg "test: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI assembly" + make test + + msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI assembly" + programs/test/selftest + + # test AES C implementation + msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AES C Implementation" + scripts/config.py unset MBEDTLS_AESNI_C + make clean + make CC=gcc CFLAGS='-Werror -Wall -Wextra' + + # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA + not grep mbedtls_aes_setkey_dec library/aes.o + not grep mbedtls_aria_setkey_dec library/aria.o + not grep mbedtls_camellia_setkey_dec library/camellia.o + # Make sure we don't have mbedtls_internal_aes_decrypt in AES + not grep mbedtls_internal_aes_decrypt library/aes.o + + msg "test: default config + BLOCK_CIPHER_NO_DECRYPT with AES C Implementation" + make test + + msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT with AES C Implementation" + programs/test/selftest +} + +component_test_block_cipher_no_decrypt_aesni_m32_legacy () { + # enable BLOCK_CIPHER_NO_DECRYPT and disable its incompatible configs + scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT + scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC + scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS + scripts/config.py unset MBEDTLS_DES_C + scripts/config.py unset MBEDTLS_NIST_KW_C + + # test AESNI intrinsics for i386 with VIA PADLOCK + scripts/config.py set MBEDTLS_AESNI_C + scripts/config.py set MBEDTLS_PADLOCK_C + msg "build: default config + BLOCK_CIPHER_NO_DECRYPT for i386 with VIA PADLOCK" + make clean + make CC=gcc LDFLAGS='-m32' CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' + + # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA + not grep mbedtls_aes_setkey_dec library/aes.o + not grep mbedtls_aria_setkey_dec library/aria.o + not grep mbedtls_camellia_setkey_dec library/camellia.o + # Make sure we don't have mbedtls_internal_aes_decrypt in AES + not grep mbedtls_internal_aes_decrypt library/aes.o + + msg "test: default config + BLOCK_CIPHER_NO_DECRYPT for i386 with VIA PADLOCK" + make test + + msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT for i386 with VIA PADLOCK" + programs/test/selftest + + # test AESNI intrinsics for i386 without VIA PADLOCK + scripts/config.py set MBEDTLS_AESNI_C + scripts/config.py unset MBEDTLS_PADLOCK_C + msg "build: default config + BLOCK_CIPHER_NO_DECRYPT for i386 without VIA PADLOCK" + make clean + make CC=gcc LDFLAGS='-m32' CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' + + # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA + not grep mbedtls_aes_setkey_dec library/aes.o + not grep mbedtls_aria_setkey_dec library/aria.o + not grep mbedtls_camellia_setkey_dec library/camellia.o + # Make sure we don't have mbedtls_internal_aes_decrypt in AES + not grep mbedtls_internal_aes_decrypt library/aes.o + + msg "test: default config + BLOCK_CIPHER_NO_DECRYPT for i386 without VIA PADLOCK" + make test + + msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT for i386 without VIA PADLOCK" + programs/test/selftest +} + +component_test_block_cipher_no_decrypt_aesni_m32_use_psa () { + # enable BLOCK_CIPHER_NO_DECRYPT and disable its incompatible configs + scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT + scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC + scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS + scripts/config.py unset MBEDTLS_DES_C + scripts/config.py unset MBEDTLS_NIST_KW_C + + # Enable support for cryptographic mechanisms through the PSA API. + # Note: XTS, KW are not yet supported via the PSA API in Mbed TLS. + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_DES + # test AESNI intrinsics for i386 with VIA PADLOCK scripts/config.py set MBEDTLS_AESNI_C scripts/config.py set MBEDTLS_PADLOCK_C From 956aa00202d95540733898db96e44bc0dfa38a73 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 1 Nov 2023 19:15:16 +0800 Subject: [PATCH 0553/1674] check_config: add checks for MBEDTLS_BLOCK_CIPHER_NO_DECRYPT with PSA Signed-off-by: Yanray Wang --- include/mbedtls/check_config.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 436ca0592..0abe8ae66 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -192,6 +192,16 @@ cannot be defined simultaneously" #endif +#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) && \ + defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ + (defined(PSA_WANT_ALG_CBC_NO_PADDING) || \ + defined(PSA_WANT_ALG_CBC_PKCS7) || \ + defined(PSA_WANT_ALG_ECB_NO_PADDING) || \ + defined(PSA_WANT_KEY_TYPE_DES)) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT, MBEDTLS_PSA_CRYPTO_CONFIG and \ +PSA_WANT_ALG_CBC_NO_PADDING/PSA_WANT_ALG_CBC_PKCS7/PSA_WANT_ALG_ECB_NO_PADDING/PSA_WANT_KEY_TYPE_DES cannot be defined simultaneously" +#endif + #if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C) #error "MBEDTLS_ECDH_C defined, but not all prerequisites" #endif From 0d76b6ef761b4bf7bc2286d262d46f5aa8c5885f Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 2 Nov 2023 11:54:39 +0800 Subject: [PATCH 0554/1674] Return an error if asking for decrypt under BLOCK_CIPHER_NO_DECRYPT If MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is enabled, but decryption is still requested in some incompatible modes, we return an error of FEATURE_UNAVAILABLE as additional indication. Signed-off-by: Yanray Wang --- include/mbedtls/aes.h | 2 ++ library/aes.c | 7 ++++--- library/aesce.c | 9 ++++----- library/aesni.c | 19 +++++++++---------- library/cipher.c | 21 +++++++++++++++++---- library/psa_crypto.c | 1 + 6 files changed, 37 insertions(+), 22 deletions(-) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index c53f817c1..c43134d45 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -60,6 +60,8 @@ /* Error codes in range 0x0021-0x0025 */ /** Invalid input data. */ #define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 +/** The requested feature is not available. */ +#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 #ifdef __cplusplus extern "C" { diff --git a/library/aes.c b/library/aes.c index 940ea0296..29a193e70 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1061,15 +1061,16 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, #endif #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) -#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) if (mode == MBEDTLS_AES_ENCRYPT) { return mbedtls_internal_aes_encrypt(ctx, input, output); } else { +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) return mbedtls_internal_aes_decrypt(ctx, input, output); - } #else - return mbedtls_internal_aes_encrypt(ctx, input, output); + return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE; #endif + } + return mbedtls_internal_aes_encrypt(ctx, input, output); #endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ } diff --git a/library/aesce.c b/library/aesce.c index 79c02e367..5883e6a83 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -244,16 +244,15 @@ int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx, uint8x16_t block = vld1q_u8(&input[0]); unsigned char *keys = (unsigned char *) (ctx->buf + ctx->rk_offset); -#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) if (mode == MBEDTLS_AES_ENCRYPT) { block = aesce_encrypt_block(block, keys, ctx->nr); } else { +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) block = aesce_decrypt_block(block, keys, ctx->nr); - } #else - (void) mode; - block = aesce_encrypt_block(block, keys, ctx->nr); -#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ + return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE; +#endif + } vst1q_u8(&output[0], block); return 0; diff --git a/library/aesni.c b/library/aesni.c index 0c509acc0..6c917daec 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -93,7 +93,6 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, ++rk; --nr; -#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) if (mode == MBEDTLS_AES_ENCRYPT) { while (nr != 0) { state = _mm_aesenc_si128(state, *rk); @@ -102,23 +101,17 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, } state = _mm_aesenclast_si128(state, *rk); } else { +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) while (nr != 0) { state = _mm_aesdec_si128(state, *rk); ++rk; --nr; } state = _mm_aesdeclast_si128(state, *rk); - } #else - (void) mode; - while (nr != 0) { - - state = _mm_aesenc_si128(state, *rk); - ++rk; - --nr; + return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE; +#endif } - state = _mm_aesenclast_si128(state, *rk); -#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ memcpy(output, &state, 16); return 0; @@ -452,6 +445,12 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16]) { +#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) + if (mode == MBEDTLS_AES_DECRYPT) { + return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE; + } +#endif + asm ("movdqu (%3), %%xmm0 \n\t" // load input "movdqu (%1), %%xmm1 \n\t" // load round key 0 "pxor %%xmm1, %%xmm0 \n\t" // round 0 diff --git a/library/cipher.c b/library/cipher.c index 60c13a9f7..de55efa78 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -319,6 +319,17 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, if (ctx->cipher_info == NULL) { return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } +#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) + /* CBC, XTS, KW and KWP mode always need decryption, return an error to + * indicate those modes are not available under + * MBEDTLS_BLOCK_CIPHER_NO_DECRYPT. */ + if (MBEDTLS_MODE_CBC == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_XTS == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || + MBEDTLS_MODE_KWP == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } +#endif #if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) if (ctx->psa_enabled == 1) { @@ -402,12 +413,14 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_dec_func(ctx->cipher_ctx, key, ctx->key_bitlen); } +#else + if (operation == MBEDTLS_ENCRYPT || operation == MBEDTLS_DECRYPT) { + return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_enc_func(ctx->cipher_ctx, key, + ctx->key_bitlen); + } +#endif return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; -#else - return mbedtls_cipher_get_base(ctx->cipher_info)->setkey_enc_func(ctx->cipher_ctx, key, - ctx->key_bitlen); -#endif } int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1faf1dd6c..2ada2eb72 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -157,6 +157,7 @@ psa_status_t mbedtls_to_psa_error(int ret) #if defined(MBEDTLS_AES_C) case MBEDTLS_ERR_AES_INVALID_KEY_LENGTH: case MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH: + case MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE: return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_AES_BAD_INPUT_DATA: return PSA_ERROR_INVALID_ARGUMENT; From 53479573a053323f4217b58d8594e4e680d077e2 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 2 Nov 2023 13:41:11 +0800 Subject: [PATCH 0555/1674] ChangeLog: rewrite ChangeLog for block-cipher-no-decrypt Signed-off-by: Yanray Wang --- ChangeLog.d/add-block-cipher-no-decrypt.txt | 6 ++++++ ChangeLog.d/add-cipher-encrypt-only.txt | 7 ------- 2 files changed, 6 insertions(+), 7 deletions(-) create mode 100644 ChangeLog.d/add-block-cipher-no-decrypt.txt delete mode 100644 ChangeLog.d/add-cipher-encrypt-only.txt diff --git a/ChangeLog.d/add-block-cipher-no-decrypt.txt b/ChangeLog.d/add-block-cipher-no-decrypt.txt new file mode 100644 index 000000000..755eda35a --- /dev/null +++ b/ChangeLog.d/add-block-cipher-no-decrypt.txt @@ -0,0 +1,6 @@ +Features + * Add support to remove decryption operation for cipher type of AES, ARIA + and CAMELLIA. A new configuration option, MBEDTLS_BLOCK_CIPHER_NO_DECRYPT + can be used to enable this feature. + Note that this configuration option is incompatible with MBEDTLS_DES_C, + MBEDTLS_CIPHER_MODE_CBC, MBEDTLS_CIPHER_MODE_XTS and MBEDTLS_NIST_KW_C. diff --git a/ChangeLog.d/add-cipher-encrypt-only.txt b/ChangeLog.d/add-cipher-encrypt-only.txt deleted file mode 100644 index d56c08da3..000000000 --- a/ChangeLog.d/add-cipher-encrypt-only.txt +++ /dev/null @@ -1,7 +0,0 @@ -Features - * Add support to remove xxx_setkey_dec and xxx_decrypt for cipher type of - AES, ARIA, CAMELLIA and DES. This is achieved by implicitly enabling - MBEDTLS_BLOCK_CIPHER_NO_DECRYPT when - - ECB and CBC cipher modes are not requested via the PSA API. - - ECB, CBC, XTS and KW are not enabled in the legacy API. - - DES is not requested in the PSA API and the legacy API. From 50d07bdeece8450ab7204a03196dcc4bbf6e4d26 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 6 Nov 2023 10:49:01 +0800 Subject: [PATCH 0556/1674] Add test-suite parameter to filter tests Signed-off-by: Jerry Yu --- tests/ssl-opt.sh | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 8e8e2a165..098d17261 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -113,6 +113,7 @@ EXCLUDE='^$' SHOW_TEST_NUMBER=0 LIST_TESTS=0 RUN_TEST_NUMBER='' +RUN_TEST_SUITE='' PRESERVE_LOGS=0 @@ -137,6 +138,8 @@ print_usage() { printf " --port \tTCP/UDP port (default: randomish 1xxxx)\n" printf " --proxy-port\tTCP/UDP proxy port (default: randomish 2xxxx)\n" printf " --seed \tInteger seed value to use for this test run\n" + printf " --test-suite\tOnly matching test suites are executed\n" + printf " \t(comma-separated, e.g. 'ssl-opt,tls13-compat')\n\n" } get_options() { @@ -175,6 +178,9 @@ get_options() { --seed) shift; SEED="$1" ;; + --test-suite) + shift; RUN_TEST_SUITE="$1" + ;; -h|--help) print_usage exit 0 @@ -1590,6 +1596,13 @@ run_test() { return fi + # Use ssl-opt as default test suite name. Also see record_outcome function + if is_excluded_test_suite "${TEST_SUITE_NAME:-ssl-opt}"; then + # Do not skip next test and skip current test. + SKIP_NEXT="NO" + return + fi + print_name "$NAME" # Do we only run numbered tests? @@ -1837,6 +1850,21 @@ else } fi +# Filter tests according to TEST_SUITE_NAME +is_excluded_test_suite () { + if [ -n "$RUN_TEST_SUITE" ] + then + case ",$RUN_TEST_SUITE," in + *",$1,"*) false;; + *) true;; + esac + else + false + fi + +} + + if [ "$LIST_TESTS" -eq 0 ];then # sanity checks, avoid an avalanche of errors From 9e47b268c47b9822108760b66076c30916f3322a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 6 Nov 2023 10:52:01 +0800 Subject: [PATCH 0557/1674] Revert "ssl-opt.sh: Make record_outcome record the ssl-opt.sh file only" This reverts commit cfe68a0cb6f5ba882c6528034a161d7ff45d0ce9. As commit 5eb2b02862, this line is used to report test suite name. Signed-off-by: Jerry Yu --- tests/ssl-opt.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 098d17261..9c317d1fc 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -889,7 +889,7 @@ record_outcome() { if [ -n "$MBEDTLS_TEST_OUTCOME_FILE" ]; then printf '%s;%s;%s;%s;%s;%s\n' \ "$MBEDTLS_TEST_PLATFORM" "$MBEDTLS_TEST_CONFIGURATION" \ - "ssl-opt" "$NAME" \ + "${TEST_SUITE_NAME:-ssl-opt}" "$NAME" \ "$1" "${2-}" \ >>"$MBEDTLS_TEST_OUTCOME_FILE" fi From bc29aefdea79712c94a13133a734955fbbfda192 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 6 Nov 2023 11:08:17 +0800 Subject: [PATCH 0558/1674] all.sh: test BLOCK_CIPHER_NO_DECRYPT in build_aes_variations Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index fe3332c9d..d24ad9d10 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4011,6 +4011,7 @@ component_build_aes_variations() { # aes.o has many #if defined(...) guards that intersect in complex ways. # Test that all the combinations build cleanly. + MBEDTLS_ROOT_DIR="$PWD" msg "build: aes.o for all combinations of relevant config options" build_test_config_combos library/aes.o validate_aes_config_variations \ @@ -4018,6 +4019,24 @@ component_build_aes_variations() { "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \ "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" + + cd "$MBEDTLS_ROOT_DIR" + msg "build: aes.o for all combinations of relevant config options + BLOCK_CIPHER_NO_DECRYPT" + + # MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is incompatible with CBC/XTS/DES/NIST_KW, + # manually set or unset those configurations to check + # MBEDTLS_BLOCK_CIPHER_NO_DECRYPT with various combinations in aes.o. + + scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT + scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC + scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS + scripts/config.py unset MBEDTLS_DES_C + scripts/config.py unset MBEDTLS_NIST_KW_C + build_test_config_combos library/aes.o validate_aes_config_variations \ + "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" \ + "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \ + "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_PADLOCK_C" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ + "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" } component_test_no_platform () { From 2ef7c3077551d3db0c0121d59c4005fc5f5239b8 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 6 Nov 2023 11:47:15 +0000 Subject: [PATCH 0559/1674] Update BRANCHES Signed-off-by: Dave Rodgman --- BRANCHES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/BRANCHES.md b/BRANCHES.md index d3bd75eff..c085b1616 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -106,6 +106,6 @@ The following branches are currently maintained: - [`development`](https://github.com/Mbed-TLS/mbedtls/) - [`mbedtls-2.28`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-2.28) maintained until at least the end of 2024, see - . + . Users are urged to always use the latest version of a maintained branch. From 33406b645dea9a10a8ebf08e98b1c5d8face1b98 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 2 Nov 2023 18:48:39 +0100 Subject: [PATCH 0560/1674] Add a metatest program This program can be used to validate that things that should be detected as test failures are indeed caught, either by setting the test result to MBEDTLS_TEST_RESULT_FAILED or by aborting the program. Signed-off-by: Gilles Peskine --- programs/.gitignore | 1 + programs/Makefile | 5 +++ programs/test/CMakeLists.txt | 1 + programs/test/metatest.c | 81 ++++++++++++++++++++++++++++++++++++ 4 files changed, 88 insertions(+) create mode 100644 programs/test/metatest.c diff --git a/programs/.gitignore b/programs/.gitignore index a641c31c4..2826a18a4 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -56,6 +56,7 @@ test/cpp_dummy_build test/cpp_dummy_build.cpp test/dlopen test/ecp-bench +test/metatest test/query_compile_time_config test/query_included_headers test/selftest diff --git a/programs/Makefile b/programs/Makefile index 116883b83..7b538da4b 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -123,6 +123,7 @@ APPS = \ ssl/ssl_server \ ssl/ssl_server2 \ test/benchmark \ + test/metatest \ test/query_compile_time_config \ test/query_included_headers \ test/selftest \ @@ -413,6 +414,10 @@ test/dlopen$(EXEXT): test/dlopen.c $(DEP) $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/dlopen.c $(LDFLAGS) $(DLOPEN_LDFLAGS) -o $@ endif +test/metatest$(EXEXT): test/metatest.c $(DEP) + echo " CC test/metatest.c" + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/metatest.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + test/query_config.o: test/query_config.c test/query_config.h $(DEP) echo " CC test/query_config.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -c test/query_config.c -o $@ diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index a75f8d923..8469d064d 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -3,6 +3,7 @@ set(libs ) set(executables_libs + metatest query_included_headers selftest udp_proxy diff --git a/programs/test/metatest.c b/programs/test/metatest.c new file mode 100644 index 000000000..f03e5e703 --- /dev/null +++ b/programs/test/metatest.c @@ -0,0 +1,81 @@ +/** \file metatest.c + * + * \brief Test features of the test framework. + */ + +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + +#include +#include "test/helpers.h" + +#include +#include + + +/****************************************************************/ +/* Command line entry point */ +/****************************************************************/ + +typedef struct { + const char *name; + const char *platform; + void (*entry_point)(const char *name); +} metatest_t; + +metatest_t metatests[] = { + { NULL, NULL, NULL } +}; + +static void help(FILE *out, const char *argv0) +{ + mbedtls_fprintf(out, "Usage: %s list|TEST\n", argv0); + mbedtls_fprintf(out, "Run a meta-test that should cause a test failure.\n"); + mbedtls_fprintf(out, "With 'list', list the available tests and their platform requirement.\n"); +} + +int main(int argc, char *argv[]) +{ + const char *argv0 = argc > 0 ? argv[0] : "metatest"; + if (argc != 2) { + help(stderr, argv0); + mbedtls_exit(MBEDTLS_EXIT_FAILURE); + } + + /* Support "-help", "--help", "--list", etc. */ + const char *command = argv[1]; + while (*command == '-') { + ++command; + } + + if (strcmp(argv[1], "help") == 0) { + help(stdout, argv0); + mbedtls_exit(MBEDTLS_EXIT_SUCCESS); + } + if (strcmp(argv[1], "list") == 0) { + for (const metatest_t *p = metatests; p->name != NULL; p++) { + mbedtls_printf("%s %s\n", p->name, p->platform); + } + mbedtls_exit(MBEDTLS_EXIT_SUCCESS); + } + + for (const metatest_t *p = metatests; p->name != NULL; p++) { + if (strcmp(argv[1], p->name) == 0) { + mbedtls_printf("Running metatest %s...\n", argv[1]); + p->entry_point(argv[1]); + mbedtls_printf("Running metatest %s... done, result=%d\n", + argv[1], (int) mbedtls_test_info.result); + mbedtls_exit(mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SUCCESS ? + MBEDTLS_EXIT_SUCCESS : + MBEDTLS_EXIT_FAILURE); + } + } + + mbedtls_fprintf(stderr, "%s: FATAL: No such metatest: %s\n", + argv0, command); + mbedtls_exit(MBEDTLS_EXIT_FAILURE); +} From f309fbf0d5c6da465ecda4b1ce563d0c59dc5534 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 2 Nov 2023 18:49:52 +0100 Subject: [PATCH 0561/1674] Validate that test_fail causes a test failure Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index f03e5e703..fab3b1f53 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -17,6 +17,17 @@ #include +/****************************************************************/ +/* Test framework features */ +/****************************************************************/ + +void meta_test_fail(const char *name) +{ + (void) name; + mbedtls_test_fail("Forced test failure", __LINE__, __FILE__); +} + + /****************************************************************/ /* Command line entry point */ /****************************************************************/ @@ -28,6 +39,7 @@ typedef struct { } metatest_t; metatest_t metatests[] = { + { "test_fail", "any", meta_test_fail }, { NULL, NULL, NULL } }; From 80ba832be6a1c909aecf031f42a8b0a53cef9089 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 2 Nov 2023 19:23:26 +0100 Subject: [PATCH 0562/1674] Metatests for null pointer dereference Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index fab3b1f53..ba3ec9443 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -28,6 +28,29 @@ void meta_test_fail(const char *name) } +/****************************************************************/ +/* Platform features */ +/****************************************************************/ + +void null_pointer_dereference(const char *name) +{ + (void) name; + char *p; + memset(&p, 0, sizeof(p)); + volatile char c; + c = *p; + (void) c; +} + +void null_pointer_call(const char *name) +{ + (void) name; + void (*p)(void); + memset(&p, 0, sizeof(p)); + p(); +} + + /****************************************************************/ /* Command line entry point */ /****************************************************************/ @@ -40,6 +63,8 @@ typedef struct { metatest_t metatests[] = { { "test_fail", "any", meta_test_fail }, + { "null_dereference", "any", null_pointer_dereference }, + { "null_call", "any", null_pointer_call }, { NULL, NULL, NULL } }; From f109664448dc71c134521f2b3aa317c05908bc78 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 2 Nov 2023 19:23:41 +0100 Subject: [PATCH 0563/1674] Script to run all the metatests (with platform filtering) Signed-off-by: Gilles Peskine --- tests/scripts/run-metatests.sh | 81 ++++++++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100755 tests/scripts/run-metatests.sh diff --git a/tests/scripts/run-metatests.sh b/tests/scripts/run-metatests.sh new file mode 100755 index 000000000..182bf0410 --- /dev/null +++ b/tests/scripts/run-metatests.sh @@ -0,0 +1,81 @@ +#!/bin/sh + +help () { + cat <&2 "$0: FATAL: programs/test/metatest not found" + exit 120 +fi + +LIST_ONLY= +while getopts hl OPTLET; do + case $OPTLET in + h) help; exit;; + l) LIST_ONLY=1;; + \?) help >&2; exit 120;; + esac +done +shift $((OPTIND - 1)) + +list_matches () { + while read name platform junk; do + for pattern; do + case $platform in + $pattern) echo "$name"; break;; + esac + done + done +} + +count=0 +errors=0 +run_metatest () { + ret=0 + "$METATEST_PROGRAM" "$1" || ret=$? + if [ $ret -eq 0 ]; then + echo >&2 "$0: Unexpected success: $1" + errors=$((errors + 1)) + fi + count=$((count + 1)) +} + +# Don't pipe the output of metatest so that if it fails, this script exits +# immediately with a failure status. +full_list=$("$METATEST_PROGRAM" list) +matching_list=$(printf '%s\n' "$full_list" | list_matches "$@") + +if [ -n "$LIST_ONLY" ]; then + printf '%s\n' $matching_list + exit +fi + +for name in $matching_list; do + run_metatest "$name" +done + +if [ $errors -eq 0 ]; then + echo "Ran $count metatests, all good." + exit 0 +else + echo "Ran $count metatests, $errors unexpected successes." + exit 1 +fi From b0f0a64de058950127396e52ff3a58581feca0e8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 2 Nov 2023 19:42:13 +0100 Subject: [PATCH 0564/1674] Metatests for basic Asan and Msan features Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 48 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index ba3ec9443..91a1e2a7d 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -51,6 +51,50 @@ void null_pointer_call(const char *name) } +/****************************************************************/ +/* Sanitizers */ +/****************************************************************/ + +void read_after_free(const char *name) +{ + (void) name; + volatile char *p = mbedtls_calloc(1, 1); + *p = 'a'; + mbedtls_free((void *) p); + mbedtls_printf("%u\n", (unsigned) *p); +} + +void double_free(const char *name) +{ + (void) name; + volatile char *p = mbedtls_calloc(1, 1); + *p = 'a'; + mbedtls_free((void *) p); + mbedtls_free((void *) p); +} + +void read_uninitialized_stack(const char *name) +{ + (void) name; + volatile char buf[1]; + static int false_but_the_compiler_does_not_know = 0; + if (false_but_the_compiler_does_not_know) { + buf[0] = '!'; + } + if (*buf != 0) { + mbedtls_printf("%u\n", (unsigned) *buf); + } +} + +void memory_leak(const char *name) +{ + (void) name; + volatile char *p = mbedtls_calloc(1, 1); + /* Hint to the compiler that calloc must not be optimized away. */ + (void) *p; +} + + /****************************************************************/ /* Command line entry point */ /****************************************************************/ @@ -65,6 +109,10 @@ metatest_t metatests[] = { { "test_fail", "any", meta_test_fail }, { "null_dereference", "any", null_pointer_dereference }, { "null_call", "any", null_pointer_call }, + { "read_after_free", "asan", read_after_free }, + { "double_free", "asan", double_free }, + { "read_uninitialized_stack", "msan", read_uninitialized_stack }, + { "memory_leak", "asan", memory_leak }, { NULL, NULL, NULL } }; From 69e8db036639ab2293501676c7f4f5d1ac7df536 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 2 Nov 2023 19:52:32 +0100 Subject: [PATCH 0565/1674] Strengthen against Clang optimizations Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index 91a1e2a7d..eb3bb76af 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -11,12 +11,21 @@ #define MBEDTLS_ALLOW_PRIVATE_ACCESS #include +#include #include "test/helpers.h" #include #include +/* This is an external variable, so the compiler doesn't know that we're never + * changing its value. + * + * TODO: LTO (link-time-optimization) would defeat this. + */ +int false_but_the_compiler_does_not_know = 0; + + /****************************************************************/ /* Test framework features */ /****************************************************************/ @@ -35,19 +44,17 @@ void meta_test_fail(const char *name) void null_pointer_dereference(const char *name) { (void) name; - char *p; - memset(&p, 0, sizeof(p)); - volatile char c; - c = *p; - (void) c; + volatile char *p; + mbedtls_platform_zeroize(&p, sizeof(p)); + mbedtls_printf("%p -> %u\n", p, (unsigned) *p); } void null_pointer_call(const char *name) { (void) name; - void (*p)(void); - memset(&p, 0, sizeof(p)); - p(); + unsigned (*p)(void); + mbedtls_platform_zeroize(&p, sizeof(p)); + mbedtls_printf("%p() -> %u\n", p, p()); } @@ -77,7 +84,6 @@ void read_uninitialized_stack(const char *name) { (void) name; volatile char buf[1]; - static int false_but_the_compiler_does_not_know = 0; if (false_but_the_compiler_does_not_know) { buf[0] = '!'; } From 6848d1709baf6f63c1901dbab3e8af2dde1c2167 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 2 Nov 2023 19:58:03 +0100 Subject: [PATCH 0566/1674] Run metatests in selected components Run metatests in some components, covering both GCC and Clang, with ASan, MSan or neither. Note that this commit does not cover constant-flow testing builds or Valgrind. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 086677a60..5f5d2fd23 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1065,6 +1065,9 @@ component_test_default_cmake_gcc_asan () { msg "test: selftest (ASan build)" # ~ 10s programs/test/selftest + msg "test: metatests (GCC, ASan build)" + tests/scripts/run-metatests.sh any asan + msg "test: ssl-opt.sh (ASan build)" # ~ 1 min tests/ssl-opt.sh @@ -1830,6 +1833,9 @@ component_test_everest () { msg "test: Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s make test + msg "test: metatests (clang, ASan)" + tests/scripts/run-metatests.sh any asan + msg "test: Everest ECDH context - ECDH-related part of ssl-opt.sh (ASan build)" # ~ 5s tests/ssl-opt.sh -f ECDH @@ -1918,6 +1924,9 @@ component_test_full_cmake_clang () { msg "test: cpp_dummy_build (full config, clang)" # ~ 1s programs/test/cpp_dummy_build + msg "test: metatests (clang)" + tests/scripts/run-metatests.sh any + msg "program demos (full config, clang)" # ~10s tests/scripts/run_demos.py @@ -5403,6 +5412,9 @@ component_test_memsan () { msg "test: main suites (MSan)" # ~ 10s make test + msg "test: metatests (MSan)" + tests/scripts/run-metatests.sh any msan + msg "program demos (MSan)" # ~20s tests/scripts/run_demos.py From 6aa9f321246519690ec4c50fe04a2b256376c84a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 2 Nov 2023 21:31:07 +0100 Subject: [PATCH 0567/1674] Use casts when doing nonstandard pointer conversions Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index eb3bb76af..36119f68d 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -45,7 +45,7 @@ void null_pointer_dereference(const char *name) { (void) name; volatile char *p; - mbedtls_platform_zeroize(&p, sizeof(p)); + mbedtls_platform_zeroize((void *) &p, sizeof(p)); mbedtls_printf("%p -> %u\n", p, (unsigned) *p); } @@ -54,7 +54,7 @@ void null_pointer_call(const char *name) (void) name; unsigned (*p)(void); mbedtls_platform_zeroize(&p, sizeof(p)); - mbedtls_printf("%p() -> %u\n", p, p()); + mbedtls_printf("%p() -> %u\n", (void *) p, p()); } From ee8109541a433d01add3be695e78653898c24e08 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 2 Nov 2023 22:32:50 +0100 Subject: [PATCH 0568/1674] Don't cast a function pointer to a data pointer That's nonstandard. Instead, convert to an integer. Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index 36119f68d..872dbf0f8 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -54,7 +54,7 @@ void null_pointer_call(const char *name) (void) name; unsigned (*p)(void); mbedtls_platform_zeroize(&p, sizeof(p)); - mbedtls_printf("%p() -> %u\n", (void *) p, p()); + mbedtls_printf("%llx() -> %u\n", (unsigned long long) p, p()); } From a1dfa14c066962ac5f8780e2e4fdbc97a9acad72 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 3 Nov 2023 10:31:56 +0100 Subject: [PATCH 0569/1674] Fix cast from pointer to integer of different size Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index 872dbf0f8..1a638b595 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -54,7 +54,7 @@ void null_pointer_call(const char *name) (void) name; unsigned (*p)(void); mbedtls_platform_zeroize(&p, sizeof(p)); - mbedtls_printf("%llx() -> %u\n", (unsigned long long) p, p()); + mbedtls_printf("%llx() -> %u\n", (unsigned long long) (uintptr_t) p, p()); } From f0d5cf9a0c7fe8742b3a8ddaf26d4e00a5a564c3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 3 Nov 2023 10:58:57 +0100 Subject: [PATCH 0570/1674] Don't use %llx in printf We still do MinGW builds on our CI whose printf doesn't support it! Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index 1a638b595..d3173f3d4 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -54,7 +54,10 @@ void null_pointer_call(const char *name) (void) name; unsigned (*p)(void); mbedtls_platform_zeroize(&p, sizeof(p)); - mbedtls_printf("%llx() -> %u\n", (unsigned long long) (uintptr_t) p, p()); + /* The pointer representation may be truncated, but we don't care: + * the only point of printing it is to have some use of the pointer + * to dissuade the compiler from optimizing it away. */ + mbedtls_printf("%lx() -> %u\n", (unsigned long) (uintptr_t) p, p()); } From 102aea2ba834e584fc73ae308868187b9c102a39 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 3 Nov 2023 18:05:38 +0100 Subject: [PATCH 0571/1674] Add metatests for mutex usage Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 100 ++++++++++++++++++++++++++++++++++++++- tests/scripts/all.sh | 2 +- 2 files changed, 100 insertions(+), 2 deletions(-) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index d3173f3d4..7e173ee27 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -13,10 +13,15 @@ #include #include #include "test/helpers.h" +#include "test/macros.h" #include #include +#if defined(MBEDTLS_THREADING_C) +#include +#endif + /* This is an external variable, so the compiler doesn't know that we're never * changing its value. @@ -62,7 +67,7 @@ void null_pointer_call(const char *name) /****************************************************************/ -/* Sanitizers */ +/* Memory */ /****************************************************************/ void read_after_free(const char *name) @@ -104,6 +109,84 @@ void memory_leak(const char *name) } +/****************************************************************/ +/* Threading */ +/****************************************************************/ + +void mutex_lock_not_initialized(const char *name) +{ + (void) name; + /* Mutex usage verification is only done with pthread, not with other + * threading implementations. See tests/src/threading_helpers.c. */ +#if defined(MBEDTLS_THREADING_PTHREAD) + mbedtls_threading_mutex_t mutex; + memset(&mutex, 0, sizeof(mutex)); + TEST_ASSERT(mbedtls_mutex_lock(&mutex) == 0); +exit: + ; +#endif +} + +void mutex_unlock_not_initialized(const char *name) +{ + (void) name; + /* Mutex usage verification is only done with pthread, not with other + * threading implementations. See tests/src/threading_helpers.c. */ +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; + memset(&mutex, 0, sizeof(mutex)); + TEST_ASSERT(mbedtls_mutex_unlock(&mutex) == 0); +exit: + ; +#endif +} + +void mutex_free_not_initialized(const char *name) +{ + (void) name; + /* Mutex usage verification is only done with pthread, not with other + * threading implementations. See tests/src/threading_helpers.c. */ +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; + memset(&mutex, 0, sizeof(mutex)); + mbedtls_mutex_free(&mutex); +#endif +} + +void mutex_double_init(const char *name) +{ + (void) name; +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; + mbedtls_mutex_init(&mutex); + mbedtls_mutex_init(&mutex); + mbedtls_mutex_free(&mutex); +#endif +} + +void mutex_double_free(const char *name) +{ + (void) name; +#if defined(MBEDTLS_THREADING_C) + mbedtls_threading_mutex_t mutex; + mbedtls_mutex_init(&mutex); + mbedtls_mutex_free(&mutex); + mbedtls_mutex_free(&mutex); +#endif +} + +void mutex_leak(const char *name) +{ + (void) name; + /* Mutex usage verification is only done with pthread, not with other + * threading implementations. See tests/src/threading_helpers.c. */ +#if defined(MBEDTLS_THREADING_PTHREAD) + mbedtls_threading_mutex_t mutex; + mbedtls_mutex_init(&mutex); +#endif +} + + /****************************************************************/ /* Command line entry point */ /****************************************************************/ @@ -122,6 +205,14 @@ metatest_t metatests[] = { { "double_free", "asan", double_free }, { "read_uninitialized_stack", "msan", read_uninitialized_stack }, { "memory_leak", "asan", memory_leak }, + /* Mutex usage verification is only done with pthread, not with other + * threading implementations. See tests/src/threading_helpers.c. */ + { "mutex_lock_not_initialized", "pthread", mutex_lock_not_initialized }, + { "mutex_unlock_not_initialized", "pthread", mutex_unlock_not_initialized }, + { "mutex_free_not_initialized", "pthread", mutex_free_not_initialized }, + { "mutex_double_init", "pthread", mutex_double_init }, + { "mutex_double_free", "pthread", mutex_double_free }, + { "mutex_leak", "pthread", mutex_leak }, { NULL, NULL, NULL } }; @@ -157,10 +248,17 @@ int main(int argc, char *argv[]) mbedtls_exit(MBEDTLS_EXIT_SUCCESS); } +#if defined(MBEDTLS_TEST_MUTEX_USAGE) + mbedtls_test_mutex_usage_init(); +#endif + for (const metatest_t *p = metatests; p->name != NULL; p++) { if (strcmp(argv[1], p->name) == 0) { mbedtls_printf("Running metatest %s...\n", argv[1]); p->entry_point(argv[1]); +#if defined(MBEDTLS_TEST_MUTEX_USAGE) + mbedtls_test_mutex_usage_check(); +#endif mbedtls_printf("Running metatest %s... done, result=%d\n", argv[1], (int) mbedtls_test_info.result); mbedtls_exit(mbedtls_test_info.result == MBEDTLS_TEST_RESULT_SUCCESS ? diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5f5d2fd23..04626c39f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1925,7 +1925,7 @@ component_test_full_cmake_clang () { programs/test/cpp_dummy_build msg "test: metatests (clang)" - tests/scripts/run-metatests.sh any + tests/scripts/run-metatests.sh any pthread msg "program demos (full config, clang)" # ~10s tests/scripts/run_demos.py From 4bc873f0a189ed906a77ee839869419ca1815e84 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 3 Nov 2023 18:57:06 +0100 Subject: [PATCH 0572/1674] Add missing program to .gitignore Signed-off-by: Gilles Peskine --- programs/.gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/programs/.gitignore b/programs/.gitignore index 2826a18a4..e0c49873e 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -38,6 +38,7 @@ psa/crypto_examples psa/hmac_demo psa/key_ladder_demo psa/psa_constant_names +psa/psa_hash random/gen_entropy random/gen_random_ctr_drbg ssl/dtls_client From a1023e2bd665233cc9562817f9f6222570d10c4c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 3 Nov 2023 19:16:56 +0100 Subject: [PATCH 0573/1674] programs/test/metatest indirectly includes library/common.h Signed-off-by: Gilles Peskine --- programs/Makefile | 2 +- programs/test/CMakeLists.txt | 1 + scripts/generate_visualc_files.pl | 5 ++++- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/programs/Makefile b/programs/Makefile index 7b538da4b..a3fa81679 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -416,7 +416,7 @@ endif test/metatest$(EXEXT): test/metatest.c $(DEP) echo " CC test/metatest.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) test/metatest.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -I ../library test/metatest.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ test/query_config.o: test/query_config.c test/query_config.h $(DEP) echo " CC test/query_config.c" diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 8469d064d..077873112 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -73,6 +73,7 @@ foreach(exe IN LISTS executables_libs executables_mbedcrypto) add_executable(${exe} ${exe}.c $ ${extra_sources}) target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) + target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../library) if(exe STREQUAL "query_compile_time_config") target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}) endif() diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index 7f5609820..96ade2fa7 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -144,6 +144,7 @@ sub gen_app { my $guid = gen_app_guid( $path ); $path =~ s!/!\\!g; (my $appname = $path) =~ s/.*\\//; + my $is_test_app = ($path =~ m/^test\\/); my $srcs = ""; if( $appname eq "ssl_client2" or $appname eq "ssl_server2" or @@ -158,7 +159,9 @@ sub gen_app { $content =~ s//$srcs/g; $content =~ s//$appname/g; $content =~ s//$guid/g; - $content =~ s/INCLUDE_DIRECTORIES\n/$include_directories/g; + $content =~ s/INCLUDE_DIRECTORIES\n/($is_test_app ? + $library_include_directories : + $include_directories)/ge; content_to_file( $content, "$dir/$appname.$ext" ); } From 1f00926142d383f877d961bb8d2fbfad28a8c856 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 7 Nov 2023 09:55:11 +0800 Subject: [PATCH 0574/1674] Change base config to full Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 086677a60..73206a811 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3631,9 +3631,6 @@ common_psa_crypto_config_accel_cipher_aead() { # Start from the full config helper_libtestdriver1_adjust_config "full" - # For time being, we don't support SSL module. - scripts/config.py unset MBEDTLS_SSL_TLS_C - scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py unset MBEDTLS_NIST_KW_C } From 44670c6edaafd4bc99bb21d054c3d3c4a540710c Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 7 Nov 2023 09:58:53 +0800 Subject: [PATCH 0575/1674] Revert "TLS 1.3: SRV: Don't select ephemeral mode on resumption" This reverts commit dadeb20383956f6b8654fce1501ab2d572f09058. Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 49324d83c..5d86660fd 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1026,8 +1026,7 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_check_ephemeral_key_exchange(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) - return !ssl->handshake->resume && - mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl) && + return mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl) && ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange(ssl); #else ((void) ssl); From 4ebf86e7802523acec351b8e394f3cd136cb64a1 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 7 Nov 2023 10:14:32 +0800 Subject: [PATCH 0576/1674] tls13-misc: Do not check kex mode for some cases Ephemeral is preferred over pure PSK, the change is to make CI happy. Signed-off-by: Pengyu Lv --- tests/opt-testcases/tls13-misc.sh | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index cd01355cb..f1616f6d3 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -351,8 +351,7 @@ run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk." \ 0 \ -c "Pre-configured PSK number = 1" \ -S "No suitable key exchange mode" \ - -s "found matched identity" \ - -s "key exchange mode: psk$" + -s "found matched identity" requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ @@ -380,8 +379,7 @@ run_test "TLS 1.3 m->m: Resumption with ticket flags, psk/psk_all." \ 0 \ -c "Pre-configured PSK number = 1" \ -S "No suitable key exchange mode" \ - -s "found matched identity" \ - -s "key exchange mode: psk$" + -s "found matched identity" requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ @@ -469,8 +467,7 @@ run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk." \ 0 \ -c "Pre-configured PSK number = 1" \ -S "No suitable key exchange mode" \ - -s "found matched identity" \ - -s "key exchange mode: psk$" + -s "found matched identity" requires_all_configs_enabled MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C \ From d5ed36ff242f3f03ce52c8d6d312d1eb740e85f4 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 7 Nov 2023 11:40:43 +0800 Subject: [PATCH 0577/1674] early data: rename configuration function Rename mbedtls_ssl_tls13_conf_early_data as mbedtls_ssl_conf_early_data since in the future this may not be specific to TLS 1.3. Signed-off-by: Yanray Wang --- include/mbedtls/ssl.h | 4 ++-- library/ssl_tls.c | 6 +++--- programs/ssl/ssl_client2.c | 2 +- programs/ssl/ssl_server2.c | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index c9110dead..88bba8c58 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2000,8 +2000,8 @@ void mbedtls_ssl_conf_authmode(mbedtls_ssl_config *conf, int authmode); * \warning This interface is experimental and may change without notice. * */ -void mbedtls_ssl_tls13_conf_early_data(mbedtls_ssl_config *conf, - int early_data_enabled); +void mbedtls_ssl_conf_early_data(mbedtls_ssl_config *conf, + int early_data_enabled); #if defined(MBEDTLS_SSL_SRV_C) /** diff --git a/library/ssl_tls.c b/library/ssl_tls.c index a2c382286..2a2bd8f57 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1770,8 +1770,8 @@ void mbedtls_ssl_conf_tls13_key_exchange_modes(mbedtls_ssl_config *conf, } #if defined(MBEDTLS_SSL_EARLY_DATA) -void mbedtls_ssl_tls13_conf_early_data(mbedtls_ssl_config *conf, - int early_data_enabled) +void mbedtls_ssl_conf_early_data(mbedtls_ssl_config *conf, + int early_data_enabled) { conf->early_data_enabled = early_data_enabled; } @@ -5247,7 +5247,7 @@ int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_SSL_EARLY_DATA) - mbedtls_ssl_tls13_conf_early_data(conf, MBEDTLS_SSL_EARLY_DATA_DISABLED); + mbedtls_ssl_conf_early_data(conf, MBEDTLS_SSL_EARLY_DATA_DISABLED); #if defined(MBEDTLS_SSL_SRV_C) mbedtls_ssl_tls13_conf_max_early_data_size( conf, MBEDTLS_SSL_MAX_EARLY_DATA_SIZE); diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index aa3bc40ec..f6a6bb6d9 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1971,7 +1971,7 @@ usage: } #if defined(MBEDTLS_SSL_EARLY_DATA) - mbedtls_ssl_tls13_conf_early_data(&conf, opt.early_data); + mbedtls_ssl_conf_early_data(&conf, opt.early_data); #endif /* MBEDTLS_SSL_EARLY_DATA */ if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 1bab9157b..e80996cc3 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2776,7 +2776,7 @@ usage: } #if defined(MBEDTLS_SSL_EARLY_DATA) - mbedtls_ssl_tls13_conf_early_data(&conf, tls13_early_data_enabled); + mbedtls_ssl_conf_early_data(&conf, tls13_early_data_enabled); if (tls13_early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { mbedtls_ssl_tls13_conf_max_early_data_size( &conf, opt.max_early_data_size); From 0751761b495753f3d0148c9a09dc7e8110a645f8 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 7 Nov 2023 11:47:36 +0800 Subject: [PATCH 0578/1674] max_early_data_size: rename configuration function Rename mbedtls_ssl_tls13_conf_max_early_data_size as mbedtls_ssl_conf_max_early_data_size since in the future this may not be specific to TLS 1.3. Signed-off-by: Yanray Wang --- include/mbedtls/mbedtls_config.h | 2 +- include/mbedtls/ssl.h | 2 +- library/ssl_tls.c | 5 ++--- programs/ssl/ssl_server2.c | 2 +- 4 files changed, 5 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 6a940d44a..39884dc4b 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -4080,7 +4080,7 @@ * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE * * The default maximum amount of 0-RTT data. See the documentation of - * \c mbedtls_ssl_tls13_conf_max_early_data_size() for more information. + * \c mbedtls_ssl_conf_max_early_data_size() for more information. * * It must be positive and smaller than UINT32_MAX. * diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 88bba8c58..ddb200bfe 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2027,7 +2027,7 @@ void mbedtls_ssl_conf_early_data(mbedtls_ssl_config *conf, * \warning This interface is experimental and may change without notice. * */ -void mbedtls_ssl_tls13_conf_max_early_data_size( +void mbedtls_ssl_conf_max_early_data_size( mbedtls_ssl_config *conf, uint32_t max_early_data_size); #endif /* MBEDTLS_SSL_SRV_C */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 2a2bd8f57..4751d3418 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1777,7 +1777,7 @@ void mbedtls_ssl_conf_early_data(mbedtls_ssl_config *conf, } #if defined(MBEDTLS_SSL_SRV_C) -void mbedtls_ssl_tls13_conf_max_early_data_size( +void mbedtls_ssl_conf_max_early_data_size( mbedtls_ssl_config *conf, uint32_t max_early_data_size) { conf->max_early_data_size = max_early_data_size; @@ -5249,8 +5249,7 @@ int mbedtls_ssl_config_defaults(mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_EARLY_DATA) mbedtls_ssl_conf_early_data(conf, MBEDTLS_SSL_EARLY_DATA_DISABLED); #if defined(MBEDTLS_SSL_SRV_C) - mbedtls_ssl_tls13_conf_max_early_data_size( - conf, MBEDTLS_SSL_MAX_EARLY_DATA_SIZE); + mbedtls_ssl_conf_max_early_data_size(conf, MBEDTLS_SSL_MAX_EARLY_DATA_SIZE); #endif #endif /* MBEDTLS_SSL_EARLY_DATA */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index e80996cc3..c44aec00a 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2778,7 +2778,7 @@ usage: #if defined(MBEDTLS_SSL_EARLY_DATA) mbedtls_ssl_conf_early_data(&conf, tls13_early_data_enabled); if (tls13_early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { - mbedtls_ssl_tls13_conf_max_early_data_size( + mbedtls_ssl_conf_max_early_data_size( &conf, opt.max_early_data_size); } #endif /* MBEDTLS_SSL_EARLY_DATA */ From 2bea94ce2e61620d101b96527f91f82ec2e4b27e Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 7 Nov 2023 14:18:17 +0800 Subject: [PATCH 0579/1674] check the ticket version unconditional Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 2288a1ae2..61559462b 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -159,12 +159,10 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( /* We delete the temporary buffer */ mbedtls_free(ticket_buffer); -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) if (ret == 0 && session->tls_version != MBEDTLS_SSL_VERSION_TLS1_3) { MBEDTLS_SSL_DEBUG_MSG(3, ("ticket version invalid.")); ret = MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION; } -#endif if (ret != 0) { goto exit; From 7ef9fd8989f5ced6185a9922a77e4cdc4627302d Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 7 Nov 2023 14:30:38 +0800 Subject: [PATCH 0580/1674] fix various issues - Debug message - Improve comments Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 18 ++++++++++-------- tests/opt-testcases/tls13-misc.sh | 1 - 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 61559462b..ee6e89c59 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -160,7 +160,8 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( mbedtls_free(ticket_buffer); if (ret == 0 && session->tls_version != MBEDTLS_SSL_VERSION_TLS1_3) { - MBEDTLS_SSL_DEBUG_MSG(3, ("ticket version invalid.")); + MBEDTLS_SSL_DEBUG_MSG(3, ("Ticket TLS version is not 1.3.")); + /* TODO: Define new return value for this case. */ ret = MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION; } @@ -1781,7 +1782,7 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) via a NewSessionTicket message thus in the case of a session resumption. */ MBEDTLS_SSL_DEBUG_MSG( - 1, ("EarlyData: rejected, not resumption session.")); + 1, ("EarlyData: rejected, not a session resumption.")); return; } @@ -1796,26 +1797,27 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) * - The selected ALPN [RFC7301] protocol, if any * * NOTE: - * - ALPN hasn't been checked. - * - TLS version is checked in - * ssl_tls13_offered_psks_check_identity_match_ticket() + * - The TLS version number is checked in + * ssl_tls13_offered_psks_check_identity_match_ticket(). + * - ALPN is not checked for the time being (TODO). */ if (handshake->selected_identity != 0) { MBEDTLS_SSL_DEBUG_MSG( - 1, ("EarlyData: rejected, first psk key is not offered.")); + 1, ("EarlyData: rejected, the selected key in " + "`pre_shared_key` is not the first one.")); return; } if (handshake->ciphersuite_info->id != ssl->session_negotiate->ciphersuite) { MBEDTLS_SSL_DEBUG_MSG( - 1, ("EarlyData: rejected, selected ciphersuite mismatch.")); + 1, ("EarlyData: rejected, the selected ciphersuite is not the one " + "of the selected pre-shared key.")); return; } - /* TODO: Add more checks here. */ ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED; diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index ffa914e92..2c25354af 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -513,7 +513,6 @@ run_test "TLS 1.3 G->m: EarlyData: feature is disabled, fail." \ -s "Last error was: -29056 - SSL - Verification of the message MAC failed" requires_gnutls_next - requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ From 1ccd6108e81e35cf2522af7e9ce40c65ad4d0c47 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 7 Nov 2023 14:57:12 +0800 Subject: [PATCH 0581/1674] Revert "fix miss sent extensions mask" This reverts commit 06b364fdfd9a1816abaef3de336a4c701e760b3a. It has been set in write_binders Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 90f54f94b..c6fa3b390 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1022,8 +1022,6 @@ int mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext( MBEDTLS_SSL_DEBUG_BUF(3, "pre_shared_key identities", buf, p - buf); - mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_PRE_SHARED_KEY); - return 0; } From 7cca7f68207036bcb095abff2bf53473bfab5d80 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 7 Nov 2023 15:00:32 +0800 Subject: [PATCH 0582/1674] move ext print to the end of write client hello pre_shared_key extension is done at the end. The information should be print after that Signed-off-by: Jerry Yu --- library/ssl_client.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/ssl_client.c b/library/ssl_client.c index 1a56f1ebe..656a6eb0b 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -705,11 +705,6 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl, p_extensions_len, extensions_len); } -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) - MBEDTLS_SSL_PRINT_EXTS( - 3, MBEDTLS_SSL_HS_CLIENT_HELLO, handshake->sent_extensions); -#endif - *out_len = p - buf; return 0; } @@ -1021,6 +1016,11 @@ int mbedtls_ssl_write_client_hello(mbedtls_ssl_context *ssl) #endif } +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) + MBEDTLS_SSL_PRINT_EXTS( + 3, MBEDTLS_SSL_HS_CLIENT_HELLO, ssl->handshake->sent_extensions); +#endif + cleanup: MBEDTLS_SSL_DEBUG_MSG(2, ("<= write client hello")); From 4995e0c31b70502119eda086f00878102efdffc8 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 7 Nov 2023 17:50:52 +0800 Subject: [PATCH 0583/1674] cipher.c: return error for ECB-decrypt under BLOCK_CIPHER_NO_DECRYPT - fix remaining dependency in test_suite_psa_crypto.data Signed-off-by: Yanray Wang --- library/cipher.c | 4 ++++ tests/suites/test_suite_psa_crypto.data | 10 +++++----- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index de55efa78..909324aae 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -329,6 +329,10 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, MBEDTLS_MODE_KWP == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; } + if (MBEDTLS_MODE_ECB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) && + MBEDTLS_DECRYPT == operation) { + return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; + } #endif #if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 5220b273e..76dc3a836 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2267,7 +2267,7 @@ depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES cipher_encrypt_fail:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT PSA symmetric encrypt: AES-ECB, 0 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_alg_without_iv:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"" PSA symmetric encrypt: AES-ECB, 16 bytes, good @@ -2411,7 +2411,7 @@ depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_AES cipher_decrypt_fail:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e11739317":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-ECB, input too short (15 bytes) -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_decrypt_fail:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes) @@ -2423,7 +2423,7 @@ depends_on:PSA_WANT_ALG_CCM_STAR_NO_TAG:MBEDTLS_AES_C cipher_decrypt_fail:PSA_ALG_CCM_STAR_NO_TAG:PSA_KEY_TYPE_AES:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"2a2a2a2a2a2a2a2a":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt: AES-ECB, 0 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_decrypt:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":"" PSA symmetric decrypt: AES-ECB, 16 bytes, good @@ -2487,7 +2487,7 @@ depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_CHACHA20 cipher_decrypt:PSA_ALG_STREAM_CIPHER:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"000000000000004a00000000":"fb6d7b60e9e67669b607a9b94a606bdca678d44f0ebf24cbd623efd69cc2bdc0f615ac19d0366a8d00e3d6728f5ee01d61d74ab77edc17a7621f2268eea12e656e2e359a2568f98041ba0728dd0d6981e97e7aec1d4360c20a27afccfd9fae0bf91b65c5524733ab8f593dabcd62b3571639d624e65152ab8f530c359f0861d807ca0dbf500d6a6156a38e088a22b65e52bc514d16ccf806818ce91ab77937365af90bbf74a35be6b40b8eedf2785e42874d":"546865205246432037353339207465737420766563746f72207573657320636f756e7465723d312c2062757420505341207573657320636f756e7465723d302e4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e" PSA symmetric decrypt multipart: AES-ECB, 0 bytes, good -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"":0:0:0:"":PSA_SUCCESS PSA symmetric decrypt multipart: AES-ECB, 16 bytes, good @@ -2519,7 +2519,7 @@ depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES cipher_decrypt_multipart:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":16:16:0:"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS PSA symmetric decrypt multipart: AES-ECB, input too short (15 bytes) -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_AES:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT cipher_decrypt_multipart:PSA_ALG_ECB_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"":"396ee84fb75fdbb5c2b13c7fe5a654":0:0:0:"63cecc46a382414d5fa7d2b7938743":PSA_ERROR_INVALID_ARGUMENT PSA symmetric decrypt multipart: AES-CBC-nopad, input too short (5 bytes) From 7604915ccecd53cf34cf8238e9d30e31d2b81ae6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 7 Nov 2023 12:33:17 +0000 Subject: [PATCH 0584/1674] Update Changelog with bugfix entry Signed-off-by: Dave Rodgman --- ChangeLog | 4 ++++ ChangeLog.d/fix-3rdparty-target-prefix.txt | 3 --- 2 files changed, 4 insertions(+), 3 deletions(-) delete mode 100644 ChangeLog.d/fix-3rdparty-target-prefix.txt diff --git a/ChangeLog b/ChangeLog index 3e3dc1086..28c45f718 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,10 @@ Changes * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later license. Users may choose which license they take the code under. +Bugfix + * Fix accidental omission of MBEDTLS_TARGET_PREFIX in 3rdparty modules + in CMake. + = Mbed TLS 3.5.0 branch released 2023-10-05 API changes diff --git a/ChangeLog.d/fix-3rdparty-target-prefix.txt b/ChangeLog.d/fix-3rdparty-target-prefix.txt deleted file mode 100644 index db8ed07ee..000000000 --- a/ChangeLog.d/fix-3rdparty-target-prefix.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix accidental omission of MBEDTLS_TARGET_PREFIX in 3rdparty modules - in CMake. From e92f6dcf5cce6b33c57de75e2b77cba54853e081 Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Tue, 7 Nov 2023 15:16:35 +0100 Subject: [PATCH 0585/1674] New test cases requested in https://github.com/Mbed-TLS/mbedtls/pull/8378#discussion_r1383779861 Signed-off-by: Matthias Schulz --- tests/suites/test_suite_x509parse.data | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 9817536d7..261c220ee 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -2940,15 +2940,23 @@ X509 CSR ASN.1 (OK) depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_parse:"308201183081bf0201003034310b3009060355040613024e4c3111300f060355040a1308506f6c617253534c31123010060355040313096c6f63616c686f73743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa029302706092a864886f70d01090e311a301830090603551d1304023000300b0603551d0f0404030205e0300906072a8648ce3d04010349003046022100b49fd8c8f77abfa871908dfbe684a08a793d0f490a43d86fcf2086e4f24bb0c2022100f829d5ccd3742369299e6294394717c4b723a0f68b44e831b6e6c3bcabf97243":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n\nkey usage \: Digital Signature, Non Repudiation, Key Encipherment\n":0 -X509 CSR ASN.1 (Unsupported critical extension) +X509 CSR ASN.1 (Unsupported critical extension, critical=true) depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_parse:"308201233081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004c11ebb9951848a436ca2c8a73382f24bbb6c28a92e401d4889b0c361f377b92a8b0497ff2f5a5f6057ae85f704ab1850bef075914f68ed3aeb15a1ff1ebc0dc6a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101ff0403010101300a06082a8648ce3d040302034700304402200c4108fd098525993d3fd5b113f0a1ead8750852baf55a2f8e670a22cabc0ba1022034db93a0fcb993912adcf2ea8cb4b66389af30e264d43c0daea03255e45d2ccc":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -X509 CSR ASN.1 (Unsupported critical extension accepted by callback) +X509 CSR ASN.1 (Unsupported non-critical extension, critical=false) +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_parse:"308201243081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004b5e718a7df6b21912733e77c42f266b8283e6cae7adf8afd56b990c1c6232ea0a2a46097c218353bc948444aea3d00423e84802e28c48099641fe9977cdfb505a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101000403010101300a06082a8648ce3d0403020348003045022100f0ba9a0846ad0a7cefd0a61d5fc92194dc06037a44158de2d0c569912c058d430220421f27a9f249c1687e2fa34db3f543c8512fd925dfe5ae00867f13963ffd4f8d":"CSR version \: 1\nsubject name \: CN=Self signed test, C=DE, O=AuthCrtDB Test\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n":0 + +X509 CSR ASN.1 (Unsupported non-critical extension, critical undefined) +depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO +mbedtls_x509_csr_parse:"308201223081c802010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d030107034200045f94b28d133418833bf10c442d91306459d3925e7cea06ebb9220932e7de116fb671c5d2d6c0a3784a12897217aef8432e7228fcea0ab016bdb67b67ced4c612a025302306092a864886f70d01090e311630143012060b2b0601040183890c8622020403010101300a06082a8648ce3d04030203490030460221009b1e8b25775c18525e96753e1ed55875f8d62f026c5b7f70eb5037ad27dc92de022100ba1dfe14de6af6a603f763563fd046b1cd3714b54d6daf5d8a72076497f11014":"CSR version \: 1\nsubject name \: CN=Self signed test, C=DE, O=AuthCrtDB Test\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n":0 + +X509 CSR ASN.1 (Unsupported critical extension accepted by callback, critical=true) depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_parse_with_ext_cb:"308201233081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004c11ebb9951848a436ca2c8a73382f24bbb6c28a92e401d4889b0c361f377b92a8b0497ff2f5a5f6057ae85f704ab1850bef075914f68ed3aeb15a1ff1ebc0dc6a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101ff0403010101300a06082a8648ce3d040302034700304402200c4108fd098525993d3fd5b113f0a1ead8750852baf55a2f8e670a22cabc0ba1022034db93a0fcb993912adcf2ea8cb4b66389af30e264d43c0daea03255e45d2ccc":"CSR version \: 1\nsubject name \: CN=Self signed test, C=DE, O=AuthCrtDB Test\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n":0:1 -X509 CSR ASN.1 (Unsupported critical extension rejected by callback) +X509 CSR ASN.1 (Unsupported critical extension rejected by callback, critical=true) depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_X509_REMOVE_INFO mbedtls_x509_csr_parse_with_ext_cb:"308201233081cb02010030413119301706035504030c1053656c66207369676e65642074657374310b300906035504061302444531173015060355040a0c0e41757468437274444220546573743059301306072a8648ce3d020106082a8648ce3d03010703420004c11ebb9951848a436ca2c8a73382f24bbb6c28a92e401d4889b0c361f377b92a8b0497ff2f5a5f6057ae85f704ab1850bef075914f68ed3aeb15a1ff1ebc0dc6a028302606092a864886f70d01090e311930173015060b2b0601040183890c8622020101ff0403010101300a06082a8648ce3d040302034700304402200c4108fd098525993d3fd5b113f0a1ead8750852baf55a2f8e670a22cabc0ba1022034db93a0fcb993912adcf2ea8cb4b66389af30e264d43c0daea03255e45d2ccc":"":MBEDTLS_ERR_X509_INVALID_EXTENSIONS+MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:0 From c55b50034343d733f77441172ddda3cf2a9a9a89 Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Tue, 7 Nov 2023 16:47:37 +0100 Subject: [PATCH 0586/1674] Changed notes in x509_csr.h to better describe the behavior of mbedtls_x509_csr_parse_der and mbedtls_x509_csr_parse_der_with_ext_cb. Signed-off-by: Matthias Schulz --- include/mbedtls/x509_csr.h | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index f3ac57045..dc4f86de4 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -87,7 +87,9 @@ mbedtls_x509write_csr; /** * \brief Load a Certificate Signing Request (CSR) in DER format * - * \note CSR attributes (if any) are currently silently ignored. + * \note Any unsupported requested extensions are silently + * ignored, unless the critical flag is set, in which case + * the CSR is rejected. * * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto * subsystem must have been initialized by calling @@ -140,7 +142,10 @@ typedef int (*mbedtls_x509_csr_ext_cb_t)(void *p_ctx, /** * \brief Load a Certificate Signing Request (CSR) in DER format * - * \note CSR attributes (if any) are currently silently ignored. + * \note Any unsupported requested extensions are silently + * ignored, unless the critical flag is set, in which case + * the result of the callback function decides whether + * CSR is rejected. * * \note If #MBEDTLS_USE_PSA_CRYPTO is enabled, the PSA crypto * subsystem must have been initialized by calling From 8636d471b3db1294518ab2ab5016914cb5fe59e8 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 8 Nov 2023 10:07:01 +0800 Subject: [PATCH 0587/1674] config-tfm.h: License Change Signed-off-by: Yanray Wang --- configs/config-tfm.h | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index b8233e900..191e4c4f4 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -5,19 +5,7 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* TF-M medium profile: mbedtls legacy configuration */ From fe03a4071badbdcfea7a4428c03b2fd4f8f9852f Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 8 Nov 2023 10:30:48 +0800 Subject: [PATCH 0588/1674] ssl_helper: fix missin initialization of cli_log_obj Signed-off-by: Pengyu Lv --- tests/src/test_helpers/ssl_helpers.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 4527885fb..1390b7abf 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -73,7 +73,7 @@ void mbedtls_test_init_handshake_options( opts->renegotiate = 0; opts->legacy_renegotiation = MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION; opts->srv_log_obj = NULL; - opts->srv_log_obj = NULL; + opts->cli_log_obj = NULL; opts->srv_log_fun = NULL; opts->cli_log_fun = NULL; opts->resize_buffers = 1; From 7b320fa7c916a1e4f0b13d5d0e47f2d1d2e10e47 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 8 Nov 2023 10:33:30 +0800 Subject: [PATCH 0589/1674] ssl-opt.sh: fix typo Signed-off-by: Yanray Wang --- tests/ssl-opt.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 8e8e2a165..200ce6d86 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1513,7 +1513,7 @@ do_run_test_once() { # $1 and $2 contain the server and client command lines, respectively. # # Note: this function only provides some guess about TLS version by simply -# looking at the server/client command lines. Even thought this works +# looking at the server/client command lines. Even though this works # for the sake of tests' filtering (especially in conjunction with the # detect_required_features() function), it does NOT guarantee that the # result is accurate. It does not check other conditions, such as: @@ -1626,7 +1626,7 @@ run_test() { requires_config_enabled MBEDTLS_SSL_PROTO_DTLS fi - # Check if we are trying to use an external tool wich does not support ECDH + # Check if we are trying to use an external tool which does not support ECDH EXT_WO_ECDH=$(use_ext_tool_without_ecdh_support "$SRV_CMD" "$CLI_CMD") # Guess the TLS version which is going to be used From e870cc8c8686d33a307ae7ae1e0d028dba2b0263 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 8 Nov 2023 11:24:47 +0800 Subject: [PATCH 0590/1674] ssl: add macro for available key types Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 57f5f89f8..0e56ff016 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -249,6 +249,20 @@ uint32_t mbedtls_ssl_get_extension_mask(unsigned int extension_type); * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256). */ +/* Some internal helpers to determine which keys are availble. */ +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_AES)) +#define MBEDTLS_SSL_HAVE_AES +#endif +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CAMELLIA_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_CAMELLIA)) +#define MBEDTLS_SSL_HAVE_CAMELLIA +#endif +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ARIA_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ARIA)) +#define MBEDTLS_SSL_HAVE_ARIA +#endif + /* Some internal helpers to determine which keys are availble for CBC mode. */ #if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(PSA_WANT_ALG_CBC_NO_PADDING) From f1b86b088fb6b1be3e036bfd0942a7500738b528 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 8 Nov 2023 11:26:44 +0800 Subject: [PATCH 0591/1674] ssl: add macro to indicate CBC mode is available Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 0e56ff016..b2b9830df 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -263,6 +263,12 @@ uint32_t mbedtls_ssl_get_extension_mask(unsigned int extension_type); #define MBEDTLS_SSL_HAVE_ARIA #endif +/* Some internal helpers to determine which operation modes are availble. */ +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CIPHER_MODE_CBC)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CBC_NO_PADDING)) +#define MBEDTLS_SSL_HAVE_CBC +#endif + /* Some internal helpers to determine which keys are availble for CBC mode. */ #if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(PSA_WANT_ALG_CBC_NO_PADDING) From 829dd2048a564b0e34eaf096b243988b1c5898d1 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 8 Nov 2023 12:01:26 +0800 Subject: [PATCH 0592/1674] ssl: use MBEDTLS_SSL_HAVE_* in ssl_ciphersuites.c Mainly done by the commands, with some manual adjust. ``` sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_ciphersuites.c ``` Signed-off-by: Pengyu Lv --- library/ssl_ciphersuites.c | 296 ++++++++++++++++++------------------- 1 file changed, 148 insertions(+), 148 deletions(-) diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index dc027e555..6224ef205 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -280,7 +280,7 @@ static const int ciphersuite_preference[] = static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = { #if defined(MBEDTLS_SSL_PROTO_TLS1_3) -#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SSL_HAVE_AES) #if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA384) { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384", @@ -309,7 +309,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, #endif /* MBEDTLS_MD_CAN_SHA256 && MBEDTLS_SSL_HAVE_CCM */ -#endif /* MBEDTLS_AES_C */ +#endif /* MBEDTLS_SSL_HAVE_AES */ #if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) && defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256, "TLS1-3-CHACHA20-POLY1305-SHA256", @@ -383,9 +383,9 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_MD_CAN_SHA256 && MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SSL_HAVE_AES) #if defined(MBEDTLS_MD_CAN_SHA1) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, @@ -394,15 +394,15 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #endif /* MBEDTLS_MD_CAN_SHA1 */ #if defined(MBEDTLS_MD_CAN_SHA256) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -411,12 +411,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -442,10 +442,10 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_SSL_HAVE_CCM */ -#endif /* MBEDTLS_AES_C */ +#endif /* MBEDTLS_SSL_HAVE_AES */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", @@ -460,7 +460,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -478,7 +478,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_SSL_HAVE_GCM */ -#endif /* MBEDTLS_CAMELLIA_C */ +#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) #if defined(MBEDTLS_MD_CAN_SHA1) @@ -491,9 +491,9 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) -#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SSL_HAVE_AES) #if defined(MBEDTLS_MD_CAN_SHA1) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, @@ -502,16 +502,16 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #endif /* MBEDTLS_MD_CAN_SHA1 */ #if defined(MBEDTLS_MD_CAN_SHA256) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if (defined(MBEDTLS_GCM_C) || defined(PSA_WANT_ALG_GCM)) +#endif /* MBEDTLS_SSL_HAVE_CBC */ +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, @@ -519,23 +519,23 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if (defined(MBEDTLS_GCM_C) || defined(PSA_WANT_ALG_GCM)) +#endif /* MBEDTLS_SSL_HAVE_CBC */ +#if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_AES_C */ +#endif /* MBEDTLS_SSL_HAVE_AES */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", @@ -550,7 +550,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -568,7 +568,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_SSL_HAVE_GCM */ -#endif /* MBEDTLS_CAMELLIA_C */ +#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) #if defined(MBEDTLS_MD_CAN_SHA1) @@ -581,14 +581,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) -#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SSL_HAVE_AES) #if defined(MBEDTLS_MD_CAN_SHA384) && \ defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_GCM_C */ +#endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_SSL_HAVE_GCM */ #if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_SSL_HAVE_GCM) @@ -598,7 +598,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_SSL_HAVE_GCM */ -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, @@ -608,10 +608,10 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #endif /* MBEDTLS_MD_CAN_SHA256 */ -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA1) { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -623,7 +623,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -642,10 +642,10 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_SSL_HAVE_CCM */ -#endif /* MBEDTLS_AES_C */ +#endif /* MBEDTLS_SSL_HAVE_AES */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -669,7 +669,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", @@ -685,19 +685,19 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_SSL_HAVE_GCM */ -#endif /* MBEDTLS_CAMELLIA_C */ +#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */ #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) -#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SSL_HAVE_AES) #if defined(MBEDTLS_MD_CAN_SHA384) && \ defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_GCM_C */ +#endif /* MBEDTLS_MD_CAN_SHA384 && MBEDTLS_SSL_HAVE_GCM */ #if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_SSL_HAVE_GCM) @@ -707,7 +707,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_SSL_HAVE_GCM */ -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 0, @@ -717,11 +717,11 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA1) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 0, @@ -731,7 +731,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #endif /* MBEDTLS_MD_CAN_SHA1 */ #if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", @@ -751,10 +751,10 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_SSL_HAVE_CCM */ -#endif /* MBEDTLS_AES_C */ +#endif /* MBEDTLS_SSL_HAVE_AES */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, @@ -778,7 +778,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -795,14 +795,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_SSL_HAVE_GCM */ -#endif /* MBEDTLS_CAMELLIA_C */ +#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */ #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) -#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SSL_HAVE_AES) #if defined(MBEDTLS_MD_CAN_SHA1) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, @@ -811,15 +811,15 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #endif /* MBEDTLS_MD_CAN_SHA1 */ #if defined(MBEDTLS_MD_CAN_SHA256) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, @@ -828,12 +828,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, @@ -841,10 +841,10 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_AES_C */ +#endif /* MBEDTLS_SSL_HAVE_AES */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", @@ -859,7 +859,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -877,7 +877,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_SSL_HAVE_GCM */ -#endif /* MBEDTLS_CAMELLIA_C */ +#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) #if defined(MBEDTLS_MD_CAN_SHA1) @@ -890,9 +890,9 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SSL_HAVE_AES) #if defined(MBEDTLS_MD_CAN_SHA1) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, @@ -901,15 +901,15 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #endif /* MBEDTLS_MD_CAN_SHA1 */ #if defined(MBEDTLS_MD_CAN_SHA256) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256", MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, @@ -918,12 +918,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, @@ -931,10 +931,10 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_SSL_HAVE_GCM */ #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_AES_C */ +#endif /* MBEDTLS_SSL_HAVE_AES */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", @@ -949,7 +949,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -967,7 +967,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_SSL_HAVE_GCM */ -#endif /* MBEDTLS_CAMELLIA_C */ +#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) #if defined(MBEDTLS_MD_CAN_SHA1) @@ -980,7 +980,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) -#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SSL_HAVE_AES) #if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", @@ -997,7 +997,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_SSL_HAVE_GCM */ -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1023,7 +1023,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1042,10 +1042,10 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_SSL_HAVE_CCM */ -#endif /* MBEDTLS_AES_C */ +#endif /* MBEDTLS_SSL_HAVE_AES */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1059,7 +1059,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1076,12 +1076,12 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_SSL_HAVE_GCM */ -#endif /* MBEDTLS_CAMELLIA_C */ +#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */ #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SSL_HAVE_AES) #if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", @@ -1098,7 +1098,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_SSL_HAVE_GCM */ -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1124,7 +1124,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1143,10 +1143,10 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_SSL_HAVE_CCM */ -#endif /* MBEDTLS_AES_C */ +#endif /* MBEDTLS_SSL_HAVE_AES */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1160,7 +1160,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1177,14 +1177,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_SSL_HAVE_GCM */ -#endif /* MBEDTLS_CAMELLIA_C */ +#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */ #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SSL_HAVE_AES) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, @@ -1210,11 +1210,11 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_AES_C */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_AES */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", @@ -1230,13 +1230,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_CAMELLIA_C */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */ #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) -#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SSL_HAVE_AES) #if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256", @@ -1253,7 +1253,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_SSL_HAVE_GCM */ -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256", MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1279,11 +1279,11 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA1 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_AES_C */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_AES */ -#if defined(MBEDTLS_CAMELLIA_C) -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) +#if defined(MBEDTLS_SSL_HAVE_CBC) #if defined(MBEDTLS_MD_CAN_SHA256) { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256", MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1297,7 +1297,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ -#endif /* MBEDTLS_CIPHER_MODE_CBC */ +#endif /* MBEDTLS_SSL_HAVE_CBC */ #if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA256) @@ -1314,19 +1314,19 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_MD_CAN_SHA384 */ #endif /* MBEDTLS_SSL_HAVE_GCM */ -#endif /* MBEDTLS_CAMELLIA_C */ +#endif /* MBEDTLS_SSL_HAVE_CAMELLIA */ #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -#if defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SSL_HAVE_AES) #if defined(MBEDTLS_SSL_HAVE_CCM) { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8", MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE, MBEDTLS_CIPHERSUITE_SHORT_TAG, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif /* MBEDTLS_SSL_HAVE_CCM */ -#endif /* MBEDTLS_AES_C */ +#endif /* MBEDTLS_SSL_HAVE_AES */ #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) @@ -1446,18 +1446,18 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ -#if defined(MBEDTLS_ARIA_C) +#if defined(MBEDTLS_SSL_HAVE_ARIA) #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-RSA-WITH-ARIA-256-CBC-SHA384", @@ -1465,14 +1465,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, "TLS-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, "TLS-RSA-WITH-ARIA-128-CBC-SHA256", @@ -1485,14 +1485,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384", @@ -1500,14 +1500,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256", @@ -1520,14 +1520,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, "TLS-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-PSK-WITH-ARIA-256-CBC-SHA384", @@ -1535,14 +1535,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, "TLS-PSK-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, "TLS-PSK-WITH-ARIA-128-CBC-SHA256", @@ -1555,14 +1555,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", @@ -1570,14 +1570,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256", @@ -1590,14 +1590,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", @@ -1605,14 +1605,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256", @@ -1625,7 +1625,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", @@ -1633,7 +1633,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256", @@ -1646,14 +1646,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", @@ -1661,14 +1661,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256", @@ -1681,14 +1681,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", @@ -1696,14 +1696,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256", @@ -1716,14 +1716,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", @@ -1731,14 +1731,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256", @@ -1751,14 +1751,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA384)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA384)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", @@ -1766,14 +1766,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_MD_CAN_SHA256)) +#if (defined(MBEDTLS_SSL_HAVE_GCM) && defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256", MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 0, MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && \ +#if (defined(MBEDTLS_SSL_HAVE_CBC) && \ defined(MBEDTLS_MD_CAN_SHA256)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256", @@ -1784,7 +1784,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#endif /* MBEDTLS_ARIA_C */ +#endif /* MBEDTLS_SSL_HAVE_ARIA */ { 0, "", From 65458fa96911ed0076a08a98e4e2b313ae6e22c2 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 8 Nov 2023 12:16:29 +0800 Subject: [PATCH 0593/1674] ssl: MBEDTLS_SSL_HAVE_* in ssl_misc.h Done by commands: ``` sed -i "300,$ s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h sed -i "300,$ s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h sed -i "300,$ s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" ssl_misc.h ``` Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index b2b9830df..b3616b07a 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -299,10 +299,10 @@ uint32_t mbedtls_ssl_get_extension_mask(unsigned int extension_type); #if defined(MBEDTLS_SSL_PROTO_TLS1_2) /* This macro determines whether CBC is supported. */ -#if defined(MBEDTLS_CIPHER_MODE_CBC) && \ - (defined(MBEDTLS_AES_C) || \ - defined(MBEDTLS_CAMELLIA_C) || \ - defined(MBEDTLS_ARIA_C) || \ +#if defined(MBEDTLS_SSL_HAVE_CBC) && \ + (defined(MBEDTLS_SSL_HAVE_AES) || \ + defined(MBEDTLS_SSL_HAVE_CAMELLIA) || \ + defined(MBEDTLS_SSL_HAVE_ARIA) || \ defined(MBEDTLS_DES_C)) #define MBEDTLS_SSL_SOME_SUITES_USE_CBC #endif @@ -346,7 +346,7 @@ uint32_t mbedtls_ssl_get_extension_mask(unsigned int extension_type); #define MBEDTLS_SSL_MAC_ADD 16 #endif -#if defined(MBEDTLS_CIPHER_MODE_CBC) +#if defined(MBEDTLS_SSL_HAVE_CBC) #define MBEDTLS_SSL_PADDING_ADD 256 #else #define MBEDTLS_SSL_PADDING_ADD 0 From eb61868878ab6bcf11c3dee29c6f8f3a894472f7 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 8 Nov 2023 13:41:32 +0800 Subject: [PATCH 0594/1674] tls1.3: early data: add ChangeLog entry Signed-off-by: Yanray Wang --- ChangeLog.d/rename-conf-early-data-API.txt | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 ChangeLog.d/rename-conf-early-data-API.txt diff --git a/ChangeLog.d/rename-conf-early-data-API.txt b/ChangeLog.d/rename-conf-early-data-API.txt new file mode 100644 index 000000000..5560a4dc3 --- /dev/null +++ b/ChangeLog.d/rename-conf-early-data-API.txt @@ -0,0 +1,5 @@ +API changes + * In TLS 1.3 early data, rename mbedtls_ssl_tls13_conf_early_data() and + mbedtls_ssl_tls13_conf_max_early_data_size() to + mbedtls_ssl_conf_early_data() and mbedtls_ssl_conf_max_early_data_size() + respectively. From ba6825e37bbd781db789940fdff5d681d5887d81 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 8 Nov 2023 12:16:29 +0800 Subject: [PATCH 0595/1674] ssl: use MBEDTLS_SSL_HAVE_* in tests Done by commands: ``` sed -i "s/MBEDTLS_\(AES\|CAMELLIA\|ARIA\|CHACHAPOLY\)_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl* sed -i "s/MBEDTLS_\(GCM\|CCM\)_C/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl* sed -i "s/MBEDTLS_CIPHER_MODE_\(CBC\)/MBEDTLS_SSL_HAVE_\1/g" tests/{suites,include,src}/**/*ssl* ``` Signed-off-by: Pengyu Lv --- tests/include/test/ssl_helpers.h | 18 +- tests/src/test_helpers/ssl_helpers.c | 6 +- tests/suites/test_suite_ssl.data | 346 +++++++++---------- tests/suites/test_suite_ssl.function | 2 +- tests/suites/test_suite_ssl_decrypt.function | 2 +- 5 files changed, 187 insertions(+), 187 deletions(-) diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h index abdef9032..d03c62414 100644 --- a/tests/include/test/ssl_helpers.h +++ b/tests/include/test/ssl_helpers.h @@ -38,21 +38,21 @@ #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_3) -#if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SSL_HAVE_AES) +#if defined(MBEDTLS_SSL_HAVE_GCM) #if defined(MBEDTLS_MD_CAN_SHA384) #define MBEDTLS_TEST_HAS_TLS1_3_AES_256_GCM_SHA384 #endif #if defined(MBEDTLS_MD_CAN_SHA256) #define MBEDTLS_TEST_HAS_TLS1_3_AES_128_GCM_SHA256 #endif -#endif /* MBEDTLS_GCM_C */ -#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_MD_CAN_SHA256) +#endif /* MBEDTLS_SSL_HAVE_GCM */ +#if defined(MBEDTLS_SSL_HAVE_CCM) && defined(MBEDTLS_MD_CAN_SHA256) #define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_SHA256 #define MBEDTLS_TEST_HAS_TLS1_3_AES_128_CCM_8_SHA256 #endif -#endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_MD_CAN_SHA256) +#endif /* MBEDTLS_SSL_HAVE_AES */ +#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) && defined(MBEDTLS_MD_CAN_SHA256) #define MBEDTLS_TEST_HAS_TLS1_3_CHACHA20_POLY1305_SHA256 #endif @@ -485,7 +485,7 @@ int mbedtls_test_move_handshake_to_state(mbedtls_ssl_context *ssl, #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_AES_C) + defined(MBEDTLS_SSL_HAVE_CBC) && defined(MBEDTLS_SSL_HAVE_AES) int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, const unsigned char *iv, size_t iv_len, @@ -493,8 +493,8 @@ int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, size_t ilen, unsigned char *output, size_t *olen); -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_CIPHER_MODE_CBC && - MBEDTLS_AES_C */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_HAVE_CBC && + MBEDTLS_SSL_HAVE_AES */ int mbedtls_test_ssl_build_transforms(mbedtls_ssl_transform *t_in, mbedtls_ssl_transform *t_out, diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 1390b7abf..be2aedec3 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -1045,7 +1045,7 @@ static int psk_dummy_callback(void *p_info, mbedtls_ssl_context *ssl, MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ - defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_AES_C) + defined(MBEDTLS_SSL_HAVE_CBC) && defined(MBEDTLS_SSL_HAVE_AES) int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, const unsigned char *iv, size_t iv_len, @@ -1093,8 +1093,8 @@ int mbedtls_test_psa_cipher_encrypt_helper(mbedtls_ssl_transform *transform, iv, iv_len, input, ilen, output, olen); #endif /* MBEDTLS_USE_PSA_CRYPTO */ } -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_CIPHER_MODE_CBC && - MBEDTLS_AES_C */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_HAVE_CBC && + MBEDTLS_SSL_HAVE_AES */ static void mbedtls_test_ssl_cipher_info_from_type(mbedtls_cipher_type_t cipher_type, mbedtls_cipher_mode_t *cipher_mode, diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 029dac821..fa8a73e5b 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -365,11 +365,11 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE handshake_version:0:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_VERSION_TLS1_3:MBEDTLS_SSL_VERSION_TLS1_3 Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:0 Handshake, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:0 Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256 @@ -377,7 +377,7 @@ depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_ handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:0 Handshake, ECDHE-ECDSA-WITH-AES-256-CCM -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:0 Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 @@ -393,11 +393,11 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_CAN_HANDLE_RS handshake_version:1:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2:MBEDTLS_SSL_VERSION_TLS1_2 DTLS Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1 DTLS Handshake, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:1 DTLS Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256 @@ -405,7 +405,7 @@ depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_ handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:1 DTLS Handshake, ECDHE-ECDSA-WITH-AES-256-CCM -depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:1 DTLS Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 @@ -473,71 +473,71 @@ depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_ handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_SHA_384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, invalid alg -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad alg -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad usage -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-DHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, PSA_ALG_SHA_384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_384):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, invalid alg -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad alg -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-RSA-WITH-AES-256-GCM-SHA384, opaque, bad usage -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, non-opaque -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_SHA_256 -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad alg -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, bad usage -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, non-opaque @@ -710,99 +710,99 @@ DTLS legacy break handshake renegotiation with MFL=4096 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"" DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS no legacy renegotiation with MFL=1024, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS no legacy renegotiation with MFL=2048, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS no legacy renegotiation with MFL=4096, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy allow renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy allow renegotiation with MFL=1024, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy allow renegotiation with MFL=2048, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy allow renegotiation with MFL=4096, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy break handshake renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy break handshake renegotiation with MFL=1024, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy break handshake renegotiation with MFL=2048, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS no legacy renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=2048, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=4096, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=2048, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy allow renegotiation with MFL=4096, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=512, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=1024, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=2048, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" DTLS legacy break handshake renegotiation with MFL=4096, RSA-WITH-AES-128-CCM -depends_on:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256 @@ -1538,243 +1538,243 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_ ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-GCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-GCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, AES-128-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-192-GCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-192-GCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, AES-192-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-192-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-GCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-GCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, AES-256-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-GCM, 1.2 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-192-GCM, 1.2 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-192-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-192-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-GCM, 1.2 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, AES-128-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CCM, 1.2, short tag -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-192-CCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-192-CCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, AES-192-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-192-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-192-CCM, 1.2, short tag -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-192-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-192-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, AES-256-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CCM, 1.2, short tag -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CCM, 1.2 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CCM, 1.2, short tag -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-192-CCM, 1.2 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-192-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-192-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-192-CCM, 1.2, short tag -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-192-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-192-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CCM, 1.2 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CCM, 1.2, short tag -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, NULL cipher, 1.2, SHA-384 @@ -1810,27 +1810,27 @@ depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ChachaPoly -depends_on:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_SSL_HAVE_CHACHAPOLY:MBEDTLS_SSL_PROTO_TLS1_2 ssl_crypt_record:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ChachaPoly, 1.3 -depends_on:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO_TLS1_3 +depends_on:MBEDTLS_SSL_HAVE_CHACHAPOLY:MBEDTLS_SSL_PROTO_TLS1_3 ssl_crypt_record:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, little space, ChachaPoly -depends_on:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_SSL_HAVE_CHACHAPOLY:MBEDTLS_SSL_PROTO_TLS1_2 ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ChachaPoly, 1.3 -depends_on:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO_TLS1_3 +depends_on:MBEDTLS_SSL_HAVE_CHACHAPOLY:MBEDTLS_SSL_PROTO_TLS1_3 ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, little space, ChachaPoly, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CHACHAPOLY:MBEDTLS_SSL_PROTO_TLS1_2 ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ChachaPoly, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CHACHAPOLY:MBEDTLS_SSL_PROTO_TLS1_2 ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384 @@ -2410,243 +2410,243 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_ ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-GCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-GCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, little space, AES-128-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-192-GCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-192-GCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, little space, AES-192-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-192-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-GCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-GCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, little space, AES-256-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-GCM, 1.2 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-192-GCM, 1.2 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-192-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-192-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-GCM, 1.2 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-GCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-GCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_GCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, little space, AES-128-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CCM, 1.2, short tag -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-192-CCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-192-CCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, little space, AES-192-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-192-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-192-CCM, 1.2, short tag -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-192-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-192-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CCM, 1.2 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CCM, 1.3 -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_3:0:0 Record crypt, little space, AES-256-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CCM, 1.2, short tag -depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CCM, 1.2 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CCM, 1.2, short tag -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-192-CCM, 1.2 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-192-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-192-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-192-CCM, 1.2, short tag -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-192-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-192-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CCM, 1.2 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CCM, 1.2, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CCM, 1.2, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CCM, 1.2, short tag -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CCM, 1.2, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CCM, 1.2, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_HAVE_CCM ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, NULL cipher, 1.2, SHA-384 diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 9ebc56c34..a19e08ac9 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2583,7 +2583,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_AES_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED:!MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_SSL_HAVE_AES:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_DEBUG_C:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ void handshake_fragmentation(int mfl, int expected_srv_hs_fragmentation, int expected_cli_hs_fragmentation) diff --git a/tests/suites/test_suite_ssl_decrypt.function b/tests/suites/test_suite_ssl_decrypt.function index ad94a5839..35f0adb53 100644 --- a/tests/suites/test_suite_ssl_decrypt.function +++ b/tests/suites/test_suite_ssl_decrypt.function @@ -120,7 +120,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2 */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_PROTO_TLS1_2 */ void ssl_decrypt_non_etm_cbc(int cipher_type, int hash_id, int trunc_hmac, int length_selector) { From 2bd56de3f48c4f9d5e9fed9f339beff3a784d7be Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 8 Nov 2023 14:21:19 +0800 Subject: [PATCH 0596/1674] ssl: replace MBEDTLS_SSL_HAVE_*_CBC with two seperate macros MBEDTLS_SSL_HAVE__CBC equals MBEDTLS_SSL_HAVE_ and MBEDTLS_SSL_HAVE_CBC. Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 27 - tests/suites/test_suite_ssl.data | 648 +++++++++--------- tests/suites/test_suite_ssl_decrypt.misc.data | 192 +++--- 3 files changed, 420 insertions(+), 447 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index b3616b07a..7458330cb 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -269,33 +269,6 @@ uint32_t mbedtls_ssl_get_extension_mask(unsigned int extension_type); #define MBEDTLS_SSL_HAVE_CBC #endif -/* Some internal helpers to determine which keys are availble for CBC mode. */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#if defined(PSA_WANT_ALG_CBC_NO_PADDING) -#if defined(PSA_WANT_KEY_TYPE_AES) -#define MBEDTLS_SSL_HAVE_AES_CBC -#endif -#if defined(PSA_WANT_KEY_TYPE_ARIA) -#define MBEDTLS_SSL_HAVE_ARIA_CBC -#endif -#if defined(PSA_WANT_KEY_TYPE_CAMELLIA) -#define MBEDTLS_SSL_HAVE_CAMELLIA_CBC -#endif -#endif /* PSA_WANT_ALG_CBC_NO_PADDING */ -#else /* MBEDTLS_USE_PSA_CRYPTO */ -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#if defined(MEDTLS_AES_C) -#define MBEDTLS_SSL_HAVE_AES_CBC -#endif -#if defined(MEDTLS_ARIA_C) -#define MBEDTLS_SSL_HAVE_ARIA_CBC -#endif -#if defined(MEDTLS_CAMELLIA_C) -#define MBEDTLS_SSL_HAVE_CAMELLIA_CBC -#endif -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#endif /* MBEDTLS_USE_PSA_CRYPTO*/ - #if defined(MBEDTLS_SSL_PROTO_TLS1_2) /* This macro determines whether CBC is supported. */ diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index fa8a73e5b..de998e3ff 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -373,7 +373,7 @@ depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_RSA_C:MBEDTLS_ECP_H handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:0 Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:0 Handshake, ECDHE-ECDSA-WITH-AES-256-CCM @@ -381,11 +381,11 @@ depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_PK_CAN_ECDSA_SOME:M handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:0 Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0 Handshake, PSK-WITH-AES-128-CBC-SHA -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0 DTLS Handshake, tls1_2 @@ -401,7 +401,7 @@ depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_RSA_C:MBEDTLS_ECP_H handshake_cipher:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_PK_RSA:1 DTLS Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_cipher:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:1 DTLS Handshake, ECDHE-ECDSA-WITH-AES-256-CCM @@ -409,11 +409,11 @@ depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_PK_CAN_ECDSA_SOME:M handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:1 DTLS Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:1 DTLS Handshake, PSK-WITH-AES-128-CBC-SHA -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_MD_CAN_SHA1:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_MD_CAN_SHA1:MBEDTLS_KEY_EXCHANGE_PSK_ENABLED handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":1 DTLS Handshake with serialization, tls1_2 @@ -437,39 +437,39 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE handshake_version:0:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_UNKNOWN:MBEDTLS_SSL_VERSION_TLS1_3 Handshake, select RSA-WITH-AES-256-CBC-SHA256, non-opaque -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad alg -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-WITH-AES-256-CBC-SHA256, opaque, bad usage -depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:0:MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, bad alg -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, bad usage -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"abc123":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select RSA-PSK-WITH-AES-256-CBC-SHA384, opaque, no psk -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-RSA-PSK-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_RSA:"":PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select DHE-RSA-WITH-AES-256-GCM-SHA384, non-opaque @@ -541,39 +541,39 @@ depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CCM:MBEDT handshake_ciphersuite_select:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad alg -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-RSA-WITH-AES-256-CBC-SHA384, opaque, bad usage -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_RSA_C:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH handshake_ciphersuite_select:"TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDH:PSA_ALG_NONE:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, non-opaque -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_NONE:PSA_ALG_NONE:0:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_ANY_HASH -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, PSA_ALG_SHA_384 -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_SHA_384):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:0:MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing alg -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH|PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Handshake, select ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384, opaque, missing usage -depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO +depends_on:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED:MBEDTLS_USE_PSA_CRYPTO handshake_ciphersuite_select:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:"":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_ALG_ECDH:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE:0 Sending app data via TLS, MFL=512 without fragmentation @@ -806,51 +806,51 @@ depends_on:MBEDTLS_SSL_HAVE_CCM:MBEDTLS_SSL_HAVE_AES:MBEDTLS_KEY_EXCHANGE_RSA_EN resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-RSA-WITH-AES-128-CCM" DTLS no legacy renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS no legacy renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS no legacy renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS no legacy renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy allow renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=512, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=1024, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=2048, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" DTLS legacy break handshake renegotiation with MFL=4096, DHE-RSA-WITH-AES-256-CBC-SHA256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256:MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" SSL DTLS replay: initial state, seqnum 0 @@ -962,579 +962,579 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SRV_C ssl_session_serialize_version_check:0:0:0:1:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3 Record crypt, AES-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, AES-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, AES-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, ARIA-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, AES-128-GCM, 1.2 @@ -1834,579 +1834,579 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CHACHAPOLY:MBEDTLS_SS ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, AES-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, AES-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-1, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_SHA1:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5 ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, EtM -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, MD5, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD_CAN_MD5:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_VERSION_TLS1_2:4:0 Record crypt, little space, AES-128-GCM, 1.2 diff --git a/tests/suites/test_suite_ssl_decrypt.misc.data b/tests/suites/test_suite_ssl_decrypt.misc.data index d86fad2d6..27ea27a17 100644 --- a/tests/suites/test_suite_ssl_decrypt.misc.data +++ b/tests/suites/test_suite_ssl_decrypt.misc.data @@ -15,385 +15,385 @@ depends_on:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_null:MBEDTLS_MD_SHA384 Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-1 Decrypt CBC !EtM, AES MD5 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:-2 Decrypt CBC !EtM, AES MD5 !trunc, padlen=0 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:0 Decrypt CBC !EtM, AES MD5 !trunc, padlen=240 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:240 Decrypt CBC !EtM, AES MD5 !trunc, padlen=1 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:1 Decrypt CBC !EtM, AES MD5 !trunc, padlen=241 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:241 Decrypt CBC !EtM, AES MD5 !trunc, padlen=15 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:15 Decrypt CBC !EtM, AES MD5 !trunc, padlen=255 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:0:255 Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-1 Decrypt CBC !EtM, AES SHA1 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:-2 Decrypt CBC !EtM, AES SHA1 !trunc, padlen=0 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:0 Decrypt CBC !EtM, AES SHA1 !trunc, padlen=240 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:240 Decrypt CBC !EtM, AES SHA1 !trunc, padlen=1 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:1 Decrypt CBC !EtM, AES SHA1 !trunc, padlen=241 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:241 Decrypt CBC !EtM, AES SHA1 !trunc, padlen=15 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:15 Decrypt CBC !EtM, AES SHA1 !trunc, padlen=255 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA1:0:255 Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-1 Decrypt CBC !EtM, AES SHA256 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:-2 Decrypt CBC !EtM, AES SHA256 !trunc, padlen=0 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:0 Decrypt CBC !EtM, AES SHA256 !trunc, padlen=240 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:240 Decrypt CBC !EtM, AES SHA256 !trunc, padlen=1 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:1 Decrypt CBC !EtM, AES SHA256 !trunc, padlen=241 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:241 Decrypt CBC !EtM, AES SHA256 !trunc, padlen=15 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:15 Decrypt CBC !EtM, AES SHA256 !trunc, padlen=255 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:0:255 Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-1 Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-2 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:240 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:241 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:15 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_SSL_HAVE_AES_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_AES:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:255 Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-1 Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:-2 Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=0 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:0 Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=240 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:240 Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=1 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:1 Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=241 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:241 Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=15 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:15 Decrypt CBC !EtM, ARIA MD5 !trunc, padlen=255 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:0:255 Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-1 Decrypt CBC !EtM, ARIA SHA1 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:-2 Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=0 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:0 Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=240 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:240 Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=1 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:1 Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=241 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:241 Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=15 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:15 Decrypt CBC !EtM, ARIA SHA1 !trunc, padlen=255 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA1:0:255 Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-1 Decrypt CBC !EtM, ARIA SHA256 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:-2 Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=0 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:0 Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=240 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:240 Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=1 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:1 Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=241 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:241 Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=15 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:15 Decrypt CBC !EtM, ARIA SHA256 !trunc, padlen=255 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:0:255 Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-1 Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-2 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:240 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:241 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:15 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_SSL_HAVE_ARIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_ARIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:255 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-1 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:-2 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=0 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:0 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=240 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:240 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=1 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:1 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=241 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:241 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=15 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:15 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, padlen=255 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_MD5 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_MD5 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:0:255 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-1 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:-2 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=0 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:0 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=240 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:240 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=1 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:1 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=241 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:241 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=15 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:15 Decrypt CBC !EtM, CAMELLIA SHA1 !trunc, padlen=255 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA1 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA1 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA1:0:255 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-1 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:-2 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=0 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:0 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=240 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:240 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=1 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:1 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=241 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:241 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=15 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:15 Decrypt CBC !EtM, CAMELLIA SHA256 !trunc, padlen=255 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA256 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:0:255 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-1 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-2 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:240 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:241 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:15 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_SSL_HAVE_CAMELLIA_CBC:MBEDTLS_MD_CAN_SHA384 +depends_on:MBEDTLS_SSL_HAVE_CAMELLIA:MBEDTLS_SSL_HAVE_CBC:MBEDTLS_MD_CAN_SHA384 ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:255 From f95b6787292fc81bfd0ff49ad91b5450cb929314 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 8 Nov 2023 10:08:09 +0100 Subject: [PATCH 0597/1674] Remove unused *.cocci files Signed-off-by: Ronald Cron --- scripts/find-mem-leak.cocci | 20 -------------------- scripts/rm-calloc-cast.cocci | 7 ------- 2 files changed, 27 deletions(-) delete mode 100644 scripts/find-mem-leak.cocci delete mode 100644 scripts/rm-calloc-cast.cocci diff --git a/scripts/find-mem-leak.cocci b/scripts/find-mem-leak.cocci deleted file mode 100644 index 8179e2b3e..000000000 --- a/scripts/find-mem-leak.cocci +++ /dev/null @@ -1,20 +0,0 @@ -@@ -expression x, y; -statement S; -@@ - x = mbedtls_calloc(...); - y = mbedtls_calloc(...); - ... -* if (x == NULL || y == NULL) - S - -@@ -expression x, y; -statement S; -@@ - if ( -* (x = mbedtls_calloc(...)) == NULL - || -* (y = mbedtls_calloc(...)) == NULL - ) - S diff --git a/scripts/rm-calloc-cast.cocci b/scripts/rm-calloc-cast.cocci deleted file mode 100644 index 89481c01a..000000000 --- a/scripts/rm-calloc-cast.cocci +++ /dev/null @@ -1,7 +0,0 @@ -@rm_calloc_cast@ -expression x, n, m; -type T; -@@ - x = -- (T *) - mbedtls_calloc(n, m) From 65f7653bddfbdc13850175f308d83430d08618e7 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 8 Nov 2023 18:39:53 +0800 Subject: [PATCH 0598/1674] tls1.3: early data: rephrase ChangeLog Signed-off-by: Yanray Wang --- ChangeLog.d/rename-conf-early-data-API.txt | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/ChangeLog.d/rename-conf-early-data-API.txt b/ChangeLog.d/rename-conf-early-data-API.txt index 5560a4dc3..e63b95843 100644 --- a/ChangeLog.d/rename-conf-early-data-API.txt +++ b/ChangeLog.d/rename-conf-early-data-API.txt @@ -1,5 +1,4 @@ API changes - * In TLS 1.3 early data, rename mbedtls_ssl_tls13_conf_early_data() and - mbedtls_ssl_tls13_conf_max_early_data_size() to - mbedtls_ssl_conf_early_data() and mbedtls_ssl_conf_max_early_data_size() - respectively. + * Remove `tls13_` prefix in the name of mbedtls_ssl_tls13_conf_early_data() + and mbedtls_ssl_tls13_conf_max_early_data_size(). Early data feature may + not be TLS 1.3 specific in the furture, as requested in #6909. From 004a60c08779170a081847ba29141a1b155a15e9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 8 Nov 2023 19:05:29 +0800 Subject: [PATCH 0599/1674] aes.c: remove non-functional code Signed-off-by: Yanray Wang --- library/aes.c | 1 - 1 file changed, 1 deletion(-) diff --git a/library/aes.c b/library/aes.c index 29a193e70..fa73a6362 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1070,7 +1070,6 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE; #endif } - return mbedtls_internal_aes_encrypt(ctx, input, output); #endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ } From d137da5a93bf3e6d68fd94910e3a00a440efd8af Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 8 Nov 2023 19:12:23 +0800 Subject: [PATCH 0600/1674] check_config: make error message in BLOCK_CIPHER_NO_DECRYPT clearer Signed-off-by: Yanray Wang --- include/mbedtls/check_config.h | 41 +++++++++++++++++++++------------- 1 file changed, 26 insertions(+), 15 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 0abe8ae66..d76f4f717 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -183,23 +183,34 @@ #error "MBEDTLS_NIST_KW_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) && \ - (defined(MBEDTLS_CIPHER_MODE_CBC) || \ - defined(MBEDTLS_CIPHER_MODE_XTS) || \ - defined(MBEDTLS_DES_C) || \ - defined(MBEDTLS_NIST_KW_C)) -#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_CIPHER_MODE_CBC/MBEDTLS_CIPHER_MODE_XTS/MBEDTLS_DES_C/MBEDTLS_NIST_KW_C \ -cannot be defined simultaneously" +#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) && defined(MBEDTLS_PSA_CRYPTO_CONFIG) +#if defined(PSA_WANT_ALG_CBC_NO_PADDING) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_CBC_NO_PADDING cannot be defined simultaneously" +#endif +#if defined(PSA_WANT_ALG_CBC_PKCS7) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_CBC_PKCS7 cannot be defined simultaneously" +#endif +#if defined(PSA_WANT_ALG_ECB_NO_PADDING) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_ECB_NO_PADDING cannot be defined simultaneously" +#endif +#if defined(PSA_WANT_KEY_TYPE_DES) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_KEY_TYPE_DES cannot be defined simultaneously" +#endif #endif -#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) && \ - defined(MBEDTLS_PSA_CRYPTO_CONFIG) && \ - (defined(PSA_WANT_ALG_CBC_NO_PADDING) || \ - defined(PSA_WANT_ALG_CBC_PKCS7) || \ - defined(PSA_WANT_ALG_ECB_NO_PADDING) || \ - defined(PSA_WANT_KEY_TYPE_DES)) -#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT, MBEDTLS_PSA_CRYPTO_CONFIG and \ -PSA_WANT_ALG_CBC_NO_PADDING/PSA_WANT_ALG_CBC_PKCS7/PSA_WANT_ALG_ECB_NO_PADDING/PSA_WANT_KEY_TYPE_DES cannot be defined simultaneously" +#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_CIPHER_MODE_CBC cannot be defined simultaneously" +#endif +#if defined(MBEDTLS_CIPHER_MODE_XTS) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_CIPHER_MODE_XTS cannot be defined simultaneously" +#endif +#if defined(MBEDTLS_DES_C) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_DES_C cannot be defined simultaneously" +#endif +#if defined(MBEDTLS_NIST_KW_C) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_NIST_KW_C cannot be defined simultaneously" +#endif #endif #if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C) From 0d9a3618bd3436fc2425347f92a02b17ad0b3afd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 7 Nov 2023 11:14:48 +0100 Subject: [PATCH 0601/1674] Rm unneeded dep on PK_PARSE_C in psa crypto tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Most of them were removed in 7162, not sure how these ones slipped in. There's no reason deterministic ECDSA verification would need PK parse more than the other tests. The following finds no match: grep -i pk_parse library/ecdsa.c library/psa_crypto_ecp.c Even if PK parse was actually needed for this, the right way would be to auto-enable it based on PSA_WANT symbols, and then only depend on PSA_WANT symbols here. Signed-off-by: Manuel Pégourié-Gonnard --- tests/suites/test_suite_psa_crypto.data | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index f790a118d..552beb6ac 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -4645,15 +4645,15 @@ depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_ verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA verify hash: deterministic ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 verify_hash:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" PSA verify hash: deterministic ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_384 verify_hash:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"dbf3b9a150a2ec12ec4b16ff7d37be2fe354a357cb267af4296ccfda3acca2d796989f63eb192e4c43a7ff0d0b7f493b1334dfb3c32375351debcdd532f41e13" PSA verify hash: deterministic ECDSA SECP384R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 verify_hash:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"bed412df472eef873fb0839f91a6867d1c6824d4c5781d4b851faa43c7df904d99dbdd28c0d2fd3a4a006e89d34993a120aff166deb4974e96449a7ffe93c66726ad9443b14b87330c86bdde3faff5fd1cbfdc9afe46f8090376f9664cb116b4" PSA vrfy hash int: ECDSA SECP256R1, good @@ -4665,15 +4665,15 @@ depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_ verify_hash_interruptible:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED PSA vrfy hash: det ECDSA SECP256R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 verify_hash_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED PSA vrfy hash: det ECDSA SECP256R1 SHA-384 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_384 verify_hash_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"dbf3b9a150a2ec12ec4b16ff7d37be2fe354a357cb267af4296ccfda3acca2d796989f63eb192e4c43a7ff0d0b7f493b1334dfb3c32375351debcdd532f41e13":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED PSA vrfy hash: det ECDSA SECP384R1 SHA-256 -depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_384 verify_hash_interruptible:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"bed412df472eef873fb0839f91a6867d1c6824d4c5781d4b851faa43c7df904d99dbdd28c0d2fd3a4a006e89d34993a120aff166deb4974e96449a7ffe93c66726ad9443b14b87330c86bdde3faff5fd1cbfdc9afe46f8090376f9664cb116b4":PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED PSA verify hash: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) From 59a8b41ca3f1a9976918634e7b570dca7cbefeba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 7 Nov 2023 11:44:52 +0100 Subject: [PATCH 0602/1674] Fix incorrect RSA dependencies in psa_crypto tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit There's no reason the tests would depend specifically on our built-in implementation and not work with drivers, so replace the RSA_C dependency with the correct PSA_WANT dependencies. Those 6 cases use two different test functions, but both of those functions only do `psa_import()`, so all that's needed is PUBLIC_KEY or KEYPAIR_IMPORT (which implies KEYPAIR_BASIC) depending on the kind of key being tested. Signed-off-by: Manuel Pégourié-Gonnard --- tests/suites/test_suite_psa_crypto.data | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 552beb6ac..79a38eba4 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -225,19 +225,19 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:P import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1016:0:PSA_SUCCESS:1 PSA import RSA public key: 1022-bit (not supported) -depends_on:MBEDTLS_RSA_C +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_with_data:"30818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_NOT_SUPPORTED PSA import RSA keypair: 1022-bit (not supported) -depends_on:MBEDTLS_RSA_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT import_with_data:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd1344502302030100010281800ad9700e01e8bf68ff4c90c4465dfa13fea0e76295d817349ccb257d382acf89b3d7b31e18606af4ac92baf3710426fe0b54225ddfa527c31218b3346e03a9cae5395a780ade880b996f4061fad65689393fc8e77f46a4c1a29b0450cdaaef0710e523cd1028abe1653d23f0d5ec805a629bdf1fc4c1c00737760e1714f6b7f102407d5e545484b546bd61972b446a04af0cf17b126a8872b977da5035ca82dd0e4fef1381a6480f60db07628348602f86ba89a271563d9a3fb613b9b39703498f9902407017641093065eed178ff848b5f8a2b502a187511db28549ea7646f3e7b3ea171f4c34c0ecf0566adc4d172c057be077a45fcf8019a36a4588c4de3b8c0a631b02407cc7fccbbae2eb2be80c9c8615b7dfbbd4469907ec13b44274cacd1f69ad38679b2021352e18106131327e54f5579893e6160714bd6fdfe60c30136e45595c51024055250f779f96f94873db82a808c24325e847b6b8212cd81e9ba118a8715ab2f8b96773b310c8477c88b76e609c11cb22569408d4afa4f836b57b85ac09e661fd02400e5fc5df9614c95d77e9bc2df63d48e7a08a0034174f0f745eef4413ee36d929f194557e6990e148b7438e949a41e92bc9d9136c3e6563904151a578a2f4fc1b":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED PSA import RSA public key: 1023-bit (not supported) -depends_on:MBEDTLS_RSA_C +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_with_data:"3081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:0:PSA_ERROR_NOT_SUPPORTED PSA import RSA keypair: 1023-bit (not supported) -depends_on:MBEDTLS_RSA_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT import_with_data:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_ERROR_NOT_SUPPORTED PSA import/export EC secp224r1 key pair: good @@ -765,11 +765,11 @@ PSA import large key: raw, 65536 bits (not supported) import_large_key:PSA_KEY_TYPE_RAW_DATA:8192:PSA_ERROR_NOT_SUPPORTED PSA import RSA key pair: maximum size exceeded -depends_on:MBEDTLS_RSA_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:1:PSA_ERROR_NOT_SUPPORTED PSA import RSA public key: maximum size exceeded -depends_on:MBEDTLS_RSA_C +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED PSA key policy: AES ECB From 433150e8f2961368a2fd9704d947897c91b4129b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 7 Nov 2023 12:03:46 +0100 Subject: [PATCH 0603/1674] Rm redundant ECC dependencies in psa_crypto tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Since _DERIVE can't be accelerated now, in config_adjust_legacy_from_psa.h we will notice and auto-enable ECP_LIGHT as well as the built-in version of each curve that's supported in this build. So, we don't need to list those as dependencies here - and they would cause issues when we add support for _DERIVE drivers. Signed-off-by: Manuel Pégourié-Gonnard --- tests/suites/test_suite_psa_crypto.data | 26 ++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 79a38eba4..43ee44bff 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6630,7 +6630,7 @@ depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_ALG_H derive_key_exercise:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"706173737764":"01":"73616c74":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_HMAC(PSA_ALG_SHA_256) PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256:MBEDTLS_ECP_LIGHT +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY PSA key derivation: HKDF-SHA-256 -> ECC curve25519, exercise ECDH @@ -6678,11 +6678,11 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES:!MBEDTLS derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf" PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256:MBEDTLS_ECP_LIGHT +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5c0" PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256:MBEDTLS_ECP_LIGHT +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4869212049276d20612074657374206b65792120486f772061726520796f753f":"":"e1ab5d0000000000":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:"46a5850b60ba10b0fd8e0feb8790e2819d46ea26fede564ff6dea94ef1945660" PSA key derivation: HKDF-SHA-256 -> raw (same input as secp256r1+redraw) @@ -6690,17 +6690,17 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4869212049276d20612074657374206b65792120486f772061726520796f753f":"":"e1ab5d0000000000":PSA_KEY_TYPE_RAW_DATA:256:"ffffffff55f60cea989fe02543c81b28aff09b5b51fdc43f91fe5c2511b0b9d9" PSA key derivation: HKDF-SHA-256 -> ECC secp384r1 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384:MBEDTLS_ECP_LIGHT +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_384 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865b4b0a85a993c" # For secp521r1, the leading byte of the representation of the private key can # be either 0 or 1. Have one test case where it's 0 and one where it's 1. PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521:MBEDTLS_ECP_LIGHT +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_521 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:"00b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865b4b0a85a993b89b9b65683d60f0106d28fff039d0b6f3409" PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1 -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521:MBEDTLS_ECP_LIGHT +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_521 derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8fa":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:"01122f37d10965c8455ecbd2bc73d5da5347d0ce772e54305d528295a64ffb7c567f5042e2d7e5803b407c08d1e110adcefc35564035d706582f723a2f76a32260da" # For Curve25519, test a few different outputs to exercise masking (last byte of input_2 variation). @@ -6812,7 +6812,7 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECP_R1 (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:MBEDTLS_ECP_LIGHT +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):7:PSA_ERROR_INVALID_ARGUMENT:0 @@ -6827,7 +6827,7 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECP_K1 (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:MBEDTLS_ECP_LIGHT +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):7:PSA_ERROR_INVALID_ARGUMENT:0 @@ -6842,7 +6842,7 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECP_R2 (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:MBEDTLS_ECP_LIGHT +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):7:PSA_ERROR_INVALID_ARGUMENT:0 @@ -6857,7 +6857,7 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECT_K1 (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:MBEDTLS_ECP_LIGHT +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):7:PSA_ERROR_INVALID_ARGUMENT:0 @@ -6872,7 +6872,7 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECT_R1 (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:MBEDTLS_ECP_LIGHT +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):7:PSA_ERROR_INVALID_ARGUMENT:0 @@ -6887,7 +6887,7 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC SECT_R2 (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:MBEDTLS_ECP_LIGHT +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):7:PSA_ERROR_INVALID_ARGUMENT:0 @@ -6902,7 +6902,7 @@ depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):0:PSA_ERROR_INVALID_ARGUMENT:0 PSA key derivation: bits=7 invalid for ECC BRAINPOOL_P_R1 (ECC enabled) -depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:MBEDTLS_ECP_LIGHT +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE # The spec allows either INVALID_ARGUMENT or NOT_SUPPORTED derive_key:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):7:PSA_ERROR_INVALID_ARGUMENT:0 From af302b9e5d37fd3cd300a5398c4a68e098fa429d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 8 Nov 2023 12:07:15 +0100 Subject: [PATCH 0604/1674] Rm unjustified PK_C dependencies in PSA tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Some are about raw or AES keys where PK seems really unrelated. The others are about RSA where PK may be relevant, but the necessary bits of PK are auto-enabled when RSA key types are requested, so we shouldn't need to list them as dependencies in tests. Signed-off-by: Manuel Pégourié-Gonnard --- tests/suites/test_suite_psa_crypto.data | 6 ++-- .../test_suite_psa_crypto_persistent_key.data | 36 +++++++++---------- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 43ee44bff..c7aab8804 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -7369,15 +7369,15 @@ depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_ERROR_NOT_SUPPORTED:0 PSA import persistent key: raw data, 8 bits -depends_on:MBEDTLS_PK_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C persistent_key_load_key_from_storage:"2a":PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:IMPORT_KEY PSA import persistent key: AES, 128 bits, exportable -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:IMPORT_KEY PSA import persistent key: AES, 128 bits, non-exportable -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PSA_CRYPTO_STORAGE_C +depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:IMPORT_KEY PSA generate persistent key: raw data, 8 bits, exportable diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data index 3a35505e3..133e726ae 100644 --- a/tests/suites/test_suite_psa_crypto_persistent_key.data +++ b/tests/suites/test_suite_psa_crypto_persistent_key.data @@ -42,87 +42,87 @@ Save larger than maximum-size persistent raw key save_large_persistent_key:PSA_CRYPTO_MAX_STORAGE_SIZE + 1:PSA_ERROR_NOT_SUPPORTED Persistent key destroy -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT persistent_key_destroy:2:1:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef" Persistent key destroy after restart -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT persistent_key_destroy:17:1:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef" Persistent key import (RSA) -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_SUCCESS Persistent key import with restart (RSA) -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":1:PSA_SUCCESS Persistent key import (RSA) invalid key id (VENDOR_MIN) -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT persistent_key_import:256:PSA_KEY_ID_VENDOR_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT Persistent key import (RSA) invalid key id (VOLATILE_MIN) -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT persistent_key_import:256:PSA_KEY_ID_VOLATILE_MIN:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT Persistent key import (RSA) invalid key id (VENDOR_MAX) -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT persistent_key_import:256:PSA_KEY_ID_VENDOR_MAX:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":0:PSA_ERROR_INVALID_ARGUMENT Persistent key import garbage data, should fail -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT persistent_key_import:256:1:PSA_KEY_TYPE_RSA_KEY_PAIR:"11111111":0:PSA_ERROR_INVALID_ARGUMENT import/export persistent raw key: 1 byte import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:0 import/export persistent key RSA public key: good, 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:0 import/export persistent key RSA keypair: good, 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:0:0 import/export persistent raw key file not exist: 1 byte import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:1 import/export persistent key RSA public key file not exist: 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:1 import/export persistent key RSA keypair file not exist: 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:0:1 import/export-persistent symmetric key: 16 bytes -depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_AES import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:0:0 import/export persistent raw key with restart: 1 byte import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:0 import/export persistent key RSA public key with restart: good, 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1:0 import/export persistent key RSA keypair with restart: good, 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:1:0 import/export persistent raw key file not exist with restart: 1 byte import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:1 import/export persistent key RSA public key file not exist with restart: 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY import_export_persistent_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1:1 import/export persistent key RSA keypair file not exist with restart: 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:1024:1:1 import/export-persistent symmetric key with restart: 16 bytes -depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C +depends_on:PSA_WANT_KEY_TYPE_AES import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:1:0 Destroy invalid id: 0 From fcc5f31bb8013b83f1279eb7c4f5c33211eddba1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 8 Nov 2023 12:23:17 +0100 Subject: [PATCH 0605/1674] Rm unjustified MD_C dependencies in PSA test MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit RSA will auto-enable MD_LIGHT, we don't need to list MD_C as a dependency here. Signed-off-by: Manuel Pégourié-Gonnard --- ...test_suite_psa_crypto_driver_wrappers.data | 76 +++++++++---------- 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index 8ba3b7997..37c15ee38 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -15,35 +15,35 @@ depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC sign_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS sign_hash transparent driver: in driver RSA PKCS#1 v1.5, raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_SUCCESS sign_hash transparent driver: fallback RSA PKCS#1 v1.5, raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_SUCCESS sign_hash transparent driver: error RSA PKCS#1 v1.5, raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":0:PSA_ERROR_GENERIC_ERROR sign_hash transparent driver: fake RSA PKCS#1 v1.5, raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":1:PSA_SUCCESS sign_hash transparent driver: in driver RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS sign_hash transparent driver: fallback RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS sign_hash transparent driver: error RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_ERROR_GENERIC_ERROR sign_hash transparent driver: fake RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT sign_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":1:PSA_SUCCESS verify_hash transparent driver: in driver ECDSA SECP256R1 SHA-256 @@ -71,27 +71,27 @@ depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_ verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ):PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR verify_hash transparent driver: in driver Key Pair RSA PKCS#1 v1.5 raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_SUCCESS verify_hash transparent driver: fallback Key Pair RSA PKCS#1 v1.5 raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_SUCCESS verify_hash transparent driver: error Key Pair RSA PKCS#1 v1.5 raw -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a":PSA_ERROR_GENERIC_ERROR verify_hash transparent driver: in driver Key Pair RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_hash transparent driver: fallback Key Pair RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_hash transparent driver: error Key Pair RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR verify_hash transparent driver: in driver Public Key RSA PKCS#1 v1.5 SHA-256 @@ -99,35 +99,35 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_hash transparent driver: fallback Public Key RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_hash transparent driver: error Public Key RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR verify_hash transparent driver: in driver Public Key RSA-1024 PSS SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS verify_hash transparent driver: fallback Public Key RSA-1024 PSS SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS verify_hash transparent driver: error Public Key RSA-1024 PSS SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_ERROR_GENERIC_ERROR verify_hash transparent driver: in driver Public Key RSA-1024 PSS-any-salt SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS verify_hash transparent driver: fallback Public Key RSA-1024 PSS-any-salt SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_SUCCESS verify_hash transparent driver: error Public Key RSA-1024 PSS-any-salt SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"6b201c50637962338d1b218c1d26f031205a0e3c47bc4c54856aa037e5a332d2981e80a51648e902e46046e5507a255c4c73f5ff40d5a54c0a11d2eca7804e1767b20ea12c945a23f5473181d379689c1ba634a2c47c0a8ec90c922ca6466ae9e9fb92871c9043b5858ae34828bceb4ead82db8f21a18ebe1d95b469bbdef1df":PSA_ERROR_GENERIC_ERROR sign_message transparent driver: calculate in driver ECDSA SECP256R1 SHA-256 @@ -147,19 +147,19 @@ depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC sign_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS sign_message transparent driver: calculate in driver RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS sign_message transparent driver: fallback RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_SUCCESS sign_message transparent driver: error RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":0:PSA_ERROR_GENERIC_ERROR sign_message transparent driver: fake RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT sign_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":1:PSA_SUCCESS verify_message transparent driver: calculate in driver ECDSA SECP256R1 SHA-256 @@ -187,51 +187,51 @@ depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_ verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_ECDSA(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_ERROR_GENERIC_ERROR verify_message transparent driver: calculate in driver RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_message transparent driver: fallback RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_message transparent driver: error RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:0:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR verify_message transparent driver: calculate in driver Public Key RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_message transparent driver: fallback Public Key RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_SUCCESS verify_message transparent driver: error Public Key RSA PKCS#1 v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_GENERIC_ERROR verify_message transparent driver: calculate in driver Public Key RSA PSS SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_SUCCESS verify_message transparent driver: fallback Public Key RSA PSS SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_SUCCESS verify_message transparent driver: error Public Key RSA PSS SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5":PSA_ERROR_GENERIC_ERROR verify_message transparent driver: calculate in driver Public Key RSA PSS-any-salt SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_SUCCESS:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_SUCCESS verify_message transparent driver: fallback Public Key RSA PSS-any-salt SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_NOT_SUPPORTED:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_SUCCESS verify_message transparent driver: error Public Key RSA PSS-any-salt SHA-256 -depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_ERROR_GENERIC_ERROR:1:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d":PSA_ERROR_GENERIC_ERROR generate_ec_key through transparent driver: fake From 1d6de4ceb7f9cca3badcb25d4ce4e4c59c3cb840 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 Jul 2023 14:04:39 +0200 Subject: [PATCH 0606/1674] No more limitations accelerated algorithms using a built-in hash It used to be the case that when an algorithm that uses a hash inside was accelerated through a PSA driver, it might end up calling a hash algorithm that is not available from the driver. Since we introduced MBEDTLS_MD_LIGHT, this no longer happens: PSA accelerated hashes are available to callers of the MD module, so the test driver can use all available hash algorithms. Hence the workaround to skip testing certain accelerated cases is no longer needed. Signed-off-by: Gilles Peskine --- ...t_suite_psa_crypto_storage_format.function | 86 +------------------ 1 file changed, 1 insertion(+), 85 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_storage_format.function b/tests/suites/test_suite_psa_crypto_storage_format.function index 116f4cd53..bb1e2c68c 100644 --- a/tests/suites/test_suite_psa_crypto_storage_format.function +++ b/tests/suites/test_suite_psa_crypto_storage_format.function @@ -82,77 +82,6 @@ static int is_accelerated_rsa(psa_algorithm_t alg) (void) alg; return 0; } - -/* Whether the algorithm is implemented as a builtin, i.e. not accelerated, - * and calls mbedtls_md() functions that require the hash algorithm to - * also be built-in. */ -static int is_builtin_calling_md(psa_algorithm_t alg) -{ -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) - if (PSA_ALG_IS_RSA_PSS(alg)) -#if defined(MBEDTLS_MD_C) - { return 1; } -#else - { return 0; } -#endif -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) - if (PSA_ALG_IS_RSA_OAEP(alg)) -#if defined(MBEDTLS_MD_C) - { return 1; } -#else - { return 0; } -#endif -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) - if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)) { - return 1; - } -#endif - (void) alg; - return 0; -} - -static int has_builtin_hash(psa_algorithm_t alg) -{ -#if !defined(MBEDTLS_MD5_C) - if (alg == PSA_ALG_MD5) { - return 0; - } -#endif -#if !defined(MBEDTLS_RIPEMD160_C) - if (alg == PSA_ALG_RIPEMD160) { - return 0; - } -#endif -#if !defined(MBEDTLS_SHA1_C) - if (alg == PSA_ALG_SHA_1) { - return 0; - } -#endif -#if !defined(MBEDTLS_SHA224_C) - if (alg == PSA_ALG_SHA_224) { - return 0; - } -#endif -#if !defined(MBEDTLS_SHA256_C) - if (alg == PSA_ALG_SHA_256) { - return 0; - } -#endif -#if !defined(MBEDTLS_SHA384_C) - if (alg == PSA_ALG_SHA_384) { - return 0; - } -#endif -#if !defined(MBEDTLS_SHA512_C) - if (alg == PSA_ALG_SHA_512) { - return 0; - } -#endif - (void) alg; - return 1; -} #endif /* Mbed TLS doesn't support certain combinations of key type and algorithm @@ -193,24 +122,11 @@ static int can_exercise(const psa_key_attributes_t *attributes) return 0; } #endif + if (is_accelerated_rsa(alg) && (hash_alg == PSA_ALG_RIPEMD160 || hash_alg == PSA_ALG_SHA_384)) { return 0; } -#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) - if (PSA_ALG_IS_RSA_OAEP(alg) && - (hash_alg == PSA_ALG_RIPEMD160 || hash_alg == PSA_ALG_SHA_384)) { - return 0; - } -#endif - - /* The built-in implementation of asymmetric algorithms that use a - * hash internally only dispatch to the internal md module, not to - * PSA. Until this is supported, don't try to actually perform - * operations when the operation is built-in and the hash isn't. */ - if (is_builtin_calling_md(alg) && !has_builtin_hash(hash_alg)) { - return 0; - } #endif /* MBEDTLS_TEST_LIBTESTDRIVER1 */ (void) key_type; From edb8fec9882084344a314368ac7fd957a187519c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 8 Nov 2023 11:36:00 +0000 Subject: [PATCH 0607/1674] Add docs re Everest license Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 1d8433e2d..e1456b9ae 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -742,6 +742,9 @@ * contexts and therefore is a compatibility break for applications that access * fields of a mbedtls_ecdh_context structure directly. See also * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. + * + * The Everest code is provided under the Apache 2.0 license only; therefore enabling this + * option is not compatible with taking the library under the GPL v2.0-or-later license. */ //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED From 47854e638b48de67d7daa195b9ebc2f0cbd1eec6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 8 Nov 2023 11:37:56 +0000 Subject: [PATCH 0608/1674] Revert back to v3.5.0 git revert v3.5.0..v3.5.1 git rebase to combine the resulting revert commits Signed-off-by: Dave Rodgman --- .uncrustify.cfg | 14 +- 3rdparty/everest/CMakeLists.txt | 4 +- 3rdparty/p256-m/CMakeLists.txt | 4 +- 3rdparty/p256-m/README.md | 4 +- 3rdparty/p256-m/p256-m/LICENSE | 202 ++++++++++ 3rdparty/p256-m/p256-m/p256-m.c | 2 +- 3rdparty/p256-m/p256-m/p256-m.h | 2 +- 3rdparty/p256-m/p256-m_driver_entrypoints.c | 14 +- 3rdparty/p256-m/p256-m_driver_entrypoints.h | 14 +- BRANCHES.md | 2 +- CMakeLists.txt | 2 +- CONTRIBUTING.md | 4 +- ChangeLog | 14 +- LICENSE | 351 ------------------ README.md | 6 +- configs/config-ccm-psk-dtls1_2.h | 14 +- configs/config-ccm-psk-tls1_2.h | 14 +- configs/config-no-entropy.h | 14 +- configs/config-suite-b.h | 14 +- configs/config-symmetric-only.h | 14 +- configs/config-thread.h | 14 +- configs/crypto-config-ccm-aes-sha256.h | 14 +- configs/crypto_config_profile_medium.h | 6 +- .../tfm_mbedcrypto_config_profile_medium.h | 18 +- docs/architecture/psa-migration/syms.sh | 14 +- doxygen/input/doc_encdec.h | 14 +- doxygen/input/doc_hashing.h | 14 +- doxygen/input/doc_mainpage.h | 16 +- doxygen/input/doc_rng.h | 14 +- doxygen/input/doc_ssltls.h | 14 +- doxygen/input/doc_tcpip.h | 14 +- doxygen/input/doc_x509.h | 14 +- doxygen/mbedtls.doxyfile | 2 +- include/mbedtls/aes.h | 14 +- include/mbedtls/aria.h | 14 +- include/mbedtls/asn1.h | 14 +- include/mbedtls/asn1write.h | 14 +- include/mbedtls/base64.h | 14 +- include/mbedtls/bignum.h | 14 +- include/mbedtls/build_info.h | 22 +- include/mbedtls/camellia.h | 14 +- include/mbedtls/ccm.h | 14 +- include/mbedtls/chacha20.h | 14 +- include/mbedtls/chachapoly.h | 14 +- include/mbedtls/check_config.h | 14 +- include/mbedtls/cipher.h | 14 +- include/mbedtls/cmac.h | 14 +- include/mbedtls/compat-2.x.h | 14 +- include/mbedtls/config_adjust_legacy_crypto.h | 14 +- .../mbedtls/config_adjust_legacy_from_psa.h | 14 +- .../mbedtls/config_adjust_psa_from_legacy.h | 14 +- .../config_adjust_psa_superset_legacy.h | 14 +- include/mbedtls/config_adjust_ssl.h | 14 +- include/mbedtls/config_adjust_x509.h | 14 +- include/mbedtls/config_psa.h | 14 +- include/mbedtls/constant_time.h | 14 +- include/mbedtls/ctr_drbg.h | 14 +- include/mbedtls/debug.h | 14 +- include/mbedtls/des.h | 14 +- include/mbedtls/dhm.h | 14 +- include/mbedtls/ecdh.h | 14 +- include/mbedtls/ecdsa.h | 14 +- include/mbedtls/ecjpake.h | 14 +- include/mbedtls/ecp.h | 14 +- include/mbedtls/entropy.h | 14 +- include/mbedtls/error.h | 14 +- include/mbedtls/gcm.h | 14 +- include/mbedtls/hkdf.h | 14 +- include/mbedtls/hmac_drbg.h | 14 +- include/mbedtls/lms.h | 14 +- include/mbedtls/mbedtls_config.h | 17 +- include/mbedtls/md.h | 14 +- include/mbedtls/md5.h | 14 +- include/mbedtls/memory_buffer_alloc.h | 14 +- include/mbedtls/net_sockets.h | 14 +- include/mbedtls/nist_kw.h | 14 +- include/mbedtls/oid.h | 14 +- include/mbedtls/pem.h | 14 +- include/mbedtls/pk.h | 14 +- include/mbedtls/pkcs12.h | 14 +- include/mbedtls/pkcs5.h | 14 +- include/mbedtls/pkcs7.h | 14 +- include/mbedtls/platform.h | 14 +- include/mbedtls/platform_time.h | 14 +- include/mbedtls/platform_util.h | 14 +- include/mbedtls/poly1305.h | 14 +- include/mbedtls/private_access.h | 14 +- include/mbedtls/psa_util.h | 14 +- include/mbedtls/ripemd160.h | 14 +- include/mbedtls/rsa.h | 14 +- include/mbedtls/sha1.h | 14 +- include/mbedtls/sha256.h | 14 +- include/mbedtls/sha3.h | 14 +- include/mbedtls/sha512.h | 14 +- include/mbedtls/ssl.h | 14 +- include/mbedtls/ssl_cache.h | 14 +- include/mbedtls/ssl_ciphersuites.h | 14 +- include/mbedtls/ssl_cookie.h | 14 +- include/mbedtls/ssl_ticket.h | 14 +- include/mbedtls/threading.h | 14 +- include/mbedtls/timing.h | 14 +- include/mbedtls/version.h | 14 +- include/mbedtls/x509.h | 14 +- include/mbedtls/x509_crl.h | 14 +- include/mbedtls/x509_crt.h | 14 +- include/mbedtls/x509_csr.h | 14 +- include/psa/build_info.h | 14 +- include/psa/crypto.h | 14 +- include/psa/crypto_adjust_auto_enabled.h | 14 +- .../psa/crypto_adjust_config_key_pair_types.h | 14 +- include/psa/crypto_adjust_config_synonyms.h | 14 +- include/psa/crypto_builtin_composites.h | 14 +- include/psa/crypto_builtin_key_derivation.h | 14 +- include/psa/crypto_builtin_primitives.h | 14 +- include/psa/crypto_compat.h | 14 +- include/psa/crypto_config.h | 14 +- include/psa/crypto_driver_common.h | 14 +- .../psa/crypto_driver_contexts_composites.h | 14 +- .../crypto_driver_contexts_key_derivation.h | 14 +- .../psa/crypto_driver_contexts_primitives.h | 14 +- include/psa/crypto_extra.h | 14 +- include/psa/crypto_legacy.h | 14 +- include/psa/crypto_platform.h | 14 +- include/psa/crypto_se_driver.h | 14 +- include/psa/crypto_sizes.h | 14 +- include/psa/crypto_struct.h | 14 +- include/psa/crypto_types.h | 14 +- include/psa/crypto_values.h | 14 +- library/CMakeLists.txt | 6 +- library/aes.c | 14 +- library/aesce.c | 14 +- library/aesce.h | 14 +- library/aesni.c | 14 +- library/aesni.h | 14 +- library/alignment.h | 14 +- library/aria.c | 14 +- library/asn1parse.c | 14 +- library/asn1write.c | 14 +- library/base64.c | 14 +- library/base64_internal.h | 14 +- library/bignum.c | 14 +- library/bignum_core.c | 14 +- library/bignum_core.h | 14 +- library/bignum_mod.c | 14 +- library/bignum_mod.h | 14 +- library/bignum_mod_raw.c | 14 +- library/bignum_mod_raw.h | 14 +- library/bignum_mod_raw_invasive.h | 14 +- library/bn_mul.h | 14 +- library/camellia.c | 14 +- library/ccm.c | 14 +- library/chacha20.c | 14 +- library/chachapoly.c | 14 +- library/check_crypto_config.h | 14 +- library/cipher.c | 14 +- library/cipher_wrap.c | 14 +- library/cipher_wrap.h | 14 +- library/cmac.c | 14 +- library/common.h | 14 +- library/constant_time.c | 14 +- library/constant_time_impl.h | 14 +- library/constant_time_internal.h | 14 +- library/ctr_drbg.c | 14 +- library/debug.c | 14 +- library/des.c | 14 +- library/dhm.c | 14 +- library/ecdh.c | 14 +- library/ecdsa.c | 14 +- library/ecjpake.c | 14 +- library/ecp.c | 14 +- library/ecp_curves.c | 14 +- library/ecp_curves_new.c | 14 +- library/ecp_internal_alt.h | 14 +- library/ecp_invasive.h | 14 +- library/entropy.c | 14 +- library/entropy_poll.c | 14 +- library/entropy_poll.h | 14 +- library/error.c | 14 +- library/gcm.c | 14 +- library/hkdf.c | 14 +- library/hmac_drbg.c | 14 +- library/lmots.c | 14 +- library/lmots.h | 14 +- library/lms.c | 14 +- library/md.c | 14 +- library/md5.c | 14 +- library/md_psa.h | 14 +- library/md_wrap.h | 14 +- library/memory_buffer_alloc.c | 14 +- library/mps_common.h | 16 +- library/mps_error.h | 16 +- library/mps_reader.c | 16 +- library/mps_reader.h | 16 +- library/mps_trace.c | 16 +- library/mps_trace.h | 16 +- library/net_sockets.c | 14 +- library/nist_kw.c | 14 +- library/oid.c | 14 +- library/padlock.c | 14 +- library/padlock.h | 14 +- library/pem.c | 14 +- library/pk.c | 14 +- library/pk_internal.h | 14 +- library/pk_wrap.c | 14 +- library/pk_wrap.h | 14 +- library/pkcs12.c | 14 +- library/pkcs5.c | 14 +- library/pkcs7.c | 14 +- library/pkparse.c | 14 +- library/pkwrite.c | 14 +- library/pkwrite.h | 14 +- library/platform.c | 14 +- library/platform_util.c | 14 +- library/poly1305.c | 14 +- library/psa_crypto.c | 14 +- library/psa_crypto_aead.c | 14 +- library/psa_crypto_aead.h | 14 +- library/psa_crypto_cipher.c | 14 +- library/psa_crypto_cipher.h | 14 +- library/psa_crypto_client.c | 14 +- library/psa_crypto_core.h | 14 +- library/psa_crypto_core_common.h | 14 +- library/psa_crypto_driver_wrappers.h | 14 +- .../psa_crypto_driver_wrappers_no_static.c | 14 +- .../psa_crypto_driver_wrappers_no_static.h | 14 +- library/psa_crypto_ecp.c | 14 +- library/psa_crypto_ecp.h | 14 +- library/psa_crypto_ffdh.c | 14 +- library/psa_crypto_ffdh.h | 14 +- library/psa_crypto_hash.c | 14 +- library/psa_crypto_hash.h | 14 +- library/psa_crypto_invasive.h | 14 +- library/psa_crypto_its.h | 14 +- library/psa_crypto_mac.c | 14 +- library/psa_crypto_mac.h | 14 +- library/psa_crypto_pake.c | 14 +- library/psa_crypto_pake.h | 14 +- library/psa_crypto_random_impl.h | 14 +- library/psa_crypto_rsa.c | 14 +- library/psa_crypto_rsa.h | 14 +- library/psa_crypto_se.c | 14 +- library/psa_crypto_se.h | 14 +- library/psa_crypto_slot_management.c | 14 +- library/psa_crypto_slot_management.h | 14 +- library/psa_crypto_storage.c | 14 +- library/psa_crypto_storage.h | 14 +- library/psa_its_file.c | 14 +- library/psa_util.c | 14 +- library/psa_util_internal.h | 14 +- library/ripemd160.c | 14 +- library/rsa.c | 14 +- library/rsa_alt_helpers.c | 14 +- library/rsa_alt_helpers.h | 14 +- library/sha1.c | 14 +- library/sha256.c | 14 +- library/sha3.c | 14 +- library/sha512.c | 14 +- library/ssl_cache.c | 14 +- library/ssl_ciphersuites.c | 14 +- library/ssl_client.c | 16 +- library/ssl_client.h | 14 +- library/ssl_cookie.c | 14 +- library/ssl_debug_helpers.h | 14 +- library/ssl_debug_helpers_generated.c | 14 +- library/ssl_misc.h | 14 +- library/ssl_msg.c | 14 +- library/ssl_ticket.c | 14 +- library/ssl_tls.c | 14 +- library/ssl_tls12_client.c | 14 +- library/ssl_tls12_server.c | 14 +- library/ssl_tls13_client.c | 16 +- library/ssl_tls13_generic.c | 14 +- library/ssl_tls13_invasive.h | 14 +- library/ssl_tls13_keys.c | 2 +- library/ssl_tls13_keys.h | 14 +- library/ssl_tls13_server.c | 14 +- library/threading.c | 14 +- library/timing.c | 14 +- library/version.c | 14 +- library/version_features.c | 14 +- library/x509.c | 14 +- library/x509_create.c | 14 +- library/x509_crl.c | 14 +- library/x509_crt.c | 14 +- library/x509_csr.c | 14 +- library/x509write.c | 14 +- library/x509write_crt.c | 14 +- library/x509write_csr.c | 14 +- programs/aes/crypt_and_hash.c | 14 +- programs/cipher/cipher_aead_demo.c | 14 +- programs/hash/generic_sum.c | 14 +- programs/hash/hello.c | 14 +- programs/hash/md_hmac_demo.c | 14 +- programs/pkey/dh_client.c | 14 +- programs/pkey/dh_genprime.c | 14 +- programs/pkey/dh_server.c | 14 +- programs/pkey/ecdh_curve25519.c | 14 +- programs/pkey/ecdsa.c | 14 +- programs/pkey/gen_key.c | 14 +- programs/pkey/key_app.c | 14 +- programs/pkey/key_app_writer.c | 14 +- programs/pkey/mpi_demo.c | 14 +- programs/pkey/pk_decrypt.c | 14 +- programs/pkey/pk_encrypt.c | 14 +- programs/pkey/pk_sign.c | 14 +- programs/pkey/pk_verify.c | 14 +- programs/pkey/rsa_decrypt.c | 14 +- programs/pkey/rsa_encrypt.c | 14 +- programs/pkey/rsa_genkey.c | 14 +- programs/pkey/rsa_sign.c | 14 +- programs/pkey/rsa_sign_pss.c | 14 +- programs/pkey/rsa_verify.c | 14 +- programs/pkey/rsa_verify_pss.c | 14 +- programs/psa/aead_demo.c | 14 +- programs/psa/crypto_examples.c | 14 +- programs/psa/hmac_demo.c | 14 +- programs/psa/key_ladder_demo.c | 14 +- programs/psa/key_ladder_demo.sh | 14 +- programs/psa/psa_constant_names.c | 14 +- programs/random/gen_entropy.c | 14 +- programs/random/gen_random_ctr_drbg.c | 14 +- programs/ssl/dtls_client.c | 14 +- programs/ssl/dtls_server.c | 14 +- programs/ssl/mini_client.c | 14 +- programs/ssl/ssl_client1.c | 14 +- programs/ssl/ssl_client2.c | 14 +- programs/ssl/ssl_context_info.c | 14 +- programs/ssl/ssl_fork_server.c | 14 +- programs/ssl/ssl_mail_client.c | 14 +- programs/ssl/ssl_pthread_server.c | 14 +- programs/ssl/ssl_server.c | 14 +- programs/ssl/ssl_server2.c | 14 +- programs/ssl/ssl_test_common_source.c | 14 +- programs/ssl/ssl_test_lib.c | 14 +- programs/ssl/ssl_test_lib.h | 14 +- programs/test/benchmark.c | 14 +- programs/test/cmake_package/cmake_package.c | 14 +- .../cmake_package_install.c | 14 +- .../test/cmake_subproject/cmake_subproject.c | 14 +- programs/test/dlopen.c | 14 +- programs/test/dlopen_demo.sh | 14 +- programs/test/generate_cpp_dummy_build.sh | 27 +- programs/test/query_compile_time_config.c | 14 +- programs/test/query_config.c | 14 +- programs/test/query_config.h | 14 +- programs/test/query_included_headers.c | 14 +- programs/test/selftest.c | 14 +- programs/test/udp_proxy.c | 14 +- programs/test/udp_proxy_wrapper.sh | 14 +- programs/test/zeroize.c | 14 +- programs/util/pem2der.c | 14 +- programs/util/strerror.c | 14 +- programs/wince_main.c | 14 +- programs/x509/cert_app.c | 14 +- programs/x509/cert_req.c | 14 +- programs/x509/cert_write.c | 14 +- programs/x509/crl_app.c | 14 +- programs/x509/load_roots.c | 39 ++ programs/x509/req_app.c | 14 +- scripts/abi_check.py | 14 +- scripts/apidoc_full.sh | 14 +- scripts/assemble_changelog.py | 14 +- scripts/bump_version.sh | 14 +- scripts/code_size_compare.py | 14 +- scripts/code_style.py | 14 +- scripts/config.pl | 13 +- scripts/config.py | 13 +- .../psa_crypto_driver_wrappers.h.jinja | 14 +- ...a_crypto_driver_wrappers_no_static.c.jinja | 14 +- scripts/data_files/error.fmt | 14 +- scripts/data_files/query_config.fmt | 14 +- scripts/data_files/version_features.fmt | 14 +- scripts/ecc-heap.sh | 14 +- scripts/ecp_comb_table.py | 14 +- scripts/footprint.sh | 14 +- scripts/generate_driver_wrappers.py | 14 +- scripts/generate_errors.pl | 14 +- scripts/generate_features.pl | 14 +- scripts/generate_psa_constants.py | 14 +- scripts/generate_query_config.pl | 14 +- scripts/generate_ssl_debug_helpers.py | 27 +- scripts/generate_visualc_files.pl | 14 +- scripts/lcov.sh | 14 +- scripts/massif_max.pl | 14 +- scripts/mbedtls_dev/asymmetric_key_data.py | 13 +- scripts/mbedtls_dev/bignum_common.py | 13 +- scripts/mbedtls_dev/bignum_core.py | 13 +- scripts/mbedtls_dev/bignum_data.py | 13 +- scripts/mbedtls_dev/bignum_mod.py | 13 +- scripts/mbedtls_dev/bignum_mod_raw.py | 13 +- scripts/mbedtls_dev/build_tree.py | 13 +- scripts/mbedtls_dev/c_build_helper.py | 13 +- scripts/mbedtls_dev/crypto_data_tests.py | 13 +- scripts/mbedtls_dev/crypto_knowledge.py | 13 +- scripts/mbedtls_dev/ecp.py | 13 +- scripts/mbedtls_dev/logging_util.py | 13 +- scripts/mbedtls_dev/macro_collector.py | 13 +- scripts/mbedtls_dev/psa_information.py | 13 +- scripts/mbedtls_dev/psa_storage.py | 13 +- scripts/mbedtls_dev/test_case.py | 13 +- scripts/mbedtls_dev/test_data_generation.py | 13 +- scripts/mbedtls_dev/typing_util.py | 13 +- scripts/memory.sh | 14 +- scripts/min_requirements.py | 14 +- scripts/output_env.sh | 14 +- scripts/prepare_release.sh | 14 +- scripts/tmp_ignore_makefiles.sh | 14 +- tests/compat-in-docker.sh | 14 +- tests/compat.sh | 14 +- tests/configs/tls13-only.h | 14 +- tests/configs/user-config-for-test.h | 14 +- tests/configs/user-config-malloc-0-null.h | 14 +- tests/configs/user-config-zeroize-memset.h | 14 +- tests/context-info.sh | 14 +- tests/data_files/dir-maxpath/long.sh | 14 +- tests/data_files/print_c.pl | 14 +- tests/data_files/test_certs.h.jinja2 | 14 +- tests/docker/bionic/Dockerfile | 14 +- tests/git-scripts/pre-push.sh | 14 +- tests/include/alt-dummy/aes_alt.h | 14 +- tests/include/alt-dummy/aria_alt.h | 14 +- tests/include/alt-dummy/camellia_alt.h | 14 +- tests/include/alt-dummy/ccm_alt.h | 14 +- tests/include/alt-dummy/chacha20_alt.h | 14 +- tests/include/alt-dummy/chachapoly_alt.h | 14 +- tests/include/alt-dummy/cmac_alt.h | 14 +- tests/include/alt-dummy/des_alt.h | 14 +- tests/include/alt-dummy/dhm_alt.h | 14 +- tests/include/alt-dummy/ecjpake_alt.h | 14 +- tests/include/alt-dummy/ecp_alt.h | 14 +- tests/include/alt-dummy/gcm_alt.h | 14 +- tests/include/alt-dummy/md5_alt.h | 14 +- tests/include/alt-dummy/nist_kw_alt.h | 14 +- tests/include/alt-dummy/platform_alt.h | 14 +- tests/include/alt-dummy/poly1305_alt.h | 14 +- tests/include/alt-dummy/ripemd160_alt.h | 14 +- tests/include/alt-dummy/rsa_alt.h | 14 +- tests/include/alt-dummy/sha1_alt.h | 14 +- tests/include/alt-dummy/sha256_alt.h | 14 +- tests/include/alt-dummy/sha512_alt.h | 14 +- tests/include/alt-dummy/threading_alt.h | 14 +- tests/include/alt-dummy/timing_alt.h | 14 +- tests/include/baremetal-override/time.h | 14 +- tests/include/spe/crypto_spe.h | 14 +- tests/include/test/arguments.h | 14 +- tests/include/test/asn1_helpers.h | 14 +- tests/include/test/bignum_helpers.h | 14 +- tests/include/test/certs.h | 14 +- tests/include/test/constant_flow.h | 14 +- tests/include/test/drivers/aead.h | 14 +- .../test/drivers/asymmetric_encryption.h | 14 +- tests/include/test/drivers/cipher.h | 14 +- .../include/test/drivers/config_test_driver.h | 14 +- tests/include/test/drivers/hash.h | 14 +- tests/include/test/drivers/key_agreement.h | 14 +- tests/include/test/drivers/key_management.h | 14 +- tests/include/test/drivers/mac.h | 14 +- tests/include/test/drivers/pake.h | 14 +- tests/include/test/drivers/signature.h | 14 +- tests/include/test/drivers/test_driver.h | 14 +- .../include/test/fake_external_rng_for_test.h | 14 +- tests/include/test/helpers.h | 14 +- tests/include/test/macros.h | 14 +- tests/include/test/psa_crypto_helpers.h | 14 +- tests/include/test/psa_exercise_key.h | 14 +- tests/include/test/psa_helpers.h | 14 +- tests/include/test/random.h | 14 +- tests/include/test/ssl_helpers.h | 14 +- tests/make-in-docker.sh | 14 +- tests/opt-testcases/tls13-compat.sh | 14 +- tests/opt-testcases/tls13-kex-modes.sh | 14 +- tests/opt-testcases/tls13-misc.sh | 14 +- tests/scripts/all-in-docker.sh | 14 +- tests/scripts/all.sh | 14 +- tests/scripts/audit-validity-dates.py | 14 +- tests/scripts/basic-build-test.sh | 14 +- tests/scripts/basic-in-docker.sh | 14 +- tests/scripts/check-doxy-blocks.pl | 14 +- tests/scripts/check-generated-files.sh | 14 +- tests/scripts/check-python-files.sh | 14 +- tests/scripts/check_files.py | 14 +- tests/scripts/check_names.py | 14 +- tests/scripts/check_test_cases.py | 14 +- tests/scripts/depends.py | 18 +- tests/scripts/docker_env.sh | 14 +- tests/scripts/doxygen.sh | 14 +- tests/scripts/gen_ctr_drbg.pl | 14 +- tests/scripts/gen_gcm_decrypt.pl | 14 +- tests/scripts/gen_gcm_encrypt.pl | 14 +- tests/scripts/gen_pkcs1_v21_sign_verify.pl | 14 +- tests/scripts/generate-afl-tests.sh | 14 +- tests/scripts/generate_bignum_tests.py | 14 +- tests/scripts/generate_ecp_tests.py | 14 +- tests/scripts/generate_pkcs7_tests.py | 14 +- tests/scripts/generate_psa_tests.py | 14 +- tests/scripts/generate_test_cert_macros.py | 14 +- tests/scripts/generate_test_code.py | 14 +- tests/scripts/generate_tls13_compat_tests.py | 28 +- tests/scripts/list-identifiers.sh | 14 +- tests/scripts/list_internal_identifiers.py | 14 +- tests/scripts/psa_collect_statuses.py | 14 +- tests/scripts/recursion.pl | 14 +- tests/scripts/run-test-suites.pl | 14 +- tests/scripts/scripts_path.py | 13 +- tests/scripts/set_psa_test_dependencies.py | 14 +- tests/scripts/tcp_client.pl | 14 +- tests/scripts/test-ref-configs.pl | 14 +- tests/scripts/test_config_script.py | 13 +- tests/scripts/test_generate_test_code.py | 14 +- tests/scripts/test_psa_compliance.py | 14 +- tests/scripts/test_psa_constant_names.py | 14 +- tests/scripts/test_zeroize.gdb | 14 +- tests/scripts/translate_ciphers.py | 14 +- tests/scripts/travis-log-failure.sh | 14 +- tests/src/asn1_helpers.c | 14 +- tests/src/bignum_helpers.c | 14 +- tests/src/certs.c | 14 +- tests/src/drivers/hash.c | 14 +- tests/src/drivers/platform_builtin_keys.c | 14 +- tests/src/drivers/test_driver_aead.c | 14 +- .../test_driver_asymmetric_encryption.c | 14 +- tests/src/drivers/test_driver_cipher.c | 14 +- tests/src/drivers/test_driver_key_agreement.c | 14 +- .../src/drivers/test_driver_key_management.c | 14 +- tests/src/drivers/test_driver_mac.c | 14 +- tests/src/drivers/test_driver_pake.c | 14 +- tests/src/drivers/test_driver_signature.c | 14 +- tests/src/fake_external_rng_for_test.c | 14 +- tests/src/helpers.c | 14 +- tests/src/psa_crypto_helpers.c | 14 +- tests/src/psa_exercise_key.c | 14 +- tests/src/random.c | 14 +- tests/src/test_certs.h | 14 +- tests/src/test_helpers/ssl_helpers.c | 14 +- tests/src/threading_helpers.c | 14 +- tests/ssl-opt-in-docker.sh | 14 +- tests/ssl-opt.sh | 14 +- tests/suites/test_suite_version.data | 4 +- 538 files changed, 7071 insertions(+), 920 deletions(-) create mode 100644 3rdparty/p256-m/p256-m/LICENSE diff --git a/.uncrustify.cfg b/.uncrustify.cfg index 8dc9db049..92b8ce9cd 100644 --- a/.uncrustify.cfg +++ b/.uncrustify.cfg @@ -4,7 +4,19 @@ # to Mbed TLS. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # Wrap lines at 100 characters diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt index e0e5adecd..eefc15151 100644 --- a/3rdparty/everest/CMakeLists.txt +++ b/3rdparty/everest/CMakeLists.txt @@ -18,11 +18,11 @@ target_include_directories(${everest_target} # everest is not directly linked against any mbedtls targets # so does not inherit the compile definitions. if(MBEDTLS_CONFIG_FILE) - target_compile_definitions(${everest_target} + target_compile_definitions(everest PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") endif() if(MBEDTLS_USER_CONFIG_FILE) - target_compile_definitions(${everest_target} + target_compile_definitions(everest PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") endif() diff --git a/3rdparty/p256-m/CMakeLists.txt b/3rdparty/p256-m/CMakeLists.txt index 2ef0d48b7..41be3c4a3 100644 --- a/3rdparty/p256-m/CMakeLists.txt +++ b/3rdparty/p256-m/CMakeLists.txt @@ -16,11 +16,11 @@ target_include_directories(${p256m_target} # p256m is not directly linked against any mbedtls targets # so does not inherit the compile definitions. if(MBEDTLS_CONFIG_FILE) - target_compile_definitions(${p256m_target} + target_compile_definitions(p256m PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") endif() if(MBEDTLS_USER_CONFIG_FILE) - target_compile_definitions(${p256m_target} + target_compile_definitions(p256m PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") endif() diff --git a/3rdparty/p256-m/README.md b/3rdparty/p256-m/README.md index ec90f3446..89648d413 100644 --- a/3rdparty/p256-m/README.md +++ b/3rdparty/p256-m/README.md @@ -1,4 +1,4 @@ -The files within the `p256-m/` subdirectory originate from the [p256-m GitHub repository](https://github.com/mpg/p256-m). They are distributed here under a dual Apache-2.0 OR GPL-2.0-or-later license. They are authored by Manuel Pégourié-Gonnard. p256-m is a minimalistic implementation of ECDH and ECDSA on NIST P-256, especially suited to constrained 32-bit environments. Mbed TLS documentation for integrating drivers uses p256-m as an example of a software accelerator, and describes how it can be integrated alongside Mbed TLS. It should be noted that p256-m files in the Mbed TLS repo will not be updated regularly, so they may not have fixes and improvements present in the upstream project. +The files within the `p256-m/` subdirectory originate from the [p256-m GitHub repository](https://github.com/mpg/p256-m), which is distributed under the Apache 2.0 license. They are authored by Manuel Pégourié-Gonnard. p256-m is a minimalistic implementation of ECDH and ECDSA on NIST P-256, especially suited to constrained 32-bit environments. Mbed TLS documentation for integrating drivers uses p256-m as an example of a software accelerator, and describes how it can be integrated alongside Mbed TLS. It should be noted that p256-m files in the Mbed TLS repo will not be updated regularly, so they may not have fixes and improvements present in the upstream project. -The files `p256-m.c`, `p256-m.h` and `README.md` have been taken from the `p256-m` repository. +The files `p256-m.c` and `.h`, along with the license, have been taken from the `p256-m` repository. It should be noted that p256-m deliberately does not supply its own cryptographically secure RNG function. As a result, the PSA RNG is used, with `p256_generate_random()` wrapping `psa_generate_random()`. diff --git a/3rdparty/p256-m/p256-m/LICENSE b/3rdparty/p256-m/p256-m/LICENSE new file mode 100644 index 000000000..d64569567 --- /dev/null +++ b/3rdparty/p256-m/p256-m/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/3rdparty/p256-m/p256-m/p256-m.c b/3rdparty/p256-m/p256-m/p256-m.c index 42c35b5bf..3f878f758 100644 --- a/3rdparty/p256-m/p256-m/p256-m.c +++ b/3rdparty/p256-m/p256-m/p256-m.c @@ -3,7 +3,7 @@ * * Copyright The Mbed TLS Contributors * Author: Manuel Pégourié-Gonnard. - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 */ #include "p256-m.h" diff --git a/3rdparty/p256-m/p256-m/p256-m.h b/3rdparty/p256-m/p256-m/p256-m.h index c26780024..28d319f39 100644 --- a/3rdparty/p256-m/p256-m/p256-m.h +++ b/3rdparty/p256-m/p256-m/p256-m.h @@ -3,7 +3,7 @@ * * Copyright The Mbed TLS Contributors * Author: Manuel Pégourié-Gonnard. - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 */ #ifndef P256_M_H #define P256_M_H diff --git a/3rdparty/p256-m/p256-m_driver_entrypoints.c b/3rdparty/p256-m/p256-m_driver_entrypoints.c index d272dcbb1..61310a87b 100644 --- a/3rdparty/p256-m/p256-m_driver_entrypoints.c +++ b/3rdparty/p256-m/p256-m_driver_entrypoints.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/platform.h" diff --git a/3rdparty/p256-m/p256-m_driver_entrypoints.h b/3rdparty/p256-m/p256-m_driver_entrypoints.h index c740c4522..d92a8f00b 100644 --- a/3rdparty/p256-m/p256-m_driver_entrypoints.h +++ b/3rdparty/p256-m/p256-m_driver_entrypoints.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef P256M_DRIVER_ENTRYPOINTS_H diff --git a/BRANCHES.md b/BRANCHES.md index c085b1616..d3bd75eff 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -106,6 +106,6 @@ The following branches are currently maintained: - [`development`](https://github.com/Mbed-TLS/mbedtls/) - [`mbedtls-2.28`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-2.28) maintained until at least the end of 2024, see - . + . Users are urged to always use the latest version of a maintained branch. diff --git a/CMakeLists.txt b/CMakeLists.txt index 87a41d75c..3c93b15c6 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -377,7 +377,7 @@ if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL) write_basic_package_version_file( "cmake/MbedTLSConfigVersion.cmake" COMPATIBILITY SameMajorVersion - VERSION 3.5.1) + VERSION 3.5.0) install( FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfig.cmake" diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 261f745ba..8454fb8ea 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -84,11 +84,11 @@ Mbed TLS is well documented, but if you think documentation is needed, speak out License and Copyright --------------------- -Unless specifically indicated otherwise in a file, Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. See the [LICENSE](LICENSE) file for the full text of these licenses. This means that users may choose which of these licenses they take the code under. +Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license. Contributors must accept that their contributions are made under both the Apache-2.0 AND [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) licenses. This enables LTS (Long Term Support) branches of the software to be provided under either the Apache-2.0 or GPL-2.0-or-later licenses. -All new files should include the standard SPDX license identifier where possible, i.e. "SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later". +All new files should include the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) standard license header where possible. The copyright on contributions is retained by the original authors of the code. Where possible for new files, this should be noted in a comment at the top of the file in the form: "Copyright The Mbed TLS Contributors". diff --git a/ChangeLog b/ChangeLog index 28c45f718..85f3665c2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,22 +1,12 @@ Mbed TLS ChangeLog (Sorted per branch, date) -= Mbed TLS 3.5.1 branch released 2023-11-06 - -Changes - * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later - license. Users may choose which license they take the code under. - -Bugfix - * Fix accidental omission of MBEDTLS_TARGET_PREFIX in 3rdparty modules - in CMake. - = Mbed TLS 3.5.0 branch released 2023-10-05 API changes * Mbed TLS 3.4 introduced support for omitting the built-in implementation of ECDSA and/or EC J-PAKE when those are provided by a driver. However, - there was a flaw in the logic checking if the built-in implementation, in - that it failed to check if all the relevant curves were supported by the + their was a flaw in the logic checking if the built-in implementation, in + that if failed to check if all the relevant curves were supported by the accelerator. As a result, it was possible to declare no curves as accelerated and still have the built-in implementation compiled out. Starting with this release, it is necessary to declare which curves are diff --git a/LICENSE b/LICENSE index 776ac77ea..d64569567 100644 --- a/LICENSE +++ b/LICENSE @@ -1,10 +1,3 @@ -Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) -OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. -This means that users may choose which of these licenses they take the code -under. - -The full text of each of these licenses is given below. - Apache License Version 2.0, January 2004 @@ -207,347 +200,3 @@ The full text of each of these licenses is given below. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. - - -=============================================================================== - - - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Lesser General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) year name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - , 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Lesser General -Public License instead of this License. diff --git a/README.md b/README.md index 2505d8fd9..a3fcd2e15 100644 --- a/README.md +++ b/README.md @@ -307,14 +307,14 @@ When using drivers, you will generally want to enable two compilation options (s License ------- -Unless specifically indicated otherwise in a file, Mbed TLS files are provided under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. See the [LICENSE](LICENSE) file for the full text of these licenses, and [the 'License and Copyright' section in the contributing guidelines](CONTRIBUTING.md#License-and-Copyright) for more information. +Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license, and [the 'License and Copyright' section in the contributing guidelines](CONTRIBUTING.md#License-and-Copyright) for more information. ### Third-party code included in Mbed TLS -This project contains code from other projects. This code is located within the `3rdparty/` directory. The original license text is included within project subdirectories, where it differs from the normal Mbed TLS license, and/or in source files. The projects are listed below: +This project contains code from other projects. This code is located within the `3rdparty/` directory. The original license text is included within project subdirectories, and in source files. The projects are listed below: * `3rdparty/everest/`: Files stem from [Project Everest](https://project-everest.github.io/) and are distributed under the Apache 2.0 license. -* `3rdparty/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is distributed in Mbed TLS under a dual Apache-2.0 OR GPL-2.0-or-later license with permission from the author. +* `3rdparty/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is also used by Mbed TLS under the Apache 2.0 license. We do not plan to regularly update these files, so they may not contain fixes and improvements present in the upstream project. Contributing ------------ diff --git a/configs/config-ccm-psk-dtls1_2.h b/configs/config-ccm-psk-dtls1_2.h index 19e09d957..af2415fe1 100644 --- a/configs/config-ccm-psk-dtls1_2.h +++ b/configs/config-ccm-psk-dtls1_2.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * Minimal configuration for DTLS 1.2 with PSK and AES-CCM ciphersuites diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index d49adfd72..62c1d8013 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index ddb00b41e..1964e8e55 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * Minimal configuration of features that do not require an entropy source diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 9bba6e6cb..56a700f74 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * Minimal configuration for TLS NSA Suite B Profile (RFC 6460) diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h index 512dd7616..a014b5273 100644 --- a/configs/config-symmetric-only.h +++ b/configs/config-symmetric-only.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* System support */ diff --git a/configs/config-thread.h b/configs/config-thread.h index 2f81f9007..e05b557ed 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/configs/crypto-config-ccm-aes-sha256.h b/configs/crypto-config-ccm-aes-sha256.h index 7f8d58768..6c12bd7b6 100644 --- a/configs/crypto-config-ccm-aes-sha256.h +++ b/configs/crypto-config-ccm-aes-sha256.h @@ -6,7 +6,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_CONFIG_H diff --git a/configs/crypto_config_profile_medium.h b/configs/crypto_config_profile_medium.h index f9b2c2fdd..3fa8552c9 100644 --- a/configs/crypto_config_profile_medium.h +++ b/configs/crypto_config_profile_medium.h @@ -1,6 +1,8 @@ /* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * Copyright (c) 2018-2022, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * */ /** * \file psa/crypto_config.h diff --git a/configs/tfm_mbedcrypto_config_profile_medium.h b/configs/tfm_mbedcrypto_config_profile_medium.h index 34a3bd4ff..88736b54b 100644 --- a/configs/tfm_mbedcrypto_config_profile_medium.h +++ b/configs/tfm_mbedcrypto_config_profile_medium.h @@ -8,8 +8,22 @@ * memory footprint. */ /* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * Copyright (C) 2006-2022, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) */ #ifndef PROFILE_M_MBEDTLS_CONFIG_H diff --git a/docs/architecture/psa-migration/syms.sh b/docs/architecture/psa-migration/syms.sh index 6c9686eb2..1e1ec8c29 100755 --- a/docs/architecture/psa-migration/syms.sh +++ b/docs/architecture/psa-migration/syms.sh @@ -1,7 +1,19 @@ #!/bin/sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Purpose # diff --git a/doxygen/input/doc_encdec.h b/doxygen/input/doc_encdec.h index cf77690b3..ec149aef7 100644 --- a/doxygen/input/doc_encdec.h +++ b/doxygen/input/doc_encdec.h @@ -6,7 +6,19 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /** diff --git a/doxygen/input/doc_hashing.h b/doxygen/input/doc_hashing.h index 83613bfa9..931e6e928 100644 --- a/doxygen/input/doc_hashing.h +++ b/doxygen/input/doc_hashing.h @@ -6,7 +6,19 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /** diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index c391c59ce..b67237fbc 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -6,11 +6,23 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /** - * @mainpage Mbed TLS v3.5.1 API Documentation + * @mainpage Mbed TLS v3.5.0 API Documentation * * This documentation describes the internal structure of Mbed TLS. It was * automatically generated from specially formatted comment blocks in diff --git a/doxygen/input/doc_rng.h b/doxygen/input/doc_rng.h index 22608a879..7da13cd73 100644 --- a/doxygen/input/doc_rng.h +++ b/doxygen/input/doc_rng.h @@ -6,7 +6,19 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /** diff --git a/doxygen/input/doc_ssltls.h b/doxygen/input/doc_ssltls.h index 5757574f3..6961124e4 100644 --- a/doxygen/input/doc_ssltls.h +++ b/doxygen/input/doc_ssltls.h @@ -6,7 +6,19 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /** diff --git a/doxygen/input/doc_tcpip.h b/doxygen/input/doc_tcpip.h index f8d8c6905..a705de146 100644 --- a/doxygen/input/doc_tcpip.h +++ b/doxygen/input/doc_tcpip.h @@ -6,7 +6,19 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /** diff --git a/doxygen/input/doc_x509.h b/doxygen/input/doc_x509.h index 945830f11..904967501 100644 --- a/doxygen/input/doc_x509.h +++ b/doxygen/input/doc_x509.h @@ -6,7 +6,19 @@ /* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /** diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 89048f221..98b2d7973 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -1,4 +1,4 @@ -PROJECT_NAME = "Mbed TLS v3.5.1" +PROJECT_NAME = "Mbed TLS v3.5.0" OUTPUT_DIRECTORY = ../apidoc/ FULL_PATH_NAMES = NO OPTIMIZE_OUTPUT_FOR_C = YES diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index 77ecffd86..7c92162d1 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -22,7 +22,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_AES_H diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h index abb8a3d76..7e55df7ec 100644 --- a/include/mbedtls/aria.h +++ b/include/mbedtls/aria.h @@ -11,7 +11,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_ARIA_H diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 830458b55..c7aae0ff8 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_ASN1_H #define MBEDTLS_ASN1_H diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 7af4aba41..6fe57c8f0 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_ASN1_WRITE_H #define MBEDTLS_ASN1_WRITE_H diff --git a/include/mbedtls/base64.h b/include/mbedtls/base64.h index 8f459b74c..635be713d 100644 --- a/include/mbedtls/base64.h +++ b/include/mbedtls/base64.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_BASE64_H #define MBEDTLS_BASE64_H diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index 931e06d2c..eb8446ea8 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_BIGNUM_H #define MBEDTLS_BIGNUM_H diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index c4fab1205..842f15c58 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -8,7 +8,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_BUILD_INFO_H @@ -26,16 +38,16 @@ */ #define MBEDTLS_VERSION_MAJOR 3 #define MBEDTLS_VERSION_MINOR 5 -#define MBEDTLS_VERSION_PATCH 1 +#define MBEDTLS_VERSION_PATCH 0 /** * The single version number has the following structure: * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x03050100 -#define MBEDTLS_VERSION_STRING "3.5.1" -#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.5.1" +#define MBEDTLS_VERSION_NUMBER 0x03050000 +#define MBEDTLS_VERSION_STRING "3.5.0" +#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.5.0" /* Macros for build-time platform detection */ diff --git a/include/mbedtls/camellia.h b/include/mbedtls/camellia.h index 6c674fe04..8033c13ff 100644 --- a/include/mbedtls/camellia.h +++ b/include/mbedtls/camellia.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CAMELLIA_H #define MBEDTLS_CAMELLIA_H diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index a98111b4e..e00e747de 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -29,7 +29,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CCM_H diff --git a/include/mbedtls/chacha20.h b/include/mbedtls/chacha20.h index 680fe3604..e24e56b98 100644 --- a/include/mbedtls/chacha20.h +++ b/include/mbedtls/chacha20.h @@ -14,7 +14,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CHACHA20_H diff --git a/include/mbedtls/chachapoly.h b/include/mbedtls/chachapoly.h index 3dc21e380..19baadefd 100644 --- a/include/mbedtls/chachapoly.h +++ b/include/mbedtls/chachapoly.h @@ -14,7 +14,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CHACHAPOLY_H diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index e479ef3a0..e18e9a5fc 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CHECK_CONFIG_H diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 2596baa92..9c8701d38 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -9,7 +9,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CIPHER_H diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h index 97b86fc42..b2aca5d04 100644 --- a/include/mbedtls/cmac.h +++ b/include/mbedtls/cmac.h @@ -9,7 +9,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CMAC_H diff --git a/include/mbedtls/compat-2.x.h b/include/mbedtls/compat-2.x.h index 096341ba7..cdf81dcbb 100644 --- a/include/mbedtls/compat-2.x.h +++ b/include/mbedtls/compat-2.x.h @@ -7,7 +7,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #if defined(MBEDTLS_DEPRECATED_WARNING) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index f76976591..6ec59f193 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -16,7 +16,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index ab18d985d..e3c2ed117 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -10,7 +10,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H diff --git a/include/mbedtls/config_adjust_psa_from_legacy.h b/include/mbedtls/config_adjust_psa_from_legacy.h index c31a46243..088711d37 100644 --- a/include/mbedtls/config_adjust_psa_from_legacy.h +++ b/include/mbedtls/config_adjust_psa_from_legacy.h @@ -12,7 +12,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CONFIG_ADJUST_PSA_FROM_LEGACY_H diff --git a/include/mbedtls/config_adjust_psa_superset_legacy.h b/include/mbedtls/config_adjust_psa_superset_legacy.h index 3a55c3f6e..3d9029b57 100644 --- a/include/mbedtls/config_adjust_psa_superset_legacy.h +++ b/include/mbedtls/config_adjust_psa_superset_legacy.h @@ -11,7 +11,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H diff --git a/include/mbedtls/config_adjust_ssl.h b/include/mbedtls/config_adjust_ssl.h index 8415f3e5f..2275f3add 100644 --- a/include/mbedtls/config_adjust_ssl.h +++ b/include/mbedtls/config_adjust_ssl.h @@ -16,7 +16,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CONFIG_ADJUST_SSL_H diff --git a/include/mbedtls/config_adjust_x509.h b/include/mbedtls/config_adjust_x509.h index 346c8ae6d..99a0ace2f 100644 --- a/include/mbedtls/config_adjust_x509.h +++ b/include/mbedtls/config_adjust_x509.h @@ -16,7 +16,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CONFIG_ADJUST_X509_H diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 17da61b3e..2d2397197 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -12,7 +12,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CONFIG_PSA_H diff --git a/include/mbedtls/constant_time.h b/include/mbedtls/constant_time.h index d31bff677..ebecf35b0 100644 --- a/include/mbedtls/constant_time.h +++ b/include/mbedtls/constant_time.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CONSTANT_TIME_H diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index d1f19e607..0348281e4 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -23,7 +23,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CTR_DRBG_H diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index 0aef2ed65..d6dd15224 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_DEBUG_H #define MBEDTLS_DEBUG_H diff --git a/include/mbedtls/des.h b/include/mbedtls/des.h index 2b097a13d..f445102d9 100644 --- a/include/mbedtls/des.h +++ b/include/mbedtls/des.h @@ -9,7 +9,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. * */ #ifndef MBEDTLS_DES_H diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h index fcba3d2af..0232a71fd 100644 --- a/include/mbedtls/dhm.h +++ b/include/mbedtls/dhm.h @@ -45,7 +45,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_DHM_H diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 792db79fd..67c94f0fa 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -14,7 +14,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_ECDH_H diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 2ecf34911..3b2b418f1 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -12,7 +12,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_ECDSA_H diff --git a/include/mbedtls/ecjpake.h b/include/mbedtls/ecjpake.h index c2148a2bd..0008d7312 100644 --- a/include/mbedtls/ecjpake.h +++ b/include/mbedtls/ecjpake.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_ECJPAKE_H #define MBEDTLS_ECJPAKE_H diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 7f5e88080..bf95b907a 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -16,7 +16,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_ECP_H diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h index 20fd6872b..c2bba41d2 100644 --- a/include/mbedtls/entropy.h +++ b/include/mbedtls/entropy.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_ENTROPY_H #define MBEDTLS_ENTROPY_H diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 186589ac5..a7454f234 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_ERROR_H #define MBEDTLS_ERROR_H diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 837cecc09..c3343e6aa 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -13,7 +13,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_GCM_H diff --git a/include/mbedtls/hkdf.h b/include/mbedtls/hkdf.h index 930e93f32..699c6d9e9 100644 --- a/include/mbedtls/hkdf.h +++ b/include/mbedtls/hkdf.h @@ -8,7 +8,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_HKDF_H #define MBEDTLS_HKDF_H diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h index 18b1b75a6..2e5aa6d06 100644 --- a/include/mbedtls/hmac_drbg.h +++ b/include/mbedtls/hmac_drbg.h @@ -9,7 +9,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_HMAC_DRBG_H #define MBEDTLS_HMAC_DRBG_H diff --git a/include/mbedtls/lms.h b/include/mbedtls/lms.h index 95fce2133..5c8df42f8 100644 --- a/include/mbedtls/lms.h +++ b/include/mbedtls/lms.h @@ -10,7 +10,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_LMS_H #define MBEDTLS_LMS_H diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index e1456b9ae..af0761395 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -9,7 +9,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /** @@ -742,9 +754,6 @@ * contexts and therefore is a compatibility break for applications that access * fields of a mbedtls_ecdh_context structure directly. See also * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. - * - * The Everest code is provided under the Apache 2.0 license only; therefore enabling this - * option is not compatible with taking the library under the GPL v2.0-or-later license. */ //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h index ff7b13365..c9a7858f3 100644 --- a/include/mbedtls/md.h +++ b/include/mbedtls/md.h @@ -8,7 +8,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_MD_H diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h index 6bf0754a4..808188694 100644 --- a/include/mbedtls/md5.h +++ b/include/mbedtls/md5.h @@ -9,7 +9,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_MD5_H #define MBEDTLS_MD5_H diff --git a/include/mbedtls/memory_buffer_alloc.h b/include/mbedtls/memory_buffer_alloc.h index b527d9b66..9694d2458 100644 --- a/include/mbedtls/memory_buffer_alloc.h +++ b/include/mbedtls/memory_buffer_alloc.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_MEMORY_BUFFER_ALLOC_H #define MBEDTLS_MEMORY_BUFFER_ALLOC_H diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h index 026f627ce..1096d66d9 100644 --- a/include/mbedtls/net_sockets.h +++ b/include/mbedtls/net_sockets.h @@ -21,7 +21,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_NET_SOCKETS_H #define MBEDTLS_NET_SOCKETS_H diff --git a/include/mbedtls/nist_kw.h b/include/mbedtls/nist_kw.h index d353f3d1a..0c95c902e 100644 --- a/include/mbedtls/nist_kw.h +++ b/include/mbedtls/nist_kw.h @@ -17,7 +17,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_NIST_KW_H diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index e48817d68..954507229 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_OID_H #define MBEDTLS_OID_H diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h index cc617a9bc..a33fc65e5 100644 --- a/include/mbedtls/pem.h +++ b/include/mbedtls/pem.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PEM_H #define MBEDTLS_PEM_H diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 24b11886b..aea602be7 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PK_H diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index 42e84538a..ba1a2edf0 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PKCS12_H #define MBEDTLS_PKCS12_H diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h index e004f4555..8b086aa2e 100644 --- a/include/mbedtls/pkcs5.h +++ b/include/mbedtls/pkcs5.h @@ -7,7 +7,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PKCS5_H #define MBEDTLS_PKCS5_H diff --git a/include/mbedtls/pkcs7.h b/include/mbedtls/pkcs7.h index 70b25a9c6..1231e3402 100644 --- a/include/mbedtls/pkcs7.h +++ b/include/mbedtls/pkcs7.h @@ -6,7 +6,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /** diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h index de3d71d9d..3fc1fd0c1 100644 --- a/include/mbedtls/platform.h +++ b/include/mbedtls/platform.h @@ -21,7 +21,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PLATFORM_H #define MBEDTLS_PLATFORM_H diff --git a/include/mbedtls/platform_time.h b/include/mbedtls/platform_time.h index 97f1963ab..21b369745 100644 --- a/include/mbedtls/platform_time.h +++ b/include/mbedtls/platform_time.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PLATFORM_TIME_H #define MBEDTLS_PLATFORM_TIME_H diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h index cba02ab3d..3f23fef55 100644 --- a/include/mbedtls/platform_util.h +++ b/include/mbedtls/platform_util.h @@ -6,7 +6,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PLATFORM_UTIL_H #define MBEDTLS_PLATFORM_UTIL_H diff --git a/include/mbedtls/poly1305.h b/include/mbedtls/poly1305.h index 61bcaa6b6..3025ef1f2 100644 --- a/include/mbedtls/poly1305.h +++ b/include/mbedtls/poly1305.h @@ -14,7 +14,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_POLY1305_H diff --git a/include/mbedtls/private_access.h b/include/mbedtls/private_access.h index 580f3eb44..61fa8777b 100644 --- a/include/mbedtls/private_access.h +++ b/include/mbedtls/private_access.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PRIVATE_ACCESS_H diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 643e8aac4..8ce15927b 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PSA_UTIL_H diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h index 279f92b51..acec3c52d 100644 --- a/include/mbedtls/ripemd160.h +++ b/include/mbedtls/ripemd160.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_RIPEMD160_H #define MBEDTLS_RIPEMD160_H diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index df665240d..69f3981ed 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -11,7 +11,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_RSA_H #define MBEDTLS_RSA_H diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h index 592ffd13f..18bde93d3 100644 --- a/include/mbedtls/sha1.h +++ b/include/mbedtls/sha1.h @@ -12,7 +12,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_SHA1_H #define MBEDTLS_SHA1_H diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 4ee780f7d..87e259f5b 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -8,7 +8,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_SHA256_H #define MBEDTLS_SHA256_H diff --git a/include/mbedtls/sha3.h b/include/mbedtls/sha3.h index 3eeee65e6..77748be1f 100644 --- a/include/mbedtls/sha3.h +++ b/include/mbedtls/sha3.h @@ -9,7 +9,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_SHA3_H diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index 1c20e4c22..ea5467829 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -7,7 +7,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_SHA512_H #define MBEDTLS_SHA512_H diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 89f7b8164..debb1cc2c 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_SSL_H #define MBEDTLS_SSL_H diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h index a1307b450..7a90191c3 100644 --- a/include/mbedtls/ssl_cache.h +++ b/include/mbedtls/ssl_cache.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_SSL_CACHE_H #define MBEDTLS_SSL_CACHE_H diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 8cecbb625..07f2facef 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_SSL_CIPHERSUITES_H #define MBEDTLS_SSL_CIPHERSUITES_H diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h index 71c258ea4..5cd1847d0 100644 --- a/include/mbedtls/ssl_cookie.h +++ b/include/mbedtls/ssl_cookie.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_SSL_COOKIE_H #define MBEDTLS_SSL_COOKIE_H diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h index 6d59c12da..0cefe43a1 100644 --- a/include/mbedtls/ssl_ticket.h +++ b/include/mbedtls/ssl_ticket.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_SSL_TICKET_H #define MBEDTLS_SSL_TICKET_H diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index ed16a23b1..6a336c3ed 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_THREADING_H #define MBEDTLS_THREADING_H diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h index 62ae1022d..830dcee63 100644 --- a/include/mbedtls/timing.h +++ b/include/mbedtls/timing.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_TIMING_H #define MBEDTLS_TIMING_H diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h index 637f9d38b..073211a19 100644 --- a/include/mbedtls/version.h +++ b/include/mbedtls/version.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * This set of run-time variables can be used to determine the version number of diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index e2e06679b..a9267c791 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_X509_H #define MBEDTLS_X509_H diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h index 6625a44f4..62694ae7f 100644 --- a/include/mbedtls/x509_crl.h +++ b/include/mbedtls/x509_crl.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_X509_CRL_H #define MBEDTLS_X509_CRL_H diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 3f1a1e761..3f9b25075 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_X509_CRT_H #define MBEDTLS_X509_CRT_H diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index e54010b10..513a83edd 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_X509_CSR_H #define MBEDTLS_X509_CSR_H diff --git a/include/psa/build_info.h b/include/psa/build_info.h index 3ee6cd7b1..34a138d72 100644 --- a/include/psa/build_info.h +++ b/include/psa/build_info.h @@ -9,7 +9,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_BUILD_INFO_H diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fe10ee0e4..6b06187bf 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -4,7 +4,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_H diff --git a/include/psa/crypto_adjust_auto_enabled.h b/include/psa/crypto_adjust_auto_enabled.h index 63fb29e85..5e18298c6 100644 --- a/include/psa/crypto_adjust_auto_enabled.h +++ b/include/psa/crypto_adjust_auto_enabled.h @@ -7,7 +7,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_ADJUST_AUTO_ENABLED_H diff --git a/include/psa/crypto_adjust_config_key_pair_types.h b/include/psa/crypto_adjust_config_key_pair_types.h index 63afc0e40..7736e752d 100644 --- a/include/psa/crypto_adjust_config_key_pair_types.h +++ b/include/psa/crypto_adjust_config_key_pair_types.h @@ -13,7 +13,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_ADJUST_KEYPAIR_TYPES_H diff --git a/include/psa/crypto_adjust_config_synonyms.h b/include/psa/crypto_adjust_config_synonyms.h index cf33465b5..5142ef0ae 100644 --- a/include/psa/crypto_adjust_config_synonyms.h +++ b/include/psa/crypto_adjust_config_synonyms.h @@ -8,7 +8,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h index 35c2e29b9..d9473ac00 100644 --- a/include/psa/crypto_builtin_composites.h +++ b/include/psa/crypto_builtin_composites.h @@ -15,7 +15,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_BUILTIN_COMPOSITES_H diff --git a/include/psa/crypto_builtin_key_derivation.h b/include/psa/crypto_builtin_key_derivation.h index 6b91ae73f..8a2143a7e 100644 --- a/include/psa/crypto_builtin_key_derivation.h +++ b/include/psa/crypto_builtin_key_derivation.h @@ -15,7 +15,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h index 98ab4d333..d3e069223 100644 --- a/include/psa/crypto_builtin_primitives.h +++ b/include/psa/crypto_builtin_primitives.h @@ -15,7 +15,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_BUILTIN_PRIMITIVES_H diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index f896fae1c..70fa14e87 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -12,7 +12,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_COMPAT_H diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h index 5bf00f402..d34cbf339 100644 --- a/include/psa/crypto_config.h +++ b/include/psa/crypto_config.h @@ -32,7 +32,19 @@ #endif /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_CONFIG_H diff --git a/include/psa/crypto_driver_common.h b/include/psa/crypto_driver_common.h index cc11d3b9a..26363c6b2 100644 --- a/include/psa/crypto_driver_common.h +++ b/include/psa/crypto_driver_common.h @@ -17,7 +17,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_DRIVER_COMMON_H #define PSA_CRYPTO_DRIVER_COMMON_H diff --git a/include/psa/crypto_driver_contexts_composites.h b/include/psa/crypto_driver_contexts_composites.h index d717c5190..d0188647f 100644 --- a/include/psa/crypto_driver_contexts_composites.h +++ b/include/psa/crypto_driver_contexts_composites.h @@ -16,7 +16,19 @@ * to define the implementation-defined types of PSA multi-part state objects. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_COMPOSITES_H diff --git a/include/psa/crypto_driver_contexts_key_derivation.h b/include/psa/crypto_driver_contexts_key_derivation.h index 21190515c..3fb29ff7f 100644 --- a/include/psa/crypto_driver_contexts_key_derivation.h +++ b/include/psa/crypto_driver_contexts_key_derivation.h @@ -15,7 +15,19 @@ * to define the implementation-defined types of PSA multi-part state objects. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_KEY_DERIVATION_H diff --git a/include/psa/crypto_driver_contexts_primitives.h b/include/psa/crypto_driver_contexts_primitives.h index c90a5fbe7..b27a768e8 100644 --- a/include/psa/crypto_driver_contexts_primitives.h +++ b/include/psa/crypto_driver_contexts_primitives.h @@ -15,7 +15,19 @@ * to define the implementation-defined types of PSA multi-part state objects. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index ef29b77db..4b0cc7041 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -10,7 +10,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_EXTRA_H diff --git a/include/psa/crypto_legacy.h b/include/psa/crypto_legacy.h index 7df3614d6..7a038d945 100644 --- a/include/psa/crypto_legacy.h +++ b/include/psa/crypto_legacy.h @@ -13,7 +13,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PSA_CRYPTO_LEGACY_H diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index f32a10146..ee41c897f 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -15,7 +15,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_PLATFORM_H diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index 9ce14bba6..f39e2294c 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -17,7 +17,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_SE_DRIVER_H #define PSA_CRYPTO_SE_DRIVER_H diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index d22bf1017..1d5ed6c26 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -22,7 +22,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_SIZES_H diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index d5ea8d51b..b309bc854 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -43,7 +43,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_STRUCT_H diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 5a1318de0..445657eb9 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -15,7 +15,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_TYPES_H diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 5e33f6bd5..241b7c80d 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -21,7 +21,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_VALUES_H diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index eeda06aee..6a4ce51b4 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -296,7 +296,7 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR}) add_library(${mbedcrypto_target} SHARED ${src_crypto}) - set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.5.1 SOVERSION 15) + set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.5.0 SOVERSION 15) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) if(TARGET ${everest_target}) @@ -308,11 +308,11 @@ if(USE_SHARED_MBEDTLS_LIBRARY) endif() add_library(${mbedx509_target} SHARED ${src_x509}) - set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.5.1 SOVERSION 6) + set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.5.0 SOVERSION 6) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) add_library(${mbedtls_target} SHARED ${src_tls}) - set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.5.1 SOVERSION 20) + set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.5.0 SOVERSION 20) target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) endif(USE_SHARED_MBEDTLS_LIBRARY) diff --git a/library/aes.c b/library/aes.c index feb455b6f..0a7b26ce9 100644 --- a/library/aes.c +++ b/library/aes.c @@ -2,7 +2,19 @@ * FIPS-197 compliant AES implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * The AES block cipher was designed by Vincent Rijmen and Joan Daemen. diff --git a/library/aesce.c b/library/aesce.c index f2bdce2db..8b42b034f 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -2,7 +2,19 @@ * Armv8-A Cryptographic Extension support functions for Aarch64 * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #if defined(__aarch64__) && !defined(__ARM_FEATURE_CRYPTO) && \ diff --git a/library/aesce.h b/library/aesce.h index 9206a6b3b..d24c423b8 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -9,7 +9,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_AESCE_H #define MBEDTLS_AESCE_H diff --git a/library/aesni.c b/library/aesni.c index 59bcd3d92..5f25a8249 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -2,7 +2,19 @@ * AES-NI support functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/aesni.h b/library/aesni.h index 165859ac3..ba1429029 100644 --- a/library/aesni.h +++ b/library/aesni.h @@ -8,7 +8,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_AESNI_H #define MBEDTLS_AESNI_H diff --git a/library/alignment.h b/library/alignment.h index 4bca10e8f..ab15986e5 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_LIBRARY_ALIGNMENT_H diff --git a/library/aria.c b/library/aria.c index 07a434f8f..098036225 100644 --- a/library/aria.c +++ b/library/aria.c @@ -2,7 +2,19 @@ * ARIA implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/asn1parse.c b/library/asn1parse.c index c02b233ec..abdd0b1bd 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -2,7 +2,19 @@ * Generic ASN.1 parsing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/asn1write.c b/library/asn1write.c index 114091d63..2e9b98ad5 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -2,7 +2,19 @@ * ASN.1 buffer writing functionality * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/base64.c b/library/base64.c index a58717d6b..fa22e5375 100644 --- a/library/base64.c +++ b/library/base64.c @@ -2,7 +2,19 @@ * RFC 1521 base64 encoding/decoding * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/library/base64_internal.h b/library/base64_internal.h index a09bd2377..f9f56d78d 100644 --- a/library/base64_internal.h +++ b/library/base64_internal.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_BASE64_INTERNAL diff --git a/library/bignum.c b/library/bignum.c index 09ce0301f..7c265e04d 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -2,7 +2,19 @@ * Multi-precision integer library * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/bignum_core.c b/library/bignum_core.c index dfed60d55..dbf6d1df4 100644 --- a/library/bignum_core.c +++ b/library/bignum_core.c @@ -2,7 +2,19 @@ * Core bignum functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/bignum_core.h b/library/bignum_core.h index b56be0a71..e5500f117 100644 --- a/library/bignum_core.h +++ b/library/bignum_core.h @@ -62,7 +62,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_BIGNUM_CORE_H diff --git a/library/bignum_mod.c b/library/bignum_mod.c index dfd332a70..2f0e9ed09 100644 --- a/library/bignum_mod.c +++ b/library/bignum_mod.c @@ -2,7 +2,19 @@ * Modular bignum functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/bignum_mod.h b/library/bignum_mod.h index 963d8881a..39e8fd218 100644 --- a/library/bignum_mod.h +++ b/library/bignum_mod.h @@ -63,7 +63,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_BIGNUM_MOD_H diff --git a/library/bignum_mod_raw.c b/library/bignum_mod_raw.c index 5343bc650..5ee1b19b2 100644 --- a/library/bignum_mod_raw.c +++ b/library/bignum_mod_raw.c @@ -2,7 +2,19 @@ * Low-level modular bignum functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/bignum_mod_raw.h b/library/bignum_mod_raw.h index 7bb4ca3cf..c5ff9378e 100644 --- a/library/bignum_mod_raw.h +++ b/library/bignum_mod_raw.h @@ -60,7 +60,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_BIGNUM_MOD_RAW_H diff --git a/library/bignum_mod_raw_invasive.h b/library/bignum_mod_raw_invasive.h index 94a0d06cf..ead83942c 100644 --- a/library/bignum_mod_raw_invasive.h +++ b/library/bignum_mod_raw_invasive.h @@ -6,7 +6,19 @@ */ /** * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_BIGNUM_MOD_RAW_INVASIVE_H diff --git a/library/bn_mul.h b/library/bn_mul.h index 0738469db..ab1a66ae5 100644 --- a/library/bn_mul.h +++ b/library/bn_mul.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * Multiply source vector [s] with b, add result diff --git a/library/camellia.c b/library/camellia.c index 86c8bbfcd..409727d04 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -2,7 +2,19 @@ * Camellia implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * The Camellia block cipher was designed by NTT and Mitsubishi Electric diff --git a/library/ccm.c b/library/ccm.c index 2cccd2809..237ef9f31 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -2,7 +2,19 @@ * NIST SP800-38C compliant CCM implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/chacha20.c b/library/chacha20.c index acaae5b2e..cbb01f4ad 100644 --- a/library/chacha20.c +++ b/library/chacha20.c @@ -6,7 +6,19 @@ * \author Daniel King * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/chachapoly.c b/library/chachapoly.c index a1314eab6..aebc646aa 100644 --- a/library/chachapoly.c +++ b/library/chachapoly.c @@ -4,7 +4,19 @@ * \brief ChaCha20-Poly1305 AEAD construction based on RFC 7539. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/check_crypto_config.h b/library/check_crypto_config.h index 6469e9f43..b7d87fe07 100644 --- a/library/check_crypto_config.h +++ b/library/check_crypto_config.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/cipher.c b/library/cipher.c index e9ad2ba96..9f9f1075c 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -6,7 +6,19 @@ * \author Adriaan de Jong * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 7e12de630..bbf57ceee 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -6,7 +6,19 @@ * \author Adriaan de Jong * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/cipher_wrap.h b/library/cipher_wrap.h index ab10aa295..c85a4efa8 100644 --- a/library/cipher_wrap.h +++ b/library/cipher_wrap.h @@ -7,7 +7,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CIPHER_WRAP_H #define MBEDTLS_CIPHER_WRAP_H diff --git a/library/cmac.c b/library/cmac.c index f40cae20c..c07968685 100644 --- a/library/cmac.c +++ b/library/cmac.c @@ -4,7 +4,19 @@ * \brief NIST SP800-38B compliant CMAC implementation for AES and 3DES * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/common.h b/library/common.h index c6ed14b68..3c472c685 100644 --- a/library/common.h +++ b/library/common.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_LIBRARY_COMMON_H diff --git a/library/constant_time.c b/library/constant_time.c index c7077c352..8b41aed19 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -2,7 +2,19 @@ * Constant-time functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index f0b2fc02f..7759ac384 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -2,7 +2,19 @@ * Constant-time functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CONSTANT_TIME_IMPL_H diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h index 61a5c6d4e..cc26edcd1 100644 --- a/library/constant_time_internal.h +++ b/library/constant_time_internal.h @@ -2,7 +2,19 @@ * Constant-time functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CONSTANT_TIME_INTERNAL_H diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index cf3816e9f..fdd753d1c 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -2,7 +2,19 @@ * CTR_DRBG implementation based on AES-256 (NIST SP 800-90) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * The NIST SP 800-90 DRBGs are described in the following publication. diff --git a/library/debug.c b/library/debug.c index c7bbd41bd..0983cb0fb 100644 --- a/library/debug.c +++ b/library/debug.c @@ -2,7 +2,19 @@ * Debugging routines * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/des.c b/library/des.c index f0032b3b5..eaddf282a 100644 --- a/library/des.c +++ b/library/des.c @@ -2,7 +2,19 @@ * FIPS-46-3 compliant Triple-DES implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * DES, on which TDES is based, was originally designed by Horst Feistel diff --git a/library/dhm.c b/library/dhm.c index 3daf0c2d4..174137d54 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -2,7 +2,19 @@ * Diffie-Hellman-Merkle key exchange * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * The following sources were referenced in the design of this implementation diff --git a/library/ecdh.c b/library/ecdh.c index e060b1883..58ef881f0 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -2,7 +2,19 @@ * Elliptic curve Diffie-Hellman * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/ecdsa.c b/library/ecdsa.c index 2f7a996a7..6e55f2205 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -2,7 +2,19 @@ * Elliptic curve DSA * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/ecjpake.c b/library/ecjpake.c index fb13a395b..6355b5ea5 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -2,7 +2,19 @@ * Elliptic curve J-PAKE * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/ecp.c b/library/ecp.c index dad744ce3..5f2a7b0c0 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -2,7 +2,19 @@ * Elliptic curves over GF(p): generic functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 577e23b7a..7b850e5e8 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -2,7 +2,19 @@ * Elliptic curves over GF(p): curve-specific data and functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/ecp_curves_new.c b/library/ecp_curves_new.c index 4ee0f5800..d431dcf24 100644 --- a/library/ecp_curves_new.c +++ b/library/ecp_curves_new.c @@ -2,7 +2,19 @@ * Elliptic curves over GF(p): curve-specific data and functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/ecp_internal_alt.h b/library/ecp_internal_alt.h index 668edc74c..f663d6737 100644 --- a/library/ecp_internal_alt.h +++ b/library/ecp_internal_alt.h @@ -6,7 +6,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/ecp_invasive.h b/library/ecp_invasive.h index ff9f9ecf1..bb3b127ff 100644 --- a/library/ecp_invasive.h +++ b/library/ecp_invasive.h @@ -9,7 +9,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_ECP_INVASIVE_H #define MBEDTLS_ECP_INVASIVE_H diff --git a/library/entropy.c b/library/entropy.c index e3bc8516e..00079176a 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -2,7 +2,19 @@ * Entropy accumulator implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/entropy_poll.c b/library/entropy_poll.c index e8c669f9c..9d5b1e652 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -2,7 +2,19 @@ * Platform-specific and custom entropy polling functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #if defined(__linux__) && !defined(_GNU_SOURCE) diff --git a/library/entropy_poll.h b/library/entropy_poll.h index 6b4aec03e..be4943cce 100644 --- a/library/entropy_poll.h +++ b/library/entropy_poll.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_ENTROPY_POLL_H #define MBEDTLS_ENTROPY_POLL_H diff --git a/library/error.c b/library/error.c index 1687e1fa0..2656e13b9 100644 --- a/library/error.c +++ b/library/error.c @@ -2,7 +2,19 @@ * Error message information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/gcm.c b/library/gcm.c index 42fd02078..c8618be7c 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -2,7 +2,19 @@ * NIST SP800-38D compliant GCM implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/hkdf.c b/library/hkdf.c index 631ac24e5..a3f071ece 100644 --- a/library/hkdf.c +++ b/library/hkdf.c @@ -2,7 +2,19 @@ * HKDF implementation -- RFC 5869 * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c index 90174d5d1..af205aacb 100644 --- a/library/hmac_drbg.c +++ b/library/hmac_drbg.c @@ -2,7 +2,19 @@ * HMAC_DRBG implementation (NIST SP 800-90) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/lmots.c b/library/lmots.c index e09e3e529..9d796943c 100644 --- a/library/lmots.c +++ b/library/lmots.c @@ -2,7 +2,19 @@ * The LM-OTS one-time public-key signature scheme * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/lmots.h b/library/lmots.h index 8e495c9dd..98d1941d5 100644 --- a/library/lmots.h +++ b/library/lmots.h @@ -8,7 +8,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_LMOTS_H diff --git a/library/lms.c b/library/lms.c index 0c470a0c3..c06f9c260 100644 --- a/library/lms.c +++ b/library/lms.c @@ -2,7 +2,19 @@ * The LMS stateful-hash public-key signature scheme * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/md.c b/library/md.c index 12a3ea237..6dfbba78d 100644 --- a/library/md.c +++ b/library/md.c @@ -6,7 +6,19 @@ * \author Adriaan de Jong * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/md5.c b/library/md5.c index e4a87a2e0..7e7e3ad9e 100644 --- a/library/md5.c +++ b/library/md5.c @@ -2,7 +2,19 @@ * RFC 1321 compliant MD5 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * The MD5 algorithm was designed by Ron Rivest in 1991. diff --git a/library/md_psa.h b/library/md_psa.h index b201263b1..8e00bb149 100644 --- a/library/md_psa.h +++ b/library/md_psa.h @@ -5,7 +5,19 @@ * PSA Crypto; it is a helper for the transition period. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_MD_PSA_H #define MBEDTLS_MD_PSA_H diff --git a/library/md_wrap.h b/library/md_wrap.h index dad123540..166b43b99 100644 --- a/library/md_wrap.h +++ b/library/md_wrap.h @@ -9,7 +9,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_MD_WRAP_H #define MBEDTLS_MD_WRAP_H diff --git a/library/memory_buffer_alloc.c b/library/memory_buffer_alloc.c index 79b0a8b8f..e5052ce5a 100644 --- a/library/memory_buffer_alloc.c +++ b/library/memory_buffer_alloc.c @@ -2,7 +2,19 @@ * Buffer-based memory allocator * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/mps_common.h b/library/mps_common.h index f9fe09988..301d52532 100644 --- a/library/mps_common.h +++ b/library/mps_common.h @@ -1,6 +1,20 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/mps_error.h b/library/mps_error.h index 016a84ce4..5113959be 100644 --- a/library/mps_error.h +++ b/library/mps_error.h @@ -1,6 +1,20 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/mps_reader.c b/library/mps_reader.c index 27d0c04c1..dc2a91cbc 100644 --- a/library/mps_reader.c +++ b/library/mps_reader.c @@ -2,7 +2,21 @@ * Message Processing Stack, Reader implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS (https://tls.mbed.org) */ #include "common.h" diff --git a/library/mps_reader.h b/library/mps_reader.h index 3193a5e33..bb912ec17 100644 --- a/library/mps_reader.h +++ b/library/mps_reader.h @@ -1,6 +1,20 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/mps_trace.c b/library/mps_trace.c index 69f6e5a0f..9ba1f85e5 100644 --- a/library/mps_trace.c +++ b/library/mps_trace.c @@ -2,7 +2,21 @@ * Message Processing Stack, Trace module * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS (https://tls.mbed.org) */ #include "common.h" diff --git a/library/mps_trace.h b/library/mps_trace.h index b456b2ffd..f8e0a5d80 100644 --- a/library/mps_trace.h +++ b/library/mps_trace.h @@ -1,6 +1,20 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS (https://tls.mbed.org) */ /** diff --git a/library/net_sockets.c b/library/net_sockets.c index 2b120c551..db80447a3 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -2,7 +2,19 @@ * TCP/IP or UDP/IP networking functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* Enable definition of getaddrinfo() even when compiling with -std=c99. Must diff --git a/library/nist_kw.c b/library/nist_kw.c index f15425b8b..7bdc807bc 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -3,7 +3,19 @@ * only * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * Definition of Key Wrapping: diff --git a/library/oid.c b/library/oid.c index 6184abe40..d139a6d0d 100644 --- a/library/oid.c +++ b/library/oid.c @@ -4,7 +4,19 @@ * \brief Object Identifier (OID) database * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/padlock.c b/library/padlock.c index 1b03069ca..563d40e7c 100644 --- a/library/padlock.c +++ b/library/padlock.c @@ -2,7 +2,19 @@ * VIA PadLock support functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * This implementation is based on the VIA PadLock Programming Guide: diff --git a/library/padlock.h b/library/padlock.h index 92d72af51..a00afe04f 100644 --- a/library/padlock.h +++ b/library/padlock.h @@ -9,7 +9,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PADLOCK_H #define MBEDTLS_PADLOCK_H diff --git a/library/pem.c b/library/pem.c index 9500ffcf7..bd269dda7 100644 --- a/library/pem.c +++ b/library/pem.c @@ -2,7 +2,19 @@ * Privacy Enhanced Mail (PEM) decoding * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/pk.c b/library/pk.c index 5a1698f12..96b8ef922 100644 --- a/library/pk.c +++ b/library/pk.c @@ -2,7 +2,19 @@ * Public Key abstraction layer * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/pk_internal.h b/library/pk_internal.h index 26373a3d1..004660e09 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -6,7 +6,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PK_INTERNAL_H #define MBEDTLS_PK_INTERNAL_H diff --git a/library/pk_wrap.c b/library/pk_wrap.c index b5b460399..4a3fef7ce 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -2,7 +2,19 @@ * Public Key abstraction layer: wrapper functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/pk_wrap.h b/library/pk_wrap.h index 28c815a77..b1e02180a 100644 --- a/library/pk_wrap.h +++ b/library/pk_wrap.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PK_WRAP_H diff --git a/library/pkcs12.c b/library/pkcs12.c index 374e8e81c..dd3a24037 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -2,7 +2,19 @@ * PKCS#12 Personal Information Exchange Syntax * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * The PKCS #12 Personal Information Exchange Syntax Standard v1.1 diff --git a/library/pkcs5.c b/library/pkcs5.c index c4572331f..2756d058e 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -6,7 +6,19 @@ * \author Mathias Olsson * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * PKCS#5 includes PBKDF2 and more diff --git a/library/pkcs7.c b/library/pkcs7.c index 36b49f53b..cf05afd2c 100644 --- a/library/pkcs7.c +++ b/library/pkcs7.c @@ -1,6 +1,18 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/pkparse.c b/library/pkparse.c index b8e3c741e..e1422df77 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -2,7 +2,19 @@ * Public Key layer for parsing key files and structures * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/pkwrite.c b/library/pkwrite.c index 260bbd4c4..03db1454a 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -2,7 +2,19 @@ * Public Key layer for writing key files and structures * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/pkwrite.h b/library/pkwrite.h index 544ab2f32..8cfa64b8e 100644 --- a/library/pkwrite.h +++ b/library/pkwrite.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PK_WRITE_H diff --git a/library/platform.c b/library/platform.c index 890c4cbab..b15b7b29a 100644 --- a/library/platform.c +++ b/library/platform.c @@ -2,7 +2,19 @@ * Platform abstraction layer * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/platform_util.c b/library/platform_util.c index 1f15260c2..09216edfb 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -3,7 +3,19 @@ * library. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/poly1305.c b/library/poly1305.c index c9ebe9e1d..f4e1d3f88 100644 --- a/library/poly1305.c +++ b/library/poly1305.c @@ -4,7 +4,19 @@ * \brief Poly1305 authentication algorithm. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 54b578ab7..1faf1dd6c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c index b7ddbf5ba..85d1f39be 100644 --- a/library/psa_crypto_aead.c +++ b/library/psa_crypto_aead.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_crypto_aead.h b/library/psa_crypto_aead.h index a3392199f..4b24b0f68 100644 --- a/library/psa_crypto_aead.h +++ b/library/psa_crypto_aead.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_AEAD_H diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c index 977ca1c07..b997a07cf 100644 --- a/library/psa_crypto_cipher.c +++ b/library/psa_crypto_cipher.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h index 2478d5860..bf43ff08a 100644 --- a/library/psa_crypto_cipher.h +++ b/library/psa_crypto_cipher.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_CIPHER_H diff --git a/library/psa_crypto_client.c b/library/psa_crypto_client.c index 564463fed..c3234275a 100644 --- a/library/psa_crypto_client.c +++ b/library/psa_crypto_client.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 304075ade..575f302d4 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_CORE_H diff --git a/library/psa_crypto_core_common.h b/library/psa_crypto_core_common.h index 98fce2cca..dd72ab162 100644 --- a/library/psa_crypto_core_common.h +++ b/library/psa_crypto_core_common.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_CORE_COMMON_H diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index c05e43c30..6ab959769 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -4,7 +4,19 @@ * Warning: This file is now auto-generated. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ diff --git a/library/psa_crypto_driver_wrappers_no_static.c b/library/psa_crypto_driver_wrappers_no_static.c index 66a6059bb..de1511bad 100644 --- a/library/psa_crypto_driver_wrappers_no_static.c +++ b/library/psa_crypto_driver_wrappers_no_static.c @@ -4,7 +4,19 @@ * Warning: This file is now auto-generated. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ diff --git a/library/psa_crypto_driver_wrappers_no_static.h b/library/psa_crypto_driver_wrappers_no_static.h index cd617f60e..4985403cd 100644 --- a/library/psa_crypto_driver_wrappers_no_static.h +++ b/library/psa_crypto_driver_wrappers_no_static.h @@ -3,7 +3,19 @@ * cryptographic accelerators. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_DRIVER_WRAPPERS_NO_STATIC_H diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index e4a372d24..5c7786504 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h index a9f5d59de..f4ad3d277 100644 --- a/library/psa_crypto_ecp.h +++ b/library/psa_crypto_ecp.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_ECP_H diff --git a/library/psa_crypto_ffdh.c b/library/psa_crypto_ffdh.c index a57f02e5e..20dfd2dcf 100644 --- a/library/psa_crypto_ffdh.c +++ b/library/psa_crypto_ffdh.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_crypto_ffdh.h b/library/psa_crypto_ffdh.h index baeb9286c..67e5444fc 100644 --- a/library/psa_crypto_ffdh.h +++ b/library/psa_crypto_ffdh.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_FFDH_H diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index eeb7666c1..dad182616 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h index 0a7be8055..2dfb0115e 100644 --- a/library/psa_crypto_hash.h +++ b/library/psa_crypto_hash.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_HASH_H diff --git a/library/psa_crypto_invasive.h b/library/psa_crypto_invasive.h index 6897bdd66..a900dd8ff 100644 --- a/library/psa_crypto_invasive.h +++ b/library/psa_crypto_invasive.h @@ -10,7 +10,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_INVASIVE_H diff --git a/library/psa_crypto_its.h b/library/psa_crypto_its.h index 877063b87..3ceee49be 100644 --- a/library/psa_crypto_its.h +++ b/library/psa_crypto_its.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_ITS_H diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c index 8fe621811..2f2c51dce 100644 --- a/library/psa_crypto_mac.c +++ b/library/psa_crypto_mac.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h index 2f614bcc6..4f8024a9e 100644 --- a/library/psa_crypto_mac.h +++ b/library/psa_crypto_mac.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_MAC_H diff --git a/library/psa_crypto_pake.c b/library/psa_crypto_pake.c index fc9623379..7a904d9de 100644 --- a/library/psa_crypto_pake.c +++ b/library/psa_crypto_pake.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_crypto_pake.h b/library/psa_crypto_pake.h index 3d3ee0cc9..f21b0e672 100644 --- a/library/psa_crypto_pake.h +++ b/library/psa_crypto_pake.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_PAKE_H diff --git a/library/psa_crypto_random_impl.h b/library/psa_crypto_random_impl.h index 64b894914..8719d9c70 100644 --- a/library/psa_crypto_random_impl.h +++ b/library/psa_crypto_random_impl.h @@ -12,7 +12,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_RANDOM_IMPL_H diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 0679f41ea..065e55af1 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_crypto_rsa.h b/library/psa_crypto_rsa.h index e4c5caf6f..bc24ef5d5 100644 --- a/library/psa_crypto_rsa.h +++ b/library/psa_crypto_rsa.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_RSA_H diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 7a36a4f3a..9db3dedce 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h index ebe378989..a1e5e0922 100644 --- a/library/psa_crypto_se.h +++ b/library/psa_crypto_se.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_SE_H diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 3b8a319cb..92646c07c 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 6041a3528..c8366abeb 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_SLOT_MANAGEMENT_H diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 13a3c8a90..574d4b05e 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h index b6b5e154a..37ca46e28 100644 --- a/library/psa_crypto_storage.h +++ b/library/psa_crypto_storage.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_STORAGE_H diff --git a/library/psa_its_file.c b/library/psa_its_file.c index 3f32d7d4e..97486165e 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_util.c b/library/psa_util.c index 0225bbf02..dd5e13455 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/psa_util_internal.h b/library/psa_util_internal.h index fcc79aef4..4a36dbf88 100644 --- a/library/psa_util_internal.h +++ b/library/psa_util_internal.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PSA_UTIL_INTERNAL_H diff --git a/library/ripemd160.c b/library/ripemd160.c index b4fc3cdba..49fee8579 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -2,7 +2,19 @@ * RIPE MD-160 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/rsa.c b/library/rsa.c index db0b0f74f..3c538bf43 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2,7 +2,19 @@ * The RSA public-key cryptosystem * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/rsa_alt_helpers.c b/library/rsa_alt_helpers.c index 5c265a992..5cc4636e4 100644 --- a/library/rsa_alt_helpers.c +++ b/library/rsa_alt_helpers.c @@ -2,7 +2,19 @@ * Helper functions for the RSA module * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. * */ diff --git a/library/rsa_alt_helpers.h b/library/rsa_alt_helpers.h index ca0840b2a..3b22ba853 100644 --- a/library/rsa_alt_helpers.h +++ b/library/rsa_alt_helpers.h @@ -36,7 +36,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. * */ diff --git a/library/sha1.c b/library/sha1.c index dfbe481f3..28a57b644 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -2,7 +2,19 @@ * FIPS-180-1 compliant SHA-1 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * The SHA-1 standard was published by NIST in 1993. diff --git a/library/sha256.c b/library/sha256.c index 31afec258..223badf00 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -2,7 +2,19 @@ * FIPS-180-2 compliant SHA-256 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * The SHA-256 Secure Hash Standard was published by NIST in 2002. diff --git a/library/sha3.c b/library/sha3.c index d90fefaea..4c1a1a9d4 100644 --- a/library/sha3.c +++ b/library/sha3.c @@ -2,7 +2,19 @@ * FIPS-202 compliant SHA3 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * The SHA-3 Secure Hash Standard was published by NIST in 2015. diff --git a/library/sha512.c b/library/sha512.c index e7af12175..e739af254 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -2,7 +2,19 @@ * FIPS-180-2 compliant SHA-384/512 implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * The SHA-512 Secure Hash Standard was published by NIST in 2002. diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 772cb8fdf..929c28bec 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -2,7 +2,19 @@ * SSL session cache implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * These session callbacks use a simple chained list diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 555d5db5e..736b1423b 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -4,7 +4,19 @@ * \brief SSL ciphersuites for Mbed TLS * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/ssl_client.c b/library/ssl_client.c index 7a7840662..1a56f1ebe 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -2,7 +2,21 @@ * TLS 1.2 and 1.3 client-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS ( https://tls.mbed.org ) */ #include "common.h" diff --git a/library/ssl_client.h b/library/ssl_client.h index 05ee7e4cc..f57bea33f 100644 --- a/library/ssl_client.h +++ b/library/ssl_client.h @@ -2,7 +2,19 @@ * TLS 1.2 and 1.3 client-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_SSL_CLIENT_H diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index ee81eb420..098acedd3 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -2,7 +2,19 @@ * DTLS cookie callbacks implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * These session callbacks use a simple chained list diff --git a/library/ssl_debug_helpers.h b/library/ssl_debug_helpers.h index 2b0e73772..5c22ed221 100644 --- a/library/ssl_debug_helpers.h +++ b/library/ssl_debug_helpers.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_SSL_DEBUG_HELPERS_H diff --git a/library/ssl_debug_helpers_generated.c b/library/ssl_debug_helpers_generated.c index d2cb2bed4..a8cca54c8 100644 --- a/library/ssl_debug_helpers_generated.c +++ b/library/ssl_debug_helpers_generated.c @@ -7,7 +7,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/ssl_misc.h b/library/ssl_misc.h index e4d20d6d6..a99bb3343 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_SSL_MISC_H #define MBEDTLS_SSL_MISC_H diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 933e25d94..c312d816e 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -3,7 +3,19 @@ * (record layer + retransmission state machine) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * http://www.ietf.org/rfc/rfc2246.txt diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 875abcbb3..1adaa07fe 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -2,7 +2,19 @@ * TLS server tickets callbacks implementation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/ssl_tls.c b/library/ssl_tls.c index cfb279818..fc3fb85d7 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2,7 +2,19 @@ * TLS shared functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * http://www.ietf.org/rfc/rfc2246.txt diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 9aa46bd15..27bbafa06 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -2,7 +2,19 @@ * TLS client-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 0a592d8c0..6ebd5064f 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -2,7 +2,19 @@ * TLS server-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 58226ebd2..d018bee74 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2,7 +2,21 @@ * TLS 1.3 client-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of Mbed TLS ( https://tls.mbed.org ) */ #include "common.h" diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 5db4ff0a8..7072677f1 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -2,7 +2,19 @@ * TLS 1.3 functionality shared between client and server * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/ssl_tls13_invasive.h b/library/ssl_tls13_invasive.h index b4506f71c..3fb79a95d 100644 --- a/library/ssl_tls13_invasive.h +++ b/library/ssl_tls13_invasive.h @@ -1,6 +1,18 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_SSL_TLS13_INVASIVE_H diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index b64f9b026..afd84a974 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -2,7 +2,7 @@ * TLS 1.3 key schedule * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 ( the "License" ); you may * not use this file except in compliance with the License. diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h index d3a4c6c99..21e9b4d73 100644 --- a/library/ssl_tls13_keys.h +++ b/library/ssl_tls13_keys.h @@ -2,7 +2,19 @@ * TLS 1.3 key schedule * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 ( the "License" ); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #if !defined(MBEDTLS_SSL_TLS1_3_KEYS_H) #define MBEDTLS_SSL_TLS1_3_KEYS_H diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 04c7d0c36..89bba04b3 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2,7 +2,19 @@ * TLS 1.3 server-side functions * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/threading.c b/library/threading.c index 52fe8fca9..130c6963d 100644 --- a/library/threading.c +++ b/library/threading.c @@ -2,7 +2,19 @@ * Threading abstraction layer * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/library/timing.c b/library/timing.c index 58f1c1ec2..6852033ea 100644 --- a/library/timing.c +++ b/library/timing.c @@ -2,7 +2,19 @@ * Portable interface to the CPU cycle counter * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/version.c b/library/version.c index 04397332b..4f78c9cb1 100644 --- a/library/version.c +++ b/library/version.c @@ -2,7 +2,19 @@ * Version information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/version_features.c b/library/version_features.c index b48f4f6da..a89cef997 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -2,7 +2,19 @@ * Version feature information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/x509.c b/library/x509.c index b7b71f33c..990393c31 100644 --- a/library/x509.c +++ b/library/x509.c @@ -2,7 +2,19 @@ * X.509 common functions for parsing and verification * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * The ITU-T X.509 standard defines a certificate format for PKI. diff --git a/library/x509_create.c b/library/x509_create.c index 5e732d67f..2583cdd0f 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -2,7 +2,19 @@ * X.509 base functions for creating certificates / CSRs * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/library/x509_crl.c b/library/x509_crl.c index cad784eeb..79ace8fa0 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -2,7 +2,19 @@ * X.509 Certificate Revocation List (CRL) parsing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * The ITU-T X.509 standard defines a certificate format for PKI. diff --git a/library/x509_crt.c b/library/x509_crt.c index f41eb47d7..e9153e710 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -2,7 +2,19 @@ * X.509 certificate parsing and verification * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * The ITU-T X.509 standard defines a certificate format for PKI. diff --git a/library/x509_csr.c b/library/x509_csr.c index b48b3a4ac..0b2bb6f3b 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -2,7 +2,19 @@ * X.509 Certificate Signing Request (CSR) parsing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * The ITU-T X.509 standard defines a certificate format for PKI. diff --git a/library/x509write.c b/library/x509write.c index e0331b128..cd3c7394d 100644 --- a/library/x509write.c +++ b/library/x509write.c @@ -2,7 +2,19 @@ * X.509 internal, common functions for writing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" #if defined(MBEDTLS_X509_CSR_WRITE_C) || defined(MBEDTLS_X509_CRT_WRITE_C) diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 4c019eee4..a8a3022cb 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -2,7 +2,19 @@ * X.509 certificate writing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * References: diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 4e397553a..d996052ba 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -2,7 +2,19 @@ * X.509 Certificate Signing Request writing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* * References: diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index 226718bc6..1d9b522a3 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -3,7 +3,19 @@ * security. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* Enable definition of fileno() even when compiling with -std=c99. Must be diff --git a/programs/cipher/cipher_aead_demo.c b/programs/cipher/cipher_aead_demo.c index 853ec202c..ce3925628 100644 --- a/programs/cipher/cipher_aead_demo.c +++ b/programs/cipher/cipher_aead_demo.c @@ -25,7 +25,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/hash/generic_sum.c b/programs/hash/generic_sum.c index 3fd2b0089..995694af0 100644 --- a/programs/hash/generic_sum.c +++ b/programs/hash/generic_sum.c @@ -2,7 +2,19 @@ * generic message digest layer demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/hash/hello.c b/programs/hash/hello.c index 8caae8851..7bb27ad4a 100644 --- a/programs/hash/hello.c +++ b/programs/hash/hello.c @@ -2,7 +2,19 @@ * Classic "Hello, world" demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/hash/md_hmac_demo.c b/programs/hash/md_hmac_demo.c index 581816a1d..4c812fbd8 100644 --- a/programs/hash/md_hmac_demo.c +++ b/programs/hash/md_hmac_demo.c @@ -20,7 +20,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 946e049d7..5a2c30fc2 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -2,7 +2,19 @@ * Diffie-Hellman-Merkle key exchange (client side) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/dh_genprime.c b/programs/pkey/dh_genprime.c index 6872e61e3..1f4cd59ee 100644 --- a/programs/pkey/dh_genprime.c +++ b/programs/pkey/dh_genprime.c @@ -2,7 +2,19 @@ * Diffie-Hellman-Merkle key exchange (prime generation) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index adddbf2fb..c940be0c0 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -2,7 +2,19 @@ * Diffie-Hellman-Merkle key exchange (server side) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/ecdh_curve25519.c b/programs/pkey/ecdh_curve25519.c index fedfcc9fe..980441707 100644 --- a/programs/pkey/ecdh_curve25519.c +++ b/programs/pkey/ecdh_curve25519.c @@ -2,7 +2,19 @@ * Example ECDHE with Curve25519 program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index afd6fb31a..953c14450 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -2,7 +2,19 @@ * Example ECDSA program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index f6bb23787..99e88505c 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -2,7 +2,19 @@ * Key generation application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 194c4102d..cd16e3320 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -2,7 +2,19 @@ * Key reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index c07c56464..179094cb5 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -2,7 +2,19 @@ * Key writing application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/mpi_demo.c b/programs/pkey/mpi_demo.c index e83aa3259..88d745e92 100644 --- a/programs/pkey/mpi_demo.c +++ b/programs/pkey/mpi_demo.c @@ -2,7 +2,19 @@ * Simple MPI demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c index b8f7943d6..f60c946ed 100644 --- a/programs/pkey/pk_decrypt.c +++ b/programs/pkey/pk_decrypt.c @@ -2,7 +2,19 @@ * Public key-based simple decryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/pk_encrypt.c b/programs/pkey/pk_encrypt.c index a916bc6e2..04e5cc702 100644 --- a/programs/pkey/pk_encrypt.c +++ b/programs/pkey/pk_encrypt.c @@ -2,7 +2,19 @@ * RSA simple data encryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c index 59347addb..57bd796c8 100644 --- a/programs/pkey/pk_sign.c +++ b/programs/pkey/pk_sign.c @@ -2,7 +2,19 @@ * Public key-based signature creation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c index 3127df540..bca985b14 100644 --- a/programs/pkey/pk_verify.c +++ b/programs/pkey/pk_verify.c @@ -2,7 +2,19 @@ * Public key-based signature verification program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c index 76bfddf5c..0462ba697 100644 --- a/programs/pkey/rsa_decrypt.c +++ b/programs/pkey/rsa_decrypt.c @@ -2,7 +2,19 @@ * RSA simple decryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index 4bbb54e7d..2126a9b9b 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -2,7 +2,19 @@ * RSA simple data encryption program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_genkey.c b/programs/pkey/rsa_genkey.c index dc58215f7..17f6d6591 100644 --- a/programs/pkey/rsa_genkey.c +++ b/programs/pkey/rsa_genkey.c @@ -2,7 +2,19 @@ * Example RSA key generation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index 9d8ebe39a..64375e9e7 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -2,7 +2,19 @@ * RSA/SHA-256 signature creation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index 3a1f7473b..999669e66 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -2,7 +2,19 @@ * RSASSA-PSS/SHA-256 signature creation program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index e7d72fd52..d525010df 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -2,7 +2,19 @@ * RSA/SHA-256 signature verification program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index afbbfa9d4..8a1fb5908 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -2,7 +2,19 @@ * RSASSA-PSS/SHA-256 signature verification program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/psa/aead_demo.c b/programs/psa/aead_demo.c index 619166dba..0c2413e61 100644 --- a/programs/psa/aead_demo.c +++ b/programs/psa/aead_demo.c @@ -26,7 +26,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c index b755f09ef..3f109d839 100644 --- a/programs/psa/crypto_examples.c +++ b/programs/psa/crypto_examples.c @@ -1,6 +1,18 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "psa/crypto.h" diff --git a/programs/psa/hmac_demo.c b/programs/psa/hmac_demo.c index 205505407..f25cdeb83 100644 --- a/programs/psa/hmac_demo.c +++ b/programs/psa/hmac_demo.c @@ -20,7 +20,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c index 2734ceb7f..a79fac640 100644 --- a/programs/psa/key_ladder_demo.c +++ b/programs/psa/key_ladder_demo.c @@ -32,7 +32,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* First include Mbed TLS headers to get the Mbed TLS configuration and diff --git a/programs/psa/key_ladder_demo.sh b/programs/psa/key_ladder_demo.sh index 9d62228b4..e21d1abf0 100755 --- a/programs/psa/key_ladder_demo.sh +++ b/programs/psa/key_ladder_demo.sh @@ -1,7 +1,19 @@ #!/bin/sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. set -e -u diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index 0baf4a065..88426854d 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -1,6 +1,18 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/programs/random/gen_entropy.c b/programs/random/gen_entropy.c index 887b2c988..cc3217169 100644 --- a/programs/random/gen_entropy.c +++ b/programs/random/gen_entropy.c @@ -2,7 +2,19 @@ * \brief Use and generate multiple entropies calls into a file * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/random/gen_random_ctr_drbg.c b/programs/random/gen_random_ctr_drbg.c index 0eecf0ad4..e1db16eeb 100644 --- a/programs/random/gen_random_ctr_drbg.c +++ b/programs/random/gen_random_ctr_drbg.c @@ -2,7 +2,19 @@ * \brief Use and generate random data into a file via the CTR_DBRG based on AES * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/dtls_client.c b/programs/ssl/dtls_client.c index ddb3c34b9..f0abcabc7 100644 --- a/programs/ssl/dtls_client.c +++ b/programs/ssl/dtls_client.c @@ -2,7 +2,19 @@ * Simple DTLS client demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c index 732625e7f..b11a4f5b4 100644 --- a/programs/ssl/dtls_server.c +++ b/programs/ssl/dtls_server.c @@ -2,7 +2,19 @@ * Simple DTLS server demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/mini_client.c b/programs/ssl/mini_client.c index 6bef2085c..e8f4797b8 100644 --- a/programs/ssl/mini_client.c +++ b/programs/ssl/mini_client.c @@ -3,7 +3,19 @@ * (meant to be used with config-suite-b.h or config-ccm-psk-tls1_2.h) * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index ee734b1ed..259b8f930 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -2,7 +2,19 @@ * SSL client demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index b41c45e7c..7c2c818d8 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -2,7 +2,19 @@ * SSL client with certificate authentication * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index d809aa958..855b0911f 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -2,7 +2,19 @@ * MbedTLS SSL context deserializer from base64 code * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c index f4822b7e6..6734a14d9 100644 --- a/programs/ssl/ssl_fork_server.c +++ b/programs/ssl/ssl_fork_server.c @@ -2,7 +2,19 @@ * SSL server demonstration program using fork() for handling multiple clients * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index febb881c8..1e648e8af 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -2,7 +2,19 @@ * SSL client for SMTP servers * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* Enable definition of gethostname() even when compiling with -std=c99. Must diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index fcb8f2f4d..12d3057b4 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -3,7 +3,19 @@ * clients. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 6becf8d91..ad82567f4 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -2,7 +2,19 @@ * SSL server demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 72c3dd49d..0efcb7f9a 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2,7 +2,19 @@ * SSL client with options * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index 1ff2077d4..67fc06115 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -9,7 +9,19 @@ * This file is meant to be #include'd and cannot be compiled separately. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ void eap_tls_key_derivation(void *p_expkey, diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c index 6e0c6153f..aea056b68 100644 --- a/programs/ssl/ssl_test_lib.c +++ b/programs/ssl/ssl_test_lib.c @@ -5,7 +5,19 @@ * that cannot be compiled separately in "ssl_test_common_source.c". * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/ssl/ssl_test_lib.h b/programs/ssl/ssl_test_lib.h index d06e0997d..ef0dba718 100644 --- a/programs/ssl/ssl_test_lib.h +++ b/programs/ssl/ssl_test_lib.h @@ -2,7 +2,19 @@ * Common code for SSL test programs * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PROGRAMS_SSL_SSL_TEST_LIB_H diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index a6de92cf5..ecc4e94a6 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -2,7 +2,19 @@ * Benchmark demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/test/cmake_package/cmake_package.c b/programs/test/cmake_package/cmake_package.c index 729800ad8..86e10776c 100644 --- a/programs/test/cmake_package/cmake_package.c +++ b/programs/test/cmake_package/cmake_package.c @@ -2,7 +2,19 @@ * Simple program to test that Mbed TLS builds correctly as a CMake package. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/test/cmake_package_install/cmake_package_install.c b/programs/test/cmake_package_install/cmake_package_install.c index 44a2adadf..9aa4c3b1d 100644 --- a/programs/test/cmake_package_install/cmake_package_install.c +++ b/programs/test/cmake_package_install/cmake_package_install.c @@ -3,7 +3,19 @@ * package. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/test/cmake_subproject/cmake_subproject.c b/programs/test/cmake_subproject/cmake_subproject.c index 8b4f18e28..d56b9a9cb 100644 --- a/programs/test/cmake_subproject/cmake_subproject.c +++ b/programs/test/cmake_subproject/cmake_subproject.c @@ -3,7 +3,19 @@ * work correctly. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/test/dlopen.c b/programs/test/dlopen.c index f24125423..2dcda3bb2 100644 --- a/programs/test/dlopen.c +++ b/programs/test/dlopen.c @@ -2,7 +2,19 @@ * Test dynamic loading of libmbed* * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/test/dlopen_demo.sh b/programs/test/dlopen_demo.sh index 7b8868801..a6a9022fc 100755 --- a/programs/test/dlopen_demo.sh +++ b/programs/test/dlopen_demo.sh @@ -4,7 +4,19 @@ # This is only expected to work when Mbed TLS is built as a shared library. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. set -e -u diff --git a/programs/test/generate_cpp_dummy_build.sh b/programs/test/generate_cpp_dummy_build.sh index 0b4bd0b7b..a55051652 100755 --- a/programs/test/generate_cpp_dummy_build.sh +++ b/programs/test/generate_cpp_dummy_build.sh @@ -14,7 +14,19 @@ EOF fi # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. set -e @@ -29,8 +41,19 @@ print_cpp () { * can be included and built with a C++ compiler. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/test/query_compile_time_config.c b/programs/test/query_compile_time_config.c index a70e6daef..df0fe4a70 100644 --- a/programs/test/query_compile_time_config.c +++ b/programs/test/query_compile_time_config.c @@ -2,7 +2,19 @@ * Query the Mbed TLS compile time configuration * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 4b851210f..cb92f256b 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -2,7 +2,19 @@ * Query Mbed TLS compile time configurations from mbedtls_config.h * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/test/query_config.h b/programs/test/query_config.h index 43f120bf0..ade73d080 100644 --- a/programs/test/query_config.h +++ b/programs/test/query_config.h @@ -2,7 +2,19 @@ * Query Mbed TLS compile time configurations from mbedtls_config.h * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_PROGRAMS_TEST_QUERY_CONFIG_H diff --git a/programs/test/query_included_headers.c b/programs/test/query_included_headers.c index cdafa1620..383a2ffc8 100644 --- a/programs/test/query_included_headers.c +++ b/programs/test/query_included_headers.c @@ -1,7 +1,19 @@ /* Ad hoc report on included headers. */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 61dde5ed1..cc5e00ed3 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -2,7 +2,19 @@ * Self-test demonstration program * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index c6b56ec09..685e336e6 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -2,7 +2,19 @@ * UDP proxy: emulate an unreliable UDP connection for DTLS testing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/programs/test/udp_proxy_wrapper.sh b/programs/test/udp_proxy_wrapper.sh index aa6a6d10f..27de01390 100755 --- a/programs/test/udp_proxy_wrapper.sh +++ b/programs/test/udp_proxy_wrapper.sh @@ -3,7 +3,19 @@ # Usage: udp_proxy_wrapper.sh [PROXY_PARAM...] -- [SERVER_PARAM...] # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. set -u diff --git a/programs/test/zeroize.c b/programs/test/zeroize.c index 1e9b98d71..b7842c4ef 100644 --- a/programs/test/zeroize.c +++ b/programs/test/zeroize.c @@ -10,7 +10,19 @@ * call to mbedtls_platform_zeroize() was not eliminated. * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/util/pem2der.c b/programs/util/pem2der.c index d682c2b06..5dd367a0c 100644 --- a/programs/util/pem2der.c +++ b/programs/util/pem2der.c @@ -2,7 +2,19 @@ * Convert PEM to DER * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/util/strerror.c b/programs/util/strerror.c index 316f28614..4bfd8a1c2 100644 --- a/programs/util/strerror.c +++ b/programs/util/strerror.c @@ -2,7 +2,19 @@ * Translate error code to error string * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/wince_main.c b/programs/wince_main.c index e817b9f5f..be98eae5e 100644 --- a/programs/wince_main.c +++ b/programs/wince_main.c @@ -2,7 +2,19 @@ * Windows CE console application entry point * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #if defined(_WIN32_WCE) diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index cb1e5bc4e..51a79ecb5 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -2,7 +2,19 @@ * Certificate reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index cb908923c..558d8cc73 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -2,7 +2,19 @@ * Certificate request generation * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index e2f5dacbd..40b1871f3 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -2,7 +2,19 @@ * Certificate generation and signing * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/x509/crl_app.c b/programs/x509/crl_app.c index 5e3fd5a94..6c671ff3f 100644 --- a/programs/x509/crl_app.c +++ b/programs/x509/crl_app.c @@ -2,7 +2,19 @@ * CRL reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/programs/x509/load_roots.c b/programs/x509/load_roots.c index f0e6acf25..d024e9822 100644 --- a/programs/x509/load_roots.c +++ b/programs/x509/load_roots.c @@ -3,6 +3,45 @@ * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * + * This file is provided under the Apache License 2.0, or the + * GNU General Public License v2.0 or later. + * + * ********** + * Apache License 2.0: + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ********** + * + * ********** + * GNU General Public License v2.0 or later: + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + * ********** */ #include "mbedtls/build_info.h" diff --git a/programs/x509/req_app.c b/programs/x509/req_app.c index fff0983f0..64b9f0bb2 100644 --- a/programs/x509/req_app.c +++ b/programs/x509/req_app.c @@ -2,7 +2,19 @@ * Certificate request reading application * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/scripts/abi_check.py b/scripts/abi_check.py index 8a604c4e2..ac1d60ffd 100755 --- a/scripts/abi_check.py +++ b/scripts/abi_check.py @@ -84,7 +84,19 @@ function name and parameter list. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import glob import os diff --git a/scripts/apidoc_full.sh b/scripts/apidoc_full.sh index 34daf37b5..cf01e1f8e 100755 --- a/scripts/apidoc_full.sh +++ b/scripts/apidoc_full.sh @@ -8,7 +8,19 @@ # when multiple targets are invoked in the same parallel build. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. set -eu diff --git a/scripts/assemble_changelog.py b/scripts/assemble_changelog.py index dcdf9fc2f..f3aca7070 100755 --- a/scripts/assemble_changelog.py +++ b/scripts/assemble_changelog.py @@ -19,7 +19,19 @@ You must run this program from within a git working directory. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import argparse from collections import OrderedDict, namedtuple diff --git a/scripts/bump_version.sh b/scripts/bump_version.sh index 86ed74ead..19d90bce7 100755 --- a/scripts/bump_version.sh +++ b/scripts/bump_version.sh @@ -1,7 +1,19 @@ #!/bin/bash # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Purpose # diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py index 3f8a4ed8d..53d859edf 100755 --- a/scripts/code_size_compare.py +++ b/scripts/code_size_compare.py @@ -9,7 +9,19 @@ Note: must be run from Mbed TLS root. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import argparse import logging diff --git a/scripts/code_style.py b/scripts/code_style.py index 08ec4af42..ddd0a9800 100755 --- a/scripts/code_style.py +++ b/scripts/code_style.py @@ -4,7 +4,19 @@ This script must be run from the root of a Git work tree containing Mbed TLS. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import argparse import os import re diff --git a/scripts/config.pl b/scripts/config.pl index ca02b9046..5dd89d225 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -2,8 +2,19 @@ # Backward compatibility redirection ## Copyright The Mbed TLS Contributors -## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +## SPDX-License-Identifier: Apache-2.0 ## +## Licensed under the Apache License, Version 2.0 (the "License"); you may +## not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. my $py = $0; $py =~ s/\.pl$/.py/ or die "Unable to determine the name of the Python script"; diff --git a/scripts/config.py b/scripts/config.py index d48c73a10..17fbe653a 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -13,8 +13,19 @@ Basic usage, to read the Mbed TLS configuration: # in parts that are not backported to 2.28. ## Copyright The Mbed TLS Contributors -## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +## SPDX-License-Identifier: Apache-2.0 ## +## Licensed under the Apache License, Version 2.0 (the "License"); you may +## not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. import os import re diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja index e31a292d8..de16284bd 100644 --- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja +++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja @@ -4,7 +4,19 @@ * Warning: This file is now auto-generated. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja index 2aae62850..dbe424c03 100644 --- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja +++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja @@ -4,7 +4,19 @@ * Warning: This file is now auto-generated. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ diff --git a/scripts/data_files/error.fmt b/scripts/data_files/error.fmt index 781e72a91..077500302 100644 --- a/scripts/data_files/error.fmt +++ b/scripts/data_files/error.fmt @@ -2,7 +2,19 @@ * Error message information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt index b60aba010..e7e6fc602 100644 --- a/scripts/data_files/query_config.fmt +++ b/scripts/data_files/query_config.fmt @@ -2,7 +2,19 @@ * Query Mbed TLS compile time configurations from mbedtls_config.h * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "mbedtls/build_info.h" diff --git a/scripts/data_files/version_features.fmt b/scripts/data_files/version_features.fmt index d820d4d1a..0e4059760 100644 --- a/scripts/data_files/version_features.fmt +++ b/scripts/data_files/version_features.fmt @@ -2,7 +2,19 @@ * Version feature information * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/scripts/ecc-heap.sh b/scripts/ecc-heap.sh index 3eb2ff449..43fc7dfa1 100755 --- a/scripts/ecc-heap.sh +++ b/scripts/ecc-heap.sh @@ -8,7 +8,19 @@ # scripts/ecc-heap.sh | tee ecc-heap.log # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. set -eu diff --git a/scripts/ecp_comb_table.py b/scripts/ecp_comb_table.py index 6146e881c..6719be1c3 100755 --- a/scripts/ecp_comb_table.py +++ b/scripts/ecp_comb_table.py @@ -7,7 +7,19 @@ can use this script to generate codes to define `_T` in ecp_curves.c """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import os import subprocess diff --git a/scripts/footprint.sh b/scripts/footprint.sh index 614a49309..ae95db4a1 100755 --- a/scripts/footprint.sh +++ b/scripts/footprint.sh @@ -1,7 +1,19 @@ #!/bin/sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Purpose # diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py index 2fdc4cd0b..e0f282792 100755 --- a/scripts/generate_driver_wrappers.py +++ b/scripts/generate_driver_wrappers.py @@ -7,7 +7,19 @@ based on template files in script/data_files/driver_templates/. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import sys import os diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 0134c94f0..664a349e9 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -6,7 +6,19 @@ # or generate_errors.pl include_dir data_dir error_file # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. use strict; use warnings; diff --git a/scripts/generate_features.pl b/scripts/generate_features.pl index cea8c115a..49cca2ec3 100755 --- a/scripts/generate_features.pl +++ b/scripts/generate_features.pl @@ -1,7 +1,19 @@ #!/usr/bin/env perl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. use strict; diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index f13b507d0..960a07986 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -12,7 +12,19 @@ file is written: """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import os import sys diff --git a/scripts/generate_query_config.pl b/scripts/generate_query_config.pl index 39743da6d..69eca8344 100755 --- a/scripts/generate_query_config.pl +++ b/scripts/generate_query_config.pl @@ -19,7 +19,19 @@ # generate_query_config.pl mbedtls_config_file psa_crypto_config_file template_file output_file # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. use strict; diff --git a/scripts/generate_ssl_debug_helpers.py b/scripts/generate_ssl_debug_helpers.py index a0544f153..19be41521 100755 --- a/scripts/generate_ssl_debug_helpers.py +++ b/scripts/generate_ssl_debug_helpers.py @@ -8,7 +8,19 @@ implemented by fixed codes. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import sys import re import os @@ -344,8 +356,19 @@ OUTPUT_C_TEMPLATE = '''\ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index 7f5609820..4fad322a6 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -7,7 +7,19 @@ # Takes no argument. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. use warnings; use strict; diff --git a/scripts/lcov.sh b/scripts/lcov.sh index 7d23636b7..6bba02fd2 100755 --- a/scripts/lcov.sh +++ b/scripts/lcov.sh @@ -26,7 +26,19 @@ EOF } # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. set -eu diff --git a/scripts/massif_max.pl b/scripts/massif_max.pl index 52ca606b5..eaf56aee7 100755 --- a/scripts/massif_max.pl +++ b/scripts/massif_max.pl @@ -3,7 +3,19 @@ # Parse a massif.out.xxx file and output peak total memory usage # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. use warnings; use strict; diff --git a/scripts/mbedtls_dev/asymmetric_key_data.py b/scripts/mbedtls_dev/asymmetric_key_data.py index ef3e3a05e..6fd6223f3 100644 --- a/scripts/mbedtls_dev/asymmetric_key_data.py +++ b/scripts/mbedtls_dev/asymmetric_key_data.py @@ -4,8 +4,19 @@ Meant for use in crypto_knowledge.py. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import binascii import re diff --git a/scripts/mbedtls_dev/bignum_common.py b/scripts/mbedtls_dev/bignum_common.py index eebc858b2..3bef16db6 100644 --- a/scripts/mbedtls_dev/bignum_common.py +++ b/scripts/mbedtls_dev/bignum_common.py @@ -1,7 +1,18 @@ """Common features for bignum in test generation framework.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. from abc import abstractmethod import enum diff --git a/scripts/mbedtls_dev/bignum_core.py b/scripts/mbedtls_dev/bignum_core.py index 909f6a306..563492b29 100644 --- a/scripts/mbedtls_dev/bignum_core.py +++ b/scripts/mbedtls_dev/bignum_core.py @@ -1,7 +1,18 @@ """Framework classes for generation of bignum core test cases.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import random diff --git a/scripts/mbedtls_dev/bignum_data.py b/scripts/mbedtls_dev/bignum_data.py index 5c6c2c81e..897e31989 100644 --- a/scripts/mbedtls_dev/bignum_data.py +++ b/scripts/mbedtls_dev/bignum_data.py @@ -1,8 +1,19 @@ """Base values and datasets for bignum generated tests and helper functions that produced them.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import random diff --git a/scripts/mbedtls_dev/bignum_mod.py b/scripts/mbedtls_dev/bignum_mod.py index f554001ec..77c7b1bbd 100644 --- a/scripts/mbedtls_dev/bignum_mod.py +++ b/scripts/mbedtls_dev/bignum_mod.py @@ -1,7 +1,18 @@ """Framework classes for generation of bignum mod test cases.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. from typing import Dict, List diff --git a/scripts/mbedtls_dev/bignum_mod_raw.py b/scripts/mbedtls_dev/bignum_mod_raw.py index 37ad27a11..7121f2f49 100644 --- a/scripts/mbedtls_dev/bignum_mod_raw.py +++ b/scripts/mbedtls_dev/bignum_mod_raw.py @@ -1,7 +1,18 @@ """Framework classes for generation of bignum mod_raw test cases.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. from typing import Iterator, List diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index f63c3c828..b48a27711 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -2,8 +2,19 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import os import inspect diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py index f2cbbe4af..9bd17d608 100644 --- a/scripts/mbedtls_dev/c_build_helper.py +++ b/scripts/mbedtls_dev/c_build_helper.py @@ -2,8 +2,19 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import os import platform diff --git a/scripts/mbedtls_dev/crypto_data_tests.py b/scripts/mbedtls_dev/crypto_data_tests.py index a36de692e..7593952da 100644 --- a/scripts/mbedtls_dev/crypto_data_tests.py +++ b/scripts/mbedtls_dev/crypto_data_tests.py @@ -4,8 +4,19 @@ This module is a work in progress, only implementing a few cases for now. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import hashlib from typing import Callable, Dict, Iterator, List, Optional #pylint: disable=unused-import diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py index 285d6c638..45d253b9b 100644 --- a/scripts/mbedtls_dev/crypto_knowledge.py +++ b/scripts/mbedtls_dev/crypto_knowledge.py @@ -4,8 +4,19 @@ This module is entirely based on the PSA API. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import enum import re diff --git a/scripts/mbedtls_dev/ecp.py b/scripts/mbedtls_dev/ecp.py index b40f3b126..410c77e11 100644 --- a/scripts/mbedtls_dev/ecp.py +++ b/scripts/mbedtls_dev/ecp.py @@ -1,7 +1,18 @@ """Framework classes for generation of ecp test cases.""" # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. from typing import List diff --git a/scripts/mbedtls_dev/logging_util.py b/scripts/mbedtls_dev/logging_util.py index ddd7c7fd6..db1ebfe5c 100644 --- a/scripts/mbedtls_dev/logging_util.py +++ b/scripts/mbedtls_dev/logging_util.py @@ -2,8 +2,19 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import logging import sys diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py index d68be00bd..3cad2a3f6 100644 --- a/scripts/mbedtls_dev/macro_collector.py +++ b/scripts/mbedtls_dev/macro_collector.py @@ -2,8 +2,19 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import itertools import re diff --git a/scripts/mbedtls_dev/psa_information.py b/scripts/mbedtls_dev/psa_information.py index 32e500977..a82df41df 100644 --- a/scripts/mbedtls_dev/psa_information.py +++ b/scripts/mbedtls_dev/psa_information.py @@ -2,8 +2,19 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import re from typing import Dict, FrozenSet, List, Optional diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py index 00a8beaab..a2e4c74a4 100644 --- a/scripts/mbedtls_dev/psa_storage.py +++ b/scripts/mbedtls_dev/psa_storage.py @@ -7,8 +7,19 @@ before changing how test data is constructed or validated. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import re import struct diff --git a/scripts/mbedtls_dev/test_case.py b/scripts/mbedtls_dev/test_case.py index 6ed5e849d..8f0870367 100644 --- a/scripts/mbedtls_dev/test_case.py +++ b/scripts/mbedtls_dev/test_case.py @@ -2,8 +2,19 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import binascii import os diff --git a/scripts/mbedtls_dev/test_data_generation.py b/scripts/mbedtls_dev/test_data_generation.py index a84f7dd2f..02aa51051 100644 --- a/scripts/mbedtls_dev/test_data_generation.py +++ b/scripts/mbedtls_dev/test_data_generation.py @@ -7,8 +7,19 @@ These are used both by generate_psa_tests.py and generate_bignum_tests.py. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import argparse import os diff --git a/scripts/mbedtls_dev/typing_util.py b/scripts/mbedtls_dev/typing_util.py index 2ec448d00..4c344492c 100644 --- a/scripts/mbedtls_dev/typing_util.py +++ b/scripts/mbedtls_dev/typing_util.py @@ -2,8 +2,19 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. from typing import Any diff --git a/scripts/memory.sh b/scripts/memory.sh index d119374d5..e3ce9d6d1 100755 --- a/scripts/memory.sh +++ b/scripts/memory.sh @@ -7,7 +7,19 @@ # since for memory we want debug information. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. set -eu diff --git a/scripts/min_requirements.py b/scripts/min_requirements.py index 9888abe08..c00d58e05 100755 --- a/scripts/min_requirements.py +++ b/scripts/min_requirements.py @@ -3,7 +3,19 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import argparse import os diff --git a/scripts/output_env.sh b/scripts/output_env.sh index d3eac22bb..535613298 100755 --- a/scripts/output_env.sh +++ b/scripts/output_env.sh @@ -3,7 +3,19 @@ # output_env.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Purpose # diff --git a/scripts/prepare_release.sh b/scripts/prepare_release.sh index 7f972e070..800383d2c 100755 --- a/scripts/prepare_release.sh +++ b/scripts/prepare_release.sh @@ -12,7 +12,19 @@ EOF } # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. set -eu diff --git a/scripts/tmp_ignore_makefiles.sh b/scripts/tmp_ignore_makefiles.sh index 455f892a2..558970f54 100755 --- a/scripts/tmp_ignore_makefiles.sh +++ b/scripts/tmp_ignore_makefiles.sh @@ -4,7 +4,19 @@ # git development # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. IGNORE="" diff --git a/tests/compat-in-docker.sh b/tests/compat-in-docker.sh index e703c5723..29c87877d 100755 --- a/tests/compat-in-docker.sh +++ b/tests/compat-in-docker.sh @@ -22,7 +22,19 @@ # - compat.sh for notes about invocation of that script. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. source tests/scripts/docker_env.sh diff --git a/tests/compat.sh b/tests/compat.sh index 6abbe69e7..252736bb2 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -3,7 +3,19 @@ # compat.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Purpose # diff --git a/tests/configs/tls13-only.h b/tests/configs/tls13-only.h index d825ee92c..38286d1fd 100644 --- a/tests/configs/tls13-only.h +++ b/tests/configs/tls13-only.h @@ -7,7 +7,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* Enable TLS 1.3 and core 1.3 features */ diff --git a/tests/configs/user-config-for-test.h b/tests/configs/user-config-for-test.h index 639496be6..a9386a236 100644 --- a/tests/configs/user-config-for-test.h +++ b/tests/configs/user-config-for-test.h @@ -7,7 +7,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #if defined(PSA_CRYPTO_DRIVER_TEST_ALL) diff --git a/tests/configs/user-config-malloc-0-null.h b/tests/configs/user-config-malloc-0-null.h index fada9ee93..226f4d187 100644 --- a/tests/configs/user-config-malloc-0-null.h +++ b/tests/configs/user-config-malloc-0-null.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/configs/user-config-zeroize-memset.h b/tests/configs/user-config-zeroize-memset.h index 52d4b0833..fcdd1f099 100644 --- a/tests/configs/user-config-zeroize-memset.h +++ b/tests/configs/user-config-zeroize-memset.h @@ -4,7 +4,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/context-info.sh b/tests/context-info.sh index 55e321943..88dfcaa5e 100755 --- a/tests/context-info.sh +++ b/tests/context-info.sh @@ -3,7 +3,19 @@ # context-info.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # This program is intended for testing the ssl_context_info program # diff --git a/tests/data_files/dir-maxpath/long.sh b/tests/data_files/dir-maxpath/long.sh index 4e1fd48dc..d7d879765 100755 --- a/tests/data_files/dir-maxpath/long.sh +++ b/tests/data_files/dir-maxpath/long.sh @@ -1,7 +1,19 @@ #!/bin/sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. set -eu diff --git a/tests/data_files/print_c.pl b/tests/data_files/print_c.pl index 5f4b3d0c6..ce8ed6f8e 100755 --- a/tests/data_files/print_c.pl +++ b/tests/data_files/print_c.pl @@ -1,7 +1,19 @@ #!/usr/bin/env perl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. use strict; use warnings; diff --git a/tests/data_files/test_certs.h.jinja2 b/tests/data_files/test_certs.h.jinja2 index 4a64b3a79..92131ddc1 100644 --- a/tests/data_files/test_certs.h.jinja2 +++ b/tests/data_files/test_certs.h.jinja2 @@ -2,7 +2,19 @@ * X.509 test certificates * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* THIS FILE is generated by `tests/scripts/generate_test_cert_macros.py` */ diff --git a/tests/docker/bionic/Dockerfile b/tests/docker/bionic/Dockerfile index e4c49fac2..d44cdff25 100644 --- a/tests/docker/bionic/Dockerfile +++ b/tests/docker/bionic/Dockerfile @@ -10,7 +10,19 @@ # for the set of Docker images we use on the CI. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. ARG MAKEFLAGS_PARALLEL="" ARG MY_REGISTRY= diff --git a/tests/git-scripts/pre-push.sh b/tests/git-scripts/pre-push.sh index 9192678a5..ce43467b4 100755 --- a/tests/git-scripts/pre-push.sh +++ b/tests/git-scripts/pre-push.sh @@ -2,7 +2,19 @@ # pre-push.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Purpose # diff --git a/tests/include/alt-dummy/aes_alt.h b/tests/include/alt-dummy/aes_alt.h index dc47dd16c..21d85f1ff 100644 --- a/tests/include/alt-dummy/aes_alt.h +++ b/tests/include/alt-dummy/aes_alt.h @@ -1,7 +1,19 @@ /* aes_alt.h with dummy types for MBEDTLS_AES_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef AES_ALT_H diff --git a/tests/include/alt-dummy/aria_alt.h b/tests/include/alt-dummy/aria_alt.h index 94db8c7fb..aabec9c9f 100644 --- a/tests/include/alt-dummy/aria_alt.h +++ b/tests/include/alt-dummy/aria_alt.h @@ -1,7 +1,19 @@ /* aria_alt.h with dummy types for MBEDTLS_ARIA_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef ARIA_ALT_H diff --git a/tests/include/alt-dummy/camellia_alt.h b/tests/include/alt-dummy/camellia_alt.h index 97bc16b78..b42613bc2 100644 --- a/tests/include/alt-dummy/camellia_alt.h +++ b/tests/include/alt-dummy/camellia_alt.h @@ -1,7 +1,19 @@ /* camellia_alt.h with dummy types for MBEDTLS_CAMELLIA_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef CAMELLIA_ALT_H diff --git a/tests/include/alt-dummy/ccm_alt.h b/tests/include/alt-dummy/ccm_alt.h index c25f42b4a..5ec7d4e48 100644 --- a/tests/include/alt-dummy/ccm_alt.h +++ b/tests/include/alt-dummy/ccm_alt.h @@ -1,7 +1,19 @@ /* ccm_alt.h with dummy types for MBEDTLS_CCM_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef CCM_ALT_H diff --git a/tests/include/alt-dummy/chacha20_alt.h b/tests/include/alt-dummy/chacha20_alt.h index 6fd84d031..a53a33002 100644 --- a/tests/include/alt-dummy/chacha20_alt.h +++ b/tests/include/alt-dummy/chacha20_alt.h @@ -1,7 +1,19 @@ /* chacha20_alt.h with dummy types for MBEDTLS_CHACHA20_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef CHACHA20_ALT_H diff --git a/tests/include/alt-dummy/chachapoly_alt.h b/tests/include/alt-dummy/chachapoly_alt.h index de28ced67..584a42174 100644 --- a/tests/include/alt-dummy/chachapoly_alt.h +++ b/tests/include/alt-dummy/chachapoly_alt.h @@ -1,7 +1,19 @@ /* chachapoly_alt.h with dummy types for MBEDTLS_CHACHAPOLY_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef CHACHAPOLY_ALT_H diff --git a/tests/include/alt-dummy/cmac_alt.h b/tests/include/alt-dummy/cmac_alt.h index 68b53d707..13c998d68 100644 --- a/tests/include/alt-dummy/cmac_alt.h +++ b/tests/include/alt-dummy/cmac_alt.h @@ -1,7 +1,19 @@ /* cmac_alt.h with dummy types for MBEDTLS_CMAC_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef CMAC_ALT_H diff --git a/tests/include/alt-dummy/des_alt.h b/tests/include/alt-dummy/des_alt.h index d07986128..3b8abe493 100644 --- a/tests/include/alt-dummy/des_alt.h +++ b/tests/include/alt-dummy/des_alt.h @@ -1,7 +1,19 @@ /* des_alt.h with dummy types for MBEDTLS_DES_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. * */ diff --git a/tests/include/alt-dummy/dhm_alt.h b/tests/include/alt-dummy/dhm_alt.h index 3cb51d2ed..ccb3bd3c3 100644 --- a/tests/include/alt-dummy/dhm_alt.h +++ b/tests/include/alt-dummy/dhm_alt.h @@ -1,7 +1,19 @@ /* dhm_alt.h with dummy types for MBEDTLS_DHM_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef DHM_ALT_H diff --git a/tests/include/alt-dummy/ecjpake_alt.h b/tests/include/alt-dummy/ecjpake_alt.h index 4d7524860..90c21da8b 100644 --- a/tests/include/alt-dummy/ecjpake_alt.h +++ b/tests/include/alt-dummy/ecjpake_alt.h @@ -1,7 +1,19 @@ /* ecjpake_alt.h with dummy types for MBEDTLS_ECJPAKE_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef ECJPAKE_ALT_H diff --git a/tests/include/alt-dummy/ecp_alt.h b/tests/include/alt-dummy/ecp_alt.h index d204b18d0..56c981095 100644 --- a/tests/include/alt-dummy/ecp_alt.h +++ b/tests/include/alt-dummy/ecp_alt.h @@ -1,7 +1,19 @@ /* ecp_alt.h with dummy types for MBEDTLS_ECP_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef ECP_ALT_H diff --git a/tests/include/alt-dummy/gcm_alt.h b/tests/include/alt-dummy/gcm_alt.h index cfa73d2a4..7be5b62f6 100644 --- a/tests/include/alt-dummy/gcm_alt.h +++ b/tests/include/alt-dummy/gcm_alt.h @@ -1,7 +1,19 @@ /* gcm_alt.h with dummy types for MBEDTLS_GCM_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef GCM_ALT_H diff --git a/tests/include/alt-dummy/md5_alt.h b/tests/include/alt-dummy/md5_alt.h index e3a15d70f..1f3e5ed9b 100644 --- a/tests/include/alt-dummy/md5_alt.h +++ b/tests/include/alt-dummy/md5_alt.h @@ -1,7 +1,19 @@ /* md5_alt.h with dummy types for MBEDTLS_MD5_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MD5_ALT_H diff --git a/tests/include/alt-dummy/nist_kw_alt.h b/tests/include/alt-dummy/nist_kw_alt.h index 1274d4081..8fec116be 100644 --- a/tests/include/alt-dummy/nist_kw_alt.h +++ b/tests/include/alt-dummy/nist_kw_alt.h @@ -1,7 +1,19 @@ /* nist_kw_alt.h with dummy types for MBEDTLS_NIST_KW_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef NIST_KW_ALT_H diff --git a/tests/include/alt-dummy/platform_alt.h b/tests/include/alt-dummy/platform_alt.h index 67573926e..836f299c8 100644 --- a/tests/include/alt-dummy/platform_alt.h +++ b/tests/include/alt-dummy/platform_alt.h @@ -1,7 +1,19 @@ /* platform_alt.h with dummy types for MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PLATFORM_ALT_H diff --git a/tests/include/alt-dummy/poly1305_alt.h b/tests/include/alt-dummy/poly1305_alt.h index c8ed1bc06..5a8295f16 100644 --- a/tests/include/alt-dummy/poly1305_alt.h +++ b/tests/include/alt-dummy/poly1305_alt.h @@ -1,7 +1,19 @@ /* poly1305_alt.h with dummy types for MBEDTLS_POLY1305_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef POLY1305_ALT_H diff --git a/tests/include/alt-dummy/ripemd160_alt.h b/tests/include/alt-dummy/ripemd160_alt.h index 72ae47efb..ca3b33827 100644 --- a/tests/include/alt-dummy/ripemd160_alt.h +++ b/tests/include/alt-dummy/ripemd160_alt.h @@ -1,7 +1,19 @@ /* ripemd160_alt.h with dummy types for MBEDTLS_RIPEMD160_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef RIPEMD160_ALT_H diff --git a/tests/include/alt-dummy/rsa_alt.h b/tests/include/alt-dummy/rsa_alt.h index eabc26da1..24f672bb3 100644 --- a/tests/include/alt-dummy/rsa_alt.h +++ b/tests/include/alt-dummy/rsa_alt.h @@ -1,7 +1,19 @@ /* rsa_alt.h with dummy types for MBEDTLS_RSA_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef RSA_ALT_H diff --git a/tests/include/alt-dummy/sha1_alt.h b/tests/include/alt-dummy/sha1_alt.h index d8ac97191..36bf71d84 100644 --- a/tests/include/alt-dummy/sha1_alt.h +++ b/tests/include/alt-dummy/sha1_alt.h @@ -1,7 +1,19 @@ /* sha1_alt.h with dummy types for MBEDTLS_SHA1_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef SHA1_ALT_H diff --git a/tests/include/alt-dummy/sha256_alt.h b/tests/include/alt-dummy/sha256_alt.h index b1900adee..304734bfc 100644 --- a/tests/include/alt-dummy/sha256_alt.h +++ b/tests/include/alt-dummy/sha256_alt.h @@ -1,7 +1,19 @@ /* sha256_alt.h with dummy types for MBEDTLS_SHA256_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef SHA256_ALT_H diff --git a/tests/include/alt-dummy/sha512_alt.h b/tests/include/alt-dummy/sha512_alt.h index 857bc916a..13e58109e 100644 --- a/tests/include/alt-dummy/sha512_alt.h +++ b/tests/include/alt-dummy/sha512_alt.h @@ -1,7 +1,19 @@ /* sha512_alt.h with dummy types for MBEDTLS_SHA512_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef SHA512_ALT_H diff --git a/tests/include/alt-dummy/threading_alt.h b/tests/include/alt-dummy/threading_alt.h index 07d5da427..400350686 100644 --- a/tests/include/alt-dummy/threading_alt.h +++ b/tests/include/alt-dummy/threading_alt.h @@ -1,7 +1,19 @@ /* threading_alt.h with dummy types for MBEDTLS_THREADING_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef THREADING_ALT_H diff --git a/tests/include/alt-dummy/timing_alt.h b/tests/include/alt-dummy/timing_alt.h index 69bee60f6..9d4e100ea 100644 --- a/tests/include/alt-dummy/timing_alt.h +++ b/tests/include/alt-dummy/timing_alt.h @@ -1,7 +1,19 @@ /* timing_alt.h with dummy types for MBEDTLS_TIMING_ALT */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef TIMING_ALT_H diff --git a/tests/include/baremetal-override/time.h b/tests/include/baremetal-override/time.h index 0a44275e7..40eed2d33 100644 --- a/tests/include/baremetal-override/time.h +++ b/tests/include/baremetal-override/time.h @@ -1,6 +1,18 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #error "time.h included in a configuration without MBEDTLS_HAVE_TIME" diff --git a/tests/include/spe/crypto_spe.h b/tests/include/spe/crypto_spe.h index fdf3a2db5..de842642d 100644 --- a/tests/include/spe/crypto_spe.h +++ b/tests/include/spe/crypto_spe.h @@ -1,6 +1,18 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. * */ diff --git a/tests/include/test/arguments.h b/tests/include/test/arguments.h index 6d267b660..74bbbd569 100644 --- a/tests/include/test/arguments.h +++ b/tests/include/test/arguments.h @@ -8,7 +8,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef TEST_ARGUMENTS_H diff --git a/tests/include/test/asn1_helpers.h b/tests/include/test/asn1_helpers.h index 2eb917128..dee3cbda9 100644 --- a/tests/include/test/asn1_helpers.h +++ b/tests/include/test/asn1_helpers.h @@ -2,7 +2,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef ASN1_HELPERS_H diff --git a/tests/include/test/bignum_helpers.h b/tests/include/test/bignum_helpers.h index 2f6bf8931..fc97d23ba 100644 --- a/tests/include/test/bignum_helpers.h +++ b/tests/include/test/bignum_helpers.h @@ -7,7 +7,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef TEST_BIGNUM_HELPERS_H diff --git a/tests/include/test/certs.h b/tests/include/test/certs.h index db69536a6..65c55829d 100644 --- a/tests/include/test/certs.h +++ b/tests/include/test/certs.h @@ -5,7 +5,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CERTS_H #define MBEDTLS_CERTS_H diff --git a/tests/include/test/constant_flow.h b/tests/include/test/constant_flow.h index c5658eb40..f3d676e28 100644 --- a/tests/include/test/constant_flow.h +++ b/tests/include/test/constant_flow.h @@ -6,7 +6,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef TEST_CONSTANT_FLOW_H diff --git a/tests/include/test/drivers/aead.h b/tests/include/test/drivers/aead.h index a033e399d..037a255ca 100644 --- a/tests/include/test/drivers/aead.h +++ b/tests/include/test/drivers/aead.h @@ -2,7 +2,19 @@ * Test driver for AEAD driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_TEST_DRIVERS_AEAD_H diff --git a/tests/include/test/drivers/asymmetric_encryption.h b/tests/include/test/drivers/asymmetric_encryption.h index 0ac77087d..c602d2f22 100644 --- a/tests/include/test/drivers/asymmetric_encryption.h +++ b/tests/include/test/drivers/asymmetric_encryption.h @@ -2,7 +2,19 @@ * Test driver for asymmetric encryption. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_TEST_DRIVERS_ASYMMETRIC_ENCRYPTION_H diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 950a17440..54c37f748 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -2,7 +2,19 @@ * Test driver for cipher functions */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_TEST_DRIVERS_CIPHER_H diff --git a/tests/include/test/drivers/config_test_driver.h b/tests/include/test/drivers/config_test_driver.h index 4eb27f024..81f988339 100644 --- a/tests/include/test/drivers/config_test_driver.h +++ b/tests/include/test/drivers/config_test_driver.h @@ -7,7 +7,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef MBEDTLS_CONFIG_H diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h index ad48c45d5..f1da8d3e4 100644 --- a/tests/include/test/drivers/hash.h +++ b/tests/include/test/drivers/hash.h @@ -2,7 +2,19 @@ * Test driver for hash driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_TEST_DRIVERS_HASH_H diff --git a/tests/include/test/drivers/key_agreement.h b/tests/include/test/drivers/key_agreement.h index ca82b3ad9..aaf74a8c5 100644 --- a/tests/include/test/drivers/key_agreement.h +++ b/tests/include/test/drivers/key_agreement.h @@ -2,7 +2,19 @@ * Test driver for key agreement functions. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_AGREEMENT_H diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 9e2c89885..43df0d610 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -2,7 +2,19 @@ * Test driver for generating and verifying keys. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H diff --git a/tests/include/test/drivers/mac.h b/tests/include/test/drivers/mac.h index d92eff903..bdc2b705c 100644 --- a/tests/include/test/drivers/mac.h +++ b/tests/include/test/drivers/mac.h @@ -2,7 +2,19 @@ * Test driver for MAC driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_TEST_DRIVERS_MAC_H diff --git a/tests/include/test/drivers/pake.h b/tests/include/test/drivers/pake.h index d292ca0da..331ee49da 100644 --- a/tests/include/test/drivers/pake.h +++ b/tests/include/test/drivers/pake.h @@ -2,7 +2,19 @@ * Test driver for PAKE driver entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_TEST_DRIVERS_PAKE_H diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h index 8c5703edf..4c56a121c 100644 --- a/tests/include/test/drivers/signature.h +++ b/tests/include/test/drivers/signature.h @@ -2,7 +2,19 @@ * Test driver for signature functions. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_TEST_DRIVERS_SIGNATURE_H diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/test_driver.h index 74605d6b8..541ee03d0 100644 --- a/tests/include/test/drivers/test_driver.h +++ b/tests/include/test/drivers/test_driver.h @@ -2,7 +2,19 @@ * Umbrella include for all of the test driver functionality */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_TEST_DRIVER_H diff --git a/tests/include/test/fake_external_rng_for_test.h b/tests/include/test/fake_external_rng_for_test.h index e3e331d55..01bfb91a4 100644 --- a/tests/include/test/fake_external_rng_for_test.h +++ b/tests/include/test/fake_external_rng_for_test.h @@ -4,7 +4,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef FAKE_EXTERNAL_RNG_FOR_TEST_H diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index ba117fbdf..dd4a6a2b4 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -7,7 +7,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef TEST_HELPERS_H diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h index 8de9c4d95..3bfbe3333 100644 --- a/tests/include/test/macros.h +++ b/tests/include/test/macros.h @@ -6,7 +6,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef TEST_MACROS_H diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index 58457320b..9ba7dbcd9 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_CRYPTO_HELPERS_H diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h index 0f3ee3db6..46f4d0810 100644 --- a/tests/include/test/psa_exercise_key.h +++ b/tests/include/test/psa_exercise_key.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_EXERCISE_KEY_H diff --git a/tests/include/test/psa_helpers.h b/tests/include/test/psa_helpers.h index b61718939..2665fac39 100644 --- a/tests/include/test/psa_helpers.h +++ b/tests/include/test/psa_helpers.h @@ -3,7 +3,19 @@ */ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef PSA_HELPERS_H diff --git a/tests/include/test/random.h b/tests/include/test/random.h index 6304e05d7..c5572088a 100644 --- a/tests/include/test/random.h +++ b/tests/include/test/random.h @@ -7,7 +7,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef TEST_RANDOM_H diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h index abdef9032..ddbd6a39e 100644 --- a/tests/include/test/ssl_helpers.h +++ b/tests/include/test/ssl_helpers.h @@ -5,7 +5,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #ifndef SSL_HELPERS_H diff --git a/tests/make-in-docker.sh b/tests/make-in-docker.sh index e57d09d34..0ee08dc48 100755 --- a/tests/make-in-docker.sh +++ b/tests/make-in-docker.sh @@ -14,7 +14,19 @@ # for the set of Docker images we use on the CI. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. source tests/scripts/docker_env.sh diff --git a/tests/opt-testcases/tls13-compat.sh b/tests/opt-testcases/tls13-compat.sh index 1190a87ee..56d2e2959 100755 --- a/tests/opt-testcases/tls13-compat.sh +++ b/tests/opt-testcases/tls13-compat.sh @@ -3,7 +3,19 @@ # tls13-compat.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Purpose # diff --git a/tests/opt-testcases/tls13-kex-modes.sh b/tests/opt-testcases/tls13-kex-modes.sh index 6556cd4b4..758da1da5 100755 --- a/tests/opt-testcases/tls13-kex-modes.sh +++ b/tests/opt-testcases/tls13-kex-modes.sh @@ -3,7 +3,19 @@ # tls13-kex-modes.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # DO NOT ADD NEW TEST CASES INTO THIS FILE. The left cases will be generated by diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index a56696a22..f30384d39 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -3,7 +3,19 @@ # tls13-misc.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # requires_gnutls_tls1_3 diff --git a/tests/scripts/all-in-docker.sh b/tests/scripts/all-in-docker.sh index b2a31c265..7c03d9135 100755 --- a/tests/scripts/all-in-docker.sh +++ b/tests/scripts/all-in-docker.sh @@ -17,7 +17,19 @@ # See also all.sh for notes about invocation of that script. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. source tests/scripts/docker_env.sh diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index fe2d73f0c..9e1d84f5d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3,7 +3,19 @@ # all.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. diff --git a/tests/scripts/audit-validity-dates.py b/tests/scripts/audit-validity-dates.py index b2230dd47..623fd2352 100755 --- a/tests/scripts/audit-validity-dates.py +++ b/tests/scripts/audit-validity-dates.py @@ -1,7 +1,19 @@ #!/usr/bin/env python3 # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. """Audit validity date of X509 crt/crl/csr. diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 1f8ade663..43a91eed2 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -3,7 +3,19 @@ # basic-build-test.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Purpose # diff --git a/tests/scripts/basic-in-docker.sh b/tests/scripts/basic-in-docker.sh index 3aca3a134..02cafb0cc 100755 --- a/tests/scripts/basic-in-docker.sh +++ b/tests/scripts/basic-in-docker.sh @@ -18,7 +18,19 @@ # See docker_env.sh for prerequisites and other information. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. source tests/scripts/docker_env.sh diff --git a/tests/scripts/check-doxy-blocks.pl b/tests/scripts/check-doxy-blocks.pl index 3199c2ab4..dd955301f 100755 --- a/tests/scripts/check-doxy-blocks.pl +++ b/tests/scripts/check-doxy-blocks.pl @@ -9,7 +9,19 @@ # items that are documented, but not marked as such by mistake. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. use warnings; use strict; diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 67dedeb26..d03e5cf6d 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -1,7 +1,19 @@ #! /usr/bin/env sh # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Purpose # diff --git a/tests/scripts/check-python-files.sh b/tests/scripts/check-python-files.sh index 51e80792b..35319d3e1 100755 --- a/tests/scripts/check-python-files.sh +++ b/tests/scripts/check-python-files.sh @@ -1,7 +1,19 @@ #! /usr/bin/env sh # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # Purpose: check Python files for potential programming errors or maintenance # hurdles. Run pylint to detect some potential mistakes and enforce PEP8 diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py index e3593662b..352b55eaa 100755 --- a/tests/scripts/check_files.py +++ b/tests/scripts/check_files.py @@ -1,7 +1,19 @@ #!/usr/bin/env python3 # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ This script checks the current state of the source code for minor issues, diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index 635552e76..f812929c7 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -1,7 +1,19 @@ #!/usr/bin/env python3 # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ This script confirms that the naming of all symbols and identifiers in Mbed TLS diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py index 3b954af22..1395d4d90 100755 --- a/tests/scripts/check_test_cases.py +++ b/tests/scripts/check_test_cases.py @@ -7,7 +7,19 @@ independently of the checks. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import argparse import glob diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index e355dfd94..e92564151 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -1,7 +1,21 @@ #!/usr/bin/env python3 -# Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# Copyright (c) 2022, Arm Limited, All Rights Reserved. +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# This file is part of Mbed TLS (https://tls.mbed.org) """ Test Mbed TLS with a subset of algorithms. diff --git a/tests/scripts/docker_env.sh b/tests/scripts/docker_env.sh index cfc98dfca..3dbc41d92 100755 --- a/tests/scripts/docker_env.sh +++ b/tests/scripts/docker_env.sh @@ -27,7 +27,19 @@ # the Docker image. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # default values, can be overridden by the environment diff --git a/tests/scripts/doxygen.sh b/tests/scripts/doxygen.sh index b6a1d4594..cb87829e2 100755 --- a/tests/scripts/doxygen.sh +++ b/tests/scripts/doxygen.sh @@ -3,7 +3,19 @@ # Make sure the doxygen documentation builds without warnings # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # Abort on errors (and uninitialised variables) set -eu diff --git a/tests/scripts/gen_ctr_drbg.pl b/tests/scripts/gen_ctr_drbg.pl index ec5e5d891..2345b9e36 100755 --- a/tests/scripts/gen_ctr_drbg.pl +++ b/tests/scripts/gen_ctr_drbg.pl @@ -5,7 +5,19 @@ # and concats nonce and personalization for initialization. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. use strict; diff --git a/tests/scripts/gen_gcm_decrypt.pl b/tests/scripts/gen_gcm_decrypt.pl index 30d45c307..354e351a4 100755 --- a/tests/scripts/gen_gcm_decrypt.pl +++ b/tests/scripts/gen_gcm_decrypt.pl @@ -4,7 +4,19 @@ # Only first 3 of every set used for compile time saving # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. use strict; diff --git a/tests/scripts/gen_gcm_encrypt.pl b/tests/scripts/gen_gcm_encrypt.pl index b4f08494c..101456fed 100755 --- a/tests/scripts/gen_gcm_encrypt.pl +++ b/tests/scripts/gen_gcm_encrypt.pl @@ -4,7 +4,19 @@ # Only first 3 of every set used for compile time saving # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. use strict; diff --git a/tests/scripts/gen_pkcs1_v21_sign_verify.pl b/tests/scripts/gen_pkcs1_v21_sign_verify.pl index fe2d3f5d3..609e5586a 100755 --- a/tests/scripts/gen_pkcs1_v21_sign_verify.pl +++ b/tests/scripts/gen_pkcs1_v21_sign_verify.pl @@ -1,7 +1,19 @@ #!/usr/bin/env perl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. use strict; diff --git a/tests/scripts/generate-afl-tests.sh b/tests/scripts/generate-afl-tests.sh index d4ef0f3af..a51fbc965 100755 --- a/tests/scripts/generate-afl-tests.sh +++ b/tests/scripts/generate-afl-tests.sh @@ -9,7 +9,19 @@ # such as 'test_suite_rsa.data' # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # Abort on errors set -e diff --git a/tests/scripts/generate_bignum_tests.py b/tests/scripts/generate_bignum_tests.py index 8dbb6ed78..6ee6ab39a 100755 --- a/tests/scripts/generate_bignum_tests.py +++ b/tests/scripts/generate_bignum_tests.py @@ -40,7 +40,19 @@ of BaseTarget in test_data_generation.py. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import sys diff --git a/tests/scripts/generate_ecp_tests.py b/tests/scripts/generate_ecp_tests.py index df1e4696a..abbfda55f 100755 --- a/tests/scripts/generate_ecp_tests.py +++ b/tests/scripts/generate_ecp_tests.py @@ -6,7 +6,19 @@ as in generate_bignum_tests.py. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import sys diff --git a/tests/scripts/generate_pkcs7_tests.py b/tests/scripts/generate_pkcs7_tests.py index 0e484b023..0e7385043 100755 --- a/tests/scripts/generate_pkcs7_tests.py +++ b/tests/scripts/generate_pkcs7_tests.py @@ -1,7 +1,19 @@ #!/usr/bin/env python3 # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # """ diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 801f8da8b..b6f83c111 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -6,7 +6,19 @@ generate only the specified files. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import enum import re diff --git a/tests/scripts/generate_test_cert_macros.py b/tests/scripts/generate_test_cert_macros.py index a3bca7e6f..4494917ef 100755 --- a/tests/scripts/generate_test_cert_macros.py +++ b/tests/scripts/generate_test_cert_macros.py @@ -6,7 +6,19 @@ Generate `tests/src/test_certs.h` which includes certficaties/keys/certificate l # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import os diff --git a/tests/scripts/generate_test_code.py b/tests/scripts/generate_test_code.py index 5f711bfb1..76806de95 100755 --- a/tests/scripts/generate_test_code.py +++ b/tests/scripts/generate_test_code.py @@ -2,7 +2,19 @@ # Test suites code generator. # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ This script is a key part of Mbed TLS test suites framework. For diff --git a/tests/scripts/generate_tls13_compat_tests.py b/tests/scripts/generate_tls13_compat_tests.py index fdb264d7b..05d80a532 100755 --- a/tests/scripts/generate_tls13_compat_tests.py +++ b/tests/scripts/generate_tls13_compat_tests.py @@ -3,7 +3,19 @@ # generate_tls13_compat_tests.py # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Generate TLSv1.3 Compat test cases @@ -524,7 +536,19 @@ SSL_OUTPUT_HEADER = '''#!/bin/sh # {filename} # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Purpose # diff --git a/tests/scripts/list-identifiers.sh b/tests/scripts/list-identifiers.sh index 4ccac236e..9b930802f 100755 --- a/tests/scripts/list-identifiers.sh +++ b/tests/scripts/list-identifiers.sh @@ -10,7 +10,19 @@ # Usage: list-identifiers.sh [ -i | --internal ] # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. set -eu diff --git a/tests/scripts/list_internal_identifiers.py b/tests/scripts/list_internal_identifiers.py index b648ce24f..6b41607e3 100755 --- a/tests/scripts/list_internal_identifiers.py +++ b/tests/scripts/list_internal_identifiers.py @@ -1,7 +1,19 @@ #!/usr/bin/env python3 # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ This script generates a file called identifiers that contains all Mbed TLS diff --git a/tests/scripts/psa_collect_statuses.py b/tests/scripts/psa_collect_statuses.py index 11bbebcc1..f685bab8e 100755 --- a/tests/scripts/psa_collect_statuses.py +++ b/tests/scripts/psa_collect_statuses.py @@ -13,7 +13,19 @@ only supported with make (as opposed to CMake or other build methods). """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import argparse import os diff --git a/tests/scripts/recursion.pl b/tests/scripts/recursion.pl index 3cdeff7f4..2a7dba541 100755 --- a/tests/scripts/recursion.pl +++ b/tests/scripts/recursion.pl @@ -9,7 +9,19 @@ # Typical usage: scripts/recursion.pl library/*.c # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. use warnings; use strict; diff --git a/tests/scripts/run-test-suites.pl b/tests/scripts/run-test-suites.pl index e0ee3f515..cedc0bfa5 100755 --- a/tests/scripts/run-test-suites.pl +++ b/tests/scripts/run-test-suites.pl @@ -3,7 +3,19 @@ # run-test-suites.pl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. =head1 SYNOPSIS diff --git a/tests/scripts/scripts_path.py b/tests/scripts/scripts_path.py index 5d83f29f9..10bf6f852 100644 --- a/tests/scripts/scripts_path.py +++ b/tests/scripts/scripts_path.py @@ -6,8 +6,19 @@ Usage: """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 # +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import os import sys diff --git a/tests/scripts/set_psa_test_dependencies.py b/tests/scripts/set_psa_test_dependencies.py index f68dfcb72..7f4ebeb7f 100755 --- a/tests/scripts/set_psa_test_dependencies.py +++ b/tests/scripts/set_psa_test_dependencies.py @@ -4,7 +4,19 @@ """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import os import re diff --git a/tests/scripts/tcp_client.pl b/tests/scripts/tcp_client.pl index 9aff22db0..17f824e00 100755 --- a/tests/scripts/tcp_client.pl +++ b/tests/scripts/tcp_client.pl @@ -6,7 +6,19 @@ # RESPONSE: regexp that must match the server's response # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. use warnings; use strict; diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index 0702074ab..15209b4a0 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -3,7 +3,19 @@ # test-ref-configs.pl # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Purpose # diff --git a/tests/scripts/test_config_script.py b/tests/scripts/test_config_script.py index e500b3362..e230e3c87 100755 --- a/tests/scripts/test_config_script.py +++ b/tests/scripts/test_config_script.py @@ -14,8 +14,19 @@ Sample usage: """ ## Copyright The Mbed TLS Contributors -## SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +## SPDX-License-Identifier: Apache-2.0 ## +## Licensed under the Apache License, Version 2.0 (the "License"); you may +## not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +## WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. import argparse import glob diff --git a/tests/scripts/test_generate_test_code.py b/tests/scripts/test_generate_test_code.py index abc46a729..b32d18423 100755 --- a/tests/scripts/test_generate_test_code.py +++ b/tests/scripts/test_generate_test_code.py @@ -2,7 +2,19 @@ # Unit test for generate_test_code.py # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Unit tests for generate_test_code.py diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 52169e285..359043620 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -8,7 +8,19 @@ keep the list of known defects as up to date as possible. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import argparse import os diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 6883e279f..e43a0baef 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -8,7 +8,19 @@ or 1 (with a Python backtrace) if there was an operational error. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import argparse from collections import namedtuple diff --git a/tests/scripts/test_zeroize.gdb b/tests/scripts/test_zeroize.gdb index 57f771f56..66c630408 100644 --- a/tests/scripts/test_zeroize.gdb +++ b/tests/scripts/test_zeroize.gdb @@ -1,7 +1,19 @@ # test_zeroize.gdb # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Purpose # diff --git a/tests/scripts/translate_ciphers.py b/tests/scripts/translate_ciphers.py index 90514fca1..a8db4bb35 100755 --- a/tests/scripts/translate_ciphers.py +++ b/tests/scripts/translate_ciphers.py @@ -3,7 +3,19 @@ # translate_ciphers.py # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. """ Translate standard ciphersuite names to GnuTLS, OpenSSL and Mbed TLS standards. diff --git a/tests/scripts/travis-log-failure.sh b/tests/scripts/travis-log-failure.sh index 3daecf30d..249b3f807 100755 --- a/tests/scripts/travis-log-failure.sh +++ b/tests/scripts/travis-log-failure.sh @@ -3,7 +3,19 @@ # travis-log-failure.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Purpose # diff --git a/tests/src/asn1_helpers.c b/tests/src/asn1_helpers.c index c8df1995e..aaf7587aa 100644 --- a/tests/src/asn1_helpers.c +++ b/tests/src/asn1_helpers.c @@ -5,7 +5,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/bignum_helpers.c b/tests/src/bignum_helpers.c index c85e2caaf..214530df5 100644 --- a/tests/src/bignum_helpers.c +++ b/tests/src/bignum_helpers.c @@ -7,7 +7,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #define MBEDTLS_ALLOW_PRIVATE_ACCESS diff --git a/tests/src/certs.c b/tests/src/certs.c index 879f08882..b834e4aa1 100644 --- a/tests/src/certs.c +++ b/tests/src/certs.c @@ -2,7 +2,19 @@ * X.509 test certificates * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include "common.h" diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c index 76ec12a22..8fb198277 100644 --- a/tests/src/drivers/hash.c +++ b/tests/src/drivers/hash.c @@ -2,7 +2,19 @@ * Test driver for hash entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/drivers/platform_builtin_keys.c b/tests/src/drivers/platform_builtin_keys.c index 01fc050bb..6334a438e 100644 --- a/tests/src/drivers/platform_builtin_keys.c +++ b/tests/src/drivers/platform_builtin_keys.c @@ -5,7 +5,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c index 314ce83a2..6dadf5282 100644 --- a/tests/src/drivers/test_driver_aead.c +++ b/tests/src/drivers/test_driver_aead.c @@ -2,7 +2,19 @@ * Test driver for AEAD entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/drivers/test_driver_asymmetric_encryption.c b/tests/src/drivers/test_driver_asymmetric_encryption.c index c906a664a..cf0e90cae 100644 --- a/tests/src/drivers/test_driver_asymmetric_encryption.c +++ b/tests/src/drivers/test_driver_asymmetric_encryption.c @@ -2,7 +2,19 @@ * Test driver for asymmetric encryption. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 678d8d5d6..42e79c490 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -3,7 +3,19 @@ * Currently only supports multi-part operations using AES-CTR. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/drivers/test_driver_key_agreement.c b/tests/src/drivers/test_driver_key_agreement.c index 8471959e2..9cf82a37a 100644 --- a/tests/src/drivers/test_driver_key_agreement.c +++ b/tests/src/drivers/test_driver_key_agreement.c @@ -2,7 +2,19 @@ * Test driver for key agreement functions. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 6442f2231..19da47ad6 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -3,7 +3,19 @@ * Currently only supports generating and verifying ECC keys. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c index 9f8120bd4..96c1685f5 100644 --- a/tests/src/drivers/test_driver_mac.c +++ b/tests/src/drivers/test_driver_mac.c @@ -2,7 +2,19 @@ * Test driver for MAC entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/drivers/test_driver_pake.c b/tests/src/drivers/test_driver_pake.c index a0b6c1cb0..69bd4ffe2 100644 --- a/tests/src/drivers/test_driver_pake.c +++ b/tests/src/drivers/test_driver_pake.c @@ -2,7 +2,19 @@ * Test driver for MAC entry points. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index bd723b8bd..c312477c8 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -4,7 +4,19 @@ * only deterministic ECDSA on curves secp256r1, secp384r1 and secp521r1. */ /* Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/fake_external_rng_for_test.c b/tests/src/fake_external_rng_for_test.c index c0bfde51a..89af7d34f 100644 --- a/tests/src/fake_external_rng_for_test.c +++ b/tests/src/fake_external_rng_for_test.c @@ -5,7 +5,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/helpers.c b/tests/src/helpers.c index eb28919b8..7cac6e0a0 100644 --- a/tests/src/helpers.c +++ b/tests/src/helpers.c @@ -1,6 +1,18 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/psa_crypto_helpers.c b/tests/src/psa_crypto_helpers.c index d59a8f872..52ff03186 100644 --- a/tests/src/psa_crypto_helpers.c +++ b/tests/src/psa_crypto_helpers.c @@ -5,7 +5,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index f8b36e1fa..c4488b56f 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -4,7 +4,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/random.c b/tests/src/random.c index d041f36a1..d20103c35 100644 --- a/tests/src/random.c +++ b/tests/src/random.c @@ -7,7 +7,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* diff --git a/tests/src/test_certs.h b/tests/src/test_certs.h index b313ea88d..866d1e003 100644 --- a/tests/src/test_certs.h +++ b/tests/src/test_certs.h @@ -2,7 +2,19 @@ * X.509 test certificates * * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ /* THIS FILE is generated by `tests/scripts/generate_test_cert_macros.py` */ diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 52839eb96..5c305cb0a 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -5,7 +5,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/src/threading_helpers.c b/tests/src/threading_helpers.c index 6f405b00c..ae6e59072 100644 --- a/tests/src/threading_helpers.c +++ b/tests/src/threading_helpers.c @@ -2,7 +2,19 @@ /* * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ #include diff --git a/tests/ssl-opt-in-docker.sh b/tests/ssl-opt-in-docker.sh index c0c85fc2e..159be4c50 100755 --- a/tests/ssl-opt-in-docker.sh +++ b/tests/ssl-opt-in-docker.sh @@ -22,7 +22,19 @@ # - ssl-opt.sh for notes about invocation of that script. # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. source tests/scripts/docker_env.sh diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 48b3c0cb2..efcbd2686 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -3,7 +3,19 @@ # ssl-opt.sh # # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # # Purpose # diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index faa31662a..11c41b0d0 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ Check compile time library version -check_compiletime_version:"3.5.1" +check_compiletime_version:"3.5.0" Check runtime library version -check_runtime_version:"3.5.1" +check_runtime_version:"3.5.0" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0 From 39b2a380765faaaaa6b243f7822e4ed8fd3d9ed9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 7 Nov 2023 12:39:51 +0000 Subject: [PATCH 0609/1674] Restore 3.5.1 ChangeLog Signed-off-by: Dave Rodgman --- ChangeLog | 10 ++++++++++ ChangeLog.d/fix-3rdparty-target-prefix.txt | 3 --- ChangeLog.d/license.txt | 3 --- 3 files changed, 10 insertions(+), 6 deletions(-) delete mode 100644 ChangeLog.d/fix-3rdparty-target-prefix.txt delete mode 100644 ChangeLog.d/license.txt diff --git a/ChangeLog b/ChangeLog index 4ba3164f6..28c45f718 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,15 @@ Mbed TLS ChangeLog (Sorted per branch, date) += Mbed TLS 3.5.1 branch released 2023-11-06 + +Changes + * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later + license. Users may choose which license they take the code under. + +Bugfix + * Fix accidental omission of MBEDTLS_TARGET_PREFIX in 3rdparty modules + in CMake. + = Mbed TLS 3.5.0 branch released 2023-10-05 API changes diff --git a/ChangeLog.d/fix-3rdparty-target-prefix.txt b/ChangeLog.d/fix-3rdparty-target-prefix.txt deleted file mode 100644 index db8ed07ee..000000000 --- a/ChangeLog.d/fix-3rdparty-target-prefix.txt +++ /dev/null @@ -1,3 +0,0 @@ -Bugfix - * Fix accidental omission of MBEDTLS_TARGET_PREFIX in 3rdparty modules - in CMake. diff --git a/ChangeLog.d/license.txt b/ChangeLog.d/license.txt deleted file mode 100644 index 0b6bb1f02..000000000 --- a/ChangeLog.d/license.txt +++ /dev/null @@ -1,3 +0,0 @@ -Changes - * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later - license. Users may choose which license they take the code under. From 28d40930ae42f8ee42a65b2fda2b424ecfaa7abf Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 12:46:57 +0000 Subject: [PATCH 0610/1674] Restore bump version Signed-off-by: Dave Rodgman --- CMakeLists.txt | 2 +- doxygen/input/doc_mainpage.h | 2 +- doxygen/mbedtls.doxyfile | 2 +- include/mbedtls/build_info.h | 8 ++++---- library/CMakeLists.txt | 6 +++--- tests/suites/test_suite_version.data | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index cbe57486f..36baa3b40 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -377,7 +377,7 @@ if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL) write_basic_package_version_file( "cmake/MbedTLSConfigVersion.cmake" COMPATIBILITY SameMajorVersion - VERSION 3.5.0) + VERSION 3.5.1) install( FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfig.cmake" diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index f465a454b..c391c59ce 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -10,7 +10,7 @@ */ /** - * @mainpage Mbed TLS v3.5.0 API Documentation + * @mainpage Mbed TLS v3.5.1 API Documentation * * This documentation describes the internal structure of Mbed TLS. It was * automatically generated from specially formatted comment blocks in diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 98b2d7973..89048f221 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -1,4 +1,4 @@ -PROJECT_NAME = "Mbed TLS v3.5.0" +PROJECT_NAME = "Mbed TLS v3.5.1" OUTPUT_DIRECTORY = ../apidoc/ FULL_PATH_NAMES = NO OPTIMIZE_OUTPUT_FOR_C = YES diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 2c3d43876..44ecacf12 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -26,16 +26,16 @@ */ #define MBEDTLS_VERSION_MAJOR 3 #define MBEDTLS_VERSION_MINOR 5 -#define MBEDTLS_VERSION_PATCH 0 +#define MBEDTLS_VERSION_PATCH 1 /** * The single version number has the following structure: * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x03050000 -#define MBEDTLS_VERSION_STRING "3.5.0" -#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.5.0" +#define MBEDTLS_VERSION_NUMBER 0x03050100 +#define MBEDTLS_VERSION_STRING "3.5.1" +#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.5.1" /* Macros for build-time platform detection */ diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 6a4ce51b4..eeda06aee 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -296,7 +296,7 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR}) add_library(${mbedcrypto_target} SHARED ${src_crypto}) - set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.5.0 SOVERSION 15) + set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.5.1 SOVERSION 15) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) if(TARGET ${everest_target}) @@ -308,11 +308,11 @@ if(USE_SHARED_MBEDTLS_LIBRARY) endif() add_library(${mbedx509_target} SHARED ${src_x509}) - set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.5.0 SOVERSION 6) + set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.5.1 SOVERSION 6) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) add_library(${mbedtls_target} SHARED ${src_tls}) - set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.5.0 SOVERSION 20) + set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.5.1 SOVERSION 20) target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) endif(USE_SHARED_MBEDTLS_LIBRARY) diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index 11c41b0d0..faa31662a 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ Check compile time library version -check_compiletime_version:"3.5.0" +check_compiletime_version:"3.5.1" Check runtime library version -check_runtime_version:"3.5.0" +check_runtime_version:"3.5.1" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0 From 9f747537cf9d547b57e10072603d4e37f3ccb66b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 6 Nov 2023 11:47:15 +0000 Subject: [PATCH 0611/1674] Update BRANCHES Signed-off-by: Dave Rodgman --- BRANCHES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/BRANCHES.md b/BRANCHES.md index d3bd75eff..c085b1616 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -106,6 +106,6 @@ The following branches are currently maintained: - [`development`](https://github.com/Mbed-TLS/mbedtls/) - [`mbedtls-2.28`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-2.28) maintained until at least the end of 2024, see - . + . Users are urged to always use the latest version of a maintained branch. From 9eb2abd1e0c3b96cbe022b3b9fa476998294253a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 8 Nov 2023 11:36:00 +0000 Subject: [PATCH 0612/1674] Add docs re Everest license Signed-off-by: Dave Rodgman --- include/mbedtls/mbedtls_config.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 6a940d44a..542b76dfe 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -742,6 +742,9 @@ * contexts and therefore is a compatibility break for applications that access * fields of a mbedtls_ecdh_context structure directly. See also * MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h. + * + * The Everest code is provided under the Apache 2.0 license only; therefore enabling this + * option is not compatible with taking the library under the GPL v2.0-or-later license. */ //#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED From 3e1d39b33217b747760f9a50758ba789dc37f780 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 8 Nov 2023 12:54:02 +0100 Subject: [PATCH 0613/1674] Add check about legacy dependencies in PSA tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 086677a60..652b48174 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1024,6 +1024,43 @@ component_check_test_cases () { unset opt } +component_check_test_dependencies () { + msg "Check: test case dependencies: legacy vs PSA" # < 1s + + found="check-test-deps-found-$$" + expected="check-test-deps-expected-$$" + + # Find legacy dependencies in PSA tests + grep 'depends_on' tests/suites/test_suite_psa* | + grep -Eo '!?MBEDTLS_[^: ]*' | + grep -v MBEDTLS_PSA_ | + sort -u > $found + + # Expected ones with justification - keep in sorted order! + rm -f $expected + # No PSA equivalent - WANT_KEY_TYPE_AES means all sizes + echo "!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" >> $expected + # This is used by import_rsa_made_up() in test_suite_psa_crypto in order + # to build a fake RSA key of the wanted size based on + # PSA_VENDOR_RSA_MAX_KEY_BITS. The legacy module is only used by + # the test code and that's probably the most convenient way of achieving + # the test's goal. + echo "MBEDTLS_ASN1_WRITE_C" >> $expected + # No PSA equivalent - we should probably have one in the future. + echo "MBEDTLS_ECP_RESTARTABLE" >> $expected + # No PSA equivalent - needed by some init tests + echo "MBEDTLS_ENTROPY_NV_SEED" >> $expected + # Used by two tests that are about an extension to the PSA standard; + # as such, no PSA equivalent. + echo "MBEDTLS_PEM_PARSE_C" >> $expected + + # Compare reality with expectation. + # We want an exact match, to ensure the above list remains up-to-date. + diff -U0 $expected $found + + rm $found $expected +} + component_check_doxygen_warnings () { msg "Check: doxygen warnings (builds the documentation)" # ~ 3s tests/scripts/doxygen.sh From b9015385fdf8cad756ae39efff1dd7a1a2b2819c Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 8 Nov 2023 13:11:10 +0100 Subject: [PATCH 0614/1674] test_driver_extension: use same def/undef pattern for all accelerated symbols Signed-off-by: Valerio Setti --- .../crypto_config_test_driver_extension.h | 105 ++++++++++++++++-- 1 file changed, 97 insertions(+), 8 deletions(-) diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h index d39e9c158..5ee949ab8 100644 --- a/tests/include/test/drivers/crypto_config_test_driver_extension.h +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -521,17 +521,106 @@ #endif #endif -#define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1 -#define MBEDTLS_PSA_ACCEL_ALG_CCM 1 +#if defined(PSA_WANT_ALG_GCM) +#if defined(MBEDTLS_PSA_ACCEL_ALG_GCM) +#undef MBEDTLS_PSA_ACCEL_ALG_GCM +#else #define MBEDTLS_PSA_ACCEL_ALG_GCM 1 -#define MBEDTLS_PSA_ACCEL_ALG_HKDF 1 -#define MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT 1 -#define MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND 1 -#define MBEDTLS_PSA_ACCEL_ALG_HMAC 1 -#define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1 -#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1 +#endif +#endif +#if defined(PSA_WANT_ALG_CCM) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CCM) +#undef MBEDTLS_PSA_ACCEL_ALG_CCM +#else +#define MBEDTLS_PSA_ACCEL_ALG_CCM 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_CBC_MAC) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC) +#undef MBEDTLS_PSA_ACCEL_ALG_CBC_MAC +#else +#define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_HMAC) +#if defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) +#undef MBEDTLS_PSA_ACCEL_ALG_HMAC +#else +#define MBEDTLS_PSA_ACCEL_ALG_HMAC 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_HKDF) +#if defined(MBEDTLS_PSA_ACCEL_ALG_HKDF) +#undef MBEDTLS_PSA_ACCEL_ALG_HKDF +#else +#define MBEDTLS_PSA_ACCEL_ALG_HKDF 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_HKDF_EXTRACT) +#if defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT) +#undef MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT +#else +#define MBEDTLS_PSA_ACCEL_ALG_HKDF_EXTRACT 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_HKDF_EXPAND) +#if defined(MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND) +#undef MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND +#else +#define MBEDTLS_PSA_ACCEL_ALG_HKDF_EXPAND 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_RSA_OAEP) +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) +#undef MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP +#else +#define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1 +#endif +#endif + +#if defined(PSA_WANT_ALG_RSA_PKCS1V15_CRYPT) +#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT) +#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT +#else +#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_DERIVE) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE +#else #define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_HMAC) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC +#else #define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_DES) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_DES +#else #define MBEDTLS_PSA_ACCEL_KEY_TYPE_DES 1 +#endif +#endif + +#if defined(PSA_WANT_KEY_TYPE_RAW_DATA) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA +#else #define MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA 1 +#endif +#endif From 5567e3a34bc43fdd3702ae782c6ea53afacf6c8f Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 8 Nov 2023 13:28:20 +0000 Subject: [PATCH 0615/1674] Make empty key slots explicit Add new status field to key slots, and use it. Signed-off-by: Ryan Everett --- library/psa_crypto.c | 1 + library/psa_crypto_core.h | 7 ++++++- library/psa_crypto_slot_management.c | 2 ++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index bbd6b24ed..0660ee411 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1786,6 +1786,7 @@ static psa_status_t psa_start_key_creation( * definition. */ slot->attr = attributes->core; + slot->status = PSA_SLOT_OCCUPIED; if (PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) slot->attr.id = volatile_key_id; diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index d406ce459..700e0fef6 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -39,6 +39,11 @@ int psa_can_do_hash(psa_algorithm_t hash_alg); typedef struct { psa_core_key_attributes_t attr; + enum { + PSA_SLOT_EMPTY = 0, + PSA_SLOT_OCCUPIED, + } status; + /* * Number of locks on the key slot held by the library. * @@ -88,7 +93,7 @@ typedef struct { */ static inline int psa_is_key_slot_occupied(const psa_key_slot_t *slot) { - return slot->attr.type != 0; + return slot->status == PSA_SLOT_OCCUPIED; } /** Test whether a key slot is locked. diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 3b8a319cb..36d541044 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -221,6 +221,7 @@ static psa_status_t psa_load_persistent_key_into_slot(psa_key_slot_t *slot) if (status != PSA_SUCCESS) { goto exit; } + slot->status = PSA_SLOT_OCCUPIED; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* Special handling is required for loading keys associated with a @@ -315,6 +316,7 @@ static psa_status_t psa_load_builtin_key_into_slot(psa_key_slot_t *slot) /* Copy actual key length and core attributes into the slot on success */ slot->key.bytes = key_buffer_length; slot->attr = attributes.core; + slot->status = PSA_SLOT_OCCUPIED; exit: if (status != PSA_SUCCESS) { From de7ead0a649d79e9a79371ffe1e2a034fbdace07 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 9 Nov 2023 10:10:33 +0800 Subject: [PATCH 0616/1674] Update license Co-authored-by: Gilles Peskine Signed-off-by: Jerry Yu --- tests/scripts/generate_server9_bad_saltlen.py | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/tests/scripts/generate_server9_bad_saltlen.py b/tests/scripts/generate_server9_bad_saltlen.py index 36682152a..9af4dd3b6 100755 --- a/tests/scripts/generate_server9_bad_saltlen.py +++ b/tests/scripts/generate_server9_bad_saltlen.py @@ -5,19 +5,7 @@ Generate a certificate signed with RSA-PSS, with an incorrect salt length. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import subprocess import argparse From 53c4a0da071d7351a807206a41e700bc2d1aae9d Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 9 Nov 2023 10:38:17 +0800 Subject: [PATCH 0617/1674] Improve documents Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 5ebb00f7d..67ca19232 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3781,11 +3781,12 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf, * * \param conf The SSL configuration to use. * \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms, - * terminated by \c MBEDTLS_TLS1_3_SIG_NONE. The list must remain - * available throughout the lifetime of the conf object. Supported - * values are available as \c MBEDTLS_TLS1_3_SIG_XXXX . Using - * this for TLS 1.2, items in this parameter should be - * "(HashAlgorithm << 8) | SignatureAlgorithm". + * terminated by #MBEDTLS_TLS1_3_SIG_NONE. The list must remain + * available throughout the lifetime of the conf object. + * - For TLS 1.3, values of \c MBEDTLS_TLS1_3_SIG_XXXX should be + * used. + * - For TLS 1.2, values should be given as + * "(HashAlgorithm << 8) | SignatureAlgorithm". */ void mbedtls_ssl_conf_sig_algs(mbedtls_ssl_config *conf, const uint16_t *sig_algs); From f03b49122c75e5b10a3c99016f329899d68114c9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 9 Nov 2023 11:23:17 +0800 Subject: [PATCH 0618/1674] aes.c: guard RSb and RTx properly If we enabled AES_DECRYPT_ALT and either AES_SETKEY_DEC_ALT or AES_USE_HARDWARE_ONLY, this means RSb and RTx are not needed. This commit extends how we guard RSb and RTx for the combinations of these configurations. Signed-off-by: Yanray Wang --- library/aes.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/library/aes.c b/library/aes.c index fa73a6362..9dc7b7d14 100644 --- a/library/aes.c +++ b/library/aes.c @@ -66,7 +66,12 @@ #include "mbedtls/platform.h" -#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_SETKEY_DEC_ALT)) && \ +/* + * This is a convenience shorthand macro to check if we need reverse S-box and + * reverse tables. It's private and only defined in this file. + */ +#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || \ + (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY))) && \ !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) #define MBEDTLS_AES_NEED_REVERSE_TABLES #endif @@ -447,7 +452,6 @@ MBEDTLS_MAYBE_UNUSED static void aes_gen_tables(void) #if defined(MBEDTLS_AES_NEED_REVERSE_TABLES) x = RSb[i]; -#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) RT0[i] = ((uint32_t) MUL(0x0E, x)) ^ ((uint32_t) MUL(0x09, x) << 8) ^ ((uint32_t) MUL(0x0D, x) << 16) ^ @@ -458,7 +462,6 @@ MBEDTLS_MAYBE_UNUSED static void aes_gen_tables(void) RT2[i] = ROTL8(RT1[i]); RT3[i] = ROTL8(RT2[i]); #endif /* !MBEDTLS_AES_FEWER_TABLES */ -#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ #endif /* MBEDTLS_AES_NEED_REVERSE_TABLES */ } } From 6cdfe9d51f68a59c89c1dfe1b5aa5c83acb36c3c Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 9 Nov 2023 16:00:39 +0800 Subject: [PATCH 0619/1674] tls1.3: early data: rephrase ChangeLog Signed-off-by: Yanray Wang --- ChangeLog.d/rename-conf-early-data-API.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/rename-conf-early-data-API.txt b/ChangeLog.d/rename-conf-early-data-API.txt index e63b95843..d43681199 100644 --- a/ChangeLog.d/rename-conf-early-data-API.txt +++ b/ChangeLog.d/rename-conf-early-data-API.txt @@ -1,4 +1,4 @@ API changes - * Remove `tls13_` prefix in the name of mbedtls_ssl_tls13_conf_early_data() - and mbedtls_ssl_tls13_conf_max_early_data_size(). Early data feature may - not be TLS 1.3 specific in the furture, as requested in #6909. + * Remove `tls13_` in mbedtls_ssl_tls13_conf_early_data() and + mbedtls_ssl_tls13_conf_max_early_data_size() API names. Early data + feature may not be TLS 1.3 specific in the future. Fixes #6909. From 70743b02dfaa08fc034665058bc30374eaf3ce41 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 9 Nov 2023 16:13:53 +0800 Subject: [PATCH 0620/1674] psa_information: compile a regex instead of using string directly Compiling a regex improves performance and avoids accidentally combining it with a string. This commit makes this change. Signed-off-by: Yanray Wang --- scripts/mbedtls_dev/psa_information.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/mbedtls_dev/psa_information.py b/scripts/mbedtls_dev/psa_information.py index 3c51ee150..2287ae13e 100644 --- a/scripts/mbedtls_dev/psa_information.py +++ b/scripts/mbedtls_dev/psa_information.py @@ -102,11 +102,11 @@ def automatic_dependencies(*expressions: str) -> List[str]: # Skip AES test cases which require 192- or 256-bit key # if MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH defined -AES_128BIT_ONLY_DEP_REGEX = r'AES\s(192|256)' +AES_128BIT_ONLY_DEP_REGEX = re.compile(r'AES\s(192|256)') AES_128BIT_ONLY_DEP = ['!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH'] # Skip AES/ARIA/CAMELLIA test cases which require decrypt operation in ECB mode # if MBEDTLS_BLOCK_CIPHER_NO_DECRYPT enabled. -ECB_NO_PADDING_DEP_REGEX = r'(AES|ARIA|CAMELLIA).*ECB_NO_PADDING' +ECB_NO_PADDING_DEP_REGEX = re.compile(r'(AES|ARIA|CAMELLIA).*ECB_NO_PADDING') ECB_NO_PADDING_DEP = ['!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT'] DEPENDENCY_FROM_DESCRIPTION = OrderedDict() From 99385545773005551e424c973f0879e1453e20b5 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 9 Nov 2023 16:45:52 +0800 Subject: [PATCH 0621/1674] BLOCK_CIPHER_NO_DECRYPT: rephrase ChangeLog Signed-off-by: Yanray Wang --- ChangeLog.d/add-block-cipher-no-decrypt.txt | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/ChangeLog.d/add-block-cipher-no-decrypt.txt b/ChangeLog.d/add-block-cipher-no-decrypt.txt index 755eda35a..d05bf86ba 100644 --- a/ChangeLog.d/add-block-cipher-no-decrypt.txt +++ b/ChangeLog.d/add-block-cipher-no-decrypt.txt @@ -1,6 +1,6 @@ Features - * Add support to remove decryption operation for cipher type of AES, ARIA - and CAMELLIA. A new configuration option, MBEDTLS_BLOCK_CIPHER_NO_DECRYPT - can be used to enable this feature. - Note that this configuration option is incompatible with MBEDTLS_DES_C, - MBEDTLS_CIPHER_MODE_CBC, MBEDTLS_CIPHER_MODE_XTS and MBEDTLS_NIST_KW_C. + * Enable the new option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT to omit + the decryption direction of block ciphers (AES, ARIA, Camellia). + This affects both the low-level modules and the high-level APIs + (the cipher and PSA interfaces). This option is incompatible with modes + that use the decryption direction (ECB in PSA, CBC, XTS, KW) and with DES. From 9916b06ce746d67d3562227bb84774a7cbfc3f9b Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Thu, 9 Nov 2023 14:25:01 +0100 Subject: [PATCH 0622/1674] Fix uninitialized variable warnings. Signed-off-by: Matthias Schulz --- library/ssl_msg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index cffd1c90f..39f633730 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -3632,7 +3632,7 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_handle_possible_reconnect(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t len; + size_t len = 0; if (ssl->conf->f_cookie_write == NULL || ssl->conf->f_cookie_check == NULL) { From ee10b8470ada9988c560275cbe569fdd86befd50 Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Thu, 9 Nov 2023 15:19:28 +0100 Subject: [PATCH 0623/1674] Fix compiler error on gcc 4.5.2. Signed-off-by: Matthias Schulz --- library/constant_time_impl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index f0b2fc02f..74d2732e7 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -31,7 +31,7 @@ * Disable -Wredundant-decls so that gcc does not warn about this. This is re-enabled * at the bottom of this file. */ -#ifdef __GNUC__ +#ifdef __GNUC__ > 4 #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wredundant-decls" #endif From 2e068cef0938ee60d50a879045934bbc9d66a364 Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Thu, 9 Nov 2023 15:25:52 +0100 Subject: [PATCH 0624/1674] fixes invalid default choice of thumb assembler syntax. Signed-off-by: Matthias Schulz --- library/constant_time_impl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index f0b2fc02f..aff48cfbb 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -123,7 +123,7 @@ static inline mbedtls_ct_uint_t mbedtls_ct_compiler_opaque(mbedtls_ct_uint_t x) * For gcc, restore divided syntax afterwards - otherwise old versions of gcc * seem to apply unified syntax globally, which breaks other asm code. */ -#if !defined(__clang__) +#if !defined(__clang__) && !(__GNUC__ == 4 && __GNUC_MINOR__ == 9) #define RESTORE_ASM_SYNTAX ".syntax divided \n\t" #else #define RESTORE_ASM_SYNTAX From 5ffc42442da437008a4c3ae4540a57893e59b1a5 Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Thu, 9 Nov 2023 15:44:24 +0100 Subject: [PATCH 0625/1674] Fix preprocessor syntax error. Signed-off-by: Matthias Schulz --- library/constant_time_impl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 74d2732e7..793ded4b9 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -31,7 +31,7 @@ * Disable -Wredundant-decls so that gcc does not warn about this. This is re-enabled * at the bottom of this file. */ -#ifdef __GNUC__ > 4 +#if __GNUC__ > 4 #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wredundant-decls" #endif From 5a39c4ecf2a065d454f01bd00656fdea9d782f73 Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Thu, 9 Nov 2023 15:53:01 +0100 Subject: [PATCH 0626/1674] Fixes https://github.com/Mbed-TLS/mbedtls/issues/6910 as proposed in https://github.com/Mbed-TLS/mbedtls/issues/6910#issuecomment-1573301661 Signed-off-by: Matthias Schulz --- include/psa/crypto_extra.h | 3 +++ include/psa/crypto_struct.h | 3 +++ 2 files changed, 6 insertions(+) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index ef29b77db..75dc262e8 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -486,10 +486,13 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription */ +#if !defined(PSA_SET_KEY_DOMAIN_PARAMETERS) +#define PSA_SET_KEY_DOMAIN_PARAMETERS psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length); +#endif /* PSA_SET_KEY_DOMAIN_PARAMETERS */ /** * \brief Get domain parameters for a key. diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 5639ad05d..6efa8e72a 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -356,10 +356,13 @@ static inline psa_algorithm_t psa_get_key_algorithm( /* This function is declared in crypto_extra.h, which comes after this * header file, but we need the function here, so repeat the declaration. */ +#if !defined(PSA_SET_KEY_DOMAIN_PARAMETERS) +#define PSA_SET_KEY_DOMAIN_PARAMETERS psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, psa_key_type_t type, const uint8_t *data, size_t data_length); +#endif /* PSA_SET_KEY_DOMAIN_PARAMETERS */ static inline void psa_set_key_type(psa_key_attributes_t *attributes, psa_key_type_t type) From d2fa6981550e0d0515a1d70bfc7840045f71bb62 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 9 Nov 2023 21:46:24 +0100 Subject: [PATCH 0627/1674] Strengthen against possible compiler optimizations Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index 7e173ee27..805de2d30 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -25,10 +25,15 @@ /* This is an external variable, so the compiler doesn't know that we're never * changing its value. - * - * TODO: LTO (link-time-optimization) would defeat this. */ -int false_but_the_compiler_does_not_know = 0; +volatile int false_but_the_compiler_does_not_know = 0; + +/* Set n bytes at the address p to all-bits-zero, in such a way that + * the compiler should not know that p is all-bits-zero. */ +static void set_to_zero_but_the_compiler_does_not_know(void *p, size_t n) +{ + memset(p, false_but_the_compiler_does_not_know, n); +} /****************************************************************/ @@ -50,7 +55,7 @@ void null_pointer_dereference(const char *name) { (void) name; volatile char *p; - mbedtls_platform_zeroize((void *) &p, sizeof(p)); + set_to_zero_but_the_compiler_does_not_know(&p, sizeof(p)); mbedtls_printf("%p -> %u\n", p, (unsigned) *p); } @@ -58,7 +63,7 @@ void null_pointer_call(const char *name) { (void) name; unsigned (*p)(void); - mbedtls_platform_zeroize(&p, sizeof(p)); + set_to_zero_but_the_compiler_does_not_know(&p, sizeof(p)); /* The pointer representation may be truncated, but we don't care: * the only point of printing it is to have some use of the pointer * to dissuade the compiler from optimizing it away. */ @@ -104,8 +109,7 @@ void memory_leak(const char *name) { (void) name; volatile char *p = mbedtls_calloc(1, 1); - /* Hint to the compiler that calloc must not be optimized away. */ - (void) *p; + mbedtls_printf("%u\n", (unsigned) *p); } From 49cd4b5f7d5f710412600526b0352a9b0d139bd4 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 10 Nov 2023 11:58:37 +0800 Subject: [PATCH 0628/1674] all.sh: refine and simplify component for block_cipher_no_decrypt Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 307 +++++++++++++------------------------------ 1 file changed, 89 insertions(+), 218 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d24ad9d10..937a8ea86 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4507,6 +4507,93 @@ component_test_aes_fewer_tables_and_rom_tables () { make test } +# helper for common_block_cipher_no_decrypt() which: +# - enable/disable the list of config options passed from -s/-u respectively. +# - build +# - test for tests_suite_xxx +# - selftest +# +# Usage: helper_block_cipher_no_decrypt_build_test +# [-s set_opts] [-u unset_opts] [-c cflags] [-l ldflags] [option [...]] +# Options: -s set_opts the list of config options to enable +# -u unset_opts the list of config options to disable +# -c cflags the list of options passed to CFLAGS +# -l ldflags the list of options passed to LDFLAGS +helper_block_cipher_no_decrypt_build_test () { + while [ $# -gt 0 ]; do + case "$1" in + -s) + shift; local set_opts="$1";; + -u) + shift; local unset_opts="$1";; + -c) + shift; local cflags="$1";; + -l) + shift; local ldflags="$1";; + esac + shift + done + set_opts="${set_opts:-}" + unset_opts="${unset_opts:-}" + cflags="${cflags:-}" + ldflags="${ldflags:-}" + + for opt in $set_opts; do + echo "Enabling $opt" + scripts/config.py set $opt + done + for opt in $unset_opts; do + echo "Disabling $opt" + scripts/config.py unset $opt + done + + msg "build: default config + BLOCK_CIPHER_NO_DECRYPT${set_opts:+ + $set_opts}${unset_opts:+ - $unset_opts} with $cflags${ldflags:+, $ldflags}" + make clean + make CC=gcc CFLAGS="$cflags" LDFLAGS="$ldflags" + + # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA + not grep mbedtls_aes_setkey_dec library/aes.o + not grep mbedtls_aria_setkey_dec library/aria.o + not grep mbedtls_camellia_setkey_dec library/camellia.o + # Make sure we don't have mbedtls_internal_aes_decrypt in AES + not grep mbedtls_internal_aes_decrypt library/aes.o + + msg "test: default config + BLOCK_CIPHER_NO_DECRYPT${set_opts:+ + $set_opts}${unset_opts:+ - $unset_opts} with $cflags${ldflags:+, $ldflags}" + make test + + msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT${set_opts:+ + $set_opts}${unset_opts:+ - $unset_opts} with $cflags${ldflags:+, $ldflags}" + programs/test/selftest +} + +# This is a common configuration function used in: +# - component_test_block_cipher_no_decrypt_aesni_legacy() +# - component_test_block_cipher_no_decrypt_aesni_use_psa() +# in order to test BLOCK_CIPHER_NO_DECRYPT with AESNI intrinsics, +# AESNI assembly and AES C implementation on x86_64 and with AESNI intrinsics +# on x86. +common_block_cipher_no_decrypt () { + # test AESNI intrinsics + helper_block_cipher_no_decrypt_build_test \ + -s "MBEDTLS_AESNI_C" \ + -c "-Werror -Wall -Wextra -mpclmul -msse2 -maes" + + # test AESNI assembly + helper_block_cipher_no_decrypt_build_test \ + -s "MBEDTLS_AESNI_C" \ + -c "-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes" + + # test AES C implementation + helper_block_cipher_no_decrypt_build_test \ + -u "MBEDTLS_AESNI_C" \ + -c "-Werror -Wall -Wextra" + + # test AESNI intrinsics for i386 target + helper_block_cipher_no_decrypt_build_test \ + -s "MBEDTLS_AESNI_C" \ + -c "-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes" \ + -l "-m32" +} + component_test_block_cipher_no_decrypt_aesni_legacy () { # enable BLOCK_CIPHER_NO_DECRYPT and disable its incompatible configs scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT @@ -4515,62 +4602,7 @@ component_test_block_cipher_no_decrypt_aesni_legacy () { scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_NIST_KW_C - # test AESNI intrinsics - scripts/config.py set MBEDTLS_AESNI_C - msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI intrinsics" - make clean - make CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes' - - # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA - not grep mbedtls_aes_setkey_dec library/aes.o - not grep mbedtls_aria_setkey_dec library/aria.o - not grep mbedtls_camellia_setkey_dec library/camellia.o - # Make sure we don't have mbedtls_internal_aes_decrypt in AES - not grep mbedtls_internal_aes_decrypt library/aes.o - - msg "test: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI intrinsics" - make test - - msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI intrinsics" - programs/test/selftest - - # test AESNI assembly - scripts/config.py set MBEDTLS_AESNI_C - msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI assembly" - make clean - make CC=gcc CFLAGS='-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes' - - # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA - not grep mbedtls_aes_setkey_dec library/aes.o - not grep mbedtls_aria_setkey_dec library/aria.o - not grep mbedtls_camellia_setkey_dec library/camellia.o - # Make sure we don't have mbedtls_internal_aes_decrypt in AES - not grep mbedtls_internal_aes_decrypt library/aes.o - - msg "test: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI assembly" - make test - - msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI assembly" - programs/test/selftest - - # test AES C implementation - msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AES C Implementation" - scripts/config.py unset MBEDTLS_AESNI_C - make clean - make CC=gcc CFLAGS='-Werror -Wall -Wextra' - - # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA - not grep mbedtls_aes_setkey_dec library/aes.o - not grep mbedtls_aria_setkey_dec library/aria.o - not grep mbedtls_camellia_setkey_dec library/camellia.o - # Make sure we don't have mbedtls_internal_aes_decrypt in AES - not grep mbedtls_internal_aes_decrypt library/aes.o - - msg "test: default config + BLOCK_CIPHER_NO_DECRYPT with AES C Implementation" - make test - - msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT with AES C Implementation" - programs/test/selftest + common_block_cipher_no_decrypt } component_test_block_cipher_no_decrypt_aesni_use_psa () { @@ -4589,168 +4621,7 @@ component_test_block_cipher_no_decrypt_aesni_use_psa () { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_DES - # test AESNI intrinsics - scripts/config.py set MBEDTLS_AESNI_C - msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI intrinsics" - make clean - make CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes' - - # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA - not grep mbedtls_aes_setkey_dec library/aes.o - not grep mbedtls_aria_setkey_dec library/aria.o - not grep mbedtls_camellia_setkey_dec library/camellia.o - # Make sure we don't have mbedtls_internal_aes_decrypt in AES - not grep mbedtls_internal_aes_decrypt library/aes.o - - msg "test: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI intrinsics" - make test - - msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI intrinsics" - programs/test/selftest - - # test AESNI assembly - scripts/config.py set MBEDTLS_AESNI_C - msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI assembly" - make clean - make CC=gcc CFLAGS='-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes' - - # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA - not grep mbedtls_aes_setkey_dec library/aes.o - not grep mbedtls_aria_setkey_dec library/aria.o - not grep mbedtls_camellia_setkey_dec library/camellia.o - # Make sure we don't have mbedtls_internal_aes_decrypt in AES - not grep mbedtls_internal_aes_decrypt library/aes.o - - msg "test: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI assembly" - make test - - msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT with AESNI assembly" - programs/test/selftest - - # test AES C implementation - msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AES C Implementation" - scripts/config.py unset MBEDTLS_AESNI_C - make clean - make CC=gcc CFLAGS='-Werror -Wall -Wextra' - - # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA - not grep mbedtls_aes_setkey_dec library/aes.o - not grep mbedtls_aria_setkey_dec library/aria.o - not grep mbedtls_camellia_setkey_dec library/camellia.o - # Make sure we don't have mbedtls_internal_aes_decrypt in AES - not grep mbedtls_internal_aes_decrypt library/aes.o - - msg "test: default config + BLOCK_CIPHER_NO_DECRYPT with AES C Implementation" - make test - - msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT with AES C Implementation" - programs/test/selftest -} - -component_test_block_cipher_no_decrypt_aesni_m32_legacy () { - # enable BLOCK_CIPHER_NO_DECRYPT and disable its incompatible configs - scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT - scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC - scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS - scripts/config.py unset MBEDTLS_DES_C - scripts/config.py unset MBEDTLS_NIST_KW_C - - # test AESNI intrinsics for i386 with VIA PADLOCK - scripts/config.py set MBEDTLS_AESNI_C - scripts/config.py set MBEDTLS_PADLOCK_C - msg "build: default config + BLOCK_CIPHER_NO_DECRYPT for i386 with VIA PADLOCK" - make clean - make CC=gcc LDFLAGS='-m32' CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' - - # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA - not grep mbedtls_aes_setkey_dec library/aes.o - not grep mbedtls_aria_setkey_dec library/aria.o - not grep mbedtls_camellia_setkey_dec library/camellia.o - # Make sure we don't have mbedtls_internal_aes_decrypt in AES - not grep mbedtls_internal_aes_decrypt library/aes.o - - msg "test: default config + BLOCK_CIPHER_NO_DECRYPT for i386 with VIA PADLOCK" - make test - - msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT for i386 with VIA PADLOCK" - programs/test/selftest - - # test AESNI intrinsics for i386 without VIA PADLOCK - scripts/config.py set MBEDTLS_AESNI_C - scripts/config.py unset MBEDTLS_PADLOCK_C - msg "build: default config + BLOCK_CIPHER_NO_DECRYPT for i386 without VIA PADLOCK" - make clean - make CC=gcc LDFLAGS='-m32' CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' - - # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA - not grep mbedtls_aes_setkey_dec library/aes.o - not grep mbedtls_aria_setkey_dec library/aria.o - not grep mbedtls_camellia_setkey_dec library/camellia.o - # Make sure we don't have mbedtls_internal_aes_decrypt in AES - not grep mbedtls_internal_aes_decrypt library/aes.o - - msg "test: default config + BLOCK_CIPHER_NO_DECRYPT for i386 without VIA PADLOCK" - make test - - msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT for i386 without VIA PADLOCK" - programs/test/selftest -} - -component_test_block_cipher_no_decrypt_aesni_m32_use_psa () { - # enable BLOCK_CIPHER_NO_DECRYPT and disable its incompatible configs - scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT - scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC - scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS - scripts/config.py unset MBEDTLS_DES_C - scripts/config.py unset MBEDTLS_NIST_KW_C - - # Enable support for cryptographic mechanisms through the PSA API. - # Note: XTS, KW are not yet supported via the PSA API in Mbed TLS. - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7 - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_DES - - # test AESNI intrinsics for i386 with VIA PADLOCK - scripts/config.py set MBEDTLS_AESNI_C - scripts/config.py set MBEDTLS_PADLOCK_C - msg "build: default config + BLOCK_CIPHER_NO_DECRYPT for i386 with VIA PADLOCK" - make clean - make CC=gcc LDFLAGS='-m32' CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' - - # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA - not grep mbedtls_aes_setkey_dec library/aes.o - not grep mbedtls_aria_setkey_dec library/aria.o - not grep mbedtls_camellia_setkey_dec library/camellia.o - # Make sure we don't have mbedtls_internal_aes_decrypt in AES - not grep mbedtls_internal_aes_decrypt library/aes.o - - msg "test: default config + BLOCK_CIPHER_NO_DECRYPT for i386 with VIA PADLOCK" - make test - - msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT for i386 with VIA PADLOCK" - programs/test/selftest - - # test AESNI intrinsics for i386 without VIA PADLOCK - scripts/config.py set MBEDTLS_AESNI_C - scripts/config.py unset MBEDTLS_PADLOCK_C - msg "build: default config + BLOCK_CIPHER_NO_DECRYPT for i386 without VIA PADLOCK" - make clean - make CC=gcc LDFLAGS='-m32' CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' - - # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA - not grep mbedtls_aes_setkey_dec library/aes.o - not grep mbedtls_aria_setkey_dec library/aria.o - not grep mbedtls_camellia_setkey_dec library/camellia.o - # Make sure we don't have mbedtls_internal_aes_decrypt in AES - not grep mbedtls_internal_aes_decrypt library/aes.o - - msg "test: default config + BLOCK_CIPHER_NO_DECRYPT for i386 without VIA PADLOCK" - make test - - msg "selftest: default config + BLOCK_CIPHER_NO_DECRYPT for i386 without VIA PADLOCK" - programs/test/selftest + common_block_cipher_no_decrypt } support_test_block_cipher_no_decrypt_aesce_armcc () { From 4cd1b1617d37fe66aef848996363648ef9ab7687 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 10 Nov 2023 12:18:29 +0800 Subject: [PATCH 0629/1674] all.sh: check additional symbols in asece for block_cipher_no_decrypt check - mbedtls_aesce_inverse_key - aesce_decrypt_block Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 937a8ea86..ad443da77 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4670,6 +4670,9 @@ component_test_block_cipher_no_decrypt_aesce_armcc () { not grep mbedtls_camellia_setkey_dec library/camellia.o # Make sure we don't have mbedtls_internal_aes_decrypt in AES not grep mbedtls_internal_aes_decrypt library/aes.o + # Make sure we don't have mbedtls_aesce_inverse_key and aesce_decrypt_block in aesce + not grep mbedtls_aesce_inverse_key library/aesce.o + not grep aesce_decrypt_block library/aesce.o } component_test_ctr_drbg_aes_256_sha_256 () { From 799bd84b0d50790a335d2ba9930687b3fb4f9df7 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 10 Nov 2023 12:21:35 +0800 Subject: [PATCH 0630/1674] all.sh: resue support_build_armcc for *_armcc test For time being, pre_check_tools check armcc and armclang together. Therefore, we can resue support_build_armcc even if the test only needs armclang. Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ad443da77..5b649f6b3 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3891,8 +3891,7 @@ component_build_psa_accel_key_type_rsa_public_key() { support_build_tfm_armcc () { - armc6_cc="$ARMC6_BIN_DIR/armclang" - (check_tools "$armc6_cc" > /dev/null 2>&1) + support_build_armcc } component_build_tfm_armcc() { @@ -4026,7 +4025,6 @@ component_build_aes_variations() { # MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is incompatible with CBC/XTS/DES/NIST_KW, # manually set or unset those configurations to check # MBEDTLS_BLOCK_CIPHER_NO_DECRYPT with various combinations in aes.o. - scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS @@ -4625,8 +4623,7 @@ component_test_block_cipher_no_decrypt_aesni_use_psa () { } support_test_block_cipher_no_decrypt_aesce_armcc () { - armc6_cc="$ARMC6_BIN_DIR/armclang" - (check_tools "$armc6_cc" > /dev/null 2>&1) + support_build_armcc } component_test_block_cipher_no_decrypt_aesce_armcc () { From 111159b89c08b6f691b4fe33a2732f4bf84da9a9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 10 Nov 2023 13:41:12 +0800 Subject: [PATCH 0631/1674] BLOCK_CIPHER_NO_DECRYPT: call encrypt direction unconditionally Signed-off-by: Yanray Wang --- include/mbedtls/aes.h | 2 -- library/aes.c | 9 ++++----- library/aesce.c | 9 ++++----- library/aesni.c | 25 ++++++++++--------------- library/psa_crypto.c | 1 - 5 files changed, 18 insertions(+), 28 deletions(-) diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h index c43134d45..c53f817c1 100644 --- a/include/mbedtls/aes.h +++ b/include/mbedtls/aes.h @@ -60,8 +60,6 @@ /* Error codes in range 0x0021-0x0025 */ /** Invalid input data. */ #define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 -/** The requested feature is not available. */ -#define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 #ifdef __cplusplus extern "C" { diff --git a/library/aes.c b/library/aes.c index 9dc7b7d14..f91d2519f 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1064,14 +1064,13 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx, #endif #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) - if (mode == MBEDTLS_AES_ENCRYPT) { - return mbedtls_internal_aes_encrypt(ctx, input, output); - } else { #if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) + if (mode == MBEDTLS_AES_DECRYPT) { return mbedtls_internal_aes_decrypt(ctx, input, output); -#else - return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE; + } else #endif + { + return mbedtls_internal_aes_encrypt(ctx, input, output); } #endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ } diff --git a/library/aesce.c b/library/aesce.c index 5883e6a83..9a82731f0 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -244,14 +244,13 @@ int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx, uint8x16_t block = vld1q_u8(&input[0]); unsigned char *keys = (unsigned char *) (ctx->buf + ctx->rk_offset); - if (mode == MBEDTLS_AES_ENCRYPT) { - block = aesce_encrypt_block(block, keys, ctx->nr); - } else { #if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) + if (mode == MBEDTLS_AES_DECRYPT) { block = aesce_decrypt_block(block, keys, ctx->nr); -#else - return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE; + } else #endif + { + block = aesce_encrypt_block(block, keys, ctx->nr); } vst1q_u8(&output[0], block); diff --git a/library/aesni.c b/library/aesni.c index 6c917daec..c68b081de 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -93,24 +93,25 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, ++rk; --nr; - if (mode == MBEDTLS_AES_ENCRYPT) { - while (nr != 0) { - state = _mm_aesenc_si128(state, *rk); - ++rk; - --nr; - } - state = _mm_aesenclast_si128(state, *rk); - } else { #if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) + if (mode == MBEDTLS_AES_DECRYPT) { while (nr != 0) { state = _mm_aesdec_si128(state, *rk); ++rk; --nr; } state = _mm_aesdeclast_si128(state, *rk); + } else #else - return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE; + (void) mode; #endif + { + while (nr != 0) { + state = _mm_aesenc_si128(state, *rk); + ++rk; + --nr; + } + state = _mm_aesenclast_si128(state, *rk); } memcpy(output, &state, 16); @@ -445,12 +446,6 @@ int mbedtls_aesni_crypt_ecb(mbedtls_aes_context *ctx, const unsigned char input[16], unsigned char output[16]) { -#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) - if (mode == MBEDTLS_AES_DECRYPT) { - return MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE; - } -#endif - asm ("movdqu (%3), %%xmm0 \n\t" // load input "movdqu (%1), %%xmm1 \n\t" // load round key 0 "pxor %%xmm1, %%xmm0 \n\t" // round 0 diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2ada2eb72..1faf1dd6c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -157,7 +157,6 @@ psa_status_t mbedtls_to_psa_error(int ret) #if defined(MBEDTLS_AES_C) case MBEDTLS_ERR_AES_INVALID_KEY_LENGTH: case MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH: - case MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE: return PSA_ERROR_NOT_SUPPORTED; case MBEDTLS_ERR_AES_BAD_INPUT_DATA: return PSA_ERROR_INVALID_ARGUMENT; From ec9b25877fc69f47a624a5b93893420702202d0b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 8 Nov 2023 16:50:54 +0100 Subject: [PATCH 0632/1674] all.sh: disable CIPHER_C in test_psa_crypto_config_accel_cipher_aead Extra features that depend on CIPHER_C are disabled also in the reference component in order to get test parity. Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 73206a811..2f7ebbf5a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3631,6 +3631,12 @@ common_psa_crypto_config_accel_cipher_aead() { # Start from the full config helper_libtestdriver1_adjust_config "full" + # CIPHER_C is disabled in the accelerated test component so we disable + # all the features that depend on it both in the accelerated and in the + # reference components. + scripts/config.py unset MBEDTLS_PKCS5_C + scripts/config.py unset MBEDTLS_PKCS12_C + scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py unset MBEDTLS_NIST_KW_C } @@ -3670,6 +3676,10 @@ component_test_psa_crypto_config_accel_cipher_aead () { scripts/config.py unset MBEDTLS_CHACHA20_C scripts/config.py unset MBEDTLS_CAMELLIA_C + # Disable CIPHER_C entirely as all ciphers/AEADs are accelerated and PSA + # does not depend on it. + scripts/config.py unset MBEDTLS_CIPHER_C + # Build # ----- @@ -3678,6 +3688,7 @@ component_test_psa_crypto_config_accel_cipher_aead () { helper_libtestdriver1_make_main "$loc_accel_list" # Make sure this was not re-enabled by accident (additive config) + not grep mbedtls_cipher library/cipher.o not grep mbedtls_des library/des.o not grep mbedtls_aes library/aes.o not grep mbedtls_aria library/aria.o From f941455e3b9f8fc7b7aced4a916f0daef57965ed Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 9 Nov 2023 10:43:20 +0100 Subject: [PATCH 0633/1674] all.sh: enable ssl-opt testing in psa_crypto_config_[accel/reference]_cipher_aead Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 73206a811..09c981915 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3641,7 +3641,7 @@ common_psa_crypto_config_accel_cipher_aead() { # are meant to be used together in analyze_outcomes.py script in order to test # driver's coverage for ciphers and AEADs. component_test_psa_crypto_config_accel_cipher_aead () { - msg "test: crypto config with accelerated cipher and AEAD" + msg "build: crypto config with accelerated cipher and AEAD" loc_accel_list="ALG_ECB_NO_PADDING ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB \ ALG_OFB ALG_XTS ALG_STREAM_CIPHER \ @@ -3687,18 +3687,29 @@ component_test_psa_crypto_config_accel_cipher_aead () { not grep mbedtls_chachapoly library/chachapoly.o not grep mbedtls_cmac library/cmac.o + make + # Run the tests # ------------- msg "test: crypto config with accelerated cipher and AEAD" make test + + msg "ssl-opt: crypto config with accelerated cipher and AEAD" + tests/ssl-opt.sh } component_test_psa_crypto_config_reference_cipher_aead () { + msg "build: crypto config with non-accelerated cipher and AEAD" common_psa_crypto_config_accel_cipher_aead + make + msg "test: crypto config with non-accelerated cipher and AEAD" make test + + msg "ssl-opt: crypto config with non-accelerated cipher and AEAD" + tests/ssl-opt.sh } component_test_aead_chachapoly_disabled() { From dd43d7b3a4f1f1dd6a1ead02b3acac7b6c943496 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 9 Nov 2023 14:10:51 +0100 Subject: [PATCH 0634/1674] ssl-opt: set proper dependencies on tests with encrypted server5 key Signed-off-by: Valerio Setti --- tests/ssl-opt.sh | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 9c317d1fc..befe1e182 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2090,6 +2090,11 @@ run_test "key size: TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ -c "Key size is 128" requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_MD_CAN_MD5 +# server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM +# module does not support PSA dispatching so we need builtin support. +requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_config_enabled MBEDTLS_AES_C requires_hash_alg SHA_256 run_test "TLS: password protected client key" \ "$P_SRV force_version=tls12 auth_mode=required" \ @@ -2097,6 +2102,11 @@ run_test "TLS: password protected client key" \ 0 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C +requires_config_enabled MBEDTLS_MD_CAN_MD5 +# server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM +# module does not support PSA dispatching so we need builtin support. +requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_config_enabled MBEDTLS_AES_C requires_hash_alg SHA_256 run_test "TLS: password protected server key" \ "$P_SRV crt_file=data_files/server5.crt key_file=data_files/server5.key.enc key_pwd=PolarSSLTest" \ @@ -2105,6 +2115,11 @@ run_test "TLS: password protected server key" \ requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_MD_CAN_MD5 +# server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM +# module does not support PSA dispatching so we need builtin support. +requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_config_enabled MBEDTLS_AES_C requires_hash_alg SHA_256 run_test "TLS: password protected server key, two certificates" \ "$P_SRV force_version=tls12\ From 01c4fa3e889551ce3f17d32e879ccf85ec4b58bc Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 9 Nov 2023 10:46:36 +0100 Subject: [PATCH 0635/1674] ssl: move MBEDTLS_SSL_HAVE internal symbols to ssl.h This is useful to properly define MBEDTLS_PSK_MAX_LEN when it is not defined explicitly in mbedtls_config.h Signed-off-by: Valerio Setti --- include/mbedtls/ssl.h | 22 +++++++++++++++++++++- library/ssl_misc.h | 20 -------------------- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index c9110dead..0177df17c 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -600,6 +600,26 @@ #define MBEDTLS_TLS_EXT_RENEGOTIATION_INFO 0xFF01 +/* Some internal helpers to determine which keys are availble. */ +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_AES)) +#define MBEDTLS_SSL_HAVE_AES +#endif +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CAMELLIA_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_CAMELLIA)) +#define MBEDTLS_SSL_HAVE_CAMELLIA +#endif +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ARIA_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ARIA)) +#define MBEDTLS_SSL_HAVE_ARIA +#endif + +/* Some internal helpers to determine which operation modes are availble. */ +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CIPHER_MODE_CBC)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CBC_NO_PADDING)) +#define MBEDTLS_SSL_HAVE_CBC +#endif + /* * Size defines */ @@ -613,7 +633,7 @@ */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ defined(MBEDTLS_SSL_SESSION_TICKETS) && \ - defined(MBEDTLS_AES_C) && defined(MBEDTLS_GCM_C) && \ + defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_GCM) && \ defined(MBEDTLS_MD_CAN_SHA384) #define MBEDTLS_PSK_MAX_LEN 48 /* 384 bits */ #else diff --git a/library/ssl_misc.h b/library/ssl_misc.h index bde55b6ce..4ddd9c4bb 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -249,26 +249,6 @@ uint32_t mbedtls_ssl_get_extension_mask(unsigned int extension_type); * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256). */ -/* Some internal helpers to determine which keys are availble. */ -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_AES_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_AES)) -#define MBEDTLS_SSL_HAVE_AES -#endif -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CAMELLIA_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_CAMELLIA)) -#define MBEDTLS_SSL_HAVE_CAMELLIA -#endif -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ARIA_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ARIA)) -#define MBEDTLS_SSL_HAVE_ARIA -#endif - -/* Some internal helpers to determine which operation modes are availble. */ -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CIPHER_MODE_CBC)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CBC_NO_PADDING)) -#define MBEDTLS_SSL_HAVE_CBC -#endif - #if defined(MBEDTLS_SSL_PROTO_TLS1_2) /* This macro determines whether CBC is supported. */ From 38e75fb1a72f49a4ec42dc7196ae0a02dff270f2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 9 Nov 2023 16:52:39 +0100 Subject: [PATCH 0636/1674] ssl_server2: remove usage of mbedtls_cipher_info_from_string() This removes the dependency from cipher module and legacy key/modes symbols which are used in cipher_wrap. Signed-off-by: Valerio Setti --- programs/ssl/ssl_server2.c | 56 +++++++++++++++++++++++++++----------- 1 file changed, 40 insertions(+), 16 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 1bab9157b..fbcbb8dc8 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -281,18 +281,11 @@ int main(void) #endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TICKET_C) -#if defined(MBEDTLS_CIPHER_C) #define USAGE_TICKETS \ " tickets=%%d default: 1 (enabled)\n" \ " ticket_rotate=%%d default: 0 (disabled)\n" \ " ticket_timeout=%%d default: 86400 (one day)\n" \ " ticket_aead=%%s default: \"AES-256-GCM\"\n" -#else /* MBEDTLS_CIPHER_C */ -#define USAGE_TICKETS \ - " tickets=%%d default: 1 (enabled)\n" \ - " ticket_rotate=%%d default: 0 (disabled)\n" \ - " ticket_timeout=%%d default: 86400 (one day)\n" -#endif /* MBEDTLS_CIPHER_C */ #else /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_TICKET_C */ #define USAGE_TICKETS "" #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_TICKET_C */ @@ -1463,6 +1456,42 @@ int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session, } #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_HAVE_TIME */ +int parse_cipher(char *buf) +{ + if (strcmp(buf, "AES-128-CCM")) { + return MBEDTLS_CIPHER_AES_128_CCM; + } else if (strcmp(buf, "AES-128-GCM")) { + return MBEDTLS_CIPHER_AES_128_GCM; + } else if (strcmp(buf, "AES-192-CCM")) { + return MBEDTLS_CIPHER_AES_192_CCM; + } else if (strcmp(buf, "AES-192-GCM")) { + return MBEDTLS_CIPHER_AES_192_GCM; + } else if (strcmp(buf, "AES-256-CCM")) { + return MBEDTLS_CIPHER_AES_256_CCM; + } else if (strcmp(buf, "ARIA-128-CCM")) { + return MBEDTLS_CIPHER_ARIA_128_CCM; + } else if (strcmp(buf, "ARIA-128-GCM")) { + return MBEDTLS_CIPHER_ARIA_128_GCM; + } else if (strcmp(buf, "ARIA-192-CCM")) { + return MBEDTLS_CIPHER_ARIA_192_CCM; + } else if (strcmp(buf, "ARIA-192-GCM")) { + return MBEDTLS_CIPHER_ARIA_192_GCM; + } else if (strcmp(buf, "ARIA-256-CCM")) { + return MBEDTLS_CIPHER_ARIA_256_CCM; + } else if (strcmp(buf, "ARIA-256-GCM")) { + return MBEDTLS_CIPHER_ARIA_256_GCM; + } else if (strcmp(buf, "CAMELLIA-128-CCM")) { + return MBEDTLS_CIPHER_CAMELLIA_128_CCM; + } else if (strcmp(buf, "CAMELLIA-192-CCM")) { + return MBEDTLS_CIPHER_CAMELLIA_192_CCM; + } else if (strcmp(buf, "CAMELLIA-256-CCM")) { + return MBEDTLS_CIPHER_CAMELLIA_256_CCM; + } else if (strcmp(buf, "CHACHA20-POLY1305")) { + return MBEDTLS_CIPHER_CHACHA20_POLY1305; + } + return MBEDTLS_CIPHER_NONE; +} + int main(int argc, char *argv[]) { int ret = 0, len, written, frags, exchanges_left; @@ -2143,18 +2172,13 @@ usage: if (opt.ticket_timeout < 0) { goto usage; } - } -#if defined(MBEDTLS_CIPHER_C) - else if (strcmp(p, "ticket_aead") == 0) { - const mbedtls_cipher_info_t *ci = mbedtls_cipher_info_from_string(q); + } else if (strcmp(p, "ticket_aead") == 0) { + opt.ticket_aead = parse_cipher(q); - if (ci == NULL) { + if (opt.ticket_aead == MBEDTLS_CIPHER_NONE) { goto usage; } - opt.ticket_aead = mbedtls_cipher_info_get_type(ci); - } -#endif - else if (strcmp(p, "cache_max") == 0) { + } else if (strcmp(p, "cache_max") == 0) { opt.cache_max = atoi(q); if (opt.cache_max < 0) { goto usage; From 73d053123f9df90855938b0789b5d0fc79fb9ddb Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 9 Nov 2023 16:53:59 +0100 Subject: [PATCH 0637/1674] ssl-opt: set proper cipher dependencies in tests using ticket_aead parameters Check either legacy or PSA symbols based on USE_PSA_CRYPTO Signed-off-by: Valerio Setti --- tests/ssl-opt.sh | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index befe1e182..5879b255a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -368,6 +368,34 @@ requires_ciphersuite_enabled() { esac } +requires_cipher_enabled() { + KEY_TYPE=$1 + MODE=${2:-} + if is_config_enabled MBEDTLS_USE_PSA_CRYPTO; then + case "$KEY_TYPE" in + CHACHA20) + requires_config_enabled PSA_WANT_ALG_CHACHA20_POLY1305 + requires_config_enabled PSA_WANT_KEY_TYPE_CHACHA20 + ;; + *) + requires_config_enabled PSA_WANT_ALG_${MODE} + requires_config_enabled PSA_WANT_KEY_TYPE_${KEY_TYPE} + ;; + esac + else + case "$KEY_TYPE" in + CHACHA20) + requires_config_enabled MBEDTLS_CHACHA20_C + requires_config_enabled MBEDTLS_CHACHAPOLY_C + ;; + *) + requires_config_enabled MBEDTLS_${MODE}_C + requires_config_enabled MBEDTLS_${KEY_TYPE}_C + ;; + esac + fi +} + # Automatically detect required features based on command line parameters. # Parameters are: # - $1 = command line (call to a TLS client or server program) @@ -3848,6 +3876,7 @@ run_test "Session resume using tickets: openssl client" \ -s "session successfully restored from ticket" \ -s "a session has been resumed" +requires_cipher_enabled "AES" "GCM" run_test "Session resume using tickets: AES-128-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-GCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3862,6 +3891,7 @@ run_test "Session resume using tickets: AES-128-GCM" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_cipher_enabled "AES" "GCM" run_test "Session resume using tickets: AES-192-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-GCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3876,6 +3906,7 @@ run_test "Session resume using tickets: AES-192-GCM" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_cipher_enabled "AES" "CCM" run_test "Session resume using tickets: AES-128-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3890,6 +3921,7 @@ run_test "Session resume using tickets: AES-128-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_cipher_enabled "AES" "CCM" run_test "Session resume using tickets: AES-192-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3904,6 +3936,7 @@ run_test "Session resume using tickets: AES-192-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_cipher_enabled "AES" "CCM" run_test "Session resume using tickets: AES-256-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-256-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3918,6 +3951,7 @@ run_test "Session resume using tickets: AES-256-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_cipher_enabled "CAMELLIA" "CCM" run_test "Session resume using tickets: CAMELLIA-128-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-128-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3932,6 +3966,7 @@ run_test "Session resume using tickets: CAMELLIA-128-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_cipher_enabled "CAMELLIA" "CCM" run_test "Session resume using tickets: CAMELLIA-192-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-192-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3946,6 +3981,7 @@ run_test "Session resume using tickets: CAMELLIA-192-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_cipher_enabled "CAMELLIA" "CCM" run_test "Session resume using tickets: CAMELLIA-256-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-256-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3960,6 +3996,7 @@ run_test "Session resume using tickets: CAMELLIA-256-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_cipher_enabled "ARIA" "CCM" run_test "Session resume using tickets: ARIA-128-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-GCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3974,6 +4011,7 @@ run_test "Session resume using tickets: ARIA-128-GCM" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_cipher_enabled "ARIA" "CCM" run_test "Session resume using tickets: ARIA-192-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-GCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3988,6 +4026,7 @@ run_test "Session resume using tickets: ARIA-192-GCM" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_cipher_enabled "ARIA" "CCM" run_test "Session resume using tickets: ARIA-256-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-GCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -4002,6 +4041,7 @@ run_test "Session resume using tickets: ARIA-256-GCM" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_cipher_enabled "ARIA" "CCM" run_test "Session resume using tickets: ARIA-128-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -4016,6 +4056,7 @@ run_test "Session resume using tickets: ARIA-128-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_cipher_enabled "ARIA" "CCM" run_test "Session resume using tickets: ARIA-192-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -4030,6 +4071,7 @@ run_test "Session resume using tickets: ARIA-192-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_cipher_enabled "ARIA" "CCM" run_test "Session resume using tickets: ARIA-256-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -4044,6 +4086,7 @@ run_test "Session resume using tickets: ARIA-256-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_cipher_enabled "CHACHA20" run_test "Session resume using tickets: CHACHA20-POLY1305" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=CHACHA20-POLY1305" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ From cd25d2252655268326ebb78ccee61a846a3e57db Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 10 Nov 2023 15:33:27 +0800 Subject: [PATCH 0638/1674] cipher.c: remove checks for CBC,XTS,KW,KWP in cipher_setkey We have checks for CBC, XTS and KW modes in check_config.h. This means we should never get a successful build with above three modes. Therefore, the checks in cipher_setkey is not necessary as other error will be emitted if asking for those modes in the cipher. Additionally, removing the checks can save extra code size. Signed-off-by: Yanray Wang --- library/cipher.c | 9 --------- 1 file changed, 9 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index 909324aae..33da58055 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -320,15 +320,6 @@ int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } #if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) - /* CBC, XTS, KW and KWP mode always need decryption, return an error to - * indicate those modes are not available under - * MBEDTLS_BLOCK_CIPHER_NO_DECRYPT. */ - if (MBEDTLS_MODE_CBC == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || - MBEDTLS_MODE_XTS == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || - MBEDTLS_MODE_KW == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) || - MBEDTLS_MODE_KWP == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode)) { - return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; - } if (MBEDTLS_MODE_ECB == ((mbedtls_cipher_mode_t) ctx->cipher_info->mode) && MBEDTLS_DECRYPT == operation) { return MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; From a742337ef69f88e466d4367c625cf3ee5e48213a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 10 Nov 2023 09:58:31 +0100 Subject: [PATCH 0639/1674] all.sh: add diff to can_keep_going_after_failure MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 652b48174..da5368637 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -622,6 +622,7 @@ pre_setup_keep_going () { case "$1" in "msg "*) false;; "cd "*) false;; + "diff "*) true;; *make*[\ /]tests*) false;; # make tests, make CFLAGS=-I../tests, ... *test*) true;; # make test, tests/stuff, env V=v tests/stuff, ... *make*check*) true;; From 5c6f787caab7684c7828cc33d20b972592eb30f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 10 Nov 2023 10:04:22 +0100 Subject: [PATCH 0640/1674] all.sh: robustness improvement MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The original pattern would catch any extension, which could include things like editor backup files etc, that we'd rather ignore. Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index da5368637..c5a3aaf2c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1032,7 +1032,8 @@ component_check_test_dependencies () { expected="check-test-deps-expected-$$" # Find legacy dependencies in PSA tests - grep 'depends_on' tests/suites/test_suite_psa* | + grep 'depends_on' \ + tests/suites/test_suite_psa*.data tests/suites/test_suite_psa*.function | grep -Eo '!?MBEDTLS_[^: ]*' | grep -v MBEDTLS_PSA_ | sort -u > $found From da6e7a2ac27a3a3d579645e946b30d0928b2dbb3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 Nov 2023 10:09:27 +0100 Subject: [PATCH 0641/1674] More consistent usage of volatile Fix MSVC warning C4090. Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index 805de2d30..ce866edec 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -30,9 +30,9 @@ volatile int false_but_the_compiler_does_not_know = 0; /* Set n bytes at the address p to all-bits-zero, in such a way that * the compiler should not know that p is all-bits-zero. */ -static void set_to_zero_but_the_compiler_does_not_know(void *p, size_t n) +static void set_to_zero_but_the_compiler_does_not_know(volatile void *p, size_t n) { - memset(p, false_but_the_compiler_does_not_know, n); + memset((void *) p, false_but_the_compiler_does_not_know, n); } @@ -54,7 +54,7 @@ void meta_test_fail(const char *name) void null_pointer_dereference(const char *name) { (void) name; - volatile char *p; + volatile char *volatile p; set_to_zero_but_the_compiler_does_not_know(&p, sizeof(p)); mbedtls_printf("%p -> %u\n", p, (unsigned) *p); } @@ -62,7 +62,7 @@ void null_pointer_dereference(const char *name) void null_pointer_call(const char *name) { (void) name; - unsigned (*p)(void); + unsigned(*volatile p)(void); set_to_zero_but_the_compiler_does_not_know(&p, sizeof(p)); /* The pointer representation may be truncated, but we don't care: * the only point of printing it is to have some use of the pointer From 9f164f01036d993ed06f918421611bf83c19dda2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 10 Nov 2023 10:16:06 +0100 Subject: [PATCH 0642/1674] all.sh: more comments in check_test_cases() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c5a3aaf2c..78243c77c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1027,6 +1027,15 @@ component_check_test_cases () { component_check_test_dependencies () { msg "Check: test case dependencies: legacy vs PSA" # < 1s + # The purpose of this component is to catch unjustified dependencies on + # legacy feature macros (MBEDTLS_xxx) in PSA tests. Generally speaking, + # PSA test should use PSA feature macros (PSA_WANT_xxx, more rarely + # MBEDTLS_PSA_xxx). + # + # Most of the time, use of legacy MBEDTLS_xxx macros are mistakes, which + # this component is meant to catch. However a few of them are justified, + # mostly by the absence of a PSA equivalent, so this component includes a + # list of expected exceptions. found="check-test-deps-found-$$" expected="check-test-deps-expected-$$" @@ -1058,6 +1067,13 @@ component_check_test_dependencies () { # Compare reality with expectation. # We want an exact match, to ensure the above list remains up-to-date. + # + # The output should be empty. When it's not: + # - Each '+' line is a macro that was found but not expected. You want to + # find where that macro occurs, and either replace it with PSA macros, or + # add it to the exceptions list above with a justification. + # - Each '-' line is a macro that was expected but not found; it means the + # exceptions list above should be updated by removing that macro. diff -U0 $expected $found rm $found $expected From 21718769d18b317471d98a2bdbb64623de2318b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 10 Nov 2023 11:21:17 +0100 Subject: [PATCH 0643/1674] Start adding internal module block_cipher.c MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/block_cipher.h | 58 ++++++++++++++++ library/CMakeLists.txt | 1 + library/Makefile | 1 + library/block_cipher.c | 69 +++++++++++++++++++ library/block_cipher_internal.h | 63 +++++++++++++++++ tests/scripts/all.sh | 2 +- tests/suites/test_suite_block_cipher.data | 2 + tests/suites/test_suite_block_cipher.function | 28 ++++++++ 8 files changed, 223 insertions(+), 1 deletion(-) create mode 100644 include/mbedtls/block_cipher.h create mode 100644 library/block_cipher.c create mode 100644 library/block_cipher_internal.h create mode 100644 tests/suites/test_suite_block_cipher.data create mode 100644 tests/suites/test_suite_block_cipher.function diff --git a/include/mbedtls/block_cipher.h b/include/mbedtls/block_cipher.h new file mode 100644 index 000000000..154ae26e2 --- /dev/null +++ b/include/mbedtls/block_cipher.h @@ -0,0 +1,58 @@ +/** + * \file block_cipher.h + * + * \brief Internal abstraction layer. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ +#ifndef MBEDTLS_BLOCK_CIPHER_H +#define MBEDTLS_BLOCK_CIPHER_H + +#include "mbedtls/private_access.h" + +#include "mbedtls/build_info.h" + +#if defined(MBEDTLS_AES_C) +#include "mbedtls/aes.h" +#endif +#if defined(MBEDTLS_ARIA_C) +#include "mbedtls/aria.h" +#endif +#if defined(MBEDTLS_CAMELLIA_C) +#include "mbedtls/camellia.h" +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +typedef enum { + MBEDTLS_BLOCK_CIPHER_ID_NONE = 0, /**< Unset. */ + MBEDTLS_BLOCK_CIPHER_ID_AES, /**< The AES cipher. */ + MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA, /**< The Camellia cipher. */ + MBEDTLS_BLOCK_CIPHER_ID_ARIA, /**< The Aria cipher. */ +} mbedtls_block_cipher_id_t; + +typedef struct { + mbedtls_block_cipher_id_t MBEDTLS_PRIVATE(id); + union { + unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ +#if defined(MBEDTLS_AES_C) + mbedtls_aes_context MBEDTLS_PRIVATE(aes); +#endif +#if defined(MBEDTLS_ARIA_C) + mbedtls_aria_context MBEDTLS_PRIVATE(aria); +#endif +#if defined(MBEDTLS_CAMELLIA_C) + mbedtls_camellia_context MBEDTLS_PRIVATE(camellia); +#endif + } MBEDTLS_PRIVATE(ctx); +} mbedtls_block_cipher_context_t; + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_BLOCK_CIPHER_H */ diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index eeda06aee..5c297e0a1 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -22,6 +22,7 @@ set(src_crypto bignum_core.c bignum_mod.c bignum_mod_raw.c + block_cipher.c camellia.c ccm.c chacha20.c diff --git a/library/Makefile b/library/Makefile index 9e2d72310..d11a98df0 100644 --- a/library/Makefile +++ b/library/Makefile @@ -91,6 +91,7 @@ OBJS_CRYPTO= \ bignum_core.o \ bignum_mod.o \ bignum_mod_raw.o \ + block_cipher.o \ camellia.o \ ccm.o \ chacha20.o \ diff --git a/library/block_cipher.c b/library/block_cipher.c new file mode 100644 index 000000000..08364d745 --- /dev/null +++ b/library/block_cipher.c @@ -0,0 +1,69 @@ +/** + * \file block_cipher.c + * + * \brief Lightweight abstraction layer for block ciphers with 128 bit blocks, + * for use by the GCM and CCM modules. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include "common.h" + +#include "block_cipher_internal.h" + +#if defined(MBEDTLS_BLOCK_CIPHER_C) + +void mbedtls_block_cipher_free(mbedtls_block_cipher_context_t *ctx) +{ + switch (ctx->id) { +#if defined(MBEDTLS_AES_C) + case MBEDTLS_BLOCK_CIPHER_ID_AES: + mbedtls_aes_free(&ctx->ctx.aes); + break; +#endif +#if defined(MBEDTLS_ARIA_C) + case MBEDTLS_BLOCK_CIPHER_ID_ARIA: + mbedtls_aria_free(&ctx->ctx.aria); + break; +#endif +#if defined(MBEDTLS_CAMELLIA_C) + case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA: + mbedtls_camellia_free(&ctx->ctx.camellia); + break; +#endif + default: + break; + } + ctx->id = MBEDTLS_BLOCK_CIPHER_ID_NONE; +} + +int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx, + mbedtls_cipher_id_t cipher_id) +{ + switch (cipher_id) { +#if defined(MBEDTLS_AES_C) + case MBEDTLS_CIPHER_ID_AES: + ctx->id = MBEDTLS_BLOCK_CIPHER_ID_AES; + mbedtls_aes_init(&ctx->ctx.aes); + return 0; +#endif +#if defined(MBEDTLS_ARIA_C) + case MBEDTLS_CIPHER_ID_ARIA: + ctx->id = MBEDTLS_BLOCK_CIPHER_ID_ARIA; + mbedtls_aria_init(&ctx->ctx.aria); + return 0; +#endif +#if defined(MBEDTLS_CAMELLIA_C) + case MBEDTLS_CIPHER_ID_CAMELLIA: + ctx->id = MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA; + mbedtls_camellia_init(&ctx->ctx.camellia); + return 0; +#endif + default: + return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; + } +} + +#endif /* MBEDTLS_BLOCK_CIPHER_C */ diff --git a/library/block_cipher_internal.h b/library/block_cipher_internal.h new file mode 100644 index 000000000..4f25e26ca --- /dev/null +++ b/library/block_cipher_internal.h @@ -0,0 +1,63 @@ +/** + * \file block_cipher_internal.h + * + * \brief Lightweight abstraction layer for block ciphers with 128 bit blocks, + * for use by the GCM and CCM modules. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ +#ifndef MBEDTLS_BLOCK_CIPHER_INTERNAL_H +#define MBEDTLS_BLOCK_CIPHER_INTERNAL_H + +#include "mbedtls/build_info.h" + +#include "mbedtls/cipher.h" + +#include "mbedtls/block_cipher.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Initialize the context. + * This must be the first API call before using the context. + * + * \param ctx The context to initialize. + */ +static inline void mbedtls_block_cipher_init(mbedtls_block_cipher_context_t *ctx) +{ + memset(ctx, 0, sizeof(*ctx)); +} + +/** + * \brief Set the block cipher to use with this context. + * This must be called after mbedtls_block_cipher_init(). + * + * \param ctx The context to set up. + * \param cipher_id The identifier of the cipher to use. + * This must be either AES, ARIA or Camellia. + * Warning: this is a ::mbedtls_cipher_id_t, + * not a ::mbedtls_block_cipher_id_t! + * + * \retval \c 0 on success. + * \retval #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if \p cipher_id was + * invalid. + */ +int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx, + mbedtls_cipher_id_t cipher_id); + +/** + * \brief Clear the context. + * + * \param ctx The context to clear. + */ +void mbedtls_block_cipher_free(mbedtls_block_cipher_context_t *ctx); + +#ifdef __cplusplus +} +#endif + +#endif /* MBEDTLS_BLOCK_CIPHER_INTERNAL_H */ diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 086677a60..b1d6c19c1 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1498,7 +1498,7 @@ component_test_full_no_cipher () { scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE - make + make CFLAGS='-DMBEDTLS_BLOCK_CIPHER_C' msg "test: full no CIPHER no PSA_CRYPTO_C" make test diff --git a/tests/suites/test_suite_block_cipher.data b/tests/suites/test_suite_block_cipher.data new file mode 100644 index 000000000..f0529a92e --- /dev/null +++ b/tests/suites/test_suite_block_cipher.data @@ -0,0 +1,2 @@ +Invalid input +invalid: diff --git a/tests/suites/test_suite_block_cipher.function b/tests/suites/test_suite_block_cipher.function new file mode 100644 index 000000000..7133653e5 --- /dev/null +++ b/tests/suites/test_suite_block_cipher.function @@ -0,0 +1,28 @@ +/* BEGIN_HEADER */ +#include "block_cipher_internal.h" + +#define BLOCK_SIZE 16 +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_BLOCK_CIPHER_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void invalid() +{ + mbedtls_block_cipher_context_t ctx; + + mbedtls_block_cipher_init(&ctx); + + TEST_EQUAL(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + mbedtls_block_cipher_setup(&ctx, MBEDTLS_CIPHER_ID_NONE)); + + TEST_EQUAL(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, + mbedtls_block_cipher_setup(&ctx, MBEDTLS_CIPHER_ID_DES)); + +exit: + mbedtls_block_cipher_free(&ctx); +} +/* END_CASE */ From 0287b9d26037a2bbaff63c5a4cc35ad99acb74d9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 10 Nov 2023 18:21:21 +0800 Subject: [PATCH 0644/1674] padlock.c: guard mbedtls_padlock_xcryptcbc by CIPHER_MODE_CBC Signed-off-by: Yanray Wang --- library/padlock.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/padlock.c b/library/padlock.c index 563d40e7c..0ea412968 100644 --- a/library/padlock.c +++ b/library/padlock.c @@ -108,6 +108,7 @@ int mbedtls_padlock_xcryptecb(mbedtls_aes_context *ctx, return 0; } +#if defined(MBEDTLS_CIPHER_MODE_CBC) /* * PadLock AES-CBC buffer en(de)cryption */ @@ -161,6 +162,7 @@ int mbedtls_padlock_xcryptcbc(mbedtls_aes_context *ctx, return 0; } +#endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_VIA_PADLOCK_HAVE_CODE */ From ccb121500d84567c30127b792128bf7e0f00f350 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 Nov 2023 11:35:36 +0100 Subject: [PATCH 0645/1674] Uninitialized read: make the pointer non-volatile rather than the buffer Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index ce866edec..5e6a15f1d 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -96,12 +96,13 @@ void double_free(const char *name) void read_uninitialized_stack(const char *name) { (void) name; - volatile char buf[1]; + char buf[1]; if (false_but_the_compiler_does_not_know) { buf[0] = '!'; } - if (*buf != 0) { - mbedtls_printf("%u\n", (unsigned) *buf); + char *volatile p = buf; + if (*p != 0) { + mbedtls_printf("%u\n", (unsigned) *p); } } From 3e0884fc5344e14351e42054a612bba11266679b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 10 Nov 2023 11:52:10 +0100 Subject: [PATCH 0646/1674] block_cipher: add setkey() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- library/block_cipher.c | 21 +++++++++++++ library/block_cipher_internal.h | 18 +++++++++++ tests/suites/test_suite_block_cipher.function | 31 +++++++++++++++++-- 3 files changed, 68 insertions(+), 2 deletions(-) diff --git a/library/block_cipher.c b/library/block_cipher.c index 08364d745..2146c6c67 100644 --- a/library/block_cipher.c +++ b/library/block_cipher.c @@ -66,4 +66,25 @@ int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx, } } +int mbedtls_block_cipher_setkey(mbedtls_block_cipher_context_t *ctx, + const unsigned char *key, + unsigned key_bitlen) +{ + switch (ctx->id) { +#if defined(MBEDTLS_AES_C) + case MBEDTLS_BLOCK_CIPHER_ID_AES: + return mbedtls_aes_setkey_enc(&ctx->ctx.aes, key, key_bitlen); +#endif +#if defined(MBEDTLS_ARIA_C) + case MBEDTLS_BLOCK_CIPHER_ID_ARIA: + return mbedtls_aria_setkey_enc(&ctx->ctx.aria, key, key_bitlen); +#endif +#if defined(MBEDTLS_CAMELLIA_C) + case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA: + return mbedtls_camellia_setkey_enc(&ctx->ctx.camellia, key, key_bitlen); +#endif + default: + return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT; + } +} #endif /* MBEDTLS_BLOCK_CIPHER_C */ diff --git a/library/block_cipher_internal.h b/library/block_cipher_internal.h index 4f25e26ca..47326fa8d 100644 --- a/library/block_cipher_internal.h +++ b/library/block_cipher_internal.h @@ -49,6 +49,24 @@ static inline void mbedtls_block_cipher_init(mbedtls_block_cipher_context_t *ctx int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx, mbedtls_cipher_id_t cipher_id); +/** + * \brief Set the key into the context. + * + * \param ctx The context to configure. + * \param key The buffer holding the key material. + * \param key_bitlen The size of the key in bits. + * + * \retval \c 0 on success. + * \retval #MBEDTLS_ERR_CIPHER_INVALID_CONTEXT if the context was not + * properly set up before calling this function. + * \retval One of #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH, + * #MBEDTLS_ERR_ARIA_BAD_INPUT_DATA, + * #MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA if \p key_bitlen is + * invalid. + */ +int mbedtls_block_cipher_setkey(mbedtls_block_cipher_context_t *ctx, + const unsigned char *key, + unsigned key_bitlen); /** * \brief Clear the context. * diff --git a/tests/suites/test_suite_block_cipher.function b/tests/suites/test_suite_block_cipher.function index 7133653e5..dcafdc841 100644 --- a/tests/suites/test_suite_block_cipher.function +++ b/tests/suites/test_suite_block_cipher.function @@ -2,6 +2,19 @@ #include "block_cipher_internal.h" #define BLOCK_SIZE 16 + +#if defined(MBEDTLS_AES_C) +#define VALID_CIPHER_ID MBEDTLS_CIPHER_ID_AES +#define BADKEY_ERROR MBEDTLS_ERR_AES_INVALID_KEY_LENGTH +#elif defined(MBEDTLS_ARIA_C) +#define VALID_CIPHER_ID MBEDTLS_CIPHER_ID_ARIA +#define BADKEY_ERROR MBEDTLS_ERR_ARIA_BAD_INPUT_DATA +#elif defined(MBEDTLS_CAMELLIA_C) +#define VALID_CIPHER_ID MBEDTLS_CIPHER_ID_CAMELLIA +#define BADKEY_ERROR MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA +#else +#undef VALID_CIPHER_ID +#endif /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -9,19 +22,33 @@ * END_DEPENDENCIES */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:VALID_CIPHER_ID */ void invalid() { + /* That size is valid for a key or an input/output block. */ + unsigned char buf[16] = { 0 }; + mbedtls_block_cipher_context_t ctx; mbedtls_block_cipher_init(&ctx); + /* Bad parameters to setup */ TEST_EQUAL(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_block_cipher_setup(&ctx, MBEDTLS_CIPHER_ID_NONE)); - TEST_EQUAL(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, mbedtls_block_cipher_setup(&ctx, MBEDTLS_CIPHER_ID_DES)); + /* setkey() before successful setup() */ + TEST_EQUAL(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT, + mbedtls_block_cipher_setkey(&ctx, buf, 128)); + + /* Now properly setup the context */ + TEST_EQUAL(0, mbedtls_block_cipher_setup(&ctx, VALID_CIPHER_ID)); + + /* Bad parameters to setkey() */ + TEST_EQUAL(BADKEY_ERROR, + mbedtls_block_cipher_setkey(&ctx, buf, 42)); + exit: mbedtls_block_cipher_free(&ctx); } From 76fa16cab32b14a4d09f8a9e324e5770bc1eb91c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 10 Nov 2023 12:02:53 +0100 Subject: [PATCH 0647/1674] block_cipher: add encrypt() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Test data copied from existing test suites. Signed-off-by: Manuel Pégourié-Gonnard --- library/block_cipher.c | 26 ++ library/block_cipher_internal.h | 18 ++ tests/suites/test_suite_block_cipher.data | 235 ++++++++++++++++++ tests/suites/test_suite_block_cipher.function | 39 +++ 4 files changed, 318 insertions(+) diff --git a/library/block_cipher.c b/library/block_cipher.c index 2146c6c67..1118d3abb 100644 --- a/library/block_cipher.c +++ b/library/block_cipher.c @@ -87,4 +87,30 @@ int mbedtls_block_cipher_setkey(mbedtls_block_cipher_context_t *ctx, return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT; } } + +int mbedtls_block_cipher_encrypt(mbedtls_block_cipher_context_t *ctx, + const unsigned char input[16], + unsigned char output[16]) +{ + switch (ctx->id) { +#if defined(MBEDTLS_AES_C) + case MBEDTLS_BLOCK_CIPHER_ID_AES: + return mbedtls_aes_crypt_ecb(&ctx->ctx.aes, MBEDTLS_AES_ENCRYPT, + input, output); +#endif +#if defined(MBEDTLS_ARIA_C) + case MBEDTLS_BLOCK_CIPHER_ID_ARIA: + return mbedtls_aria_crypt_ecb(&ctx->ctx.aria, input, output); +#endif +#if defined(MBEDTLS_CAMELLIA_C) + case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA: + return mbedtls_camellia_crypt_ecb(&ctx->ctx.camellia, + MBEDTLS_CAMELLIA_ENCRYPT, + input, output); +#endif + default: + return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT; + } +} + #endif /* MBEDTLS_BLOCK_CIPHER_C */ diff --git a/library/block_cipher_internal.h b/library/block_cipher_internal.h index 47326fa8d..c57338b75 100644 --- a/library/block_cipher_internal.h +++ b/library/block_cipher_internal.h @@ -67,6 +67,24 @@ int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx, int mbedtls_block_cipher_setkey(mbedtls_block_cipher_context_t *ctx, const unsigned char *key, unsigned key_bitlen); + +/** + * \brief Encrypt one block (16 bytes) with the configured key. + * + * \param ctx The context holding the key. + * \param input The buffer holding the input block. Must be 16 bytes. + * \param output The buffer to which the output block will be written. + * Must be writable and 16 bytes long. + * This must either not overlap with \p input, or be equal. + * + * \retval \c 0 on success. + * \retval #MBEDTLS_ERR_CIPHER_INVALID_CONTEXT if the context was not + * properly set up before calling this function. + * \retval Another negative value if encryption failed. + */ +int mbedtls_block_cipher_encrypt(mbedtls_block_cipher_context_t *ctx, + const unsigned char input[16], + unsigned char output[16]); /** * \brief Clear the context. * diff --git a/tests/suites/test_suite_block_cipher.data b/tests/suites/test_suite_block_cipher.data index f0529a92e..cf321ae47 100644 --- a/tests/suites/test_suite_block_cipher.data +++ b/tests/suites/test_suite_block_cipher.data @@ -1,2 +1,237 @@ Invalid input invalid: + +AES-128-ECB Encrypt NIST KAT #1 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e" + +AES-128-ECB Encrypt NIST KAT #2 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"9798c4640bad75c7c3227db910174e72":"a9a1631bf4996954ebc093957b234589" + +AES-128-ECB Encrypt NIST KAT #3 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"96ab5c2ff612d9dfaae8c31f30c42168":"ff4f8391a6a40ca5b25d23bedd44a597" + +AES-128-ECB Encrypt NIST KAT #4 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"e0000000000000000000000000000000":"00000000000000000000000000000000":"72a1da770f5d7ac4c9ef94d822affd97" + +AES-128-ECB Encrypt NIST KAT #5 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"f0000000000000000000000000000000":"00000000000000000000000000000000":"970014d634e2b7650777e8e84d03ccd8" + +AES-128-ECB Encrypt NIST KAT #6 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"f8000000000000000000000000000000":"00000000000000000000000000000000":"f17e79aed0db7e279e955b5f493875a7" + +AES-128-ECB Encrypt NIST KAT #7 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"fffffffffffff0000000000000000000":"00000000000000000000000000000000":"7b90785125505fad59b13c186dd66ce3" + +AES-128-ECB Encrypt NIST KAT #8 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"fffffffffffff8000000000000000000":"00000000000000000000000000000000":"8b527a6aebdaec9eaef8eda2cb7783e5" + +AES-128-ECB Encrypt NIST KAT #9 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"fffffffffffffc000000000000000000":"00000000000000000000000000000000":"43fdaf53ebbc9880c228617d6a9b548b" + +AES-128-ECB Encrypt NIST KAT #10 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"ffffffffffffffffffffffffffffc000":"00000000000000000000000000000000":"70c46bb30692be657f7eaa93ebad9897" + +AES-128-ECB Encrypt NIST KAT #11 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"ffffffffffffffffffffffffffffe000":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a" + +AES-128-ECB Encrypt NIST KAT #12 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"fffffffffffffffffffffffffffff000":"00000000000000000000000000000000":"1dbf57877b7b17385c85d0b54851e371" + +AES-128-ECB Encrypt NIST KAT #13 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"ffffffffffffffc00000000000000000":"3a4d354f02bb5a5e47d39666867f246a" + +AES-128-ECB Encrypt NIST KAT #14 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"ffffffffffffffe00000000000000000":"d451b8d6e1e1a0ebb155fbbf6e7b7dc3" + +AES-128-ECB Encrypt NIST KAT #15 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"fffffffffffffff00000000000000000":"6898d4f42fa7ba6a10ac05e87b9f2080" + +AES-128-ECB Encrypt NIST KAT #16 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"ffffffffffffffffffffffffe0000000":"082eb8be35f442fb52668e16a591d1d6" + +AES-128-ECB Encrypt NIST KAT #17 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"fffffffffffffffffffffffff0000000":"e656f9ecf5fe27ec3e4a73d00c282fb3" + +AES-128-ECB Encrypt NIST KAT #18 +depends_on:MBEDTLS_AES_C +test_vec:MBEDTLS_CIPHER_ID_AES:"00000000000000000000000000000000":"fffffffffffffffffffffffff8000000":"2ca8209d63274cd9a29bb74bcd77683a" + +AES-192-ECB Encrypt NIST KAT #1 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"000000000000000000000000000000000000000000000000":"fffffffffffffffffffff80000000000":"156f07767a85a4312321f63968338a01" + +AES-192-ECB Encrypt NIST KAT #2 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"000000000000000000000000000000000000000000000000":"fffffffffffffffffffffc0000000000":"15eec9ebf42b9ca76897d2cd6c5a12e2" + +AES-192-ECB Encrypt NIST KAT #3 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"000000000000000000000000000000000000000000000000":"fffffffffffffffffffffe0000000000":"db0d3a6fdcc13f915e2b302ceeb70fd8" + +AES-192-ECB Encrypt NIST KAT #4 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"000000000000000000000000000000000000000000000000":"51719783d3185a535bd75adc65071ce1":"4f354592ff7c8847d2d0870ca9481b7c" + +AES-192-ECB Encrypt NIST KAT #5 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"000000000000000000000000000000000000000000000000":"26aa49dcfe7629a8901a69a9914e6dfd":"d5e08bf9a182e857cf40b3a36ee248cc" + +AES-192-ECB Encrypt NIST KAT #6 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"000000000000000000000000000000000000000000000000":"941a4773058224e1ef66d10e0a6ee782":"067cd9d3749207791841562507fa9626" + +AES-192-ECB Encrypt NIST KAT #7 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"d2926527e0aa9f37b45e2ec2ade5853ef807576104c7ace3":"00000000000000000000000000000000":"dd619e1cf204446112e0af2b9afa8f8c" + +AES-192-ECB Encrypt NIST KAT #8 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"982215f4e173dfa0fcffe5d3da41c4812c7bcc8ed3540f93":"00000000000000000000000000000000":"d4f0aae13c8fe9339fbf9e69ed0ad74d" + +AES-192-ECB Encrypt NIST KAT #9 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"98c6b8e01e379fbd14e61af6af891596583565f2a27d59e9":"00000000000000000000000000000000":"19c80ec4a6deb7e5ed1033dda933498f" + +AES-192-ECB Encrypt NIST KAT #10 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"fffffffffffffffffffffffffff800000000000000000000":"00000000000000000000000000000000":"8dd274bd0f1b58ae345d9e7233f9b8f3" + +AES-192-ECB Encrypt NIST KAT #11 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"fffffffffffffffffffffffffffc00000000000000000000":"00000000000000000000000000000000":"9d6bdc8f4ce5feb0f3bed2e4b9a9bb0b" + +AES-192-ECB Encrypt NIST KAT #12 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"fffffffffffffffffffffffffffe00000000000000000000":"00000000000000000000000000000000":"fd5548bcf3f42565f7efa94562528d46" + +AES-256-ECB Encrypt NIST KAT #1 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"00000000000000000000000000000000":"352065272169abf9856843927d0674fd" + +AES-256-ECB Encrypt NIST KAT #2 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"984ca75f4ee8d706f46c2d98c0bf4a45f5b00d791c2dfeb191b5ed8e420fd627":"00000000000000000000000000000000":"4307456a9e67813b452e15fa8fffe398" + +AES-256-ECB Encrypt NIST KAT #3 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"b43d08a447ac8609baadae4ff12918b9f68fc1653f1269222f123981ded7a92f":"00000000000000000000000000000000":"4663446607354989477a5c6f0f007ef4" + +AES-256-ECB Encrypt NIST KAT #4 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"0000000000000000000000000000000000000000000000000000000000000000":"0b24af36193ce4665f2825d7b4749c98":"a9ff75bd7cf6613d3731c77c3b6d0c04" + +AES-256-ECB Encrypt NIST KAT #5 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"0000000000000000000000000000000000000000000000000000000000000000":"761c1fe41a18acf20d241650611d90f1":"623a52fcea5d443e48d9181ab32c7421" + +AES-256-ECB Encrypt NIST KAT #6 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"0000000000000000000000000000000000000000000000000000000000000000":"8a560769d605868ad80d819bdba03771":"38f2c7ae10612415d27ca190d27da8b4" + +AES-256-ECB Encrypt NIST KAT #7 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"0000000000000000000000000000000000000000000000000000000000000000":"ffffff80000000000000000000000000":"36aff0ef7bf3280772cf4cac80a0d2b2" + +AES-256-ECB Encrypt NIST KAT #8 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"0000000000000000000000000000000000000000000000000000000000000000":"ffffffc0000000000000000000000000":"1f8eedea0f62a1406d58cfc3ecea72cf" + +AES-256-ECB Encrypt NIST KAT #9 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"0000000000000000000000000000000000000000000000000000000000000000":"ffffffe0000000000000000000000000":"abf4154a3375a1d3e6b1d454438f95a6" + +AES-256-ECB Encrypt NIST KAT #10 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"ffffffffffffffffffffffffffffffffffff8000000000000000000000000000":"00000000000000000000000000000000":"45d089c36d5c5a4efc689e3b0de10dd5" + +AES-256-ECB Encrypt NIST KAT #11 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"ffffffffffffffffffffffffffffffffffffc000000000000000000000000000":"00000000000000000000000000000000":"b4da5df4becb5462e03a0ed00d295629" + +AES-256-ECB Encrypt NIST KAT #12 +depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +test_vec:MBEDTLS_CIPHER_ID_AES:"ffffffffffffffffffffffffffffffffffffe000000000000000000000000000":"00000000000000000000000000000000":"dcf4e129136c1a4b7a0f38935cc34b2b" + +ARIA-128-ECB Encrypt - RFC 5794 +depends_on:MBEDTLS_ARIA_C +test_vec:MBEDTLS_CIPHER_ID_ARIA:"000102030405060708090a0b0c0d0e0f":"00112233445566778899aabbccddeeff":"d718fbd6ab644c739da95f3be6451778" + +ARIA-192-ECB Encrypt - RFC 5794 +depends_on:MBEDTLS_ARIA_C +test_vec:MBEDTLS_CIPHER_ID_ARIA:"000102030405060708090a0b0c0d0e0f1011121314151617":"00112233445566778899aabbccddeeff":"26449c1805dbe7aa25a468ce263a9e79" + +ARIA-256-ECB Encrypt - RFC 5794 +depends_on:MBEDTLS_ARIA_C +test_vec:MBEDTLS_CIPHER_ID_ARIA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"00112233445566778899aabbccddeeff":"f92bd7c79fb72e2f2b8f80c1972d24fc" + +Camellia-128-ECB Encrypt RFC3713 #1 +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba9876543210":"0123456789abcdeffedcba9876543210":"67673138549669730857065648eabe43" + +Camellia-192-ECB Encrypt RFC3713 #1 +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba98765432100011223344556677":"0123456789abcdeffedcba9876543210":"b4993401b3e996f84ee5cee7d79b09b9" + +Camellia-256-ECB Encrypt RFC3713 #1 +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff":"0123456789abcdeffedcba9876543210":"9acc237dff16d76c20ef7c919e3a7509" + +Camellia-128-ECB Encrypt Perl EVP #1 [#1] +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F":"00112233445566778899AABBCCDDEEFF":"77CF412067AF8270613529149919546F" + +Camellia-192-ECB Encrypt Perl EVP #1 [#1] +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F1011121314151617":"00112233445566778899AABBCCDDEEFF":"B22F3C36B72D31329EEE8ADDC2906C68" + +Camellia-256-ECB Encrypt Perl EVP #1 [#1] +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"00112233445566778899AABBCCDDEEFF":"2EDF1F3418D53B88841FC8985FB1ECF2" + +Camellia-128-ECB Encrypt Perl EVP #1 [#2] +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"6BC1BEE22E409F96E93D7E117393172A":"432FC5DCD628115B7C388D770B270C96" + +Camellia-128-ECB Encrypt Perl EVP #2 +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"0BE1F14023782A22E8384C5ABB7FAB2B" + +Camellia-128-ECB Encrypt Perl EVP #3 +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"30C81C46A35CE411E5FBC1191A0A52EF":"A0A1ABCD1893AB6FE0FE5B65DF5F8636" + +Camellia-128-ECB Encrypt Perl EVP #4 +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"F69F2445DF4F9B17AD2B417BE66C3710":"E61925E0D5DFAA9BB29F815B3076E51A" + +Camellia-192-ECB Encrypt Perl EVP #1 [#2] +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"6BC1BEE22E409F96E93D7E117393172A":"CCCC6C4E138B45848514D48D0D3439D3" + +Camellia-192-ECB Encrypt Perl EVP #2 +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"5713C62C14B2EC0F8393B6AFD6F5785A" + +Camellia-192-ECB Encrypt Perl EVP #3 +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"30C81C46A35CE411E5FBC1191A0A52EF":"B40ED2B60EB54D09D030CF511FEEF366" + +Camellia-192-ECB Encrypt Perl EVP #4 +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"F69F2445DF4F9B17AD2B417BE66C3710":"909DBD95799096748CB27357E73E1D26" + +Camellia-256-ECB Encrypt Perl EVP #1 [#2] +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"6BC1BEE22E409F96E93D7E117393172A":"BEFD219B112FA00098919CD101C9CCFA" + +Camellia-256-ECB Encrypt Perl EVP #2 +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"C91D3A8F1AEA08A9386CF4B66C0169EA" + +Camellia-256-ECB Encrypt Perl EVP #3 +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"30C81C46A35CE411E5FBC1191A0A52EF":"A623D711DC5F25A51BB8A80D56397D28" + +Camellia-256-ECB Encrypt Perl EVP #4 +test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"F69F2445DF4F9B17AD2B417BE66C3710":"7960109FB6DC42947FCFE59EA3C5EB6B" + diff --git a/tests/suites/test_suite_block_cipher.function b/tests/suites/test_suite_block_cipher.function index dcafdc841..239568c34 100644 --- a/tests/suites/test_suite_block_cipher.function +++ b/tests/suites/test_suite_block_cipher.function @@ -42,7 +42,16 @@ void invalid() TEST_EQUAL(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT, mbedtls_block_cipher_setkey(&ctx, buf, 128)); + /* encrypt() before successful setup() */ + TEST_EQUAL(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT, + mbedtls_block_cipher_encrypt(&ctx, buf, buf)); + + /* free() before successful setup() + * No return value to check, but shouldn't cause memory errors. */ + mbedtls_block_cipher_free(&ctx); + /* Now properly setup the context */ + mbedtls_block_cipher_init(&ctx); TEST_EQUAL(0, mbedtls_block_cipher_setup(&ctx, VALID_CIPHER_ID)); /* Bad parameters to setkey() */ @@ -53,3 +62,33 @@ exit: mbedtls_block_cipher_free(&ctx); } /* END_CASE */ + +/* BEGIN_CASE */ +void test_vec(int cipher_id_arg, data_t *key, data_t *input, data_t *outref) +{ + mbedtls_block_cipher_context_t ctx; + mbedtls_cipher_id_t cipher_id = cipher_id_arg; + unsigned char output[BLOCK_SIZE]; + + mbedtls_block_cipher_init(&ctx); + + memset(output, 0x00, sizeof(output)); + + TEST_EQUAL(0, mbedtls_block_cipher_setup(&ctx, cipher_id)); + TEST_EQUAL(0, mbedtls_block_cipher_setkey(&ctx, key->x, 8 * key->len)); + + /* Encrypt with input != output */ + TEST_EQUAL(0, mbedtls_block_cipher_encrypt(&ctx, input->x, output)); + ASSERT_COMPARE(output, BLOCK_SIZE, outref->x, outref->len); + + /* Encrypt with input == output. + * (Also, encrypting again ensures the previous call to encrypt() + * did not change the state of the context.) */ + memcpy(output, input->x, BLOCK_SIZE); + TEST_EQUAL(0, mbedtls_block_cipher_encrypt(&ctx, output, output)); + ASSERT_COMPARE(output, BLOCK_SIZE, outref->x, outref->len); + +exit: + mbedtls_block_cipher_free(&ctx); +} +/* END_CASE */ From 5f3361c0c66dfdb92a339c1427182b8c7470883f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 10 Nov 2023 12:24:11 +0100 Subject: [PATCH 0648/1674] Temporary hack to pacify check_names.py MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/config_adjust_legacy_crypto.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index aafd42e7a..e4f6a2760 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -22,6 +22,13 @@ #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H #define MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H +/* Temporary hack to pacify check_names.py. + * (GCM and CCM still hard-depend on CIPHER_C for now.) */ +#if (defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)) && \ + !defined(MBEDTLS_CIPHER_C) +#define MBEDTLS_BLOCK_CIPHER_C +#endif + /* Auto-enable MBEDTLS_MD_LIGHT based on MBEDTLS_MD_C. * This allows checking for MD_LIGHT rather than MD_LIGHT || MD_C. */ From cce0012463180e56ac85ab0cdea45900b1d60fae Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 10 Nov 2023 15:36:15 +0100 Subject: [PATCH 0649/1674] Add documentation Explain the goals of metatests, how to write them, and how to read their output. Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 48 ++++++++++++++++++++++++++++++++++ tests/scripts/run-metatests.sh | 8 ++++++ 2 files changed, 56 insertions(+) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index 5e6a15f1d..c35e9a952 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -1,6 +1,24 @@ /** \file metatest.c * * \brief Test features of the test framework. + * + * When you run this program, it runs a single "meta-test". A meta-test + * performs an operation which should be caught as a failure by our + * test framework. The meta-test passes if this program calls `exit` with + * a nonzero status, or aborts, or is terminated by a signal, or if the + * framework running the program considers the run an error (this happens + * with Valgrind for a memory leak). The non-success of the meta-test + * program means that the test failure has been caught correctly. + * + * Some failures are purely functional: the logic of the code causes the + * test result to be set to FAIL. Other failures come from extra + * instrumentation which is not present in a normal build; for example, + * Asan or Valgrind to detect memory leaks. This is reflected by the + * "platform" associated with each meta-test. + * + * Use the companion script `tests/scripts/run-metatests.sh` to run all + * the meta-tests for a given platform and validate that they trigger a + * detected failure as expected. */ /* @@ -197,11 +215,41 @@ void mutex_leak(const char *name) /****************************************************************/ typedef struct { + /** Command line argument that will trigger that metatest. + * + * Conventionally matches "[a-z0-9_]+". */ const char *name; + + /** Platform under which that metatest is valid. + * + * - "any": should work anywhere. + * - "asan": triggers ASan (Address Sanitizer). + * - "msan": triggers MSan (Memory Sanitizer). + * - "pthread": requires MBEDTLS_THREADING_PTHREAD and MBEDTLS_TEST_HOOKS. + */ const char *platform; + + /** Function that performs the metatest. + * + * The function receives the name as an argument. This allows using the + * same function to perform multiple variants of a test based on the name. + * + * When executed on a conforming platform, the function is expected to + * either cause a test failure (mbedtls_test_fail()), or cause the + * program to abort in some way (e.g. by causing a segfault or by + * triggering a sanitizer). + * + * When executed on a non-conforming platform, the function may return + * normally or may have unpredictable behavior. + */ void (*entry_point)(const char *name); } metatest_t; +/* The list of availble meta-tests. Remember to register new functions here! + * + * Note that we always compile all the functions, so that `metatest --list` + * will always list all the available meta-tests. + */ metatest_t metatests[] = { { "test_fail", "any", meta_test_fail }, { "null_dereference", "any", null_pointer_dereference }, diff --git a/tests/scripts/run-metatests.sh b/tests/scripts/run-metatests.sh index 182bf0410..09a6f8a4f 100755 --- a/tests/scripts/run-metatests.sh +++ b/tests/scripts/run-metatests.sh @@ -6,6 +6,14 @@ Usage: $0 [OPTION] [PLATFORM]... Run all the metatests whose platform matches any of the given PLATFORM. A PLATFORM can contain shell wildcards. +Expected output: a lot of scary-looking error messages, since each +metatest is expected to report a failure. The final line should be +"Ran N metatests, all good." + +If something goes wrong: the final line should be +"Ran N metatests, X unexpected successes". Look for "Unexpected success" +in the logs above. + -l List the available metatests, don't run them. EOF } From 1b23bce4a27c55fac791256feeb126d00d67b31d Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 13 Nov 2023 13:45:14 +0800 Subject: [PATCH 0650/1674] improve brief description of conf_sig_algs Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 67ca19232..6cb703523 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3777,7 +3777,7 @@ void MBEDTLS_DEPRECATED mbedtls_ssl_conf_sig_hashes(mbedtls_ssl_config *conf, #endif /* !MBEDTLS_DEPRECATED_REMOVED && MBEDTLS_SSL_PROTO_TLS1_2 */ /** - * \brief Configure allowed signature algorithms + * \brief Configure allowed signature algorithms for use in TLS * * \param conf The SSL configuration to use. * \param sig_algs List of allowed IANA values for TLS 1.3 signature algorithms, From be1e9c595142f9826218706f52181e278dace6c6 Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Mon, 13 Nov 2023 09:33:33 +0100 Subject: [PATCH 0651/1674] Pop only when pushed. Signed-off-by: Matthias Schulz --- library/constant_time_impl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 793ded4b9..273d2153b 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -546,7 +546,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool_not(mbedtls_ct_condition_t return (mbedtls_ct_condition_t) (~x); } -#ifdef __GNUC__ +#if __GNUC__ > 4 /* Restore warnings for -Wredundant-decls on gcc */ #pragma GCC diagnostic pop #endif From ca8981c1eec5c5d43bca19e8011d9ba71a5cebbc Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Mon, 13 Nov 2023 10:04:19 +0100 Subject: [PATCH 0652/1674] Added proposed fixes Signed-off-by: Matthias Schulz --- library/constant_time_impl.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index aff48cfbb..57bb52e3d 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -120,10 +120,12 @@ static inline mbedtls_ct_uint_t mbedtls_ct_compiler_opaque(mbedtls_ct_uint_t x) * On Thumb 2 and Arm, both compilers are happy with the "s" suffix, * although we don't actually care about setting the flags. * - * For gcc, restore divided syntax afterwards - otherwise old versions of gcc + * For old versions of gcc excluding 4.8 and 4.9 (see #8516 for details), + * restore divided syntax afterwards - otherwise old versions of gcc * seem to apply unified syntax globally, which breaks other asm code. */ -#if !defined(__clang__) && !(__GNUC__ == 4 && __GNUC_MINOR__ == 9) +#if defined(MBEDTLS_COMPILER_IS_GCC) && defined(__thumb__) && !defined(__thumb2__) && \ + (__GNUC__ < 11) && !((__GNUC__ == 4) && ((__GNUC_MINOR__ == 8) || (__GNUC_MINOR__ == 9))) #define RESTORE_ASM_SYNTAX ".syntax divided \n\t" #else #define RESTORE_ASM_SYNTAX From 85b746571202fcc0da643bd709b7fdcf92ce7e04 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 13 Nov 2023 16:48:36 +0800 Subject: [PATCH 0653/1674] all.sh: block_cipher_no_decrypt: fix various issues - improve test completeness - renaming - fix typo Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5b649f6b3..1c3c9e8cc 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4555,6 +4555,8 @@ helper_block_cipher_no_decrypt_build_test () { not grep mbedtls_camellia_setkey_dec library/camellia.o # Make sure we don't have mbedtls_internal_aes_decrypt in AES not grep mbedtls_internal_aes_decrypt library/aes.o + # Make sure we don't have mbedtls_aesni_inverse_key in AESNI + not grep mbedtls_aesni_inverse_key library/aesni.o msg "test: default config + BLOCK_CIPHER_NO_DECRYPT${set_opts:+ + $set_opts}${unset_opts:+ - $unset_opts} with $cflags${ldflags:+, $ldflags}" make test @@ -4592,7 +4594,7 @@ common_block_cipher_no_decrypt () { -l "-m32" } -component_test_block_cipher_no_decrypt_aesni_legacy () { +component_test_block_cipher_no_decrypt_aesni () { # enable BLOCK_CIPHER_NO_DECRYPT and disable its incompatible configs scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC @@ -4667,7 +4669,7 @@ component_test_block_cipher_no_decrypt_aesce_armcc () { not grep mbedtls_camellia_setkey_dec library/camellia.o # Make sure we don't have mbedtls_internal_aes_decrypt in AES not grep mbedtls_internal_aes_decrypt library/aes.o - # Make sure we don't have mbedtls_aesce_inverse_key and aesce_decrypt_block in aesce + # Make sure we don't have mbedtls_aesce_inverse_key and aesce_decrypt_block in AESCE not grep mbedtls_aesce_inverse_key library/aesce.o not grep aesce_decrypt_block library/aesce.o } From b2d6e527587419e26dd23345aa93280811c40ecc Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 13 Nov 2023 16:57:47 +0800 Subject: [PATCH 0654/1674] all.sh: block_cipher_no_decrypt: simplify code Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1c3c9e8cc..896a7d973 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4536,14 +4536,8 @@ helper_block_cipher_no_decrypt_build_test () { cflags="${cflags:-}" ldflags="${ldflags:-}" - for opt in $set_opts; do - echo "Enabling $opt" - scripts/config.py set $opt - done - for opt in $unset_opts; do - echo "Disabling $opt" - scripts/config.py unset $opt - done + [ -n "$set_opts" ] && echo "Enabling: $set_opts" && scripts/config.py set-all $set_opts + [ -n "$unset_opts" ] && echo "Disabling: $unset_opts" && scripts/config.py unset-all $unset_opts msg "build: default config + BLOCK_CIPHER_NO_DECRYPT${set_opts:+ + $set_opts}${unset_opts:+ - $unset_opts} with $cflags${ldflags:+, $ldflags}" make clean From 07e663de5eac0536387b88c0d5f2406f76172a7e Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 13 Nov 2023 17:15:39 +0800 Subject: [PATCH 0655/1674] all.sh: block_cipher_no_decrypt: clean up cflags Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 896a7d973..ddd644b8f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4525,7 +4525,7 @@ helper_block_cipher_no_decrypt_build_test () { -u) shift; local unset_opts="$1";; -c) - shift; local cflags="$1";; + shift; local cflags="-Werror -Wall -Wextra $1";; -l) shift; local ldflags="$1";; esac @@ -4569,22 +4569,21 @@ common_block_cipher_no_decrypt () { # test AESNI intrinsics helper_block_cipher_no_decrypt_build_test \ -s "MBEDTLS_AESNI_C" \ - -c "-Werror -Wall -Wextra -mpclmul -msse2 -maes" + -c "-mpclmul -msse2 -maes" # test AESNI assembly helper_block_cipher_no_decrypt_build_test \ -s "MBEDTLS_AESNI_C" \ - -c "-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes" + -c "-mno-pclmul -mno-sse2 -mno-aes" # test AES C implementation helper_block_cipher_no_decrypt_build_test \ - -u "MBEDTLS_AESNI_C" \ - -c "-Werror -Wall -Wextra" + -u "MBEDTLS_AESNI_C" # test AESNI intrinsics for i386 target helper_block_cipher_no_decrypt_build_test \ -s "MBEDTLS_AESNI_C" \ - -c "-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes" \ + -c "-m32 -mpclmul -msse2 -maes" \ -l "-m32" } From 3ae1199788c29f56ce1dc48e44aae2c0e6a190e9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 13 Nov 2023 17:32:09 +0800 Subject: [PATCH 0656/1674] all.sh: add config_block_cipher_no_decrypt to simplify code Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 52 ++++++++++++++++++-------------------------- 1 file changed, 21 insertions(+), 31 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ddd644b8f..0f653fed1 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4587,33 +4587,36 @@ common_block_cipher_no_decrypt () { -l "-m32" } -component_test_block_cipher_no_decrypt_aesni () { - # enable BLOCK_CIPHER_NO_DECRYPT and disable its incompatible configs +# This is a configuration function used in component_test_block_cipher_no_decrypt_xxx: +# usage: 0: no PSA crypto configuration +# 1: use PSA crypto configuration +config_block_cipher_no_decrypt () { + use_psa=$1 + scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_NIST_KW_C + if [ "$use_psa" -eq 1 ]; then + # Enable support for cryptographic mechanisms through the PSA API. + # Note: XTS, KW are not yet supported via the PSA API in Mbed TLS. + scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_DES + fi +} + +component_test_block_cipher_no_decrypt_aesni () { + config_block_cipher_no_decrypt 0 common_block_cipher_no_decrypt } component_test_block_cipher_no_decrypt_aesni_use_psa () { - # enable BLOCK_CIPHER_NO_DECRYPT and disable its incompatible configs - scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT - scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC - scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS - scripts/config.py unset MBEDTLS_DES_C - scripts/config.py unset MBEDTLS_NIST_KW_C - - # Enable support for cryptographic mechanisms through the PSA API. - # Note: XTS, KW are not yet supported via the PSA API in Mbed TLS. - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7 - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_DES - + config_block_cipher_no_decrypt 1 common_block_cipher_no_decrypt } @@ -4636,20 +4639,7 @@ component_test_block_cipher_no_decrypt_aesce_armcc () { scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT scripts/config.py set MBEDTLS_HAVE_ASM - # enable BLOCK_CIPHER_NO_DECRYPT and disable its incompatible configs - scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT - scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC - scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS - scripts/config.py unset MBEDTLS_DES_C - scripts/config.py unset MBEDTLS_NIST_KW_C - - # Enable support for cryptographic mechanisms through the PSA API. - # Note: XTS, KW are not yet supported via the PSA API in Mbed TLS. - scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7 - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_DES + config_block_cipher_no_decrypt 1 # test AESCE baremetal build scripts/config.py set MBEDTLS_AESCE_C From 19583e44ed9200b35443b2e48da69bca19abec27 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 13 Nov 2023 17:39:32 +0800 Subject: [PATCH 0657/1674] psa_information: improve code readability Signed-off-by: Yanray Wang --- scripts/mbedtls_dev/psa_information.py | 4 ++-- tests/scripts/generate_psa_tests.py | 3 +-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/scripts/mbedtls_dev/psa_information.py b/scripts/mbedtls_dev/psa_information.py index 2287ae13e..ea8c12341 100644 --- a/scripts/mbedtls_dev/psa_information.py +++ b/scripts/mbedtls_dev/psa_information.py @@ -112,12 +112,12 @@ ECB_NO_PADDING_DEP = ['!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT'] DEPENDENCY_FROM_DESCRIPTION = OrderedDict() DEPENDENCY_FROM_DESCRIPTION[AES_128BIT_ONLY_DEP_REGEX] = AES_128BIT_ONLY_DEP DEPENDENCY_FROM_DESCRIPTION[ECB_NO_PADDING_DEP_REGEX] = ECB_NO_PADDING_DEP -def generate_description_dependencies( - dep_list: List[str], +def generate_deps_from_description( description: str ) -> List[str]: """Return additional dependencies based on test case description and REGEX. """ + dep_list = [] for regex, deps in DEPENDENCY_FROM_DESCRIPTION.items(): if re.search(regex, description): dep_list += deps diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 04c36f7f9..a6683f51d 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -508,8 +508,7 @@ class StorageFormat: key.alg.string, key.alg2.string, ) dependencies = psa_information.finish_family_dependencies(dependencies, key.bits) - dependencies = psa_information.generate_description_dependencies(dependencies, - key.description) + dependencies += psa_information.generate_deps_from_description(key.description) dependencies = psa_information.fix_key_pair_dependencies(dependencies, 'BASIC') tc.set_dependencies(dependencies) tc.set_function('key_storage_' + verb) From b4f1ee0566b25178c965212f4b48882874815d46 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 13 Nov 2023 09:50:58 +0000 Subject: [PATCH 0658/1674] Remove superfluous leading whitespace Signed-off-by: Thomas Daubney --- scripts/lcov.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/lcov.sh b/scripts/lcov.sh index 9258ba788..1969b3904 100755 --- a/scripts/lcov.sh +++ b/scripts/lcov.sh @@ -33,7 +33,7 @@ set -eu # Repository detection in_mbedtls_build_dir () { test -d library - } +} # Collect stats and build a HTML report. lcov_library_report () { From c7473068487cf5763980a7396d05cc788031ce90 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 13 Nov 2023 10:51:52 +0100 Subject: [PATCH 0659/1674] all.sh: remove redundant make in test_psa_crypto_config_accel_cipher_aead() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 09c981915..07e0e4983 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3687,8 +3687,6 @@ component_test_psa_crypto_config_accel_cipher_aead () { not grep mbedtls_chachapoly library/chachapoly.o not grep mbedtls_cmac library/cmac.o - make - # Run the tests # ------------- From 34d6a5c3df89b5d8c53272470b7287d85aaff575 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Mon, 13 Nov 2023 09:52:12 +0000 Subject: [PATCH 0660/1674] Move enum definition to satisfy `check_names.py` Signed-off-by: Ryan Everett --- library/psa_crypto_core.h | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 700e0fef6..46c57755e 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -33,16 +33,18 @@ */ int psa_can_do_hash(psa_algorithm_t hash_alg); +typedef enum { + PSA_SLOT_EMPTY = 0, + PSA_SLOT_OCCUPIED, +} psa_key_slot_status_t; + /** The data structure representing a key slot, containing key material * and metadata for one key. */ typedef struct { psa_core_key_attributes_t attr; - enum { - PSA_SLOT_EMPTY = 0, - PSA_SLOT_OCCUPIED, - } status; + psa_key_slot_status_t status; /* * Number of locks on the key slot held by the library. From 04c85e146c5c9bcffcd7020239809115f5a4b4e0 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 13 Nov 2023 10:54:05 +0100 Subject: [PATCH 0661/1674] ssl-opt: fix wrong CCM dependencies with GCM Signed-off-by: Valerio Setti --- tests/ssl-opt.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 5879b255a..9f00cc4f5 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -3996,7 +3996,7 @@ run_test "Session resume using tickets: CAMELLIA-256-CCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_cipher_enabled "ARIA" "CCM" +requires_cipher_enabled "ARIA" "GCM" run_test "Session resume using tickets: ARIA-128-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-GCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -4011,7 +4011,7 @@ run_test "Session resume using tickets: ARIA-128-GCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_cipher_enabled "ARIA" "CCM" +requires_cipher_enabled "ARIA" "GCM" run_test "Session resume using tickets: ARIA-192-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-GCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -4026,7 +4026,7 @@ run_test "Session resume using tickets: ARIA-192-GCM" \ -s "a session has been resumed" \ -c "a session has been resumed" -requires_cipher_enabled "ARIA" "CCM" +requires_cipher_enabled "ARIA" "GCM" run_test "Session resume using tickets: ARIA-256-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-GCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ From c9f8386a7c09ef302bddecf5f3f95b313c1bb725 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 13 Nov 2023 10:03:56 +0000 Subject: [PATCH 0662/1674] Modify check-generated-files.sh to work in both repos Make the script work in both Mbed TLS and TF PSA Crypto. Signed-off-by: Thomas Daubney --- tests/scripts/check-generated-files.sh | 31 +++++++++++++++++--------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 67dedeb26..0689147f0 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -22,8 +22,12 @@ EOF exit fi -if [ -d library -a -d include -a -d tests ]; then :; else - echo "Must be run from Mbed TLS root" >&2 +IN_MBEDTLS=0 +if [ -d library -a -d include -a -d tests ]; then + IN_MBEDTLS=1 +elif [ -d core -a -d include -a -d tests ]; then :; +else + echo "Must be run from Mbed TLS root or TF-PSA-Crypto root" >&2 exit 1 fi @@ -114,16 +118,21 @@ check() # - **/CMakeLists.txt (to (re)build them with cmake) # - scripts/make_generated_files.bat (to generate them under Windows) -check scripts/generate_errors.pl library/error.c -check scripts/generate_query_config.pl programs/test/query_config.c -check scripts/generate_driver_wrappers.py library/psa_crypto_driver_wrappers.h library/psa_crypto_driver_wrappers_no_static.c -check scripts/generate_features.pl library/version_features.c -check scripts/generate_ssl_debug_helpers.py library/ssl_debug_helpers_generated.c -# generate_visualc_files enumerates source files (library/*.c). It doesn't -# care about their content, but the files must exist. So it must run after -# the step that creates or updates these files. -check scripts/generate_visualc_files.pl visualc/VS2013 +# These checks are common to Mbed TLS and TF PSA Crypto check scripts/generate_psa_constants.py programs/psa/psa_constant_names_generated.c check tests/scripts/generate_bignum_tests.py $(tests/scripts/generate_bignum_tests.py --list) check tests/scripts/generate_ecp_tests.py $(tests/scripts/generate_ecp_tests.py --list) check tests/scripts/generate_psa_tests.py $(tests/scripts/generate_psa_tests.py --list) + +# Additional checks for Mbed TLS only +if [ $IN_MBEDTLS -eq 1 ]; then + check scripts/generate_errors.pl library/error.c + check scripts/generate_query_config.pl programs/test/query_config.c + check scripts/generate_driver_wrappers.py library/psa_crypto_driver_wrappers.h library/psa_crypto_driver_wrappers_no_static.c + check scripts/generate_features.pl library/version_features.c + check scripts/generate_ssl_debug_helpers.py library/ssl_debug_helpers_generated.c + # generate_visualc_files enumerates source files (library/*.c). It doesn't + # care about their content, but the files must exist. So it must run after + # the step that creates or updates these files. + check scripts/generate_visualc_files.pl visualc/VS2013 +fi From 35842f52f2b6eb0245cb246c841bcb63d69d918e Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Mon, 13 Nov 2023 13:57:05 +0100 Subject: [PATCH 0663/1674] Simplified check. Signed-off-by: Matthias Schulz --- library/constant_time_impl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 57bb52e3d..cd93767c6 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -125,7 +125,7 @@ static inline mbedtls_ct_uint_t mbedtls_ct_compiler_opaque(mbedtls_ct_uint_t x) * seem to apply unified syntax globally, which breaks other asm code. */ #if defined(MBEDTLS_COMPILER_IS_GCC) && defined(__thumb__) && !defined(__thumb2__) && \ - (__GNUC__ < 11) && !((__GNUC__ == 4) && ((__GNUC_MINOR__ == 8) || (__GNUC_MINOR__ == 9))) + (__GNUC__ < 11) && !defined(__ARM_ARCH_2__) #define RESTORE_ASM_SYNTAX ".syntax divided \n\t" #else #define RESTORE_ASM_SYNTAX From e94525bd176de9384dbe7b5229a94b029011b334 Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Mon, 13 Nov 2023 14:01:02 +0100 Subject: [PATCH 0664/1674] Updated comments. Signed-off-by: Matthias Schulz --- library/constant_time_impl.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index cd93767c6..18a967b52 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -120,9 +120,9 @@ static inline mbedtls_ct_uint_t mbedtls_ct_compiler_opaque(mbedtls_ct_uint_t x) * On Thumb 2 and Arm, both compilers are happy with the "s" suffix, * although we don't actually care about setting the flags. * - * For old versions of gcc excluding 4.8 and 4.9 (see #8516 for details), - * restore divided syntax afterwards - otherwise old versions of gcc - * seem to apply unified syntax globally, which breaks other asm code. + * For old versions of gcc (see #8516 for details), restore divided + * syntax afterwards - otherwise old versions of gcc seem to apply + * unified syntax globally, which breaks other asm code. */ #if defined(MBEDTLS_COMPILER_IS_GCC) && defined(__thumb__) && !defined(__thumb2__) && \ (__GNUC__ < 11) && !defined(__ARM_ARCH_2__) From c43479103a3b8a8841000157944f0e090744d448 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 14 Nov 2023 10:10:49 +0800 Subject: [PATCH 0665/1674] aesce: fix unused parameter Signed-off-by: Yanray Wang --- library/aesce.c | 2 ++ tests/scripts/all.sh | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/library/aesce.c b/library/aesce.c index 9a82731f0..b78656397 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -248,6 +248,8 @@ int mbedtls_aesce_crypt_ecb(mbedtls_aes_context *ctx, if (mode == MBEDTLS_AES_DECRYPT) { block = aesce_decrypt_block(block, keys, ctx->nr); } else +#else + (void) mode; #endif { block = aesce_encrypt_block(block, keys, ctx->nr); diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 0f653fed1..db5f29bf6 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4644,7 +4644,7 @@ component_test_block_cipher_no_decrypt_aesce_armcc () { # test AESCE baremetal build scripts/config.py set MBEDTLS_AESCE_C msg "build: default config + BLOCK_CIPHER_NO_DECRYPT with AESCE" - armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto" + armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto -Werror -Wall -Wextra" # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA not grep mbedtls_aes_setkey_dec library/aes.o From b10cc7acc2546e1ccf88e5b641023e8c9e2e583e Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 14 Nov 2023 11:56:02 +0000 Subject: [PATCH 0666/1674] Modify generate_driver_wrappers.py to work in both repos Add repository detection and conditional setting of library_dir variable. Signed-off-by: Thomas Daubney --- scripts/generate_driver_wrappers.py | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py index 2fdc4cd0b..b510cdf43 100755 --- a/scripts/generate_driver_wrappers.py +++ b/scripts/generate_driver_wrappers.py @@ -7,7 +7,19 @@ based on template files in script/data_files/driver_templates/. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. import sys import os @@ -178,8 +190,15 @@ def main() -> int: mbedtls_root = os.path.abspath(args.mbedtls_root) + library_dir = '' + if build_tree.looks_like_mbedtls_root(mbedtls_root): + library_dir = 'library' + elif build_tree.looks_like_tf_psa_crypto_root(mbedtls_root): + library_dir = 'core' + output_directory = args.output_directory if args.output_directory is not None else \ - os.path.join(mbedtls_root, 'library') + os.path.join(mbedtls_root, library_dir) + template_directory = args.template_dir if args.template_dir is not None else \ os.path.join(mbedtls_root, 'scripts', From d3f844337f95daeb926bb7a3090e1f01d07dd342 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 14 Nov 2023 11:53:14 +0000 Subject: [PATCH 0667/1674] Further modify check-generated-files.sh Add further modifications to repo detection and calling the checks. Signed-off-by: Thomas Daubney --- tests/scripts/check-generated-files.sh | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 0689147f0..6f92ecd31 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -22,15 +22,25 @@ EOF exit fi -IN_MBEDTLS=0 -if [ -d library -a -d include -a -d tests ]; then - IN_MBEDTLS=1 +# Detect whether we are in one of Mbed TLS or TF-PSA-Crypto and exit if not +if [ -d library -a -d include -a -d tests ]; then :; elif [ -d core -a -d include -a -d tests ]; then :; else echo "Must be run from Mbed TLS root or TF-PSA-Crypto root" >&2 exit 1 fi +# Now we know we are in one of Mbed TLS or TF-PSA-Crypto, determine which one +in_mbedtls_build_dir () { + test -d library +} + +if in_mbedtls_build_dir; then + library_dir='library' +else + library_dir='core' +fi + UPDATE= LIST= while getopts lu OPTLET; do @@ -123,12 +133,12 @@ check scripts/generate_psa_constants.py programs/psa/psa_constant_names_generate check tests/scripts/generate_bignum_tests.py $(tests/scripts/generate_bignum_tests.py --list) check tests/scripts/generate_ecp_tests.py $(tests/scripts/generate_ecp_tests.py --list) check tests/scripts/generate_psa_tests.py $(tests/scripts/generate_psa_tests.py --list) +check scripts/generate_driver_wrappers.py $library_dir/psa_crypto_driver_wrappers.h $library_dir/psa_crypto_driver_wrappers_no_static.c # Additional checks for Mbed TLS only -if [ $IN_MBEDTLS -eq 1 ]; then +if in_mbedtls_build_dir; then check scripts/generate_errors.pl library/error.c check scripts/generate_query_config.pl programs/test/query_config.c - check scripts/generate_driver_wrappers.py library/psa_crypto_driver_wrappers.h library/psa_crypto_driver_wrappers_no_static.c check scripts/generate_features.pl library/version_features.c check scripts/generate_ssl_debug_helpers.py library/ssl_debug_helpers_generated.c # generate_visualc_files enumerates source files (library/*.c). It doesn't From 0bb761cc2f6bb4ea6e2a03ac80cb81bfbddf15ac Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 14 Nov 2023 12:03:10 +0000 Subject: [PATCH 0668/1674] Remove further extraneous whitespace in lcov script Signed-off-by: Thomas Daubney --- scripts/lcov.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/lcov.sh b/scripts/lcov.sh index 1969b3904..0584a0aac 100755 --- a/scripts/lcov.sh +++ b/scripts/lcov.sh @@ -32,7 +32,7 @@ set -eu # Repository detection in_mbedtls_build_dir () { - test -d library + test -d library } # Collect stats and build a HTML report. From c1750bb23d8b5e3016545ff8413fe6c4b868bb71 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 14 Nov 2023 15:16:38 +0000 Subject: [PATCH 0669/1674] Apply correct license to generate_driver_wrappers.py Signed-off-by: Thomas Daubney --- scripts/generate_driver_wrappers.py | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py index b510cdf43..e48ec3a52 100755 --- a/scripts/generate_driver_wrappers.py +++ b/scripts/generate_driver_wrappers.py @@ -7,19 +7,7 @@ based on template files in script/data_files/driver_templates/. """ # Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later import sys import os From e58128e2ba4597747e9d7811bc8b516fb8d271f7 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 14 Nov 2023 15:25:52 +0000 Subject: [PATCH 0670/1674] Refactor repository detection Signed-off-by: Thomas Daubney --- tests/scripts/check-generated-files.sh | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 6f92ecd31..92531a8d0 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -22,25 +22,22 @@ EOF exit fi -# Detect whether we are in one of Mbed TLS or TF-PSA-Crypto and exit if not -if [ -d library -a -d include -a -d tests ]; then :; -elif [ -d core -a -d include -a -d tests ]; then :; +in_mbedtls_repo () { + test -d include -a -d library -a -d programs -a -d tests +} + +in_tf_psa_crypto_repo () { + test -d include -a -d core -a -d drivers -a -d programs -a -d tests +} +if in_mbedtls_repo; then + library_dir='library' +elif in_tf_psa_crypto_repo; then + library_dir='core' else echo "Must be run from Mbed TLS root or TF-PSA-Crypto root" >&2 exit 1 fi -# Now we know we are in one of Mbed TLS or TF-PSA-Crypto, determine which one -in_mbedtls_build_dir () { - test -d library -} - -if in_mbedtls_build_dir; then - library_dir='library' -else - library_dir='core' -fi - UPDATE= LIST= while getopts lu OPTLET; do From d289b8bdca0584bf9a2cdf7725fc78accecf7013 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 14 Nov 2023 15:30:07 +0000 Subject: [PATCH 0671/1674] Stylise TF-PSA-Crypto correctly Signed-off-by: Thomas Daubney --- tests/scripts/check-generated-files.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 92531a8d0..84fbbda91 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -125,7 +125,7 @@ check() # - **/CMakeLists.txt (to (re)build them with cmake) # - scripts/make_generated_files.bat (to generate them under Windows) -# These checks are common to Mbed TLS and TF PSA Crypto +# These checks are common to Mbed TLS and TF-PSA-Crypto check scripts/generate_psa_constants.py programs/psa/psa_constant_names_generated.c check tests/scripts/generate_bignum_tests.py $(tests/scripts/generate_bignum_tests.py --list) check tests/scripts/generate_ecp_tests.py $(tests/scripts/generate_ecp_tests.py --list) From 3f80ffb9ff89439cbed08169ed174476247fe110 Mon Sep 17 00:00:00 2001 From: Matthias Schulz <140500342+mschulz-at-hilscher@users.noreply.github.com> Date: Tue, 14 Nov 2023 16:35:45 +0100 Subject: [PATCH 0672/1674] Update library/constant_time_impl.h Co-authored-by: Dave Rodgman Signed-off-by: Matthias Schulz <140500342+mschulz-at-hilscher@users.noreply.github.com> --- library/constant_time_impl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 273d2153b..821e7cffa 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -31,7 +31,7 @@ * Disable -Wredundant-decls so that gcc does not warn about this. This is re-enabled * at the bottom of this file. */ -#if __GNUC__ > 4 +#if defined(MBEDTLS_COMPILER_IS_GCC) && (__GNUC__ > 4) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wredundant-decls" #endif From 90c8c3235b588dfe711916bc77cfd03440e71f5e Mon Sep 17 00:00:00 2001 From: Matthias Schulz <140500342+mschulz-at-hilscher@users.noreply.github.com> Date: Tue, 14 Nov 2023 16:35:50 +0100 Subject: [PATCH 0673/1674] Update library/constant_time_impl.h Co-authored-by: Dave Rodgman Signed-off-by: Matthias Schulz <140500342+mschulz-at-hilscher@users.noreply.github.com> --- library/constant_time_impl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 821e7cffa..08b2f6df1 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -546,7 +546,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool_not(mbedtls_ct_condition_t return (mbedtls_ct_condition_t) (~x); } -#if __GNUC__ > 4 +#if defined(MBEDTLS_COMPILER_IS_GCC) && (__GNUC__ > 4) /* Restore warnings for -Wredundant-decls on gcc */ #pragma GCC diagnostic pop #endif From 0eb2dc11c41934eef53b51d1bdd52e86c375b27e Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 14 Nov 2023 16:56:45 +0000 Subject: [PATCH 0674/1674] Call the right function Correct erroneous function call Signed-off-by: Thomas Daubney --- tests/scripts/check-generated-files.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 84fbbda91..410f44eb0 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -28,7 +28,8 @@ in_mbedtls_repo () { in_tf_psa_crypto_repo () { test -d include -a -d core -a -d drivers -a -d programs -a -d tests -} +} + if in_mbedtls_repo; then library_dir='library' elif in_tf_psa_crypto_repo; then @@ -133,7 +134,7 @@ check tests/scripts/generate_psa_tests.py $(tests/scripts/generate_psa_tests.py check scripts/generate_driver_wrappers.py $library_dir/psa_crypto_driver_wrappers.h $library_dir/psa_crypto_driver_wrappers_no_static.c # Additional checks for Mbed TLS only -if in_mbedtls_build_dir; then +if in_mbedtls_repo; then check scripts/generate_errors.pl library/error.c check scripts/generate_query_config.pl programs/test/query_config.c check scripts/generate_features.pl library/version_features.c From 4291bc27b96f944f66348c11b8df9bf73670f988 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 14 Nov 2023 18:05:19 +0000 Subject: [PATCH 0675/1674] Remove trailing whitespace Signed-off-by: Thomas Daubney --- scripts/generate_driver_wrappers.py | 4 ++-- tests/scripts/check-generated-files.sh | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py index e48ec3a52..09beeca49 100755 --- a/scripts/generate_driver_wrappers.py +++ b/scripts/generate_driver_wrappers.py @@ -183,10 +183,10 @@ def main() -> int: library_dir = 'library' elif build_tree.looks_like_tf_psa_crypto_root(mbedtls_root): library_dir = 'core' - + output_directory = args.output_directory if args.output_directory is not None else \ os.path.join(mbedtls_root, library_dir) - + template_directory = args.template_dir if args.template_dir is not None else \ os.path.join(mbedtls_root, 'scripts', diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 410f44eb0..3fe4e8c63 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -32,7 +32,7 @@ in_tf_psa_crypto_repo () { if in_mbedtls_repo; then library_dir='library' -elif in_tf_psa_crypto_repo; then +elif in_tf_psa_crypto_repo; then library_dir='core' else echo "Must be run from Mbed TLS root or TF-PSA-Crypto root" >&2 From 6c485dad44d66d15db34d233db8ea5a96de1198c Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 15 Nov 2023 10:18:47 +0800 Subject: [PATCH 0676/1674] improve document Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index ad5fbc57a..8e187dd49 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1253,7 +1253,7 @@ struct mbedtls_ssl_session { #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ #if defined(MBEDTLS_SSL_EARLY_DATA) - uint32_t MBEDTLS_PRIVATE(max_early_data_size); /*!< max_early_data_size of ticket */ + uint32_t MBEDTLS_PRIVATE(max_early_data_size); /*!< maximum amount of early data in tickets */ #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) @@ -2042,6 +2042,10 @@ void mbedtls_ssl_tls13_conf_early_data(mbedtls_ssl_config *conf, * * \warning This interface is experimental and may change without notice. * + * \warning This interface DOES NOT influence/limit the amount of early data + * that can be received with tickets that were previously created and + * emitted and that clients may have stored. + * */ void mbedtls_ssl_tls13_conf_max_early_data_size( mbedtls_ssl_config *conf, uint32_t max_early_data_size); From fedaeb21b34b21adb8ae8818d758d3c706e3a4ea Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 15 Nov 2023 13:59:07 +0800 Subject: [PATCH 0677/1674] improve document Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 8e187dd49..07a74a490 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2043,8 +2043,8 @@ void mbedtls_ssl_tls13_conf_early_data(mbedtls_ssl_config *conf, * \warning This interface is experimental and may change without notice. * * \warning This interface DOES NOT influence/limit the amount of early data - * that can be received with tickets that were previously created and - * emitted and that clients may have stored. + * that can be received through previously created and issued tickets, + * which clients may have stored. * */ void mbedtls_ssl_tls13_conf_max_early_data_size( From cab5eff98cf8e1c1e201c99951f67ecae511416d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 7 Nov 2023 10:23:52 +0100 Subject: [PATCH 0678/1674] adjust_config_synonyms: make CCM and CCM* indipendent Signed-off-by: Valerio Setti --- include/psa/crypto_adjust_config_synonyms.h | 6 ------ 1 file changed, 6 deletions(-) diff --git a/include/psa/crypto_adjust_config_synonyms.h b/include/psa/crypto_adjust_config_synonyms.h index cf33465b5..332b622c9 100644 --- a/include/psa/crypto_adjust_config_synonyms.h +++ b/include/psa/crypto_adjust_config_synonyms.h @@ -24,12 +24,6 @@ #define PSA_WANT_ALG_ECDSA_ANY PSA_WANT_ALG_ECDSA #endif -#if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) && !defined(PSA_WANT_ALG_CCM) -#define PSA_WANT_ALG_CCM PSA_WANT_ALG_CCM_STAR_NO_TAG -#elif !defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) && defined(PSA_WANT_ALG_CCM) -#define PSA_WANT_ALG_CCM_STAR_NO_TAG PSA_WANT_ALG_CCM -#endif - #if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW #elif !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) From c2d68f56118ce06debd8ad2e560ec7216f4c7bd5 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 7 Nov 2023 10:36:55 +0100 Subject: [PATCH 0679/1674] adjust_legacy_from_psa: treat CCM and CCM* separately Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_from_psa.h | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index 6356bddc1..ba623a8bc 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -847,6 +847,15 @@ defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) #define MBEDTLS_PSA_BUILTIN_ALG_CCM 1 +#define MBEDTLS_CCM_C +#endif +#endif /* PSA_WANT_ALG_CCM */ + +#if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG) || \ + defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ + defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ + defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) #define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1 #define MBEDTLS_CCM_C #endif From bdfecb6a83ada71ad2f7846745f0216284c8c969 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 7 Nov 2023 15:37:20 +0100 Subject: [PATCH 0680/1674] all.sh: add test components for no-CCM and no-CCM* The idea is to show that there is no more any dependency between the two symbols: - component_test_full_no_ccm() keeps ALG_CCM_STAR_NO_TAG enabled, disables ALG_CCM and ensures that the latter does not get re-enabled accidentally - test_full_no_ccm_star_no_tag() keeps ALG_CCM enabled and disables ALG_CCM_STAR_NO_TAG and ensures that the latter does not get re-enabled accidentally Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 51 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index cba98c551..9f5712e7a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1632,6 +1632,57 @@ component_test_full_no_cipher_with_crypto_config() { common_test_full_no_cipher_with_psa_crypto 1 "full no CIPHER" } +component_test_full_no_ccm() { + msg "build: full no PSA_WANT_ALG_CCM" + + # Full config enables: + # - USE_PSA_CRYPTO so that TLS code dispatches cipher/AEAD to PSA + # - CRYPTO_CONFIG so that PSA_WANT config symbols are evaluated + scripts/config.py full + + # Disable PSA_WANT_ALG_CCM so that CCM is not supported in PSA. CCM_C is still + # enabled, but not used from TLS since USE_PSA is set. + # This is helpful to ensure that TLS tests below have proper dependencies. + # + # Note: also PSA_WANT_ALG_CCM_STAR_NO_TAG is enabled, but it does not cause + # PSA_WANT_ALG_CCM to be re-enabled. + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CCM + + make tests + + msg "test: full no PSA_WANT_ALG_CCM" + ( cd tests; ./test_suite_ssl ) +} + +component_test_full_no_ccm_star_no_tag() { + msg "build: full no PSA_WANT_ALG_CCM_STAR_NO_TAG" + + # Full config enables CRYPTO_CONFIG so that PSA_WANT config symbols are evaluated + scripts/config.py full + + # Disable CCM_STAR_NO_TAG, which is the target of this test, as well as all + # other components that enable MBEDTLS_PSA_BUILTIN_CIPHER internal symbol. + # This basically disables all unauthenticated ciphers on the PSA side, while + # keeping AEADs enabled. + # + # Note: PSA_WANT_ALG_CCM is enabled, but it does not cause + # PSA_WANT_ALG_CCM_STAR_NO_TAG to be re-enabled. + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CCM_STAR_NO_TAG + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_STREAM_CIPHER + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CTR + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CFB + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_OFB + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_ECB_NO_PADDING + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7 + + make tests + + # Ensure MBEDTLS_PSA_BUILTIN_CIPHER was not enabled + msg "verify: full no PSA_WANT_ALG_CCM_STAR_NO_TAG" + not grep mbedtls_psa_cipher library/psa_crypto_cipher.o +} + component_test_full_no_bignum () { msg "build: full minus bignum" scripts/config.py full From 51d5b196a1d98ed5f4de93145c93b5d1471b9be5 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 8 Nov 2023 10:56:54 +0100 Subject: [PATCH 0681/1674] all.sh: accelerate also CCM* in test_psa_crypto_config_accel_cipher_aead Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9f5712e7a..b18dd494b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3756,7 +3756,7 @@ component_test_psa_crypto_config_accel_cipher_aead () { msg "build: crypto config with accelerated cipher and AEAD" loc_accel_list="ALG_ECB_NO_PADDING ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB \ - ALG_OFB ALG_XTS ALG_STREAM_CIPHER \ + ALG_OFB ALG_XTS ALG_STREAM_CIPHER ALG_CCM_STAR_NO_TAG \ ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 ALG_CMAC \ KEY_TYPE_DES KEY_TYPE_AES KEY_TYPE_ARIA KEY_TYPE_CHACHA20 KEY_TYPE_CAMELLIA" From a765eaa33e6e35bc24aa45f8082aded641ceddfa Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 8 Nov 2023 11:09:42 +0100 Subject: [PATCH 0682/1674] test_driver_extension: fix acceleration support for CCM and CCM* Signed-off-by: Valerio Setti --- .../test/drivers/crypto_config_test_driver_extension.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h index 5ee949ab8..768a9a69f 100644 --- a/tests/include/test/drivers/crypto_config_test_driver_extension.h +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -537,6 +537,14 @@ #endif #endif +#if defined(PSA_WANT_ALG_CCM_STAR_NO_TAG) +#if defined(MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG) +#undef MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG +#else +#define MBEDTLS_PSA_ACCEL_ALG_CCM_STAR_NO_TAG 1 +#endif +#endif + #if defined(PSA_WANT_ALG_CBC_MAC) #if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_MAC) #undef MBEDTLS_PSA_ACCEL_ALG_CBC_MAC From a56eb46ce6b49e6a33fefb148f1c4ab707ada265 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 8 Nov 2023 11:30:15 +0100 Subject: [PATCH 0683/1674] adjust_legacy_from_psa: fix comment Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_from_psa.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index ba623a8bc..bf87c364e 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -859,7 +859,7 @@ #define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1 #define MBEDTLS_CCM_C #endif -#endif /* PSA_WANT_ALG_CCM */ +#endif /* PSA_WANT_ALG_CCM_STAR_NO_TAG */ #if defined(PSA_WANT_ALG_GCM) #if !defined(MBEDTLS_PSA_ACCEL_ALG_GCM) || \ From ff2b06a23597b17da4f669fbe604fa8f4776249b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 8 Nov 2023 12:35:36 +0100 Subject: [PATCH 0684/1674] all.sh: improve components for without CCM/CCM* Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b18dd494b..38c069867 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1648,10 +1648,10 @@ component_test_full_no_ccm() { # PSA_WANT_ALG_CCM to be re-enabled. scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CCM - make tests + make msg "test: full no PSA_WANT_ALG_CCM" - ( cd tests; ./test_suite_ssl ) + make test } component_test_full_no_ccm_star_no_tag() { @@ -1676,11 +1676,13 @@ component_test_full_no_ccm_star_no_tag() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7 - make tests + make # Ensure MBEDTLS_PSA_BUILTIN_CIPHER was not enabled - msg "verify: full no PSA_WANT_ALG_CCM_STAR_NO_TAG" not grep mbedtls_psa_cipher library/psa_crypto_cipher.o + + msg "test: full no PSA_WANT_ALG_CCM_STAR_NO_TAG" + make test } component_test_full_no_bignum () { From a4b60593c17aa01e7857cc6b8675d39e39e810a2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 8 Nov 2023 12:36:02 +0100 Subject: [PATCH 0685/1674] psa_exercise_key: replace legacy symbols with PSA_WANT ones Signed-off-by: Valerio Setti --- tests/include/test/psa_exercise_key.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h index 0f3ee3db6..bd523d126 100644 --- a/tests/include/test/psa_exercise_key.h +++ b/tests/include/test/psa_exercise_key.h @@ -46,11 +46,11 @@ * * For simplicity's sake, stick to block ciphers with 16-byte blocks. */ -#if defined(MBEDTLS_AES_C) +#if defined(PSA_WANT_KEY_TYPE_AES) #define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_AES -#elif defined(MBEDTLS_ARIA_C) +#elif defined(PSA_WANT_KEY_TYPE_ARIA) #define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_ARIA -#elif defined(MBEDTLS_CAMELLIA_C) +#elif defined(PSA_WANT_KEY_TYPE_CAMELLIA) #define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_CAMELLIA #undef KNOWN_SUPPORTED_BLOCK_CIPHER #endif @@ -81,13 +81,13 @@ * * This is used in some smoke tests. */ -#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CTR) +#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(PSA_WANT_ALG_CTR) #define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CTR -#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CBC) +#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(PSA_WANT_ALG_CBC_NO_PADDING) #define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CBC_NO_PADDING -#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_CFB) +#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(PSA_WANT_ALG_CFB) #define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_CFB -#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(MBEDTLS_CIPHER_MODE_OFB) +#elif defined(KNOWN_SUPPORTED_BLOCK_CIPHER) && defined(PSA_WANT_ALG_OFB) #define KNOWN_SUPPORTED_BLOCK_CIPHER_ALG PSA_ALG_OFB #else #undef KNOWN_SUPPORTED_BLOCK_CIPHER_ALG From 951faf6e7b1437e9015512d950773f2135a6a890 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 8 Nov 2023 12:59:12 +0100 Subject: [PATCH 0686/1674] ChangeLog: add change log for CCM/CCM* coupling removal Signed-off-by: Valerio Setti --- ChangeLog.d/8482.txt | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ChangeLog.d/8482.txt diff --git a/ChangeLog.d/8482.txt b/ChangeLog.d/8482.txt new file mode 100644 index 000000000..623d2e3c9 --- /dev/null +++ b/ChangeLog.d/8482.txt @@ -0,0 +1,6 @@ +Default behavior changes + * PSA_WANT_ALG_CCM and PSA_WANT_ALG_CCM_STAR_NO_TAG are no more synonyms and + they are now treated separately. This means that they should be + individually enabled in order to enable relative support; also the + corresponding MBEDTLS_PSA_ACCEL symbol should be defined in case + acceleration is required. From a50b89ebab26ed826884d700c65faea3c4e8bddf Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 8 Nov 2023 15:58:47 +0100 Subject: [PATCH 0687/1674] all.sh: disable CCM_STAR_NO_TAG in test_psa_crypto_config_accel_aead() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 38c069867..5e150f2e0 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3713,6 +3713,9 @@ component_test_psa_crypto_config_accel_aead () { scripts/config.py unset MBEDTLS_CCM_C scripts/config.py unset MBEDTLS_CHACHAPOLY_C + # Disable CCM_STAR_NO_TAG because this re-enables CCM_C. + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CCM_STAR_NO_TAG + # Build # ----- From 4809057ddf6c9aa863dc6d1da79a6ab3e633318d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 9 Nov 2023 11:25:57 +0100 Subject: [PATCH 0688/1674] changelog: use better wording and modify changelog section Signed-off-by: Valerio Setti --- ChangeLog.d/8482.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog.d/8482.txt b/ChangeLog.d/8482.txt index 623d2e3c9..a39223299 100644 --- a/ChangeLog.d/8482.txt +++ b/ChangeLog.d/8482.txt @@ -1,6 +1,6 @@ -Default behavior changes +Changes * PSA_WANT_ALG_CCM and PSA_WANT_ALG_CCM_STAR_NO_TAG are no more synonyms and they are now treated separately. This means that they should be - individually enabled in order to enable relative support; also the + individually enabled in order to enable respective support; also the corresponding MBEDTLS_PSA_ACCEL symbol should be defined in case acceleration is required. From 5e378d70e61a13b1801389c34b27d0fe4e5d115f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 9 Nov 2023 11:28:28 +0100 Subject: [PATCH 0689/1674] ssl_misc: remove DES from the list of key types supporting CBC Signed-off-by: Valerio Setti --- library/ssl_misc.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 4ddd9c4bb..8482ee151 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -255,8 +255,7 @@ uint32_t mbedtls_ssl_get_extension_mask(unsigned int extension_type); #if defined(MBEDTLS_SSL_HAVE_CBC) && \ (defined(MBEDTLS_SSL_HAVE_AES) || \ defined(MBEDTLS_SSL_HAVE_CAMELLIA) || \ - defined(MBEDTLS_SSL_HAVE_ARIA) || \ - defined(MBEDTLS_DES_C)) + defined(MBEDTLS_SSL_HAVE_ARIA)) #define MBEDTLS_SSL_SOME_SUITES_USE_CBC #endif From 776981ba422d5cf82fa012ffe97d2c4eb2bd9aee Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 9 Nov 2023 11:32:47 +0100 Subject: [PATCH 0690/1674] psa_exercise_key: add missing #else for KNOWN_SUPPORTED_BLOCK_CIPHER Signed-off-by: Valerio Setti --- tests/include/test/psa_exercise_key.h | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h index bd523d126..a658d1773 100644 --- a/tests/include/test/psa_exercise_key.h +++ b/tests/include/test/psa_exercise_key.h @@ -52,6 +52,7 @@ #define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_ARIA #elif defined(PSA_WANT_KEY_TYPE_CAMELLIA) #define KNOWN_SUPPORTED_BLOCK_CIPHER PSA_KEY_TYPE_CAMELLIA +#else #undef KNOWN_SUPPORTED_BLOCK_CIPHER #endif From f561ed8b3a08b5f1e9521b4eb707521918b21802 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 14 Nov 2023 17:33:32 +0800 Subject: [PATCH 0691/1674] all.sh: enable compat.sh testing in psa_crypto_config_[accel/reference]_cipher_aead Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index cba98c551..a4f909dd6 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3761,6 +3761,9 @@ component_test_psa_crypto_config_accel_cipher_aead () { msg "ssl-opt: crypto config with accelerated cipher and AEAD" tests/ssl-opt.sh + + msg "compat.sh: crypto config with accelerated cipher and AEAD" + tests/compat.sh -V NO -p mbedTLS } component_test_psa_crypto_config_reference_cipher_aead () { @@ -3774,6 +3777,9 @@ component_test_psa_crypto_config_reference_cipher_aead () { msg "ssl-opt: crypto config with non-accelerated cipher and AEAD" tests/ssl-opt.sh + + msg "compat.sh: crypto config with non-accelerated cipher and AEAD" + tests/compat.sh -V NO -p mbedTLS } component_test_aead_chachapoly_disabled() { From 799befd58e951d1444d311c00e57b5a6f3d71672 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 15 Nov 2023 11:04:08 +0100 Subject: [PATCH 0692/1674] Update to TEST_EQUAL macros for easier debuggability Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pkparse.function | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index 083d0d630..a334fe832 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -34,13 +34,13 @@ void pk_parse_keyfile_rsa(char *key_file, char *password, int result) res = mbedtls_pk_parse_keyfile(&ctx, key_file, pwd, mbedtls_test_rnd_std_rand, NULL); - TEST_ASSERT(res == result); + TEST_EQUAL(res, result); if (res == 0) { mbedtls_rsa_context *rsa; TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA)); rsa = mbedtls_pk_rsa(ctx); - TEST_ASSERT(mbedtls_rsa_check_privkey(rsa) == 0); + TEST_EQUAL(mbedtls_rsa_check_privkey(rsa), 0); } exit: @@ -61,13 +61,13 @@ void pk_parse_public_keyfile_rsa(char *key_file, int result) res = mbedtls_pk_parse_public_keyfile(&ctx, key_file); - TEST_ASSERT(res == result); + TEST_EQUAL(res, result); if (res == 0) { mbedtls_rsa_context *rsa; TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA)); rsa = mbedtls_pk_rsa(ctx); - TEST_ASSERT(mbedtls_rsa_check_pubkey(rsa) == 0); + TEST_EQUAL(mbedtls_rsa_check_pubkey(rsa), 0); } exit: @@ -87,7 +87,7 @@ void pk_parse_public_keyfile_ec(char *key_file, int result) res = mbedtls_pk_parse_public_keyfile(&ctx, key_file); - TEST_ASSERT(res == result); + TEST_EQUAL(res, result); if (res == 0) { TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY)); @@ -98,7 +98,7 @@ void pk_parse_public_keyfile_ec(char *key_file, int result) #else const mbedtls_ecp_keypair *eckey; eckey = mbedtls_pk_ec_ro(ctx); - TEST_ASSERT(mbedtls_ecp_check_pubkey(&eckey->grp, &eckey->Q) == 0); + TEST_EQUAL(mbedtls_ecp_check_pubkey(&eckey->grp, &eckey->Q), 0); #endif } @@ -120,13 +120,13 @@ void pk_parse_keyfile_ec(char *key_file, char *password, int result) res = mbedtls_pk_parse_keyfile(&ctx, key_file, password, mbedtls_test_rnd_std_rand, NULL); - TEST_ASSERT(res == result); + TEST_EQUAL(res, result); if (res == 0) { TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY)); #if defined(MBEDTLS_ECP_C) const mbedtls_ecp_keypair *eckey = mbedtls_pk_ec_ro(ctx); - TEST_ASSERT(mbedtls_ecp_check_privkey(&eckey->grp, &eckey->d) == 0); + TEST_EQUAL(mbedtls_ecp_check_privkey(&eckey->grp, &eckey->d), 0); #else /* PSA keys are already checked on import so nothing to do here. */ #endif From 4ebccc03969f81c37d1c509c46350d05b2cd4b11 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 15 Nov 2023 11:04:30 +0100 Subject: [PATCH 0693/1674] Update PSA init for md-ligt Also initialize PSA in builds where hashes are PSA-only, for the sake of encrypted keys (otherwise PBKDF fails). Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pkparse.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index a334fe832..43dcea5f8 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -115,7 +115,7 @@ void pk_parse_keyfile_ec(char *key_file, char *password, int result) int res; mbedtls_pk_init(&ctx); - USE_PSA_INIT(); + MD_PSA_INIT(); res = mbedtls_pk_parse_keyfile(&ctx, key_file, password, mbedtls_test_rnd_std_rand, NULL); @@ -134,7 +134,7 @@ void pk_parse_keyfile_ec(char *key_file, char *password, int result) exit: mbedtls_pk_free(&ctx); - USE_PSA_DONE(); + MD_PSA_DONE(); } /* END_CASE */ From e7fc8a232fd34ec6fd74ffb93a1d200307ba9588 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 15 Nov 2023 16:56:26 +0100 Subject: [PATCH 0694/1674] Readability improvement Signed-off-by: Gilles Peskine --- tests/scripts/run-metatests.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/run-metatests.sh b/tests/scripts/run-metatests.sh index 09a6f8a4f..22a302c62 100755 --- a/tests/scripts/run-metatests.sh +++ b/tests/scripts/run-metatests.sh @@ -46,7 +46,7 @@ shift $((OPTIND - 1)) list_matches () { while read name platform junk; do - for pattern; do + for pattern in "$@"; do case $platform in $pattern) echo "$name"; break;; esac From 5556f908cbaa39da0a718686e9e51c2d42baf3bd Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 15 Nov 2023 16:43:02 +0000 Subject: [PATCH 0695/1674] Rename variables in script Rename some variables in generate_driver_wrappers.py now that the script has to work in two repositories as opposed to just mbed tls. Signed-off-by: Thomas Daubney --- scripts/generate_driver_wrappers.py | 30 ++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py index 09beeca49..538999af8 100755 --- a/scripts/generate_driver_wrappers.py +++ b/scripts/generate_driver_wrappers.py @@ -108,17 +108,17 @@ def load_driver(schemas: Dict[str, Any], driver_file: str) -> Any: return json_data -def load_schemas(mbedtls_root: str) -> Dict[str, Any]: +def load_schemas(repo_root: str) -> Dict[str, Any]: """ Load schemas map """ schema_file_paths = { - 'transparent': os.path.join(mbedtls_root, + 'transparent': os.path.join(repo_root, 'scripts', 'data_files', 'driver_jsons', 'driver_transparent_schema.json'), - 'opaque': os.path.join(mbedtls_root, + 'opaque': os.path.join(repo_root, 'scripts', 'data_files', 'driver_jsons', @@ -131,13 +131,13 @@ def load_schemas(mbedtls_root: str) -> Dict[str, Any]: return driver_schema -def read_driver_descriptions(mbedtls_root: str, +def read_driver_descriptions(repo_root: str, json_directory: str, jsondriver_list: str) -> list: """ Merge driver JSON files into a single ordered JSON after validation. """ - driver_schema = load_schemas(mbedtls_root) + driver_schema = load_schemas(repo_root) with open(file=os.path.join(json_directory, jsondriver_list), mode='r', @@ -163,11 +163,11 @@ def main() -> int: """ Main with command line arguments. """ - def_arg_mbedtls_root = build_tree.guess_mbedtls_root() + def_arg_repo_root = build_tree.guess_mbedtls_root() parser = argparse.ArgumentParser() - parser.add_argument('--mbedtls-root', default=def_arg_mbedtls_root, - help='root directory of mbedtls source code') + parser.add_argument('--repo-root', default=def_arg_repo_root, + help='root directory of repo source code') parser.add_argument('--template-dir', help='directory holding the driver templates') parser.add_argument('--json-dir', @@ -176,31 +176,31 @@ def main() -> int: help='output file\'s location') args = parser.parse_args() - mbedtls_root = os.path.abspath(args.mbedtls_root) + repo_root = os.path.abspath(args.repo_root) library_dir = '' - if build_tree.looks_like_mbedtls_root(mbedtls_root): + if build_tree.looks_like_mbedtls_root(repo_root): library_dir = 'library' - elif build_tree.looks_like_tf_psa_crypto_root(mbedtls_root): + elif build_tree.looks_like_tf_psa_crypto_root(repo_root): library_dir = 'core' output_directory = args.output_directory if args.output_directory is not None else \ - os.path.join(mbedtls_root, library_dir) + os.path.join(repo_root, library_dir) template_directory = args.template_dir if args.template_dir is not None else \ - os.path.join(mbedtls_root, + os.path.join(repo_root, 'scripts', 'data_files', 'driver_templates') json_directory = args.json_dir if args.json_dir is not None else \ - os.path.join(mbedtls_root, + os.path.join(repo_root, 'scripts', 'data_files', 'driver_jsons') try: # Read and validate list of driver jsons from driverlist.json - merged_driver_json = read_driver_descriptions(mbedtls_root, + merged_driver_json = read_driver_descriptions(repo_root, json_directory, 'driverlist.json') except DriverReaderException as e: From c5d4c46983e430a03c755fa560c094616ce67f50 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 15 Nov 2023 14:20:07 +0800 Subject: [PATCH 0696/1674] Add missing PSA init EC might be supported through PSA, so use `MD_OR_USE_PSA_INIT` in pk_parse_{public_}keyfile_ec. Signed-off-by: Pengyu Lv --- tests/suites/test_suite_pkparse.function | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index 43dcea5f8..d416b8724 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -83,7 +83,7 @@ void pk_parse_public_keyfile_ec(char *key_file, int result) int res; mbedtls_pk_init(&ctx); - MD_PSA_INIT(); + MD_OR_USE_PSA_INIT(); res = mbedtls_pk_parse_public_keyfile(&ctx, key_file); @@ -104,7 +104,7 @@ void pk_parse_public_keyfile_ec(char *key_file, int result) exit: mbedtls_pk_free(&ctx); - MD_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ @@ -115,7 +115,7 @@ void pk_parse_keyfile_ec(char *key_file, char *password, int result) int res; mbedtls_pk_init(&ctx); - MD_PSA_INIT(); + MD_OR_USE_PSA_INIT(); res = mbedtls_pk_parse_keyfile(&ctx, key_file, password, mbedtls_test_rnd_std_rand, NULL); @@ -134,7 +134,7 @@ void pk_parse_keyfile_ec(char *key_file, char *password, int result) exit: mbedtls_pk_free(&ctx); - MD_PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ From 1a369d68aadfc50c2fe27b29d81ae6c51e97224a Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 16 Nov 2023 15:17:31 +0800 Subject: [PATCH 0697/1674] ssl_tls: add missing guard for mbedtls_ssl_cipher_to_psa Signed-off-by: Yanray Wang --- library/ssl_tls.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4751d3418..2632574a7 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2698,131 +2698,181 @@ psa_status_t mbedtls_ssl_cipher_to_psa(mbedtls_cipher_type_t mbedtls_cipher_type size_t *key_size) { switch (mbedtls_cipher_type) { +#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CBC) case MBEDTLS_CIPHER_AES_128_CBC: *alg = PSA_ALG_CBC_NO_PADDING; *key_type = PSA_KEY_TYPE_AES; *key_size = 128; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CCM) case MBEDTLS_CIPHER_AES_128_CCM: *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM; *key_type = PSA_KEY_TYPE_AES; *key_size = 128; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_GCM) case MBEDTLS_CIPHER_AES_128_GCM: *alg = PSA_ALG_GCM; *key_type = PSA_KEY_TYPE_AES; *key_size = 128; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CCM) case MBEDTLS_CIPHER_AES_192_CCM: *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM; *key_type = PSA_KEY_TYPE_AES; *key_size = 192; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_GCM) case MBEDTLS_CIPHER_AES_192_GCM: *alg = PSA_ALG_GCM; *key_type = PSA_KEY_TYPE_AES; *key_size = 192; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CBC) case MBEDTLS_CIPHER_AES_256_CBC: *alg = PSA_ALG_CBC_NO_PADDING; *key_type = PSA_KEY_TYPE_AES; *key_size = 256; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CCM) case MBEDTLS_CIPHER_AES_256_CCM: *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM; *key_type = PSA_KEY_TYPE_AES; *key_size = 256; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_GCM) case MBEDTLS_CIPHER_AES_256_GCM: *alg = PSA_ALG_GCM; *key_type = PSA_KEY_TYPE_AES; *key_size = 256; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CBC) case MBEDTLS_CIPHER_ARIA_128_CBC: *alg = PSA_ALG_CBC_NO_PADDING; *key_type = PSA_KEY_TYPE_ARIA; *key_size = 128; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CCM) case MBEDTLS_CIPHER_ARIA_128_CCM: *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM; *key_type = PSA_KEY_TYPE_ARIA; *key_size = 128; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_GCM) case MBEDTLS_CIPHER_ARIA_128_GCM: *alg = PSA_ALG_GCM; *key_type = PSA_KEY_TYPE_ARIA; *key_size = 128; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CCM) case MBEDTLS_CIPHER_ARIA_192_CCM: *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM; *key_type = PSA_KEY_TYPE_ARIA; *key_size = 192; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_GCM) case MBEDTLS_CIPHER_ARIA_192_GCM: *alg = PSA_ALG_GCM; *key_type = PSA_KEY_TYPE_ARIA; *key_size = 192; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CBC) case MBEDTLS_CIPHER_ARIA_256_CBC: *alg = PSA_ALG_CBC_NO_PADDING; *key_type = PSA_KEY_TYPE_ARIA; *key_size = 256; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_CCM) case MBEDTLS_CIPHER_ARIA_256_CCM: *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM; *key_type = PSA_KEY_TYPE_ARIA; *key_size = 256; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_ARIA) && defined(MBEDTLS_SSL_HAVE_GCM) case MBEDTLS_CIPHER_ARIA_256_GCM: *alg = PSA_ALG_GCM; *key_type = PSA_KEY_TYPE_ARIA; *key_size = 256; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CBC) case MBEDTLS_CIPHER_CAMELLIA_128_CBC: *alg = PSA_ALG_CBC_NO_PADDING; *key_type = PSA_KEY_TYPE_CAMELLIA; *key_size = 128; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CCM) case MBEDTLS_CIPHER_CAMELLIA_128_CCM: *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM; *key_type = PSA_KEY_TYPE_CAMELLIA; *key_size = 128; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_GCM) case MBEDTLS_CIPHER_CAMELLIA_128_GCM: *alg = PSA_ALG_GCM; *key_type = PSA_KEY_TYPE_CAMELLIA; *key_size = 128; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CCM) case MBEDTLS_CIPHER_CAMELLIA_192_CCM: *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM; *key_type = PSA_KEY_TYPE_CAMELLIA; *key_size = 192; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_GCM) case MBEDTLS_CIPHER_CAMELLIA_192_GCM: *alg = PSA_ALG_GCM; *key_type = PSA_KEY_TYPE_CAMELLIA; *key_size = 192; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CBC) case MBEDTLS_CIPHER_CAMELLIA_256_CBC: *alg = PSA_ALG_CBC_NO_PADDING; *key_type = PSA_KEY_TYPE_CAMELLIA; *key_size = 256; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_CCM) case MBEDTLS_CIPHER_CAMELLIA_256_CCM: *alg = taglen ? PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, taglen) : PSA_ALG_CCM; *key_type = PSA_KEY_TYPE_CAMELLIA; *key_size = 256; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_CAMELLIA) && defined(MBEDTLS_SSL_HAVE_GCM) case MBEDTLS_CIPHER_CAMELLIA_256_GCM: *alg = PSA_ALG_GCM; *key_type = PSA_KEY_TYPE_CAMELLIA; *key_size = 256; break; +#endif +#if defined(MBEDTLS_SSL_HAVE_CHACHAPOLY) case MBEDTLS_CIPHER_CHACHA20_POLY1305: *alg = PSA_ALG_CHACHA20_POLY1305; *key_type = PSA_KEY_TYPE_CHACHA20; *key_size = 256; break; +#endif case MBEDTLS_CIPHER_NULL: *alg = MBEDTLS_SSL_NULL_CIPHER; *key_type = 0; From 59de2ae6de5a36335ab62a020d78cff9e81a8ccc Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 16 Nov 2023 08:20:27 +0100 Subject: [PATCH 0698/1674] all.sh: re-enable CCM/GCM in test_full_no_cipher() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index dba8e7865..21cc3b10e 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1538,9 +1538,7 @@ component_test_full_no_cipher () { # (currently ignored anyway because we completely disable PSA) scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG # Disable features that depend on CIPHER_C - scripts/config.py unset MBEDTLS_CCM_C scripts/config.py unset MBEDTLS_CMAC_C - scripts/config.py unset MBEDTLS_GCM_C scripts/config.py unset MBEDTLS_NIST_KW_C scripts/config.py unset MBEDTLS_PKCS12_C scripts/config.py unset MBEDTLS_PKCS5_C @@ -1553,7 +1551,6 @@ component_test_full_no_cipher () { scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE - make CFLAGS='-DMBEDTLS_BLOCK_CIPHER_C' msg "test: full no CIPHER no PSA_CRYPTO_C" make test From 4ed8691f6d1e86de4716e36711f5ad35855bfc75 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 16 Nov 2023 15:20:56 +0800 Subject: [PATCH 0699/1674] ssl: move MBEDTLS_SSL_HAVE_XXX to config_adjust_legacy_crypto.h Signed-off-by: Yanray Wang --- include/mbedtls/config_adjust_legacy_crypto.h | 20 +++++++++++++++++++ include/mbedtls/ssl.h | 20 ------------------- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index e4f6a2760..c60e1e32c 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -311,6 +311,26 @@ #define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY #endif +/* Some internal helpers to determine which keys are availble. */ +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_AES)) +#define MBEDTLS_SSL_HAVE_AES +#endif +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ARIA_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ARIA)) +#define MBEDTLS_SSL_HAVE_ARIA +#endif +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CAMELLIA_C)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_CAMELLIA)) +#define MBEDTLS_SSL_HAVE_CAMELLIA +#endif + +/* Some internal helpers to determine which operation modes are availble. */ +#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CIPHER_MODE_CBC)) || \ + (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CBC_NO_PADDING)) +#define MBEDTLS_SSL_HAVE_CBC +#endif + #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_GCM_C)) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM)) #define MBEDTLS_SSL_HAVE_GCM diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 30b868512..57390c168 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -600,26 +600,6 @@ #define MBEDTLS_TLS_EXT_RENEGOTIATION_INFO 0xFF01 -/* Some internal helpers to determine which keys are availble. */ -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_AES_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_AES)) -#define MBEDTLS_SSL_HAVE_AES -#endif -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CAMELLIA_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_CAMELLIA)) -#define MBEDTLS_SSL_HAVE_CAMELLIA -#endif -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ARIA_C)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ARIA)) -#define MBEDTLS_SSL_HAVE_ARIA -#endif - -/* Some internal helpers to determine which operation modes are availble. */ -#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_CIPHER_MODE_CBC)) || \ - (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_CBC_NO_PADDING)) -#define MBEDTLS_SSL_HAVE_CBC -#endif - /* * Size defines */ From 7afd9a466310bac6b3effa19fcab5535f3acd614 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 16 Nov 2023 17:55:25 +0800 Subject: [PATCH 0700/1674] Change the test messages We are now testing driver-only cipher+aead with full config. Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a4f909dd6..8df3df83c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3702,7 +3702,7 @@ common_psa_crypto_config_accel_cipher_aead() { # are meant to be used together in analyze_outcomes.py script in order to test # driver's coverage for ciphers and AEADs. component_test_psa_crypto_config_accel_cipher_aead () { - msg "build: crypto config with accelerated cipher and AEAD" + msg "build: full config with accelerated cipher and AEAD" loc_accel_list="ALG_ECB_NO_PADDING ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB \ ALG_OFB ALG_XTS ALG_STREAM_CIPHER \ @@ -3756,29 +3756,29 @@ component_test_psa_crypto_config_accel_cipher_aead () { # Run the tests # ------------- - msg "test: crypto config with accelerated cipher and AEAD" + msg "test: full config with accelerated cipher and AEAD" make test - msg "ssl-opt: crypto config with accelerated cipher and AEAD" + msg "ssl-opt: full config with accelerated cipher and AEAD" tests/ssl-opt.sh - msg "compat.sh: crypto config with accelerated cipher and AEAD" + msg "compat.sh: full config with accelerated cipher and AEAD" tests/compat.sh -V NO -p mbedTLS } component_test_psa_crypto_config_reference_cipher_aead () { - msg "build: crypto config with non-accelerated cipher and AEAD" + msg "build: full config with non-accelerated cipher and AEAD" common_psa_crypto_config_accel_cipher_aead make - msg "test: crypto config with non-accelerated cipher and AEAD" + msg "test: full config with non-accelerated cipher and AEAD" make test - msg "ssl-opt: crypto config with non-accelerated cipher and AEAD" + msg "ssl-opt: full config with non-accelerated cipher and AEAD" tests/ssl-opt.sh - msg "compat.sh: crypto config with non-accelerated cipher and AEAD" + msg "compat.sh: full config with non-accelerated cipher and AEAD" tests/compat.sh -V NO -p mbedTLS } From dbfd6a9f62b15917249115575abe62919051b26a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 16 Nov 2023 08:21:14 +0100 Subject: [PATCH 0701/1674] adjust_legacy_crypto: auto-enable BLOCK_CIPHER_C when CIPHER_C is not defined Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_crypto.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index e4f6a2760..edb1057c6 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -22,8 +22,8 @@ #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H #define MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H -/* Temporary hack to pacify check_names.py. - * (GCM and CCM still hard-depend on CIPHER_C for now.) */ +/* GCM_C and CCM_C can either depend on (in order of preference) CIPHER_C or + * BLOCK_CIPHER_C. If the former is not defined, auto-enable the latter. */ #if (defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)) && \ !defined(MBEDTLS_CIPHER_C) #define MBEDTLS_BLOCK_CIPHER_C From 8db46e4ee10f7d95d4795a0c73aa7668a2d5ec75 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 16 Nov 2023 08:22:04 +0100 Subject: [PATCH 0702/1674] check_config: remove dependency check of CCM_C/GCM_C on CIPHER_C CCM_C/GCM_C can now work with either (in order of preference) CIPHER_C or BLOCK_CIPHER_C and the latter is auto-enabled in case the former is not enabled. As a consequence there is no need to enforce the dependency on CIPHER_C. Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 8 -------- 1 file changed, 8 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 951db314e..7070dad7b 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -306,19 +306,11 @@ #error "MBEDTLS_CCM_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_CCM_C) && !defined(MBEDTLS_CIPHER_C) -#error "MBEDTLS_CCM_C defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_GCM_C) && ( \ !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) ) #error "MBEDTLS_GCM_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CIPHER_C) -#error "MBEDTLS_GCM_C defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_CHACHA20_C) #error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites" #endif From 19e4dc8df7904d8c65a146bc262720b855ac0c4c Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 16 Nov 2023 18:02:05 +0800 Subject: [PATCH 0703/1674] tls: fix unused parameter in mbedtls_ssl_cipher_to_psa Signed-off-by: Yanray Wang --- library/ssl_tls.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 2632574a7..1a3fd7106 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2697,6 +2697,9 @@ psa_status_t mbedtls_ssl_cipher_to_psa(mbedtls_cipher_type_t mbedtls_cipher_type psa_key_type_t *key_type, size_t *key_size) { +#if !defined(MBEDTLS_SSL_HAVE_CCM) + (void) taglen; +#endif switch (mbedtls_cipher_type) { #if defined(MBEDTLS_SSL_HAVE_AES) && defined(MBEDTLS_SSL_HAVE_CBC) case MBEDTLS_CIPHER_AES_128_CBC: From 9b7a8b2a0caac2e22fafde694946e11735410a9a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 16 Nov 2023 08:24:51 +0100 Subject: [PATCH 0704/1674] ccm/gcm: reaplace CIPHER_C functions with BLOCK_CIPHER_C ones Signed-off-by: Valerio Setti --- include/mbedtls/ccm.h | 8 +++++ include/mbedtls/gcm.h | 8 +++++ library/ccm.c | 78 +++++++++++++++++++++++++++++++++++++------ library/gcm.c | 57 ++++++++++++++++++++++++++++--- 4 files changed, 137 insertions(+), 14 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index a98111b4e..8bf8c3238 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -40,6 +40,10 @@ #include "mbedtls/cipher.h" +#if !defined(MBEDTLS_CIPHER_C) +#include "mbedtls/block_cipher.h" +#endif + #define MBEDTLS_CCM_DECRYPT 0 #define MBEDTLS_CCM_ENCRYPT 1 #define MBEDTLS_CCM_STAR_DECRYPT 2 @@ -80,7 +84,11 @@ typedef struct mbedtls_ccm_context { #MBEDTLS_CCM_DECRYPT or #MBEDTLS_CCM_STAR_ENCRYPT or #MBEDTLS_CCM_STAR_DECRYPT. */ +#if defined(MBEDTLS_CIPHER_C) mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ +#else + mbedtls_block_cipher_context_t MBEDTLS_PRIVATE(block_cipher_ctx); /*!< The cipher context used. */ +#endif int MBEDTLS_PRIVATE(state); /*!< Working value holding context's state. Used for chunked data input */ } diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 837cecc09..3925f6827 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -24,6 +24,10 @@ #include "mbedtls/cipher.h" +#if !defined(MBEDTLS_CIPHER_C) +#include "mbedtls/block_cipher.h" +#endif + #include #define MBEDTLS_GCM_ENCRYPT 1 @@ -46,7 +50,11 @@ extern "C" { * \brief The GCM context structure. */ typedef struct mbedtls_gcm_context { +#if defined(MBEDTLS_CIPHER_C) mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ +#else + mbedtls_block_cipher_context_t MBEDTLS_PRIVATE(block_cipher_ctx); /*!< The cipher context used. */ +#endif uint64_t MBEDTLS_PRIVATE(HL)[16]; /*!< Precalculated HTable low. */ uint64_t MBEDTLS_PRIVATE(HH)[16]; /*!< Precalculated HTable high. */ uint64_t MBEDTLS_PRIVATE(len); /*!< The total length of the encrypted data. */ diff --git a/library/ccm.c b/library/ccm.c index 2cccd2809..444351df0 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -23,6 +23,10 @@ #include "mbedtls/error.h" #include "mbedtls/constant_time.h" +#if !defined(MBEDTLS_CIPHER_C) +#include "block_cipher_internal.h" +#endif + #include #if defined(MBEDTLS_PLATFORM_C) @@ -51,6 +55,8 @@ int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, unsigned int keybits) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + +#if defined(MBEDTLS_CIPHER_C) const mbedtls_cipher_info_t *cipher_info; cipher_info = mbedtls_cipher_info_from_values(cipher, keybits, @@ -73,6 +79,17 @@ int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, MBEDTLS_ENCRYPT)) != 0) { return ret; } +#else + mbedtls_block_cipher_free(&ctx->block_cipher_ctx); + + if ((ret = mbedtls_block_cipher_setup(&ctx->block_cipher_ctx, cipher)) != 0) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } + + if ((ret = mbedtls_block_cipher_setkey(&ctx->block_cipher_ctx, key, keybits)) != 0) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } +#endif return 0; } @@ -85,7 +102,11 @@ void mbedtls_ccm_free(mbedtls_ccm_context *ctx) if (ctx == NULL) { return; } +#if defined(MBEDTLS_CIPHER_C) mbedtls_cipher_free(&ctx->cipher_ctx); +#else + mbedtls_block_cipher_free(&ctx->block_cipher_ctx); +#endif mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ccm_context)); } @@ -104,16 +125,25 @@ static int mbedtls_ccm_crypt(mbedtls_ccm_context *ctx, const unsigned char *input, unsigned char *output) { - size_t olen = 0; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char tmp_buf[16] = { 0 }; +#if defined(MBEDTLS_CIPHER_C) + size_t olen = 0; + if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, &olen)) != 0) { ctx->state |= CCM_STATE__ERROR; mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); return ret; } +#else + if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->ctr, tmp_buf)) != 0) { + ctx->state |= CCM_STATE__ERROR; + mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); + return ret; + } +#endif mbedtls_xor(output, input, tmp_buf + offset, use_len); @@ -132,7 +162,10 @@ static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; - size_t len_left, olen; + size_t len_left; +#if defined(MBEDTLS_CIPHER_C) + size_t olen; +#endif /* length calculation can be done only after both * mbedtls_ccm_starts() and mbedtls_ccm_set_lengths() have been executed @@ -178,10 +211,17 @@ static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) } /* Start CBC-MAC with first block*/ +#if defined(MBEDTLS_CIPHER_C) if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) { ctx->state |= CCM_STATE__ERROR; return ret; } +#else + if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y)) != 0) { + ctx->state |= CCM_STATE__ERROR; + return ret; + } +#endif return 0; } @@ -258,7 +298,10 @@ int mbedtls_ccm_update_ad(mbedtls_ccm_context *ctx, size_t add_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t olen, use_len, offset; + size_t use_len, offset; +#if defined(MBEDTLS_CIPHER_C) + size_t olen; +#endif if (ctx->state & CCM_STATE__ERROR) { return MBEDTLS_ERR_CCM_BAD_INPUT; @@ -298,8 +341,12 @@ int mbedtls_ccm_update_ad(mbedtls_ccm_context *ctx, add += use_len; if (use_len + offset == 16 || ctx->processed == ctx->add_len) { - if ((ret = - mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) { +#if defined(MBEDTLS_CIPHER_C) + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); +#else + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); +#endif + if (ret != 0) { ctx->state |= CCM_STATE__ERROR; return ret; } @@ -322,7 +369,10 @@ int mbedtls_ccm_update(mbedtls_ccm_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; - size_t use_len, offset, olen; + size_t use_len, offset; +#if defined(MBEDTLS_CIPHER_C) + size_t olen; +#endif unsigned char local_output[16]; @@ -360,8 +410,12 @@ int mbedtls_ccm_update(mbedtls_ccm_context *ctx, mbedtls_xor(ctx->y + offset, ctx->y + offset, input, use_len); if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) { - if ((ret = - mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) { +#if defined(MBEDTLS_CIPHER_C) + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); +#else + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); +#endif + if (ret != 0) { ctx->state |= CCM_STATE__ERROR; goto exit; } @@ -391,8 +445,12 @@ int mbedtls_ccm_update(mbedtls_ccm_context *ctx, memcpy(output, local_output, use_len); if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) { - if ((ret = - mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) { +#if defined(MBEDTLS_CIPHER_C) + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); +#else + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); +#endif + if (ret != 0) { ctx->state |= CCM_STATE__ERROR; goto exit; } diff --git a/library/gcm.c b/library/gcm.c index 42fd02078..390bb3e15 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -25,6 +25,10 @@ #include "mbedtls/error.h" #include "mbedtls/constant_time.h" +#if !defined(MBEDTLS_CIPHER_C) +#include "block_cipher_internal.h" +#endif + #include #if defined(MBEDTLS_AESNI_C) @@ -59,12 +63,20 @@ static int gcm_gen_table(mbedtls_gcm_context *ctx) uint64_t hi, lo; uint64_t vl, vh; unsigned char h[16]; - size_t olen = 0; memset(h, 0, 16); + +#if defined(MBEDTLS_CIPHER_C) + size_t olen = 0; + if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, h, 16, h, &olen)) != 0) { return ret; } +#else + if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, h, h)) != 0) { + return ret; + } +#endif /* pack h as two 64-bits ints, big-endian */ hi = MBEDTLS_GET_UINT32_BE(h, 0); @@ -124,12 +136,14 @@ int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx, unsigned int keybits) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - const mbedtls_cipher_info_t *cipher_info; if (keybits != 128 && keybits != 192 && keybits != 256) { return MBEDTLS_ERR_GCM_BAD_INPUT; } +#if defined(MBEDTLS_CIPHER_C) + const mbedtls_cipher_info_t *cipher_info; + cipher_info = mbedtls_cipher_info_from_values(cipher, keybits, MBEDTLS_MODE_ECB); if (cipher_info == NULL) { @@ -150,6 +164,17 @@ int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx, MBEDTLS_ENCRYPT)) != 0) { return ret; } +#else + mbedtls_block_cipher_free(&ctx->block_cipher_ctx); + + if ((ret = mbedtls_block_cipher_setup(&ctx->block_cipher_ctx, cipher)) != 0) { + return ret; + } + + if ((ret = mbedtls_block_cipher_setkey(&ctx->block_cipher_ctx, key, keybits)) != 0) { + return ret; + } +#endif if ((ret = gcm_gen_table(ctx)) != 0) { return ret; @@ -252,8 +277,11 @@ int mbedtls_gcm_starts(mbedtls_gcm_context *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char work_buf[16]; const unsigned char *p; - size_t use_len, olen = 0; + size_t use_len; uint64_t iv_bits; +#if defined(MBEDTLS_CIPHER_C) + size_t olen = 0; +#endif /* IV is limited to 2^64 bits, so 2^61 bytes */ /* IV is not allowed to be zero length */ @@ -293,10 +321,18 @@ int mbedtls_gcm_starts(mbedtls_gcm_context *ctx, gcm_mult(ctx, ctx->y, ctx->y); } + +#if defined(MBEDTLS_CIPHER_C) if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr, &olen)) != 0) { return ret; } +#else + if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, + ctx->base_ectr)) != 0) { + return ret; + } +#endif return 0; } @@ -386,8 +422,9 @@ static int gcm_mask(mbedtls_gcm_context *ctx, const unsigned char *input, unsigned char *output) { - size_t olen = 0; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; +#if defined(MBEDTLS_CIPHER_C) + size_t olen = 0; if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ectr, &olen)) != 0) { @@ -395,6 +432,14 @@ static int gcm_mask(mbedtls_gcm_context *ctx, return ret; } +#else + + if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ectr)) != 0) { + mbedtls_platform_zeroize(ectr, 16); + return ret; + } +#endif + if (ctx->mode == MBEDTLS_GCM_DECRYPT) { mbedtls_xor(ctx->buf + offset, ctx->buf + offset, input, use_len); } @@ -614,7 +659,11 @@ void mbedtls_gcm_free(mbedtls_gcm_context *ctx) if (ctx == NULL) { return; } +#if defined(MBEDTLS_CIPHER_C) mbedtls_cipher_free(&ctx->cipher_ctx); +#else + mbedtls_block_cipher_free(&ctx->block_cipher_ctx); +#endif mbedtls_platform_zeroize(ctx, sizeof(mbedtls_gcm_context)); } From 975d411d9226a010bcf47d8f1ca2ddf144a702d6 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 16 Nov 2023 13:37:51 +0000 Subject: [PATCH 0705/1674] Only set slot to OCCUPIED on successful key loading Signed-off-by: Ryan Everett --- library/psa_crypto.c | 3 ++- library/psa_crypto_slot_management.c | 6 +++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 0660ee411..49dd91546 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1786,7 +1786,6 @@ static psa_status_t psa_start_key_creation( * definition. */ slot->attr = attributes->core; - slot->status = PSA_SLOT_OCCUPIED; if (PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { #if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) slot->attr.id = volatile_key_id; @@ -1850,6 +1849,8 @@ static psa_status_t psa_start_key_creation( } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + slot->status = PSA_SLOT_OCCUPIED; + return PSA_SUCCESS; } diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 36d541044..38e327385 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -221,7 +221,6 @@ static psa_status_t psa_load_persistent_key_into_slot(psa_key_slot_t *slot) if (status != PSA_SUCCESS) { goto exit; } - slot->status = PSA_SLOT_OCCUPIED; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) /* Special handling is required for loading keys associated with a @@ -243,6 +242,11 @@ static psa_status_t psa_load_persistent_key_into_slot(psa_key_slot_t *slot) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ status = psa_copy_key_material_into_slot(slot, key_data, key_data_length); + if (status != PSA_SUCCESS){ + goto exit; + } + + slot->status = PSA_SLOT_OCCUPIED; exit: psa_free_persistent_key_data(key_data, key_data_length); From ad2a17eb6038d9e31a0f3aa1a24774e3fec40315 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 Nov 2023 15:09:48 +0100 Subject: [PATCH 0706/1674] Uniformly use MBEDTLS_THREADING_C guards Since the code compiles with MBEDTLS_THREADING_C, not just with MBEDTLS_THREADING_PTHREAD, use MBEDTLS_THREADING_C as the guard. The runtime behavior is only as desired under certain conditions that imply MBEDTLS_THREADING_PTHREAD, but that's fine: no metatest is expected to pass in all scenarios, only under specific build- and run-time conditions. Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index c35e9a952..68e8da6fa 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -141,7 +141,7 @@ void mutex_lock_not_initialized(const char *name) (void) name; /* Mutex usage verification is only done with pthread, not with other * threading implementations. See tests/src/threading_helpers.c. */ -#if defined(MBEDTLS_THREADING_PTHREAD) +#if defined(MBEDTLS_THREADING_C) mbedtls_threading_mutex_t mutex; memset(&mutex, 0, sizeof(mutex)); TEST_ASSERT(mbedtls_mutex_lock(&mutex) == 0); @@ -203,7 +203,7 @@ void mutex_leak(const char *name) (void) name; /* Mutex usage verification is only done with pthread, not with other * threading implementations. See tests/src/threading_helpers.c. */ -#if defined(MBEDTLS_THREADING_PTHREAD) +#if defined(MBEDTLS_THREADING_C) mbedtls_threading_mutex_t mutex; mbedtls_mutex_init(&mutex); #endif From 2f40cc05f01a34c6e091a8014b76e6f7be644c6f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 Nov 2023 15:11:44 +0100 Subject: [PATCH 0707/1674] Improve explanations of what bad thing a metatest does Especially clarify the situation with respect to mutex usage. Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 47 ++++++++++++++++++++++++++++++---------- 1 file changed, 36 insertions(+), 11 deletions(-) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index 68e8da6fa..2973cce3f 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -74,6 +74,7 @@ void null_pointer_dereference(const char *name) (void) name; volatile char *volatile p; set_to_zero_but_the_compiler_does_not_know(&p, sizeof(p)); + /* Undefined behavior (read from null data pointer) */ mbedtls_printf("%p -> %u\n", p, (unsigned) *p); } @@ -82,6 +83,7 @@ void null_pointer_call(const char *name) (void) name; unsigned(*volatile p)(void); set_to_zero_but_the_compiler_does_not_know(&p, sizeof(p)); + /* Undefined behavior (execute null function pointer) */ /* The pointer representation may be truncated, but we don't care: * the only point of printing it is to have some use of the pointer * to dissuade the compiler from optimizing it away. */ @@ -99,6 +101,7 @@ void read_after_free(const char *name) volatile char *p = mbedtls_calloc(1, 1); *p = 'a'; mbedtls_free((void *) p); + /* Undefined behavior (read after free) */ mbedtls_printf("%u\n", (unsigned) *p); } @@ -108,6 +111,7 @@ void double_free(const char *name) volatile char *p = mbedtls_calloc(1, 1); *p = 'a'; mbedtls_free((void *) p); + /* Undefined behavior (double free) */ mbedtls_free((void *) p); } @@ -120,6 +124,7 @@ void read_uninitialized_stack(const char *name) } char *volatile p = buf; if (*p != 0) { + /* Unspecified result (read from uninitialized memory) */ mbedtls_printf("%u\n", (unsigned) *p); } } @@ -129,6 +134,7 @@ void memory_leak(const char *name) (void) name; volatile char *p = mbedtls_calloc(1, 1); mbedtls_printf("%u\n", (unsigned) *p); + /* Leak of a heap object */ } @@ -139,11 +145,13 @@ void memory_leak(const char *name) void mutex_lock_not_initialized(const char *name) { (void) name; - /* Mutex usage verification is only done with pthread, not with other - * threading implementations. See tests/src/threading_helpers.c. */ #if defined(MBEDTLS_THREADING_C) mbedtls_threading_mutex_t mutex; memset(&mutex, 0, sizeof(mutex)); + /* This mutex usage error is detected by our test framework's mutex usage + * verification framework. See tests/src/threading_helpers.c. Other + * threading implementations (e.g. pthread without our instrumentation) + * might consider this normal usage. */ TEST_ASSERT(mbedtls_mutex_lock(&mutex) == 0); exit: ; @@ -153,11 +161,13 @@ exit: void mutex_unlock_not_initialized(const char *name) { (void) name; - /* Mutex usage verification is only done with pthread, not with other - * threading implementations. See tests/src/threading_helpers.c. */ #if defined(MBEDTLS_THREADING_C) mbedtls_threading_mutex_t mutex; memset(&mutex, 0, sizeof(mutex)); + /* This mutex usage error is detected by our test framework's mutex usage + * verification framework. See tests/src/threading_helpers.c. Other + * threading implementations (e.g. pthread without our instrumentation) + * might consider this normal usage. */ TEST_ASSERT(mbedtls_mutex_unlock(&mutex) == 0); exit: ; @@ -167,11 +177,13 @@ exit: void mutex_free_not_initialized(const char *name) { (void) name; - /* Mutex usage verification is only done with pthread, not with other - * threading implementations. See tests/src/threading_helpers.c. */ #if defined(MBEDTLS_THREADING_C) mbedtls_threading_mutex_t mutex; memset(&mutex, 0, sizeof(mutex)); + /* This mutex usage error is detected by our test framework's mutex usage + * verification framework. See tests/src/threading_helpers.c. Other + * threading implementations (e.g. pthread without our instrumentation) + * might consider this normal usage. */ mbedtls_mutex_free(&mutex); #endif } @@ -182,6 +194,10 @@ void mutex_double_init(const char *name) #if defined(MBEDTLS_THREADING_C) mbedtls_threading_mutex_t mutex; mbedtls_mutex_init(&mutex); + /* This mutex usage error is detected by our test framework's mutex usage + * verification framework. See tests/src/threading_helpers.c. Other + * threading implementations (e.g. pthread without our instrumentation) + * might consider this normal usage. */ mbedtls_mutex_init(&mutex); mbedtls_mutex_free(&mutex); #endif @@ -194,6 +210,10 @@ void mutex_double_free(const char *name) mbedtls_threading_mutex_t mutex; mbedtls_mutex_init(&mutex); mbedtls_mutex_free(&mutex); + /* This mutex usage error is detected by our test framework's mutex usage + * verification framework. See tests/src/threading_helpers.c. Other + * threading implementations (e.g. pthread without our instrumentation) + * might consider this normal usage. */ mbedtls_mutex_free(&mutex); #endif } @@ -201,12 +221,14 @@ void mutex_double_free(const char *name) void mutex_leak(const char *name) { (void) name; - /* Mutex usage verification is only done with pthread, not with other - * threading implementations. See tests/src/threading_helpers.c. */ #if defined(MBEDTLS_THREADING_C) mbedtls_threading_mutex_t mutex; mbedtls_mutex_init(&mutex); #endif + /* This mutex usage error is detected by our test framework's mutex usage + * verification framework. See tests/src/threading_helpers.c. Other + * threading implementations (e.g. pthread without our instrumentation) + * might consider this normal usage. */ } @@ -225,7 +247,9 @@ typedef struct { * - "any": should work anywhere. * - "asan": triggers ASan (Address Sanitizer). * - "msan": triggers MSan (Memory Sanitizer). - * - "pthread": requires MBEDTLS_THREADING_PTHREAD and MBEDTLS_TEST_HOOKS. + * - "pthread": requires MBEDTLS_THREADING_PTHREAD and MBEDTLS_TEST_HOOKS, + * which enables MBEDTLS_TEST_MUTEX_USAGE internally in the test + * framework (see tests/src/threading_helpers.c). */ const char *platform; @@ -249,6 +273,9 @@ typedef struct { * * Note that we always compile all the functions, so that `metatest --list` * will always list all the available meta-tests. + * + * See the documentation of metatest_t::platform for the meaning of + * platform values. */ metatest_t metatests[] = { { "test_fail", "any", meta_test_fail }, @@ -258,8 +285,6 @@ metatest_t metatests[] = { { "double_free", "asan", double_free }, { "read_uninitialized_stack", "msan", read_uninitialized_stack }, { "memory_leak", "asan", memory_leak }, - /* Mutex usage verification is only done with pthread, not with other - * threading implementations. See tests/src/threading_helpers.c. */ { "mutex_lock_not_initialized", "pthread", mutex_lock_not_initialized }, { "mutex_unlock_not_initialized", "pthread", mutex_unlock_not_initialized }, { "mutex_free_not_initialized", "pthread", mutex_free_not_initialized }, From aa7dffa24ad6af57e4a19a6357034c8b83bd41eb Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Thu, 16 Nov 2023 15:31:32 +0100 Subject: [PATCH 0708/1674] Add benchmark for RSA 3072. Signed-off-by: Matthias Schulz --- programs/test/benchmark.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 3d751d026..e8d3e53dc 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -1011,7 +1011,7 @@ int main(int argc, char *argv[]) int keysize; mbedtls_rsa_context rsa; - for (keysize = 2048; keysize <= 4096; keysize *= 2) { + for (keysize = 2048; keysize <= 4096; keysize += 1024) { mbedtls_snprintf(title, sizeof(title), "RSA-%d", keysize); mbedtls_rsa_init(&rsa); From 5fa986c8cb77c081ab5046cdd8e519c1a1f4560b Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Fri, 10 Nov 2023 14:05:09 +0000 Subject: [PATCH 0709/1674] Move handling of mutex->is_valid into threading_helpers.c This is now a field only used for testing. Signed-off-by: Paul Elliott --- include/mbedtls/threading.h | 9 ++++++--- library/threading.c | 21 ++++++++++----------- tests/src/threading_helpers.c | 18 +++++++++++++----- 3 files changed, 29 insertions(+), 19 deletions(-) diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index ed16a23b1..c136ea0b0 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -28,10 +28,13 @@ extern "C" { #include typedef struct mbedtls_threading_mutex_t { pthread_mutex_t MBEDTLS_PRIVATE(mutex); - /* is_valid is 0 after a failed init or a free, and nonzero after a - * successful init. This field is not considered part of the public - * API of Mbed TLS and may change without notice. */ + + /* is_valid is controlled by code in tests/src/threading_helpers - it will + * be 0 after a failed init or a free, and nonzero after a successful init. + * This field is for testing only and thus not considered part of the + * public API of Mbed TLS and may change without notice. */ char MBEDTLS_PRIVATE(is_valid); + } mbedtls_threading_mutex_t; #endif diff --git a/library/threading.c b/library/threading.c index 52fe8fca9..d97f0cfe7 100644 --- a/library/threading.c +++ b/library/threading.c @@ -56,28 +56,27 @@ static void threading_mutex_init_pthread(mbedtls_threading_mutex_t *mutex) return; } - /* A nonzero value of is_valid indicates a successfully initialized - * mutex. This is a workaround for not being able to return an error - * code for this function. The lock/unlock functions return an error - * if is_valid is nonzero. The Mbed TLS unit test code uses this field - * to distinguish more states of the mutex; see - * tests/src/threading_helpers for details. */ - mutex->is_valid = pthread_mutex_init(&mutex->mutex, NULL) == 0; + /* One problem here is that calling lock on a pthread mutex without first + * having initialised it is undefined behaviour. Obviously we cannot check + * this here in a thread safe manner without a significant performance + * hit, so state transitions are checked in tests only via the is_valid + * varaible. Please make sure any new mutex that gets added is exercised in + * tests; see tests/src/threading_helpers for more details. */ + (void) pthread_mutex_init(&mutex->mutex, NULL); } static void threading_mutex_free_pthread(mbedtls_threading_mutex_t *mutex) { - if (mutex == NULL || !mutex->is_valid) { + if (mutex == NULL) { return; } (void) pthread_mutex_destroy(&mutex->mutex); - mutex->is_valid = 0; } static int threading_mutex_lock_pthread(mbedtls_threading_mutex_t *mutex) { - if (mutex == NULL || !mutex->is_valid) { + if (mutex == NULL) { return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA; } @@ -90,7 +89,7 @@ static int threading_mutex_lock_pthread(mbedtls_threading_mutex_t *mutex) static int threading_mutex_unlock_pthread(mbedtls_threading_mutex_t *mutex) { - if (mutex == NULL || !mutex->is_valid) { + if (mutex == NULL) { return MBEDTLS_ERR_THREADING_BAD_INPUT_DATA; } diff --git a/tests/src/threading_helpers.c b/tests/src/threading_helpers.c index 6f405b00c..0ea1e98d8 100644 --- a/tests/src/threading_helpers.c +++ b/tests/src/threading_helpers.c @@ -64,9 +64,9 @@ enum value_of_mutex_is_valid_field { * compatibility with threading_mutex_init_pthread() and * threading_mutex_free_pthread(). MUTEX_LOCKED could be any nonzero * value. */ - MUTEX_FREED = 0, //!< Set by threading_mutex_free_pthread - MUTEX_IDLE = 1, //!< Set by threading_mutex_init_pthread and by our unlock - MUTEX_LOCKED = 2, //!< Set by our lock + MUTEX_FREED = 0, //! < Set by mbedtls_test_wrap_mutex_free + MUTEX_IDLE = 1, //! < Set by mbedtls_test_wrap_mutex_init and by mbedtls_test_wrap_mutex_unlock + MUTEX_LOCKED = 2, //! < Set by mbedtls_test_wrap_mutex_lock }; typedef struct { @@ -101,8 +101,12 @@ static void mbedtls_test_mutex_usage_error(mbedtls_threading_mutex_t *mutex, static void mbedtls_test_wrap_mutex_init(mbedtls_threading_mutex_t *mutex) { mutex_functions.init(mutex); - if (mutex->is_valid) { + + if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) { + mutex->state = MUTEX_IDLE; ++live_mutexes; + + mutex_functions.unlock(&mbedtls_test_mutex_mutex); } } @@ -123,7 +127,11 @@ static void mbedtls_test_wrap_mutex_free(mbedtls_threading_mutex_t *mutex) mbedtls_test_mutex_usage_error(mutex, "corrupted state"); break; } + + /* Mark mutex as free'd first, because we need to release the mutex. If + * free fails, this could end up with inconsistent state. */ if (mutex->is_valid) { + mutex->is_valid = MUTEX_FREED; --live_mutexes; } mutex_functions.free(mutex); @@ -138,7 +146,7 @@ static int mbedtls_test_wrap_mutex_lock(mbedtls_threading_mutex_t *mutex) break; case MUTEX_IDLE: if (ret == 0) { - mutex->is_valid = 2; + mutex->is_valid = MUTEX_LOCKED; } break; case MUTEX_LOCKED: From 3774637518fdb218ae899e991113d4459095de88 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Sun, 12 Nov 2023 19:05:57 +0000 Subject: [PATCH 0710/1674] Make threading helpers tests thread safe Signed-off-by: Paul Elliott --- include/mbedtls/threading.h | 9 +-- tests/src/threading_helpers.c | 115 +++++++++++++++++++--------------- 2 files changed, 69 insertions(+), 55 deletions(-) diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index c136ea0b0..cdfa7d69e 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -29,10 +29,11 @@ extern "C" { typedef struct mbedtls_threading_mutex_t { pthread_mutex_t MBEDTLS_PRIVATE(mutex); - /* is_valid is controlled by code in tests/src/threading_helpers - it will - * be 0 after a failed init or a free, and nonzero after a successful init. - * This field is for testing only and thus not considered part of the - * public API of Mbed TLS and may change without notice. */ + /* WARNING - is_valid should only be accessed when holding the mutex lock in + * tests/src/threading_helpers.c, otherwise corruption can occur. + * is_valid will be 0 after a failed init or a free, and nonzero after a + * successful init. This field is for testing only and thus not considered + * part of the public API of Mbed TLS and may change without notice.*/ char MBEDTLS_PRIVATE(is_valid); } mbedtls_threading_mutex_t; diff --git a/tests/src/threading_helpers.c b/tests/src/threading_helpers.c index 0ea1e98d8..0ffffbfd5 100644 --- a/tests/src/threading_helpers.c +++ b/tests/src/threading_helpers.c @@ -77,6 +77,8 @@ typedef struct { } mutex_functions_t; static mutex_functions_t mutex_functions; +mbedtls_threading_mutex_t mbedtls_test_mutex_mutex; + /** The total number of calls to mbedtls_mutex_init(), minus the total number * of calls to mbedtls_mutex_free(). * @@ -88,6 +90,7 @@ static void mbedtls_test_mutex_usage_error(mbedtls_threading_mutex_t *mutex, const char *msg) { (void) mutex; + if (mbedtls_test_info.mutex_usage_error == NULL) { mbedtls_test_info.mutex_usage_error = msg; } @@ -112,73 +115,81 @@ static void mbedtls_test_wrap_mutex_init(mbedtls_threading_mutex_t *mutex) static void mbedtls_test_wrap_mutex_free(mbedtls_threading_mutex_t *mutex) { - switch (mutex->is_valid) { - case MUTEX_FREED: - mbedtls_test_mutex_usage_error(mutex, "free without init or double free"); - break; - case MUTEX_IDLE: - /* Do nothing. The underlying free function will reset is_valid - * to 0. */ - break; - case MUTEX_LOCKED: - mbedtls_test_mutex_usage_error(mutex, "free without unlock"); - break; - default: - mbedtls_test_mutex_usage_error(mutex, "corrupted state"); - break; - } + if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) { - /* Mark mutex as free'd first, because we need to release the mutex. If - * free fails, this could end up with inconsistent state. */ - if (mutex->is_valid) { - mutex->is_valid = MUTEX_FREED; - --live_mutexes; + switch (mutex->is_valid) { + case MUTEX_FREED: + mbedtls_test_mutex_usage_error(mutex, "free without init or double free"); + break; + case MUTEX_IDLE: + mutex->is_valid = MUTEX_FREED; + --live_mutexes; + break; + case MUTEX_LOCKED: + mbedtls_test_mutex_usage_error(mutex, "free without unlock"); + break; + default: + mbedtls_test_mutex_usage_error(mutex, "corrupted state"); + break; + } + + mutex_functions.unlock(&mbedtls_test_mutex_mutex); } mutex_functions.free(mutex); } static int mbedtls_test_wrap_mutex_lock(mbedtls_threading_mutex_t *mutex) { + /* Lock the passed in mutex first, so that the only way to change the state + * is to hold the passed in and internal mutex - otherwise we create a race + * condition. */ int ret = mutex_functions.lock(mutex); - switch (mutex->is_valid) { - case MUTEX_FREED: - mbedtls_test_mutex_usage_error(mutex, "lock without init"); - break; - case MUTEX_IDLE: - if (ret == 0) { - mutex->is_valid = MUTEX_LOCKED; - } - break; - case MUTEX_LOCKED: - mbedtls_test_mutex_usage_error(mutex, "double lock"); - break; - default: - mbedtls_test_mutex_usage_error(mutex, "corrupted state"); - break; + if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) { + switch (mutex->is_valid) { + case MUTEX_FREED: + mbedtls_test_mutex_usage_error(mutex, "lock without init"); + break; + case MUTEX_IDLE: + if (ret == 0) { + mutex->is_valid = MUTEX_LOCKED; + } + break; + case MUTEX_LOCKED: + mbedtls_test_mutex_usage_error(mutex, "double lock"); + break; + default: + mbedtls_test_mutex_usage_error(mutex, "corrupted state"); + break; + } + + mutex_functions.unlock(&mbedtls_test_mutex_mutex); } return ret; } static int mbedtls_test_wrap_mutex_unlock(mbedtls_threading_mutex_t *mutex) { - int ret = mutex_functions.unlock(mutex); - switch (mutex->is_valid) { - case MUTEX_FREED: - mbedtls_test_mutex_usage_error(mutex, "unlock without init"); - break; - case MUTEX_IDLE: - mbedtls_test_mutex_usage_error(mutex, "unlock without lock"); - break; - case MUTEX_LOCKED: - if (ret == 0) { + /* Lock the internal mutex first and change state, so that the only way to + * change the state is to hold the passed in and internal mutex - otherwise + * we create a race condition. */ + if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) { + switch (mutex->is_valid) { + case MUTEX_FREED: + mbedtls_test_mutex_usage_error(mutex, "unlock without init"); + break; + case MUTEX_IDLE: + mbedtls_test_mutex_usage_error(mutex, "unlock without lock"); + break; + case MUTEX_LOCKED: mutex->is_valid = MUTEX_IDLE; - } - break; - default: - mbedtls_test_mutex_usage_error(mutex, "corrupted state"); - break; + break; + default: + mbedtls_test_mutex_usage_error(mutex, "corrupted state"); + break; + } + mutex_functions.unlock(&mbedtls_test_mutex_mutex); } - return ret; + return mutex_functions.unlock(mutex); } void mbedtls_test_mutex_usage_init(void) @@ -191,6 +202,8 @@ void mbedtls_test_mutex_usage_init(void) mbedtls_mutex_free = &mbedtls_test_wrap_mutex_free; mbedtls_mutex_lock = &mbedtls_test_wrap_mutex_lock; mbedtls_mutex_unlock = &mbedtls_test_wrap_mutex_unlock; + + mutex_functions.init(&mbedtls_test_mutex_mutex); } void mbedtls_test_mutex_usage_check(void) From 9e25936241c1e6096779899ddc1fc1cb068ed93f Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 15 Nov 2023 11:33:32 +0000 Subject: [PATCH 0711/1674] Rename mutex->is_valid to mutex->state Rename struct member to make it more representative of its current use. Signed-off-by: Paul Elliott --- include/mbedtls/threading.h | 6 +++--- tests/src/threading_helpers.c | 16 ++++++++-------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index cdfa7d69e..b504233bd 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -29,12 +29,12 @@ extern "C" { typedef struct mbedtls_threading_mutex_t { pthread_mutex_t MBEDTLS_PRIVATE(mutex); - /* WARNING - is_valid should only be accessed when holding the mutex lock in + /* WARNING - state should only be accessed when holding the mutex lock in * tests/src/threading_helpers.c, otherwise corruption can occur. - * is_valid will be 0 after a failed init or a free, and nonzero after a + * state will be 0 after a failed init or a free, and nonzero after a * successful init. This field is for testing only and thus not considered * part of the public API of Mbed TLS and may change without notice.*/ - char MBEDTLS_PRIVATE(is_valid); + char MBEDTLS_PRIVATE(state); } mbedtls_threading_mutex_t; #endif diff --git a/tests/src/threading_helpers.c b/tests/src/threading_helpers.c index 0ffffbfd5..385a07926 100644 --- a/tests/src/threading_helpers.c +++ b/tests/src/threading_helpers.c @@ -58,8 +58,8 @@ * indicate the exact location of the problematic call. To locate the error, * use a debugger and set a breakpoint on mbedtls_test_mutex_usage_error(). */ -enum value_of_mutex_is_valid_field { - /* Potential values for the is_valid field of mbedtls_threading_mutex_t. +enum value_of_mutex_state_field { + /* Potential values for the state field of mbedtls_threading_mutex_t. * Note that MUTEX_FREED must be 0 and MUTEX_IDLE must be 1 for * compatibility with threading_mutex_init_pthread() and * threading_mutex_free_pthread(). MUTEX_LOCKED could be any nonzero @@ -117,12 +117,12 @@ static void mbedtls_test_wrap_mutex_free(mbedtls_threading_mutex_t *mutex) { if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) { - switch (mutex->is_valid) { + switch (mutex->state) { case MUTEX_FREED: mbedtls_test_mutex_usage_error(mutex, "free without init or double free"); break; case MUTEX_IDLE: - mutex->is_valid = MUTEX_FREED; + mutex->state = MUTEX_FREED; --live_mutexes; break; case MUTEX_LOCKED: @@ -145,13 +145,13 @@ static int mbedtls_test_wrap_mutex_lock(mbedtls_threading_mutex_t *mutex) * condition. */ int ret = mutex_functions.lock(mutex); if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) { - switch (mutex->is_valid) { + switch (mutex->state) { case MUTEX_FREED: mbedtls_test_mutex_usage_error(mutex, "lock without init"); break; case MUTEX_IDLE: if (ret == 0) { - mutex->is_valid = MUTEX_LOCKED; + mutex->state = MUTEX_LOCKED; } break; case MUTEX_LOCKED: @@ -173,7 +173,7 @@ static int mbedtls_test_wrap_mutex_unlock(mbedtls_threading_mutex_t *mutex) * change the state is to hold the passed in and internal mutex - otherwise * we create a race condition. */ if (mutex_functions.lock(&mbedtls_test_mutex_mutex) == 0) { - switch (mutex->is_valid) { + switch (mutex->state) { case MUTEX_FREED: mbedtls_test_mutex_usage_error(mutex, "unlock without init"); break; @@ -181,7 +181,7 @@ static int mbedtls_test_wrap_mutex_unlock(mbedtls_threading_mutex_t *mutex) mbedtls_test_mutex_usage_error(mutex, "unlock without lock"); break; case MUTEX_LOCKED: - mutex->is_valid = MUTEX_IDLE; + mutex->state = MUTEX_IDLE; break; default: mbedtls_test_mutex_usage_error(mutex, "corrupted state"); From 3b9240bbd09b88ed301015d187ce25b48ba35b9a Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Thu, 16 Nov 2023 17:39:43 +0100 Subject: [PATCH 0712/1674] Alternative Timing compatible benchmark.c Signed-off-by: Matthias Schulz --- programs/test/benchmark.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 3d751d026..22c893070 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -83,7 +83,14 @@ struct _hr_time { #include "mbedtls/memory_buffer_alloc.h" #endif +#ifdef MBEDTLS_TIMING_ALT +void mbedtls_set_alarm(int seconds); +unsigned long mbedtls_timing_hardclock(void); +extern volatile int mbedtls_timing_alarmed; +#else static void mbedtls_set_alarm(int seconds); +static unsigned long mbedtls_timing_hardclock(void); +#endif /* * For heap usage estimates, we need an estimate of the overhead per allocated @@ -227,6 +234,7 @@ static void mbedtls_set_alarm(int seconds); } \ } while (0) +#if !defined(MBEDTLS_TIMING_ALT) #if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \ (defined(_MSC_VER) && defined(_M_IX86)) || defined(__WATCOMC__) @@ -441,6 +449,7 @@ static void mbedtls_set_alarm(int seconds) } #endif /* _WIN32 && !EFIX64 && !EFI32 */ +#endif /* !MBEDTLS_TIMING_ALT */ static int myrand(void *rng_state, unsigned char *output, size_t len) { From 70595f7983eaa7536e52080178b3f696163e47d3 Mon Sep 17 00:00:00 2001 From: Matthias Schulz Date: Thu, 16 Nov 2023 17:43:58 +0100 Subject: [PATCH 0713/1674] Explicitly indicating when private fields are accessed in benchmark.c. Signed-off-by: Matthias Schulz --- programs/test/benchmark.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 3d751d026..85b7fc6b5 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -1057,16 +1057,16 @@ int main(int argc, char *argv[]) for (i = 0; (size_t) i < sizeof(dhm_sizes) / sizeof(dhm_sizes[0]); i++) { mbedtls_dhm_init(&dhm); - if (mbedtls_mpi_read_binary(&dhm.P, dhm_P[i], + if (mbedtls_mpi_read_binary(&dhm.MBEDTLS_PRIVATE(P), dhm_P[i], dhm_P_size[i]) != 0 || - mbedtls_mpi_read_binary(&dhm.G, dhm_G[i], + mbedtls_mpi_read_binary(&dhm.MBEDTLS_PRIVATE(G), dhm_G[i], dhm_G_size[i]) != 0) { mbedtls_exit(1); } - n = mbedtls_mpi_size(&dhm.P); + n = mbedtls_mpi_size(&dhm.MBEDTLS_PRIVATE(P)); mbedtls_dhm_make_public(&dhm, (int) n, buf, n, myrand, NULL); - if (mbedtls_mpi_copy(&dhm.GY, &dhm.GX) != 0) { + if (mbedtls_mpi_copy(&dhm.MBEDTLS_PRIVATE(GY), &dhm.MBEDTLS_PRIVATE(GX)) != 0) { mbedtls_exit(1); } From 13ecb691a30ff178fbf128711bbff63c508cb68d Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 16 Nov 2023 18:34:58 +0000 Subject: [PATCH 0714/1674] Introduce function to return library/core directory Add crypto_core_directory in build_tree.py so that the libary/core directory can be returned based on what repository we are in. Signed-off-by: Thomas Daubney --- scripts/mbedtls_dev/build_tree.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index a657a5138..4a42d9a2b 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -21,6 +21,14 @@ def looks_like_mbedtls_root(path: str) -> bool: def looks_like_root(path: str) -> bool: return looks_like_tf_psa_crypto_root(path) or looks_like_mbedtls_root(path) +def crypto_core_directory() -> str: + if looks_like_tf_psa_crypto_root(os.path.curdir): + return "core" + elif looks_like_mbedtls_root(os.path.curdir): + return "library" + else: + raise Exception('Neither Mbed TLS nor TF-PSA-Crypto source tree found') + def check_repo_path(): """ Check that the current working directory is the project root, and throw From dd2a09a22bb787a43af8c5ab414ca13b60456aa6 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 15 Nov 2023 18:18:03 +0000 Subject: [PATCH 0715/1674] Introduce demo script for PSA hash program Signed-off-by: Thomas Daubney --- programs/psa/psa_hash_demo.sh | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100755 programs/psa/psa_hash_demo.sh diff --git a/programs/psa/psa_hash_demo.sh b/programs/psa/psa_hash_demo.sh new file mode 100755 index 000000000..a26697cfe --- /dev/null +++ b/programs/psa/psa_hash_demo.sh @@ -0,0 +1,20 @@ +#!/bin/sh +# +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +. "${0%/*}/../demo_common.sh" + +msg <<'EOF' +This program demonstrates the use of the PSA cryptography interface to +compute a SHA-256 hash of a test string using the one-shot API call +and also using the multi-part operation API. +EOF + +depends_on MBEDTLS_PSA_CRYPTO_C PSA_WANT_ALG_SHA_256 + +program="${0%/*}"/psa_hash + +"$program" + +cleanup From dd426da7b8cbd4e9a312a50c15452ce50741643c Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 16 Nov 2023 08:53:48 +0100 Subject: [PATCH 0716/1674] added changelog Signed-off-by: Valerio Setti --- ChangeLog.d/8060.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/8060.txt diff --git a/ChangeLog.d/8060.txt b/ChangeLog.d/8060.txt new file mode 100644 index 000000000..a5fd93c8d --- /dev/null +++ b/ChangeLog.d/8060.txt @@ -0,0 +1,4 @@ +Features + * The CCM and GCM modules no longer depend on MBEDTLS_CIPHER_C. People who + use CCM and GCM but don't need the Cipher API can now disable + MBEDTLS_CIPHER_C in order to save code size. From 5c7ab6fe865e96e42728aea2133da84013cae277 Mon Sep 17 00:00:00 2001 From: BrianX7c <151365853+BrianX7c@users.noreply.github.com> Date: Sat, 18 Nov 2023 11:07:37 +0100 Subject: [PATCH 0717/1674] [cipher.h] Arithmetic overflow in binary left shift operation (MBEDTLS_KEY_BITLEN_SHIFT) Fixing arithmetic overflow warning (C6297), if compiled in Visual Studio Signed-off-by: BrianX7c <151365853+BrianX7c@users.noreply.github.com> --- include/mbedtls/cipher.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 2596baa92..815b5bb19 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -480,7 +480,7 @@ static inline size_t mbedtls_cipher_info_get_key_bitlen( if (info == NULL) { return 0; } else { - return info->MBEDTLS_PRIVATE(key_bitlen) << MBEDTLS_KEY_BITLEN_SHIFT; + return ((size_t) info->MBEDTLS_PRIVATE(key_bitlen)) << MBEDTLS_KEY_BITLEN_SHIFT; } } From d0eebc1f94cd2dd9f1543e46463ed416261b6fca Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 20 Nov 2023 15:17:53 +0100 Subject: [PATCH 0718/1674] ccm/gcm: improve code maintainability Signed-off-by: Valerio Setti --- library/ccm.c | 23 ++++++++--------------- library/gcm.c | 36 +++++++++++++----------------------- 2 files changed, 21 insertions(+), 38 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 444351df0..6700dc743 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -130,20 +130,15 @@ static int mbedtls_ccm_crypt(mbedtls_ccm_context *ctx, #if defined(MBEDTLS_CIPHER_C) size_t olen = 0; - - if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, - &olen)) != 0) { - ctx->state |= CCM_STATE__ERROR; - mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); - return ret; - } + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, &olen); #else - if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->ctr, tmp_buf)) != 0) { + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->ctr, tmp_buf); +#endif + if (ret != 0) { ctx->state |= CCM_STATE__ERROR; mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); return ret; } -#endif mbedtls_xor(output, input, tmp_buf + offset, use_len); @@ -212,16 +207,14 @@ static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) /* Start CBC-MAC with first block*/ #if defined(MBEDTLS_CIPHER_C) - if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) { - ctx->state |= CCM_STATE__ERROR; - return ret; - } + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); #else - if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y)) != 0) { + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); +#endif + if (ret != 0) { ctx->state |= CCM_STATE__ERROR; return ret; } -#endif return 0; } diff --git a/library/gcm.c b/library/gcm.c index 390bb3e15..8181ec88a 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -68,15 +68,13 @@ static int gcm_gen_table(mbedtls_gcm_context *ctx) #if defined(MBEDTLS_CIPHER_C) size_t olen = 0; - - if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, h, 16, h, &olen)) != 0) { - return ret; - } + ret = mbedtls_cipher_update(&ctx->cipher_ctx, h, 16, h, &olen); #else - if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, h, h)) != 0) { + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, h, h); +#endif + if (ret != 0) { return ret; } -#endif /* pack h as two 64-bits ints, big-endian */ hi = MBEDTLS_GET_UINT32_BE(h, 0); @@ -323,16 +321,13 @@ int mbedtls_gcm_starts(mbedtls_gcm_context *ctx, #if defined(MBEDTLS_CIPHER_C) - if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, - ctx->base_ectr, &olen)) != 0) { - return ret; - } + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr, &olen); #else - if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, - ctx->base_ectr)) != 0) { + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->base_ectr); +#endif + if (ret != 0) { return ret; } -#endif return 0; } @@ -423,22 +418,17 @@ static int gcm_mask(mbedtls_gcm_context *ctx, unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + #if defined(MBEDTLS_CIPHER_C) size_t olen = 0; - - if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ectr, - &olen)) != 0) { - mbedtls_platform_zeroize(ectr, 16); - return ret; - } - + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ectr, &olen); #else - - if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ectr)) != 0) { + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ectr); +#endif + if (ret != 0) { mbedtls_platform_zeroize(ectr, 16); return ret; } -#endif if (ctx->mode == MBEDTLS_GCM_DECRYPT) { mbedtls_xor(ctx->buf + offset, ctx->buf + offset, input, use_len); From cebffc3446fb5d9865e2189450b7aa8ddc8cbd07 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 15 Dec 2022 18:00:05 +0800 Subject: [PATCH 0719/1674] change time unit of ticket to milliseconds Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 4 ++-- library/ssl_client.c | 7 +++--- library/ssl_ticket.c | 14 +++++++++++- library/ssl_tls13_client.c | 22 ++----------------- library/ssl_tls13_server.c | 45 +++++++++++++++++++------------------- programs/ssl/ssl_server2.c | 8 +++---- 6 files changed, 47 insertions(+), 53 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 7294bb144..cf1c19a08 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1217,7 +1217,7 @@ struct mbedtls_ssl_session { mbedtls_ssl_protocol_version MBEDTLS_PRIVATE(tls_version); #if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t MBEDTLS_PRIVATE(start); /*!< starting time */ + mbedtls_ms_time_t MBEDTLS_PRIVATE(start); /*!< starting time */ #endif int MBEDTLS_PRIVATE(ciphersuite); /*!< chosen ciphersuite */ size_t MBEDTLS_PRIVATE(id_len); /*!< session id length */ @@ -1255,7 +1255,7 @@ struct mbedtls_ssl_session { #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION && MBEDTLS_SSL_CLI_C */ #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_CLI_C) - mbedtls_time_t MBEDTLS_PRIVATE(ticket_received); /*!< time ticket was received */ + mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_received); /*!< time ticket was received */ #endif /* MBEDTLS_HAVE_TIME && MBEDTLS_SSL_CLI_C */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ diff --git a/library/ssl_client.c b/library/ssl_client.c index 7a7840662..21114910e 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -756,10 +756,9 @@ static int ssl_prepare_client_hello(mbedtls_ssl_context *ssl) if (ssl->handshake->resume != 0 && session_negotiate->tls_version == MBEDTLS_SSL_VERSION_TLS1_3 && session_negotiate->ticket != NULL) { - mbedtls_time_t now = mbedtls_time(NULL); - uint64_t age = (uint64_t) (now - session_negotiate->ticket_received); - if (session_negotiate->ticket_received > now || - age > session_negotiate->ticket_lifetime) { + mbedtls_ms_time_t now = mbedtls_ms_time(); + mbedtls_ms_time_t age = now - session_negotiate->ticket_received; + if (age < 0 || age > session_negotiate->ticket_lifetime * 1000) { /* Without valid ticket, disable session resumption.*/ MBEDTLS_SSL_DEBUG_MSG( 3, ("Ticket expired, disable session resumption")); diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 875abcbb3..c89a5cdb0 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -495,6 +495,18 @@ int mbedtls_ssl_ticket_parse(void *p_ticket, } #if defined(MBEDTLS_HAVE_TIME) +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) + if (session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { + /* Check for expiration */ + mbedtls_ms_time_t ticket_age = mbedtls_ms_time() - session->start; + mbedtls_ms_time_t ticket_lifetime = ctx->ticket_lifetime * 1000; + + if (ticket_age < 0 || ticket_age > ticket_lifetime) { + ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; + goto cleanup; + } + } else +#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ { /* Check for expiration */ mbedtls_time_t current_time = mbedtls_time(NULL); @@ -505,7 +517,7 @@ int mbedtls_ssl_ticket_parse(void *p_ticket, goto cleanup; } } -#endif +#endif /* MBEDTLS_HAVE_TIME */ cleanup: #if defined(MBEDTLS_THREADING_C) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index eac632600..32ad7aaed 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -931,28 +931,10 @@ int mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext( if (ssl_tls13_ticket_get_identity( ssl, &hash_alg, &identity, &identity_len) == 0) { #if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t now = mbedtls_time(NULL); + mbedtls_ms_time_t now = mbedtls_ms_time(); mbedtls_ssl_session *session = ssl->session_negotiate; uint32_t obfuscated_ticket_age = (uint32_t) (now - session->ticket_received); - - /* - * The ticket timestamp is in seconds but the ticket age is in - * milliseconds. If the ticket was received at the end of a second and - * re-used here just at the beginning of the next second, the computed - * age `now - session->ticket_received` is equal to 1s thus 1000 ms - * while the actual age could be just a few milliseconds or tens of - * milliseconds. If the server has more accurate ticket timestamps - * (typically timestamps in milliseconds), as part of the processing of - * the ClientHello, it may compute a ticket lifetime smaller than the - * one computed here and potentially reject the ticket. To avoid that, - * remove one second to the ticket age if possible. - */ - if (obfuscated_ticket_age > 0) { - obfuscated_ticket_age -= 1; - } - - obfuscated_ticket_age *= 1000; obfuscated_ticket_age += session->ticket_age_add; ret = ssl_tls13_write_identity(ssl, p, end, @@ -2837,7 +2819,7 @@ static int ssl_tls13_postprocess_new_session_ticket(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_HAVE_TIME) /* Store ticket creation time */ - session->ticket_received = mbedtls_time(NULL); + session->ticket_received = mbedtls_ms_time(); #endif ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(session->ciphersuite); diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index b418ee635..8bcb0e407 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -111,9 +111,10 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( unsigned char *ticket_buffer; unsigned int key_exchanges; #if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t now; - uint64_t age_in_s; - int64_t age_diff_in_ms; + mbedtls_ms_time_t now; + mbedtls_ms_time_t server_age; + mbedtls_ms_time_t client_age; + mbedtls_ms_time_t age_diff; #endif ((void) obfuscated_ticket_age); @@ -190,17 +191,16 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; #if defined(MBEDTLS_HAVE_TIME) - now = mbedtls_time(NULL); + now = mbedtls_ms_time(); if (now < session->start) { MBEDTLS_SSL_DEBUG_MSG( - 3, ("Invalid ticket start time ( now=%" MBEDTLS_PRINTF_LONGLONG - ", start=%" MBEDTLS_PRINTF_LONGLONG " )", - (long long) now, (long long) session->start)); + 3, ("Invalid ticket start time ( now=%" MBEDTLS_PRINTF_MS_TIME + ", start=%" MBEDTLS_PRINTF_MS_TIME " )", now, session->start)); goto exit; } - age_in_s = (uint64_t) (now - session->start); + server_age = now - session->start; /* RFC 8446 section 4.6.1 * @@ -213,10 +213,10 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( * * For time being, the age MUST be less than 604800 seconds (7 days). */ - if (age_in_s > 604800) { + if (server_age > 604800*1000) { MBEDTLS_SSL_DEBUG_MSG( - 3, ("Ticket age exceeds limitation ticket_age=%lu", - (long unsigned int) age_in_s)); + 3, ("Ticket age exceeds limitation ticket_age=%" MBEDTLS_PRINTF_MS_TIME, + server_age)); goto exit; } @@ -227,18 +227,19 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( * ticket_age_add from PskIdentity.obfuscated_ticket_age modulo 2^32) is * within a small tolerance of the time since the ticket was issued. * - * NOTE: When `now == session->start`, `age_diff_in_ms` may be negative - * as the age units are different on the server (s) and in the - * client (ms) side. Add a -1000 ms tolerance window to take this - * into account. + * NOTE: Typical crystal RTC accuracy specifications are from ±100 to ±20 + * parts per million (360 to 72 million seconds per hour). Defualt + * tolerance windows is 6000 millionsections, that means client host + * MUST sync up system time every 16 hours. Otherwise, the ticket will + * be invalid. */ - age_diff_in_ms = age_in_s * 1000; - age_diff_in_ms -= (obfuscated_ticket_age - session->ticket_age_add); - if (age_diff_in_ms <= -1000 || - age_diff_in_ms > MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE) { + client_age = obfuscated_ticket_age - session->ticket_age_add; + age_diff = server_age - client_age; + if (age_diff < -1000 || + age_diff > MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE) { MBEDTLS_SSL_DEBUG_MSG( - 3, ("Ticket age outside tolerance window ( diff=%d )", - (int) age_diff_in_ms)); + 3, ("Ticket age outside tolerance window ( diff=%" MBEDTLS_PRINTF_MS_TIME ")", + age_diff)); goto exit; } @@ -2877,7 +2878,7 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG(2, ("=> prepare NewSessionTicket msg")); #if defined(MBEDTLS_HAVE_TIME) - session->start = mbedtls_time(NULL); + session->start = mbedtls_ms_time(); #endif /* Set ticket_flags depends on the advertised psk key exchange mode */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 3e2360ed6..ce53f9274 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1420,16 +1420,16 @@ int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session, case 2: return MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; case 3: - session->start = mbedtls_time(NULL) + 10; + session->start = mbedtls_ms_time() + 10 * 1000; break; case 4: - session->start = mbedtls_time(NULL) - 10 - 7 * 24 * 3600; + session->start = mbedtls_ms_time() - 10 * 1000 - 7 * 24 * 3600 * 1000; break; case 5: - session->start = mbedtls_time(NULL) - 10; + session->start = mbedtls_ms_time() - 10 * 1000; break; case 6: - session->start = mbedtls_time(NULL); + session->start = mbedtls_ms_time(); #if defined(MBEDTLS_SSL_PROTO_TLS1_3) session->ticket_age_add -= 1000; #endif From fe38e948b83da423752deb6f0567f8a194f88628 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 15 Dec 2022 11:16:15 +0800 Subject: [PATCH 0720/1674] Add changelog entry for anti_replay_fail Signed-off-by: Jerry Yu --- ChangeLog.d/gnutls_anti_replay_fail.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/gnutls_anti_replay_fail.txt diff --git a/ChangeLog.d/gnutls_anti_replay_fail.txt b/ChangeLog.d/gnutls_anti_replay_fail.txt new file mode 100644 index 000000000..cb65b3ba6 --- /dev/null +++ b/ChangeLog.d/gnutls_anti_replay_fail.txt @@ -0,0 +1,4 @@ +Bugfix + * Fixes #6623. That is time unit issue. The unit of ticket age is seconds in + MBedTLS and milliseconds in GnuTLS. If the real age is 10ms, it might be + 1s(1000ms), as a result, the age of MBedTLS is bigger than GnuTLS server. From 03511b00aab27008bb4b900ecd5f433323cc8c03 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 27 Feb 2023 10:48:41 +0800 Subject: [PATCH 0721/1674] Replace c99 fmt macro For c99 compatible compilers, we use PRI64d and others use official fix. Signed-off-by: Jerry Yu --- include/mbedtls/debug.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index 0aef2ed65..9a17488d2 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -120,7 +120,12 @@ /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ #if !defined(MBEDTLS_PRINTF_MS_TIME) +#include +#if !defined(PRId64) +#define MBEDTLS_PRINTF_MS_TIME MBEDTLS_PRINTF_LONGLONG +#else #define MBEDTLS_PRINTF_MS_TIME PRId64 +#endif #endif /* MBEDTLS_PRINTF_MS_TIME */ #ifdef __cplusplus From f16efbc78d917c46d18ea82ae1ed8e975c519261 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 30 Oct 2023 11:06:24 +0800 Subject: [PATCH 0722/1674] fix various issues - Add comments for ticket test hooks - improve code style. Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 10 ++++++---- programs/ssl/ssl_server2.c | 14 +++++++++++--- 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 8bcb0e407..7b8cc6e74 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -195,8 +195,9 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( if (now < session->start) { MBEDTLS_SSL_DEBUG_MSG( - 3, ("Invalid ticket start time ( now=%" MBEDTLS_PRINTF_MS_TIME - ", start=%" MBEDTLS_PRINTF_MS_TIME " )", now, session->start)); + 3, ("Invalid ticket start time ( now = %" MBEDTLS_PRINTF_MS_TIME + ", start = %" MBEDTLS_PRINTF_MS_TIME " )", + now, session->start)); goto exit; } @@ -213,7 +214,7 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( * * For time being, the age MUST be less than 604800 seconds (7 days). */ - if (server_age > 604800*1000) { + if (server_age > 604800 * 1000) { MBEDTLS_SSL_DEBUG_MSG( 3, ("Ticket age exceeds limitation ticket_age=%" MBEDTLS_PRINTF_MS_TIME, server_age)); @@ -238,7 +239,8 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( if (age_diff < -1000 || age_diff > MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE) { MBEDTLS_SSL_DEBUG_MSG( - 3, ("Ticket age outside tolerance window ( diff=%" MBEDTLS_PRINTF_MS_TIME ")", + 3, ("Ticket age outside tolerance window ( diff = %" + MBEDTLS_PRINTF_MS_TIME ")", age_diff)); goto exit; } diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index ce53f9274..7df30f017 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1416,35 +1416,43 @@ int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session, switch (opt.dummy_ticket % 11) { case 1: + /* Callback function return INVALID_MAC */ return MBEDTLS_ERR_SSL_INVALID_MAC; case 2: + /* Callback function return ticket expired */ return MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; case 3: + /* Built-in check, the start time is in future. */ session->start = mbedtls_ms_time() + 10 * 1000; break; case 4: + /* Built-in check, ticket expired due to too old. */ session->start = mbedtls_ms_time() - 10 * 1000 - 7 * 24 * 3600 * 1000; break; case 5: + /* Built-in check, age outside tolerance window, too young. */ session->start = mbedtls_ms_time() - 10 * 1000; break; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) case 6: + /* Built-in check, age outside tolerance window, too old. */ session->start = mbedtls_ms_time(); -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) session->ticket_age_add -= 1000; -#endif break; -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) case 7: + /* Built-in check, ticket permission check. */ session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE; break; case 8: + /* Built-in check, ticket permission check. */ session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; break; case 9: + /* Built-in check, ticket permission check. */ session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; break; case 10: + /* Built-in check, ticket permission check. */ session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL; break; #endif From 702fc590ed660467fd6a4733fd6367b3181ec510 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Oct 2023 14:22:04 +0800 Subject: [PATCH 0723/1674] Add ticket_creation field Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index cf1c19a08..a152a30f7 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1217,7 +1217,7 @@ struct mbedtls_ssl_session { mbedtls_ssl_protocol_version MBEDTLS_PRIVATE(tls_version); #if defined(MBEDTLS_HAVE_TIME) - mbedtls_ms_time_t MBEDTLS_PRIVATE(start); /*!< starting time */ + mbedtls_time_t MBEDTLS_PRIVATE(start); /*!< start time of current session */ #endif int MBEDTLS_PRIVATE(ciphersuite); /*!< chosen ciphersuite */ size_t MBEDTLS_PRIVATE(id_len); /*!< session id length */ @@ -1248,6 +1248,7 @@ struct mbedtls_ssl_session { uint8_t MBEDTLS_PRIVATE(ticket_flags); /*!< Ticket flags */ uint32_t MBEDTLS_PRIVATE(ticket_age_add); /*!< Randomly generated value used to obscure the age of the ticket */ uint8_t MBEDTLS_PRIVATE(resumption_key_len); /*!< resumption_key length */ + mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_creation); /*!< create time of ticket */ unsigned char MBEDTLS_PRIVATE(resumption_key)[MBEDTLS_SSL_TLS1_3_TICKET_RESUMPTION_KEY_LEN]; #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_SSL_CLI_C) From ec6d07870d5ede5eebc7b5be0540e41145977482 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Oct 2023 14:42:20 +0800 Subject: [PATCH 0724/1674] Replace `start` with `ticket_creation` Signed-off-by: Jerry Yu --- library/ssl_ticket.c | 8 +++++--- library/ssl_tls.c | 4 ++-- library/ssl_tls13_server.c | 8 ++++---- programs/ssl/ssl_server2.c | 11 ++++++----- 4 files changed, 17 insertions(+), 14 deletions(-) diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index c89a5cdb0..05249ea07 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -498,16 +498,17 @@ int mbedtls_ssl_ticket_parse(void *p_ticket, #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { /* Check for expiration */ - mbedtls_ms_time_t ticket_age = mbedtls_ms_time() - session->start; + mbedtls_ms_time_t ticket_age = mbedtls_ms_time() - session->ticket_creation; mbedtls_ms_time_t ticket_lifetime = ctx->ticket_lifetime * 1000; if (ticket_age < 0 || ticket_age > ticket_lifetime) { ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; goto cleanup; } - } else + } #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ - { +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (session->tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { /* Check for expiration */ mbedtls_time_t current_time = mbedtls_time(NULL); @@ -517,6 +518,7 @@ int mbedtls_ssl_ticket_parse(void *p_ticket, goto cleanup; } } +#endif #endif /* MBEDTLS_HAVE_TIME */ cleanup: diff --git a/library/ssl_tls.c b/library/ssl_tls.c index f8555767e..d7276362f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2537,7 +2537,7 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session, #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { - MBEDTLS_PUT_UINT64_BE((uint64_t) session->start, p, 0); + MBEDTLS_PUT_UINT64_BE((uint64_t) session->ticket_creation, p, 0); p += 8; } #endif /* MBEDTLS_HAVE_TIME */ @@ -2616,7 +2616,7 @@ static int ssl_tls13_session_load(mbedtls_ssl_session *session, if (end - p < 8) { return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - session->start = MBEDTLS_GET_UINT64_BE(p, 0); + session->ticket_creation = MBEDTLS_GET_UINT64_BE(p, 0); p += 8; } #endif /* MBEDTLS_HAVE_TIME */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 7b8cc6e74..744e984ac 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -193,15 +193,15 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( #if defined(MBEDTLS_HAVE_TIME) now = mbedtls_ms_time(); - if (now < session->start) { + if (now < session->ticket_creation) { MBEDTLS_SSL_DEBUG_MSG( 3, ("Invalid ticket start time ( now = %" MBEDTLS_PRINTF_MS_TIME ", start = %" MBEDTLS_PRINTF_MS_TIME " )", - now, session->start)); + now, session->ticket_creation)); goto exit; } - server_age = now - session->start; + server_age = now - session->ticket_creation; /* RFC 8446 section 4.6.1 * @@ -2880,7 +2880,7 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG(2, ("=> prepare NewSessionTicket msg")); #if defined(MBEDTLS_HAVE_TIME) - session->start = mbedtls_ms_time(); + session->ticket_creation = mbedtls_ms_time(); #endif /* Set ticket_flags depends on the advertised psk key exchange mode */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 7df30f017..a8f47149f 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1421,22 +1421,23 @@ int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session, case 2: /* Callback function return ticket expired */ return MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) case 3: /* Built-in check, the start time is in future. */ - session->start = mbedtls_ms_time() + 10 * 1000; + session->ticket_creation = mbedtls_ms_time() + 10 * 1000; break; case 4: /* Built-in check, ticket expired due to too old. */ - session->start = mbedtls_ms_time() - 10 * 1000 - 7 * 24 * 3600 * 1000; + session->ticket_creation = mbedtls_ms_time() - 10 * 1000 - 7 * 24 * 3600 * 1000; break; case 5: /* Built-in check, age outside tolerance window, too young. */ - session->start = mbedtls_ms_time() - 10 * 1000; + session->ticket_creation = mbedtls_ms_time() - 10 * 1000; break; -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) + case 6: /* Built-in check, age outside tolerance window, too old. */ - session->start = mbedtls_ms_time(); + session->ticket_creation = mbedtls_ms_time(); session->ticket_age_add -= 1000; break; case 7: From 28547c49ed07957d7da06c981642e5ffe5879094 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Oct 2023 14:42:50 +0800 Subject: [PATCH 0725/1674] update tests Signed-off-by: Jerry Yu --- tests/src/test_helpers/ssl_helpers.c | 6 ++- tests/suites/test_suite_ssl.function | 65 ++++++++++++++++++++++------ 2 files changed, 56 insertions(+), 15 deletions(-) diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 54b57be81..f7cd1030f 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -1633,6 +1633,7 @@ exit: } #endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session, int ticket_len, const char *crt_file) @@ -1729,6 +1730,7 @@ int mbedtls_test_ssl_tls12_populate_session(mbedtls_ssl_session *session, return 0; } +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_3) int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, @@ -1752,14 +1754,14 @@ int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, #if defined(MBEDTLS_HAVE_TIME) if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { - session->start = mbedtls_time(NULL) - 42; + session->ticket_creation = mbedtls_ms_time() - 42; } #endif #if defined(MBEDTLS_SSL_CLI_C) if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { #if defined(MBEDTLS_HAVE_TIME) - session->ticket_received = mbedtls_time(NULL) - 40; + session->ticket_received = mbedtls_ms_time() - 40; #endif session->ticket_lifetime = 0xfedcba98; diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 7cdf17eb6..4f9ec1a06 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1943,16 +1943,21 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, /* Prepare a dummy session to work on */ ((void) endpoint_type); ((void) tls_version); + ((void) ticket_len); + ((void) crt_file); #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( &original, 0, endpoint_type) == 0); - } else + } #endif - { + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( &original, ticket_len, crt_file) == 0); } +#endif /* Serialize it */ TEST_ASSERT(mbedtls_ssl_session_save(&original, NULL, 0, &len) @@ -1968,8 +1973,20 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, * Make sure both session structures are identical */ #if defined(MBEDTLS_HAVE_TIME) - TEST_ASSERT(original.start == restored.start); +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) + if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { + TEST_ASSERT(original.ticket_creation == restored.ticket_creation); + } #endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { + TEST_ASSERT(original.start == restored.start); + } +#endif + +#endif + TEST_ASSERT(original.tls_version == restored.tls_version); TEST_ASSERT(original.ciphersuite == restored.ciphersuite); #if defined(MBEDTLS_SSL_PROTO_TLS1_2) @@ -2049,7 +2066,7 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) if (endpoint_type == MBEDTLS_SSL_IS_SERVER) { - TEST_ASSERT(original.start == restored.start); + TEST_ASSERT(original.ticket_creation == restored.ticket_creation); } #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) @@ -2097,16 +2114,22 @@ void ssl_serialize_session_load_save(int ticket_len, char *crt_file, /* Prepare a dummy session to work on */ ((void) endpoint_type); ((void) tls_version); + ((void) ticket_len); + ((void) crt_file); #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( &session, 0, endpoint_type) == 0); - } else + } #endif - { + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { + TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( &session, ticket_len, crt_file) == 0); } +#endif /* Get desired buffer size for serializing */ TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &len0) @@ -2160,16 +2183,22 @@ void ssl_serialize_session_save_buf_size(int ticket_len, char *crt_file, /* Prepare dummy session and get serialized size */ ((void) endpoint_type); ((void) tls_version); + ((void) ticket_len); + ((void) crt_file); #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( &session, 0, endpoint_type) == 0); - } else + } #endif - { + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( &session, ticket_len, crt_file) == 0); } +#endif + TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len) == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); @@ -2209,16 +2238,22 @@ void ssl_serialize_session_load_buf_size(int ticket_len, char *crt_file, /* Prepare serialized session data */ ((void) endpoint_type); ((void) tls_version); + ((void) ticket_len); + ((void) crt_file); #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( &session, 0, endpoint_type) == 0); - } else + } #endif - { + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( &session, ticket_len, crt_file) == 0); } +#endif + TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len) == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); TEST_CALLOC(good_buf, good_len); @@ -2272,11 +2307,15 @@ void ssl_session_serialize_version_check(int corrupt_major, if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( &session, 0, endpoint_type) == 0); - } else + } #endif - TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( - &session, 0, NULL) == 0); +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { + TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( + &session, 0, NULL) == 0); + } +#endif /* Infer length of serialized session. */ TEST_ASSERT(mbedtls_ssl_session_save(&session, From 8cf44953b23e498ac4aa046ce1e9d8862bad5f6c Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 31 Oct 2023 16:48:45 +0800 Subject: [PATCH 0726/1674] guards ticket creation field Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index a152a30f7..9365c6241 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1248,7 +1248,9 @@ struct mbedtls_ssl_session { uint8_t MBEDTLS_PRIVATE(ticket_flags); /*!< Ticket flags */ uint32_t MBEDTLS_PRIVATE(ticket_age_add); /*!< Randomly generated value used to obscure the age of the ticket */ uint8_t MBEDTLS_PRIVATE(resumption_key_len); /*!< resumption_key length */ +#if defined(MBEDTLS_HAVE_TIME) mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_creation); /*!< create time of ticket */ +#endif unsigned char MBEDTLS_PRIVATE(resumption_key)[MBEDTLS_SSL_TLS1_3_TICKET_RESUMPTION_KEY_LEN]; #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_SSL_CLI_C) From 31b601aa15e4080573ec75df00ab5be5db33a2bc Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 10 Nov 2023 11:27:21 +0800 Subject: [PATCH 0727/1674] improve comments Signed-off-by: Jerry Yu --- library/ssl_ticket.c | 2 +- library/ssl_tls13_server.c | 10 ++++------ 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 05249ea07..5fef4ebb9 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -518,7 +518,7 @@ int mbedtls_ssl_ticket_parse(void *p_ticket, goto cleanup; } } -#endif +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #endif /* MBEDTLS_HAVE_TIME */ cleanup: diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 744e984ac..fb579d58f 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -212,7 +212,6 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( * Clients MUST NOT attempt to use tickets which have ages greater than * the "ticket_lifetime" value which was provided with the ticket. * - * For time being, the age MUST be less than 604800 seconds (7 days). */ if (server_age > 604800 * 1000) { MBEDTLS_SSL_DEBUG_MSG( @@ -228,11 +227,10 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( * ticket_age_add from PskIdentity.obfuscated_ticket_age modulo 2^32) is * within a small tolerance of the time since the ticket was issued. * - * NOTE: Typical crystal RTC accuracy specifications are from ±100 to ±20 - * parts per million (360 to 72 million seconds per hour). Defualt - * tolerance windows is 6000 millionsections, that means client host - * MUST sync up system time every 16 hours. Otherwise, the ticket will - * be invalid. + * NOTE: The typical accuracy of an RTC crystal is ±100 to ±20 parts per + * million (360 to 72 milliseconds per hour). Default tolerance + * windows is 6s, thus in the worst case client and servers must + * sync up their system time every 6000/360/2~=8 hours. */ client_age = obfuscated_ticket_age - session->ticket_age_add; age_diff = server_age - client_age; From 3ff0b1fda3faa242ac023c62441c6c578b8024c4 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 10 Nov 2023 11:29:12 +0800 Subject: [PATCH 0728/1674] Cleanup ticket negative tests. - improve comments - case 3/4 is for server age check. - case 5/6 is for client age check Signed-off-by: Jerry Yu --- programs/ssl/ssl_server2.c | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index a8f47149f..aa8afd9c6 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1416,44 +1416,45 @@ int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session, switch (opt.dummy_ticket % 11) { case 1: - /* Callback function return INVALID_MAC */ return MBEDTLS_ERR_SSL_INVALID_MAC; case 2: - /* Callback function return ticket expired */ return MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; #if defined(MBEDTLS_SSL_PROTO_TLS1_3) case 3: - /* Built-in check, the start time is in future. */ - session->ticket_creation = mbedtls_ms_time() + 10 * 1000; + /* Creation time in the future. */ + session->ticket_creation = mbedtls_ms_time() + + MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + + 4 * 1000; break; case 4: - /* Built-in check, ticket expired due to too old. */ - session->ticket_creation = mbedtls_ms_time() - 10 * 1000 - 7 * 24 * 3600 * 1000; + /* Ticket reaches the end of lifetime. */ + session->ticket_creation = mbedtls_ms_time() - session->ticket_lifetime - + MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE - 4 * 1000; break; case 5: - /* Built-in check, age outside tolerance window, too young. */ - session->ticket_creation = mbedtls_ms_time() - 10 * 1000; + /* Ticket is valid, but client age is beyond the upper bound of tolerance window. */ + + session->ticket_age_add += MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + 4 * 1000; + /* Make sure the execution time does not affect the result */ + session->ticket_creation = mbedtls_ms_time(); break; case 6: - /* Built-in check, age outside tolerance window, too old. */ + /* Ticket is valid, but client age is beyond the lower bound of tolerance window. */ + session->ticket_age_add -= MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + 4 * 1000; + /* Make sure the execution time does not affect the result */ session->ticket_creation = mbedtls_ms_time(); - session->ticket_age_add -= 1000; break; case 7: - /* Built-in check, ticket permission check. */ session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE; break; case 8: - /* Built-in check, ticket permission check. */ session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; break; case 9: - /* Built-in check, ticket permission check. */ session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; break; case 10: - /* Built-in check, ticket permission check. */ session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL; break; #endif From 28e7c554f48a61374793efd25373456a8d36a3a4 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 10 Nov 2023 12:05:56 +0800 Subject: [PATCH 0729/1674] Change the bottom of tolerance window The unit of ticket time has been changed to milliseconds. And age difference might be negative Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index fb579d58f..e7800f1dd 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -234,7 +234,7 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( */ client_age = obfuscated_ticket_age - session->ticket_age_add; age_diff = server_age - client_age; - if (age_diff < -1000 || + if (age_diff < -MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE || age_diff > MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE) { MBEDTLS_SSL_DEBUG_MSG( 3, ("Ticket age outside tolerance window ( diff = %" From 034a8b77d1f4fcf00196be559178e65e93cdaeab Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 10 Nov 2023 12:20:19 +0800 Subject: [PATCH 0730/1674] Update document of ticket age tolerance Signed-off-by: Jerry Yu --- include/mbedtls/mbedtls_config.h | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index d137f00a2..4acac9c08 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -4099,19 +4099,21 @@ /** * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE * - * Maximum time difference in milliseconds tolerated between the age of a - * ticket from the server and client point of view. - * From the client point of view, the age of a ticket is the time difference - * between the time when the client proposes to the server to use the ticket - * (time of writing of the Pre-Shared Key Extension including the ticket) and - * the time the client received the ticket from the server. - * From the server point of view, the age of a ticket is the time difference - * between the time when the server receives a proposition from the client - * to use the ticket and the time when the ticket was created by the server. - * The server age is expected to be always greater than the client one and - * MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE defines the - * maximum difference tolerated for the server to accept the ticket. - * This is not used in TLS 1.2. + * Maximum allowd ticket age difference in milliseconds tolerated between + * server and client. Default value is 6000. This is not used in TLS 1.2. + * + * - The client ticket age is the time difference between the time when the + * client proposes to the server to use the ticket and the time the client + * received the ticket from the server. + * - The server ticket age is the time difference between the time when the + * server receives a proposition from the client to use the ticket and the + * time when the ticket was created by the server. + * + * The ages might be different due to accuracy of RTC crypstal. The typical + * accuracy of an RTC crystal is ±100 to ±20 parts per million (360 to 72 + * milliseconds per hour). Default tolerance windows is 6s, thus in the worst + * case client and servers must sync up their system time every 6000/360/2~=8 + * hours. * */ //#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 From 46c7926f747f3980c0dbdef4a2b23b52540b6c9a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 10 Nov 2023 13:58:16 +0800 Subject: [PATCH 0731/1674] Add maximum ticket lifetime check Also add comments for age cast Signed-off-by: Jerry Yu --- library/ssl_misc.h | 3 +++ library/ssl_tls13_client.c | 10 ++++++++++ library/ssl_tls13_server.c | 4 ++-- 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 8482ee151..c636ad461 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2765,6 +2765,9 @@ int mbedtls_ssl_session_set_hostname(mbedtls_ssl_session *session, #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) + +#define MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME (604800) + static inline unsigned int mbedtls_ssl_session_get_ticket_flags( mbedtls_ssl_session *session, unsigned int flags) { diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 32ad7aaed..294a294cc 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -933,6 +933,10 @@ int mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext( #if defined(MBEDTLS_HAVE_TIME) mbedtls_ms_time_t now = mbedtls_ms_time(); mbedtls_ssl_session *session = ssl->session_negotiate; + /* The ticket age has been checked to be smaller that the + * `ticket_lifetime` in ssl_prepare_client_hello() which is smaller than + * 7 days (enforced in ssl_tls13_parse_new_session_ticket()) . Thus the + * cast to `uint32_t` of the ticket age is safe. */ uint32_t obfuscated_ticket_age = (uint32_t) (now - session->ticket_received); obfuscated_ticket_age += session->ticket_age_add; @@ -2744,6 +2748,12 @@ static int ssl_tls13_parse_new_session_ticket(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG(3, ("ticket_lifetime: %u", (unsigned int) session->ticket_lifetime)); + if (session->ticket_lifetime > + MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME) { + /* TODO: Add new return value here? */ + MBEDTLS_SSL_DEBUG_MSG(3, ("ticket_lifetime exceeds 7 days.")); + return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + } session->ticket_age_add = MBEDTLS_GET_UINT32_BE(p, 4); MBEDTLS_SSL_DEBUG_MSG(3, diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index e7800f1dd..5c606e4b2 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3025,8 +3025,8 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, * MAY treat a ticket as valid for a shorter period of time than what * is stated in the ticket_lifetime. */ - if (ticket_lifetime > 604800) { - ticket_lifetime = 604800; + if (ticket_lifetime > MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME) { + ticket_lifetime = MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME; } MBEDTLS_PUT_UINT32_BE(ticket_lifetime, p, 0); MBEDTLS_SSL_DEBUG_MSG(3, ("ticket_lifetime: %u", From 25ba4d40ef4397c5b9ad42b79a0f0c3b3954ae4b Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 10 Nov 2023 14:12:20 +0800 Subject: [PATCH 0732/1674] rename `ticket_creation` to `ticket_creation_time` Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 14 ++++++++------ library/ssl_ticket.c | 2 +- library/ssl_tls.c | 6 +++--- library/ssl_tls13_server.c | 8 ++++---- programs/ssl/ssl_server2.c | 14 +++++++------- tests/src/test_helpers/ssl_helpers.c | 2 +- tests/suites/test_suite_ssl.function | 4 ++-- 7 files changed, 26 insertions(+), 24 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 9365c6241..d01164278 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1248,18 +1248,20 @@ struct mbedtls_ssl_session { uint8_t MBEDTLS_PRIVATE(ticket_flags); /*!< Ticket flags */ uint32_t MBEDTLS_PRIVATE(ticket_age_add); /*!< Randomly generated value used to obscure the age of the ticket */ uint8_t MBEDTLS_PRIVATE(resumption_key_len); /*!< resumption_key length */ -#if defined(MBEDTLS_HAVE_TIME) - mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_creation); /*!< create time of ticket */ -#endif unsigned char MBEDTLS_PRIVATE(resumption_key)[MBEDTLS_SSL_TLS1_3_TICKET_RESUMPTION_KEY_LEN]; #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_SSL_CLI_C) char *MBEDTLS_PRIVATE(hostname); /*!< host name binded with tickets */ #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION && MBEDTLS_SSL_CLI_C */ -#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_CLI_C) - mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_received); /*!< time ticket was received */ -#endif /* MBEDTLS_HAVE_TIME && MBEDTLS_SSL_CLI_C */ +#if defined(MBEDTLS_HAVE_TIME) +#if defined(MBEDTLS_SSL_CLI_C) + mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_received); /*!< time that ticket was received */ +#endif +#if defined(MBEDTLS_SSL_SRV_C) + mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_creation_time); /*!< create time of ticket */ +#endif +#endif /* MBEDTLS_HAVE_TIME */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 5fef4ebb9..0277bfa2c 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -498,7 +498,7 @@ int mbedtls_ssl_ticket_parse(void *p_ticket, #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { /* Check for expiration */ - mbedtls_ms_time_t ticket_age = mbedtls_ms_time() - session->ticket_creation; + mbedtls_ms_time_t ticket_age = mbedtls_ms_time() - session->ticket_creation_time; mbedtls_ms_time_t ticket_lifetime = ctx->ticket_lifetime * 1000; if (ticket_age < 0 || ticket_age > ticket_lifetime) { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d7276362f..42d1b86b1 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2457,7 +2457,7 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite( * uint32 max_early_data_size; * select ( endpoint ) { * case client: ClientOnlyData; - * case server: uint64 start_time; + * case server: uint64 ticket_creation_time_time; * }; * } serialized_session_tls13; * @@ -2537,7 +2537,7 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session, #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { - MBEDTLS_PUT_UINT64_BE((uint64_t) session->ticket_creation, p, 0); + MBEDTLS_PUT_UINT64_BE((uint64_t) session->ticket_creation_time, p, 0); p += 8; } #endif /* MBEDTLS_HAVE_TIME */ @@ -2616,7 +2616,7 @@ static int ssl_tls13_session_load(mbedtls_ssl_session *session, if (end - p < 8) { return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - session->ticket_creation = MBEDTLS_GET_UINT64_BE(p, 0); + session->ticket_creation_time = MBEDTLS_GET_UINT64_BE(p, 0); p += 8; } #endif /* MBEDTLS_HAVE_TIME */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 5c606e4b2..c9c0e1f08 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -193,15 +193,15 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( #if defined(MBEDTLS_HAVE_TIME) now = mbedtls_ms_time(); - if (now < session->ticket_creation) { + if (now < session->ticket_creation_time) { MBEDTLS_SSL_DEBUG_MSG( 3, ("Invalid ticket start time ( now = %" MBEDTLS_PRINTF_MS_TIME ", start = %" MBEDTLS_PRINTF_MS_TIME " )", - now, session->ticket_creation)); + now, session->ticket_creation_time)); goto exit; } - server_age = now - session->ticket_creation; + server_age = now - session->ticket_creation_time; /* RFC 8446 section 4.6.1 * @@ -2878,7 +2878,7 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG(2, ("=> prepare NewSessionTicket msg")); #if defined(MBEDTLS_HAVE_TIME) - session->ticket_creation = mbedtls_ms_time(); + session->ticket_creation_time = mbedtls_ms_time(); #endif /* Set ticket_flags depends on the advertised psk key exchange mode */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index aa8afd9c6..1bfa529af 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1422,28 +1422,28 @@ int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session, #if defined(MBEDTLS_SSL_PROTO_TLS1_3) case 3: /* Creation time in the future. */ - session->ticket_creation = mbedtls_ms_time() + - MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + - 4 * 1000; + session->ticket_creation_time = mbedtls_ms_time() + + MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + + 4 * 1000; break; case 4: /* Ticket reaches the end of lifetime. */ - session->ticket_creation = mbedtls_ms_time() - session->ticket_lifetime - - MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE - 4 * 1000; + session->ticket_creation_time = mbedtls_ms_time() - session->ticket_lifetime - + MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE - 4 * 1000; break; case 5: /* Ticket is valid, but client age is beyond the upper bound of tolerance window. */ session->ticket_age_add += MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + 4 * 1000; /* Make sure the execution time does not affect the result */ - session->ticket_creation = mbedtls_ms_time(); + session->ticket_creation_time = mbedtls_ms_time(); break; case 6: /* Ticket is valid, but client age is beyond the lower bound of tolerance window. */ session->ticket_age_add -= MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + 4 * 1000; /* Make sure the execution time does not affect the result */ - session->ticket_creation = mbedtls_ms_time(); + session->ticket_creation_time = mbedtls_ms_time(); break; case 7: session->ticket_flags = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE; diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index f7cd1030f..9acb1997e 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -1754,7 +1754,7 @@ int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, #if defined(MBEDTLS_HAVE_TIME) if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { - session->ticket_creation = mbedtls_ms_time() - 42; + session->ticket_creation_time = mbedtls_ms_time() - 42; } #endif diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 4f9ec1a06..ebbbddb20 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1975,7 +1975,7 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, #if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - TEST_ASSERT(original.ticket_creation == restored.ticket_creation); + TEST_ASSERT(original.ticket_creation_time == restored.ticket_creation_time); } #endif @@ -2066,7 +2066,7 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) if (endpoint_type == MBEDTLS_SSL_IS_SERVER) { - TEST_ASSERT(original.ticket_creation == restored.ticket_creation); + TEST_ASSERT(original.ticket_creation_time == restored.ticket_creation_time); } #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) From 342a555eefd27dc20c44489de597477c5839879a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 10 Nov 2023 14:23:39 +0800 Subject: [PATCH 0733/1674] rename ticket received Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 2 +- library/ssl_client.c | 2 +- library/ssl_tls.c | 8 ++++---- library/ssl_tls13_client.c | 4 ++-- tests/src/test_helpers/ssl_helpers.c | 2 +- tests/suites/test_suite_ssl.function | 2 +- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index d01164278..3213a2bc8 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1256,7 +1256,7 @@ struct mbedtls_ssl_session { #if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_SSL_CLI_C) - mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_received); /*!< time that ticket was received */ + mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_reception_time); /*!< time that ticket was received */ #endif #if defined(MBEDTLS_SSL_SRV_C) mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_creation_time); /*!< create time of ticket */ diff --git a/library/ssl_client.c b/library/ssl_client.c index 21114910e..0e87d8607 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -757,7 +757,7 @@ static int ssl_prepare_client_hello(mbedtls_ssl_context *ssl) session_negotiate->tls_version == MBEDTLS_SSL_VERSION_TLS1_3 && session_negotiate->ticket != NULL) { mbedtls_ms_time_t now = mbedtls_ms_time(); - mbedtls_ms_time_t age = now - session_negotiate->ticket_received; + mbedtls_ms_time_t age = now - session_negotiate->ticket_reception_time; if (age < 0 || age > session_negotiate->ticket_lifetime * 1000) { /* Without valid ticket, disable session resumption.*/ MBEDTLS_SSL_DEBUG_MSG( diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 42d1b86b1..2a52047ec 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2443,7 +2443,7 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite( * * struct { * opaque hostname<0..2^16-1>; - * uint64 ticket_received; + * uint64 ticket_reception_time; * uint32 ticket_lifetime; * opaque ticket<1..2^16-1>; * } ClientOnlyData; @@ -2492,7 +2492,7 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session, #endif #if defined(MBEDTLS_HAVE_TIME) - needed += 8; /* start_time or ticket_received */ + needed += 8; /* start_time or ticket_reception_time */ #endif #if defined(MBEDTLS_SSL_CLI_C) @@ -2555,7 +2555,7 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session, #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_HAVE_TIME) - MBEDTLS_PUT_UINT64_BE((uint64_t) session->ticket_received, p, 0); + MBEDTLS_PUT_UINT64_BE((uint64_t) session->ticket_reception_time, p, 0); p += 8; #endif MBEDTLS_PUT_UINT32_BE(session->ticket_lifetime, p, 0); @@ -2651,7 +2651,7 @@ static int ssl_tls13_session_load(mbedtls_ssl_session *session, if (end - p < 8) { return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - session->ticket_received = MBEDTLS_GET_UINT64_BE(p, 0); + session->ticket_reception_time = MBEDTLS_GET_UINT64_BE(p, 0); p += 8; #endif if (end - p < 4) { diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 294a294cc..bb688b79c 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -938,7 +938,7 @@ int mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext( * 7 days (enforced in ssl_tls13_parse_new_session_ticket()) . Thus the * cast to `uint32_t` of the ticket age is safe. */ uint32_t obfuscated_ticket_age = - (uint32_t) (now - session->ticket_received); + (uint32_t) (now - session->ticket_reception_time); obfuscated_ticket_age += session->ticket_age_add; ret = ssl_tls13_write_identity(ssl, p, end, @@ -2829,7 +2829,7 @@ static int ssl_tls13_postprocess_new_session_ticket(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_HAVE_TIME) /* Store ticket creation time */ - session->ticket_received = mbedtls_ms_time(); + session->ticket_reception_time = mbedtls_ms_time(); #endif ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(session->ciphersuite); diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 9acb1997e..dd06d176a 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -1761,7 +1761,7 @@ int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, #if defined(MBEDTLS_SSL_CLI_C) if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { #if defined(MBEDTLS_HAVE_TIME) - session->ticket_received = mbedtls_ms_time() - 40; + session->ticket_reception_time = mbedtls_ms_time() - 40; #endif session->ticket_lifetime = 0xfedcba98; diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index ebbbddb20..6963ce24d 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2072,7 +2072,7 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) if (endpoint_type == MBEDTLS_SSL_IS_CLIENT) { #if defined(MBEDTLS_HAVE_TIME) - TEST_ASSERT(original.ticket_received == restored.ticket_received); + TEST_ASSERT(original.ticket_reception_time == restored.ticket_reception_time); #endif TEST_ASSERT(original.ticket_lifetime == restored.ticket_lifetime); TEST_ASSERT(original.ticket_len == restored.ticket_len); From cf9135100eb57d4e0d5f2861418eafd97da3f877 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 14 Nov 2023 11:06:52 +0800 Subject: [PATCH 0734/1674] fix various issues - fix CI failure due to wrong usage of ticket_lifetime - Improve document and comments Signed-off-by: Jerry Yu --- include/mbedtls/mbedtls_config.h | 12 ++++++------ include/mbedtls/ssl.h | 4 ++-- library/ssl_misc.h | 2 -- library/ssl_tls.c | 4 ++-- library/ssl_tls13_client.c | 8 +++----- library/ssl_tls13_server.c | 4 ++-- programs/ssl/ssl_server2.c | 13 +++++-------- 7 files changed, 20 insertions(+), 27 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 4acac9c08..407b31e1c 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -4099,7 +4099,7 @@ /** * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE * - * Maximum allowd ticket age difference in milliseconds tolerated between + * Maximum allowed ticket age difference in milliseconds tolerated between * server and client. Default value is 6000. This is not used in TLS 1.2. * * - The client ticket age is the time difference between the time when the @@ -4109,11 +4109,11 @@ * server receives a proposition from the client to use the ticket and the * time when the ticket was created by the server. * - * The ages might be different due to accuracy of RTC crypstal. The typical - * accuracy of an RTC crystal is ±100 to ±20 parts per million (360 to 72 - * milliseconds per hour). Default tolerance windows is 6s, thus in the worst - * case client and servers must sync up their system time every 6000/360/2~=8 - * hours. + * The ages might be different due to the client and server clocks not running + * at the same pace. The typical accuracy of an RTC crystal is ±100 to ±20 parts + * per million (360 to 72 milliseconds per hour). Default tolerance window is + * 6s, thus in the worst case clients and servers must sync up their system time + * every 6000/360/2~=8 hours. * */ //#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3213a2bc8..07a9e888e 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1256,10 +1256,10 @@ struct mbedtls_ssl_session { #if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_SSL_CLI_C) - mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_reception_time); /*!< time that ticket was received */ + mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_reception_time); /*!< time when ticket was received. */ #endif #if defined(MBEDTLS_SSL_SRV_C) - mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_creation_time); /*!< create time of ticket */ + mbedtls_ms_time_t MBEDTLS_PRIVATE(ticket_creation_time); /*!< time when ticket was created. */ #endif #endif /* MBEDTLS_HAVE_TIME */ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index c636ad461..2d2504b75 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2766,8 +2766,6 @@ int mbedtls_ssl_session_set_hostname(mbedtls_ssl_session *session, #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) -#define MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME (604800) - static inline unsigned int mbedtls_ssl_session_get_ticket_flags( mbedtls_ssl_session *session, unsigned int flags) { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 2a52047ec..944caa09c 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2457,7 +2457,7 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite( * uint32 max_early_data_size; * select ( endpoint ) { * case client: ClientOnlyData; - * case server: uint64 ticket_creation_time_time; + * case server: uint64 ticket_creation_time; * }; * } serialized_session_tls13; * @@ -2492,7 +2492,7 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session, #endif #if defined(MBEDTLS_HAVE_TIME) - needed += 8; /* start_time or ticket_reception_time */ + needed += 8; /* ticket_creation_time or ticket_reception_time */ #endif #if defined(MBEDTLS_SSL_CLI_C) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index bb688b79c..e7a4aef79 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -933,7 +933,7 @@ int mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext( #if defined(MBEDTLS_HAVE_TIME) mbedtls_ms_time_t now = mbedtls_ms_time(); mbedtls_ssl_session *session = ssl->session_negotiate; - /* The ticket age has been checked to be smaller that the + /* The ticket age has been checked to be smaller than the * `ticket_lifetime` in ssl_prepare_client_hello() which is smaller than * 7 days (enforced in ssl_tls13_parse_new_session_ticket()) . Thus the * cast to `uint32_t` of the ticket age is safe. */ @@ -2748,11 +2748,9 @@ static int ssl_tls13_parse_new_session_ticket(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG(3, ("ticket_lifetime: %u", (unsigned int) session->ticket_lifetime)); - if (session->ticket_lifetime > - MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME) { - /* TODO: Add new return value here? */ + if (session->ticket_lifetime > 604800) { MBEDTLS_SSL_DEBUG_MSG(3, ("ticket_lifetime exceeds 7 days.")); - return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; } session->ticket_age_add = MBEDTLS_GET_UINT32_BE(p, 4); diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index c9c0e1f08..465bf99d6 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3025,8 +3025,8 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, * MAY treat a ticket as valid for a shorter period of time than what * is stated in the ticket_lifetime. */ - if (ticket_lifetime > MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME) { - ticket_lifetime = MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME; + if (ticket_lifetime > 604800) { + ticket_lifetime = 604800; } MBEDTLS_PUT_UINT32_BE(ticket_lifetime, p, 0); MBEDTLS_SSL_DEBUG_MSG(3, ("ticket_lifetime: %u", diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 1bfa529af..f85bc1af8 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1422,18 +1422,15 @@ int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session, #if defined(MBEDTLS_SSL_PROTO_TLS1_3) case 3: /* Creation time in the future. */ - session->ticket_creation_time = mbedtls_ms_time() + - MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + - 4 * 1000; + session->ticket_creation_time = mbedtls_ms_time() + 1000; break; case 4: - /* Ticket reaches the end of lifetime. */ - session->ticket_creation_time = mbedtls_ms_time() - session->ticket_lifetime - - MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE - 4 * 1000; + /* Ticket has reached the end of lifetime. */ + session->ticket_creation_time = mbedtls_ms_time() - + (7 * 24 * 3600 * 1000 + 1000); break; case 5: - /* Ticket is valid, but client age is beyond the upper bound of tolerance window. */ - + /* Ticket is valid, but client age is below the upper bound of tolerance window. */ session->ticket_age_add += MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + 4 * 1000; /* Make sure the execution time does not affect the result */ session->ticket_creation_time = mbedtls_ms_time(); From 472a69260bf868c329607b0e2bcf9c09d10a31e4 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 14 Nov 2023 11:25:24 +0800 Subject: [PATCH 0735/1674] fix build failure Signed-off-by: Jerry Yu --- library/ssl_ticket.c | 13 ++++++++++++- tests/src/test_helpers/ssl_helpers.c | 2 +- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 0277bfa2c..61c87bed9 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -498,7 +498,18 @@ int mbedtls_ssl_ticket_parse(void *p_ticket, #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { /* Check for expiration */ - mbedtls_ms_time_t ticket_age = mbedtls_ms_time() - session->ticket_creation_time; + mbedtls_ms_time_t ticket_age = -1; +#if defined(MBEDTLS_SSL_SRV_C) + if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { + ticket_age = mbedtls_ms_time() - session->ticket_creation_time; + } +#endif +#if defined(MBEDTLS_SSL_CLI_C) + if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { + ticket_age = mbedtls_ms_time() - session->ticket_reception_time; + } +#endif + mbedtls_ms_time_t ticket_lifetime = ctx->ticket_lifetime * 1000; if (ticket_age < 0 || ticket_age > ticket_lifetime) { diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index dd06d176a..d02d30539 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -1752,7 +1752,7 @@ int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, session->max_early_data_size = 0x87654321; #endif -#if defined(MBEDTLS_HAVE_TIME) +#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { session->ticket_creation_time = mbedtls_ms_time() - 42; } From 8e0174ac05e19a986508c65e70cc1bd6621f6ab2 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 10 Nov 2023 13:58:16 +0800 Subject: [PATCH 0736/1674] Add maximum ticket lifetime check Also add comments for age cast Signed-off-by: Jerry Yu --- library/ssl_misc.h | 2 ++ library/ssl_tls13_client.c | 3 ++- library/ssl_tls13_server.c | 6 +++--- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 2d2504b75..c636ad461 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2766,6 +2766,8 @@ int mbedtls_ssl_session_set_hostname(mbedtls_ssl_session *session, #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS) +#define MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME (604800) + static inline unsigned int mbedtls_ssl_session_get_ticket_flags( mbedtls_ssl_session *session, unsigned int flags) { diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index e7a4aef79..44814b99f 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2748,7 +2748,8 @@ static int ssl_tls13_parse_new_session_ticket(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG(3, ("ticket_lifetime: %u", (unsigned int) session->ticket_lifetime)); - if (session->ticket_lifetime > 604800) { + if (session->ticket_lifetime > + MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME) { MBEDTLS_SSL_DEBUG_MSG(3, ("ticket_lifetime exceeds 7 days.")); return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; } diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 465bf99d6..8076b1411 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -213,7 +213,7 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( * the "ticket_lifetime" value which was provided with the ticket. * */ - if (server_age > 604800 * 1000) { + if (server_age > MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME * 1000) { MBEDTLS_SSL_DEBUG_MSG( 3, ("Ticket age exceeds limitation ticket_age=%" MBEDTLS_PRINTF_MS_TIME, server_age)); @@ -3025,8 +3025,8 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, * MAY treat a ticket as valid for a shorter period of time than what * is stated in the ticket_lifetime. */ - if (ticket_lifetime > 604800) { - ticket_lifetime = 604800; + if (ticket_lifetime > MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME) { + ticket_lifetime = MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME; } MBEDTLS_PUT_UINT32_BE(ticket_lifetime, p, 0); MBEDTLS_SSL_DEBUG_MSG(3, ("ticket_lifetime: %u", From 04fceb782ba776431134090c66f8e4e6ea636df9 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 15 Nov 2023 09:52:46 +0800 Subject: [PATCH 0737/1674] Add freshness check information into document Signed-off-by: Jerry Yu --- include/mbedtls/mbedtls_config.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 407b31e1c..a4e90c5af 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -4115,6 +4115,7 @@ * 6s, thus in the worst case clients and servers must sync up their system time * every 6000/360/2~=8 hours. * + * See section 8.3 of the TLS 1.3 specification(RFC 8446) for more information. */ //#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 From 9cb953a402da4f7bd5bdd0b3de8bb86fe0c743ef Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 15 Nov 2023 09:54:11 +0800 Subject: [PATCH 0738/1674] improve document Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 8076b1411..374e1a2b3 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -229,7 +229,7 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( * * NOTE: The typical accuracy of an RTC crystal is ±100 to ±20 parts per * million (360 to 72 milliseconds per hour). Default tolerance - * windows is 6s, thus in the worst case client and servers must + * window is 6s, thus in the worst case clients and servers must * sync up their system time every 6000/360/2~=8 hours. */ client_age = obfuscated_ticket_age - session->ticket_age_add; From b2455d24724c0133b5dac84c96849cb8cb097eb4 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 15 Nov 2023 09:57:32 +0800 Subject: [PATCH 0739/1674] Guards ticket_creation_time Signed-off-by: Jerry Yu --- tests/suites/test_suite_ssl.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 6963ce24d..23f0ff9c9 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1973,7 +1973,7 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, * Make sure both session structures are identical */ #if defined(MBEDTLS_HAVE_TIME) -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SRV_C) if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { TEST_ASSERT(original.ticket_creation_time == restored.ticket_creation_time); } From d84c14f80c68b22180a8259a42ee31a187469ba7 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 16 Nov 2023 13:33:57 +0800 Subject: [PATCH 0740/1674] improve code style Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 2 +- tests/suites/test_suite_ssl.function | 56 +++++++++++++++++----------- 2 files changed, 35 insertions(+), 23 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 374e1a2b3..63929d831 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -215,7 +215,7 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( */ if (server_age > MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME * 1000) { MBEDTLS_SSL_DEBUG_MSG( - 3, ("Ticket age exceeds limitation ticket_age=%" MBEDTLS_PRINTF_MS_TIME, + 3, ("Ticket age exceeds limitation ticket_age = %" MBEDTLS_PRINTF_MS_TIME, server_age)); goto exit; } diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 23f0ff9c9..fb2ae5421 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2185,19 +2185,25 @@ void ssl_serialize_session_save_buf_size(int ticket_len, char *crt_file, ((void) tls_version); ((void) ticket_len); ((void) crt_file); -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) - if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( - &session, 0, endpoint_type) == 0); - } -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { - TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( - &session, ticket_len, crt_file) == 0); - } + switch (tls_version) { +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) + case MBEDTLS_SSL_VERSION_TLS1_3: + TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( + &session, 0, endpoint_type) == 0); + break; #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + case MBEDTLS_SSL_VERSION_TLS1_2: + TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( + &session, ticket_len, crt_file) == 0); + break; +#endif + default: + /* should never happen */ + TEST_ASSERT(0); + break; + } TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len) == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); @@ -2303,19 +2309,25 @@ void ssl_session_serialize_version_check(int corrupt_major, USE_PSA_INIT(); ((void) endpoint_type); ((void) tls_version); -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) - if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( - &session, 0, endpoint_type) == 0); - } -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { - TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( - &session, 0, NULL) == 0); - } + switch (tls_version) { +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) + case MBEDTLS_SSL_VERSION_TLS1_3: + TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( + &session, 0, endpoint_type) == 0); + break; #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + case MBEDTLS_SSL_VERSION_TLS1_2: + TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( + &session, 0, NULL) == 0); + break; +#endif + default: + /* should never happen */ + TEST_ASSERT(0); + break; + } /* Infer length of serialized session. */ TEST_ASSERT(mbedtls_ssl_session_save(&session, From 4ac648ef20f3094298b374aebb0c54eddb0ff6d9 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 16 Nov 2023 13:58:38 +0800 Subject: [PATCH 0741/1674] improve readability Signed-off-by: Jerry Yu --- tests/suites/test_suite_ssl.function | 46 +++++++++++++++++++--------- 1 file changed, 31 insertions(+), 15 deletions(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index fb2ae5421..fc9b75ce4 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1973,17 +1973,24 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, * Make sure both session structures are identical */ #if defined(MBEDTLS_HAVE_TIME) + switch (tls_version) { #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SRV_C) - if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - TEST_ASSERT(original.ticket_creation_time == restored.ticket_creation_time); - } + case MBEDTLS_SSL_VERSION_TLS1_3: + TEST_ASSERT(original.ticket_creation_time == restored.ticket_creation_time); + break; +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + case MBEDTLS_SSL_VERSION_TLS1_2: + TEST_ASSERT(original.start == restored.start); + break; #endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { - TEST_ASSERT(original.start == restored.start); + default: + /* should never happen */ + TEST_ASSERT(0); + break; } -#endif + #endif @@ -2246,20 +2253,28 @@ void ssl_serialize_session_load_buf_size(int ticket_len, char *crt_file, ((void) tls_version); ((void) ticket_len); ((void) crt_file); + + switch (tls_version) { #if defined(MBEDTLS_SSL_PROTO_TLS1_3) - if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( - &session, 0, endpoint_type) == 0); - } + case MBEDTLS_SSL_VERSION_TLS1_3: + TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( + &session, 0, endpoint_type) == 0); + break; #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { - TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( - &session, ticket_len, crt_file) == 0); - } + case MBEDTLS_SSL_VERSION_TLS1_2: + TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( + &session, ticket_len, crt_file) == 0); + break; #endif + default: + /* should never happen */ + TEST_ASSERT(0); + break; + } + TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &good_len) == MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL); TEST_CALLOC(good_buf, good_len); @@ -2321,6 +2336,7 @@ void ssl_session_serialize_version_check(int corrupt_major, case MBEDTLS_SSL_VERSION_TLS1_2: TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( &session, 0, NULL) == 0); + break; #endif default: From 713ce1f88981ab7e2fdbaef5f700d79f217673f0 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 17 Nov 2023 15:32:12 +0800 Subject: [PATCH 0742/1674] various improvement - improve change log entry - improve comments - remove unnecessary statement - change type of client_age Signed-off-by: Jerry Yu --- ChangeLog.d/gnutls_anti_replay_fail.txt | 7 ++++--- library/ssl_tls13_server.c | 8 ++++---- programs/ssl/ssl_server2.c | 4 ++-- tests/suites/test_suite_ssl.function | 3 --- 4 files changed, 10 insertions(+), 12 deletions(-) diff --git a/ChangeLog.d/gnutls_anti_replay_fail.txt b/ChangeLog.d/gnutls_anti_replay_fail.txt index cb65b3ba6..cb35284e1 100644 --- a/ChangeLog.d/gnutls_anti_replay_fail.txt +++ b/ChangeLog.d/gnutls_anti_replay_fail.txt @@ -1,4 +1,5 @@ Bugfix - * Fixes #6623. That is time unit issue. The unit of ticket age is seconds in - MBedTLS and milliseconds in GnuTLS. If the real age is 10ms, it might be - 1s(1000ms), as a result, the age of MBedTLS is bigger than GnuTLS server. + * Switch to milliseconds as the unit for ticket creation and reception time + instead of seconds. That avoids rounding errors when computing the age of + tickets compared to peer using a millisecond clock (observed with GnuTLS). + Fixes #6623. diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 63929d831..d8ce37508 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -113,7 +113,7 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( #if defined(MBEDTLS_HAVE_TIME) mbedtls_ms_time_t now; mbedtls_ms_time_t server_age; - mbedtls_ms_time_t client_age; + uint32_t client_age; mbedtls_ms_time_t age_diff; #endif @@ -195,8 +195,8 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( if (now < session->ticket_creation_time) { MBEDTLS_SSL_DEBUG_MSG( - 3, ("Invalid ticket start time ( now = %" MBEDTLS_PRINTF_MS_TIME - ", start = %" MBEDTLS_PRINTF_MS_TIME " )", + 3, ("Invalid ticket creation time ( now = %" MBEDTLS_PRINTF_MS_TIME + ", creation_time = %" MBEDTLS_PRINTF_MS_TIME " )", now, session->ticket_creation_time)); goto exit; } @@ -233,7 +233,7 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( * sync up their system time every 6000/360/2~=8 hours. */ client_age = obfuscated_ticket_age - session->ticket_age_add; - age_diff = server_age - client_age; + age_diff = server_age - (mbedtls_ms_time_t)client_age; if (age_diff < -MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE || age_diff > MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE) { MBEDTLS_SSL_DEBUG_MSG( diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index f85bc1af8..c96128b94 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1430,14 +1430,14 @@ int dummy_ticket_parse(void *p_ticket, mbedtls_ssl_session *session, (7 * 24 * 3600 * 1000 + 1000); break; case 5: - /* Ticket is valid, but client age is below the upper bound of tolerance window. */ + /* Ticket is valid, but client age is below the lower bound of the tolerance window. */ session->ticket_age_add += MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + 4 * 1000; /* Make sure the execution time does not affect the result */ session->ticket_creation_time = mbedtls_ms_time(); break; case 6: - /* Ticket is valid, but client age is beyond the lower bound of tolerance window. */ + /* Ticket is valid, but client age is beyond the upper bound of the tolerance window. */ session->ticket_age_add -= MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE + 4 * 1000; /* Make sure the execution time does not affect the result */ session->ticket_creation_time = mbedtls_ms_time(); diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index fc9b75ce4..444c32a37 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2189,7 +2189,6 @@ void ssl_serialize_session_save_buf_size(int ticket_len, char *crt_file, /* Prepare dummy session and get serialized size */ ((void) endpoint_type); - ((void) tls_version); ((void) ticket_len); ((void) crt_file); @@ -2250,7 +2249,6 @@ void ssl_serialize_session_load_buf_size(int ticket_len, char *crt_file, /* Prepare serialized session data */ ((void) endpoint_type); - ((void) tls_version); ((void) ticket_len); ((void) crt_file); @@ -2323,7 +2321,6 @@ void ssl_session_serialize_version_check(int corrupt_major, mbedtls_ssl_session_init(&session); USE_PSA_INIT(); ((void) endpoint_type); - ((void) tls_version); switch (tls_version) { #if defined(MBEDTLS_SSL_PROTO_TLS1_3) From 60e997205d618d10b77a820b3aed6cb4e1e27626 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 20 Nov 2023 09:55:24 +0800 Subject: [PATCH 0743/1674] replace check string The output has been changed Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 2 +- tests/opt-testcases/tls13-misc.sh | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index d8ce37508..d983a0039 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -233,7 +233,7 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( * sync up their system time every 6000/360/2~=8 hours. */ client_age = obfuscated_ticket_age - session->ticket_age_add; - age_diff = server_age - (mbedtls_ms_time_t)client_age; + age_diff = server_age - (mbedtls_ms_time_t) client_age; if (age_diff < -MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE || age_diff > MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE) { MBEDTLS_SSL_DEBUG_MSG( diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index 3816a2b45..920838449 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -86,7 +86,7 @@ run_test "TLS 1.3 m->m: Session resumption failure, ticket authentication failed -S "key exchange mode: psk$" \ -s "ticket is not authentic" \ -S "ticket is expired" \ - -S "Invalid ticket start time" \ + -S "Invalid ticket creation time" \ -S "Ticket age exceeds limitation" \ -S "Ticket age outside tolerance window" @@ -105,7 +105,7 @@ run_test "TLS 1.3 m->m: Session resumption failure, ticket expired." \ -S "key exchange mode: psk$" \ -S "ticket is not authentic" \ -s "ticket is expired" \ - -S "Invalid ticket start time" \ + -S "Invalid ticket creation time" \ -S "Ticket age exceeds limitation" \ -S "Ticket age outside tolerance window" @@ -124,7 +124,7 @@ run_test "TLS 1.3 m->m: Session resumption failure, invalid start time." \ -S "key exchange mode: psk$" \ -S "ticket is not authentic" \ -S "ticket is expired" \ - -s "Invalid ticket start time" \ + -s "Invalid ticket creation time" \ -S "Ticket age exceeds limitation" \ -S "Ticket age outside tolerance window" @@ -143,7 +143,7 @@ run_test "TLS 1.3 m->m: Session resumption failure, ticket expired. too old" \ -S "key exchange mode: psk$" \ -S "ticket is not authentic" \ -S "ticket is expired" \ - -S "Invalid ticket start time" \ + -S "Invalid ticket creation time" \ -s "Ticket age exceeds limitation" \ -S "Ticket age outside tolerance window" @@ -162,7 +162,7 @@ run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window -S "key exchange mode: psk$" \ -S "ticket is not authentic" \ -S "ticket is expired" \ - -S "Invalid ticket start time" \ + -S "Invalid ticket creation time" \ -S "Ticket age exceeds limitation" \ -s "Ticket age outside tolerance window" @@ -181,7 +181,7 @@ run_test "TLS 1.3 m->m: Session resumption failure, age outside tolerance window -S "key exchange mode: psk$" \ -S "ticket is not authentic" \ -S "ticket is expired" \ - -S "Invalid ticket start time" \ + -S "Invalid ticket creation time" \ -S "Ticket age exceeds limitation" \ -s "Ticket age outside tolerance window" From aa5dc24df9206132118ab6d5868382069b8a9149 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 20 Nov 2023 18:07:54 +0800 Subject: [PATCH 0744/1674] Change if to switch case Signed-off-by: Jerry Yu --- tests/suites/test_suite_ssl.function | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 444c32a37..85776cca3 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2120,23 +2120,28 @@ void ssl_serialize_session_load_save(int ticket_len, char *crt_file, /* Prepare a dummy session to work on */ ((void) endpoint_type); - ((void) tls_version); ((void) ticket_len); ((void) crt_file); + + switch (tls_version) { #if defined(MBEDTLS_SSL_PROTO_TLS1_3) - if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( - &session, 0, endpoint_type) == 0); - } + case MBEDTLS_SSL_VERSION_TLS1_3: + TEST_ASSERT(mbedtls_test_ssl_tls13_populate_session( + &session, 0, endpoint_type) == 0); + break; #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if (tls_version == MBEDTLS_SSL_VERSION_TLS1_2) { - - TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( - &session, ticket_len, crt_file) == 0); - } + case MBEDTLS_SSL_VERSION_TLS1_2: + TEST_ASSERT(mbedtls_test_ssl_tls12_populate_session( + &session, ticket_len, crt_file) == 0); + break; #endif + default: + /* should never happen */ + TEST_ASSERT(0); + break; + } /* Get desired buffer size for serializing */ TEST_ASSERT(mbedtls_ssl_session_save(&session, NULL, 0, &len0) From 9f176a27664732e6476c2f461f323225b4bab6f0 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Tue, 21 Nov 2023 11:49:57 +0000 Subject: [PATCH 0745/1674] Fix status assignments when loading persistent keys Signed-off-by: Ryan Everett --- library/psa_crypto_slot_management.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 38e327385..5ecc3a76c 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -237,12 +237,16 @@ static psa_status_t psa_load_persistent_key_into_slot(psa_key_slot_t *slot) data = (psa_se_key_data_storage_t *) key_data; status = psa_copy_key_material_into_slot( slot, data->slot_number, sizeof(data->slot_number)); + + if (status == PSA_SUCCESS) { + slot->status = PSA_SLOT_OCCUPIED; + } goto exit; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ status = psa_copy_key_material_into_slot(slot, key_data, key_data_length); - if (status != PSA_SUCCESS){ + if (status != PSA_SUCCESS) { goto exit; } From 7a715c4537775c780222d0545d3af9049d948f13 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 21 Nov 2023 13:42:40 +0100 Subject: [PATCH 0746/1674] Fix the build with gcc-12 -Wuse-after-free Signed-off-by: Gilles Peskine --- programs/test/metatest.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/programs/test/metatest.c b/programs/test/metatest.c index 2973cce3f..b8dffa9bb 100644 --- a/programs/test/metatest.c +++ b/programs/test/metatest.c @@ -46,6 +46,12 @@ */ volatile int false_but_the_compiler_does_not_know = 0; +/* Hide calls to calloc/free from static checkers such as + * `gcc-12 -Wuse-after-free`, to avoid compile-time complaints about + * code where we do mean to cause a runtime error. */ +void * (* volatile calloc_but_the_compiler_does_not_know)(size_t, size_t) = mbedtls_calloc; +void(*volatile free_but_the_compiler_does_not_know)(void *) = mbedtls_free; + /* Set n bytes at the address p to all-bits-zero, in such a way that * the compiler should not know that p is all-bits-zero. */ static void set_to_zero_but_the_compiler_does_not_know(volatile void *p, size_t n) @@ -98,9 +104,9 @@ void null_pointer_call(const char *name) void read_after_free(const char *name) { (void) name; - volatile char *p = mbedtls_calloc(1, 1); + volatile char *p = calloc_but_the_compiler_does_not_know(1, 1); *p = 'a'; - mbedtls_free((void *) p); + free_but_the_compiler_does_not_know((void *) p); /* Undefined behavior (read after free) */ mbedtls_printf("%u\n", (unsigned) *p); } @@ -108,11 +114,11 @@ void read_after_free(const char *name) void double_free(const char *name) { (void) name; - volatile char *p = mbedtls_calloc(1, 1); + volatile char *p = calloc_but_the_compiler_does_not_know(1, 1); *p = 'a'; - mbedtls_free((void *) p); + free_but_the_compiler_does_not_know((void *) p); /* Undefined behavior (double free) */ - mbedtls_free((void *) p); + free_but_the_compiler_does_not_know((void *) p); } void read_uninitialized_stack(const char *name) @@ -132,7 +138,7 @@ void read_uninitialized_stack(const char *name) void memory_leak(const char *name) { (void) name; - volatile char *p = mbedtls_calloc(1, 1); + volatile char *p = calloc_but_the_compiler_does_not_know(1, 1); mbedtls_printf("%u\n", (unsigned) *p); /* Leak of a heap object */ } From ddffa10264e3ce16378924fec700b01bce145ba9 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Tue, 21 Nov 2023 17:03:29 +0100 Subject: [PATCH 0747/1674] Initial changelog support for changelog assembling Add an initial changelog if no entries found un the changelog. Signed-off-by: Gabor Mezei --- scripts/assemble_changelog.py | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) mode change 100755 => 100644 scripts/assemble_changelog.py diff --git a/scripts/assemble_changelog.py b/scripts/assemble_changelog.py old mode 100755 new mode 100644 index d5f705c1c..afff200ee --- a/scripts/assemble_changelog.py +++ b/scripts/assemble_changelog.py @@ -127,10 +127,17 @@ class TextChangelogFormat(ChangelogFormat): def extract_top_version(cls, changelog_file_content): """A version section starts with a line starting with '='.""" m = re.search(cls._top_version_re, changelog_file_content) - top_version_start = m.start(1) - top_version_end = m.end(2) - top_version_title = m.group(1) - top_version_body = m.group(2) + if m: + top_version_start = m.start(1) + top_version_end = m.end(2) + top_version_title = m.group(1) + top_version_body = m.group(2) + # No entries found + else: + top_version_start = None + top_version_end = None + top_version_title = '' + top_version_body = '' if cls.is_released_version(top_version_title): top_version_end = top_version_start top_version_title = cls._unreleased_version_text + '\n\n' @@ -244,7 +251,11 @@ class ChangeLog: self.categories = OrderedDict() for category in STANDARD_CATEGORIES: self.categories[category] = '' - offset = (self.header + self.top_version_title).count('\n') + 1 + if self.header: + offset = (self.header + self.top_version_title).count('\n') + 1 + else: + offset = 0 + self.add_categories_from_text(input_stream.name, offset, top_version_body, True) @@ -258,8 +269,10 @@ class ChangeLog: """Write the changelog to the specified file. """ with open(filename, 'w', encoding='utf-8') as out: - out.write(self.header) - out.write(self.top_version_title) + if self.header: + out.write(self.header) + if self.top_version_title: + out.write(self.top_version_title) for title, body in self.categories.items(): if not body: continue From 8933c04e44b35afb2fa7ecf75c9791e1892b8981 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Tue, 21 Nov 2023 17:05:43 +0100 Subject: [PATCH 0748/1674] Enable to specify the name of the project in the changelog The name read out from the previous entry. Signed-off-by: Gabor Mezei --- scripts/assemble_changelog.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) mode change 100644 => 100755 scripts/assemble_changelog.py diff --git a/scripts/assemble_changelog.py b/scripts/assemble_changelog.py old mode 100644 new mode 100755 index afff200ee..81ce68223 --- a/scripts/assemble_changelog.py +++ b/scripts/assemble_changelog.py @@ -115,7 +115,7 @@ class ChangelogFormat: class TextChangelogFormat(ChangelogFormat): """The traditional Mbed TLS changelog format.""" - _unreleased_version_text = '= Mbed TLS x.x.x branch released xxxx-xx-xx' + _unreleased_version_text = '= {} x.x.x branch released xxxx-xx-xx' @classmethod def is_released_version(cls, title): # Look for an incomplete release date @@ -123,6 +123,7 @@ class TextChangelogFormat(ChangelogFormat): _top_version_re = re.compile(r'(?:\A|\n)(=[^\n]*\n+)(.*?\n)(?:=|$)', re.DOTALL) + _name_re = re.compile(r'=\s(.*)\s[0-9x]+\.', re.DOTALL) @classmethod def extract_top_version(cls, changelog_file_content): """A version section starts with a line starting with '='.""" @@ -132,15 +133,17 @@ class TextChangelogFormat(ChangelogFormat): top_version_end = m.end(2) top_version_title = m.group(1) top_version_body = m.group(2) + name = re.match(cls._name_re, top_version_title).group(1) # No entries found else: top_version_start = None top_version_end = None + name = 'xxx' top_version_title = '' top_version_body = '' if cls.is_released_version(top_version_title): top_version_end = top_version_start - top_version_title = cls._unreleased_version_text + '\n\n' + top_version_title = cls._unreleased_version_text.format(name) + '\n\n' top_version_body = '' return (changelog_file_content[:top_version_start], top_version_title, top_version_body, From e4a6f5a7ecceb603cfdc7a2be99693f0bd0aa1eb Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 4 Nov 2023 12:20:09 +0000 Subject: [PATCH 0749/1674] Use size_t cast for pointer subtractions Signed-off-by: Dave Rodgman --- library/aesce.c | 2 +- library/base64.c | 4 ++-- library/bignum.c | 2 +- library/debug.c | 2 +- library/dhm.c | 4 ++-- library/ecdh.c | 4 ++-- library/ecjpake.c | 20 ++++++++++---------- library/lms.c | 8 ++++---- library/oid.c | 2 +- library/pem.c | 8 ++++---- library/pkcs7.c | 2 +- library/pkparse.c | 4 ++-- library/psa_crypto.c | 2 +- library/rsa.c | 6 +++--- library/ssl_client.c | 14 +++++++------- library/ssl_msg.c | 27 ++++++++++++++------------- library/ssl_ticket.c | 4 ++-- library/ssl_tls.c | 12 ++++++------ library/ssl_tls12_client.c | 10 +++++----- library/ssl_tls12_server.c | 28 ++++++++++++++-------------- library/x509_create.c | 8 ++++---- library/x509_crl.c | 4 ++-- library/x509_crt.c | 10 +++++----- library/x509_csr.c | 4 ++-- library/x509write_crt.c | 2 +- library/x509write_csr.c | 4 ++-- 26 files changed, 99 insertions(+), 98 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index f2bdce2db..1a0db163d 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -300,7 +300,7 @@ static void aesce_setkey_enc(unsigned char *rk, rki + key_len_in_words < rko_end; rki += key_len_in_words) { - size_t iteration = (rki - (uint32_t *) rk) / key_len_in_words; + size_t iteration = (size_t) (rki - (uint32_t *) rk) / key_len_in_words; uint32_t *rko; rko = rki + key_len_in_words; rko[0] = aes_rot_word(aes_sub_word(rki[key_len_in_words - 1])); diff --git a/library/base64.c b/library/base64.c index a58717d6b..9677dee5b 100644 --- a/library/base64.c +++ b/library/base64.c @@ -116,7 +116,7 @@ int mbedtls_base64_encode(unsigned char *dst, size_t dlen, size_t *olen, *p++ = '='; } - *olen = p - dst; + *olen = (size_t) (p - dst); *p = 0; return 0; @@ -225,7 +225,7 @@ int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen, } } - *olen = p - dst; + *olen = (size_t) (p - dst); return 0; } diff --git a/library/bignum.c b/library/bignum.c index 09ce0301f..1b7ff5863 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -701,7 +701,7 @@ int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix, } *p++ = '\0'; - *olen = p - buf; + *olen = (size_t) (p - buf); cleanup: diff --git a/library/debug.c b/library/debug.c index c7bbd41bd..a9d58e55b 100644 --- a/library/debug.c +++ b/library/debug.c @@ -366,7 +366,7 @@ static void debug_print_line_by_line(const mbedtls_ssl_context *ssl, int level, start = text; for (cur = text; *cur != '\0'; cur++) { if (*cur == '\n') { - size_t len = cur - start + 1; + size_t len = (size_t) (cur - start) + 1; if (len > DEBUG_BUF_SIZE - 1) { len = DEBUG_BUF_SIZE - 1; } diff --git a/library/dhm.c b/library/dhm.c index 3daf0c2d4..e423657c1 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -51,7 +51,7 @@ static int dhm_read_bignum(mbedtls_mpi *X, n = ((*p)[0] << 8) | (*p)[1]; (*p) += 2; - if ((int) (end - *p) < n) { + if ((size_t) (end - *p) < (size_t) n) { return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; } @@ -257,7 +257,7 @@ int mbedtls_dhm_make_params(mbedtls_dhm_context *ctx, int x_size, DHM_MPI_EXPORT(&ctx->G, n2); DHM_MPI_EXPORT(&ctx->GX, n3); - *olen = p - output; + *olen = (size_t) (p - output); cleanup: if (ret != 0 && ret > -128) { diff --git a/library/ecdh.c b/library/ecdh.c index e060b1883..52b161706 100644 --- a/library/ecdh.c +++ b/library/ecdh.c @@ -363,7 +363,7 @@ static int ecdh_read_params_internal(mbedtls_ecdh_context_mbed *ctx, const unsigned char *end) { return mbedtls_ecp_tls_read_point(&ctx->grp, &ctx->Qp, buf, - end - *buf); + (size_t) (end - *buf)); } /* @@ -379,7 +379,7 @@ int mbedtls_ecdh_read_params(mbedtls_ecdh_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_ecp_group_id grp_id; - if ((ret = mbedtls_ecp_tls_read_group_id(&grp_id, buf, end - *buf)) + if ((ret = mbedtls_ecp_tls_read_group_id(&grp_id, buf, (size_t) (end - *buf))) != 0) { return ret; } diff --git a/library/ecjpake.c b/library/ecjpake.c index fb13a395b..cdf5d7ea4 100644 --- a/library/ecjpake.c +++ b/library/ecjpake.c @@ -168,7 +168,7 @@ static int ecjpake_write_len_point(unsigned char **p, } ret = mbedtls_ecp_point_write_binary(grp, P, pf, - &len, *p + 4, end - (*p + 4)); + &len, *p + 4, (size_t) (end - (*p + 4))); if (ret != 0) { return ret; } @@ -226,7 +226,7 @@ static int ecjpake_hash(const mbedtls_md_type_t md_type, /* Compute hash */ MBEDTLS_MPI_CHK(mbedtls_ecjpake_compute_hash(md_type, - buf, p - buf, hash)); + buf, (size_t) (p - buf), hash)); /* Turn it into an integer mod n */ MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(h, hash, @@ -269,7 +269,7 @@ static int ecjpake_zkp_read(const mbedtls_md_type_t md_type, return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } - MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, &V, p, end - *p)); + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, &V, p, (size_t) (end - *p))); if (end < *p || (size_t) (end - *p) < 1) { ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA; @@ -346,7 +346,7 @@ static int ecjpake_zkp_write(const mbedtls_md_type_t md_type, /* Write it out */ MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(grp, &V, - pf, &len, *p, end - *p)); + pf, &len, *p, (size_t) (end - *p))); *p += len; len = mbedtls_mpi_size(&h); /* actually r */ @@ -392,7 +392,7 @@ static int ecjpake_kkp_read(const mbedtls_md_type_t md_type, * ECSchnorrZKP zkp; * } ECJPAKEKeyKP; */ - MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, X, p, end - *p)); + MBEDTLS_MPI_CHK(mbedtls_ecp_tls_read_point(grp, X, p, (size_t) (end - *p))); if (mbedtls_ecp_is_zero(X)) { ret = MBEDTLS_ERR_ECP_INVALID_KEY; goto cleanup; @@ -431,7 +431,7 @@ static int ecjpake_kkp_write(const mbedtls_md_type_t md_type, MBEDTLS_MPI_CHK(mbedtls_ecp_gen_keypair_base((mbedtls_ecp_group *) grp, G, x, X, f_rng, p_rng)); MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(grp, X, - pf, &len, *p, end - *p)); + pf, &len, *p, (size_t) (end - *p))); *p += len; /* Generate and write proof */ @@ -504,7 +504,7 @@ static int ecjpake_kkpp_write(const mbedtls_md_type_t md_type, MBEDTLS_MPI_CHK(ecjpake_kkp_write(md_type, grp, pf, G, xm2, Xb, id, &p, end, f_rng, p_rng)); - *olen = p - buf; + *olen = (size_t) (p - buf); cleanup: return ret; @@ -693,7 +693,7 @@ int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx, goto cleanup; } MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_group(&ctx->grp, &ec_len, - p, end - p)); + p, (size_t) (end - p))); p += ec_len; } @@ -702,7 +702,7 @@ int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx, goto cleanup; } MBEDTLS_MPI_CHK(mbedtls_ecp_tls_write_point(&ctx->grp, &Xm, - ctx->point_format, &ec_len, p, end - p)); + ctx->point_format, &ec_len, p, (size_t) (end - p))); p += ec_len; MBEDTLS_MPI_CHK(ecjpake_zkp_write(ctx->md_type, &ctx->grp, @@ -710,7 +710,7 @@ int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx, &G, &xm, &Xm, ID_MINE, &p, end, f_rng, p_rng)); - *olen = p - buf; + *olen = (size_t) (p - buf); cleanup: mbedtls_ecp_point_free(&G); diff --git a/library/lms.c b/library/lms.c index 0c470a0c3..00525bb74 100644 --- a/library/lms.c +++ b/library/lms.c @@ -505,7 +505,7 @@ static int get_merkle_path(mbedtls_lms_private_t *ctx, unsigned int height; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - tree = mbedtls_calloc(MERKLE_TREE_NODE_AM(ctx->params.type), + tree = mbedtls_calloc((size_t) MERKLE_TREE_NODE_AM(ctx->params.type), node_bytes); if (tree == NULL) { return MBEDTLS_ERR_LMS_ALLOC_FAILED; @@ -530,7 +530,7 @@ static int get_merkle_path(mbedtls_lms_private_t *ctx, exit: mbedtls_zeroize_and_free(tree, node_bytes * - MERKLE_TREE_NODE_AM(ctx->params.type)); + (size_t) MERKLE_TREE_NODE_AM(ctx->params.type)); return ret; } @@ -669,7 +669,7 @@ int mbedtls_lms_calculate_public_key(mbedtls_lms_public_t *ctx, return MBEDTLS_ERR_LMS_BAD_INPUT_DATA; } - tree = mbedtls_calloc(MERKLE_TREE_NODE_AM(priv_ctx->params.type), + tree = mbedtls_calloc((size_t) MERKLE_TREE_NODE_AM(priv_ctx->params.type), node_bytes); if (tree == NULL) { return MBEDTLS_ERR_LMS_ALLOC_FAILED; @@ -692,7 +692,7 @@ int mbedtls_lms_calculate_public_key(mbedtls_lms_public_t *ctx, exit: mbedtls_zeroize_and_free(tree, node_bytes * - MERKLE_TREE_NODE_AM(priv_ctx->params.type)); + (size_t) MERKLE_TREE_NODE_AM(priv_ctx->params.type)); return ret; } diff --git a/library/oid.c b/library/oid.c index 6184abe40..d8339c138 100644 --- a/library/oid.c +++ b/library/oid.c @@ -1129,7 +1129,7 @@ int mbedtls_oid_from_numeric_string(mbedtls_asn1_buf *oid, } } - encoded_len = out_ptr - oid->p; + encoded_len = (size_t) (out_ptr - oid->p); resized_mem = mbedtls_calloc(encoded_len, 1); if (resized_mem == NULL) { ret = MBEDTLS_ERR_ASN1_ALLOC_FAILED; diff --git a/library/pem.c b/library/pem.c index 9500ffcf7..539134c29 100644 --- a/library/pem.c +++ b/library/pem.c @@ -298,7 +298,7 @@ int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const if (*end == '\n') { end++; } - *use_len = end - data; + *use_len = (size_t) (end - data); enc = 0; @@ -383,7 +383,7 @@ int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const return MBEDTLS_ERR_PEM_INVALID_DATA; } - ret = mbedtls_base64_decode(NULL, 0, &len, s1, s2 - s1); + ret = mbedtls_base64_decode(NULL, 0, &len, s1, (size_t) (s2 - s1)); if (ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PEM_INVALID_DATA, ret); @@ -393,7 +393,7 @@ int mbedtls_pem_read_buffer(mbedtls_pem_context *ctx, const char *header, const return MBEDTLS_ERR_PEM_ALLOC_FAILED; } - if ((ret = mbedtls_base64_decode(buf, len, &len, s1, s2 - s1)) != 0) { + if ((ret = mbedtls_base64_decode(buf, len, &len, s1, (size_t) (s2 - s1))) != 0) { mbedtls_zeroize_and_free(buf, len); return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PEM_INVALID_DATA, ret); } @@ -508,7 +508,7 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer, p += strlen(footer); *p++ = '\0'; - *olen = p - buf; + *olen = (size_t) (p - buf); /* Clean any remaining data previously written to the buffer */ memset(buf + *olen, 0, buf_len - *olen); diff --git a/library/pkcs7.c b/library/pkcs7.c index 36b49f53b..0869c2e07 100644 --- a/library/pkcs7.c +++ b/library/pkcs7.c @@ -316,7 +316,7 @@ static int pkcs7_get_signer_info(unsigned char **p, unsigned char *end, goto out; } - signer->issuer_raw.len = *p - signer->issuer_raw.p; + signer->issuer_raw.len = (size_t) (*p - signer->issuer_raw.p); ret = mbedtls_x509_get_serial(p, end_issuer_and_sn, &signer->serial); if (ret != 0) { diff --git a/library/pkparse.c b/library/pkparse.c index 3bb5f7be2..edebf92ff 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -928,7 +928,7 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, ret = pk_use_ecparams(&alg_params, pk); } if (ret == 0) { - ret = pk_ecc_set_pubkey(pk, *p, end - *p); + ret = pk_ecc_set_pubkey(pk, *p, (size_t) (end - *p)); *p += end - *p; } } else @@ -1233,7 +1233,7 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); } - if ((ret = pk_ecc_set_pubkey(pk, p, end2 - p)) == 0) { + if ((ret = pk_ecc_set_pubkey(pk, p, (size_t) (end2 - p))) == 0) { pubkey_done = 1; } else { /* diff --git a/library/psa_crypto.c b/library/psa_crypto.c index bbd6b24ed..06840140d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -6625,7 +6625,7 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key( memcpy(cur, data, data_length); cur += data_length; - status = psa_tls12_prf_set_key(prf, pms, cur - pms); + status = psa_tls12_prf_set_key(prf, pms, (size_t) (cur - pms)); mbedtls_zeroize_and_free(pms, pms_len); return status; diff --git a/library/rsa.c b/library/rsa.c index 38c3dd6be..1bf5d13ca 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1620,12 +1620,12 @@ int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, goto cleanup; } - if (ilen - (p - buf) > output_max_len) { + if (ilen - ((size_t) (p - buf)) > output_max_len) { ret = MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE; goto cleanup; } - *olen = ilen - (p - buf); + *olen = ilen - ((size_t) (p - buf)); if (*olen != 0) { memcpy(output, p, *olen); } @@ -2191,7 +2191,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, return MBEDTLS_ERR_RSA_INVALID_PADDING; } - observed_salt_len = hash_start - p; + observed_salt_len = (size_t) (hash_start - p); if (expected_salt_len != MBEDTLS_RSA_SALT_LEN_ANY && observed_salt_len != (size_t) expected_salt_len) { diff --git a/library/ssl_client.c b/library/ssl_client.c index 0e87d8607..7284ee2d5 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -155,7 +155,7 @@ static int ssl_write_alpn_ext(mbedtls_ssl_context *ssl, p += protocol_name_len; } - *out_len = p - buf; + *out_len = (size_t) (p - buf); /* List length = *out_len - 2 (ext_type) - 2 (ext_len) - 2 (list_len) */ MBEDTLS_PUT_UINT16_BE(*out_len - 6, buf, 4); @@ -285,7 +285,7 @@ static int ssl_write_supported_groups_ext(mbedtls_ssl_context *ssl, } /* Length of named_group_list */ - named_group_list_len = p - named_group_list; + named_group_list_len = (size_t) (p - named_group_list); if (named_group_list_len == 0) { MBEDTLS_SSL_DEBUG_MSG(1, ("No group available.")); return MBEDTLS_ERR_SSL_INTERNAL_ERROR; @@ -301,7 +301,7 @@ static int ssl_write_supported_groups_ext(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_BUF(3, "Supported groups extension", buf + 4, named_group_list_len + 2); - *out_len = p - buf; + *out_len = (size_t) (p - buf); #if defined(MBEDTLS_SSL_PROTO_TLS1_3) mbedtls_ssl_tls13_set_hs_sent_ext_mask( @@ -391,14 +391,14 @@ static int ssl_write_client_hello_cipher_suites( } /* Write the cipher_suites length in number of bytes */ - cipher_suites_len = p - cipher_suites; + cipher_suites_len = (size_t) (p - cipher_suites); MBEDTLS_PUT_UINT16_BE(cipher_suites_len, buf, 0); MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, got %" MBEDTLS_PRINTF_SIZET " cipher suites", cipher_suites_len/2)); /* Output the total length of cipher_suites field. */ - *out_len = p - buf; + *out_len = (size_t) (p - buf); return 0; } @@ -679,7 +679,7 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */ /* Write the length of the list of extensions. */ - extensions_len = p - p_extensions_len - 2; + extensions_len = (size_t) (p - p_extensions_len) - 2; if (extensions_len == 0) { p = p_extensions_len; @@ -696,7 +696,7 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl, 3, MBEDTLS_SSL_HS_CLIENT_HELLO, handshake->sent_extensions); #endif - *out_len = p - buf; + *out_len = (size_t) (p - buf); return 0; } diff --git a/library/ssl_msg.c b/library/ssl_msg.c index cffd1c90f..0d7188406 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -848,7 +848,7 @@ static void ssl_extract_add_data_from_record(unsigned char *add_data, cur += 2; } - *add_data_len = cur - add_data; + *add_data_len = (size_t) (cur - add_data); } #if defined(MBEDTLS_SSL_HAVE_AEAD) @@ -1212,7 +1212,7 @@ hmac_failed_etm_disabled: iv, transform->ivlen, add_data, add_data_len, data, rec->data_len, /* src */ - data, rec->buf_len - (data - rec->buf), /* dst */ + data, rec->buf_len - (size_t) (data - rec->buf), /* dst */ &rec->data_len, transform->taglen)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_auth_encrypt_ext", ret); @@ -1635,12 +1635,13 @@ int mbedtls_ssl_decrypt_buf(mbedtls_ssl_context const *ssl, return ret; } #else - if ((ret = mbedtls_cipher_auth_decrypt_ext(&transform->cipher_ctx_dec, - iv, transform->ivlen, - add_data, add_data_len, - data, rec->data_len + transform->taglen, /* src */ - data, rec->buf_len - (data - rec->buf), &olen, /* dst */ - transform->taglen)) != 0) { + if ((ret = mbedtls_cipher_auth_decrypt_ext + (&transform->cipher_ctx_dec, + iv, transform->ivlen, + add_data, add_data_len, + data, rec->data_len + transform->taglen, /* src */ + data, rec->buf_len - (size_t) (data - rec->buf), &olen, /* dst */ + transform->taglen)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_cipher_auth_decrypt_ext", ret); if (ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED) { @@ -2228,7 +2229,7 @@ int mbedtls_ssl_fetch_input(mbedtls_ssl_context *ssl, size_t nb_want) MBEDTLS_SSL_DEBUG_MSG(2, ("timer has expired")); ret = MBEDTLS_ERR_SSL_TIMEOUT; } else { - len = in_buf_len - (ssl->in_hdr - ssl->in_buf); + len = in_buf_len - (size_t) (ssl->in_hdr - ssl->in_buf); if (mbedtls_ssl_is_handshake_over(ssl) == 0) { timeout = ssl->handshake->retransmit_timeout; @@ -2592,7 +2593,7 @@ int mbedtls_ssl_flight_transmit(mbedtls_ssl_context *ssl) } else { const unsigned char * const p = ssl->handshake->cur_msg_p; const size_t hs_len = cur->len - 12; - const size_t frag_off = p - (cur->p + 12); + const size_t frag_off = (size_t) (p - (cur->p + 12)); const size_t rem_len = hs_len - frag_off; size_t cur_hs_frag_len, max_hs_frag_len; @@ -2969,9 +2970,9 @@ int mbedtls_ssl_write_record(mbedtls_ssl_context *ssl, int force_flush) mbedtls_record rec; rec.buf = ssl->out_iv; - rec.buf_len = out_buf_len - (ssl->out_iv - ssl->out_buf); + rec.buf_len = out_buf_len - (size_t) (ssl->out_iv - ssl->out_buf); rec.data_len = ssl->out_msglen; - rec.data_offset = ssl->out_msg - rec.buf; + rec.data_offset = (size_t) (ssl->out_msg - rec.buf); memcpy(&rec.ctr[0], ssl->out_ctr, sizeof(rec.ctr)); mbedtls_ssl_write_version(rec.ver, ssl->conf->transport, tls_ver); @@ -3594,7 +3595,7 @@ int mbedtls_ssl_check_dtls_clihlo_cookie( return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - *olen = p - obuf; + *olen = (size_t) (p - obuf); /* Go back and fill length fields */ obuf[27] = (unsigned char) (*olen - 28); diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 61c87bed9..0908982ed 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -341,7 +341,7 @@ int mbedtls_ssl_ticket_write(void *p_ticket, /* Dump session state */ if ((ret = mbedtls_ssl_session_save(session, - state, end - state, + state, (size_t) (end - state), &clear_len)) != 0 || (unsigned long) clear_len > 65535) { goto cleanup; @@ -364,7 +364,7 @@ int mbedtls_ssl_ticket_write(void *p_ticket, /* Additional data: key name, IV and length */ key_name, TICKET_ADD_DATA_LEN, state, clear_len, - state, end - state, &ciph_len, + state, (size_t) (end - state), &ciph_len, TICKET_AUTH_TAG_BYTES)) != 0) { goto cleanup; } diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 944caa09c..50f3a6161 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3755,7 +3755,7 @@ static int ssl_session_load(mbedtls_ssl_session *session, session->tls_version = (mbedtls_ssl_protocol_version) (0x0300 | *p++); /* Dispatch according to TLS version. */ - remaining_len = (end - p); + remaining_len = (size_t) (end - p); switch (session->tls_version) { #if defined(MBEDTLS_SSL_PROTO_TLS1_2) case MBEDTLS_SSL_VERSION_TLS1_2: @@ -6795,7 +6795,7 @@ int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_excha /* Write length only when we know the actual value */ if ((ret = mbedtls_dhm_calc_secret(&ssl->handshake->dhm_ctx, - p + 2, end - (p + 2), &len, + p + 2, (size_t) (end - (p + 2)), &len, ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_dhm_calc_secret", ret); return ret; @@ -6812,7 +6812,7 @@ int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_excha size_t zlen; if ((ret = mbedtls_ecdh_calc_secret(&ssl->handshake->ecdh_ctx, &zlen, - p + 2, end - (p + 2), + p + 2, (size_t) (end - (p + 2)), ssl->conf->f_rng, ssl->conf->p_rng)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_calc_secret", ret); return ret; @@ -6845,7 +6845,7 @@ int mbedtls_ssl_psk_derive_premaster(mbedtls_ssl_context *ssl, mbedtls_key_excha memcpy(p, psk, psk_len); p += psk_len; - ssl->handshake->pmslen = p - ssl->handshake->premaster; + ssl->handshake->pmslen = (size_t) (p - ssl->handshake->premaster); return 0; } @@ -9328,7 +9328,7 @@ int mbedtls_ssl_write_sig_alg_ext(mbedtls_ssl_context *ssl, unsigned char *buf, } /* Length of supported_signature_algorithms */ - supported_sig_alg_len = p - supported_sig_alg; + supported_sig_alg_len = (size_t) (p - supported_sig_alg); if (supported_sig_alg_len == 0) { MBEDTLS_SSL_DEBUG_MSG(1, ("No signature algorithms defined.")); return MBEDTLS_ERR_SSL_INTERNAL_ERROR; @@ -9338,7 +9338,7 @@ int mbedtls_ssl_write_sig_alg_ext(mbedtls_ssl_context *ssl, unsigned char *buf, MBEDTLS_PUT_UINT16_BE(supported_sig_alg_len + 2, buf, 2); MBEDTLS_PUT_UINT16_BE(supported_sig_alg_len, buf, 4); - *out_len = p - buf; + *out_len = (size_t) (p - buf); #if defined(MBEDTLS_SSL_PROTO_TLS1_3) mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_SIG_ALG); diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 9aa46bd15..78297e89e 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -607,7 +607,7 @@ int mbedtls_ssl_tls12_write_client_hello_exts(mbedtls_ssl_context *ssl, p += ext_len; #endif - *out_len = p - buf; + *out_len = (size_t) (p - buf); return 0; } @@ -2174,7 +2174,7 @@ start_processing: #endif p = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); end = ssl->in_msg + ssl->in_hslen; - MBEDTLS_SSL_DEBUG_BUF(3, "server key exchange", p, end - p); + MBEDTLS_SSL_DEBUG_BUF(3, "server key exchange", p, (size_t) (end - p)); #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || @@ -2299,7 +2299,7 @@ start_processing: mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE; unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); - size_t params_len = p - params; + size_t params_len = (size_t) (p - params); void *rs_ctx = NULL; uint16_t sig_alg; @@ -3252,9 +3252,9 @@ static int ssl_write_certificate_verify(mbedtls_ssl_context *ssl) size_t hashlen; void *rs_ctx = NULL; #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - size_t out_buf_len = ssl->out_buf_len - (ssl->out_msg - ssl->out_buf); + size_t out_buf_len = ssl->out_buf_len - (size_t) (ssl->out_msg - ssl->out_buf); #else - size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - (ssl->out_msg - ssl->out_buf); + size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - (size_t) (ssl->out_msg - ssl->out_buf); #endif MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate verify")); diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index b007e5c66..c2e08146b 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -1858,7 +1858,7 @@ static void ssl_write_renegotiation_ext(mbedtls_ssl_context *ssl, *p++ = 0x00; } - *olen = p - buf; + *olen = (size_t) (p - buf); } #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) @@ -1950,7 +1950,7 @@ static void ssl_write_ecjpake_kkpp_ext(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_USE_PSA_CRYPTO) ret = mbedtls_psa_ecjpake_write_round(&ssl->handshake->psa_pake_ctx, - p + 2, end - p - 2, &kkpp_len, + p + 2, (size_t) (end - p - 2), &kkpp_len, MBEDTLS_ECJPAKE_ROUND_ONE); if (ret != 0) { psa_destroy_key(ssl->handshake->psa_pake_password); @@ -1960,7 +1960,7 @@ static void ssl_write_ecjpake_kkpp_ext(mbedtls_ssl_context *ssl, } #else ret = mbedtls_ecjpake_write_round_one(&ssl->handshake->ecjpake_ctx, - p + 2, end - p - 2, &kkpp_len, + p + 2, (size_t) (end - p - 2), &kkpp_len, ssl->conf->f_rng, ssl->conf->p_rng); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_write_round_one", ret); @@ -2081,7 +2081,7 @@ static int ssl_write_hello_verify_request(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_BUF(3, "cookie sent", cookie_len_byte + 1, *cookie_len_byte); - ssl->out_msglen = p - ssl->out_msg; + ssl->out_msglen = (size_t) (p - ssl->out_msg); ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_HELLO_VERIFY_REQUEST; @@ -2386,7 +2386,7 @@ static int ssl_write_server_hello(mbedtls_ssl_context *ssl) p += 2 + ext_len; } - ssl->out_msglen = p - buf; + ssl->out_msglen = (size_t) (p - buf); ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_SERVER_HELLO; @@ -2570,12 +2570,12 @@ static int ssl_write_certificate_request(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_BUF(3, "requested DN", p - dn_size, dn_size); - total_dn_size += 2 + dn_size; + total_dn_size += (unsigned short) (2 + dn_size); crt = crt->next; } } - ssl->out_msglen = p - buf; + ssl->out_msglen = (size_t) (p - buf); ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = MBEDTLS_SSL_HS_CERTIFICATE_REQUEST; MBEDTLS_PUT_UINT16_BE(total_dn_size, ssl->out_msg, 4 + ct_len + sa_len); @@ -2779,9 +2779,9 @@ static int ssl_prepare_server_key_exchange(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - size_t out_buf_len = ssl->out_buf_len - (ssl->out_msg - ssl->out_buf); + size_t out_buf_len = ssl->out_buf_len - (size_t) (ssl->out_msg - ssl->out_buf); #else - size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - (ssl->out_msg - ssl->out_buf); + size_t out_buf_len = MBEDTLS_SSL_OUT_BUFFER_LEN - (size_t) (ssl->out_msg - ssl->out_buf); #endif #endif @@ -3086,7 +3086,7 @@ curve_matching_done: return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } - size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed; + size_t dig_signed_len = (size_t) (ssl->out_msg + ssl->out_msglen - dig_signed); size_t hashlen = 0; unsigned char hash[MBEDTLS_MD_MAX_SIZE]; @@ -3763,7 +3763,7 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl) handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; #else if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx, - p, end - p)) != 0) { + p, (size_t) (end - p))) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_read_public", ret); return MBEDTLS_ERR_SSL_DECODE_ERROR; } @@ -3976,7 +3976,7 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl) } if ((ret = mbedtls_ecdh_read_public(&ssl->handshake->ecdh_ctx, - p, end - p)) != 0) { + p, (size_t) (end - p))) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecdh_read_public", ret); return MBEDTLS_ERR_SSL_DECODE_ERROR; } @@ -4005,7 +4005,7 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl) if (ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) { #if defined(MBEDTLS_USE_PSA_CRYPTO) if ((ret = mbedtls_psa_ecjpake_read_round( - &ssl->handshake->psa_pake_ctx, p, end - p, + &ssl->handshake->psa_pake_ctx, p, (size_t) (end - p), MBEDTLS_ECJPAKE_ROUND_TWO)) != 0) { psa_destroy_key(ssl->handshake->psa_pake_password); psa_pake_abort(&ssl->handshake->psa_pake_ctx); @@ -4015,7 +4015,7 @@ static int ssl_parse_client_key_exchange(mbedtls_ssl_context *ssl) } #else ret = mbedtls_ecjpake_read_round_two(&ssl->handshake->ecjpake_ctx, - p, end - p); + p, (size_t) (end - p)); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ecjpake_read_round_two", ret); return MBEDTLS_ERR_SSL_INTERNAL_ERROR; diff --git a/library/x509_create.c b/library/x509_create.c index 424cce1d9..8f31c3bea 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -169,7 +169,7 @@ static int parse_attribute_value_string(const char *s, return MBEDTLS_ERR_X509_INVALID_NAME; } } - *data_len = d - data; + *data_len = (size_t) (d - data); return 0; } @@ -297,8 +297,8 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam while (c <= end) { if (in_attr_type && *c == '=') { - if ((attr_descr = x509_attr_descr_from_name(s, c - s)) == NULL) { - if ((mbedtls_oid_from_numeric_string(&oid, s, c - s)) != 0) { + if ((attr_descr = x509_attr_descr_from_name(s, (size_t) (c - s))) == NULL) { + if ((mbedtls_oid_from_numeric_string(&oid, s, (size_t) (c - s))) != 0) { return MBEDTLS_ERR_X509_INVALID_NAME; } else { numericoid = 1; @@ -322,7 +322,7 @@ int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *nam /* We know that c >= s (loop invariant) and c != s (in this * else branch), hence c - s - 1 >= 0. */ parse_ret = parse_attribute_value_hex_der_encoded( - s + 1, c - s - 1, + s + 1, (size_t) (c - s) - 1, data, sizeof(data), &data_len, &tag); if (parse_ret != 0) { mbedtls_free(oid.p); diff --git a/library/x509_crl.c b/library/x509_crl.c index cad784eeb..fdbad238a 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -367,7 +367,7 @@ int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain, } end = p + len; - crl->tbs.len = end - crl->tbs.p; + crl->tbs.len = (size_t) (end - crl->tbs.p); /* * Version ::= INTEGER OPTIONAL { v1(0), v2(1) } @@ -411,7 +411,7 @@ int mbedtls_x509_crl_parse_der(mbedtls_x509_crl *chain, return ret; } - crl->issuer_raw.len = p - crl->issuer_raw.p; + crl->issuer_raw.len = (size_t) (p - crl->issuer_raw.p); /* * thisUpdate Time diff --git a/library/x509_crt.c b/library/x509_crt.c index f41eb47d7..1fe4448e4 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1108,7 +1108,7 @@ static int x509_crt_parse_der_core(mbedtls_x509_crt *crt, } end = crt_end = p + len; - crt->raw.len = crt_end - buf; + crt->raw.len = (size_t) (crt_end - buf); if (make_copy != 0) { /* Create and populate a new buffer for the raw field. */ crt->raw.p = p = mbedtls_calloc(1, crt->raw.len); @@ -1138,7 +1138,7 @@ static int x509_crt_parse_der_core(mbedtls_x509_crt *crt, } end = p + len; - crt->tbs.len = end - crt->tbs.p; + crt->tbs.len = (size_t) (end - crt->tbs.p); /* * Version ::= INTEGER { v1(0), v2(1), v3(2) } @@ -1185,7 +1185,7 @@ static int x509_crt_parse_der_core(mbedtls_x509_crt *crt, return ret; } - crt->issuer_raw.len = p - crt->issuer_raw.p; + crt->issuer_raw.len = (size_t) (p - crt->issuer_raw.p); /* * Validity ::= SEQUENCE { @@ -1215,7 +1215,7 @@ static int x509_crt_parse_der_core(mbedtls_x509_crt *crt, return ret; } - crt->subject_raw.len = p - crt->subject_raw.p; + crt->subject_raw.len = (size_t) (p - crt->subject_raw.p); /* * SubjectPublicKeyInfo @@ -1225,7 +1225,7 @@ static int x509_crt_parse_der_core(mbedtls_x509_crt *crt, mbedtls_x509_crt_free(crt); return ret; } - crt->pk_raw.len = p - crt->pk_raw.p; + crt->pk_raw.len = (size_t) (p - crt->pk_raw.p); /* * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, diff --git a/library/x509_csr.c b/library/x509_csr.c index a293ec017..79b158964 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -328,7 +328,7 @@ static int mbedtls_x509_csr_parse_der_internal(mbedtls_x509_csr *csr, } end = p + len; - csr->cri.len = end - csr->cri.p; + csr->cri.len = (size_t) (end - csr->cri.p); /* * Version ::= INTEGER { v1(0) } @@ -361,7 +361,7 @@ static int mbedtls_x509_csr_parse_der_internal(mbedtls_x509_csr *csr, return ret; } - csr->subject_raw.len = p - csr->subject_raw.p; + csr->subject_raw.len = (size_t) (p - csr->subject_raw.p); /* * subjectPKInfo SubjectPublicKeyInfo diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 4c019eee4..44b6b1781 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -481,7 +481,7 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, */ MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_pk_write_pubkey_der(ctx->subject_key, - buf, c - buf)); + buf, (size_t) (c - buf))); c -= pub_len; len += pub_len; diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 4e397553a..254da69a9 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -185,7 +185,7 @@ static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC)); MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_pk_write_pubkey_der(ctx->key, - buf, c - buf)); + buf, (size_t) (c - buf))); c -= pub_len; len += pub_len; @@ -276,7 +276,7 @@ static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); /* Zero the unused bytes at the start of buf */ - memset(buf, 0, c2 - buf); + memset(buf, 0, (size_t) (c2 - buf)); return (int) len; } From b2e8419b50144676328843482927b3c12bf36f23 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 23:32:39 +0000 Subject: [PATCH 0750/1674] Fix types in entropy_poll.c Signed-off-by: Dave Rodgman --- library/entropy_poll.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/entropy_poll.c b/library/entropy_poll.c index e8c669f9c..de2e0387a 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -88,7 +88,7 @@ static int getrandom_wrapper(void *buf, size_t buflen, unsigned int flags) memset(buf, 0, buflen); #endif #endif - return syscall(SYS_getrandom, buf, buflen, flags); + return (int) syscall(SYS_getrandom, buf, buflen, flags); } #endif /* SYS_getrandom */ #endif /* __linux__ || __midipix__ */ @@ -102,7 +102,7 @@ static int getrandom_wrapper(void *buf, size_t buflen, unsigned int flags) #define HAVE_GETRANDOM static int getrandom_wrapper(void *buf, size_t buflen, unsigned int flags) { - return getrandom(buf, buflen, flags); + return (int) getrandom(buf, buflen, flags); } #endif /* (__FreeBSD__ && __FreeBSD_version >= 1200000) || (__DragonFly__ && __DragonFly_version >= 500700) */ @@ -156,7 +156,7 @@ int mbedtls_platform_entropy_poll(void *data, #if defined(HAVE_GETRANDOM) ret = getrandom_wrapper(output, len, 0); if (ret >= 0) { - *olen = ret; + *olen = (size_t) ret; return 0; } else if (errno != ENOSYS) { return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; From a3d0f61aec2499014564798e71d54e08ebed76b0 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 23:34:02 +0000 Subject: [PATCH 0751/1674] Use MBEDTLS_GET_UINTxx_BE macro Signed-off-by: Dave Rodgman --- library/dhm.c | 2 +- library/psa_its_file.c | 11 +++-------- library/ssl_msg.c | 27 +++++++++------------------ library/ssl_ticket.c | 2 +- library/ssl_tls.c | 13 ++++++------- library/ssl_tls12_client.c | 33 +++++++++++++-------------------- library/ssl_tls12_server.c | 22 ++++++++++------------ 7 files changed, 43 insertions(+), 67 deletions(-) diff --git a/library/dhm.c b/library/dhm.c index e423657c1..bcc07f544 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -48,7 +48,7 @@ static int dhm_read_bignum(mbedtls_mpi *X, return MBEDTLS_ERR_DHM_BAD_INPUT_DATA; } - n = ((*p)[0] << 8) | (*p)[1]; + n = MBEDTLS_GET_UINT16_BE(*p, 0); (*p) += 2; if ((size_t) (end - *p) < (size_t) n) { diff --git a/library/psa_its_file.c b/library/psa_its_file.c index 3f32d7d4e..956713748 100644 --- a/library/psa_its_file.c +++ b/library/psa_its_file.c @@ -98,14 +98,9 @@ static psa_status_t psa_its_read_file(psa_storage_uid_t uid, return PSA_ERROR_DATA_CORRUPT; } - p_info->size = (header.size[0] | - header.size[1] << 8 | - header.size[2] << 16 | - header.size[3] << 24); - p_info->flags = (header.flags[0] | - header.flags[1] << 8 | - header.flags[2] << 16 | - header.flags[3] << 24); + p_info->size = MBEDTLS_GET_UINT32_LE(header.size, 0); + p_info->flags = MBEDTLS_GET_UINT32_LE(header.flags, 0); + return PSA_SUCCESS; } diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 0d7188406..065336b67 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -3097,16 +3097,12 @@ static int ssl_hs_is_proper_fragment(mbedtls_ssl_context *ssl) static uint32_t ssl_get_hs_frag_len(mbedtls_ssl_context const *ssl) { - return (ssl->in_msg[9] << 16) | - (ssl->in_msg[10] << 8) | - ssl->in_msg[11]; + return MBEDTLS_GET_UINT24_BE(ssl->in_msg, 9); } static uint32_t ssl_get_hs_frag_off(mbedtls_ssl_context const *ssl) { - return (ssl->in_msg[6] << 16) | - (ssl->in_msg[7] << 8) | - ssl->in_msg[8]; + return MBEDTLS_GET_UINT24_BE(ssl->in_msg, 6); } MBEDTLS_CHECK_RETURN_CRITICAL @@ -3219,9 +3215,7 @@ static size_t ssl_get_reassembly_buffer_size(size_t msg_len, static uint32_t ssl_get_hs_total_len(mbedtls_ssl_context const *ssl) { - return (ssl->in_msg[1] << 16) | - (ssl->in_msg[2] << 8) | - ssl->in_msg[3]; + return MBEDTLS_GET_UINT24_BE(ssl->in_msg, 1); } int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl) @@ -3242,7 +3236,7 @@ int mbedtls_ssl_prepare_handshake_record(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_SSL_PROTO_DTLS) if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned int recv_msg_seq = (ssl->in_msg[4] << 8) | ssl->in_msg[5]; + unsigned int recv_msg_seq = MBEDTLS_GET_UINT16_BE(ssl->in_msg, 4); if (ssl_check_hs_header(ssl) != 0) { MBEDTLS_SSL_DEBUG_MSG(1, ("invalid handshake header")); @@ -3857,8 +3851,7 @@ static int ssl_parse_record_header(mbedtls_ssl_context const *ssl, */ rec->data_offset = rec_hdr_len_offset + rec_hdr_len_len; - rec->data_len = ((size_t) buf[rec_hdr_len_offset + 0] << 8) | - ((size_t) buf[rec_hdr_len_offset + 1] << 0); + rec->data_len = MBEDTLS_GET_UINT16_BE(buf, rec_hdr_len_offset); MBEDTLS_SSL_DEBUG_BUF(4, "input record header", buf, rec->data_offset); MBEDTLS_SSL_DEBUG_MSG(3, ("input record: msgtype = %u, " @@ -3886,7 +3879,7 @@ static int ssl_parse_record_header(mbedtls_ssl_context const *ssl, */ #if defined(MBEDTLS_SSL_PROTO_DTLS) if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { - rec_epoch = (rec->ctr[0] << 8) | rec->ctr[1]; + rec_epoch = MBEDTLS_GET_UINT16_BE(rec->ctr, 0); /* Check that the datagram is large enough to contain a record * of the advertised length. */ @@ -3936,7 +3929,7 @@ static int ssl_parse_record_header(mbedtls_ssl_context const *ssl, MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_check_client_reconnect(mbedtls_ssl_context *ssl) { - unsigned int rec_epoch = (ssl->in_ctr[0] << 8) | ssl->in_ctr[1]; + unsigned int rec_epoch = MBEDTLS_GET_UINT16_BE(ssl->in_ctr, 0); /* * Check for an epoch 0 ClientHello. We can't use in_msg here to @@ -4258,9 +4251,7 @@ static int ssl_load_buffered_message(mbedtls_ssl_context *ssl) hs_buf = &hs->buffering.hs[0]; if ((hs_buf->is_valid == 1) && (hs_buf->is_complete == 1)) { /* Synthesize a record containing the buffered HS message. */ - size_t msg_len = (hs_buf->data[1] << 16) | - (hs_buf->data[2] << 8) | - hs_buf->data[3]; + size_t msg_len = MBEDTLS_GET_UINT24_BE(hs_buf->data, 1); /* Double-check that we haven't accidentally buffered * a message that doesn't fit into the input buffer. */ @@ -4357,7 +4348,7 @@ static int ssl_buffer_message(mbedtls_ssl_context *ssl) case MBEDTLS_SSL_MSG_HANDSHAKE: { unsigned recv_msg_seq_offset; - unsigned recv_msg_seq = (ssl->in_msg[4] << 8) | ssl->in_msg[5]; + unsigned recv_msg_seq = MBEDTLS_GET_UINT16_BE(ssl->in_msg, 4); mbedtls_ssl_hs_buffer *hs_buf; size_t msg_len = ssl->in_hslen - 12; diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 0908982ed..8e7c145bc 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -444,7 +444,7 @@ int mbedtls_ssl_ticket_parse(void *p_ticket, goto cleanup; } - enc_len = (enc_len_p[0] << 8) | enc_len_p[1]; + enc_len = MBEDTLS_GET_UINT16_BE(enc_len_p, 0); if (len != TICKET_MIN_LEN + enc_len) { ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 50f3a6161..0ba923533 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4747,7 +4747,7 @@ static int ssl_context_load(mbedtls_ssl_context *ssl, return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - ssl->mtu = (p[0] << 8) | p[1]; + ssl->mtu = MBEDTLS_GET_UINT16_BE(p, 0); p += 2; #endif /* MBEDTLS_SSL_PROTO_DTLS */ @@ -7103,7 +7103,7 @@ static int ssl_parse_certificate_chain(mbedtls_ssl_context *ssl, /* * Same message structure as in mbedtls_ssl_write_certificate() */ - n = (ssl->in_msg[i+1] << 8) | ssl->in_msg[i+2]; + n = MBEDTLS_GET_UINT16_BE(ssl->in_msg, i + 1); if (ssl->in_msg[i] != 0 || ssl->in_hslen != n + 3 + mbedtls_ssl_hs_hdr_len(ssl)) { @@ -7137,8 +7137,7 @@ static int ssl_parse_certificate_chain(mbedtls_ssl_context *ssl, } /* Read length of the next CRT in the chain. */ - n = ((unsigned int) ssl->in_msg[i + 1] << 8) - | (unsigned int) ssl->in_msg[i + 2]; + n = MBEDTLS_GET_UINT16_BE(ssl->in_msg, i + 1); i += 3; if (n < 128 || i + n > ssl->in_hslen) { @@ -9038,7 +9037,7 @@ static int ssl_tls12_session_load(mbedtls_ssl_session *session, return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - session->ciphersuite = (p[0] << 8) | p[1]; + session->ciphersuite = MBEDTLS_GET_UINT16_BE(p, 0); p += 2; session->id_len = *p++; @@ -9074,7 +9073,7 @@ static int ssl_tls12_session_load(mbedtls_ssl_session *session, return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - cert_len = (p[0] << 16) | (p[1] << 8) | p[2]; + cert_len = MBEDTLS_GET_UINT24_BE(p, 0); p += 3; if (cert_len != 0) { @@ -9146,7 +9145,7 @@ static int ssl_tls12_session_load(mbedtls_ssl_session *session, return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - session->ticket_len = (p[0] << 16) | (p[1] << 8) | p[2]; + session->ticket_len = MBEDTLS_GET_UINT24_BE(p, 0); p += 3; if (session->ticket_len != 0) { diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 78297e89e..08549a833 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -941,7 +941,7 @@ static int ssl_parse_alpn_ext(mbedtls_ssl_context *ssl, return MBEDTLS_ERR_SSL_DECODE_ERROR; } - list_len = (buf[0] << 8) | buf[1]; + list_len = MBEDTLS_GET_UINT16_BE(buf, 0); if (list_len != len - 2) { mbedtls_ssl_send_alert_message(ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); @@ -1304,8 +1304,7 @@ static int ssl_parse_server_hello(mbedtls_ssl_context *ssl) } if (ssl->in_hslen > mbedtls_ssl_hs_hdr_len(ssl) + 39 + n) { - ext_len = ((buf[38 + n] << 8) - | (buf[39 + n])); + ext_len = MBEDTLS_GET_UINT16_BE(buf, 38 + n); if ((ext_len > 0 && ext_len < 4) || ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + 40 + n + ext_len) { @@ -1326,7 +1325,7 @@ static int ssl_parse_server_hello(mbedtls_ssl_context *ssl) } /* ciphersuite (used later) */ - i = (buf[35 + n] << 8) | buf[36 + n]; + i = (int) MBEDTLS_GET_UINT16_BE(buf, n + 35); /* * Read and check compression @@ -1447,10 +1446,8 @@ static int ssl_parse_server_hello(mbedtls_ssl_context *ssl) ext_len)); while (ext_len) { - unsigned int ext_id = ((ext[0] << 8) - | (ext[1])); - unsigned int ext_size = ((ext[2] << 8) - | (ext[3])); + unsigned int ext_id = MBEDTLS_GET_UINT16_BE(ext, 0); + unsigned int ext_size = MBEDTLS_GET_UINT16_BE(ext, 2); if (ext_size + 4 > ext_len) { MBEDTLS_SSL_DEBUG_MSG(1, ("bad server hello message")); @@ -1741,9 +1738,8 @@ static int ssl_parse_server_ecdh_params(mbedtls_ssl_context *ssl, } /* Next two bytes are the namedcurve value */ - tls_id = *(*p)++; - tls_id <<= 8; - tls_id |= *(*p)++; + tls_id = MBEDTLS_GET_UINT16_BE(*p, 0); + *p += 2; /* Check it's a curve we offered */ if (mbedtls_ssl_check_curve_tls_id(ssl, tls_id) != 0) { @@ -1883,7 +1879,7 @@ static int ssl_parse_server_psk_hint(mbedtls_ssl_context *ssl, ("bad server key exchange message (psk_identity_hint length)")); return MBEDTLS_ERR_SSL_DECODE_ERROR; } - len = (*p)[0] << 8 | (*p)[1]; + len = MBEDTLS_GET_UINT16_BE(*p, 0); *p += 2; if (end - (*p) < len) { @@ -2357,7 +2353,7 @@ start_processing: MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); return MBEDTLS_ERR_SSL_DECODE_ERROR; } - sig_len = (p[0] << 8) | p[1]; + sig_len = MBEDTLS_GET_UINT16_BE(p, 0); p += 2; if (p != end - sig_len) { @@ -2585,8 +2581,7 @@ static int ssl_parse_certificate_request(mbedtls_ssl_context *ssl) } /* supported_signature_algorithms */ - sig_alg_len = ((buf[mbedtls_ssl_hs_hdr_len(ssl) + 1 + n] << 8) - | (buf[mbedtls_ssl_hs_hdr_len(ssl) + 2 + n])); + sig_alg_len = MBEDTLS_GET_UINT16_BE(buf, mbedtls_ssl_hs_hdr_len(ssl) + 1 + n); /* * The furthest access in buf is in the loop few lines below: @@ -2621,8 +2616,7 @@ static int ssl_parse_certificate_request(mbedtls_ssl_context *ssl) n += 2 + sig_alg_len; /* certificate_authorities */ - dn_len = ((buf[mbedtls_ssl_hs_hdr_len(ssl) + 1 + n] << 8) - | (buf[mbedtls_ssl_hs_hdr_len(ssl) + 2 + n])); + dn_len = MBEDTLS_GET_UINT16_BE(buf, mbedtls_ssl_hs_hdr_len(ssl) + 1 + n); n += dn_len; if (ssl->in_hslen != mbedtls_ssl_hs_hdr_len(ssl) + 3 + n) { @@ -3421,10 +3415,9 @@ static int ssl_parse_new_session_ticket(mbedtls_ssl_context *ssl) msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len(ssl); - lifetime = (((uint32_t) msg[0]) << 24) | (msg[1] << 16) | - (msg[2] << 8) | (msg[3]); + lifetime = MBEDTLS_GET_UINT32_BE(msg, 0); - ticket_len = (msg[4] << 8) | (msg[5]); + ticket_len = MBEDTLS_GET_UINT16_BE(msg, 4); if (ticket_len + 6 + mbedtls_ssl_hs_hdr_len(ssl) != ssl->in_hslen) { MBEDTLS_SSL_DEBUG_MSG(1, ("bad new session ticket message")); diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index c2e08146b..d3cb629cd 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -192,7 +192,7 @@ static int ssl_parse_supported_groups_ext(mbedtls_ssl_context *ssl, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); return MBEDTLS_ERR_SSL_DECODE_ERROR; } - list_size = ((buf[0] << 8) | (buf[1])); + list_size = MBEDTLS_GET_UINT16_BE(buf, 0); if (list_size + 2 != len || list_size % 2 != 0) { MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); @@ -957,7 +957,7 @@ read_record_header: } MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, message len.: %d", - (ssl->in_len[0] << 8) | ssl->in_len[1])); + MBEDTLS_GET_UINT16_BE(ssl->in_len, 0))); MBEDTLS_SSL_DEBUG_MSG(3, ("client hello, protocol version: [%d:%d]", buf[1], buf[2])); @@ -993,7 +993,7 @@ read_record_header: } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - msg_len = (ssl->in_len[0] << 8) | ssl->in_len[1]; + msg_len = MBEDTLS_GET_UINT16_BE(ssl->in_len, 0); #if defined(MBEDTLS_SSL_RENEGOTIATION) if (ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE) { @@ -1251,8 +1251,7 @@ read_record_header: #endif /* MBEDTLS_SSL_PROTO_DTLS */ ciph_offset = 35 + sess_len; - ciph_len = (buf[ciph_offset + 0] << 8) - | (buf[ciph_offset + 1]); + ciph_len = MBEDTLS_GET_UINT16_BE(buf, ciph_offset); if (ciph_len < 2 || ciph_len + 2 + ciph_offset + 1 > msg_len || /* 1 for comp. alg. len */ @@ -1300,8 +1299,7 @@ read_record_header: return MBEDTLS_ERR_SSL_DECODE_ERROR; } - ext_len = (buf[ext_offset + 0] << 8) - | (buf[ext_offset + 1]); + ext_len = MBEDTLS_GET_UINT16_BE(buf, ext_offset); if (msg_len != ext_offset + 2 + ext_len) { MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); @@ -1325,8 +1323,8 @@ read_record_header: MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR); return MBEDTLS_ERR_SSL_DECODE_ERROR; } - ext_id = ((ext[0] << 8) | (ext[1])); - ext_size = ((ext[2] << 8) | (ext[3])); + ext_id = MBEDTLS_GET_UINT16_BE(ext, 0); + ext_size = MBEDTLS_GET_UINT16_BE(ext, 2); if (ext_size + 4 > ext_len) { MBEDTLS_SSL_DEBUG_MSG(1, ("bad client hello message")); @@ -3360,7 +3358,7 @@ static int ssl_parse_client_dh_public(mbedtls_ssl_context *ssl, unsigned char ** return MBEDTLS_ERR_SSL_DECODE_ERROR; } - n = ((*p)[0] << 8) | (*p)[1]; + n = MBEDTLS_GET_UINT16_BE(*p, 0); *p += 2; if (*p + n > end) { @@ -3593,7 +3591,7 @@ static int ssl_parse_client_psk_identity(mbedtls_ssl_context *ssl, unsigned char return MBEDTLS_ERR_SSL_DECODE_ERROR; } - n = ((*p)[0] << 8) | (*p)[1]; + n = MBEDTLS_GET_UINT16_BE(*p, 0); *p += 2; if (n == 0 || n > end - *p) { @@ -4189,7 +4187,7 @@ static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_DECODE_ERROR; } - sig_len = (ssl->in_msg[i] << 8) | ssl->in_msg[i+1]; + sig_len = MBEDTLS_GET_UINT16_BE(ssl->in_msg, i); i += 2; if (i + sig_len != ssl->in_hslen) { From df4d42106ac7ac2bded902bb65991397a107248e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 9 Nov 2023 14:01:39 +0000 Subject: [PATCH 0752/1674] Use standard byte conversion fns in lms Signed-off-by: Dave Rodgman --- library/lmots.c | 65 +++++++++---------------------------------------- library/lmots.h | 23 ----------------- library/lms.c | 45 ++++++++++------------------------ 3 files changed, 24 insertions(+), 109 deletions(-) diff --git a/library/lmots.c b/library/lmots.c index e09e3e529..c7091b49e 100644 --- a/library/lmots.c +++ b/library/lmots.c @@ -69,29 +69,6 @@ static const unsigned char D_MESSAGE_CONSTANT_BYTES[D_CONST_LEN] = { 0x81, 0x81 int (*mbedtls_lmots_sign_private_key_invalidated_hook)(unsigned char *) = NULL; #endif /* defined(MBEDTLS_TEST_HOOKS) */ -void mbedtls_lms_unsigned_int_to_network_bytes(unsigned int val, size_t len, - unsigned char *bytes) -{ - size_t idx; - - for (idx = 0; idx < len; idx++) { - bytes[idx] = (val >> ((len - 1 - idx) * 8)) & 0xFF; - } -} - -unsigned int mbedtls_lms_network_bytes_to_unsigned_int(size_t len, - const unsigned char *bytes) -{ - size_t idx; - unsigned int val = 0; - - for (idx = 0; idx < len; idx++) { - val |= ((unsigned int) bytes[idx]) << (8 * (len - 1 - idx)); - } - - return val; -} - /* Calculate the checksum digits that are appended to the end of the LMOTS digit * string. See NIST SP800-208 section 3.1 or RFC8554 Algorithm 2 for details of * the checksum algorithm. @@ -191,8 +168,7 @@ static int create_digit_array_with_checksum(const mbedtls_lmots_parameters_t *pa } checksum = lmots_checksum_calculate(params, out); - mbedtls_lms_unsigned_int_to_network_bytes(checksum, CHECKSUM_LEN, - out + MBEDTLS_LMOTS_N_HASH_LEN(params->type)); + MBEDTLS_PUT_UINT16_BE(checksum, out, MBEDTLS_LMOTS_N_HASH_LEN(params->type)); exit: psa_hash_abort(&op); @@ -281,17 +257,13 @@ static int hash_digit_array(const mbedtls_lmots_parameters_t *params, goto exit; } - mbedtls_lms_unsigned_int_to_network_bytes(i_digit_idx, - I_DIGIT_IDX_LEN, - i_digit_idx_bytes); + MBEDTLS_PUT_UINT16_BE(i_digit_idx, i_digit_idx_bytes, 0); status = psa_hash_update(&op, i_digit_idx_bytes, I_DIGIT_IDX_LEN); if (status != PSA_SUCCESS) { goto exit; } - mbedtls_lms_unsigned_int_to_network_bytes(j_hash_idx, - J_HASH_IDX_LEN, - j_hash_idx_bytes); + j_hash_idx_bytes[0] = (uint8_t) j_hash_idx; status = psa_hash_update(&op, j_hash_idx_bytes, J_HASH_IDX_LEN); if (status != PSA_SUCCESS) { goto exit; @@ -425,11 +397,8 @@ int mbedtls_lmots_import_public_key(mbedtls_lmots_public_t *ctx, return MBEDTLS_ERR_LMS_BAD_INPUT_DATA; } - ctx->params.type = - (mbedtls_lmots_algorithm_type_t) mbedtls_lms_network_bytes_to_unsigned_int( - MBEDTLS_LMOTS_TYPE_LEN, - key + - MBEDTLS_LMOTS_SIG_TYPE_OFFSET); + ctx->params.type = (mbedtls_lmots_algorithm_type_t) + MBEDTLS_GET_UINT32_BE(key, MBEDTLS_LMOTS_SIG_TYPE_OFFSET); if (key_len != MBEDTLS_LMOTS_PUBLIC_KEY_LEN(ctx->params.type)) { return MBEDTLS_ERR_LMS_BAD_INPUT_DATA; @@ -464,9 +433,7 @@ int mbedtls_lmots_export_public_key(const mbedtls_lmots_public_t *ctx, return MBEDTLS_ERR_LMS_BAD_INPUT_DATA; } - mbedtls_lms_unsigned_int_to_network_bytes(ctx->params.type, - MBEDTLS_LMOTS_TYPE_LEN, - key + MBEDTLS_LMOTS_SIG_TYPE_OFFSET); + MBEDTLS_PUT_UINT32_BE(ctx->params.type, key, MBEDTLS_LMOTS_SIG_TYPE_OFFSET); memcpy(key + PUBLIC_KEY_I_KEY_ID_OFFSET, ctx->params.I_key_identifier, @@ -559,9 +526,7 @@ int mbedtls_lmots_verify(const mbedtls_lmots_public_t *ctx, return MBEDTLS_ERR_LMS_VERIFY_FAILED; } - if (mbedtls_lms_network_bytes_to_unsigned_int(MBEDTLS_LMOTS_TYPE_LEN, - sig + MBEDTLS_LMOTS_SIG_TYPE_OFFSET) != - MBEDTLS_LMOTS_SHA256_N32_W8) { + if (MBEDTLS_GET_UINT32_BE(sig, MBEDTLS_LMOTS_SIG_TYPE_OFFSET) != MBEDTLS_LMOTS_SHA256_N32_W8) { return MBEDTLS_ERR_LMS_VERIFY_FAILED; } @@ -607,7 +572,7 @@ int mbedtls_lmots_generate_private_key(mbedtls_lmots_private_t *ctx, size_t output_hash_len; unsigned int i_digit_idx; unsigned char i_digit_idx_bytes[2]; - unsigned char const_bytes[1]; + unsigned char const_bytes[1] = { 0xFF }; if (ctx->have_private_key) { return MBEDTLS_ERR_LMS_BAD_INPUT_DATA; @@ -623,12 +588,7 @@ int mbedtls_lmots_generate_private_key(mbedtls_lmots_private_t *ctx, I_key_identifier, sizeof(ctx->params.I_key_identifier)); - mbedtls_lms_unsigned_int_to_network_bytes(q_leaf_identifier, - MBEDTLS_LMOTS_Q_LEAF_ID_LEN, - ctx->params.q_leaf_identifier); - - mbedtls_lms_unsigned_int_to_network_bytes(0xFF, sizeof(const_bytes), - const_bytes); + MBEDTLS_PUT_UINT32_BE(q_leaf_identifier, ctx->params.q_leaf_identifier, 0); for (i_digit_idx = 0; i_digit_idx < MBEDTLS_LMOTS_P_SIG_DIGIT_COUNT(ctx->params.type); @@ -652,8 +612,7 @@ int mbedtls_lmots_generate_private_key(mbedtls_lmots_private_t *ctx, goto exit; } - mbedtls_lms_unsigned_int_to_network_bytes(i_digit_idx, I_DIGIT_IDX_LEN, - i_digit_idx_bytes); + MBEDTLS_PUT_UINT16_BE(i_digit_idx, i_digit_idx_bytes, 0); status = psa_hash_update(&op, i_digit_idx_bytes, I_DIGIT_IDX_LEN); if (status != PSA_SUCCESS) { goto exit; @@ -774,9 +733,7 @@ int mbedtls_lmots_sign(mbedtls_lmots_private_t *ctx, goto exit; } - mbedtls_lms_unsigned_int_to_network_bytes(ctx->params.type, - MBEDTLS_LMOTS_TYPE_LEN, - sig + MBEDTLS_LMOTS_SIG_TYPE_OFFSET); + MBEDTLS_PUT_UINT32_BE(ctx->params.type, sig, MBEDTLS_LMOTS_SIG_TYPE_OFFSET); /* Test hook to check if sig is being written to before we invalidate the * private key. diff --git a/library/lmots.h b/library/lmots.h index 8e495c9dd..cf92d326c 100644 --- a/library/lmots.h +++ b/library/lmots.h @@ -44,29 +44,6 @@ extern "C" { extern int (*mbedtls_lmots_sign_private_key_invalidated_hook)(unsigned char *); #endif /* defined(MBEDTLS_TEST_HOOKS) */ -/** - * \brief This function converts an unsigned int into a - * network-byte-order (big endian) string. - * - * \param val The unsigned integer value - * \param len The length of the string. - * \param bytes The string to output into. - */ -void mbedtls_lms_unsigned_int_to_network_bytes(unsigned int val, size_t len, - unsigned char *bytes); - -/** - * \brief This function converts a network-byte-order - * (big endian) string into an unsigned integer. - * - * \param len The length of the string. - * \param bytes The string. - * - * \return The corresponding LMS error code. - */ -unsigned int mbedtls_lms_network_bytes_to_unsigned_int(size_t len, - const unsigned char *bytes); - #if !defined(MBEDTLS_DEPRECATED_REMOVED) /** * \brief This function converts a \ref psa_status_t to a diff --git a/library/lms.c b/library/lms.c index 00525bb74..08fe75300 100644 --- a/library/lms.c +++ b/library/lms.c @@ -112,7 +112,7 @@ static int create_merkle_leaf_value(const mbedtls_lms_parameters_t *params, goto exit; } - mbedtls_lms_unsigned_int_to_network_bytes(r_node_idx, 4, r_node_idx_bytes); + MBEDTLS_PUT_UINT32_BE(r_node_idx, r_node_idx_bytes, 0); status = psa_hash_update(&op, r_node_idx_bytes, 4); if (status != PSA_SUCCESS) { goto exit; @@ -186,7 +186,7 @@ static int create_merkle_internal_value(const mbedtls_lms_parameters_t *params, goto exit; } - mbedtls_lms_unsigned_int_to_network_bytes(r_node_idx, 4, r_node_idx_bytes); + MBEDTLS_PUT_UINT32_BE(r_node_idx, r_node_idx_bytes, 0); status = psa_hash_update(&op, r_node_idx_bytes, 4); if (status != PSA_SUCCESS) { goto exit; @@ -237,10 +237,7 @@ int mbedtls_lms_import_public_key(mbedtls_lms_public_t *ctx, mbedtls_lms_algorithm_type_t type; mbedtls_lmots_algorithm_type_t otstype; - type = (mbedtls_lms_algorithm_type_t) mbedtls_lms_network_bytes_to_unsigned_int( - MBEDTLS_LMS_TYPE_LEN, - key + - PUBLIC_KEY_TYPE_OFFSET); + type = (mbedtls_lms_algorithm_type_t) MBEDTLS_GET_UINT32_BE(key, PUBLIC_KEY_TYPE_OFFSET); if (type != MBEDTLS_LMS_SHA256_M32_H10) { return MBEDTLS_ERR_LMS_BAD_INPUT_DATA; } @@ -250,10 +247,8 @@ int mbedtls_lms_import_public_key(mbedtls_lms_public_t *ctx, return MBEDTLS_ERR_LMS_BAD_INPUT_DATA; } - otstype = (mbedtls_lmots_algorithm_type_t) mbedtls_lms_network_bytes_to_unsigned_int( - MBEDTLS_LMOTS_TYPE_LEN, - key + - PUBLIC_KEY_OTSTYPE_OFFSET); + otstype = (mbedtls_lmots_algorithm_type_t) + MBEDTLS_GET_UINT32_BE(key, PUBLIC_KEY_OTSTYPE_OFFSET); if (otstype != MBEDTLS_LMOTS_SHA256_N32_W8) { return MBEDTLS_ERR_LMS_BAD_INPUT_DATA; } @@ -282,12 +277,8 @@ int mbedtls_lms_export_public_key(const mbedtls_lms_public_t *ctx, return MBEDTLS_ERR_LMS_BAD_INPUT_DATA; } - mbedtls_lms_unsigned_int_to_network_bytes( - ctx->params.type, - MBEDTLS_LMS_TYPE_LEN, key + PUBLIC_KEY_TYPE_OFFSET); - mbedtls_lms_unsigned_int_to_network_bytes(ctx->params.otstype, - MBEDTLS_LMOTS_TYPE_LEN, - key + PUBLIC_KEY_OTSTYPE_OFFSET); + MBEDTLS_PUT_UINT32_BE(ctx->params.type, key, PUBLIC_KEY_TYPE_OFFSET); + MBEDTLS_PUT_UINT32_BE(ctx->params.otstype, key, PUBLIC_KEY_OTSTYPE_OFFSET); memcpy(key + PUBLIC_KEY_I_KEY_ID_OFFSET, ctx->params.I_key_identifier, MBEDTLS_LMOTS_I_KEY_ID_LEN); @@ -339,9 +330,7 @@ int mbedtls_lms_verify(const mbedtls_lms_public_t *ctx, return MBEDTLS_ERR_LMS_VERIFY_FAILED; } - if (mbedtls_lms_network_bytes_to_unsigned_int(MBEDTLS_LMOTS_TYPE_LEN, - sig + SIG_OTS_SIG_OFFSET + - MBEDTLS_LMOTS_SIG_TYPE_OFFSET) + if (MBEDTLS_GET_UINT32_BE(sig, SIG_OTS_SIG_OFFSET + MBEDTLS_LMOTS_SIG_TYPE_OFFSET) != MBEDTLS_LMOTS_SHA256_N32_W8) { return MBEDTLS_ERR_LMS_VERIFY_FAILED; } @@ -350,15 +339,13 @@ int mbedtls_lms_verify(const mbedtls_lms_public_t *ctx, return MBEDTLS_ERR_LMS_VERIFY_FAILED; } - if (mbedtls_lms_network_bytes_to_unsigned_int(MBEDTLS_LMS_TYPE_LEN, - sig + SIG_TYPE_OFFSET(ctx->params.otstype)) + if (MBEDTLS_GET_UINT32_BE(sig, SIG_TYPE_OFFSET(ctx->params.otstype)) != MBEDTLS_LMS_SHA256_M32_H10) { return MBEDTLS_ERR_LMS_VERIFY_FAILED; } - q_leaf_identifier = mbedtls_lms_network_bytes_to_unsigned_int( - MBEDTLS_LMOTS_Q_LEAF_ID_LEN, sig + SIG_Q_LEAF_ID_OFFSET); + q_leaf_identifier = MBEDTLS_GET_UINT32_BE(sig, SIG_Q_LEAF_ID_OFFSET); if (q_leaf_identifier >= MERKLE_TREE_LEAF_NODE_AM(ctx->params.type)) { return MBEDTLS_ERR_LMS_VERIFY_FAILED; @@ -367,9 +354,7 @@ int mbedtls_lms_verify(const mbedtls_lms_public_t *ctx, memcpy(ots_params.I_key_identifier, ctx->params.I_key_identifier, MBEDTLS_LMOTS_I_KEY_ID_LEN); - mbedtls_lms_unsigned_int_to_network_bytes(q_leaf_identifier, - MBEDTLS_LMOTS_Q_LEAF_ID_LEN, - ots_params.q_leaf_identifier); + MBEDTLS_PUT_UINT32_BE(q_leaf_identifier, ots_params.q_leaf_identifier, 0); ots_params.type = ctx->params.otstype; ret = mbedtls_lmots_calculate_public_key_candidate(&ots_params, @@ -753,12 +738,8 @@ int mbedtls_lms_sign(mbedtls_lms_private_t *ctx, return ret; } - mbedtls_lms_unsigned_int_to_network_bytes(ctx->params.type, - MBEDTLS_LMS_TYPE_LEN, - sig + SIG_TYPE_OFFSET(ctx->params.otstype)); - mbedtls_lms_unsigned_int_to_network_bytes(q_leaf_identifier, - MBEDTLS_LMOTS_Q_LEAF_ID_LEN, - sig + SIG_Q_LEAF_ID_OFFSET); + MBEDTLS_PUT_UINT32_BE(ctx->params.type, sig, SIG_TYPE_OFFSET(ctx->params.otstype)); + MBEDTLS_PUT_UINT32_BE(q_leaf_identifier, sig, SIG_Q_LEAF_ID_OFFSET); ret = get_merkle_path(ctx, MERKLE_TREE_INTERNAL_NODE_AM(ctx->params.type) + q_leaf_identifier, From c37ad4432b6665ca32c19bc83c30d878f2d3ee7a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 23:36:06 +0000 Subject: [PATCH 0753/1674] misc type fixes in ssl Signed-off-by: Dave Rodgman --- library/ssl_misc.h | 2 +- library/ssl_msg.c | 2 +- library/ssl_tls.c | 9 +++++---- library/ssl_tls12_server.c | 4 ++-- 4 files changed, 9 insertions(+), 8 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index c636ad461..eae192bac 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1409,7 +1409,7 @@ int mbedtls_ssl_fetch_input(mbedtls_ssl_context *ssl, size_t nb_want); * Write handshake message header */ MBEDTLS_CHECK_RETURN_CRITICAL -int mbedtls_ssl_start_handshake_msg(mbedtls_ssl_context *ssl, unsigned hs_type, +int mbedtls_ssl_start_handshake_msg(mbedtls_ssl_context *ssl, unsigned char hs_type, unsigned char **buf, size_t *buf_len); MBEDTLS_CHECK_RETURN_CRITICAL diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 065336b67..48d0a03dc 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2731,7 +2731,7 @@ void mbedtls_ssl_send_flight_completed(mbedtls_ssl_context *ssl) /* * Handshake layer functions */ -int mbedtls_ssl_start_handshake_msg(mbedtls_ssl_context *ssl, unsigned hs_type, +int mbedtls_ssl_start_handshake_msg(mbedtls_ssl_context *ssl, unsigned char hs_type, unsigned char **buf, size_t *buf_len) { /* diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 0ba923533..036b37ae6 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4466,7 +4466,7 @@ int mbedtls_ssl_context_save(mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - used += 2 + ssl->transform->in_cid_len + ssl->transform->out_cid_len; + used += 2U + ssl->transform->in_cid_len + ssl->transform->out_cid_len; if (used <= buf_len) { *p++ = ssl->transform->in_cid_len; memcpy(p, ssl->transform->in_cid, ssl->transform->in_cid_len); @@ -5692,7 +5692,7 @@ int mbedtls_ssl_check_cert_usage(const mbedtls_x509_crt *cert, uint32_t *flags) { int ret = 0; - int usage = 0; + unsigned int usage = 0; const char *ext_oid; size_t ext_len; @@ -7665,7 +7665,7 @@ static int ssl_calc_finished_tls_generic(mbedtls_ssl_context *ssl, void *ctx, unsigned char *padbuf, size_t hlen, unsigned char *buf, int from) { - int len = 12; + unsigned int len = 12; const char *sender; #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_status_t status; @@ -7865,7 +7865,8 @@ void mbedtls_ssl_handshake_wrapup(mbedtls_ssl_context *ssl) int mbedtls_ssl_write_finished(mbedtls_ssl_context *ssl) { - int ret, hash_len; + int ret; + unsigned int hash_len; MBEDTLS_SSL_DEBUG_MSG(2, ("=> write finished")); diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index d3cb629cd..a07d0fb34 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -3099,8 +3099,8 @@ curve_matching_done: mbedtls_pk_type_t sig_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg(ciphersuite_info); - unsigned int sig_hash = - mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg( + unsigned char sig_hash = + (unsigned char) mbedtls_ssl_tls12_get_preferred_hash_for_sig_alg( ssl, mbedtls_ssl_sig_from_pk_alg(sig_alg)); mbedtls_md_type_t md_alg = mbedtls_ssl_md_alg_from_hash(sig_hash); From e467d620424a008c724e3e7367132c309de404d6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 3 Nov 2023 23:40:31 +0000 Subject: [PATCH 0754/1674] Add casts for NEON Signed-off-by: Dave Rodgman --- library/aesce.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 1a0db163d..64f4b2b68 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -385,8 +385,8 @@ static inline uint8x16_t pmull_low(uint8x16_t a, uint8x16_t b) return vreinterpretq_u8_p128( MBEDTLS_VMULL_P64( - vget_low_p64(vreinterpretq_p64_u8(a)), - vget_low_p64(vreinterpretq_p64_u8(b)) + (poly64_t) vget_low_p64(vreinterpretq_p64_u8(a)), + (poly64_t) vget_low_p64(vreinterpretq_p64_u8(b)) )); } From 920db4581835b2144edaf188455b394e7e0927eb Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 14 Nov 2023 17:20:16 +0800 Subject: [PATCH 0755/1674] tls13: early_data: support to parse max_early_data_size ext Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 51 +++++++++++++++++++++++++++++++------- 1 file changed, 42 insertions(+), 9 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 44814b99f..361f0c0af 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2647,6 +2647,43 @@ static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_EARLY_DATA) +/* From RFC 8446 section 4.2.10 + * + * struct { + * select (Handshake.msg_type) { + * case new_session_ticket: uint32 max_early_data_size; + * ... + * }; + * } EarlyDataIndication; + */ +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_parse_nst_early_data_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + const unsigned char *end) +{ + MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4); + if ((end - buf) != 4) { + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR, + MBEDTLS_ERR_SSL_DECODE_ERROR); + return MBEDTLS_ERR_SSL_DECODE_ERROR; + } + + if (ssl->session != NULL) { + ssl->session->max_early_data_size = MBEDTLS_GET_UINT32_BE(buf, 0); + mbedtls_ssl_session_set_ticket_flags( + ssl->session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); + MBEDTLS_SSL_DEBUG_MSG( + 3, ("received max_early_data_size: %u", + (unsigned int) ssl->session->max_early_data_size)); + return 0; + } + + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; +} +#endif /* MBEDTLS_SSL_EARLY_DATA */ + MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, const unsigned char *buf, @@ -2680,15 +2717,11 @@ static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, switch (extension_type) { #if defined(MBEDTLS_SSL_EARLY_DATA) case MBEDTLS_TLS_EXT_EARLY_DATA: - if (extension_data_len != 4) { - MBEDTLS_SSL_PEND_FATAL_ALERT( - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR, - MBEDTLS_ERR_SSL_DECODE_ERROR); - return MBEDTLS_ERR_SSL_DECODE_ERROR; - } - if (ssl->session != NULL) { - ssl->session->ticket_flags |= - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA; + ret = ssl_tls13_parse_nst_early_data_ext( + ssl, p, p + extension_data_len); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET( + 1, "ssl_tls13_parse_max_early_data_size_ext", ret); } break; #endif /* MBEDTLS_SSL_EARLY_DATA */ From 951b3cb400c200fcf72af6791980108ef15a43b0 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 21 Nov 2023 11:13:31 +0800 Subject: [PATCH 0756/1674] tls13-misc: cli: check parser of max_early_data_size ext Signed-off-by: Yanray Wang --- tests/opt-testcases/tls13-misc.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index 920838449..f03a386a0 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -261,9 +261,11 @@ requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3 m->G: EarlyData: basic check, good" \ - "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK --earlydata --disable-client-cert" \ + "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK \ + --earlydata --maxearlydata 16384 --disable-client-cert" \ "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1 reco_delay=900" \ 0 \ + -c "received max_early_data_size: 16384" \ -c "Reconnecting with saved session" \ -c "NewSessionTicket: early_data(42) extension received." \ -c "ClientHello: early_data(42) extension exists." \ From 365ee3eaa953b559ed2ffebc66f761aac90b1160 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 10:28:28 +0800 Subject: [PATCH 0757/1674] ssl_tls: return correct error code if mbedtls_calloc fails Signed-off-by: Yanray Wang --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index b163e93c2..348894b45 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -306,7 +306,7 @@ static int resize_buffer(unsigned char **buffer, size_t len_new, size_t *len_old { unsigned char *resized_buffer = mbedtls_calloc(1, len_new); if (resized_buffer == NULL) { - return -1; + return MBEDTLS_ERR_SSL_ALLOC_FAILED; } /* We want to copy len_new bytes when downsizing the buffer, and From fd25654311c5c6f275c6e62f49fa7588b8026fe7 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 10:32:03 +0800 Subject: [PATCH 0758/1674] ssl_tls: remove unnecessary guard Signed-off-by: Yanray Wang --- library/ssl_tls.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 348894b45..4364c1f2d 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2623,8 +2623,7 @@ static int ssl_tls13_session_load(mbedtls_ssl_session *session, #if defined(MBEDTLS_SSL_CLI_C) if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \ - defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) size_t hostname_len; /* load host name */ if (end - p < 2) { @@ -2644,8 +2643,7 @@ static int ssl_tls13_session_load(mbedtls_ssl_session *session, memcpy(session->hostname, p, hostname_len); p += hostname_len; } -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION && - MBEDTLS_SSL_SESSION_TICKETS */ +#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ #if defined(MBEDTLS_HAVE_TIME) if (end - p < 8) { From b1f60163ba3aff6c8209c48f85d398fdfb19a901 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 15:46:15 +0800 Subject: [PATCH 0759/1674] ssl_tls: remove RSA sig-algs in ssl_preset_suiteb_sig_algs Signed-off-by: Yanray Wang --- library/ssl_tls.c | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index b163e93c2..08f5a5b9b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5143,16 +5143,6 @@ static uint16_t ssl_preset_suiteb_sig_algs[] = { // == MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384) #endif -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ - defined(MBEDTLS_MD_CAN_SHA256) - MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256, -#endif \ - /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA256*/ - -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) - MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256, -#endif /* MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256*/ - MBEDTLS_TLS_SIG_NONE }; From 69ceb391a0bb216f6c1fc1ca9b8c2d7718fd94a6 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 16:32:39 +0800 Subject: [PATCH 0760/1674] ssl_tls: remove RSA sig-algs in ssl_tls12_preset_suiteb_sig_algs Signed-off-by: Yanray Wang --- library/ssl_tls.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 08f5a5b9b..830278243 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5153,17 +5153,12 @@ static uint16_t ssl_tls12_preset_suiteb_sig_algs[] = { #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA256), #endif -#if defined(MBEDTLS_RSA_C) - MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA256), -#endif #endif /* MBEDTLS_MD_CAN_SHA256*/ + #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384), #endif -#if defined(MBEDTLS_RSA_C) - MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA384), -#endif #endif /* MBEDTLS_MD_CAN_SHA256*/ MBEDTLS_TLS_SIG_NONE }; From 55933a3e9c93db693e53a8a61e4e07d36be6a2f9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 16:34:15 +0800 Subject: [PATCH 0761/1674] tls13: fix a wrong RFC reference section Signed-off-by: Yanray Wang --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3c2696fe4..0ca802bc1 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -447,7 +447,7 @@ /* * TLS 1.3 signature algorithms - * RFC 8446, Section 4.2.2 + * RFC 8446, Section 4.2.3 */ /* RSASSA-PKCS1-v1_5 algorithms */ From 4e9b70e03a616530c9b0ef739d46c358e7785055 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Sun, 4 Dec 2022 14:08:02 +0800 Subject: [PATCH 0762/1674] Add early transform computation when accepted Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index d983a0039..e8967e6c2 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1880,6 +1880,16 @@ static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_SSL_EARLY_DATA) /* There is enough information, update early data state. */ ssl_tls13_update_early_data_status(ssl); + + if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { + ret = mbedtls_ssl_tls13_compute_early_transform(ssl); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET( + 1, "mbedtls_ssl_tls13_compute_early_transform", ret); + return ret; + } + } + #endif /* MBEDTLS_SSL_EARLY_DATA */ return 0; From 7d8c3fe12c9db11e31aa8ee305f454ae018402d1 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 12 Dec 2022 12:59:44 +0800 Subject: [PATCH 0763/1674] Add wait flight2 state. The state is come from RFC8446 section A.2 Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 2 +- library/ssl_tls13_server.c | 45 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 46 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3c2696fe4..2bca21a2f 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -687,12 +687,12 @@ typedef enum { MBEDTLS_SSL_SERVER_FINISHED, MBEDTLS_SSL_FLUSH_BUFFERS, MBEDTLS_SSL_HANDSHAKE_WRAPUP, - MBEDTLS_SSL_NEW_SESSION_TICKET, MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT, MBEDTLS_SSL_HELLO_RETRY_REQUEST, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS, MBEDTLS_SSL_END_OF_EARLY_DATA, + MBEDTLS_SSL_WAIT_FLIGHT2, MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY, MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED, MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO, diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index e8967e6c2..40d51d806 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2782,6 +2782,30 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG(1, ("Switch to handshake keys for inbound traffic")); mbedtls_ssl_set_inbound_transform(ssl, ssl->handshake->transform_handshake); + mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_WAIT_FLIGHT2); + + return 0; +} + +/* + * Handler for MBEDTLS_SSL_WAIT_FLIGHT2 + * + * RFC 8446 section A.2 + * + * WAIT_FLIGHT2 + * | + * +--------+--------+ + * No auth | | Client auth + * | | + * | v + * | WAIT_CERT + * | Recv | | Recv Certificate + */ +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_process_wait_flight2(mbedtls_ssl_context *ssl) +{ + MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_tls13_process_wait_flight2")); + if (ssl->handshake->certificate_request_sent) { mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); } else { @@ -2790,6 +2814,7 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); } + MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_tls13_process_wait_flight2")); return 0; } @@ -3213,10 +3238,30 @@ int mbedtls_ssl_tls13_handshake_server_step(mbedtls_ssl_context *ssl) break; #endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */ + /* RFC 8446 section A.2 + * + * | Send Finished ( SERVER_FINISHED ) + * | K_send = application + * +--------+--------+ + * No 0-RTT | | 0-RTT + * | | + * K_recv = handshake | | K_recv = early data + * [Skip decrypt errors] | +------> WAIT_EOED -+ + * | | Recv | | Recv EndOfEarlyData + * | | early data | | K_recv = handshake + * | +------------+ | + * | | + * +> WAIT_FLIGHT2 <--------+ + * | + */ case MBEDTLS_SSL_SERVER_FINISHED: ret = ssl_tls13_write_server_finished(ssl); break; + case MBEDTLS_SSL_WAIT_FLIGHT2: + ret = ssl_tls13_process_wait_flight2(ssl); + break; + case MBEDTLS_SSL_CLIENT_FINISHED: ret = ssl_tls13_process_client_finished(ssl); break; From 87b5ed4e5b40bd7cc41506fa5850b28f2ac63bd9 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 12 Dec 2022 13:07:07 +0800 Subject: [PATCH 0764/1674] Add server side end-of-early-data handler Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 126 +++++++++++++++++++++++++++++++++++++ 1 file changed, 126 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 40d51d806..e69b091f3 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2779,6 +2779,34 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) return ret; } +#if defined(MBEDTLS_SSL_EARLY_DATA) + if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { + /* TODO: compute early transform here? + * + * RFC 8446, section A.2 + * | Send Finished + * | K_send = application + * +--------+--------+ + * No 0-RTT | | 0-RTT + * | | + * | | K_recv = early data + * | +------> WAIT_EOED -+ + * + * early transform is set after server finished in this section. But + * it breaks our key computation, so we put early transform computation + * at the end of client hello. For time being, I am not sure the benifit + * for moving computation here. + */ + MBEDTLS_SSL_DEBUG_MSG( + 1, ("Switch to early keys for inbound traffic. " + "( K_recv = early data )")); + mbedtls_ssl_set_inbound_transform( + ssl, ssl->handshake->transform_earlydata); + mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_END_OF_EARLY_DATA); + return 0; + } +#endif /* MBEDTLS_SSL_EARLY_DATA */ + MBEDTLS_SSL_DEBUG_MSG(1, ("Switch to handshake keys for inbound traffic")); mbedtls_ssl_set_inbound_transform(ssl, ssl->handshake->transform_handshake); @@ -2818,6 +2846,98 @@ static int ssl_tls13_process_wait_flight2(mbedtls_ssl_context *ssl) return 0; } +#if defined(MBEDTLS_SSL_EARLY_DATA) +/* + * Handler for MBEDTLS_SSL_END_OF_EARLY_DATA( WAIT_EOED ) + * + * RFC 8446 section A.2 + * + * | + * +------> WAIT_EOED -+ + * | Recv | | Recv EndOfEarlyData + * | early data | | K_recv = handshake + * +------------+ | + * | + * WAIT_FLIGHT2 <--------+ + * | + */ +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_process_wait_eoed(mbedtls_ssl_context *ssl) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + mbedtls_ssl_handshake_params *handshake = ssl->handshake; + + MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_tls13_process_wait_eoed")); + + if ((ret = mbedtls_ssl_read_record(ssl, 0)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; + } + + /* RFC 8446 section 4.5 + * + * struct {} EndOfEarlyData; + */ + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msg[0] == MBEDTLS_SSL_HS_END_OF_EARLY_DATA) { + MBEDTLS_SSL_DEBUG_MSG( + 1, ("Switch to handshake keys for inbound traffic" + "( K_recv = handshake )")); + mbedtls_ssl_set_inbound_transform(ssl, handshake->transform_handshake); + mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_WAIT_FLIGHT2); + + ret = mbedtls_ssl_add_hs_hdr_to_checksum( + ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, 0); + if (0 != ret) { + MBEDTLS_SSL_DEBUG_RET( + 1, ("mbedtls_ssl_add_hs_hdr_to_checksum"), ret); + } + + goto cleanup; + + } + + /* RFC 8446 section 2.3 figure 4 + * + * 0-RTT data is sent via application data message. + */ + ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA) { + MBEDTLS_SSL_DEBUG_MSG( + 2, ("Unexpected message type %d", ssl->in_msgtype)); + goto cleanup; + } + + /* + * Output early data + * + * For time being, we print received data via debug message. + * + * TODO: Remove it when `mbedtls_ssl_read_early_data` is ready. + */ + ssl->in_msg[ssl->in_msglen] = 0; + MBEDTLS_SSL_DEBUG_MSG(3, ("\n%s", ssl->in_msg)); + + /* RFC 8446 section 4.6.1 + * + * A server receiving more than max_early_data_size bytes of 0-RTT data + * SHOULD terminate the connection with an "unexpected_message" alert. + * + * TODO: Add received data size check here. + */ + + ret = 0; + +cleanup: + if (ret == MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE) { + MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE, + MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE); + } + MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_tls13_process_wait_eoed")); + return ret; +} +#endif /* MBEDTLS_SSL_EARLY_DATA */ + /* * Handler for MBEDTLS_SSL_CLIENT_FINISHED */ @@ -3262,6 +3382,12 @@ int mbedtls_ssl_tls13_handshake_server_step(mbedtls_ssl_context *ssl) ret = ssl_tls13_process_wait_flight2(ssl); break; +#if defined(MBEDTLS_SSL_EARLY_DATA) + case MBEDTLS_SSL_END_OF_EARLY_DATA: + ret = ssl_tls13_process_wait_eoed(ssl); + break; +#endif /* MBEDTLS_SSL_EARLY_DATA */ + case MBEDTLS_SSL_CLIENT_FINISHED: ret = ssl_tls13_process_client_finished(ssl); break; From 0e9eafff13f08e0cdff8e2db0ca08f8eb331a278 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 8 Feb 2023 15:38:19 +0800 Subject: [PATCH 0765/1674] Update tests to the code status Signed-off-by: Jerry Yu --- tests/opt-testcases/tls13-misc.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index 920838449..6fc0c607f 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -511,12 +511,12 @@ requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED -run_test "TLS 1.3 G->m: EarlyData: feature is enabled, fail." \ +run_test "TLS 1.3 G->m: EarlyData: feature is enabled, good." \ "$P_SRV force_version=tls13 debug_level=4 max_early_data_size=$EARLY_DATA_INPUT_LEN" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL:+KX-ALL \ -d 10 -r --earlydata $EARLY_DATA_INPUT " \ - 1 \ + 0 \ -s "ClientHello: early_data(42) extension exists." \ -s "EncryptedExtensions: early_data(42) extension exists." \ -s "NewSessionTicket: early_data(42) extension does not exist." \ - -s "Last error was: -29056 - SSL - Verification of the message MAC failed" + -s "$( tail -1 $EARLY_DATA_INPUT )" From 1136fad1263216e88c8cf32d85977b55bddbdc9b Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 16:54:31 +0800 Subject: [PATCH 0766/1674] ssl_tls: improve readability in ssl_*_preset_*_sig_algs - fix wrong comment in #endif - no semantics changes Signed-off-by: Yanray Wang --- library/ssl_tls.c | 41 +++++++++++++++++++++-------------------- 1 file changed, 21 insertions(+), 20 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 830278243..511e4360e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5054,23 +5054,17 @@ static uint16_t ssl_preset_default_sig_algs[] = { // == MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA512) #endif -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ - defined(MBEDTLS_MD_CAN_SHA512) +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && defined(MBEDTLS_MD_CAN_SHA512) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512, -#endif \ - /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA512 */ +#endif -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ - defined(MBEDTLS_MD_CAN_SHA384) +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && defined(MBEDTLS_MD_CAN_SHA384) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384, -#endif \ - /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA384 */ +#endif -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ - defined(MBEDTLS_MD_CAN_SHA256) +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && defined(MBEDTLS_MD_CAN_SHA256) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256, -#endif \ - /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA256 */ +#endif #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA512) MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA512, @@ -5090,42 +5084,47 @@ static uint16_t ssl_preset_default_sig_algs[] = { /* NOTICE: see above */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) static uint16_t ssl_tls12_preset_default_sig_algs[] = { + #if defined(MBEDTLS_MD_CAN_SHA512) #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA512), #endif #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512, -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ +#endif #if defined(MBEDTLS_RSA_C) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA512), #endif -#endif /* MBEDTLS_MD_CAN_SHA512*/ +#endif /* MBEDTLS_MD_CAN_SHA512 */ + #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384), #endif #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384, -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ +#endif #if defined(MBEDTLS_RSA_C) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA384), #endif -#endif /* MBEDTLS_MD_CAN_SHA384*/ +#endif /* MBEDTLS_MD_CAN_SHA384 */ + #if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA256), #endif #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256, -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ +#endif #if defined(MBEDTLS_RSA_C) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA256), #endif -#endif /* MBEDTLS_MD_CAN_SHA256*/ +#endif /* MBEDTLS_MD_CAN_SHA256 */ + MBEDTLS_TLS_SIG_NONE }; #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + /* NOTICE: see above */ static uint16_t ssl_preset_suiteb_sig_algs[] = { @@ -5149,17 +5148,19 @@ static uint16_t ssl_preset_suiteb_sig_algs[] = { /* NOTICE: see above */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) static uint16_t ssl_tls12_preset_suiteb_sig_algs[] = { + #if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA256), #endif -#endif /* MBEDTLS_MD_CAN_SHA256*/ +#endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384), #endif -#endif /* MBEDTLS_MD_CAN_SHA256*/ +#endif /* MBEDTLS_MD_CAN_SHA384 */ + MBEDTLS_TLS_SIG_NONE }; #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ From d8c899cb179f2bae8a89740c0f9819681a9a83be Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 18:14:38 +0800 Subject: [PATCH 0767/1674] TLS Suite B fix: add ChangeLog entry Signed-off-by: Yanray Wang --- ChangeLog.d/fix-tls-SuiteB.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/fix-tls-SuiteB.txt diff --git a/ChangeLog.d/fix-tls-SuiteB.txt b/ChangeLog.d/fix-tls-SuiteB.txt new file mode 100644 index 000000000..0be753ac5 --- /dev/null +++ b/ChangeLog.d/fix-tls-SuiteB.txt @@ -0,0 +1,3 @@ +Bugfix + * Remove accidental introduction of RSA signature algorithms + in TLS Suite B Profile. Fixes #8221. From 5da8ecffe6c2e278d2e85a66ed4deb27bf9c8bdc Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 18:52:19 +0800 Subject: [PATCH 0768/1674] tls13: nst early_data: remove duplicate code Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 361f0c0af..c9680c2eb 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2663,12 +2663,6 @@ static int ssl_tls13_parse_nst_early_data_ext(mbedtls_ssl_context *ssl, const unsigned char *end) { MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4); - if ((end - buf) != 4) { - MBEDTLS_SSL_PEND_FATAL_ALERT( - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR, - MBEDTLS_ERR_SSL_DECODE_ERROR); - return MBEDTLS_ERR_SSL_DECODE_ERROR; - } if (ssl->session != NULL) { ssl->session->max_early_data_size = MBEDTLS_GET_UINT32_BE(buf, 0); From 554ee62fbae40e98a34721a1b9591c9e9b42062b Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 18:55:01 +0800 Subject: [PATCH 0769/1674] tls13: early_data: fix wrong debug_ret message Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index c9680c2eb..068676cde 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2715,7 +2715,7 @@ static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, ssl, p, p + extension_data_len); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET( - 1, "ssl_tls13_parse_max_early_data_size_ext", ret); + 1, "ssl_tls13_parse_nst_early_data_ext", ret); } break; #endif /* MBEDTLS_SSL_EARLY_DATA */ From 31dbc3613ad0fad4b4acc1a4ebf22ccdfb6f47a8 Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Fri, 10 Nov 2023 16:01:43 +0000 Subject: [PATCH 0770/1674] prepare_release: sed querry change to strip whitespace Signed-off-by: Minos Galanakis --- scripts/prepare_release.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/prepare_release.sh b/scripts/prepare_release.sh index 7f972e070..3b63ed9e6 100755 --- a/scripts/prepare_release.sh +++ b/scripts/prepare_release.sh @@ -39,11 +39,11 @@ done GITIGNORES=$(find . -name ".gitignore") for GITIGNORE in $GITIGNORES; do if [ -n "$unrelease" ]; then - sed -i '/###START_COMMENTED_GENERATED_FILES###/,/###END_COMMENTED_GENERATED_FILES###/s/^# //' $GITIGNORE + sed -i '/###START_COMMENTED_GENERATED_FILES###/,/###END_COMMENTED_GENERATED_FILES###/s/^#//' $GITIGNORE sed -i 's/###START_COMMENTED_GENERATED_FILES###/###START_GENERATED_FILES###/' $GITIGNORE sed -i 's/###END_COMMENTED_GENERATED_FILES###/###END_GENERATED_FILES###/' $GITIGNORE else - sed -i '/###START_GENERATED_FILES###/,/###END_GENERATED_FILES###/s/^/# /' $GITIGNORE + sed -i '/###START_GENERATED_FILES###/,/###END_GENERATED_FILES###/s/^/#/' $GITIGNORE sed -i 's/###START_GENERATED_FILES###/###START_COMMENTED_GENERATED_FILES###/' $GITIGNORE sed -i 's/###END_GENERATED_FILES###/###END_COMMENTED_GENERATED_FILES###/' $GITIGNORE fi From 79cae20a025d7a988d00e443331b348b479119e3 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 22 Nov 2023 15:49:19 +0000 Subject: [PATCH 0771/1674] Remove useless line Signed-off-by: Thomas Daubney --- scripts/generate_driver_wrappers.py | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py index 538999af8..de8995947 100755 --- a/scripts/generate_driver_wrappers.py +++ b/scripts/generate_driver_wrappers.py @@ -178,7 +178,6 @@ def main() -> int: repo_root = os.path.abspath(args.repo_root) - library_dir = '' if build_tree.looks_like_mbedtls_root(repo_root): library_dir = 'library' elif build_tree.looks_like_tf_psa_crypto_root(repo_root): From b42c50bd6044b29d00012adf02bd8f607c5a2dc3 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 22 Nov 2023 15:53:38 +0000 Subject: [PATCH 0772/1674] Make use of new crypto_core_directory function Signed-off-by: Thomas Daubney --- scripts/generate_driver_wrappers.py | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py index de8995947..a3c858859 100755 --- a/scripts/generate_driver_wrappers.py +++ b/scripts/generate_driver_wrappers.py @@ -178,10 +178,7 @@ def main() -> int: repo_root = os.path.abspath(args.repo_root) - if build_tree.looks_like_mbedtls_root(repo_root): - library_dir = 'library' - elif build_tree.looks_like_tf_psa_crypto_root(repo_root): - library_dir = 'core' + library_dir = build_tree.crypto_core_directory(repo_root) output_directory = args.output_directory if args.output_directory is not None else \ os.path.join(repo_root, library_dir) From 772056ccea0535c3b764f9a4d51e844547e1080f Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 22 Nov 2023 16:23:16 +0000 Subject: [PATCH 0773/1674] Replace repo_root with project_root Signed-off-by: Thomas Daubney --- scripts/generate_driver_wrappers.py | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py index a3c858859..709f380cd 100755 --- a/scripts/generate_driver_wrappers.py +++ b/scripts/generate_driver_wrappers.py @@ -108,17 +108,17 @@ def load_driver(schemas: Dict[str, Any], driver_file: str) -> Any: return json_data -def load_schemas(repo_root: str) -> Dict[str, Any]: +def load_schemas(project_root: str) -> Dict[str, Any]: """ Load schemas map """ schema_file_paths = { - 'transparent': os.path.join(repo_root, + 'transparent': os.path.join(project_root, 'scripts', 'data_files', 'driver_jsons', 'driver_transparent_schema.json'), - 'opaque': os.path.join(repo_root, + 'opaque': os.path.join(project_root, 'scripts', 'data_files', 'driver_jsons', @@ -131,13 +131,13 @@ def load_schemas(repo_root: str) -> Dict[str, Any]: return driver_schema -def read_driver_descriptions(repo_root: str, +def read_driver_descriptions(project_root: str, json_directory: str, jsondriver_list: str) -> list: """ Merge driver JSON files into a single ordered JSON after validation. """ - driver_schema = load_schemas(repo_root) + driver_schema = load_schemas(project_root) with open(file=os.path.join(json_directory, jsondriver_list), mode='r', @@ -163,10 +163,10 @@ def main() -> int: """ Main with command line arguments. """ - def_arg_repo_root = build_tree.guess_mbedtls_root() + def_arg_project_root = build_tree.guess_mbedtls_root() parser = argparse.ArgumentParser() - parser.add_argument('--repo-root', default=def_arg_repo_root, + parser.add_argument('--project-root', default=def_arg_project_root, help='root directory of repo source code') parser.add_argument('--template-dir', help='directory holding the driver templates') @@ -176,27 +176,27 @@ def main() -> int: help='output file\'s location') args = parser.parse_args() - repo_root = os.path.abspath(args.repo_root) + project_root = os.path.abspath(args.project_root) - library_dir = build_tree.crypto_core_directory(repo_root) + library_dir = build_tree.crypto_core_directory(project_root) output_directory = args.output_directory if args.output_directory is not None else \ - os.path.join(repo_root, library_dir) + os.path.join(project_root, library_dir) template_directory = args.template_dir if args.template_dir is not None else \ - os.path.join(repo_root, + os.path.join(project_root, 'scripts', 'data_files', 'driver_templates') json_directory = args.json_dir if args.json_dir is not None else \ - os.path.join(repo_root, + os.path.join(project_root, 'scripts', 'data_files', 'driver_jsons') try: # Read and validate list of driver jsons from driverlist.json - merged_driver_json = read_driver_descriptions(repo_root, + merged_driver_json = read_driver_descriptions(project_root, json_directory, 'driverlist.json') except DriverReaderException as e: From 4e574dbd437179571b38c0d96be9c7f9f9132c0f Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Wed, 22 Nov 2023 17:48:00 +0100 Subject: [PATCH 0774/1674] Remove initial changelog entry creation support Signed-off-by: Gabor Mezei --- scripts/assemble_changelog.py | 24 +++++++----------------- 1 file changed, 7 insertions(+), 17 deletions(-) diff --git a/scripts/assemble_changelog.py b/scripts/assemble_changelog.py index 81ce68223..b2fa96a07 100755 --- a/scripts/assemble_changelog.py +++ b/scripts/assemble_changelog.py @@ -128,19 +128,11 @@ class TextChangelogFormat(ChangelogFormat): def extract_top_version(cls, changelog_file_content): """A version section starts with a line starting with '='.""" m = re.search(cls._top_version_re, changelog_file_content) - if m: - top_version_start = m.start(1) - top_version_end = m.end(2) - top_version_title = m.group(1) - top_version_body = m.group(2) - name = re.match(cls._name_re, top_version_title).group(1) - # No entries found - else: - top_version_start = None - top_version_end = None - name = 'xxx' - top_version_title = '' - top_version_body = '' + top_version_start = m.start(1) + top_version_end = m.end(2) + top_version_title = m.group(1) + top_version_body = m.group(2) + name = re.match(cls._name_re, top_version_title).group(1) if cls.is_released_version(top_version_title): top_version_end = top_version_start top_version_title = cls._unreleased_version_text.format(name) + '\n\n' @@ -272,10 +264,8 @@ class ChangeLog: """Write the changelog to the specified file. """ with open(filename, 'w', encoding='utf-8') as out: - if self.header: - out.write(self.header) - if self.top_version_title: - out.write(self.top_version_title) + out.write(self.header) + out.write(self.top_version_title) for title, body in self.categories.items(): if not body: continue From fa8ec2611e08bc99e722850138d5b7195715b3fa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 22 Nov 2023 17:55:43 +0100 Subject: [PATCH 0775/1674] Detect enabled GCC/Clang sanitizers Occasionally we want tests to take advantage of sanitizers, or work around them. Signed-off-by: Gilles Peskine --- tests/include/test/helpers.h | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index ba117fbdf..cf791e2b6 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -20,6 +20,21 @@ #include "mbedtls/build_info.h" +#if defined(__SANITIZE_ADDRESS__) /* gcc -fsanitize=address */ +# define MBEDTLS_TEST_HAVE_ASAN +#endif +#if defined(__has_feature) +# if __has_feature(address_sanitizer) /* clang -fsanitize=address */ +# define MBEDTLS_TEST_HAVE_ASAN +# endif +# if __has_feature(memory_sanitizer) /* clang -fsanitize=memory */ +# define MBEDTLS_TEST_HAVE_MSAN +# endif +# if __has_feature(thread_sanitizer) /* clang -fsanitize=thread */ +# define MBEDTLS_TEST_HAVE_TSAN +# endif +#endif + #if defined(MBEDTLS_THREADING_C) && defined(MBEDTLS_THREADING_PTHREAD) && \ defined(MBEDTLS_TEST_HOOKS) #define MBEDTLS_TEST_MUTEX_USAGE From 05ebe967bee0f90e21525235e09048916cf6f9bc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sun, 1 Oct 2023 21:44:31 +0200 Subject: [PATCH 0776/1674] Disable check_mbedtls_calloc overallocation under ASan This test case exercises an integer overflow in calloc. Under Asan, with a modern Clang, this triggers an Asan complaint. The complaint can be avoided with ASAN_OPTIONS=allocator_may_return_null=1, but this has to be set in the environment before the program starts, and could hide other errors. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_platform.data | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/suites/test_suite_platform.data b/tests/suites/test_suite_platform.data index 4d5745076..397ff1b79 100644 --- a/tests/suites/test_suite_platform.data +++ b/tests/suites/test_suite_platform.data @@ -6,4 +6,10 @@ Time: get seconds time_get_seconds: Check mbedtls_calloc overallocation +# This test case exercises an integer overflow in calloc. Under Asan, with +# a modern Clang, this triggers an Asan complaint. The complaint can be +# avoided with ASAN_OPTIONS=allocator_may_return_null=1, but this has to +# be set in the environment before the program starts, and could hide +# other errors. +depends_on:!MBEDTLS_TEST_HAVE_ASAN check_mbedtls_calloc_overallocation:SIZE_MAX/2:SIZE_MAX/2 From d35b94b662c4cbbd9cdd7df1acbf8849f833c923 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 22 Nov 2023 17:00:34 +0000 Subject: [PATCH 0777/1674] Improve implementation of crypto_core_directory Signed-off-by: Thomas Daubney --- scripts/mbedtls_dev/build_tree.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index 4a42d9a2b..9c0b5ba96 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -7,6 +7,7 @@ import os import inspect +from typing import Optional def looks_like_tf_psa_crypto_root(path: str) -> bool: """Whether the given directory looks like the root of the PSA Crypto source tree.""" @@ -21,10 +22,12 @@ def looks_like_mbedtls_root(path: str) -> bool: def looks_like_root(path: str) -> bool: return looks_like_tf_psa_crypto_root(path) or looks_like_mbedtls_root(path) -def crypto_core_directory() -> str: - if looks_like_tf_psa_crypto_root(os.path.curdir): +def crypto_core_directory(root: Optional[str] = None) -> str: + if root is None: + root = guess_mbedtls_root() + if looks_like_tf_psa_crypto_root(root): return "core" - elif looks_like_mbedtls_root(os.path.curdir): + elif looks_like_mbedtls_root(root): return "library" else: raise Exception('Neither Mbed TLS nor TF-PSA-Crypto source tree found') From 3b2b7f8acf5eb4697f4908a2938f7fe584f5d622 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 22 Nov 2023 18:08:17 +0100 Subject: [PATCH 0778/1674] MSan and TSan complain as well, not just ASan Signed-off-by: Gilles Peskine --- tests/suites/test_suite_platform.data | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_platform.data b/tests/suites/test_suite_platform.data index 397ff1b79..653d2545c 100644 --- a/tests/suites/test_suite_platform.data +++ b/tests/suites/test_suite_platform.data @@ -7,9 +7,9 @@ time_get_seconds: Check mbedtls_calloc overallocation # This test case exercises an integer overflow in calloc. Under Asan, with -# a modern Clang, this triggers an Asan complaint. The complaint can be -# avoided with ASAN_OPTIONS=allocator_may_return_null=1, but this has to -# be set in the environment before the program starts, and could hide -# other errors. -depends_on:!MBEDTLS_TEST_HAVE_ASAN +# a modern Clang, this triggers an ASan/MSan/TSan complaint. The complaint +# can be avoided with e.g. ASAN_OPTIONS=allocator_may_return_null=1, +# but this has to be set in the environment before the program starts, +# and could hide other errors. +depends_on:!MBEDTLS_TEST_HAVE_ASAN:!MBEDTLS_TEST_HAVE_MSAN:!MBEDTLS_TEST_HAVE_TSAN check_mbedtls_calloc_overallocation:SIZE_MAX/2:SIZE_MAX/2 From 755d32117bb031ebb3d7c24fd53f9a48225de671 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 22 Nov 2023 17:18:22 +0000 Subject: [PATCH 0779/1674] Rename guess_mbedtls_root to guess_project_root Rename for consistency. Also, replace all calls to this function with correct name. Signed-off-by: Thomas Daubney --- scripts/generate_driver_wrappers.py | 2 +- scripts/generate_ssl_debug_helpers.py | 2 +- scripts/mbedtls_dev/build_tree.py | 10 +++++----- tests/scripts/audit-validity-dates.py | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py index 709f380cd..5223d459f 100755 --- a/scripts/generate_driver_wrappers.py +++ b/scripts/generate_driver_wrappers.py @@ -163,7 +163,7 @@ def main() -> int: """ Main with command line arguments. """ - def_arg_project_root = build_tree.guess_mbedtls_root() + def_arg_project_root = build_tree.guess_project_root() parser = argparse.ArgumentParser() parser.add_argument('--project-root', default=def_arg_project_root, diff --git a/scripts/generate_ssl_debug_helpers.py b/scripts/generate_ssl_debug_helpers.py index a0544f153..af8ef86ee 100755 --- a/scripts/generate_ssl_debug_helpers.py +++ b/scripts/generate_ssl_debug_helpers.py @@ -367,7 +367,7 @@ def generate_ssl_debug_helpers(output_directory, mbedtls_root): Generate functions of debug helps """ mbedtls_root = os.path.abspath( - mbedtls_root or build_tree.guess_mbedtls_root()) + mbedtls_root or build_tree.guess_project_root()) with open(os.path.join(mbedtls_root, 'include/mbedtls/ssl.h')) as f: source_code = remove_c_comments(f.read()) diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index 9c0b5ba96..da455a7f2 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -24,7 +24,7 @@ def looks_like_root(path: str) -> bool: def crypto_core_directory(root: Optional[str] = None) -> str: if root is None: - root = guess_mbedtls_root() + root = guess_project_root() if looks_like_tf_psa_crypto_root(root): return "core" elif looks_like_mbedtls_root(root): @@ -55,10 +55,10 @@ def chdir_to_root() -> None: raise Exception('Mbed TLS source tree not found') -def guess_mbedtls_root(): - """Guess mbedTLS source code directory. +def guess_project_root(): + """Guess project source code directory. - Return the first possible mbedTLS root directory + Return the first possible project root directory. """ dirs = set({}) for frame in inspect.stack(): @@ -71,4 +71,4 @@ def guess_mbedtls_root(): dirs.add(d) if looks_like_root(d): return d - raise Exception('Mbed TLS source tree not found') + raise Exception('Neither Mbed TLS nor TF-PSA-Crypto source tree found') diff --git a/tests/scripts/audit-validity-dates.py b/tests/scripts/audit-validity-dates.py index 96b705a28..ab09b4a1e 100755 --- a/tests/scripts/audit-validity-dates.py +++ b/tests/scripts/audit-validity-dates.py @@ -265,7 +265,7 @@ class Auditor: @staticmethod def find_test_dir(): """Get the relative path for the Mbed TLS test directory.""" - return os.path.relpath(build_tree.guess_mbedtls_root() + '/tests') + return os.path.relpath(build_tree.guess_project_root() + '/tests') class TestDataAuditor(Auditor): From a6cf5d67c516f1cb73815ec54db2606a27db4d80 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 22 Nov 2023 11:35:21 +0800 Subject: [PATCH 0780/1674] Share parsed outcomes among tasks when ananlyzing This extremely improves the performance. Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index a070b0163..ddacf2e06 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -179,23 +179,26 @@ by a semicolon. outcomes[key].failures.append(setup) return outcomes -def do_analyze_coverage(results: Results, outcome_file, args): +def do_analyze_coverage(results: Results, outcomes_or_file, args): """Perform coverage analysis.""" results.new_section("Analyze coverage") - outcomes = read_outcome_file(outcome_file) + outcomes = read_outcome_file(outcomes_or_file) \ + if isinstance(outcomes_or_file, str) else outcomes_or_file analyze_outcomes(results, outcomes, args) -def do_analyze_driver_vs_reference(results: Results, outcome_file, args): +def do_analyze_driver_vs_reference(results: Results, outcomes_or_file, args): """Perform driver vs reference analyze.""" results.new_section("Analyze driver {} vs reference {}", args['component_driver'], args['component_ref']) - execute_reference_driver_tests(results, args['component_ref'], \ - args['component_driver'], outcome_file) - ignored_suites = ['test_suite_' + x for x in args['ignored_suites']] - outcomes = read_outcome_file(outcome_file) + if isinstance(outcomes_or_file, str): + execute_reference_driver_tests(results, args['component_ref'], \ + args['component_driver'], outcomes_or_file) + outcomes = read_outcome_file(outcomes_or_file) + else: + outcomes = outcomes_or_file analyze_driver_vs_reference(results, outcomes, args['component_ref'], args['component_driver'], @@ -493,10 +496,19 @@ def main(): KNOWN_TASKS['analyze_coverage']['args']['full_coverage'] = options.full_coverage + # If the outcome file already exists, we assume that the user wants to + # perform the comparison. + # Share the contents among tasks to improve performance. + if os.path.exists(options.outcomes): + main_results.info("Read outcome file from {}.", options.outcomes) + outcomes_or_file = read_outcome_file(options.outcomes) + else: + outcomes_or_file = options.outcomes + for task in tasks_list: test_function = KNOWN_TASKS[task]['test_function'] test_args = KNOWN_TASKS[task]['args'] - test_function(main_results, options.outcomes, test_args) + test_function(main_results, outcomes_or_file, test_args) main_results.info("Overall results: {} warnings and {} errors", main_results.warning_count, main_results.error_count) From a4428588782c60947b11a2ee703e4eceda7ac8b4 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 22 Nov 2023 19:02:15 +0800 Subject: [PATCH 0781/1674] Restruct the structure of outcome file presentation Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 68 ++++++++++++------------------- 1 file changed, 26 insertions(+), 42 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index ddacf2e06..2cd6257d3 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -40,25 +40,6 @@ class Results: def _print_line(fmt, *args, **kwargs): sys.stderr.write((fmt + '\n').format(*args, **kwargs)) -class TestCaseOutcomes: - """The outcomes of one test case across many configurations.""" - # pylint: disable=too-few-public-methods - - def __init__(self): - # Collect a list of witnesses of the test case succeeding or failing. - # Currently we don't do anything with witnesses except count them. - # The format of a witness is determined by the read_outcome_file - # function; it's the platform and configuration joined by ';'. - self.successes = [] - self.failures = [] - - def hits(self): - """Return the number of times a test case has been run. - - This includes passes and failures, but not skips. - """ - return len(self.successes) + len(self.failures) - def execute_reference_driver_tests(results: Results, ref_component, driver_component, \ outcome_file): """Run the tests specified in ref_component and driver_component. Results @@ -82,7 +63,12 @@ def analyze_coverage(results, outcomes, allow_list, full_coverage): """Check that all available test cases are executed at least once.""" available = check_test_cases.collect_available_test_cases() for key in available: - hits = outcomes[key].hits() if key in outcomes else 0 + hits = 0 + for _comp, comp_outcomes in outcomes.items(): + if key in comp_outcomes["successes"] or \ + key in comp_outcomes["failures"]: + hits += 1 + if hits == 0 and key not in allow_list: if full_coverage: results.error('Test case not executed: {}', key) @@ -117,8 +103,14 @@ def analyze_driver_vs_reference(results: Results, outcomes, - only some specific test inside a test suite, for which the corresponding output string is provided """ - seen_reference_passing = False - for key in outcomes: + ref_outcomes = outcomes.get("component_" + component_ref) + driver_outcomes = outcomes.get("component_" + component_driver) + + if ref_outcomes is None or not ref_outcomes['successes']: + results.error("no passing test in reference component: bad outcome file?") + return + + for key in ref_outcomes["successes"]: # key is like "test_suite_foo.bar;Description of test case" (full_test_suite, test_string) = key.split(';') test_suite = full_test_suite.split('.')[0] # retrieve main part of test suite name @@ -136,23 +128,11 @@ def analyze_driver_vs_reference(results: Results, outcomes, if name_matches_pattern(test_string, str_or_re): ignored = True - # Search for tests that run in reference component and not in driver component - driver_test_passed = False - reference_test_passed = False - for entry in outcomes[key].successes: - if component_driver in entry: - driver_test_passed = True - if component_ref in entry: - reference_test_passed = True - seen_reference_passing = True - if reference_test_passed and not driver_test_passed and not ignored: + if not ignored and not key in driver_outcomes['successes']: results.error("PASS -> SKIP/FAIL: {}", key) - if ignored and driver_test_passed: + if ignored and key in driver_outcomes['successes']: results.error("uselessly ignored: {}", key) - if not seen_reference_passing: - results.error("no passing test in reference component: bad outcome file?") - def analyze_outcomes(results: Results, outcomes, args): """Run all analyses on the given outcome collection.""" analyze_coverage(results, outcomes, args['allow_list'], @@ -168,15 +148,19 @@ by a semicolon. outcomes = {} with open(outcome_file, 'r', encoding='utf-8') as input_file: for line in input_file: - (platform, config, suite, case, result, _cause) = line.split(';') + (_platform, config, suite, case, result, _cause) = line.split(';') key = ';'.join([suite, case]) - setup = ';'.join([platform, config]) - if key not in outcomes: - outcomes[key] = TestCaseOutcomes() + if config not in outcomes: + outcomes[config] = {"successes":[], "failures":[]} if result == 'PASS': - outcomes[key].successes.append(setup) + outcomes[config]['successes'].append(key) elif result == 'FAIL': - outcomes[key].failures.append(setup) + outcomes[config]['failures'].append(key) + + for config in outcomes: + outcomes[config]['successes'] = frozenset(outcomes[config]['successes']) + outcomes[config]['failures'] = frozenset(outcomes[config]['failures']) + return outcomes def do_analyze_coverage(results: Results, outcomes_or_file, args): From 31a9b7891adf28a7437b177cb547d2ffb58a8983 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 23 Nov 2023 14:15:37 +0800 Subject: [PATCH 0782/1674] Improve comments and variable naming Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 57 ++++++++++++++++++------------- 1 file changed, 33 insertions(+), 24 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 2cd6257d3..0baba1b7e 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -62,24 +62,24 @@ def execute_reference_driver_tests(results: Results, ref_component, driver_compo def analyze_coverage(results, outcomes, allow_list, full_coverage): """Check that all available test cases are executed at least once.""" available = check_test_cases.collect_available_test_cases() - for key in available: + for suite_case in available: hits = 0 for _comp, comp_outcomes in outcomes.items(): - if key in comp_outcomes["successes"] or \ - key in comp_outcomes["failures"]: + if suite_case in comp_outcomes["successes"] or \ + suite_case in comp_outcomes["failures"]: hits += 1 - if hits == 0 and key not in allow_list: + if hits == 0 and suite_case not in allow_list: if full_coverage: - results.error('Test case not executed: {}', key) + results.error('Test case not executed: {}', suite_case) else: - results.warning('Test case not executed: {}', key) - elif hits != 0 and key in allow_list: + results.warning('Test case not executed: {}', suite_case) + elif hits != 0 and suite_case in allow_list: # Test Case should be removed from the allow list. if full_coverage: - results.error('Allow listed test case was executed: {}', key) + results.error('Allow listed test case was executed: {}', suite_case) else: - results.warning('Allow listed test case was executed: {}', key) + results.warning('Allow listed test case was executed: {}', suite_case) def name_matches_pattern(name, str_or_re): """Check if name matches a pattern, that may be a string or regex. @@ -96,8 +96,8 @@ def name_matches_pattern(name, str_or_re): def analyze_driver_vs_reference(results: Results, outcomes, component_ref, component_driver, ignored_suites, ignored_tests=None): - """Check that all tests executed in the reference component are also - executed in the corresponding driver component. + """Check that all tests passed in the reference component are also + passed in the corresponding driver component. Skip: - full test suites provided in ignored_suites list - only some specific test inside a test suite, for which the corresponding @@ -110,9 +110,9 @@ def analyze_driver_vs_reference(results: Results, outcomes, results.error("no passing test in reference component: bad outcome file?") return - for key in ref_outcomes["successes"]: - # key is like "test_suite_foo.bar;Description of test case" - (full_test_suite, test_string) = key.split(';') + for suite_case in ref_outcomes["successes"]: + # suite_case is like "test_suite_foo.bar;Description of test case" + (full_test_suite, test_string) = suite_case.split(';') test_suite = full_test_suite.split('.')[0] # retrieve main part of test suite name # Immediately skip fully-ignored test suites @@ -128,10 +128,10 @@ def analyze_driver_vs_reference(results: Results, outcomes, if name_matches_pattern(test_string, str_or_re): ignored = True - if not ignored and not key in driver_outcomes['successes']: - results.error("PASS -> SKIP/FAIL: {}", key) - if ignored and key in driver_outcomes['successes']: - results.error("uselessly ignored: {}", key) + if not ignored and not suite_case in driver_outcomes['successes']: + results.error("PASS -> SKIP/FAIL: {}", suite_case) + if ignored and suite_case in driver_outcomes['successes']: + results.error("uselessly ignored: {}", suite_case) def analyze_outcomes(results: Results, outcomes, args): """Run all analyses on the given outcome collection.""" @@ -141,22 +141,31 @@ def analyze_outcomes(results: Results, outcomes, args): def read_outcome_file(outcome_file): """Parse an outcome file and return an outcome collection. -An outcome collection is a dictionary mapping keys to TestCaseOutcomes objects. -The keys are the test suite name and the test case description, separated -by a semicolon. +An outcome collection is a dictionary presentation of the outcome file: +``` +outcomes = { + "": { + "successes": frozenset(["", ... ]), + "failures": frozenset(["", ...]) + } + ... +} +suite_case = ";" +``` """ outcomes = {} with open(outcome_file, 'r', encoding='utf-8') as input_file: for line in input_file: (_platform, config, suite, case, result, _cause) = line.split(';') - key = ';'.join([suite, case]) + suite_case = ';'.join([suite, case]) if config not in outcomes: outcomes[config] = {"successes":[], "failures":[]} if result == 'PASS': - outcomes[config]['successes'].append(key) + outcomes[config]['successes'].append(suite_case) elif result == 'FAIL': - outcomes[config]['failures'].append(key) + outcomes[config]['failures'].append(suite_case) + # Convert `list` to `frozenset` to improve search performance for config in outcomes: outcomes[config]['successes'] = frozenset(outcomes[config]['successes']) outcomes[config]['failures'] = frozenset(outcomes[config]['failures']) From 70642ecb249d6c88bf7f16031b7a6acfb771528c Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 23 Nov 2023 11:10:53 +0800 Subject: [PATCH 0783/1674] all.sh: check_test_dependencies: add one more option - add !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT in whitelist Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index bc4570f88..2f952345c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1044,7 +1044,10 @@ component_check_test_dependencies () { tests/suites/test_suite_psa*.data tests/suites/test_suite_psa*.function | grep -Eo '!?MBEDTLS_[^: ]*' | grep -v MBEDTLS_PSA_ | - sort -u > $found + # By default, sort (v8.25) on ubuntu-16 and sort (v8.30) on ubuntu-20 + # sort text in different order. We use -d option to sort text in + # an order considering only blanks and alphanumeric characters. + sort -ud > $found # Expected ones with justification - keep in sorted order! rm -f $expected @@ -1056,6 +1059,8 @@ component_check_test_dependencies () { # the test code and that's probably the most convenient way of achieving # the test's goal. echo "MBEDTLS_ASN1_WRITE_C" >> $expected + # No PSA equivalent - used to skip decryption tests in CBC/XTS/DES/NIST_KW + echo "!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT" >> $expected # No PSA equivalent - we should probably have one in the future. echo "MBEDTLS_ECP_RESTARTABLE" >> $expected # No PSA equivalent - needed by some init tests From 42be1bab30b62fc9cc962049862d4e1d54e26930 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 23 Nov 2023 14:28:47 +0800 Subject: [PATCH 0784/1674] block_cipher_no_decrypt: improve comment Signed-off-by: Yanray Wang --- scripts/config.py | 2 +- tests/scripts/all.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/config.py b/scripts/config.py index 0f5ad87f3..d5fb85e52 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -180,7 +180,7 @@ EXCLUDE_FROM_FULL = frozenset([ #pylint: disable=line-too-long 'MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH', # interacts with CTR_DRBG_128_BIT_KEY 'MBEDTLS_AES_USE_HARDWARE_ONLY', # hardware dependency - 'MBEDTLS_BLOCK_CIPHER_NO_DECRYPT', # incompatible with DES/CBC/XTS/NIST_KW + 'MBEDTLS_BLOCK_CIPHER_NO_DECRYPT', # incompatible with ECB in PSA, CBC/XTS/NIST_KW/DES 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', # interacts with ENTROPY_FORCE_SHA256 'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options 'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 2f952345c..8ddbf4b40 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1059,7 +1059,7 @@ component_check_test_dependencies () { # the test code and that's probably the most convenient way of achieving # the test's goal. echo "MBEDTLS_ASN1_WRITE_C" >> $expected - # No PSA equivalent - used to skip decryption tests in CBC/XTS/DES/NIST_KW + # No PSA equivalent - used to skip decryption tests in PSA-ECB, CBC/XTS/NIST_KW/DES echo "!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT" >> $expected # No PSA equivalent - we should probably have one in the future. echo "MBEDTLS_ECP_RESTARTABLE" >> $expected @@ -4252,7 +4252,7 @@ component_build_aes_variations() { cd "$MBEDTLS_ROOT_DIR" msg "build: aes.o for all combinations of relevant config options + BLOCK_CIPHER_NO_DECRYPT" - # MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is incompatible with CBC/XTS/DES/NIST_KW, + # MBEDTLS_BLOCK_CIPHER_NO_DECRYPT is incompatible with ECB in PSA, CBC/XTS/NIST_KW/DES, # manually set or unset those configurations to check # MBEDTLS_BLOCK_CIPHER_NO_DECRYPT with various combinations in aes.o. scripts/config.py set MBEDTLS_BLOCK_CIPHER_NO_DECRYPT From d012084e91bb12a2743eee0fa10e7a2bc284feed Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 23 Nov 2023 16:35:54 +0800 Subject: [PATCH 0785/1674] tls13: early_data: cli: optimize code - remove unnecessary check - using local variable session Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 068676cde..a62d2bcd3 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2662,19 +2662,18 @@ static int ssl_tls13_parse_nst_early_data_ext(mbedtls_ssl_context *ssl, const unsigned char *buf, const unsigned char *end) { + mbedtls_ssl_session *session = ssl->session; + MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4); - if (ssl->session != NULL) { - ssl->session->max_early_data_size = MBEDTLS_GET_UINT32_BE(buf, 0); - mbedtls_ssl_session_set_ticket_flags( - ssl->session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); - MBEDTLS_SSL_DEBUG_MSG( - 3, ("received max_early_data_size: %u", - (unsigned int) ssl->session->max_early_data_size)); - return 0; - } + session->max_early_data_size = MBEDTLS_GET_UINT32_BE(buf, 0); + mbedtls_ssl_session_set_ticket_flags( + session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); + MBEDTLS_SSL_DEBUG_MSG( + 3, ("received max_early_data_size: %u", + (unsigned int) session->max_early_data_size)); - return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + return 0; } #endif /* MBEDTLS_SSL_EARLY_DATA */ From d0c3076dba98d48dc5ab866f197923ad75615d45 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 23 Nov 2023 09:59:57 +0000 Subject: [PATCH 0786/1674] Make use of crypto_core_directory function in script Signed-off-by: Thomas Daubney --- tests/scripts/test_psa_compliance.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index bed6d849e..2482d032a 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -52,10 +52,10 @@ def main(library_build_dir: str): if in_tf_psa_crypto_repo: crypto_name = 'tfpsacrypto' - library_subdir = 'core' else: crypto_name = 'mbedcrypto' - library_subdir = 'library' + + library_subdir = build_tree.crypto_core_directory() crypto_lib_filename = (library_build_dir + '/' + library_subdir + '/' + From 8932404c456abfde51fac9b818120255018ec303 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 23 Nov 2023 10:14:12 +0000 Subject: [PATCH 0787/1674] Introduce project_crypto_name in build_tree.py Add new function to build_tree.py to return the crypto name for the project; either tfpsacrypto or mbedcrypto. Deploy this function where needed. Signed-off-by: Thomas Daubney --- scripts/mbedtls_dev/build_tree.py | 10 ++++++++++ tests/scripts/test_psa_compliance.py | 5 +---- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index da455a7f2..f506c4142 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -32,6 +32,16 @@ def crypto_core_directory(root: Optional[str] = None) -> str: else: raise Exception('Neither Mbed TLS nor TF-PSA-Crypto source tree found') +def project_crypto_name(root: Optional[str] = None) -> str: + if root is None: + root = guess_project_root() + if looks_like_tf_psa_crypto_root(root): + return "tfpsacrypto" + elif looks_like_mbedtls_root(root): + return "mbedcrypto" + else: + raise Exception('Neither Mbed TLS nor TF-PSA-Crypto source tree found') + def check_repo_path(): """ Check that the current working directory is the project root, and throw diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 2482d032a..82cc1b1db 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -50,10 +50,7 @@ def main(library_build_dir: str): in_tf_psa_crypto_repo = build_tree.looks_like_tf_psa_crypto_root(root_dir) - if in_tf_psa_crypto_repo: - crypto_name = 'tfpsacrypto' - else: - crypto_name = 'mbedcrypto' + crypto_name = build_tree.project_crypto_name() library_subdir = build_tree.crypto_core_directory() From 3781ab40fb24c06ca7401bcecc3e1aa31d669a55 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 23 Nov 2023 18:17:11 +0800 Subject: [PATCH 0788/1674] tls13: early_data: cli: remove nst_ prefix Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index a62d2bcd3..fec4a7d58 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2658,10 +2658,16 @@ static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) * } EarlyDataIndication; */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_parse_nst_early_data_ext(mbedtls_ssl_context *ssl, - const unsigned char *buf, - const unsigned char *end) +static int ssl_tls13_parse_early_data_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + const unsigned char *end) { + /* Make sure early data indication extension is received from + * NewSessionTicket. */ + if (!mbedtls_ssl_is_handshake_over(ssl)) { + return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + } + mbedtls_ssl_session *session = ssl->session; MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4); @@ -2710,11 +2716,11 @@ static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, switch (extension_type) { #if defined(MBEDTLS_SSL_EARLY_DATA) case MBEDTLS_TLS_EXT_EARLY_DATA: - ret = ssl_tls13_parse_nst_early_data_ext( + ret = ssl_tls13_parse_early_data_ext( ssl, p, p + extension_data_len); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET( - 1, "ssl_tls13_parse_nst_early_data_ext", ret); + 1, "ssl_tls13_parse_early_data_ext", ret); } break; #endif /* MBEDTLS_SSL_EARLY_DATA */ From 18040ede3fc89b3e2b1f4f92ede4d5fe33c94b26 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 23 Nov 2023 21:29:56 +0800 Subject: [PATCH 0789/1674] all.sh: export LC_COLLATE=C for sorting in ASCII order By default, 'sort' sorts characters with system default locale, which causes unexpected sorting order. To sort characters in ASCII from computer perspective, export LC_COLLATE=C to specify character collation for regular expressions and sorting with C locale. Signed-off-by: Yanray Wang --- tests/scripts/all.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8ddbf4b40..5c2f1fd79 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -163,6 +163,9 @@ pre_initialize_variables () { # basic-build-test.sh as well. RELEASE_SEED=1 + # Specify character collation for regular expressions and sorting with C locale + export LC_COLLATE=C + : ${MBEDTLS_TEST_OUTCOME_FILE=} : ${MBEDTLS_TEST_PLATFORM="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"} export MBEDTLS_TEST_OUTCOME_FILE @@ -1044,23 +1047,20 @@ component_check_test_dependencies () { tests/suites/test_suite_psa*.data tests/suites/test_suite_psa*.function | grep -Eo '!?MBEDTLS_[^: ]*' | grep -v MBEDTLS_PSA_ | - # By default, sort (v8.25) on ubuntu-16 and sort (v8.30) on ubuntu-20 - # sort text in different order. We use -d option to sort text in - # an order considering only blanks and alphanumeric characters. - sort -ud > $found + sort -u > $found - # Expected ones with justification - keep in sorted order! + # Expected ones with justification - keep in sorted order by ASCII table! rm -f $expected # No PSA equivalent - WANT_KEY_TYPE_AES means all sizes echo "!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" >> $expected + # No PSA equivalent - used to skip decryption tests in PSA-ECB, CBC/XTS/NIST_KW/DES + echo "!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT" >> $expected # This is used by import_rsa_made_up() in test_suite_psa_crypto in order # to build a fake RSA key of the wanted size based on # PSA_VENDOR_RSA_MAX_KEY_BITS. The legacy module is only used by # the test code and that's probably the most convenient way of achieving # the test's goal. echo "MBEDTLS_ASN1_WRITE_C" >> $expected - # No PSA equivalent - used to skip decryption tests in PSA-ECB, CBC/XTS/NIST_KW/DES - echo "!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT" >> $expected # No PSA equivalent - we should probably have one in the future. echo "MBEDTLS_ECP_RESTARTABLE" >> $expected # No PSA equivalent - needed by some init tests From 34915fac3a5f0d051029501f007f5e24b45479e4 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 23 Nov 2023 17:20:19 +0100 Subject: [PATCH 0790/1674] ssl-opt.sh: Fix getting the list of supported ciphersuites. Signed-off-by: Ronald Cron --- tests/ssl-opt.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 42f9f5e5a..b3f8ed4a4 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -358,7 +358,7 @@ requires_protocol_version() { # Space-separated list of ciphersuites supported by this build of # Mbed TLS. -P_CIPHERSUITES=" $($P_CLI --help 2>/dev/null | +P_CIPHERSUITES=" $($P_CLI help_ciphersuites 2>/dev/null | grep 'TLS-\|TLS1-3' | tr -s ' \n' ' ')" requires_ciphersuite_enabled() { From d69f4017fbf949ab3aceca178b034b73e6e43dbc Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 23 Nov 2023 16:20:45 +0000 Subject: [PATCH 0791/1674] Refactor `psa_load_persistent_key_into_slot` to remove bad `goto` Merges the two calls to `psa_copy_key_material_into_slot. Signed-off-by: Ryan Everett --- library/psa_crypto_slot_management.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 5ecc3a76c..027800984 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -234,14 +234,10 @@ static psa_status_t psa_load_persistent_key_into_slot(psa_key_slot_t *slot) status = PSA_ERROR_DATA_INVALID; goto exit; } - data = (psa_se_key_data_storage_t *) key_data; - status = psa_copy_key_material_into_slot( - slot, data->slot_number, sizeof(data->slot_number)); - if (status == PSA_SUCCESS) { - slot->status = PSA_SLOT_OCCUPIED; - } - goto exit; + data = (psa_se_key_data_storage_t *) key_data; + key_data = data->slot_number; + key_data_length = sizeof(key_data); } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ From 2a0d4e2995f22c47bfaa41bc66cf604099416277 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 23 Nov 2023 16:33:12 +0000 Subject: [PATCH 0792/1674] Revert "Refactor `psa_load_persistent_key_into_slot` to remove bad `goto`" This reverts commit d69f4017fbf949ab3aceca178b034b73e6e43dbc. Signed-off-by: Ryan Everett --- library/psa_crypto_slot_management.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 027800984..5ecc3a76c 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -234,10 +234,14 @@ static psa_status_t psa_load_persistent_key_into_slot(psa_key_slot_t *slot) status = PSA_ERROR_DATA_INVALID; goto exit; } - data = (psa_se_key_data_storage_t *) key_data; - key_data = data->slot_number; - key_data_length = sizeof(key_data); + status = psa_copy_key_material_into_slot( + slot, data->slot_number, sizeof(data->slot_number)); + + if (status == PSA_SUCCESS) { + slot->status = PSA_SLOT_OCCUPIED; + } + goto exit; } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ From f25d83112389ec4b4cc23ae6c005c56fec53841f Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 23 Nov 2023 18:49:43 +0000 Subject: [PATCH 0793/1674] Ensure mutex test mutex gets free'd Signed-off-by: Paul Elliott --- programs/ssl/ssl_test_lib.c | 3 +++ tests/include/test/helpers.h | 12 ++++++++++-- tests/src/threading_helpers.c | 10 ++++++++++ tests/suites/host_test.function | 4 ++++ 4 files changed, 27 insertions(+), 2 deletions(-) diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c index 6e0c6153f..b49dd67c2 100644 --- a/programs/ssl/ssl_test_lib.c +++ b/programs/ssl/ssl_test_lib.c @@ -435,6 +435,9 @@ int test_hooks_failure_detected(void) void test_hooks_free(void) { +#if defined(MBEDTLS_TEST_MUTEX_USAGE) + mbedtls_test_mutex_usage_end(); +#endif } #endif /* MBEDTLS_TEST_HOOKS */ diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index ba117fbdf..4708df163 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -240,10 +240,18 @@ int mbedtls_test_hexcmp(uint8_t *a, uint8_t *b, #endif #if defined(MBEDTLS_TEST_MUTEX_USAGE) -/** Permanently activate the mutex usage verification framework. See - * threading_helpers.c for information. */ +/** + * Activate the mutex usage verification framework. See threading_helpers.c for + * information. + * */ void mbedtls_test_mutex_usage_init(void); +/** + * Deactivate the mutex usage verification framework. See threading_helpers.c + * for information. + */ +void mbedtls_test_mutex_usage_end(void); + /** Call this function after executing a test case to check for mutex usage * errors. */ void mbedtls_test_mutex_usage_check(void); diff --git a/tests/src/threading_helpers.c b/tests/src/threading_helpers.c index 385a07926..434d124f1 100644 --- a/tests/src/threading_helpers.c +++ b/tests/src/threading_helpers.c @@ -228,4 +228,14 @@ void mbedtls_test_mutex_usage_check(void) mbedtls_test_info.mutex_usage_error = NULL; } +void mbedtls_test_mutex_usage_end(void) +{ + mbedtls_mutex_init = mutex_functions.init; + mbedtls_mutex_free = mutex_functions.free; + mbedtls_mutex_lock = mutex_functions.lock; + mbedtls_mutex_unlock = mutex_functions.unlock; + + mutex_functions.free(&mbedtls_test_mutex_mutex); +} + #endif /* MBEDTLS_TEST_MUTEX_USAGE */ diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index d8ff49ef1..cc286973c 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -772,6 +772,10 @@ int execute_tests(int argc, const char **argv) mbedtls_fprintf(stdout, " (%u / %u tests (%u skipped))\n", total_tests - total_errors, total_tests, total_skipped); +#if defined(MBEDTLS_TEST_MUTEX_USAGE) + mbedtls_test_mutex_usage_end(); +#endif + #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ !defined(TEST_SUITE_MEMORY_BUFFER_ALLOC) #if defined(MBEDTLS_MEMORY_DEBUG) From 8c6d332c44bd4a212119c278f3f8a21fb420257d Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 23 Nov 2023 18:53:13 +0000 Subject: [PATCH 0794/1674] Fix comment typos Signed-off-by: Paul Elliott --- library/threading.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/threading.c b/library/threading.c index d97f0cfe7..873b5077b 100644 --- a/library/threading.c +++ b/library/threading.c @@ -59,9 +59,9 @@ static void threading_mutex_init_pthread(mbedtls_threading_mutex_t *mutex) /* One problem here is that calling lock on a pthread mutex without first * having initialised it is undefined behaviour. Obviously we cannot check * this here in a thread safe manner without a significant performance - * hit, so state transitions are checked in tests only via the is_valid - * varaible. Please make sure any new mutex that gets added is exercised in - * tests; see tests/src/threading_helpers for more details. */ + * hit, so state transitions are checked in tests only via the state + * variable. Please make sure any new mutex that gets added is exercised in + * tests; see tests/src/threading_helpers.c for more details. */ (void) pthread_mutex_init(&mutex->mutex, NULL); } From 1b58ecbfb0f0aa4d29e70472f90178f86bb88a1c Mon Sep 17 00:00:00 2001 From: Oldes Huhuman Date: Thu, 23 Nov 2023 22:46:20 +0100 Subject: [PATCH 0795/1674] Fixed compilation for Haiku OS Related to: https://github.com/Mbed-TLS/mbedtls/issues/8562 Signed-off-by: Oldes Huhuman --- library/platform_util.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/platform_util.c b/library/platform_util.c index 6d2dd144d..cc463402c 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -243,10 +243,10 @@ extern inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x); #include #if !defined(_WIN32) && \ (defined(unix) || defined(__unix) || defined(__unix__) || \ - (defined(__APPLE__) && defined(__MACH__))) + (defined(__APPLE__) && defined(__MACH__)) || defined(__HAIKU__)) #include -#endif /* !_WIN32 && (unix || __unix || __unix__ || (__APPLE__ && __MACH__)) */ -#if (defined(_POSIX_VERSION) && _POSIX_VERSION >= 199309L) +#endif /* !_WIN32 && (unix || __unix || __unix__ || (__APPLE__ && __MACH__) || defined(__HAIKU__)) */ +#if (defined(_POSIX_VERSION) && _POSIX_VERSION >= 199309L) || defined(__HAIKU__) mbedtls_ms_time_t mbedtls_ms_time(void) { int ret; From beec452e3ccb52ca1e585a8e8450d97e9f879472 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 24 Nov 2023 10:48:44 +0000 Subject: [PATCH 0796/1674] Use os.path.join in crypto_core_directory Signed-off-by: Thomas Daubney --- scripts/mbedtls_dev/build_tree.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index f506c4142..fa309d3e6 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -26,9 +26,9 @@ def crypto_core_directory(root: Optional[str] = None) -> str: if root is None: root = guess_project_root() if looks_like_tf_psa_crypto_root(root): - return "core" + return os.path.join(root, "core") elif looks_like_mbedtls_root(root): - return "library" + return os.path.join(root, "library") else: raise Exception('Neither Mbed TLS nor TF-PSA-Crypto source tree found') From cdbf2fd64431ba14d0d497a20d8eb073a3814190 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 24 Nov 2023 10:54:56 +0000 Subject: [PATCH 0797/1674] Add documentation for new public functions Signed-off-by: Thomas Daubney --- scripts/mbedtls_dev/build_tree.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index fa309d3e6..4e0ae1953 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -23,6 +23,7 @@ def looks_like_root(path: str) -> bool: return looks_like_tf_psa_crypto_root(path) or looks_like_mbedtls_root(path) def crypto_core_directory(root: Optional[str] = None) -> str: + """Return the path of the library code for either TF-PSA-Crypto or Mbed TLS.""" if root is None: root = guess_project_root() if looks_like_tf_psa_crypto_root(root): @@ -33,6 +34,7 @@ def crypto_core_directory(root: Optional[str] = None) -> str: raise Exception('Neither Mbed TLS nor TF-PSA-Crypto source tree found') def project_crypto_name(root: Optional[str] = None) -> str: + """Return the crypto library filename for either TF-PSA-Crypto or Mbed TLS.""" if root is None: root = guess_project_root() if looks_like_tf_psa_crypto_root(root): From fc60e9b7bf92698ae13dde72ea21dcc17a71f874 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 24 Nov 2023 10:56:04 +0000 Subject: [PATCH 0798/1674] Make function calls consistent Signed-off-by: Thomas Daubney --- tests/scripts/test_psa_compliance.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 82cc1b1db..034949bc6 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -50,9 +50,8 @@ def main(library_build_dir: str): in_tf_psa_crypto_repo = build_tree.looks_like_tf_psa_crypto_root(root_dir) - crypto_name = build_tree.project_crypto_name() - - library_subdir = build_tree.crypto_core_directory() + crypto_name = build_tree.project_crypto_name(root_dir) + library_subdir = build_tree.crypto_core_directory(root_dir) crypto_lib_filename = (library_build_dir + '/' + library_subdir + '/' + From 6130a619f8800e7b41970e89aba3a8c39d784730 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 24 Nov 2023 10:58:07 +0000 Subject: [PATCH 0799/1674] Remove unused variable Signed-off-by: Thomas Daubney --- tests/scripts/test_psa_compliance.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 034949bc6..e2ccea3de 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -48,8 +48,6 @@ PSA_ARCH_TESTS_REF = 'fix-pr-5736' def main(library_build_dir: str): root_dir = os.getcwd() - in_tf_psa_crypto_repo = build_tree.looks_like_tf_psa_crypto_root(root_dir) - crypto_name = build_tree.project_crypto_name(root_dir) library_subdir = build_tree.crypto_core_directory(root_dir) From e8f37893124dca94569a7b0edf9a338d9623e7ea Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 24 Nov 2023 11:41:23 +0000 Subject: [PATCH 0800/1674] Revert change that removed in_tf_psa_crypto_repo variable Signed-off-by: Thomas Daubney --- tests/scripts/test_psa_compliance.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index e2ccea3de..034949bc6 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -48,6 +48,8 @@ PSA_ARCH_TESTS_REF = 'fix-pr-5736' def main(library_build_dir: str): root_dir = os.getcwd() + in_tf_psa_crypto_repo = build_tree.looks_like_tf_psa_crypto_root(root_dir) + crypto_name = build_tree.project_crypto_name(root_dir) library_subdir = build_tree.crypto_core_directory(root_dir) From 392ed3fe7fe9d0ed7769fbb3ad9a6329114a7e1e Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Fri, 24 Nov 2023 15:48:28 +0000 Subject: [PATCH 0801/1674] Add better documentation for mbedtls_test_mutex_mutex Signed-off-by: Paul Elliott --- tests/src/threading_helpers.c | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/tests/src/threading_helpers.c b/tests/src/threading_helpers.c index 434d124f1..5fbf65b2d 100644 --- a/tests/src/threading_helpers.c +++ b/tests/src/threading_helpers.c @@ -77,12 +77,30 @@ typedef struct { } mutex_functions_t; static mutex_functions_t mutex_functions; +/** + * The mutex used to guard live_mutexes below and access to the status variable + * in every mbedtls_threading_mutex_t. + * Note that we are not reporting any errors when locking and unlocking this + * mutex. This is for a couple of reasons: + * + * 1. We have no real way of reporting any errors with this mutex - we cannot + * report it back to the caller, as the failure was not that of the mutex + * passed in. We could fail the test, but again this would indicate a problem + * with the test code that did not exist. + * + * 2. Any failure to lock is unlikely to be intermittent, and will thus not + * give false test results - the overall result would be to turn off the + * testing. This is not a situation that is likely to happen with normal + * testing and we still have TSan to fall back on should this happen. + */ mbedtls_threading_mutex_t mbedtls_test_mutex_mutex; -/** The total number of calls to mbedtls_mutex_init(), minus the total number - * of calls to mbedtls_mutex_free(). +/** + * The total number of calls to mbedtls_mutex_init(), minus the total number + * of calls to mbedtls_mutex_free(). * - * Reset to 0 after each test case. + * Do not read or write without holding mbedtls_test_mutex_mutex (above). Reset + * to 0 after each test case. */ static int live_mutexes; From 16b00f9522cc802c8e23628d7cb6f047ed3c5939 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 27 Nov 2023 15:52:24 +0800 Subject: [PATCH 0802/1674] mbedtls_config: improve documentation for BLOCK_CIPHER_NO_DECRYPT Signed-off-by: Yanray Wang --- include/mbedtls/mbedtls_config.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 552d944fb..abdb0a34f 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2382,7 +2382,10 @@ * \note This feature is incompatible with insecure block cipher, * MBEDTLS_DES_C, and cipher modes which always require decryption * operation, MBEDTLS_CIPHER_MODE_CBC, MBEDTLS_CIPHER_MODE_XTS and - * MBEDTLS_NIST_KW_C. + * MBEDTLS_NIST_KW_C. When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, + * this feature is incompatible with following supported PSA equivalence, + * PSA_WANT_ALG_ECB_NO_PADDING, PSA_WANT_ALG_CBC_NO_PADDING, + * PSA_WANT_ALG_CBC_PKCS7 and PSA_WANT_KEY_TYPE_DES. * * Module: library/aes.c * library/aesce.c From 6f6090d19b3734d16b5983276d8fac92abc40b1b Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 27 Nov 2023 15:54:53 +0800 Subject: [PATCH 0803/1674] tf-m config: update and enable BLOCK_CIPHER_NO_DECRYPT Signed-off-by: Yanray Wang --- .../tfm_mbedcrypto_config_profile_medium.h | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/configs/ext/tfm_mbedcrypto_config_profile_medium.h b/configs/ext/tfm_mbedcrypto_config_profile_medium.h index 34a3bd4ff..53243dd93 100644 --- a/configs/ext/tfm_mbedcrypto_config_profile_medium.h +++ b/configs/ext/tfm_mbedcrypto_config_profile_medium.h @@ -325,6 +325,28 @@ */ #define MBEDTLS_AES_C +/** + * \def MBEDTLS_BLOCK_CIPHER_NO_DECRYPT + * + * Remove decryption operation for AES, ARIA and Camellia block cipher. + * + * \note This feature is incompatible with insecure block cipher, + * MBEDTLS_DES_C, and cipher modes which always require decryption + * operation, MBEDTLS_CIPHER_MODE_CBC, MBEDTLS_CIPHER_MODE_XTS and + * MBEDTLS_NIST_KW_C. When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, + * this feature is incompatible with following supported PSA equivalence, + * PSA_WANT_ALG_ECB_NO_PADDING, PSA_WANT_ALG_CBC_NO_PADDING, + * PSA_WANT_ALG_CBC_PKCS7 and PSA_WANT_KEY_TYPE_DES. + * + * Module: library/aes.c + * library/aesce.c + * library/aesni.c + * library/aria.c + * library/camellia.c + * library/cipher.c + */ +#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT + /** * \def MBEDTLS_CIPHER_C * From 150002c9f9d644c0ad752d4d5404716050d2819d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 27 Nov 2023 18:24:45 +0100 Subject: [PATCH 0804/1674] Skip calloc overallocation test case This test case is incompatible with sanitizers (e.g. ASan), and thus skipped. If the driver component uses a sanitizer but the reference component doesn't, we have a PASS vs SKIP mismatch. Since this test case is unrelated to drivers, we don't mind ignoring it. Signed-off-by: Gilles Peskine --- tests/scripts/analyze_outcomes.py | 51 ++++++++++++++++++++++++++++++- 1 file changed, 50 insertions(+), 1 deletion(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index a070b0163..0028f7502 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -232,6 +232,12 @@ KNOWN_TASKS = { 'psa_crypto_low_hash.generated', # testing the builtins ], 'ignored_tests': { + 'test_suite_platform': [ + # Incompatible with sanitizers (e.g. ASan). If the driver + # component uses a sanitizer but the reference component + # doesn't, we have a PASS vs SKIP mismatch. + 'Check mbedtls_calloc overallocation', + ], } } }, @@ -255,6 +261,12 @@ KNOWN_TASKS = { 'test_suite_pem': [ re.compile(r'PEM read .*(AES|DES|\bencrypt).*'), ], + 'test_suite_platform': [ + # Incompatible with sanitizers (e.g. ASan). If the driver + # component uses a sanitizer but the reference component + # doesn't, we have a PASS vs SKIP mismatch. + 'Check mbedtls_calloc overallocation', + ], # Following tests depend on AES_C/DES_C but are not about # them really, just need to know some error code is there. 'test_suite_error': [ @@ -297,6 +309,12 @@ KNOWN_TASKS = { 'ecdsa', 'ecdh', 'ecjpake', ], 'ignored_tests': { + 'test_suite_platform': [ + # Incompatible with sanitizers (e.g. ASan). If the driver + # component uses a sanitizer but the reference component + # doesn't, we have a PASS vs SKIP mismatch. + 'Check mbedtls_calloc overallocation', + ], # This test wants a legacy function that takes f_rng, p_rng # arguments, and uses legacy ECDSA for that. The test is # really about the wrapper around the PSA RNG, not ECDSA. @@ -330,6 +348,12 @@ KNOWN_TASKS = { 'ecp', 'ecdsa', 'ecdh', 'ecjpake', ], 'ignored_tests': { + 'test_suite_platform': [ + # Incompatible with sanitizers (e.g. ASan). If the driver + # component uses a sanitizer but the reference component + # doesn't, we have a PASS vs SKIP mismatch. + 'Check mbedtls_calloc overallocation', + ], # See ecp_light_only 'test_suite_random': [ 'PSA classic wrapper: ECDSA signature (SECP256R1)', @@ -363,6 +387,12 @@ KNOWN_TASKS = { 'bignum.generated', 'bignum.misc', ], 'ignored_tests': { + 'test_suite_platform': [ + # Incompatible with sanitizers (e.g. ASan). If the driver + # component uses a sanitizer but the reference component + # doesn't, we have a PASS vs SKIP mismatch. + 'Check mbedtls_calloc overallocation', + ], # See ecp_light_only 'test_suite_random': [ 'PSA classic wrapper: ECDSA signature (SECP256R1)', @@ -400,6 +430,12 @@ KNOWN_TASKS = { 'bignum.generated', 'bignum.misc', ], 'ignored_tests': { + 'test_suite_platform': [ + # Incompatible with sanitizers (e.g. ASan). If the driver + # component uses a sanitizer but the reference component + # doesn't, we have a PASS vs SKIP mismatch. + 'Check mbedtls_calloc overallocation', + ], # See ecp_light_only 'test_suite_random': [ 'PSA classic wrapper: ECDSA signature (SECP256R1)', @@ -431,7 +467,14 @@ KNOWN_TASKS = { 'component_ref': 'test_psa_crypto_config_reference_ffdh', 'component_driver': 'test_psa_crypto_config_accel_ffdh', 'ignored_suites': ['dhm'], - 'ignored_tests': {} + 'ignored_tests': { + 'test_suite_platform': [ + # Incompatible with sanitizers (e.g. ASan). If the driver + # component uses a sanitizer but the reference component + # doesn't, we have a PASS vs SKIP mismatch. + 'Check mbedtls_calloc overallocation', + ], + } } }, 'analyze_driver_vs_reference_tfm_config': { @@ -447,6 +490,12 @@ KNOWN_TASKS = { 'bignum.generated', 'bignum.misc', ], 'ignored_tests': { + 'test_suite_platform': [ + # Incompatible with sanitizers (e.g. ASan). If the driver + # component uses a sanitizer but the reference component + # doesn't, we have a PASS vs SKIP mismatch. + 'Check mbedtls_calloc overallocation', + ], # See ecp_light_only 'test_suite_random': [ 'PSA classic wrapper: ECDSA signature (SECP256R1)', From a1ddcfaef8d7cd5e49ae30825d43004596cce616 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 28 Nov 2023 09:46:01 +0800 Subject: [PATCH 0805/1674] Extend the pattern of pkparse test on encrypted keys These test cases are ignored when analyzing outcomes on analyze_driver_vs_reference_cipher_aead task. Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index a070b0163..71e9bd8b4 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -282,7 +282,7 @@ KNOWN_TASKS = { 'test_suite_pkparse': [ 'Key ASN1 (Encrypted key PKCS12, trailing garbage data)', 'Key ASN1 (Encrypted key PKCS5, trailing garbage data)', - re.compile(r'Parse RSA Key .*\(PKCS#8 encrypted .*\)'), + re.compile(r'Parse (RSA|EC) Key .*\(.* ([Ee]ncrypted|password).*\)'), ], } } From dd1d6a7cca72bd65ac54dba85b1e7bf9a2f4cef3 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Mon, 27 Nov 2023 17:57:31 +0800 Subject: [PATCH 0806/1674] Improve readability of the script Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 0baba1b7e..4d1367608 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -64,7 +64,7 @@ def analyze_coverage(results, outcomes, allow_list, full_coverage): available = check_test_cases.collect_available_test_cases() for suite_case in available: hits = 0 - for _comp, comp_outcomes in outcomes.items(): + for comp_outcomes in outcomes.values(): if suite_case in comp_outcomes["successes"] or \ suite_case in comp_outcomes["failures"]: hits += 1 @@ -96,8 +96,8 @@ def name_matches_pattern(name, str_or_re): def analyze_driver_vs_reference(results: Results, outcomes, component_ref, component_driver, ignored_suites, ignored_tests=None): - """Check that all tests passed in the reference component are also - passed in the corresponding driver component. + """Check that all tests passing in the reference component are also + passing in the corresponding driver component. Skip: - full test suites provided in ignored_suites list - only some specific test inside a test suite, for which the corresponding @@ -144,7 +144,7 @@ def read_outcome_file(outcome_file): An outcome collection is a dictionary presentation of the outcome file: ``` outcomes = { - "": { + "": { "successes": frozenset(["", ... ]), "failures": frozenset(["", ...]) } @@ -156,19 +156,19 @@ suite_case = ";" outcomes = {} with open(outcome_file, 'r', encoding='utf-8') as input_file: for line in input_file: - (_platform, config, suite, case, result, _cause) = line.split(';') + (_platform, component, suite, case, result, _cause) = line.split(';') suite_case = ';'.join([suite, case]) - if config not in outcomes: - outcomes[config] = {"successes":[], "failures":[]} + if component not in outcomes: + outcomes[component] = {"successes":[], "failures":[]} if result == 'PASS': - outcomes[config]['successes'].append(suite_case) + outcomes[component]['successes'].append(suite_case) elif result == 'FAIL': - outcomes[config]['failures'].append(suite_case) + outcomes[component]['failures'].append(suite_case) # Convert `list` to `frozenset` to improve search performance - for config in outcomes: - outcomes[config]['successes'] = frozenset(outcomes[config]['successes']) - outcomes[config]['failures'] = frozenset(outcomes[config]['failures']) + for component in outcomes: + outcomes[component]['successes'] = frozenset(outcomes[component]['successes']) + outcomes[component]['failures'] = frozenset(outcomes[component]['failures']) return outcomes @@ -489,9 +489,9 @@ def main(): KNOWN_TASKS['analyze_coverage']['args']['full_coverage'] = options.full_coverage - # If the outcome file already exists, we assume that the user wants to - # perform the comparison. - # Share the contents among tasks to improve performance. + # If the outcome file exists, parse it once and share the result + # among tasks to improve performance. + # Otherwise, it will be generated by do_analyze_driver_vs_reference. if os.path.exists(options.outcomes): main_results.info("Read outcome file from {}.", options.outcomes) outcomes_or_file = read_outcome_file(options.outcomes) From f28cf594b1f297e2d6354c3de6f85d0ea2a32dca Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 28 Nov 2023 10:56:29 +0800 Subject: [PATCH 0807/1674] Break the loop when case hits We don't care about the number of hits of the test cases, so break the iteration when the case hits. Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 4d1367608..488c96bba 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -68,6 +68,7 @@ def analyze_coverage(results, outcomes, allow_list, full_coverage): if suite_case in comp_outcomes["successes"] or \ suite_case in comp_outcomes["failures"]: hits += 1 + break if hits == 0 and suite_case not in allow_list: if full_coverage: From 59b9efc6dd89e761ac961798123363774c8e074d Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 28 Nov 2023 11:15:00 +0800 Subject: [PATCH 0808/1674] Check if driver_component is missing Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 488c96bba..2515b309e 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -107,7 +107,11 @@ def analyze_driver_vs_reference(results: Results, outcomes, ref_outcomes = outcomes.get("component_" + component_ref) driver_outcomes = outcomes.get("component_" + component_driver) - if ref_outcomes is None or not ref_outcomes['successes']: + if ref_outcomes is None or driver_outcomes is None: + results.error("required components are missing: bad outcome file?") + return + + if not ref_outcomes['successes']: results.error("no passing test in reference component: bad outcome file?") return From 28ae4648a61504acdfde9758e81368f8a7ec54bd Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 28 Nov 2023 11:35:19 +0800 Subject: [PATCH 0809/1674] Use mutable set all the time Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 2515b309e..890c70dd6 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -164,16 +164,11 @@ suite_case = ";" (_platform, component, suite, case, result, _cause) = line.split(';') suite_case = ';'.join([suite, case]) if component not in outcomes: - outcomes[component] = {"successes":[], "failures":[]} + outcomes[component] = {"successes":set(), "failures":set()} if result == 'PASS': - outcomes[component]['successes'].append(suite_case) + outcomes[component]['successes'].add(suite_case) elif result == 'FAIL': - outcomes[component]['failures'].append(suite_case) - - # Convert `list` to `frozenset` to improve search performance - for component in outcomes: - outcomes[component]['successes'] = frozenset(outcomes[component]['successes']) - outcomes[component]['failures'] = frozenset(outcomes[component]['failures']) + outcomes[component]['failures'].add(suite_case) return outcomes From 18908ec2767a1557b908137ad37ebecc52eca932 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 28 Nov 2023 12:11:52 +0800 Subject: [PATCH 0810/1674] Define named tuple for component outcomes Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 42 +++++++++++++++++++++---------- 1 file changed, 29 insertions(+), 13 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 890c70dd6..b52952458 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -12,9 +12,14 @@ import traceback import re import subprocess import os +import typing import check_test_cases +ComponentOutcomes = typing.NamedTuple('ComponentOutcomes', + [('successes', typing.Set[str]), + ('failures', typing.Set[str])]) + class Results: """Process analysis results.""" @@ -65,8 +70,8 @@ def analyze_coverage(results, outcomes, allow_list, full_coverage): for suite_case in available: hits = 0 for comp_outcomes in outcomes.values(): - if suite_case in comp_outcomes["successes"] or \ - suite_case in comp_outcomes["failures"]: + if suite_case in comp_outcomes.successes or \ + suite_case in comp_outcomes.failures: hits += 1 break @@ -111,11 +116,11 @@ def analyze_driver_vs_reference(results: Results, outcomes, results.error("required components are missing: bad outcome file?") return - if not ref_outcomes['successes']: + if not ref_outcomes.successes: results.error("no passing test in reference component: bad outcome file?") return - for suite_case in ref_outcomes["successes"]: + for suite_case in ref_outcomes.successes: # suite_case is like "test_suite_foo.bar;Description of test case" (full_test_suite, test_string) = suite_case.split(';') test_suite = full_test_suite.split('.')[0] # retrieve main part of test suite name @@ -133,9 +138,9 @@ def analyze_driver_vs_reference(results: Results, outcomes, if name_matches_pattern(test_string, str_or_re): ignored = True - if not ignored and not suite_case in driver_outcomes['successes']: + if not ignored and not suite_case in driver_outcomes.successes: results.error("PASS -> SKIP/FAIL: {}", suite_case) - if ignored and suite_case in driver_outcomes['successes']: + if ignored and suite_case in driver_outcomes.successes: results.error("uselessly ignored: {}", suite_case) def analyze_outcomes(results: Results, outcomes, args): @@ -149,12 +154,23 @@ def read_outcome_file(outcome_file): An outcome collection is a dictionary presentation of the outcome file: ``` outcomes = { - "": { - "successes": frozenset(["", ... ]), - "failures": frozenset(["", ...]) - } + "": ComponentOutcomes, ... } + +CompoentOutcomes is a named tuple which is defined as: + +ComponentOutcomes( + successes = { + , + ... + }, + failures = { + , + ... + } +) + suite_case = ";" ``` """ @@ -164,11 +180,11 @@ suite_case = ";" (_platform, component, suite, case, result, _cause) = line.split(';') suite_case = ';'.join([suite, case]) if component not in outcomes: - outcomes[component] = {"successes":set(), "failures":set()} + outcomes[component] = ComponentOutcomes(set(), set()) if result == 'PASS': - outcomes[component]['successes'].add(suite_case) + outcomes[component].successes.add(suite_case) elif result == 'FAIL': - outcomes[component]['failures'].add(suite_case) + outcomes[component].failures.add(suite_case) return outcomes From da3c206ebde6c29904fb46a61ec7534f90c0d08e Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 28 Nov 2023 14:28:03 +0800 Subject: [PATCH 0811/1674] fix build warning with arm64 gcc 5.4 GCC 5.4 reports below warning on Arm64 ``` warning: 'vst1q_u8' is static but used in inline function 'mbedtls_xor' which is not static ``` This inline function miss `static`, others have the keyword Signed-off-by: Jerry Yu --- library/common.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/common.h b/library/common.h index c20f6b260..ec30a7da1 100644 --- a/library/common.h +++ b/library/common.h @@ -165,7 +165,10 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * \param b Pointer to input (buffer of at least \p n bytes) * \param n Number of bytes to process. */ -inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned char *b, size_t n) +static inline void mbedtls_xor(unsigned char *r, + const unsigned char *a, + const unsigned char *b, + size_t n) { size_t i = 0; #if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) From 20e3ca391ed30347ed611e9bfe83600f3455ed4d Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 28 Nov 2023 15:30:03 +0800 Subject: [PATCH 0812/1674] Run tests for ref_vs_driver outside task function Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 45 +++++++++++++++---------------- 1 file changed, 22 insertions(+), 23 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index b52952458..4e925a18e 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -50,11 +50,7 @@ def execute_reference_driver_tests(results: Results, ref_component, driver_compo """Run the tests specified in ref_component and driver_component. Results are stored in the output_file and they will be used for the following coverage analysis""" - # If the outcome file already exists, we assume that the user wants to - # perform the comparison analysis again without repeating the tests. - if os.path.exists(outcome_file): - results.info("Outcome file ({}) already exists. Tests will be skipped.", outcome_file) - return + results.new_section("Test {} and {}", ref_component, driver_component) shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \ " " + ref_component + " " + driver_component @@ -188,27 +184,18 @@ suite_case = ";" return outcomes -def do_analyze_coverage(results: Results, outcomes_or_file, args): +def do_analyze_coverage(results: Results, outcomes, args): """Perform coverage analysis.""" results.new_section("Analyze coverage") - outcomes = read_outcome_file(outcomes_or_file) \ - if isinstance(outcomes_or_file, str) else outcomes_or_file analyze_outcomes(results, outcomes, args) -def do_analyze_driver_vs_reference(results: Results, outcomes_or_file, args): +def do_analyze_driver_vs_reference(results: Results, outcomes, args): """Perform driver vs reference analyze.""" results.new_section("Analyze driver {} vs reference {}", args['component_driver'], args['component_ref']) ignored_suites = ['test_suite_' + x for x in args['ignored_suites']] - if isinstance(outcomes_or_file, str): - execute_reference_driver_tests(results, args['component_ref'], \ - args['component_driver'], outcomes_or_file) - outcomes = read_outcome_file(outcomes_or_file) - else: - outcomes = outcomes_or_file - analyze_driver_vs_reference(results, outcomes, args['component_ref'], args['component_driver'], ignored_suites, args['ignored_tests']) @@ -507,17 +494,29 @@ def main(): # If the outcome file exists, parse it once and share the result # among tasks to improve performance. - # Otherwise, it will be generated by do_analyze_driver_vs_reference. - if os.path.exists(options.outcomes): - main_results.info("Read outcome file from {}.", options.outcomes) - outcomes_or_file = read_outcome_file(options.outcomes) - else: - outcomes_or_file = options.outcomes + # Otherwise, it will be generated by execute_reference_driver_tests. + if not os.path.exists(options.outcomes): + if len(tasks_list) > 1: + sys.stderr.write("mutiple tasks found, please provide a valid outcomes file.\n") + sys.exit(2) + + task_name = tasks_list[0] + task = KNOWN_TASKS[task_name] + if task['test_function'] != do_analyze_driver_vs_reference: + sys.stderr.write("please provide valid outcomes file for {}.\n".format(task_name)) + sys.exit(2) + + execute_reference_driver_tests(main_results, + task['args']['component_ref'], + task['args']['component_driver'], + options.outcomes) + + outcomes = read_outcome_file(options.outcomes) for task in tasks_list: test_function = KNOWN_TASKS[task]['test_function'] test_args = KNOWN_TASKS[task]['args'] - test_function(main_results, outcomes_or_file, test_args) + test_function(main_results, outcomes, test_args) main_results.info("Overall results: {} warnings and {} errors", main_results.warning_count, main_results.error_count) From 180915018dd04f6ad66faa3e9fc66813a221643d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 28 Nov 2023 08:37:06 +0100 Subject: [PATCH 0813/1674] pem: auto add newlines to header/footer in mbedtls_pem_write_buffer() Signed-off-by: Valerio Setti --- include/mbedtls/pem.h | 3 +++ library/pem.c | 7 ++++++- library/x509write_crt.c | 4 ++-- library/x509write_csr.c | 4 ++-- tests/suites/test_suite_pem.data | 12 ++++++------ tests/suites/test_suite_pem.function | 6 +++--- 6 files changed, 22 insertions(+), 14 deletions(-) diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h index cc617a9bc..2fe19d026 100644 --- a/include/mbedtls/pem.h +++ b/include/mbedtls/pem.h @@ -135,6 +135,9 @@ void mbedtls_pem_free(mbedtls_pem_context *ctx); * \param olen The address at which to store the total length written * or required (if \p buf_len is not enough). * + * \note Newlines are automatically appended to both header and + * footer. + * * \note You may pass \c NULL for \p buf and \c 0 for \p buf_len * to request the length of the resulting PEM buffer in * `*olen`. diff --git a/library/pem.c b/library/pem.c index 9500ffcf7..7c0c447ee 100644 --- a/library/pem.c +++ b/library/pem.c @@ -473,7 +473,10 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer, size_t len = 0, use_len, add_len = 0; mbedtls_base64_encode(NULL, 0, &use_len, der_data, der_len); - add_len = strlen(header) + strlen(footer) + (((use_len > 2) ? (use_len - 2) : 0) / 64) + 1; + /* Newlines are appended to the end of both header and footer, so we + * account for an extra +2. */ + add_len = strlen(header) + strlen(footer) + 2 + \ + (((use_len > 2) ? (use_len - 2) : 0) / 64) + 1; if (use_len + add_len > buf_len) { *olen = use_len + add_len; @@ -493,6 +496,7 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer, memcpy(p, header, strlen(header)); p += strlen(header); + *p++ = '\n'; c = encode_buf; while (use_len) { @@ -506,6 +510,7 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer, memcpy(p, footer, strlen(footer)); p += strlen(footer); + *p++ = '\n'; *p++ = '\0'; *olen = p - buf; diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 4c019eee4..8d920f267 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -651,8 +651,8 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, return (int) len; } -#define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n" -#define PEM_END_CRT "-----END CERTIFICATE-----\n" +#define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----" +#define PEM_END_CRT "-----END CERTIFICATE-----" #if defined(MBEDTLS_PEM_WRITE_C) int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *crt, diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 4e397553a..5ee683ff1 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -302,8 +302,8 @@ int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, return ret; } -#define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n" -#define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n" +#define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----" +#define PEM_END_CSR "-----END CERTIFICATE REQUEST-----" #if defined(MBEDTLS_PEM_WRITE_C) int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, diff --git a/tests/suites/test_suite_pem.data b/tests/suites/test_suite_pem.data index a4dff45f0..238a0bc04 100644 --- a/tests/suites/test_suite_pem.data +++ b/tests/suites/test_suite_pem.data @@ -1,20 +1,20 @@ Standard PEM write -mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n" PEM write (zero data) -mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"":"-----START TEST-----\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"":"-----START TEST-----\n-----END TEST-----\n" PEM write (one byte) -mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"00":"-----START TEST-----\nAA==\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"00":"-----START TEST-----\nAA==\n-----END TEST-----\n" PEM write (more than line size) -mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n" PEM write (exactly two lines) -mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\n-----END TEST-----\n" PEM write (exactly two lines + 1) -mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n" PEM write length reporting mbedtls_pem_write_buffer_lengths diff --git a/tests/suites/test_suite_pem.function b/tests/suites/test_suite_pem.function index 413dc551c..cb652d458 100644 --- a/tests/suites/test_suite_pem.function +++ b/tests/suites/test_suite_pem.function @@ -40,17 +40,17 @@ void mbedtls_pem_write_buffer_lengths() size_t olen_needed, olen; int ret; for (size_t l = 0; l <= sizeof(data); l++) { - ret = mbedtls_pem_write_buffer("\n", "\n", data, l, NULL, 0, &olen_needed); + ret = mbedtls_pem_write_buffer("", "", data, l, NULL, 0, &olen_needed); TEST_EQUAL(ret, MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL); /* Test that a bigger buffer still only requires `olen_needed` */ - ret = mbedtls_pem_write_buffer("\n", "\n", data, l, buf, sizeof(buf), &olen); + ret = mbedtls_pem_write_buffer("", "", data, l, buf, sizeof(buf), &olen); TEST_EQUAL(ret, 0); TEST_EQUAL(olen_needed, olen); /* Test that a buffer of exactly `olen_needed` works */ memset(buf, 1, sizeof(buf)); - ret = mbedtls_pem_write_buffer("\n", "\n", data, l, buf, olen_needed, &olen); + ret = mbedtls_pem_write_buffer("", "", data, l, buf, olen_needed, &olen); TEST_EQUAL(ret, 0); TEST_EQUAL(olen_needed, olen); /* Test the function didn't overflow the given buffer */ From 854c737db101ebff76d944362d5c36ba296cef24 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 28 Nov 2023 08:37:57 +0100 Subject: [PATCH 0814/1674] pk: use common header/footer macros for pkwrite and pkparse Signed-off-by: Valerio Setti --- library/pk_internal.h | 14 ++++++++++++++ library/pkparse.c | 20 ++++++++------------ library/pkwrite.c | 10 ---------- 3 files changed, 22 insertions(+), 22 deletions(-) diff --git a/library/pk_internal.h b/library/pk_internal.h index 571b57e8b..ae329554b 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -21,6 +21,20 @@ #include "psa/crypto.h" #endif +/* Headers/footers for PEM files */ +#define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----" +#define PEM_END_PUBLIC_KEY "-----END PUBLIC KEY-----" +#define PEM_BEGIN_PRIVATE_KEY_RSA "-----BEGIN RSA PRIVATE KEY-----" +#define PEM_END_PRIVATE_KEY_RSA "-----END RSA PRIVATE KEY-----" +#define PEM_BEGIN_PUBLIC_KEY_RSA "-----BEGIN RSA PUBLIC KEY-----" +#define PEM_END_PUBLIC_KEY_RSA "-----END RSA PUBLIC KEY-----" +#define PEM_BEGIN_PRIVATE_KEY_EC "-----BEGIN EC PRIVATE KEY-----" +#define PEM_END_PRIVATE_KEY_EC "-----END EC PRIVATE KEY-----" +#define PEM_BEGIN_PRIVATE_KEY_PKCS8 "-----BEGIN PRIVATE KEY-----" +#define PEM_END_PRIVATE_KEY_PKCS8 "-----END PRIVATE KEY-----" +#define PEM_BEGIN_ENCRYPTED_PRIVATE_KEY_PKCS8 "-----BEGIN ENCRYPTED PRIVATE KEY-----" +#define PEM_END_ENCRYPTED_PRIVATE_KEY_PKCS8 "-----END ENCRYPTED PRIVATE KEY-----" + #if defined(MBEDTLS_PSA_CRYPTO_C) #include "psa_util_internal.h" #define PSA_PK_TO_MBEDTLS_ERR(status) psa_pk_status_to_mbedtls(status) diff --git a/library/pkparse.c b/library/pkparse.c index 3bb5f7be2..608c85480 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1534,8 +1534,7 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; } else { ret = mbedtls_pem_read_buffer(&pem, - "-----BEGIN RSA PRIVATE KEY-----", - "-----END RSA PRIVATE KEY-----", + PEM_BEGIN_PRIVATE_KEY_RSA, PEM_END_PRIVATE_KEY_RSA, key, pwd, pwdlen, &len); } @@ -1564,8 +1563,8 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; } else { ret = mbedtls_pem_read_buffer(&pem, - "-----BEGIN EC PRIVATE KEY-----", - "-----END EC PRIVATE KEY-----", + PEM_BEGIN_PRIVATE_KEY_EC, + PEM_END_PRIVATE_KEY_EC, key, pwd, pwdlen, &len); } if (ret == 0) { @@ -1594,8 +1593,7 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; } else { ret = mbedtls_pem_read_buffer(&pem, - "-----BEGIN PRIVATE KEY-----", - "-----END PRIVATE KEY-----", + PEM_BEGIN_PRIVATE_KEY_PKCS8, PEM_END_PRIVATE_KEY_PKCS8, key, NULL, 0, &len); } if (ret == 0) { @@ -1616,8 +1614,8 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; } else { ret = mbedtls_pem_read_buffer(&pem, - "-----BEGIN ENCRYPTED PRIVATE KEY-----", - "-----END ENCRYPTED PRIVATE KEY-----", + PEM_BEGIN_ENCRYPTED_PRIVATE_KEY_PKCS8, + PEM_END_ENCRYPTED_PRIVATE_KEY_PKCS8, key, NULL, 0, &len); } if (ret == 0) { @@ -1743,8 +1741,7 @@ int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; } else { ret = mbedtls_pem_read_buffer(&pem, - "-----BEGIN RSA PUBLIC KEY-----", - "-----END RSA PUBLIC KEY-----", + PEM_BEGIN_PUBLIC_KEY_RSA, PEM_END_PUBLIC_KEY_RSA, key, NULL, 0, &len); } @@ -1777,8 +1774,7 @@ int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, ret = MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT; } else { ret = mbedtls_pem_read_buffer(&pem, - "-----BEGIN PUBLIC KEY-----", - "-----END PUBLIC KEY-----", + PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY, key, NULL, 0, &len); } diff --git a/library/pkwrite.c b/library/pkwrite.c index 11c020473..20961df2b 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -724,16 +724,6 @@ int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, #if defined(MBEDTLS_PEM_WRITE_C) -#define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----\n" -#define PEM_END_PUBLIC_KEY "-----END PUBLIC KEY-----\n" - -#define PEM_BEGIN_PRIVATE_KEY_RSA "-----BEGIN RSA PRIVATE KEY-----\n" -#define PEM_END_PRIVATE_KEY_RSA "-----END RSA PRIVATE KEY-----\n" -#define PEM_BEGIN_PRIVATE_KEY_EC "-----BEGIN EC PRIVATE KEY-----\n" -#define PEM_END_PRIVATE_KEY_EC "-----END EC PRIVATE KEY-----\n" -#define PEM_BEGIN_PRIVATE_KEY_PKCS8 "-----BEGIN PRIVATE KEY-----\n" -#define PEM_END_PRIVATE_KEY_PKCS8 "-----END PRIVATE KEY-----\n" - #define PUB_DER_MAX_BYTES \ (MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES > MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES ? \ MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES : MBEDTLS_PK_ECP_PUB_DER_MAX_BYTES) From c2e8f3a0800d720ea92a93e5c1911e9691694a3b Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 28 Nov 2023 17:22:04 +0800 Subject: [PATCH 0815/1674] Add type annotations to analyze_outcomes.py Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 74 +++++++++++++++---------------- 1 file changed, 37 insertions(+), 37 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 4e925a18e..018d94111 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -16,10 +16,32 @@ import typing import check_test_cases + +# `CompoentOutcomes` is a named tuple which is defined as: +# ComponentOutcomes( +# successes = { +# "", +# ... +# }, +# failures = { +# "", +# ... +# } +# ) +# suite_case = ";" ComponentOutcomes = typing.NamedTuple('ComponentOutcomes', [('successes', typing.Set[str]), ('failures', typing.Set[str])]) +# `Outcomes` is a representation of the outcomes file, +# which defined as: +# Outcomes = { +# "": ComponentOutcomes, +# ... +# } +Outcomes = typing.Dict[str, ComponentOutcomes] + + class Results: """Process analysis results.""" @@ -45,8 +67,8 @@ class Results: def _print_line(fmt, *args, **kwargs): sys.stderr.write((fmt + '\n').format(*args, **kwargs)) -def execute_reference_driver_tests(results: Results, ref_component, driver_component, \ - outcome_file): +def execute_reference_driver_tests(results: Results, ref_component: str, driver_component: str, \ + outcome_file: str) -> None: """Run the tests specified in ref_component and driver_component. Results are stored in the output_file and they will be used for the following coverage analysis""" @@ -60,7 +82,8 @@ def execute_reference_driver_tests(results: Results, ref_component, driver_compo if ret_val != 0: results.error("failed to run reference/driver components") -def analyze_coverage(results, outcomes, allow_list, full_coverage): +def analyze_coverage(results: Results, outcomes: Outcomes, + allow_list: typing.List[str], full_coverage: bool) -> None: """Check that all available test cases are executed at least once.""" available = check_test_cases.collect_available_test_cases() for suite_case in available: @@ -83,7 +106,7 @@ def analyze_coverage(results, outcomes, allow_list, full_coverage): else: results.warning('Allow listed test case was executed: {}', suite_case) -def name_matches_pattern(name, str_or_re): +def name_matches_pattern(name: str, str_or_re) -> bool: """Check if name matches a pattern, that may be a string or regex. - If the pattern is a string, name must be equal to match. - If the pattern is a regex, name must fully match. @@ -91,13 +114,13 @@ def name_matches_pattern(name, str_or_re): # The CI's python is too old for re.Pattern #if isinstance(str_or_re, re.Pattern): if not isinstance(str_or_re, str): - return str_or_re.fullmatch(name) + return str_or_re.fullmatch(name) is not None else: return str_or_re == name -def analyze_driver_vs_reference(results: Results, outcomes, - component_ref, component_driver, - ignored_suites, ignored_tests=None): +def analyze_driver_vs_reference(results: Results, outcomes: Outcomes, + component_ref: str, component_driver: str, + ignored_suites: typing.List[str], ignored_tests=None) -> None: """Check that all tests passing in the reference component are also passing in the corresponding driver component. Skip: @@ -139,37 +162,14 @@ def analyze_driver_vs_reference(results: Results, outcomes, if ignored and suite_case in driver_outcomes.successes: results.error("uselessly ignored: {}", suite_case) -def analyze_outcomes(results: Results, outcomes, args): +def analyze_outcomes(results: Results, outcomes: Outcomes, args) -> None: """Run all analyses on the given outcome collection.""" analyze_coverage(results, outcomes, args['allow_list'], args['full_coverage']) -def read_outcome_file(outcome_file): +def read_outcome_file(outcome_file: str) -> Outcomes: """Parse an outcome file and return an outcome collection. - -An outcome collection is a dictionary presentation of the outcome file: -``` -outcomes = { - "": ComponentOutcomes, - ... -} - -CompoentOutcomes is a named tuple which is defined as: - -ComponentOutcomes( - successes = { - , - ... - }, - failures = { - , - ... - } -) - -suite_case = ";" -``` -""" + """ outcomes = {} with open(outcome_file, 'r', encoding='utf-8') as input_file: for line in input_file: @@ -184,12 +184,12 @@ suite_case = ";" return outcomes -def do_analyze_coverage(results: Results, outcomes, args): +def do_analyze_coverage(results: Results, outcomes: Outcomes, args) -> None: """Perform coverage analysis.""" results.new_section("Analyze coverage") analyze_outcomes(results, outcomes, args) -def do_analyze_driver_vs_reference(results: Results, outcomes, args): +def do_analyze_driver_vs_reference(results: Results, outcomes: Outcomes, args) -> None: """Perform driver vs reference analyze.""" results.new_section("Analyze driver {} vs reference {}", args['component_driver'], args['component_ref']) @@ -502,7 +502,7 @@ def main(): task_name = tasks_list[0] task = KNOWN_TASKS[task_name] - if task['test_function'] != do_analyze_driver_vs_reference: + if task['test_function'] != do_analyze_driver_vs_reference: # pylint: disable=comparison-with-callable sys.stderr.write("please provide valid outcomes file for {}.\n".format(task_name)) sys.exit(2) From 451ec8a4bca2eea57304013ade53b403d59a3b5a Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 28 Nov 2023 17:59:05 +0800 Subject: [PATCH 0816/1674] Add comment to read_outcome_file in analyze_outcomes.py Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 018d94111..02aac225f 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -174,6 +174,9 @@ def read_outcome_file(outcome_file: str) -> Outcomes: with open(outcome_file, 'r', encoding='utf-8') as input_file: for line in input_file: (_platform, component, suite, case, result, _cause) = line.split(';') + # Note that `component` is not unique. If a test case passes on Linux + # and fails on FreeBSD, it'll end up in both the successes set and + # the failures set. suite_case = ';'.join([suite, case]) if component not in outcomes: outcomes[component] = ComponentOutcomes(set(), set()) From 897bb77c0cfa8a1d37aea77a171c6c88bbcd49a9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 15 Nov 2023 16:34:20 +0000 Subject: [PATCH 0817/1674] Update tf-m tests in all.sh for P256-M Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5c2f1fd79..bd6b966c2 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3254,14 +3254,6 @@ common_tfm_config () { # # Enable filesystem I/O for the benefit of PK parse/write tests. echo "#define MBEDTLS_FS_IO" >> "$CONFIG_H" - - # Config adjustments for features that are not supported - # when using only drivers / by p256-m - # - # Disable all the features that auto-enable ECP_LIGHT (see config_adjust_legacy_crypto.h) - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE - # Disable deterministic ECDSA as p256-m only does randomized - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_DETERMINISTIC_ECDSA } # Keep this in sync with component_test_tfm_config() as they are both meant @@ -3271,8 +3263,8 @@ component_test_tfm_config_p256m_driver_accel_ec () { common_tfm_config - # Build crypto library specifying we want to use P256M code for EC operations - make CFLAGS="$ASAN_CFLAGS -DMBEDTLS_PSA_P256M_DRIVER_ENABLED -I../tests/include/spe" LDFLAGS="$ASAN_CFLAGS" + # Build crypto library + make CFLAGS="$ASAN_CFLAGS -I../tests/include/spe" LDFLAGS="$ASAN_CFLAGS" # Make sure any built-in EC alg was not re-enabled by accident (additive config) not grep mbedtls_ecdsa_ library/ecdsa.o @@ -3283,6 +3275,8 @@ component_test_tfm_config_p256m_driver_accel_ec () { not grep mbedtls_rsa_ library/rsa.o not grep mbedtls_dhm_ library/dhm.o not grep mbedtls_mpi_ library/bignum.o + # Check that p256m was built + grep -q p256_ecdsa_verify library/libmbedcrypto.a # Run the tests msg "test: TF-M config + p256m driver + accel ECDH(E)/ECDSA" @@ -3295,9 +3289,16 @@ component_test_tfm_config_p256m_driver_accel_ec () { component_test_tfm_config() { common_tfm_config + # Disable P256M driver, which is on by default, so that analyze_outcomes + # can compare this test with test_tfm_config_p256m_driver_accel_ec + echo "#undef MBEDTLS_PSA_P256M_DRIVER_ENABLED" >> "$CONFIG_H" + msg "build: TF-M config" make CFLAGS='-Werror -Wall -Wextra -I../tests/include/spe' tests + # Check that p256m was not built + not grep p256_ecdsa_verify library/libmbedcrypto.a + msg "test: TF-M config" make test } From be5489ae9835aa7e8ffcad771bcb6050a298be64 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 27 Nov 2023 10:30:03 +0000 Subject: [PATCH 0818/1674] Simplify test for building P256-M Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index bd6b966c2..e15fb2afb 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3276,7 +3276,7 @@ component_test_tfm_config_p256m_driver_accel_ec () { not grep mbedtls_dhm_ library/dhm.o not grep mbedtls_mpi_ library/bignum.o # Check that p256m was built - grep -q p256_ecdsa_verify library/libmbedcrypto.a + grep -q p256_ecdsa_ library/libmbedcrypto.a # Run the tests msg "test: TF-M config + p256m driver + accel ECDH(E)/ECDSA" @@ -3297,7 +3297,7 @@ component_test_tfm_config() { make CFLAGS='-Werror -Wall -Wextra -I../tests/include/spe' tests # Check that p256m was not built - not grep p256_ecdsa_verify library/libmbedcrypto.a + not grep p256_ecdsa_ library/libmbedcrypto.a msg "test: TF-M config" make test From a326eb990d086e344660aea23928c6dd98c7020c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 27 Nov 2023 10:56:41 +0000 Subject: [PATCH 0819/1674] We no longer need to undef ALT defines Signed-off-by: Dave Rodgman --- configs/config-tfm.h | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index 191e4c4f4..4fa08caf6 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -21,16 +21,6 @@ /* MBEDTLS_PSA_CRYPTO_SPM needs third-party files, so disable it. */ #undef MBEDTLS_PSA_CRYPTO_SPM -/* TF-M provides its own dummy implementations to save code size. - * We don't have any way to disable the tests that need these feature, - * so we just keep AES decryption enabled. We will resolve this through - * an official way to disable AES decryption, then this deviation - * will no longer be needed: - * https://github.com/Mbed-TLS/mbedtls/issues/7368 - */ -#undef MBEDTLS_AES_SETKEY_DEC_ALT -#undef MBEDTLS_AES_DECRYPT_ALT - /* Use built-in platform entropy functions (TF-M provides its own). */ #undef MBEDTLS_NO_PLATFORM_ENTROPY From 4edcf693e7d96ef4b6678f7d8b27529f8090d1dd Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 15 Nov 2023 12:23:29 +0000 Subject: [PATCH 0820/1674] Use latest TF-M config with bare-minimum changes Move all changes local to Mbed TLS into config-tfm.h (except for commenting out a couple of #include's). Signed-off-by: Dave Rodgman --- configs/config-tfm.h | 38 +++ configs/ext/crypto_config_profile_medium.h | 44 ++-- .../tfm_mbedcrypto_config_profile_medium.h | 222 +++++++----------- 3 files changed, 139 insertions(+), 165 deletions(-) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index 4fa08caf6..d987b6331 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -28,3 +28,41 @@ * but using the native allocator is faster and works better with * memory management analysis frameworks such as ASan. */ #undef MBEDTLS_MEMORY_BUFFER_ALLOC_C + +// This macro is enabled in TFM Medium but is disabled here because it is +// incompatible with baremetal builds in Mbed TLS. +#undef MBEDTLS_PSA_CRYPTO_STORAGE_C + +// This macro is enabled in TFM Medium but is disabled here because it is +// incompatible with baremetal builds in Mbed TLS. +#undef MBEDTLS_ENTROPY_NV_SEED + +// These platform-related TF-M settings are not useful here. +#undef MBEDTLS_PLATFORM_NO_STD_FUNCTIONS +#undef MBEDTLS_PLATFORM_STD_MEM_HDR +#undef MBEDTLS_PLATFORM_SNPRINTF_MACRO +#undef MBEDTLS_PLATFORM_PRINTF_ALT +#undef MBEDTLS_PLATFORM_STD_EXIT_SUCCESS +#undef MBEDTLS_PLATFORM_STD_EXIT_FAILURE + +// We expect TF-M to pick this up soon +#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT + +/*********************************************************************** + * Local changes to crypto config below this delimiter + **********************************************************************/ + +/* Between Mbed TLS 3.4 and 3.5, the PSA_WANT_KEY_TYPE_RSA_KEY_PAIR macro + * (commented-out above) has been replaced with the following new macros: */ +//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 +//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 +//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 +//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 +//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE 1 /* Not supported */ + +/* Between Mbed TLS 3.4 and 3.5, the following macros have been added: */ +//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1 +//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 +//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 +//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 +//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE 1 // Not supported diff --git a/configs/ext/crypto_config_profile_medium.h b/configs/ext/crypto_config_profile_medium.h index 682835a06..63ed4701d 100644 --- a/configs/ext/crypto_config_profile_medium.h +++ b/configs/ext/crypto_config_profile_medium.h @@ -50,7 +50,7 @@ //#define PSA_WANT_ALG_CFB 1 //#define PSA_WANT_ALG_CHACHA20_POLY1305 1 //#define PSA_WANT_ALG_CTR 1 -#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 +//#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1 //#define PSA_WANT_ALG_ECB_NO_PADDING 1 #define PSA_WANT_ALG_ECDH 1 #define PSA_WANT_ALG_ECDSA 1 @@ -105,33 +105,27 @@ //#define PSA_WANT_KEY_TYPE_CAMELLIA 1 //#define PSA_WANT_KEY_TYPE_CHACHA20 1 //#define PSA_WANT_KEY_TYPE_DES 1 -#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 +//#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1 /* Deprecated */ +#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 +#define PSA_WANT_KEY_TYPE_RAW_DATA 1 +//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 /* Deprecated */ +//#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 + +/* + * The following symbols extend and deprecate the legacy + * PSA_WANT_KEY_TYPE_xxx_KEY_PAIR ones. They include the usage of that key in + * the name's suffix. "_USE" is the most generic and it can be used to describe + * a generic suport, whereas other ones add more features on top of that and + * they are more specific. + */ +#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 #define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 -#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 -#define PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1 -#define PSA_WANT_KEY_TYPE_RAW_DATA 1 -//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR 1 -//#define PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 +//#define PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 -/*********************************************************************** - * Local edits below this delimiter - **********************************************************************/ - -/* Between Mbed TLS 3.4 and 3.5, the PSA_WANT_KEY_TYPE_RSA_KEY_PAIR macro - * (commented-out above) has been replaced with the following new macros: */ -//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 -//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 -//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 -//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 -//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE 1 /* Not supported */ - -/* Between Mbed TLS 3.4 and 3.5, the following macros have been added: */ -//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1 -//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 -//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 -//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 -//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE 1 // Not supported +#ifdef CRYPTO_HW_ACCELERATOR +#include "crypto_accelerator_config.h" +#endif #endif /* PROFILE_M_PSA_CRYPTO_CONFIG_H */ diff --git a/configs/ext/tfm_mbedcrypto_config_profile_medium.h b/configs/ext/tfm_mbedcrypto_config_profile_medium.h index 53243dd93..c435b5957 100644 --- a/configs/ext/tfm_mbedcrypto_config_profile_medium.h +++ b/configs/ext/tfm_mbedcrypto_config_profile_medium.h @@ -8,13 +8,29 @@ * memory footprint. */ /* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * Copyright (C) 2006-2023, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) */ #ifndef PROFILE_M_MBEDTLS_CONFIG_H #define PROFILE_M_MBEDTLS_CONFIG_H +//#include "config_tfm.h" + #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 #endif @@ -80,44 +96,6 @@ * \{ */ -/** - * \def MBEDTLS_MD2_PROCESS_ALT - * - * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you - * alternate core implementation of symmetric crypto or hash function. Keep in - * mind that function prototypes should remain the same. - * - * This replaces only one function. The header file from mbed TLS is still - * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will - * no longer provide the mbedtls_sha1_process() function, but it will still provide - * the other function (using your mbedtls_sha1_process() function) and the definition - * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible - * with this definition. - * - * \note Because of a signature change, the core AES encryption and decryption routines are - * currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt, - * respectively. When setting up alternative implementations, these functions should - * be overridden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt - * must stay untouched. - * - * \note If you use the AES_xxx_ALT macros, then is is recommended to also set - * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES - * tables. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - * - * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use - * constitutes a security risk. If possible, we recommend avoiding - * dependencies on them, and considering stronger message digests - * and ciphers instead. - * - */ -#define MBEDTLS_AES_SETKEY_DEC_ALT -#define MBEDTLS_AES_DECRYPT_ALT - /** * \def MBEDTLS_AES_ROM_TABLES * @@ -171,21 +149,6 @@ */ #define MBEDTLS_ECP_NIST_OPTIM -/** - * \def MBEDTLS_ERROR_STRERROR_DUMMY - * - * Enable a dummy error function to make use of mbedtls_strerror() in - * third party libraries easier when MBEDTLS_ERROR_C is disabled - * (no effect when MBEDTLS_ERROR_C is enabled). - * - * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're - * not using mbedtls_strerror() or error_strerror() in your application. - * - * Disable if you run into name conflicts and want to really remove the - * mbedtls_strerror() - */ -#define MBEDTLS_ERROR_STRERROR_DUMMY - /** * \def MBEDTLS_NO_PLATFORM_ENTROPY * @@ -223,26 +186,7 @@ * \note The entropy collector will write to the seed file before entropy is * given to an external source, to update it. */ -// This macro is enabled in TFM Medium but is disabled here because it is -// incompatible with baremetal builds in Mbed TLS. -//#define MBEDTLS_ENTROPY_NV_SEED - -/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER - * - * Enable key identifiers that encode a key owner identifier. - * - * This is only meaningful when building the library as part of a - * multi-client service. When you activate this option, you must provide an - * implementation of the type mbedtls_key_owner_id_t and a translation from - * mbedtls_svc_key_id_t to file name in all the storage backends that you - * you wish to support. - * - * Note that while this define has been removed from TF-M's copy of this config - * file, TF-M still passes this option to Mbed TLS during the build via CMake. - * Therefore we keep it in our copy. See discussion on PR #7426 for more info. - * - */ -#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER +#define MBEDTLS_ENTROPY_NV_SEED /** * \def MBEDTLS_PSA_CRYPTO_SPM @@ -326,26 +270,21 @@ #define MBEDTLS_AES_C /** - * \def MBEDTLS_BLOCK_CIPHER_NO_DECRYPT + * \def MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH * - * Remove decryption operation for AES, ARIA and Camellia block cipher. + * Use only 128-bit keys in AES operations to save ROM. * - * \note This feature is incompatible with insecure block cipher, - * MBEDTLS_DES_C, and cipher modes which always require decryption - * operation, MBEDTLS_CIPHER_MODE_CBC, MBEDTLS_CIPHER_MODE_XTS and - * MBEDTLS_NIST_KW_C. When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, - * this feature is incompatible with following supported PSA equivalence, - * PSA_WANT_ALG_ECB_NO_PADDING, PSA_WANT_ALG_CBC_NO_PADDING, - * PSA_WANT_ALG_CBC_PKCS7 and PSA_WANT_KEY_TYPE_DES. + * Uncomment this macro to remove support for AES operations that use 192- + * or 256-bit keys. + * + * Uncommenting this macro reduces the size of AES code by ~300 bytes + * on v8-M/Thumb2. * * Module: library/aes.c - * library/aesce.c - * library/aesni.c - * library/aria.c - * library/camellia.c - * library/cipher.c + * + * Requires: MBEDTLS_AES_C */ -#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT +#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH /** * \def MBEDTLS_CIPHER_C @@ -388,18 +327,6 @@ */ #define MBEDTLS_ENTROPY_C -/** - * \def MBEDTLS_ERROR_C - * - * Enable error code to error string conversion. - * - * Module: library/error.c - * Caller: - * - * This module enables mbedtls_strerror(). - */ -#define MBEDTLS_ERROR_C - /** * \def MBEDTLS_HKDF_C * @@ -413,40 +340,7 @@ * This module adds support for the Hashed Message Authentication Code * (HMAC)-based key derivation function (HKDF). */ -#define MBEDTLS_HKDF_C /* Used for HUK deriviation */ - -/** - * \def MBEDTLS_MD_C - * - * Enable the generic layer for message digest (hashing) and HMAC. - * - * Requires: one of: MBEDTLS_MD5_C, MBEDTLS_RIPEMD160_C, MBEDTLS_SHA1_C, - * MBEDTLS_SHA224_C, MBEDTLS_SHA256_C, MBEDTLS_SHA384_C, - * MBEDTLS_SHA512_C, or MBEDTLS_PSA_CRYPTO_C with at least - * one hash. - * Module: library/md.c - * Caller: library/constant_time.c - * library/ecdsa.c - * library/ecjpake.c - * library/hkdf.c - * library/hmac_drbg.c - * library/pk.c - * library/pkcs5.c - * library/pkcs12.c - * library/psa_crypto_ecp.c - * library/psa_crypto_rsa.c - * library/rsa.c - * library/ssl_cookie.c - * library/ssl_msg.c - * library/ssl_tls.c - * library/x509.c - * library/x509_crt.c - * library/x509write_crt.c - * library/x509write_csr.c - * - * Uncomment to enable generic message digest wrappers. - */ -#define MBEDTLS_MD_C +//#define MBEDTLS_HKDF_C /* Used for HUK deriviation */ /** * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C @@ -484,6 +378,15 @@ */ #define MBEDTLS_PLATFORM_C +#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS +#define MBEDTLS_PLATFORM_STD_MEM_HDR + +#include + +#define MBEDTLS_PLATFORM_SNPRINTF_MACRO snprintf +#define MBEDTLS_PLATFORM_PRINTF_ALT +#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS EXIT_SUCCESS +#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE EXIT_FAILURE /** * \def MBEDTLS_PSA_CRYPTO_C @@ -508,9 +411,7 @@ * either MBEDTLS_PSA_ITS_FILE_C or a native implementation of * the PSA ITS interface */ -// This macro is enabled in TFM Medium but is disabled here because it is -// incompatible with baremetal builds in Mbed TLS. -//#define MBEDTLS_PSA_CRYPTO_STORAGE_C +#define MBEDTLS_PSA_CRYPTO_STORAGE_C /* \} name SECTION: mbed TLS modules */ @@ -614,6 +515,47 @@ /* ECP options */ #define MBEDTLS_ECP_FIXED_POINT_OPTIM 0 /**< Disable fixed-point speed-up */ +/** + * Uncomment to enable p256-m. This is an alternative implementation of + * key generation, ECDH and (randomized) ECDSA on the curve SECP256R1. + * Compared to the default implementation: + * + * - p256-m has a much smaller code size and RAM footprint. + * - p256-m is only available via the PSA API. This includes the pk module + * when #MBEDTLS_USE_PSA_CRYPTO is enabled. + * - p256-m does not support deterministic ECDSA, EC-JPAKE, custom protocols + * over the core arithmetic, or deterministic derivation of keys. + * + * We recommend enabling this option if your application uses the PSA API + * and the only elliptic curve support it needs is ECDH and ECDSA over + * SECP256R1. + * + * If you enable this option, you do not need to enable any ECC-related + * MBEDTLS_xxx option. You do need to separately request support for the + * cryptographic mechanisms through the PSA API: + * - #MBEDTLS_PSA_CRYPTO_C and #MBEDTLS_PSA_CRYPTO_CONFIG for PSA-based + * configuration; + * - #MBEDTLS_USE_PSA_CRYPTO if you want to use p256-m from PK, X.509 or TLS; + * - #PSA_WANT_ECC_SECP_R1_256; + * - #PSA_WANT_ALG_ECDH and/or #PSA_WANT_ALG_ECDSA as needed; + * - #PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY, #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC, + * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT, + * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT and/or + * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE as needed. + * + * \note To benefit from the smaller code size of p256-m, make sure that you + * do not enable any ECC-related option not supported by p256-m: this + * would cause the built-in ECC implementation to be built as well, in + * order to provide the required option. + * Make sure #PSA_WANT_ALG_DETERMINISTIC_ECDSA, #PSA_WANT_ALG_JPAKE and + * #PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE, and curves other than + * SECP256R1 are disabled as they are not supported by this driver. + * Also, avoid defining #MBEDTLS_PK_PARSE_EC_COMPRESSED or + * #MBEDTLS_PK_PARSE_EC_EXTENDED as those currently require a subset of + * the built-in ECC implementation, see docs/driver-only-builds.md. + */ +#define MBEDTLS_PSA_P256M_DRIVER_ENABLED + /* \} name SECTION: Customisation configuration options */ #if CRYPTO_NV_SEED @@ -621,7 +563,7 @@ #endif /* CRYPTO_NV_SEED */ #if !defined(CRYPTO_HW_ACCELERATOR) && defined(MBEDTLS_ENTROPY_NV_SEED) -#include "mbedtls_entropy_nv_seed_config.h" +//#include "mbedtls_entropy_nv_seed_config.h" #endif #ifdef CRYPTO_HW_ACCELERATOR From 6632a12fa3e3ab8e0fa7b11c61a4b9b1e7e4c363 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 20 Nov 2023 16:03:56 +0100 Subject: [PATCH 0821/1674] all.sh: re-enable CCM/GCM in test_full_no_cipher_with_crypto[_config]() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 08136c014..93a32aefe 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1583,9 +1583,7 @@ common_test_full_no_cipher_with_psa_crypto () { # on CIPHER_C so we disable them. # This does not hold for KEY_TYPE_CHACHA20 and ALG_CHACHA20_POLY1305 # so we keep them enabled. - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM_STAR_NO_TAG - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_GCM scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CMAC scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CBC_NO_PADDING scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CBC_PKCS7 @@ -1594,27 +1592,19 @@ common_test_full_no_cipher_with_psa_crypto () { scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_ECB_NO_PADDING scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_OFB scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_STREAM_CIPHER - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_AES scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_DES - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_CAMELLIA - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_KEY_TYPE_ARIA else # Don't pull in cipher via PSA mechanisms scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG # Disable cipher modes/keys that make PSA depend on CIPHER_C. # Keep CHACHA20 and CHACHAPOLY enabled since they do not depend on CIPHER_C. scripts/config.py unset-all MBEDTLS_CIPHER_MODE - scripts/config.py unset MBEDTLS_AES_C scripts/config.py unset MBEDTLS_DES_C - scripts/config.py unset MBEDTLS_ARIA_C - scripts/config.py unset MBEDTLS_CAMELLIA_C # Dependencies on AES_C scripts/config.py unset MBEDTLS_CTR_DRBG_C fi # The following modules directly depends on CIPHER_C - scripts/config.py unset MBEDTLS_CCM_C scripts/config.py unset MBEDTLS_CMAC_C - scripts/config.py unset MBEDTLS_GCM_C scripts/config.py unset MBEDTLS_NIST_KW_C scripts/config.py unset MBEDTLS_PKCS12_C scripts/config.py unset MBEDTLS_PKCS5_C From b1cf8aeda445757209323b8e3eb864140c83adb8 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 20 Nov 2023 16:24:00 +0100 Subject: [PATCH 0822/1674] adjust_psa_from_legacy: add required CIPHER_C dependencies Some PSA_WANT symbols do not have a 1:1 matching with legacy ones. For example, previous to this commit: - CCM_C enabled both PSA_WANT_ALG_CCM and PSA_WANT_ALG_CCM_STAR_NO_TAG even thought the two are not equivalent (authenticated VS non-authenticated). - there was no legacy equivalent for ECB_NO_PADDING What it is common to both PSA_WANT_ALG_CCM_STAR_NO_TAG and PSA_WANT_ALG_ECB_NO_PADDING is the fact that the builtin implementation depends on CIPHER_C. Therefore this commits adds this guards to select whether or not to enable the above mentioned PSA_WANT symbols. Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_psa_from_legacy.h | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/config_adjust_psa_from_legacy.h b/include/mbedtls/config_adjust_psa_from_legacy.h index 60b00c1e4..b841875cf 100644 --- a/include/mbedtls/config_adjust_psa_from_legacy.h +++ b/include/mbedtls/config_adjust_psa_from_legacy.h @@ -25,9 +25,11 @@ #if defined(MBEDTLS_CCM_C) #define MBEDTLS_PSA_BUILTIN_ALG_CCM 1 -#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1 #define PSA_WANT_ALG_CCM 1 +#if defined(MBEDTLS_CIPHER_C) +#define MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG 1 #define PSA_WANT_ALG_CCM_STAR_NO_TAG 1 +#endif /* MBEDTLS_CIPHER_C */ #endif /* MBEDTLS_CCM_C */ #if defined(MBEDTLS_CMAC_C) @@ -247,8 +249,9 @@ #endif #endif -#if defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \ - defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C) +#if (defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) || \ + defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C)) && \ + defined(MBEDTLS_CIPHER_C) #define MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING 1 #define PSA_WANT_ALG_ECB_NO_PADDING 1 #endif From 919e3fa729ed71cb075c1af8c2fc030b2067fa03 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 20 Nov 2023 16:30:05 +0100 Subject: [PATCH 0823/1674] check_config: fix guards for PSA builtin implementation of cipher/AEAD While the PSA builtin implementation of cipher still depends on CIPHER_C, the same is no more true for AEADs. When CIPHER_C is not defined, BLOCK_CIPHER_C is used instead, thus making it possible to support AEADs without CIPHER_C. Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 792e7d70d..9b5b6467e 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -785,9 +785,8 @@ #error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites (missing RNG)" #endif -#if defined(MBEDTLS_PSA_CRYPTO_C) && \ - (defined(PSA_HAVE_SOFT_BLOCK_CIPHER) || defined(PSA_HAVE_SOFT_BLOCK_AEAD)) && \ - !defined(MBEDTLS_CIPHER_C) +#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_HAVE_SOFT_BLOCK_MODE) && \ + defined(PSA_HAVE_SOFT_BLOCK_CIPHER) && !defined(MBEDTLS_CIPHER_C) #error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites" #endif From 605f03cb766dd21ea8d4096e32c1e70cb86d559f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 28 Nov 2023 12:46:39 +0100 Subject: [PATCH 0824/1674] pkwrite: reorganize code This commits just moves code around. The goal is to group together functions by guards and functionality: - RSA, EC, Opaque - internal VS public Signed-off-by: Valerio Setti --- library/pkwrite.c | 606 +++++++++++++++++++++++----------------------- 1 file changed, 302 insertions(+), 304 deletions(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index 20961df2b..30008b992 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -18,9 +18,6 @@ #include -#if defined(MBEDTLS_RSA_C) -#include "mbedtls/rsa.h" -#endif #if defined(MBEDTLS_ECP_C) #include "mbedtls/bignum.h" #include "mbedtls/ecp.h" @@ -32,9 +29,6 @@ #if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PK_HAVE_ECC_KEYS) #include "pkwrite.h" #endif -#if defined(MBEDTLS_ECDSA_C) -#include "mbedtls/ecdsa.h" -#endif #if defined(MBEDTLS_PEM_WRITE_C) #include "mbedtls/pem.h" #endif @@ -45,62 +39,9 @@ #endif #include "mbedtls/platform.h" -/* Helper for Montgomery curves */ -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) -#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) -static inline int mbedtls_pk_is_rfc8410(const mbedtls_pk_context *pk) -{ - mbedtls_ecp_group_id id = mbedtls_pk_get_group_id(pk); - -#if defined(MBEDTLS_ECP_HAVE_CURVE25519) - if (id == MBEDTLS_ECP_DP_CURVE25519) { - return 1; - } -#endif -#if defined(MBEDTLS_ECP_HAVE_CURVE448) - if (id == MBEDTLS_ECP_DP_CURVE448) { - return 1; - } -#endif - return 0; -} - -#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_PEM_WRITE_C) -/* It is assumed that the input key is opaque */ -static psa_ecc_family_t pk_get_opaque_ec_family(const mbedtls_pk_context *pk) -{ - psa_ecc_family_t ec_family = 0; - psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; - - if (psa_get_key_attributes(pk->priv_id, &key_attrs) != PSA_SUCCESS) { - return 0; - } - ec_family = PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(&key_attrs)); - psa_reset_key_attributes(&key_attrs); - - return ec_family; -} -#endif /* MBETLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C */ -#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ -#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -/* It is assumed that the input key is opaque */ -static psa_key_type_t pk_get_opaque_key_type(const mbedtls_pk_context *pk) -{ - psa_key_attributes_t opaque_attrs = PSA_KEY_ATTRIBUTES_INIT; - psa_key_type_t opaque_key_type; - - if (psa_get_key_attributes(pk->priv_id, &opaque_attrs) != PSA_SUCCESS) { - return 0; - } - opaque_key_type = psa_get_key_type(&opaque_attrs); - psa_reset_key_attributes(&opaque_attrs); - - return opaque_key_type; -} -#endif /* MBETLS_USE_PSA_CRYPTO */ - +/****************************************************************************** + * Internal functions for RSA keys. + ******************************************************************************/ #if defined(MBEDTLS_RSA_C) /* * RSAPublicKey ::= SEQUENCE { @@ -145,8 +86,119 @@ end_of_export: return (int) len; } + +static int pk_write_rsa_der(unsigned char **p, unsigned char *buf, + const mbedtls_pk_context *pk) +{ + size_t len = 0; + int ret; + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { + uint8_t tmp[PSA_EXPORT_KEY_PAIR_MAX_SIZE]; + size_t tmp_len = 0; + + if (psa_export_key(pk->priv_id, tmp, sizeof(tmp), &tmp_len) != PSA_SUCCESS) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + *p -= tmp_len; + memcpy(*p, tmp, tmp_len); + len += tmp_len; + mbedtls_platform_zeroize(tmp, sizeof(tmp)); + } else +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + { + mbedtls_mpi T; /* Temporary holding the exported parameters */ + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); + + /* + * Export the parameters one after another to avoid simultaneous copies. + */ + + mbedtls_mpi_init(&T); + + /* Export QP */ + if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export DQ */ + if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export DP */ + if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export Q */ + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, + &T, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export P */ + if ((ret = mbedtls_rsa_export(rsa, NULL, &T, + NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export D */ + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, + NULL, &T, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export E */ + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, + NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export N */ + if ((ret = mbedtls_rsa_export(rsa, &T, NULL, + NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { + goto end_of_export; + } + len += ret; + +end_of_export: + + mbedtls_mpi_free(&T); + if (ret < 0) { + return ret; + } + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 0)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, + buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + } + + return (int) len; +} #endif /* MBEDTLS_RSA_C */ +/****************************************************************************** + * Internal functions for EC keys. + ******************************************************************************/ #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start, @@ -215,28 +267,6 @@ static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start, } #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ -/* - * ECParameters ::= CHOICE { - * namedCurve OBJECT IDENTIFIER - * } - */ -static int pk_write_ec_param(unsigned char **p, unsigned char *start, - mbedtls_ecp_group_id grp_id) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t len = 0; - const char *oid; - size_t oid_len; - - if ((ret = mbedtls_oid_get_oid_by_ec_grp(grp_id, &oid, &oid_len)) != 0) { - return ret; - } - - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len)); - - return (int) len; -} - /* * privateKey OCTET STRING -- always of length ceil(log2(n)/8) */ @@ -305,9 +335,174 @@ exit: return ret; } #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ + +/* + * ECParameters ::= CHOICE { + * namedCurve OBJECT IDENTIFIER + * } + */ +static int pk_write_ec_param(unsigned char **p, unsigned char *start, + mbedtls_ecp_group_id grp_id) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t len = 0; + const char *oid; + size_t oid_len; + + if ((ret = mbedtls_oid_get_oid_by_ec_grp(grp_id, &oid, &oid_len)) != 0) { + return ret; + } + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(p, start, oid, oid_len)); + + return (int) len; +} + +#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) +static inline int mbedtls_pk_is_rfc8410(const mbedtls_pk_context *pk) +{ + mbedtls_ecp_group_id id = mbedtls_pk_get_group_id(pk); + +#if defined(MBEDTLS_ECP_HAVE_CURVE25519) + if (id == MBEDTLS_ECP_DP_CURVE25519) { + return 1; + } +#endif +#if defined(MBEDTLS_ECP_HAVE_CURVE448) + if (id == MBEDTLS_ECP_DP_CURVE448) { + return 1; + } +#endif + return 0; +} + +/* + * RFC8410 section 7 + * + * OneAsymmetricKey ::= SEQUENCE { + * version Version, + * privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, + * privateKey PrivateKey, + * attributes [0] IMPLICIT Attributes OPTIONAL, + * ..., + * [[2: publicKey [1] IMPLICIT PublicKey OPTIONAL ]], + * ... + * } + * ... + * CurvePrivateKey ::= OCTET STRING + */ +static int pk_write_ec_rfc8410_der(unsigned char **p, unsigned char *buf, + const mbedtls_pk_context *pk) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t len = 0; + size_t oid_len = 0; + const char *oid; + mbedtls_ecp_group_id grp_id; + + /* privateKey */ + MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(p, buf, pk)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_OCTET_STRING)); + + grp_id = mbedtls_pk_get_group_id(pk); + /* privateKeyAlgorithm */ + if ((ret = mbedtls_oid_get_oid_by_ec_grp_algid(grp_id, &oid, &oid_len)) != 0) { + return ret; + } + MBEDTLS_ASN1_CHK_ADD(len, + mbedtls_asn1_write_algorithm_identifier_ext(p, buf, oid, oid_len, 0, 0)); + + /* version */ + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 0)); + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + + return (int) len; +} +#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ + +/* + * RFC 5915, or SEC1 Appendix C.4 + * + * ECPrivateKey ::= SEQUENCE { + * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), + * privateKey OCTET STRING, + * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL, + * publicKey [1] BIT STRING OPTIONAL + * } + */ +static int pk_write_ec_der(unsigned char **p, unsigned char *buf, + const mbedtls_pk_context *pk) +{ + size_t len = 0; + int ret; + size_t pub_len = 0, par_len = 0; + mbedtls_ecp_group_id grp_id; + + /* publicKey */ + MBEDTLS_ASN1_CHK_ADD(pub_len, pk_write_ec_pubkey(p, buf, pk)); + + if (*p - buf < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + (*p)--; + **p = 0; + pub_len += 1; + + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(p, buf, pub_len)); + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_BIT_STRING)); + + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(p, buf, pub_len)); + MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(p, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 1)); + len += pub_len; + + /* parameters */ + grp_id = mbedtls_pk_get_group_id(pk); + MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(p, buf, grp_id)); + MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_len(p, buf, par_len)); + MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_tag(p, buf, + MBEDTLS_ASN1_CONTEXT_SPECIFIC | + MBEDTLS_ASN1_CONSTRUCTED | 0)); + len += par_len; + + /* privateKey */ + MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(p, buf, pk)); + + /* version */ + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 1)); + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + + return (int) len; +} #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ +/****************************************************************************** + * Internal functions for Opaque keys. + ******************************************************************************/ #if defined(MBEDTLS_USE_PSA_CRYPTO) +/* It is assumed that the input key is opaque */ +static psa_key_type_t pk_get_opaque_key_type(const mbedtls_pk_context *pk) +{ + psa_key_attributes_t opaque_attrs = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t opaque_key_type; + + if (psa_get_key_attributes(pk->priv_id, &opaque_attrs) != PSA_SUCCESS) { + return 0; + } + opaque_key_type = psa_get_key_type(&opaque_attrs); + psa_reset_key_attributes(&opaque_attrs); + + return opaque_key_type; +} + static int pk_write_opaque_pubkey(unsigned char **p, unsigned char *start, const mbedtls_pk_context *pk) { @@ -329,8 +524,28 @@ static int pk_write_opaque_pubkey(unsigned char **p, unsigned char *start, return (int) len; } + +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) && defined(MBEDTLS_PEM_WRITE_C) +/* It is assumed that the input key is opaque */ +static psa_ecc_family_t pk_get_opaque_ec_family(const mbedtls_pk_context *pk) +{ + psa_ecc_family_t ec_family = 0; + psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; + + if (psa_get_key_attributes(pk->priv_id, &key_attrs) != PSA_SUCCESS) { + return 0; + } + ec_family = PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(&key_attrs)); + psa_reset_key_attributes(&key_attrs); + + return ec_family; +} +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS && MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ +/****************************************************************************** + * Public functions for writing private/public DER keys. + ******************************************************************************/ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, const mbedtls_pk_context *key) { @@ -453,226 +668,6 @@ int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *bu return (int) len; } -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) -#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) -/* - * RFC8410 section 7 - * - * OneAsymmetricKey ::= SEQUENCE { - * version Version, - * privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, - * privateKey PrivateKey, - * attributes [0] IMPLICIT Attributes OPTIONAL, - * ..., - * [[2: publicKey [1] IMPLICIT PublicKey OPTIONAL ]], - * ... - * } - * ... - * CurvePrivateKey ::= OCTET STRING - */ -static int pk_write_ec_rfc8410_der(unsigned char **p, unsigned char *buf, - const mbedtls_pk_context *pk) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t len = 0; - size_t oid_len = 0; - const char *oid; - mbedtls_ecp_group_id grp_id; - - /* privateKey */ - MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(p, buf, pk)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_OCTET_STRING)); - - grp_id = mbedtls_pk_get_group_id(pk); - /* privateKeyAlgorithm */ - if ((ret = mbedtls_oid_get_oid_by_ec_grp_algid(grp_id, &oid, &oid_len)) != 0) { - return ret; - } - MBEDTLS_ASN1_CHK_ADD(len, - mbedtls_asn1_write_algorithm_identifier_ext(p, buf, oid, oid_len, 0, 0)); - - /* version */ - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 0)); - - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE)); - - return (int) len; -} -#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ - -/* - * RFC 5915, or SEC1 Appendix C.4 - * - * ECPrivateKey ::= SEQUENCE { - * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), - * privateKey OCTET STRING, - * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL, - * publicKey [1] BIT STRING OPTIONAL - * } - */ -static int pk_write_ec_der(unsigned char **p, unsigned char *buf, - const mbedtls_pk_context *pk) -{ - size_t len = 0; - int ret; - size_t pub_len = 0, par_len = 0; - mbedtls_ecp_group_id grp_id; - - /* publicKey */ - MBEDTLS_ASN1_CHK_ADD(pub_len, pk_write_ec_pubkey(p, buf, pk)); - - if (*p - buf < 1) { - return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; - } - (*p)--; - **p = 0; - pub_len += 1; - - MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(p, buf, pub_len)); - MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_BIT_STRING)); - - MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_len(p, buf, pub_len)); - MBEDTLS_ASN1_CHK_ADD(pub_len, mbedtls_asn1_write_tag(p, buf, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | - MBEDTLS_ASN1_CONSTRUCTED | 1)); - len += pub_len; - - /* parameters */ - grp_id = mbedtls_pk_get_group_id(pk); - MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(p, buf, grp_id)); - MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_len(p, buf, par_len)); - MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_tag(p, buf, - MBEDTLS_ASN1_CONTEXT_SPECIFIC | - MBEDTLS_ASN1_CONSTRUCTED | 0)); - len += par_len; - - /* privateKey */ - MBEDTLS_ASN1_CHK_ADD(len, pk_write_ec_private(p, buf, pk)); - - /* version */ - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 1)); - - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE)); - - return (int) len; -} -#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ - -#if defined(MBEDTLS_RSA_C) -static int pk_write_rsa_der(unsigned char **p, unsigned char *buf, - const mbedtls_pk_context *pk) -{ - size_t len = 0; - int ret; - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { - uint8_t tmp[PSA_EXPORT_KEY_PAIR_MAX_SIZE]; - size_t tmp_len = 0; - - if (psa_export_key(pk->priv_id, tmp, sizeof(tmp), &tmp_len) != PSA_SUCCESS) { - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - } - *p -= tmp_len; - memcpy(*p, tmp, tmp_len); - len += tmp_len; - mbedtls_platform_zeroize(tmp, sizeof(tmp)); - } else -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - { - mbedtls_mpi T; /* Temporary holding the exported parameters */ - mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); - - /* - * Export the parameters one after another to avoid simultaneous copies. - */ - - mbedtls_mpi_init(&T); - - /* Export QP */ - if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export DQ */ - if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export DP */ - if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export Q */ - if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, - &T, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export P */ - if ((ret = mbedtls_rsa_export(rsa, NULL, &T, - NULL, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export D */ - if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, - NULL, &T, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export E */ - if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, - NULL, NULL, &T)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export N */ - if ((ret = mbedtls_rsa_export(rsa, &T, NULL, - NULL, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - -end_of_export: - - mbedtls_mpi_free(&T); - if (ret < 0) { - return ret; - } - - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 0)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, - buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE)); - } - - return (int) len; -} -#endif /* MBEDTLS_RSA_C */ - int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, size_t size) { unsigned char *c; @@ -722,6 +717,9 @@ int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; } +/****************************************************************************** + * Public functions for wrinting private/public PEM keys. + ******************************************************************************/ #if defined(MBEDTLS_PEM_WRITE_C) #define PUB_DER_MAX_BYTES \ From d5604bacc427542e43e69a7b1400cbb2d7e70363 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 28 Nov 2023 14:10:43 +0100 Subject: [PATCH 0825/1674] pkwrite: add internal defines for proper key buffer sizes Signed-off-by: Valerio Setti --- library/pkwrite.c | 33 ++++++++++++++++++++------------- 1 file changed, 20 insertions(+), 13 deletions(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index 30008b992..7a9cfedbd 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -39,6 +39,21 @@ #endif #include "mbedtls/platform.h" +/* Helpers for properly sizing buffers aimed at holding public keys or + * key-pairs based on build symbols. */ +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) +#define PK_MAX_EC_PUBLIC_KEY_SIZE PSA_EXPORT_PUBLIC_KEY_MAX_SIZE +#define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH +#else +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#define PK_MAX_EC_PUBLIC_KEY_SIZE PSA_EXPORT_PUBLIC_KEY_MAX_SIZE +#define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH +#else +#define PK_MAX_EC_PUBLIC_KEY_SIZE MBEDTLS_ECP_MAX_PT_LEN +#define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_ECP_MAX_BYTES +#endif +#endif + /****************************************************************************** * Internal functions for RSA keys. ******************************************************************************/ @@ -205,7 +220,7 @@ static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start, const mbedtls_pk_context *pk) { size_t len = 0; - uint8_t buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE]; + uint8_t buf[PK_MAX_EC_PUBLIC_KEY_SIZE]; if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { if (psa_export_public_key(pk->priv_id, buf, sizeof(buf), &len) != PSA_SUCCESS) { @@ -230,11 +245,7 @@ static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start, const mbedtls_pk_context *pk) { size_t len = 0; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - uint8_t buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE]; -#else - unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN]; -#endif /* MBEDTLS_USE_PSA_CRYPTO */ + unsigned char buf[PK_MAX_EC_PUBLIC_KEY_SIZE]; mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk); int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -276,7 +287,7 @@ static int pk_write_ec_private(unsigned char **p, unsigned char *start, { size_t byte_length; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char tmp[MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH]; + unsigned char tmp[PK_MAX_EC_KEY_PAIR_SIZE]; psa_status_t status; if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { @@ -304,14 +315,10 @@ static int pk_write_ec_private(unsigned char **p, unsigned char *start, { size_t byte_length; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - unsigned char tmp[MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH]; - psa_status_t status; -#else - unsigned char tmp[MBEDTLS_ECP_MAX_BYTES]; -#endif /* MBEDTLS_USE_PSA_CRYPTO */ + unsigned char tmp[PK_MAX_EC_KEY_PAIR_SIZE]; #if defined(MBEDTLS_USE_PSA_CRYPTO) + psa_status_t status; if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { status = psa_export_key(pk->priv_id, tmp, sizeof(tmp), &byte_length); if (status != PSA_SUCCESS) { From 410ad44725ebd85a84fd3b8a2db0f69519e596cf Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 28 Nov 2023 13:42:17 +0000 Subject: [PATCH 0826/1674] Disable hw AES on Arm for IAR Signed-off-by: Dave Rodgman --- library/aesce.c | 2 +- library/aesce.h | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index e1e0a15a3..279c5a280 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -45,7 +45,7 @@ #include "aesce.h" -#if defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(__ARM_NEON) +#if defined(MBEDTLS_AESCE_HAVE_CODE) /* Compiler version checks. */ #if defined(__clang__) diff --git a/library/aesce.h b/library/aesce.h index cf12d7f8d..e2bf58a31 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -15,12 +15,17 @@ #define MBEDTLS_AESCE_H #include "mbedtls/build_info.h" +#include "common.h" #include "mbedtls/aes.h" -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(__ARM_NEON) +#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(__ARM_NEON) \ + && (defined(MBEDTLS_COMPILER_IS_GCC) || defined(__clang__) || defined(MSC_VER)) +/* MBEDTLS_AESCE_HAVE_CODE is defined if we have a suitable target platform, and a + * potentially suitable compiler (compiler version & flags are not checked when defining + * this). */ #define MBEDTLS_AESCE_HAVE_CODE #ifdef __cplusplus @@ -121,9 +126,10 @@ int mbedtls_aesce_setkey_enc(unsigned char *rk, #else #if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && defined(MBEDTLS_ARCH_IS_ARMV8_A) -#error "AES hardware acceleration not supported on this platform" +#error "AES hardware acceleration not supported on this platform / compiler" #endif -#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARMV8_A && __ARM_NEON */ +#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARMV8_A && __ARM_NEON && + (MBEDTLS_COMPILER_IS_GCC || __clang__ || MSC_VER) */ #endif /* MBEDTLS_AESCE_H */ From 5b73de8ddb6db3ffde86f53a87a3059491127186 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 28 Nov 2023 15:49:25 +0100 Subject: [PATCH 0827/1674] ssl-opt.sh: Add a check of the list of supported ciphersuites Signed-off-by: Ronald Cron --- tests/ssl-opt.sh | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index b3f8ed4a4..f92642dec 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -358,9 +358,18 @@ requires_protocol_version() { # Space-separated list of ciphersuites supported by this build of # Mbed TLS. -P_CIPHERSUITES=" $($P_CLI help_ciphersuites 2>/dev/null | - grep 'TLS-\|TLS1-3' | - tr -s ' \n' ' ')" +P_CIPHERSUITES="" +if [ "$LIST_TESTS" -eq 0 ]; then + P_CIPHERSUITES=" $($P_CLI help_ciphersuites 2>/dev/null | + grep 'TLS-\|TLS1-3' | + tr -s ' \n' ' ')" + + if [ -z "${P_CIPHERSUITES# }" ]; then + echo >&2 "$0: fatal error: no cipher suites found!" + exit 125 + fi +fi + requires_ciphersuite_enabled() { case $P_CIPHERSUITES in *" $1 "*) :;; From 41bc42ac1b1a11496b202e7f2559c0bd6f664638 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 28 Nov 2023 15:03:57 +0100 Subject: [PATCH 0828/1674] ssl-opt.sh: Fix some symmetric crypto dependencies Fix some dependencies on symmetric crypto that were not correct in case of driver but not builtin support. Revealed by "Analyze driver test_psa_crypto_config_accel_cipher_aead vs reference test_psa_crypto_config_reference_cipher_aead" in analyze_outcomes.py. Signed-off-by: Ronald Cron --- tests/ssl-opt.sh | 56 +++++++++++++++++------------------------------- 1 file changed, 20 insertions(+), 36 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index f92642dec..ac7860c9a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2341,7 +2341,7 @@ run_test "Opaque key for server authentication: invalid alg: ecdh with RSA ke requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_hash_alg SHA_256 -requires_config_enabled MBEDTLS_CCM_C +requires_config_enabled PSA_WANT_ALG_CCM run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \ "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdh,none \ @@ -2395,7 +2395,7 @@ run_test "Opaque keys for server authentication: EC keys with different algs, requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_hash_alg SHA_384 -requires_config_enabled MBEDTLS_CCM_C +requires_config_enabled PSA_WANT_ALG_CCM requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Opaque keys for server authentication: EC + RSA, force ECDHE-ECDSA" \ "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \ @@ -2575,7 +2575,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_384 -requires_config_enabled MBEDTLS_GCM_C +requires_config_enabled PSA_WANT_ALG_GCM requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Opaque keys for server authentication: EC + RSA, force DHE-RSA" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ @@ -9124,8 +9124,7 @@ run_test "SSL async private: renegotiation: server-initiated, decrypt" \ # Tests for ECC extensions (rfc 4492) -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_config_enabled PSA_WANT_ALG_CBC_NO_PADDING requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED run_test "Force a non ECC ciphersuite in the client side" \ @@ -9137,8 +9136,7 @@ run_test "Force a non ECC ciphersuite in the client side" \ -S "found supported elliptic curves extension" \ -S "found supported point formats extension" -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_config_enabled PSA_WANT_ALG_CBC_NO_PADDING requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED run_test "Force a non ECC ciphersuite in the server side" \ @@ -9148,8 +9146,7 @@ run_test "Force a non ECC ciphersuite in the server side" \ -C "found supported_point_formats extension" \ -S "server hello, supported_point_formats extension" -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_config_enabled PSA_WANT_ALG_CBC_NO_PADDING requires_hash_alg SHA_256 run_test "Force an ECC ciphersuite in the client side" \ "$P_SRV debug_level=3" \ @@ -9160,8 +9157,7 @@ run_test "Force an ECC ciphersuite in the client side" \ -s "found supported elliptic curves extension" \ -s "found supported point formats extension" -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_config_enabled PSA_WANT_ALG_CBC_NO_PADDING requires_hash_alg SHA_256 run_test "Force an ECC ciphersuite in the server side" \ "$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ @@ -9686,8 +9682,7 @@ run_test "DTLS fragmenting: both (MTU=1024)" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C +requires_config_enabled PSA_WANT_ALG_GCM requires_max_content_len 2048 run_test "DTLS fragmenting: both (MTU=512)" \ -p "$P_PXY mtu=512" \ @@ -9716,8 +9711,7 @@ run_test "DTLS fragmenting: both (MTU=512)" \ not_with_valgrind requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C +requires_config_enabled PSA_WANT_ALG_GCM requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \ -p "$P_PXY mtu=508" \ @@ -9739,8 +9733,7 @@ run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \ only_with_valgrind requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C +requires_config_enabled PSA_WANT_ALG_GCM requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \ -p "$P_PXY mtu=508" \ @@ -9791,8 +9784,7 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C +requires_config_enabled PSA_WANT_ALG_GCM requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \ -p "$P_PXY mtu=512" \ @@ -9840,8 +9832,7 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C +requires_config_enabled PSA_WANT_ALG_GCM requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \ -p "$P_PXY mtu=512" \ @@ -9875,8 +9866,7 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C +requires_config_enabled PSA_WANT_ALG_GCM requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, resumed handshake" \ -p "$P_PXY mtu=1450" \ @@ -9904,7 +9894,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_CHACHAPOLY_C +requires_config_enabled PSA_WANT_ALG_CHACHA20_POLY1305 requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \ -p "$P_PXY mtu=512" \ @@ -9934,8 +9924,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C +requires_config_enabled PSA_WANT_ALG_GCM requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \ -p "$P_PXY mtu=512" \ @@ -9965,8 +9954,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_CCM_C +requires_config_enabled PSA_WANT_ALG_CCM requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \ -p "$P_PXY mtu=1024" \ @@ -9996,8 +9984,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_config_enabled PSA_WANT_ALG_CBC_NO_PADDING requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \ @@ -10028,8 +10015,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_CIPHER_MODE_CBC +requires_config_enabled PSA_WANT_ALG_CBC_NO_PADDING requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \ -p "$P_PXY mtu=1024" \ @@ -10055,8 +10041,7 @@ run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \ # Forcing ciphersuite for this test to fit the MTU of 512 with full config. requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C +requires_config_enabled PSA_WANT_ALG_GCM client_needs_more_time 2 requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU + 3d" \ @@ -10078,8 +10063,7 @@ run_test "DTLS fragmenting: proxy MTU + 3d" \ # Forcing ciphersuite for this test to fit the MTU of 512 with full config. requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_AES_C -requires_config_enabled MBEDTLS_GCM_C +requires_config_enabled PSA_WANT_ALG_GCM client_needs_more_time 2 requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \ From 7ee4cc302a113edf92ff231573a52eb5b3964ba9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 28 Nov 2023 15:49:57 +0100 Subject: [PATCH 0829/1674] Create legacy-API bridge API design document Do the analysis for hashes. Signed-off-by: Gilles Peskine --- .../psa-migration/psa-legacy-bridges.md | 137 ++++++++++++++++++ 1 file changed, 137 insertions(+) create mode 100644 docs/architecture/psa-migration/psa-legacy-bridges.md diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md new file mode 100644 index 000000000..e8f20b2b6 --- /dev/null +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -0,0 +1,137 @@ +Bridges between legacy and PSA crypto APIs +========================================== + +## Introduction + +### Goal of this document + +This document explores the needs of applications that use both Mbed TLS legacy crypto interfaces and PSA crypto interfaces. Based on [requirements](#requirements), we [analyze gaps](#gap-analysis) and [API design](#api-design). + +This is a design document. The target audience is library maintainers. See the companion document [“Transitioning to the PSA API”](../../psa-transition.md) for a user focus on the same topic. + +### Keywords + +* [TODO] A part of the analysis that isn't finished. +* [QUESTION] A specific aspect of the design where there are several plausible decisions. +* [ACTION] A finalized part of the design that will need to be carried out. + +### Context + +Mbed TLS 3.x supports two cryptographic APIs: + +* The legacy API `mbedtls_xxx` is inherited from PolarSSL. +* The PSA API `psa_xxx` was introduced in Mbed TLS 2.17. + +Mbed TLS is gradually shifting from the legacy API to the PSA API. Mbed TLS 4.0 will be the first version where the PSA API is considered the main API, and large parts of the legacy API will be removed. + +In Mbed TLS 4.0, the cryptography will be provided by a separate project [TF-PSA-Crypto](https://github.com/Mbed-TLS/TF-PSA-Crypto). For simplicity, in this document, we just refer to the whole as “Mbed TLS”. + +### Document history + +This document was originally written when preparing Mbed TLS 3.6. Mbed TLS 3.6 includes both PSA and legacy APIs covering largely overlapping ground. Many legacy APIs will be removed in Mbed TLS 4.0. + +## Requirements + +### Why mix APIs? + +There is functionality that is tied to one API and is not directly available in the other API: + +* Only PSA fully supports PSA accelerators and secure element integration. +* Only PSA supports isolating cryptographic material in a secure service. +* The legacy API has features that are not present (yet) in PSA, notably parsing and formatting asymmetric keys. + +The legacy API can partially leverage PSA features via `MBEDTLS_USE_PSA_CRYPTO`, but this has limited scope. + +In addition, many applications cannot be migrated in a single go. For large projects, it is impractical to rewrite a significant part of the code all at once. (For example, Mbed TLS itself will have taken more than 6 years to transition.) Projects that use one or more library in addition to Mbed TLS must follow the evolution of these libraries, each of which might have its own pace. + +### Where mixing happens + +Mbed TLS can be, and normally is, built with support for both APIs. Therefore no special effort is necessary to allow an application to use both APIs. + +Special effort is necessary to use both APIs as part of the implementation of the same feature. From an informal analysis of typical application requirements, we identify four parts of the use of cryptography which can be provided by different APIs: + +* Metadata manipulation: parsing and producing encrypted or signed files, finding mutually supported algorithms in a network protocol negotiation, etc. +* Key management: parsing, generating, deriving and formatting cryptographic keys. +* Data manipulation other than keys. In practice, most data formats within the scope of the legacy crypto APIs are trivial (ciphertexts, hashes, MACs, shared secrets). The one exception is ECDSA signatures. +* Cryptographic operations: hash, sign, encrypt, etc. + +From this, we deduce the following requirements: + +* Convert between PSA and legacy metadata. +* Creating a key with the legacy API and consuming it in the PSA API. +* Creating a key with the PSA API and consuming it in the legacy API. +* Manipulating data formats, other than keys, where the PSA API is lacking. + +### Scope limitations + +The goal of this document is to bridge the legacy API and the PSA API. The goal is not to provide a PSA way to do everything that is currently possible with the legacy API. The PSA API is less flexible in some regards, and extending it is out of scope in the present study. + +With respect to the legacy API, we do not consider functionality of low-level modules for individual algorithms. Our focus is on applications that use high-level legacy crypto modules (md, cipher, pk) and need to combine that with uses of the PSA APIs. + +## Gap analysis + +Based on “[Where mixing happens](#where-mixing-happens)”, we focus the gap analysis on two topics: metadata and keys. This chapter explores the gaps in each family of cryptographic mechanisms. + +### Generic metadata gaps + +#### Need for error code conversion + +[QUESTION] Do we need public functions to convert between `MBEDTLS_ERR_xxx` error codes and `PSA_ERROR_xxx` error codes? We have such functions for internal use. + +### Hash gap analysis + +Hashes do not involve keys, and involves no nontrivial data format. Therefore the only gap is with metadata, namely specifying a hash algorithm. + +Hashes are often used as building blocks for other mechanisms (HMAC, signatures, key derivation, etc.). Therefore metadata about hashes is relevant not only when calculating hashes, but also when performing many other cryptographic operations. + +Gap: functions to convert between `psa_algorithm_t` hash algorithms and `mbedtls_md_type_t`. Such functions exist in Mbed TLS 3.5 (`mbedtls_md_psa_alg_from_type`, `mbedtls_md_type_from_psa_alg`) but they are declared only in private headers. + +### MAC gap analysis + +[TODO] + +### Cipher and AEAD gap analysis + +[TODO] + +### Key derivation gap analysis + +[TODO] + +### Random generation gap analysis + +[TODO] + +### Asymmetric cryptography gap analysis + +[TODO] + +## New APIs + +This section presents new APIs to implement based on the [gap analysis](#gap-analysis). + +### Hash APIs + +Based on the [gap analysis](#hash-gap-analysis): + +[ACTION] Move `mbedtls_md_psa_alg_from_type` and `mbedtls_md_type_from_psa_alg` from `library/md_psa.h` to `include/mbedtls/md.h`. + +### MAC APIs + +[TODO] + +### Cipher and AEAD APIs + +[TODO] + +### Key derivation APIs + +[TODO] + +### Random generation APIs + +[TODO] + +### Asymmetric cryptography APIs + +[TODO] From bcd305913fb9faf985197bf2cc5d871d5ad1ff28 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 28 Nov 2023 16:27:55 +0100 Subject: [PATCH 0830/1674] pk: move functions to verify RFC8410 group ID to pk_internal Signed-off-by: Valerio Setti --- library/pk_internal.h | 10 ++++++++++ library/pkparse.c | 6 ------ library/pkwrite.c | 17 ----------------- 3 files changed, 10 insertions(+), 23 deletions(-) diff --git a/library/pk_internal.h b/library/pk_internal.h index ae329554b..ece2f82b7 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -119,6 +119,16 @@ static inline mbedtls_ecp_group_id mbedtls_pk_get_group_id(const mbedtls_pk_cont #if defined(MBEDTLS_ECP_HAVE_CURVE25519) || defined(MBEDTLS_ECP_HAVE_CURVE448) #define MBEDTLS_PK_HAVE_RFC8410_CURVES #endif /* MBEDTLS_ECP_HAVE_CURVE25519 || MBEDTLS_ECP_DP_CURVE448 */ + +#define MBEDTLS_PK_IS_RFC8410_GROUP_ID(id) \ + ((id == MBEDTLS_ECP_DP_CURVE25519) || (id == MBEDTLS_ECP_DP_CURVE448)) + +static inline int mbedtls_pk_is_rfc8410(const mbedtls_pk_context *pk) +{ + mbedtls_ecp_group_id id = mbedtls_pk_get_group_id(pk); + + return MBEDTLS_PK_IS_RFC8410_GROUP_ID(id); +} #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ /* Helper for (deterministic) ECDSA */ diff --git a/library/pkparse.c b/library/pkparse.c index 608c85480..0b5de8db3 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -863,12 +863,6 @@ static int pk_get_pk_alg(unsigned char **p, return 0; } -/* Helper for Montgomery curves */ -#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) -#define MBEDTLS_PK_IS_RFC8410_GROUP_ID(id) \ - ((id == MBEDTLS_ECP_DP_CURVE25519) || (id == MBEDTLS_ECP_DP_CURVE448)) -#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ - /* * SubjectPublicKeyInfo ::= SEQUENCE { * algorithm AlgorithmIdentifier, diff --git a/library/pkwrite.c b/library/pkwrite.c index 7a9cfedbd..468df1466 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -366,23 +366,6 @@ static int pk_write_ec_param(unsigned char **p, unsigned char *start, } #if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) -static inline int mbedtls_pk_is_rfc8410(const mbedtls_pk_context *pk) -{ - mbedtls_ecp_group_id id = mbedtls_pk_get_group_id(pk); - -#if defined(MBEDTLS_ECP_HAVE_CURVE25519) - if (id == MBEDTLS_ECP_DP_CURVE25519) { - return 1; - } -#endif -#if defined(MBEDTLS_ECP_HAVE_CURVE448) - if (id == MBEDTLS_ECP_DP_CURVE448) { - return 1; - } -#endif - return 0; -} - /* * RFC8410 section 7 * From 677285a2998289d59ba264c77918e863f988fb1a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 28 Nov 2023 16:45:50 +0100 Subject: [PATCH 0831/1674] Clarify "functions that facilitate the transition" Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index fabac9c85..b25f8b258 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -50,7 +50,7 @@ Then use the [summary of API modules](#summary-of-api-modules), the table of con To make the PSA API available, make sure that the configuration option [`MBEDTLS_PSA_CRYPTO_C`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#c.MBEDTLS_PSA_CRYPTO_C) is enabled (it is enabled in the default configuration). -You should probably enable [`MBEDTLS_USE_PSA_CRYPTO`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#mbedtls__config_8h_1a70fd7b97d5f11170546583f2095942a6) as well (it is disabled by default). This option causes the PK, X.509 and TLS modules to use PSA crypto under the hood. Some functions that facilitate the transition are only available when `MBEDTLS_USE_PSA_CRYPTO` is enabled. +You should probably enable [`MBEDTLS_USE_PSA_CRYPTO`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#mbedtls__config_8h_1a70fd7b97d5f11170546583f2095942a6) as well (it is disabled by default). This option causes the PK, X.509 and TLS modules to use PSA crypto under the hood. Some functions that facilitate the transition (for example, to convert between metadata encodings or between key representations) are only available when `MBEDTLS_USE_PSA_CRYPTO` is enabled. By default, the PSA crypto API offers a similar set of cryptographic mechanisms as those offered by the legacy API. The PSA crypto API also has its own configuration mechanism; see “[Cryptographic mechanism availability](#cryptographic-mechanism-availability)”. From 82d7a875ff53578e74c0703ef623f63ad7ee37e1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 28 Nov 2023 10:06:33 +0000 Subject: [PATCH 0832/1674] Update tests to refer to our tf-m config wrapper Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index e15fb2afb..177736a51 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4123,8 +4123,10 @@ support_build_tfm_armcc () { component_build_tfm_armcc() { # test the TF-M configuration can build cleanly with various warning flags enabled - cp configs/ext/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H" - cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" + cp configs/config-tfm.h "$CONFIG_H" + + # MBEDTLS_NO_PLATFORM_ENTROPY is needed as we are building for baremetal + ./scripts/config.py --force set MBEDTLS_NO_PLATFORM_ENTROPY msg "build: TF-M config, armclang armv7-m thumb2" armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused -I../tests/include/spe" @@ -4136,8 +4138,7 @@ component_build_tfm() { # TF-M configuration needs a TF-M platform. A tweaked version of # the configuration that works on mainstream platforms is in # configs/config-tfm.h, tested via test-ref-configs.pl. - cp configs/ext/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H" - cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H" + cp configs/config-tfm.h "$CONFIG_H" msg "build: TF-M config, clang, armv7-m thumb2" make lib CC="clang" CFLAGS="--target=arm-linux-gnueabihf -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused -I../tests/include/spe" From c89f7817e174dc7c3fbcf113c0d90dfb86658771 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 28 Nov 2023 13:55:20 +0000 Subject: [PATCH 0833/1674] Use common license header Signed-off-by: Dave Rodgman --- .../ext/tfm_mbedcrypto_config_profile_medium.h | 18 ++---------------- 1 file changed, 2 insertions(+), 16 deletions(-) diff --git a/configs/ext/tfm_mbedcrypto_config_profile_medium.h b/configs/ext/tfm_mbedcrypto_config_profile_medium.h index c435b5957..beebddf5a 100644 --- a/configs/ext/tfm_mbedcrypto_config_profile_medium.h +++ b/configs/ext/tfm_mbedcrypto_config_profile_medium.h @@ -8,22 +8,8 @@ * memory footprint. */ /* - * Copyright (C) 2006-2023, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * This file is part of mbed TLS (https://tls.mbed.org) + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ #ifndef PROFILE_M_MBEDTLS_CONFIG_H From 29ad2d7609183ff0a82abbfdeb2d979f9b16b039 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 28 Nov 2023 17:43:49 +0100 Subject: [PATCH 0834/1674] ssl-opt.sh: Remove unnecessary symmetric crypto dependencies Same test cases as in the previous commit. Remove the redundant symmetric crypto dependency. The dependency is ensured by the fact that: 1) the test case forces a cipher suite 2) ssl-opt.sh enforces automatically that the forced ciphersuite is available. 3) The fact that the forced ciphersuite is available implies that the symmetric cipher algorithm it uses is available as well. Signed-off-by: Ronald Cron --- tests/ssl-opt.sh | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ac7860c9a..b0d94bde0 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2341,7 +2341,6 @@ run_test "Opaque key for server authentication: invalid alg: ecdh with RSA ke requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_hash_alg SHA_256 -requires_config_enabled PSA_WANT_ALG_CCM run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \ "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \ key_file=data_files/server5.key key_opaque_algs=ecdh,none \ @@ -2395,7 +2394,6 @@ run_test "Opaque keys for server authentication: EC keys with different algs, requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_hash_alg SHA_384 -requires_config_enabled PSA_WANT_ALG_CCM requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Opaque keys for server authentication: EC + RSA, force ECDHE-ECDSA" \ "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \ @@ -2575,7 +2573,6 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO requires_config_enabled MBEDTLS_X509_CRT_PARSE_C requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_384 -requires_config_enabled PSA_WANT_ALG_GCM requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "Opaque keys for server authentication: EC + RSA, force DHE-RSA" \ "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \ @@ -9124,7 +9121,6 @@ run_test "SSL async private: renegotiation: server-initiated, decrypt" \ # Tests for ECC extensions (rfc 4492) -requires_config_enabled PSA_WANT_ALG_CBC_NO_PADDING requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED run_test "Force a non ECC ciphersuite in the client side" \ @@ -9136,7 +9132,6 @@ run_test "Force a non ECC ciphersuite in the client side" \ -S "found supported elliptic curves extension" \ -S "found supported point formats extension" -requires_config_enabled PSA_WANT_ALG_CBC_NO_PADDING requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED run_test "Force a non ECC ciphersuite in the server side" \ @@ -9146,7 +9141,6 @@ run_test "Force a non ECC ciphersuite in the server side" \ -C "found supported_point_formats extension" \ -S "server hello, supported_point_formats extension" -requires_config_enabled PSA_WANT_ALG_CBC_NO_PADDING requires_hash_alg SHA_256 run_test "Force an ECC ciphersuite in the client side" \ "$P_SRV debug_level=3" \ @@ -9157,7 +9151,6 @@ run_test "Force an ECC ciphersuite in the client side" \ -s "found supported elliptic curves extension" \ -s "found supported point formats extension" -requires_config_enabled PSA_WANT_ALG_CBC_NO_PADDING requires_hash_alg SHA_256 run_test "Force an ECC ciphersuite in the server side" \ "$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ @@ -9682,7 +9675,6 @@ run_test "DTLS fragmenting: both (MTU=1024)" \ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 -requires_config_enabled PSA_WANT_ALG_GCM requires_max_content_len 2048 run_test "DTLS fragmenting: both (MTU=512)" \ -p "$P_PXY mtu=512" \ @@ -9711,7 +9703,6 @@ run_test "DTLS fragmenting: both (MTU=512)" \ not_with_valgrind requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled PSA_WANT_ALG_GCM requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \ -p "$P_PXY mtu=508" \ @@ -9733,7 +9724,6 @@ run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \ only_with_valgrind requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled PSA_WANT_ALG_GCM requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \ -p "$P_PXY mtu=508" \ @@ -9784,7 +9774,6 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled PSA_WANT_ALG_GCM requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \ -p "$P_PXY mtu=512" \ @@ -9832,7 +9821,6 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled PSA_WANT_ALG_GCM requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \ -p "$P_PXY mtu=512" \ @@ -9866,7 +9854,6 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \ not_with_valgrind # spurious autoreduction due to timeout requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled PSA_WANT_ALG_GCM requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, resumed handshake" \ -p "$P_PXY mtu=1450" \ @@ -9894,7 +9881,6 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled PSA_WANT_ALG_CHACHA20_POLY1305 requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \ -p "$P_PXY mtu=512" \ @@ -9924,7 +9910,6 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled PSA_WANT_ALG_GCM requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \ -p "$P_PXY mtu=512" \ @@ -9954,7 +9939,6 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled PSA_WANT_ALG_CCM requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \ -p "$P_PXY mtu=1024" \ @@ -9984,7 +9968,6 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled PSA_WANT_ALG_CBC_NO_PADDING requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \ @@ -10015,7 +9998,6 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_hash_alg SHA_256 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -requires_config_enabled PSA_WANT_ALG_CBC_NO_PADDING requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \ -p "$P_PXY mtu=1024" \ @@ -10041,7 +10023,6 @@ run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \ # Forcing ciphersuite for this test to fit the MTU of 512 with full config. requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled PSA_WANT_ALG_GCM client_needs_more_time 2 requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU + 3d" \ @@ -10063,7 +10044,6 @@ run_test "DTLS fragmenting: proxy MTU + 3d" \ # Forcing ciphersuite for this test to fit the MTU of 512 with full config. requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled PSA_WANT_ALG_GCM client_needs_more_time 2 requires_max_content_len 2048 run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \ From 60f76663c0ffffad28973e2ba2d7fe09ee8c0dfa Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 28 Nov 2023 17:52:42 +0100 Subject: [PATCH 0835/1674] Align forced ciphersuite with test description Signed-off-by: Ronald Cron --- tests/ssl-opt.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index b0d94bde0..4762285b0 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -9894,7 +9894,7 @@ run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \ crt_file=data_files/server8_int-ca2.crt \ key_file=data_files/server8.key \ exchanges=2 renegotiation=1 renegotiate=1 \ - force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ + force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \ hs_timeout=10000-60000 \ mtu=512" \ 0 \ From 5403cb340ab348af7e7c1219cb968f7ee83f0f67 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 28 Nov 2023 18:03:03 +0100 Subject: [PATCH 0836/1674] typos Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index b25f8b258..70a92c483 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -587,11 +587,11 @@ Applications currently using `mbedtls_pkcs5_pbkdf2_hmac` or `mbedtls_pkcs5_pbkdf If you want to verify the output against an expected value (for authentication, rather than to derive key material), call `psa_key_derivation_verify_bytes` or `psa_key_derivation_verify_key` instead of `psa_key_derivation_output_bytes`. 6. Call [`psa_key_derivation_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) to free the resources associated with the key derivation object. -The function `mbedtls_pkcs5_pbes2` is only inteded as a support function to parse encrypted private keys in the PK module. It has no PSA equivalent. +The function `mbedtls_pkcs5_pbes2` is only intended as a support function to parse encrypted private keys in the PK module. It has no PSA equivalent. ### PKCS#12 module -The functions `mbedtls_pkcs12_derivation` and `mbedtls_pkcs12_pbes2` are only intended as supports function to parse encrypted private keys in the PK module. They have no PSA equivalent. +The functions `mbedtls_pkcs12_derivation` and `mbedtls_pkcs12_pbes2` are only intended as support functions to parse encrypted private keys in the PK module. They have no PSA equivalent. ## Random generation From 601d3a0bd736531129453b2195cd9dd902696eb4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 28 Nov 2023 18:03:16 +0100 Subject: [PATCH 0837/1674] Add links to newly added functions Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 70a92c483..9e4f4b5c6 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -584,7 +584,7 @@ Applications currently using `mbedtls_pkcs5_pbkdf2_hmac` or `mbedtls_pkcs5_pbkdf 2. [`PSA_KEY_DERIVATION_INPUT_SECRET`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1ga0ddfbe764baba995c402b1b0ef59392e) for the password. 5. Call [`psa_key_derivation_output_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga06b7eb34a2fa88965f68e3d023fa12b9) to obtain the output of the derivation. You may call this function more than once to retrieve the output in successive chunks. Use [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1) instead if you want to use a chunk as a PSA key. - If you want to verify the output against an expected value (for authentication, rather than to derive key material), call `psa_key_derivation_verify_bytes` or `psa_key_derivation_verify_key` instead of `psa_key_derivation_output_bytes`. + If you want to verify the output against an expected value (for authentication, rather than to derive key material), call [`psa_key_derivation_verify_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gaf01520beb7ba932143ffe733b0795b08) or [`psa_key_derivation_verify_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gac041714e34a94742e8ee006ac7dfea5a) instead of `psa_key_derivation_output_bytes`. 6. Call [`psa_key_derivation_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) to free the resources associated with the key derivation object. The function `mbedtls_pkcs5_pbes2` is only intended as a support function to parse encrypted private keys in the PK module. It has no PSA equivalent. From d372da6201a7d7b04e9b595bbe638df9c9b3e7ea Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 28 Nov 2023 18:03:53 +0100 Subject: [PATCH 0838/1674] Expand on the removal of RNG boilerplate Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 9e4f4b5c6..c840b0307 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -597,7 +597,7 @@ The functions `mbedtls_pkcs12_derivation` and `mbedtls_pkcs12_pbes2` are only in ### Random generation interface -The PSA subsystem has an internal random generator. As a consequence, you do not need to instantiate one manually, so most applications using PSA crypto do not need the interfaces from `entropy.h`, `ctr_drbg.` and `hmac_drbg.h`. +The PSA subsystem has an internal random generator. As a consequence, you do not need to instantiate one manually, so most applications using PSA crypto do not need the interfaces from `entropy.h`, `ctr_drbg.` and `hmac_drbg.h`. See the next sections for remaining use cases for [entropy](#entropy-sources) and [DRBG](#deterministic-pseudorandom-generation). The PSA API uses its internal random generator to generate keys (`psa_generate_key`), nonces for encryption (`psa_cipher_generate_iv`, `psa_cipher_encrypt`, `psa_aead_generate_nonce`, `psa_aead_encrypt`, `psa_asymmetric_encrypt`), and other random material as needed. If you need random data for some other purposes, call [`psa_generate_random`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5). @@ -606,6 +606,8 @@ If your application mixes uses of the PSA crypto API and the mbedtls API and you * [`mbedtls_psa_get_random`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/psa__util_8h/#_CPPv422mbedtls_psa_get_randomPvPh6size_t) as the `f_rng` argument; * [`MBEDTLS_PSA_RANDOM_STATE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/psa__util_8h/#c.MBEDTLS_PSA_RANDOM_STATE) as the `p_rng` argument. +You can remove the Mbed TLS RNG boilerplate (`mbedtls_entropy_init`, `mbedtls_ctr_drbg_init`, `mbedtls_ctr_drbg_seed`, `mbedtls_ctr_drbg_random`, `mbedtls_ctr_drbg_free`, `mbedtls_entropy_free` — or `hmac_drbg` equivalents of the `ctr_drbg` functions) once you have finished replacing the references to `mbedtls_ctr_drbg_random` (or `mbedtls_hmac_drbg_random`) by `mbedtls_psa_get_random`. + ### Entropy sources Unless explicitly configured otherwise, the PSA random generator uses the default entropy sources configured through the legacy interface (`MBEDTLS_ENTROPY_xxx` symbols). Its set of sources is equivalent to an entropy object configured with `mbedtls_entropy_init`. From 550cd6f9b2a5773060ec87926dcdcdd26148d1a3 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 29 Nov 2023 09:17:59 +0800 Subject: [PATCH 0839/1674] Use boolean `hit` instead of int `hits` Also fix a typo in the comments. Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 02aac225f..52059bda0 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -17,7 +17,7 @@ import typing import check_test_cases -# `CompoentOutcomes` is a named tuple which is defined as: +# `ComponentOutcomes` is a named tuple which is defined as: # ComponentOutcomes( # successes = { # "", @@ -87,19 +87,19 @@ def analyze_coverage(results: Results, outcomes: Outcomes, """Check that all available test cases are executed at least once.""" available = check_test_cases.collect_available_test_cases() for suite_case in available: - hits = 0 + hit = False for comp_outcomes in outcomes.values(): if suite_case in comp_outcomes.successes or \ suite_case in comp_outcomes.failures: - hits += 1 + hit = True break - if hits == 0 and suite_case not in allow_list: + if hit == 0 and suite_case not in allow_list: if full_coverage: results.error('Test case not executed: {}', suite_case) else: results.warning('Test case not executed: {}', suite_case) - elif hits != 0 and suite_case in allow_list: + elif hit != 0 and suite_case in allow_list: # Test Case should be removed from the allow list. if full_coverage: results.error('Allow listed test case was executed: {}', suite_case) From 5b96b819803d69b2be8b7afb65d500f92faeb98f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 29 Nov 2023 10:25:00 +0800 Subject: [PATCH 0840/1674] Revert "fix build warning with arm64 gcc 5.4" This reverts commit da3c206ebde6c29904fb46a61ec7534f90c0d08e. Signed-off-by: Jerry Yu --- library/common.h | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/library/common.h b/library/common.h index ec30a7da1..c20f6b260 100644 --- a/library/common.h +++ b/library/common.h @@ -165,10 +165,7 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * \param b Pointer to input (buffer of at least \p n bytes) * \param n Number of bytes to process. */ -static inline void mbedtls_xor(unsigned char *r, - const unsigned char *a, - const unsigned char *b, - size_t n) +inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned char *b, size_t n) { size_t i = 0; #if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) From 71fada10e5b05e328d3a7ae75ea5a0edaf9d271a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 29 Nov 2023 10:38:07 +0800 Subject: [PATCH 0841/1674] Guards neon path Old GCC(<7.3) reports warning in NEON path Signed-off-by: Jerry Yu --- library/common.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/common.h b/library/common.h index c20f6b260..78d71fda2 100644 --- a/library/common.h +++ b/library/common.h @@ -169,7 +169,9 @@ inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned { size_t i = 0; #if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) -#if defined(__ARM_NEON) +#if defined(__ARM_NEON) && \ + (defined(__GNUC__) && !defined(__clang__) && \ + __GNUC__ >= 7 && __GNUC_MINOR__ >= 3) for (; (i + 16) <= n; i += 16) { uint8x16_t v1 = vld1q_u8(a + i); uint8x16_t v2 = vld1q_u8(b + i); From d33f7a8c722a9ca4c1338230d51ed5213a29c8bb Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 29 Nov 2023 15:09:21 +0800 Subject: [PATCH 0842/1674] improve document Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index e69b091f3..db6140eb0 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2794,8 +2794,8 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) * * early transform is set after server finished in this section. But * it breaks our key computation, so we put early transform computation - * at the end of client hello. For time being, I am not sure the benifit - * for moving computation here. + * at the end of client hello. For the time being, I am not sure the + * benifit for moving computation here. */ MBEDTLS_SSL_DEBUG_MSG( 1, ("Switch to early keys for inbound traffic. " @@ -2911,7 +2911,7 @@ static int ssl_tls13_process_wait_eoed(mbedtls_ssl_context *ssl) /* * Output early data * - * For time being, we print received data via debug message. + * For the time being, we print received data via debug message. * * TODO: Remove it when `mbedtls_ssl_read_early_data` is ready. */ From f9362b7324b1e4e4e6eb7a71420a68ae599d108b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 29 Nov 2023 08:42:27 +0100 Subject: [PATCH 0843/1674] pk_internal: small renaming for mbedtls_pk_get_group_id() Signed-off-by: Valerio Setti --- library/pk_internal.h | 4 ++-- library/pkwrite.c | 8 ++++---- library/ssl_tls.c | 2 +- library/ssl_tls12_client.c | 2 +- library/ssl_tls12_server.c | 4 ++-- library/x509_crt.c | 2 +- 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/library/pk_internal.h b/library/pk_internal.h index ece2f82b7..81807f133 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -85,7 +85,7 @@ static inline mbedtls_ecp_keypair *mbedtls_pk_ec_rw(const mbedtls_pk_context pk) #endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */ #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) -static inline mbedtls_ecp_group_id mbedtls_pk_get_group_id(const mbedtls_pk_context *pk) +static inline mbedtls_ecp_group_id mbedtls_pk_get_ec_group_id(const mbedtls_pk_context *pk) { mbedtls_ecp_group_id id; @@ -125,7 +125,7 @@ static inline mbedtls_ecp_group_id mbedtls_pk_get_group_id(const mbedtls_pk_cont static inline int mbedtls_pk_is_rfc8410(const mbedtls_pk_context *pk) { - mbedtls_ecp_group_id id = mbedtls_pk_get_group_id(pk); + mbedtls_ecp_group_id id = mbedtls_pk_get_ec_group_id(pk); return MBEDTLS_PK_IS_RFC8410_GROUP_ID(id); } diff --git a/library/pkwrite.c b/library/pkwrite.c index 468df1466..2ef723f15 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -395,7 +395,7 @@ static int pk_write_ec_rfc8410_der(unsigned char **p, unsigned char *buf, MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, buf, MBEDTLS_ASN1_OCTET_STRING)); - grp_id = mbedtls_pk_get_group_id(pk); + grp_id = mbedtls_pk_get_ec_group_id(pk); /* privateKeyAlgorithm */ if ((ret = mbedtls_oid_get_oid_by_ec_grp_algid(grp_id, &oid, &oid_len)) != 0) { return ret; @@ -452,7 +452,7 @@ static int pk_write_ec_der(unsigned char **p, unsigned char *buf, len += pub_len; /* parameters */ - grp_id = mbedtls_pk_get_group_id(pk); + grp_id = mbedtls_pk_get_ec_group_id(pk); MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(p, buf, grp_id)); MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_len(p, buf, par_len)); MBEDTLS_ASN1_CHK_ADD(par_len, mbedtls_asn1_write_tag(p, buf, @@ -600,7 +600,7 @@ int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *bu pk_type = mbedtls_pk_get_type(key); #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) if (pk_type == MBEDTLS_PK_ECKEY) { - ec_grp_id = mbedtls_pk_get_group_id(key); + ec_grp_id = mbedtls_pk_get_ec_group_id(key); } #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -609,7 +609,7 @@ int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *bu #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) if (PSA_KEY_TYPE_IS_ECC(opaque_key_type)) { pk_type = MBEDTLS_PK_ECKEY; - ec_grp_id = mbedtls_pk_get_group_id(key); + ec_grp_id = mbedtls_pk_get_ec_group_id(key); } else #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ if (PSA_KEY_TYPE_IS_RSA(opaque_key_type)) { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index b163e93c2..138c7f48a 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -7422,7 +7422,7 @@ static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl, /* and in the unlikely case the above assumption no longer holds * we are making sure that pk_ec() here does not return a NULL */ - mbedtls_ecp_group_id grp_id = mbedtls_pk_get_group_id(pk); + mbedtls_ecp_group_id grp_id = mbedtls_pk_get_ec_group_id(pk); if (grp_id == MBEDTLS_ECP_DP_NONE) { MBEDTLS_SSL_DEBUG_MSG(1, ("invalid group ID")); return MBEDTLS_ERR_SSL_INTERNAL_ERROR; diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 9aa46bd15..7f1ddaf00 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -2016,7 +2016,7 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_USE_PSA_CRYPTO) uint16_t tls_id = 0; psa_key_type_t key_type = PSA_KEY_TYPE_NONE; - mbedtls_ecp_group_id grp_id = mbedtls_pk_get_group_id(peer_pk); + mbedtls_ecp_group_id grp_id = mbedtls_pk_get_ec_group_id(peer_pk); if (mbedtls_ssl_check_curve(ssl, grp_id) != 0) { MBEDTLS_SSL_DEBUG_MSG(1, ("bad server certificate (ECDH curve)")); diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index b007e5c66..54e1cd4f7 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -664,7 +664,7 @@ static int ssl_check_key_curve(mbedtls_pk_context *pk, uint16_t *curves_tls_id) { uint16_t *curr_tls_id = curves_tls_id; - mbedtls_ecp_group_id grp_id = mbedtls_pk_get_group_id(pk); + mbedtls_ecp_group_id grp_id = mbedtls_pk_get_ec_group_id(pk); mbedtls_ecp_group_id curr_grp_id; while (*curr_tls_id != 0) { @@ -2651,7 +2651,7 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) case MBEDTLS_PK_ECKEY_DH: case MBEDTLS_PK_ECDSA: key = mbedtls_pk_ec_rw(*pk); - grp_id = mbedtls_pk_get_group_id(pk); + grp_id = mbedtls_pk_get_ec_group_id(pk); if (grp_id == MBEDTLS_ECP_DP_NONE) { return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; } diff --git a/library/x509_crt.c b/library/x509_crt.c index f41eb47d7..0c3e3fa60 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -222,7 +222,7 @@ static int x509_profile_check_key(const mbedtls_x509_crt_profile *profile, if (pk_alg == MBEDTLS_PK_ECDSA || pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH) { - const mbedtls_ecp_group_id gid = mbedtls_pk_get_group_id(pk); + const mbedtls_ecp_group_id gid = mbedtls_pk_get_ec_group_id(pk); if (gid == MBEDTLS_ECP_DP_NONE) { return -1; From e743aa74b50470e6b1d4df55766f0fefb80b942b Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 29 Nov 2023 15:54:32 +0800 Subject: [PATCH 0844/1674] add non-gcc arm_neon support Signed-off-by: Jerry Yu --- library/common.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/common.h b/library/common.h index 78d71fda2..cc58bf4f6 100644 --- a/library/common.h +++ b/library/common.h @@ -170,8 +170,8 @@ inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned size_t i = 0; #if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) #if defined(__ARM_NEON) && \ - (defined(__GNUC__) && !defined(__clang__) && \ - __GNUC__ >= 7 && __GNUC_MINOR__ >= 3) + (!defined(MBEDTLS_COMPILER_IS_GCC) || \ + (defined(MBEDTLS_COMPILER_IS_GCC) && __GNUC__ >= 7 && __GNUC_MINOR__ >= 3)) for (; (i + 16) <= n; i += 16) { uint8x16_t v1 = vld1q_u8(a + i); uint8x16_t v2 = vld1q_u8(b + i); From 92787e42c42433b6a9cde0dd5a79b5baf011815a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 29 Nov 2023 16:30:38 +0800 Subject: [PATCH 0845/1674] fix wrong gcc version check Signed-off-by: Jerry Yu --- library/common.h | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/library/common.h b/library/common.h index cc58bf4f6..bd5a0c392 100644 --- a/library/common.h +++ b/library/common.h @@ -23,6 +23,15 @@ #include #endif /* __ARM_NEON */ + +#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \ + && !defined(__llvm__) && !defined(__INTEL_COMPILER) +/* Defined if the compiler really is gcc and not clang, etc */ +#define MBEDTLS_COMPILER_IS_GCC +#define MBEDTLS_GCC_VERSION \ + (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) +#endif + /** Helper to define a function as static except when building invasive tests. * * If a function is only used inside its own source file and should be @@ -171,7 +180,7 @@ inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned #if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) #if defined(__ARM_NEON) && \ (!defined(MBEDTLS_COMPILER_IS_GCC) || \ - (defined(MBEDTLS_COMPILER_IS_GCC) && __GNUC__ >= 7 && __GNUC_MINOR__ >= 3)) + (defined(MBEDTLS_COMPILER_IS_GCC) && MBEDTLS_GCC_VERSION >= 70300)) for (; (i + 16) <= n; i += 16) { uint8x16_t v1 = vld1q_u8(a + i); uint8x16_t v2 = vld1q_u8(b + i); @@ -326,12 +335,6 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, #define MBEDTLS_ASSUME(x) do { } while (0) #endif -#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \ - && !defined(__llvm__) && !defined(__INTEL_COMPILER) -/* Defined if the compiler really is gcc and not clang, etc */ -#define MBEDTLS_COMPILER_IS_GCC -#endif - /* For gcc -Os, override with -O2 for a given function. * * This will not affect behaviour for other optimisation settings, e.g. -O0. From 2d9b7d491af6560ba7db0ed6a39b7c256d322a2e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 29 Nov 2023 09:42:44 +0000 Subject: [PATCH 0846/1674] Remove references to 3.4 Signed-off-by: Dave Rodgman --- configs/config-tfm.h | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index d987b6331..a21d041cd 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -51,18 +51,3 @@ /*********************************************************************** * Local changes to crypto config below this delimiter **********************************************************************/ - -/* Between Mbed TLS 3.4 and 3.5, the PSA_WANT_KEY_TYPE_RSA_KEY_PAIR macro - * (commented-out above) has been replaced with the following new macros: */ -//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 -//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 -//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 -//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 -//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE 1 /* Not supported */ - -/* Between Mbed TLS 3.4 and 3.5, the following macros have been added: */ -//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC 1 -//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 -//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 -//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 -//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE 1 // Not supported From e4cf9b6f95264784d5b768d63bbb63c6fb74601f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 29 Nov 2023 09:43:20 +0000 Subject: [PATCH 0847/1674] Move MBEDTLS_BLOCK_CIPHER_NO_DECRYPT to correct section Signed-off-by: Dave Rodgman --- configs/config-tfm.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index a21d041cd..1925cdcb2 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -45,9 +45,9 @@ #undef MBEDTLS_PLATFORM_STD_EXIT_SUCCESS #undef MBEDTLS_PLATFORM_STD_EXIT_FAILURE -// We expect TF-M to pick this up soon -#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT - /*********************************************************************** * Local changes to crypto config below this delimiter **********************************************************************/ + +// We expect TF-M to pick this up soon +#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT From 51e72456f9dd7bfc3a4eee53de046f4390a3d83b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 29 Nov 2023 09:44:44 +0000 Subject: [PATCH 0848/1674] Automatically set MBEDTLS_NO_PLATFORM_ENTROPY in TF-M config Signed-off-by: Dave Rodgman --- configs/config-tfm.h | 9 +++++++++ tests/scripts/all.sh | 3 --- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index 1925cdcb2..85b677b4c 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -45,6 +45,15 @@ #undef MBEDTLS_PLATFORM_STD_EXIT_SUCCESS #undef MBEDTLS_PLATFORM_STD_EXIT_FAILURE +/* + * In order to get an example config that works cleanly out-of-the-box + * for both baremetal and non-baremetal builds, we detect baremetal builds + * and set this variable automatically. + */ +#if defined(__IAR_SYSTEMS_ICC__) || defined(__ARM_EABI__) +#define MBEDTLS_NO_PLATFORM_ENTROPY +#endif + /*********************************************************************** * Local changes to crypto config below this delimiter **********************************************************************/ diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 177736a51..036bdceac 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4125,9 +4125,6 @@ component_build_tfm_armcc() { # test the TF-M configuration can build cleanly with various warning flags enabled cp configs/config-tfm.h "$CONFIG_H" - # MBEDTLS_NO_PLATFORM_ENTROPY is needed as we are building for baremetal - ./scripts/config.py --force set MBEDTLS_NO_PLATFORM_ENTROPY - msg "build: TF-M config, armclang armv7-m thumb2" armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused -I../tests/include/spe" } From 5dcfd0c613eb31a20e02d901fdb26d72262b9835 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 29 Nov 2023 18:03:28 +0800 Subject: [PATCH 0849/1674] Some improvements Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 52059bda0..0d8289bda 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -87,19 +87,16 @@ def analyze_coverage(results: Results, outcomes: Outcomes, """Check that all available test cases are executed at least once.""" available = check_test_cases.collect_available_test_cases() for suite_case in available: - hit = False - for comp_outcomes in outcomes.values(): - if suite_case in comp_outcomes.successes or \ - suite_case in comp_outcomes.failures: - hit = True - break + hit = any(suite_case in comp_outcomes.successes or + suite_case in comp_outcomes.failures + for comp_outcomes in outcomes.values()) - if hit == 0 and suite_case not in allow_list: + if not hit and suite_case not in allow_list: if full_coverage: results.error('Test case not executed: {}', suite_case) else: results.warning('Test case not executed: {}', suite_case) - elif hit != 0 and suite_case in allow_list: + elif hit and suite_case in allow_list: # Test Case should be removed from the allow list. if full_coverage: results.error('Allow listed test case was executed: {}', suite_case) From a4f70fe3fe2c7ad55c6b550bc1090d5aedd80946 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 29 Nov 2023 15:05:47 +0100 Subject: [PATCH 0850/1674] pkwrite: simplify management of opaque keys Signed-off-by: Valerio Setti --- library/pkwrite.c | 160 ++++++++++++---------------------------------- 1 file changed, 41 insertions(+), 119 deletions(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index 2ef723f15..900a804dc 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -478,21 +478,6 @@ static int pk_write_ec_der(unsigned char **p, unsigned char *buf, * Internal functions for Opaque keys. ******************************************************************************/ #if defined(MBEDTLS_USE_PSA_CRYPTO) -/* It is assumed that the input key is opaque */ -static psa_key_type_t pk_get_opaque_key_type(const mbedtls_pk_context *pk) -{ - psa_key_attributes_t opaque_attrs = PSA_KEY_ATTRIBUTES_INIT; - psa_key_type_t opaque_key_type; - - if (psa_get_key_attributes(pk->priv_id, &opaque_attrs) != PSA_SUCCESS) { - return 0; - } - opaque_key_type = psa_get_key_type(&opaque_attrs); - psa_reset_key_attributes(&opaque_attrs); - - return opaque_key_type; -} - static int pk_write_opaque_pubkey(unsigned char **p, unsigned char *start, const mbedtls_pk_context *pk) { @@ -514,25 +499,41 @@ static int pk_write_opaque_pubkey(unsigned char **p, unsigned char *start, return (int) len; } - -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) && defined(MBEDTLS_PEM_WRITE_C) -/* It is assumed that the input key is opaque */ -static psa_ecc_family_t pk_get_opaque_ec_family(const mbedtls_pk_context *pk) -{ - psa_ecc_family_t ec_family = 0; - psa_key_attributes_t key_attrs = PSA_KEY_ATTRIBUTES_INIT; - - if (psa_get_key_attributes(pk->priv_id, &key_attrs) != PSA_SUCCESS) { - return 0; - } - ec_family = PSA_KEY_TYPE_ECC_GET_FAMILY(psa_get_key_type(&key_attrs)); - psa_reset_key_attributes(&key_attrs); - - return ec_family; -} -#endif /* MBEDTLS_PK_HAVE_ECC_KEYS && MBEDTLS_PEM_WRITE_C */ #endif /* MBEDTLS_USE_PSA_CRYPTO */ +/****************************************************************************** + * Generic helpers + ******************************************************************************/ + +/* Extend the public mbedtls_pk_get_type() by getting key type also in case of + * opaque keys. */ +static mbedtls_pk_type_t pk_get_type_ext(const mbedtls_pk_context *pk) +{ + mbedtls_pk_type_t pk_type = mbedtls_pk_get_type(pk); + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if (pk_type == MBEDTLS_PK_OPAQUE) { + psa_key_attributes_t opaque_attrs = PSA_KEY_ATTRIBUTES_INIT; + psa_key_type_t opaque_key_type; + + if (psa_get_key_attributes(pk->priv_id, &opaque_attrs) != PSA_SUCCESS) { + return MBEDTLS_PK_NONE; + } + opaque_key_type = psa_get_key_type(&opaque_attrs); + psa_reset_key_attributes(&opaque_attrs); + + if (PSA_KEY_TYPE_IS_ECC(opaque_key_type)) { + return MBEDTLS_PK_ECKEY; + } else if (PSA_KEY_TYPE_IS_RSA(opaque_key_type)) { + return MBEDTLS_PK_RSA; + } else { + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + } + } else +#endif + return pk_type; +} + /****************************************************************************** * Public functions for writing private/public DER keys. ******************************************************************************/ @@ -569,9 +570,6 @@ int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *bu int has_par = 1; size_t len = 0, par_len = 0, oid_len = 0; mbedtls_pk_type_t pk_type; -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) - mbedtls_ecp_group_id ec_grp_id = MBEDTLS_ECP_DP_NONE; -#endif const char *oid = NULL; if (size == 0) { @@ -597,34 +595,11 @@ int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *bu MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&c, buf, len)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&c, buf, MBEDTLS_ASN1_BIT_STRING)); - pk_type = mbedtls_pk_get_type(key); -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) - if (pk_type == MBEDTLS_PK_ECKEY) { - ec_grp_id = mbedtls_pk_get_ec_group_id(key); - } -#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if (pk_type == MBEDTLS_PK_OPAQUE) { - psa_key_type_t opaque_key_type = pk_get_opaque_key_type(key); -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) - if (PSA_KEY_TYPE_IS_ECC(opaque_key_type)) { - pk_type = MBEDTLS_PK_ECKEY; - ec_grp_id = mbedtls_pk_get_ec_group_id(key); - } else -#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ - if (PSA_KEY_TYPE_IS_RSA(opaque_key_type)) { - /* The rest of the function works as for legacy RSA contexts. */ - pk_type = MBEDTLS_PK_RSA; - } - } - /* `pk_type` will have been changed to non-opaque by here if this function can handle it */ - if (pk_type == MBEDTLS_PK_OPAQUE) { - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ + pk_type = pk_get_type_ext(key); #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) if (pk_type == MBEDTLS_PK_ECKEY) { + mbedtls_ecp_group_id ec_grp_id = mbedtls_pk_get_ec_group_id(key); /* Some groups have their own AlgorithmIdentifier OID, others are handled * by mbedtls_oid_get_oid_by_pk_alg() below */ ret = mbedtls_oid_get_oid_by_ec_grp_algid(ec_grp_id, &oid, &oid_len); @@ -661,15 +636,6 @@ int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *bu int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, size_t size) { unsigned char *c; -#if defined(MBEDTLS_RSA_C) - int is_rsa_opaque = 0; -#endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) - int is_ec_opaque = 0; -#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - psa_key_type_t opaque_key_type; -#endif /* MBEDTLS_USE_PSA_CRYPTO */ if (size == 0) { return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; @@ -677,25 +643,13 @@ int mbedtls_pk_write_key_der(const mbedtls_pk_context *key, unsigned char *buf, c = buf + size; -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if (mbedtls_pk_get_type(key) == MBEDTLS_PK_OPAQUE) { - opaque_key_type = pk_get_opaque_key_type(key); #if defined(MBEDTLS_RSA_C) - is_rsa_opaque = PSA_KEY_TYPE_IS_RSA(opaque_key_type); -#endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) - is_ec_opaque = PSA_KEY_TYPE_IS_ECC(opaque_key_type); -#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -#if defined(MBEDTLS_RSA_C) - if ((mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) || is_rsa_opaque) { + if (pk_get_type_ext(key) == MBEDTLS_PK_RSA) { return pk_write_rsa_der(&c, buf, key); } else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) - if ((mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) || is_ec_opaque) { + if (pk_get_type_ext(key) == MBEDTLS_PK_ECKEY) { #if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) if (mbedtls_pk_is_rfc8410(key)) { return pk_write_ec_rfc8410_der(&c, buf, key); @@ -756,55 +710,23 @@ int mbedtls_pk_write_key_pem(const mbedtls_pk_context *key, unsigned char *buf, } const char *begin, *end; size_t olen = 0; -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) - int is_ec_opaque = 0; -#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) - int is_montgomery_opaque = 0; -#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ -#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ -#if defined(MBEDTLS_RSA_C) - int is_rsa_opaque = 0; -#endif if ((ret = mbedtls_pk_write_key_der(key, output_buf, PRV_DER_MAX_BYTES)) < 0) { goto cleanup; } -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if (mbedtls_pk_get_type(key) == MBEDTLS_PK_OPAQUE) { - psa_key_type_t opaque_key_type = pk_get_opaque_key_type(key); - #if defined(MBEDTLS_RSA_C) - is_rsa_opaque = PSA_KEY_TYPE_IS_RSA(opaque_key_type); -#endif -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) - is_ec_opaque = PSA_KEY_TYPE_IS_ECC(opaque_key_type); -#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) - if (pk_get_opaque_ec_family(key) == PSA_ECC_FAMILY_MONTGOMERY) { - is_montgomery_opaque = 1; - } -#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ -#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -#if defined(MBEDTLS_RSA_C) - if ((mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) || is_rsa_opaque) { + if (pk_get_type_ext(key) == MBEDTLS_PK_RSA) { begin = PEM_BEGIN_PRIVATE_KEY_RSA; end = PEM_END_PRIVATE_KEY_RSA; } else #endif #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) - if ((mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) || is_ec_opaque) { -#if defined(MBEDTLS_PK_HAVE_RFC8410_CURVES) - if (is_montgomery_opaque || - ((mbedtls_pk_get_type(key) == MBEDTLS_PK_ECKEY) && - (mbedtls_pk_is_rfc8410(key)))) { + if (pk_get_type_ext(key) == MBEDTLS_PK_ECKEY) { + if (mbedtls_pk_is_rfc8410(key)) { begin = PEM_BEGIN_PRIVATE_KEY_PKCS8; end = PEM_END_PRIVATE_KEY_PKCS8; - } else -#endif /* MBEDTLS_PK_HAVE_RFC8410_CURVES */ - { + } else { begin = PEM_BEGIN_PRIVATE_KEY_EC; end = PEM_END_PRIVATE_KEY_EC; } From bcc004b549ef6e89a160e5d22aa0a102d6a99264 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 29 Nov 2023 17:16:55 +0100 Subject: [PATCH 0851/1674] pkwrite: some reshaping for Montgomery keys in mbedtls_pk_write_pubkey_der() Signed-off-by: Valerio Setti --- library/pkwrite.c | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index 900a804dc..15b8a8d34 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -598,27 +598,24 @@ int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *bu pk_type = pk_get_type_ext(key); #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) - if (pk_type == MBEDTLS_PK_ECKEY) { + if (pk_get_type_ext(key) == MBEDTLS_PK_ECKEY) { mbedtls_ecp_group_id ec_grp_id = mbedtls_pk_get_ec_group_id(key); - /* Some groups have their own AlgorithmIdentifier OID, others are handled - * by mbedtls_oid_get_oid_by_pk_alg() below */ - ret = mbedtls_oid_get_oid_by_ec_grp_algid(ec_grp_id, &oid, &oid_len); - - if (ret == 0) { - /* Currently, none of the supported algorithms that have their own - * AlgorithmIdentifier OID have any parameters */ + if (MBEDTLS_PK_IS_RFC8410_GROUP_ID(ec_grp_id)) { + ret = mbedtls_oid_get_oid_by_ec_grp_algid(ec_grp_id, &oid, &oid_len); + if (ret != 0) { + return ret; + } has_par = 0; - } else if (ret == MBEDTLS_ERR_OID_NOT_FOUND) { - MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, ec_grp_id)); } else { - return ret; + MBEDTLS_ASN1_CHK_ADD(par_len, pk_write_ec_param(&c, buf, ec_grp_id)); } } #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ + /* At this point oid_len is not null only for EC Montgomery keys. */ if (oid_len == 0) { - if ((ret = mbedtls_oid_get_oid_by_pk_alg(pk_type, &oid, - &oid_len)) != 0) { + ret = mbedtls_oid_get_oid_by_pk_alg(pk_type, &oid, &oid_len); + if (ret != 0) { return ret; } } From dfe6707fc7a997b98dc10278fd9a07be210cadf4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 29 Nov 2023 21:12:39 +0100 Subject: [PATCH 0852/1674] Fix typos and make minor style improvements Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 60 +++++++++++++++++++++--------------------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index c840b0307..f3e8996a8 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -33,8 +33,8 @@ Then use the [summary of API modules](#summary-of-api-modules), the table of con * Mbed TLS APIs are traditionally very transparent: the caller can access internal fields of operations. This is less true in the 3.x major version than before, but still the case to some extent. This offers applications some flexibility, but it removes flexibility from the implementation. For example, it is hard to support hardware acceleration, because the API constrains how the data must be represented. PSA APIs were designed to be more opaque, giving more freedom to the implementation. * Mbed TLS legacy APIs require key material to be present in the application memory. The PSA Crypto API natively supports operations on keys stored in an external [location](https://arm-software.github.io/psa-api/crypto/1.1/api/keys/lifetimes.html#c.psa_key_location_t) (secure enclave, secure element, HSM, etc.). -* PSA APIs have [consistent conventions ](https://arm-software.github.io/psa-api/crypto/1.1/overview/conventions.html#parameter-conventions) which many legacy APIs in Mbed TLS do not follow. For example, many legacy cryptography functions require the caller to know how large an output buffer needs to be based on the selected algorithm, whereas in the PSA API, all buffer arguments have a well-defined size and those sizes are checked. -* Mbed TLS legacy APIs require passing around a random generator argument where needed. This has historically been problematic with functions that were created without a RNG argument but later needed one as part of a security countermeasure. The PSA crypto subsystem maintains a global random generator, resolving this problem. +* PSA APIs have [consistent conventions](https://arm-software.github.io/psa-api/crypto/1.1/overview/conventions.html#parameter-conventions) which many legacy APIs in Mbed TLS do not follow. For example, many legacy cryptography functions require the caller to know how large an output buffer needs to be based on the selected algorithm, whereas in the PSA API, all buffer arguments have a well-defined size and those sizes are checked. +* Mbed TLS legacy APIs require passing around a random generator argument where needed. This has historically been problematic with functions that were created without an RNG argument but later needed one as part of a security countermeasure. The PSA crypto subsystem maintains a global random generator, resolving this problem. ### Migration timeline @@ -48,7 +48,7 @@ Then use the [summary of API modules](#summary-of-api-modules), the table of con ### Configuration of the PSA subsystem -To make the PSA API available, make sure that the configuration option [`MBEDTLS_PSA_CRYPTO_C`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#c.MBEDTLS_PSA_CRYPTO_C) is enabled (it is enabled in the default configuration). +To make the PSA API available, make sure that the configuration option [`MBEDTLS_PSA_CRYPTO_C`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#c.MBEDTLS_PSA_CRYPTO_C) is enabled. (It is enabled in the default configuration.) You should probably enable [`MBEDTLS_USE_PSA_CRYPTO`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#mbedtls__config_8h_1a70fd7b97d5f11170546583f2095942a6) as well (it is disabled by default). This option causes the PK, X.509 and TLS modules to use PSA crypto under the hood. Some functions that facilitate the transition (for example, to convert between metadata encodings or between key representations) are only available when `MBEDTLS_USE_PSA_CRYPTO` is enabled. @@ -67,11 +67,11 @@ Before any cryptographic operation, call [`psa_crypto_init`](https://mbed-tls.re If you wish to free all resources associated with PSA cryptography, call [`mbedtls_psa_crypto_free`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__extra_8h/#_CPPv423mbedtls_psa_crypto_freev). -The PSA subsystem has an internal random generator. As a consequence, you do not need to instantiate one manually (no need to create an `mbedtls_entropy_context` and a `mbedtls_xxx_drbg_context`). +The PSA subsystem has an internal random generator. As a consequence, you do not need to instantiate one manually (no need to create an `mbedtls_entropy_context` and an `mbedtls_xxx_drbg_context`). ### Error codes -Mbed TLS functions return a status of type `int`: 0 for success (or, occasionally, a positive value which is the output length), or a negative value `MBEDTLS_ERR_xxx` indicating an error. +Mbed TLS functions return a status of type `int`: 0 for success (or occasionally a positive value which is the output length), or a negative value `MBEDTLS_ERR_xxx` indicating an error. PSA functions return a status of type [`psa_status_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__error/#group__error_1ga05676e70ba5c6a7565aff3c36677c1f9): `PSA_SUCCESS == 0` for success, or a negative value [`PSA_ERROR_xxx`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__error/) indicating an error. @@ -158,12 +158,12 @@ When the configuration option [`MBEDTLS_PSA_CRYPTO_CONFIG`](https://mbed-tls.rea The availability of cryptographic mechanisms in the PSA API is based on a systematic pattern: * To make `PSA_ALG_aaa` available, enable `PSA_WANT_ALG_aaa`. - For parametrized algorithms, there is a `PSA_WANT_` symbols both for the main macro and for each argument. For example, to make `PSA_ALG_HMAC(PSA_ALG_SHA_256)` available, enable both `PSA_WANT_ALG_HMAC` and `PSA_WANT_ALG_SHA_256`. + For parametrized algorithms, there is a `PSA_WANT_` symbol both for the main macro and for each argument. For example, to make `PSA_ALG_HMAC(PSA_ALG_SHA_256)` available, enable both `PSA_WANT_ALG_HMAC` and `PSA_WANT_ALG_SHA_256`. * To make `PSA_KEY_TYPE_ttt` available, enable `PSA_WANT_KEY_TYPE_ttt`. As an exception, starting in Mbed TLS 3.5.0, for key pair types, the feature selection is more fine-grained, with an additional suffix: - * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_BASIC` enables basic support for the key type, and in particular support for operations with a key of that type for enabled algorithms. This is automatically enabled if any of the other `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy` options is enabled. + * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_BASIC` enables basic support for the key type, and in particular support for operations with a key of that type for enabled algorithms. This is automatically enabled if any of the other `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy` options are enabled. * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_IMPORT` enables support for `psa_import_key` to import a key of that type. * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_GENERATE` enables support for `psa_generate_key` to randomly generate a key of that type. * `PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_DERIVE` enables support for `psa_key_derivation_output_key` to deterministically derive a key of that type. @@ -173,7 +173,7 @@ The availability of cryptographic mechanisms in the PSA API is based on a system * To make `PSA_ECC_FAMILY_fff` available for size sss, enable `PSA_WANT_ECC_fff_sss`. -Note that all `PSA_WANT_xxx` symbols must be set to a nonzero value. In particular, setting `PSA_WANT_xxx` to an empty value may not be handled consistently. +Note that all `PSA_WANT_xxx` symbols must be set to a non-zero value. In particular, setting `PSA_WANT_xxx` to an empty value may not be handled consistently. For example, the following configuration enables hashing with SHA-256, AEAD with AES-GCM, signature with deterministic ECDSA using SHA-256 on the curve secp256r1 using a randomly generated key as well as the corresponding verification, and ECDH key exchange on secp256r1 and Curve25519. @@ -192,7 +192,7 @@ For example, the following configuration enables hashing with SHA-256, AEAD with #define PSA_WANT_ALG_ECDH ``` -If a mechanism is not enabled by `PSA_WANT_xxx`, Mbed TLS will often not include it, to reduce the size of the compiled library. However, this is not guaranteed: a mechanism that is not explicitly requested can be enabled because it is a dependency of another configuration option, because it is used internally, or because the granularity is not fine enough to distinguish between it and another mechanism that is requested. +If a mechanism is not enabled by `PSA_WANT_xxx`, Mbed TLS will normally not include it. This allows builds that use few features to have a small code size. However, this is not guaranteed: a mechanism that is not explicitly requested can be enabled because it is a dependency of another configuration option, because it is used internally, or because the granularity is not fine enough to distinguish between it and another mechanism that is requested. Under the hood, `PSA_WANT_xxx` enables the necessary legacy modules. Note that if a mechanism has a PSA accelerator driver, the corresponding legacy module is typically not needed. Thus applications that use a cryptographic mechanism both through the legacy API and through the PSA API need to explicitly enable both the `PSA_WANT_xxx` symbols and the `MBEDTLS_xxx` symbols. @@ -229,7 +229,7 @@ The PSA API does not have an equivalent to the timing-side-channel-resistance ut Note that the PSA API does include features that reduce the need for `mbedtls_ct_memcmp`: -* To compare a MAC with a reference value, use `psa_mac_verify` rather of `psa_mac_compute` followed by `mbedtls_ct_memcmp`, or use `psa_mac_verify_setup` and `psa_mac_verify_finish` in the multi-part case. See “[MAC calculation](#mac-calculation)”. +* To compare a MAC with a reference value, use `psa_mac_verify` rather than `psa_mac_compute` followed by `mbedtls_ct_memcmp`, or use `psa_mac_verify_setup` and `psa_mac_verify_finish` in the multi-part case. See “[MAC calculation](#mac-calculation)”. * The AEAD decryption functions take care of verifying the tag. See “[Authenticated cipher operations](#authenticated-cipher-operations)”. ## Symmetric encryption @@ -267,7 +267,7 @@ For the Chacha20+Poly1305 AEAD, use [`PSA_KEY_TYPE_CHACHA20`](https://mbed-tls.r ### Cipher mechanism availability -For each key type value `PSA_KEY_TYPE_xxx`, the symbol `PSA_WANT_KEY_TYPE_xxx` is defined with a nonzero value if the library is built with support for that key type. For each algorithm value `PSA_ALG_yyy`, the symbol `PSA_WANT_ALG_yyy` is defined with a nonzero value if the library is built with support for that algorithm. Note that for a mechanism to be supported, both the key type and the algorithm must be supported. +For each key type value `PSA_KEY_TYPE_xxx`, the symbol `PSA_WANT_KEY_TYPE_xxx` is defined with a non-zero value if the library is built with support for that key type. For each algorithm value `PSA_ALG_yyy`, the symbol `PSA_WANT_ALG_yyy` is defined with a non-zero value if the library is built with support for that algorithm. Note that for a mechanism to be supported, both the key type and the algorithm must be supported. For example, to test if AES-CBC-PKCS7 is supported, in the legacy API, you could write: ``` @@ -428,7 +428,7 @@ PSA Crypto has a generic API with the same functions for all MAC mechanisms. The ### Hash and MAC mechanism availability -For each key type value `PSA_KEY_TYPE_xxx`, the symbol `PSA_WANT_KEY_TYPE_xxx` is defined with a nonzero value if the library is built with support for that key type. For each algorithm value `PSA_ALG_yyy`, the symbol `PSA_WANT_ALG_yyy` is defined with a nonzero value if the library is built with support for that algorithm. For a compound mechanism, all parts must be supported. In particular, for HMAC, all three of `PSA_WANT_KEY_TYPE_HMAC`, `PSA_WANT_ALG_HMAC` and the underlying hash must be enabled. (A configuration with only one of `PSA_WANT_KEY_TYPE_HMAC` and `PSA_WANT_ALG_HMAC` is technically possible but not useful.) +For each key type value `PSA_KEY_TYPE_xxx`, the symbol `PSA_WANT_KEY_TYPE_xxx` is defined with a non-zero value if the library is built with support for that key type. For each algorithm value `PSA_ALG_yyy`, the symbol `PSA_WANT_ALG_yyy` is defined with a non-zero value if the library is built with support for that algorithm. For a compound mechanism, all parts must be supported. In particular, for HMAC, all three of `PSA_WANT_KEY_TYPE_HMAC`, `PSA_WANT_ALG_HMAC` and the underlying hash must be enabled. (A configuration with only one of `PSA_WANT_KEY_TYPE_HMAC` and `PSA_WANT_ALG_HMAC` is technically possible but not useful.) For example, to test if HMAC-SHA-256 is supported, in the legacy API, you could write: ``` @@ -626,7 +626,7 @@ The PSA API supports RSA (see “[RSA mechanism selection](#rsa-mechanism-select In the PSA API, keys are referenced by an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t). (Some documentation references [`mbedtls_svc_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv420mbedtls_svc_key_id_t); the two types are identical except when the library is configured for use in a multi-client cryptography service.) -The PSA key identifier tends to play the same role as a `mbedtls_pk_context`, `mbedtls_rsa_context` or `mbedtls_ecp_keypair` structure in the legacy API; however there are major differences in the way the two APIs can be used to create keys or to obtain information about a key. +The PSA key identifier tends to play the same role as an `mbedtls_pk_context`, `mbedtls_rsa_context` or `mbedtls_ecp_keypair` structure in the legacy API. However, there are major differences in the way the two APIs can be used to create keys or to obtain information about a key. Here is an overview of the lifecycle of a PSA key object. @@ -646,7 +646,7 @@ Here is an overview of the lifecycle of a PSA key object. A key's policy indicates what algorithm(s) it can be used with (usage algorithm policy) and what operations are permitted (usage flags). -The following table lists the relevant usage flags for asymmetric cryptography. You can pass an bitwise-or of those flags to [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de). +The following table lists the relevant usage flags for asymmetric cryptography. You can pass those flags (combined with bitwise-or) to [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de). | Usage | Flag | | ----- | ---- | @@ -662,7 +662,7 @@ The following table lists the relevant usage flags for asymmetric cryptography. The sections “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” and “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)” cover the available algorithm values for each key type. Normally, a key can only be used with a single algorithm, following standard good practice. However, there are two ways to relax this requirement. -* Many signature algorithms encode a hash algorithm. Sometimes the same key may need to be used to sign messages with multiple different hashes. In an algorithm policy, you can use [`PSA_ALG_ANY_HASH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_ANY_HASH) instead of a hash algorithm value to allow the key to be used with any hash. For example, `psa_set_key_algorithm(&attributes, PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH))` allows the key to be used with RSASSA-PSS, with different hash algorithhms in each operation. +* Many signature algorithms encode a hash algorithm. Sometimes the same key may need to be used to sign messages with multiple different hashes. In an algorithm policy, you can use [`PSA_ALG_ANY_HASH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__values_8h/#c.PSA_ALG_ANY_HASH) instead of a hash algorithm value to allow the key to be used with any hash. For example, `psa_set_key_algorithm(&attributes, PSA_ALG_RSA_PSS(PSA_ALG_ANY_HASH))` allows the key to be used with RSASSA-PSS, with different hash algorithms in each operation. * In addition to the algorithm (or wildcard) selected with [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98), you can use [`psa_set_key_enrollment_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaffa134b74aa52aa3ed9397fcab4005aa) to permit a second algorithm (or wildcard). This is intended for scenarios where a key is normally used with a single algorithm, but needs to be used with a different algorithm for enrollment (such as an ECDH key for which an ECDSA proof-of-possession is also required). ### Asymmetric cryptographic mechanisms @@ -764,17 +764,17 @@ You can use glue functions in the PK module to create a key object using the leg * Parsing a key in a format with metadata without knowing its type ahead of time. * Importing a key which you have in the form of a list of numbers, rather than the binary encoding required by `psa_import_key`. -* Importing a key with less information than what the PSA API needs, for example an ECC public key in compressed format, an RSA private key without the private exponent, or an RSA private key without the CRT parameters. +* Importing a key with less information than what the PSA API needs, for example an ECC public key in a compressed format, an RSA private key without the private exponent, or an RSA private key without the CRT parameters. * Generating an RSA key with $e \ne 65537$. #### Importing a PK key by wrapping -If you have a PK object, you can call `mbedtls_pk_wrap_as_opaque` to create a PSA key object with the same key material. (This function is only present in builds with `MBEDTLS_USE_PSA_CRYPTO` enabled. It is experimental and [will likely be replaced by a slightly different interface in a future version of Mbed TLS](https://github.com/Mbed-TLS/mbedtls/issues/7760)) This function automatically determines the PSA key type, and lets you specify the usage policy (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). Once you've called this function, you can destroy the PK object. This function calls `psa_import_key` internally; call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) to destroy the PSA key object once your application no longer needs it. Common scenarios where this flow is useful are: +If you have a PK object, you can call `mbedtls_pk_wrap_as_opaque` to create a PSA key object with the same key material. (This function is only present in builds with `MBEDTLS_USE_PSA_CRYPTO` enabled. It is experimental and [will likely be replaced by a slightly different interface in a future version of Mbed TLS](https://github.com/Mbed-TLS/mbedtls/issues/7760)). This function automatically determines the PSA key type and lets you specify the usage policy (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). Once you've called this function, you can destroy the PK object. This function calls `psa_import_key` internally; call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) to destroy the PSA key object once your application no longer needs it. Common scenarios where this flow is useful are: * You have working code that's calling `mbedtls_pk_parse_key`, `mbedtls_pk_parse_public_key`, `mbedtls_pk_parse_subpubkey`, `mbedtls_pk_parse_keyfile` or `mbedtls_pk_parse_public_keyfile` to create a PK object. * You have working code that's using the `rsa.h` or `ecp.h` API to create a key object, and there is no PSA equivalent. -You can use this flow to import an RSA key via a `mbedtls_rsa_context` object or an ECC key via a `mbedtls_ecp_keypair` object: +You can use this flow to import an RSA key via an `mbedtls_rsa_context` object or an ECC key via an `mbedtls_ecp_keypair` object: 1. Call `mbedtls_pk_init` then `mbedtls_pk_setup` to set up a PK context for the desired key type (`MBEDTLS_PK_RSA` or `MBEDTLS_PK_ECKEY`). 2. Call `mbedtls_pk_rsa` or `mbedtls_pk_ec` to obtain the underlying low-level context. @@ -901,9 +901,9 @@ There is no equivalent to the type `mbedtls_pk_info_t` and the functions `mbedtl You can call [`psa_get_key_attributes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gacbbf5c11eac6cd70c87ffb936e1b9be2) to populate a structure with the attributes of a key, then functions such as [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918) and [`psa_get_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga5bee85c2164ad3d4c0d42501241eeb06) to obtain a key's type (`PSA_KEY_TYPE_xxx` value) and size (nominal size in bits). -The bit-size from `psa_get_key_bits` is the same as the one from `mbedtls_pk_get_bitlen`. To convert to bytes as with `mbedtls_pk_get_len` or `mbedtls_rsa_get_len`, you can use the macro `PSA_BITS_TO_BYTES`; however note that the PSA API has generic macros for each related buffer size (export, signature size, etc.), so you should generally use those instead. The present document lists those macros where it explains the usage of the corresponding function. +The bit-size from `psa_get_key_bits` is the same as the one from `mbedtls_pk_get_bitlen`. To convert to bytes as `mbedtls_pk_get_len` or `mbedtls_rsa_get_len` do, you can use the macro `PSA_BITS_TO_BYTES`. However, note that the PSA API has generic macros for each related buffer size (export, signature size, etc.), so you should generally use those instead. The present document lists those macros where it explains the usage of the corresponding function. -Most uses of `mbedtls_pk_get_type` and `mbedtls_pk_can_do` only require knowing a key's type as reported by [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918). If needed, you can also access a key's policy from its attributes, with [`psa_get_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaa1af20f142ca722222c6d98678a0c448), [`psa_get_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gac255da850a00bbed925390044f016b34) and [`psa_get_key_enrollment_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga39803b62a97198cf630854db9b53c588). The algorithm policy also conveys the padding and hash information provided by `mbedtls_rsa_get_padding_mode` and `mbedtls_rsa_get_md_alg`. +Most uses of `mbedtls_pk_get_type` and `mbedtls_pk_can_do` only require knowing a key's type as reported by [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918). If needed, you can also access a key's policy from its attributes with [`psa_get_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaa1af20f142ca722222c6d98678a0c448), [`psa_get_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gac255da850a00bbed925390044f016b34) and [`psa_get_key_enrollment_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga39803b62a97198cf630854db9b53c588). The algorithm policy also conveys the padding and hash information provided by `mbedtls_rsa_get_padding_mode` and `mbedtls_rsa_get_md_alg`. ### Exporting a public key or a key pair @@ -943,9 +943,9 @@ The following subsections describe the PSA signature mechanisms that correspond #### ECDSA signature In the PSA API, **the format of an ECDSA signature is the raw fixed-size format. This is different from the legacy API** which uses the ASN.1 DER format for ECDSA signatures. A future version of Mbed TLS [will provide a way to convert between the two formats](https://github.com/Mbed-TLS/mbedtls/issues/7765). - + -This is the mechanism provided by `mbedtls_pk_sign` and `mbedtls_pk_verify` for ECDSA keys, and by `mbedtls_ecdsa_sign`, `mbedtls_ecdsa_sign_det_ext`, `mbedtls_ecdsa_write_signature`, `mbedtls_ecdsa_write_signature` and `mbedtls_ecdsa_verify`, . +This is the mechanism provided by `mbedtls_pk_sign` and `mbedtls_pk_verify` for ECDSA keys, as well as by `mbedtls_ecdsa_sign`, `mbedtls_ecdsa_sign_det_ext`, `mbedtls_ecdsa_write_signature`, `mbedtls_ecdsa_write_signature` and `mbedtls_ecdsa_verify`. The PSA API offers three algorithm constructors for ECDSA. They differ only for signature, and have exactly the same behavior for verification. @@ -1033,7 +1033,7 @@ As with the PK API, the mask generation is MGF1, the label is empty, and the sam There is no direct equivalent of the functions `mbedtls_rsa_check_privkey`, `mbedtls_rsa_check_pubkey`,`mbedtls_ecp_check_privkey`, `mbedtls_ecp_check_pubkey`. The PSA API performs some basic checks when it imports a key, and may perform additional checks before performing an operation if needed, so it will never perform an operation on a key that does not satisfy these checks, but the details of when the check is performed may change between versions of the library. -The legacy API provide functions `mbedtls_pk_check_pair`, `mbedtls_rsa_check_pub_priv` and `mbedtls_ecp_check_pub_priv`, which can be used to check the consistency between a private key and a public key. To perform such a check with the PSA API, you can export the public keys; this works because the PSA representation of public keys is canonical. +The legacy API provides functions `mbedtls_pk_check_pair`, `mbedtls_rsa_check_pub_priv` and `mbedtls_ecp_check_pub_priv`, which can be used to check the consistency between a private key and a public key. To perform such a check with the PSA API, you can export the public keys; this works because the PSA representation of public keys is canonical. * Prepare a key object containing the private key, for example with [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b). * Prepare a key object containing the public key, for example with [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b). @@ -1107,7 +1107,7 @@ A typical flow for ECDH using the legacy API without a context object is: * `mbedtls_mpi z` for the shared secret (this may be the same variable as `our_priv` when doing ephemeral ECDH). 2. Call `mbedtls_ecp_group_load` on `grp` to select the curve. 3. Call `mbedtls_ecdh_gen_public` on `grp`, `our_priv` (output) and `our_pub` (output) to generate a key pair and retrieve the corresponding public key. -4. Send `our_pub` to the peer. Retriev the peer's public key and import it into `their_pub`. These two actions may be performed in either order. +4. Send `our_pub` to the peer. Retrieve the peer's public key and import it into `their_pub`. These two actions may be performed in either order. 5. Call `mbedtls_ecdh_compute_shared` on `grp`, `z` (output), `their_pub` and `our_priv`. 6. Use the raw shared secret `z`, typically, to construct a shared key. 7. Free `grp`, `our_priv`, `our_pub`, `their_pub` and `z`. @@ -1122,7 +1122,7 @@ The corresponding flow with the PSA API is as follows: * `shared_secret`: a buffer of size [`PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(key_type, bits)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE) or [`PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) (if not using a key derivation operation). 2. Prepare an attribute structure as desccribed in “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)”, in particular selecting the curve with `psa_set_key_type`. 3. Call [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5) on `attributes` and `our_key` (output) to generate a key pair, then [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on `our_key` and `our_pub` (output) to obtain our public key. -4. Send `our_pub` to the peer. Retriev the peer's public key and import it into `their_pub`. These two actions may be performed in either order. +4. Send `our_pub` to the peer. Retrieve the peer's public key and import it into `their_pub`. These two actions may be performed in either order. 5. Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) on `our_key`, `their_pub` and `shared_secret` (output). Alternatively, call `psa_key_derivation_key_agreement` to use the shared secret directly in a key derivation operation (see “[Performing a key agreement](#performing-a-key-agreement)”). 6. Call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) on `key_id`, and free the memory buffers. @@ -1169,7 +1169,7 @@ The legacy API offers the following flow for a Diffie-Hellman key agreement in a The corresponding flow with the PSA API is as follows: 1. Upon reception of a TLS ServerKeyExchange message received from the peer, which encodes the selected curve/group and the peer's public key: - 1. Decode the select curve/group and use this to determine a PSA key type (`PSA_KEY_TYPE_ECC_KEY_PAIR(curve)` or `PSA_KEY_TYPE_DH_KEY_PAIR(group)`), a key size and an algorithm. + 1. Decode the selected curve/group and use this to determine a PSA key type (`PSA_KEY_TYPE_ECC_KEY_PAIR(curve)` or `PSA_KEY_TYPE_DH_KEY_PAIR(group)`), a key size and an algorithm. 2. Generate an ECDH or DHM key pair with `psa_generate_key` as described in “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)”. Call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) to obtain our public key. 3. Send our public key to the peer. @@ -1182,7 +1182,7 @@ The corresponding flow with the PSA API is as follows: The legacy function `mbedtls_ecdh_get_params` allows the application to retrieve an `mbedtls_ecp_keypair` containing either our key pair, or the peer's public key. The PSA equivalent depends on the use case: * With either side, accessing the group: call [`psa_get_key_attributes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gacbbf5c11eac6cd70c87ffb936e1b9be2) on the key identifier, then [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918) and [`psa_get_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga5bee85c2164ad3d4c0d42501241eeb06) to obtain metadata about the key. -* With `MBEDTLS_ECDH_OURS`, accessing the public key: call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on PSA key identifier. +* With `MBEDTLS_ECDH_OURS`, accessing the public key: call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on the PSA key identifier. * With `MBEDTLS_ECDH_OURS`, accessing the private key: call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) on the key identifier. Note that the key policy must allow `PSA_KEY_USAGE_EXPORT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). * With `MBEDTLS_ECDH_THEIRS`, accessing the public key (there is no private key): there is no PSA equivalent since the PSA API only uses the peer's public key to immediately calculate the shared secret. If your application needs the peer's public key for some other purpose, store it separately. @@ -1190,7 +1190,7 @@ The functions `mbedtls_dhm_get_bitlen`, `mbedtls_dhm_get_len` and `mbedtls_dhm_g * `mbedtls_dhm_get_bitlen`, `mbedtls_dhm_get_len`: call [`psa_get_key_attributes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gacbbf5c11eac6cd70c87ffb936e1b9be2) on the PSA key identifier, then [`psa_get_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga5bee85c2164ad3d4c0d42501241eeb06). * `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_X` (our private key): call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) on the key identifier. Note that the key policy must allow `PSA_KEY_USAGE_EXPORT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). -* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_GX` (our public key): call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on PSA key identifier. +* `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_GX` (our public key): call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on the PSA key identifier. * `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_GY` (peer's public key): the there is no PSA equivalent since the PSA API only uses the peer's public key to immediately calculate the shared secret. If your application needs the peer's public key for some other purpose, store it separately. * `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_K` (shared secret): this is the value calculated by `psa_raw_key_agreement` or `psa_key_derivation_key_agreement`. If you need to use it multiple times (for example to derive multiple values independently), call `psa_raw_key_agreement` and make a copy. * `mbedtls_dhm_get_value` for `MBEDTLS_DHM_PARAM_P` or `MBEDTLS_DHM_PARAM_G` (group parameters): [there is no PSA API to retrieve these values](https://github.com/Mbed-TLS/mbedtls/issues/7780). @@ -1229,7 +1229,7 @@ There is no PSA equivalent for the following functionality: The PSA API does not currently have a discovery mechanism for cryptographic mechanisms (although one may be added in the future). Thus there is no equivalent for `MBEDTLS_ECP_DP_MAX` and the functions `mbedtls_ecp_curve_list` and `mbedtls_ecp_grp_id_list`. -The API provies macros that give the maximum supported sizes for various kinds of objects. The following table lists equivalents for `MBEDTLS_ECP_MAX_xxx` macros. +The API provides macros that give the maximum supported sizes for various kinds of objects. The following table lists equivalents for `MBEDTLS_ECP_MAX_xxx` macros. | Legacy macro | PSA equivalent | | ------------ | -------------- | @@ -1272,7 +1272,7 @@ Implementers of the RSA-ALT interface (`MBEDTLS_PK_RSA_ALT` pk type, `mbedtls_pk PSA_KEY_PERSISTENCE_VOLATILE, MY_RSA_DRIVER_LOCATION)); ``` -The PSA subsystem uses its internal random generator both for randomized algorithms and to generate blinding value. As a consequence, none of the API functions take an RNG parameter. +The PSA subsystem uses its internal random generator both for randomized algorithms and to generate blinding values. As a consequence, none of the API functions take an RNG parameter. #### RSA functionality with no PSA equivalent From d96aa1b5cddfd0666a3322058cdcd01d8b01ceb9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 29 Nov 2023 21:13:02 +0100 Subject: [PATCH 0853/1674] Say who to contact Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index f3e8996a8..278354123 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -1276,7 +1276,7 @@ The PSA subsystem uses its internal random generator both for randomized algorit #### RSA functionality with no PSA equivalent -The PSA API does not provide direct access to the exponentiation primitive as with `mbedtls_rsa_public` and `mbedtls_rsa_private`. If you need an RSA-based mechanism that is not supported by the PSA API, please contact us so that we can extend the API to support it. +The PSA API does not provide direct access to the exponentiation primitive as with `mbedtls_rsa_public` and `mbedtls_rsa_private`. If you need an RSA-based mechanism that is not supported by the PSA API, please [submit an issue on GitHub](https://github.com/ARM-software/psa-api/issues) so that we can extend the API to support it. The PSA API does not support constructing RSA keys progressively from numbers with `mbedtls_rsa_import` or `mbedtls_rsa_import_raw` followed by `mbedtls_rsa_complete`. See “[Importing a PK key by wrapping](#importing-a-pk-key-by-wrapping)”. From a29db7da2ee19ba2b8d43c114fdb69af3780d730 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 30 Nov 2023 14:06:14 +0800 Subject: [PATCH 0854/1674] tls13: early_data: cli: assign ciphersuite properly When early_data extension is enabled and sent in ClientHello, the client does not know if the server will accept early data and select the first proposed pre-shared key with a ciphersuite that is different from the ciphersuite associated to the selected pre-shared key. To address aforementioned case, we do associated verification when parsing early_data ext in EncryptedExtensions. Therefore we have to assign the ciphersuite in current handshake to session_negotiate later than the associated verification. This won't impact decryption of EncryptedExtensions since we compute handshake keys by the ciphersuite in handshake not via the one in session_negotiate. Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 44814b99f..d9a4b3e09 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1925,7 +1925,6 @@ static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl) mbedtls_ssl_set_inbound_transform(ssl, handshake->transform_handshake); MBEDTLS_SSL_DEBUG_MSG(1, ("Switch to handshake keys for inbound traffic")); - ssl->session_negotiate->ciphersuite = handshake->ciphersuite_info->id; ssl->session_in = ssl->session_negotiate; cleanup: @@ -2203,6 +2202,20 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) } #endif + /* + * When early_data extension is enabled and sent in ClientHello, the client + * does not know if the server will accept early data and select the first + * proposed pre-shared key with a ciphersuite that is different from the + * ciphersuite associated to the selected pre-shared key. To address + * aforementioned case, we do associated verification when parsing + * early_data ext in EncryptedExtensions. Therefore we have to assign + * the ciphersuite in current handshake to session_negotiate later than + * the associated verification. This won't impact decryption of + * EncryptedExtensions since we compute handshake keys by the ciphersuite + * in handshake not via the one in session_negotiate. + */ + ssl->session_negotiate->ciphersuite = handshake->ciphersuite_info->id; + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, buf, buf_len)); From 3cc486aa11c96ea378431d7e62455bcfe04fb944 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 30 Nov 2023 08:09:47 +0100 Subject: [PATCH 0855/1674] pkparse: make pk_internal.h always available This is needed because now "pk_internal.h" contains defines for PEM strings Signed-off-by: Valerio Setti --- library/pkparse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pkparse.c b/library/pkparse.c index 0b5de8db3..1f6133e01 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -15,6 +15,7 @@ #include "mbedtls/platform_util.h" #include "mbedtls/platform.h" #include "mbedtls/error.h" +#include "pk_internal.h" #include @@ -29,7 +30,6 @@ #endif #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) #include "mbedtls/ecp.h" -#include "pk_internal.h" #endif /* Extended formats */ From ad6d016b8f716539b0eae253ce81e2e05960f08b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 30 Nov 2023 08:10:36 +0100 Subject: [PATCH 0856/1674] pkwrite: fix return value in pk_get_type_ext() Signed-off-by: Valerio Setti --- library/pkwrite.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index 15b8a8d34..c7eb1148b 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -527,7 +527,7 @@ static mbedtls_pk_type_t pk_get_type_ext(const mbedtls_pk_context *pk) } else if (PSA_KEY_TYPE_IS_RSA(opaque_key_type)) { return MBEDTLS_PK_RSA; } else { - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; + return MBEDTLS_PK_NONE; } } else #endif From f4bad42670c60dbbd7c16ce16e91c0e377536941 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 30 Nov 2023 15:36:43 +0800 Subject: [PATCH 0857/1674] itls13: early_data: cli: improve comment Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index d9a4b3e09..bdb34247d 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2184,9 +2184,14 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) * - The selected cipher suite * - The selected ALPN [RFC7301] protocol, if any * - * We check here that when early data is involved the server - * selected the cipher suite associated to the pre-shared key - * as it must have. + * When parsing EncryptedExtensions, the client does not know if + * the server will accept early data and select the first proposed + * pre-shared key with a cipher suite that is different from the + * cipher suite associated to the selected pre-shared key. To address + * aforementioned case, when early data is involved, we check: + * - the selected pre-shared key is the first proposed one + * - the selected cipher suite same as the one associated with the + * pre-shared key. */ if (handshake->selected_identity != 0 || handshake->ciphersuite_info->id != @@ -2203,16 +2208,14 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) #endif /* - * When early_data extension is enabled and sent in ClientHello, the client - * does not know if the server will accept early data and select the first - * proposed pre-shared key with a ciphersuite that is different from the - * ciphersuite associated to the selected pre-shared key. To address - * aforementioned case, we do associated verification when parsing - * early_data ext in EncryptedExtensions. Therefore we have to assign - * the ciphersuite in current handshake to session_negotiate later than - * the associated verification. This won't impact decryption of - * EncryptedExtensions since we compute handshake keys by the ciphersuite - * in handshake not via the one in session_negotiate. + * Move `session_negotiate->ciphersuite` assignment here which after + * early data cipher suite check when receiving "early_data" extension + * in EncryptedExtensions. + * + * We compute transform_handshake by the cipher suite chosen from + * the server in `handshake`. `session_negotiate->ciphersuite` is the + * cipher suite negotiated in previous connection and it is not used for + * computing transform_handshake. */ ssl->session_negotiate->ciphersuite = handshake->ciphersuite_info->id; From 0790041dc6d8f629d2b858fbe1f8bd04ee98de78 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 30 Nov 2023 16:44:44 +0800 Subject: [PATCH 0858/1674] Revert "tls13: early_data: cli: remove nst_ prefix" This reverts commit 3781ab40fb24c06ca7401bcecc3e1aa31d669a55. Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index fec4a7d58..a62d2bcd3 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2658,16 +2658,10 @@ static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) * } EarlyDataIndication; */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_parse_early_data_ext(mbedtls_ssl_context *ssl, - const unsigned char *buf, - const unsigned char *end) +static int ssl_tls13_parse_nst_early_data_ext(mbedtls_ssl_context *ssl, + const unsigned char *buf, + const unsigned char *end) { - /* Make sure early data indication extension is received from - * NewSessionTicket. */ - if (!mbedtls_ssl_is_handshake_over(ssl)) { - return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; - } - mbedtls_ssl_session *session = ssl->session; MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4); @@ -2716,11 +2710,11 @@ static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, switch (extension_type) { #if defined(MBEDTLS_SSL_EARLY_DATA) case MBEDTLS_TLS_EXT_EARLY_DATA: - ret = ssl_tls13_parse_early_data_ext( + ret = ssl_tls13_parse_nst_early_data_ext( ssl, p, p + extension_data_len); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET( - 1, "ssl_tls13_parse_early_data_ext", ret); + 1, "ssl_tls13_parse_nst_early_data_ext", ret); } break; #endif /* MBEDTLS_SSL_EARLY_DATA */ From b3e207d762567fee6a8cc835b717f6ab92a37b07 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 30 Nov 2023 16:49:49 +0800 Subject: [PATCH 0859/1674] tls13: early_data: cli: rename early_data parser in nst Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index a62d2bcd3..08cfe221b 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2658,9 +2658,10 @@ static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) * } EarlyDataIndication; */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_parse_nst_early_data_ext(mbedtls_ssl_context *ssl, - const unsigned char *buf, - const unsigned char *end) +static int ssl_tls13_parse_new_session_ticket_early_data_ext( + mbedtls_ssl_context *ssl, + const unsigned char *buf, + const unsigned char *end) { mbedtls_ssl_session *session = ssl->session; @@ -2710,11 +2711,12 @@ static int ssl_tls13_parse_new_session_ticket_exts(mbedtls_ssl_context *ssl, switch (extension_type) { #if defined(MBEDTLS_SSL_EARLY_DATA) case MBEDTLS_TLS_EXT_EARLY_DATA: - ret = ssl_tls13_parse_nst_early_data_ext( + ret = ssl_tls13_parse_new_session_ticket_early_data_ext( ssl, p, p + extension_data_len); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET( - 1, "ssl_tls13_parse_nst_early_data_ext", ret); + 1, "ssl_tls13_parse_new_session_ticket_early_data_ext", + ret); } break; #endif /* MBEDTLS_SSL_EARLY_DATA */ From d879b47b527e11569678c0895f9bdab66eae5e20 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 30 Nov 2023 09:35:14 +0000 Subject: [PATCH 0860/1674] tidy up macros in mbedtls_xor Signed-off-by: Dave Rodgman --- library/common.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/common.h b/library/common.h index 55bea8cee..e532777e7 100644 --- a/library/common.h +++ b/library/common.h @@ -183,8 +183,8 @@ inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned size_t i = 0; #if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) #if defined(MBEDTLS_HAVE_NEON_INTRINSICS) && \ - (!defined(MBEDTLS_COMPILER_IS_GCC) || \ - (defined(MBEDTLS_COMPILER_IS_GCC) && MBEDTLS_GCC_VERSION >= 70300)) + (!(defined(MBEDTLS_COMPILER_IS_GCC) && MBEDTLS_GCC_VERSION < 70300)) + /* Old GCC versions generate a warning here, so disable the NEON path for these compilers */ for (; (i + 16) <= n; i += 16) { uint8x16_t v1 = vld1q_u8(a + i); uint8x16_t v2 = vld1q_u8(b + i); From 12d1c3ad4fe58f056af1d332e4f0cc9cc672eca0 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 30 Nov 2023 09:38:38 +0000 Subject: [PATCH 0861/1674] Use MBEDTLS_HAVE_NEON_INTRINSICS in aesce Signed-off-by: Dave Rodgman --- library/aesce.c | 2 +- library/aesce.h | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 2879be5a1..afbb369eb 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -45,7 +45,7 @@ #include "aesce.h" -#if defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(__ARM_NEON) +#if defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(MBEDTLS_HAVE_NEON_INTRINSICS) /* Compiler version checks. */ #if defined(__clang__) diff --git a/library/aesce.h b/library/aesce.h index cf12d7f8d..6b64f45d0 100644 --- a/library/aesce.h +++ b/library/aesce.h @@ -15,11 +15,13 @@ #define MBEDTLS_AESCE_H #include "mbedtls/build_info.h" +#include "common.h" #include "mbedtls/aes.h" -#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARMV8_A) && defined(__ARM_NEON) +#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_ARCH_IS_ARMV8_A) && \ + defined(MBEDTLS_HAVE_NEON_INTRINSICS) #define MBEDTLS_AESCE_HAVE_CODE @@ -124,6 +126,6 @@ int mbedtls_aesce_setkey_enc(unsigned char *rk, #error "AES hardware acceleration not supported on this platform" #endif -#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARMV8_A && __ARM_NEON */ +#endif /* MBEDTLS_AESCE_C && MBEDTLS_ARCH_IS_ARMV8_A && MBEDTLS_HAVE_NEON_INTRINSICS */ #endif /* MBEDTLS_AESCE_H */ From 396a2a3dcbc41b1184fce39a497cda5c0eb186b1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Nov 2023 11:02:06 +0100 Subject: [PATCH 0862/1674] Explain interruptible operations Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 278354123..5bab124e2 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -958,9 +958,9 @@ Unlike the legacy API, where `mbedtls_pk_sign` and `mbedtls_ecdsa_write_signatur #### Restartable ECDSA signature -There is a PSA API for interruptible public-key operations, offering similar functionality to the legacy restartable API (`mbedtls_pk_sign_restartable`, `mbedtls_pk_verify_restartable`, `mbedtls_ecdsa_sign_restartable`, `mbedtls_ecdsa_verify_restartable`, `mbedtls_ecdsa_write_signature_restartable`, `mbedtls_ecdsa_read_signature_restartable`). +The legacy API includes an API for “restartable” ECC operations: the operation returns after doing partial computation, and can be resumed. This is intended for highly constrained devices where long cryptographic calculations need to be broken up to poll some inputs, where interrupt-based scheduling is not desired. The legacy API consists of the functions `mbedtls_pk_sign_restartable`, `mbedtls_pk_verify_restartable`, `mbedtls_ecdsa_sign_restartable`, `mbedtls_ecdsa_verify_restartable`, `mbedtls_ecdsa_write_signature_restartable`, `mbedtls_ecdsa_read_signature_restartable`, as well as several configuration and data manipulation functions. -As of Mbed TLS 3.5, it is only implemented for ECDSA, for the same curves as the legacy API; this will likely be extended to ECDH in the short term. At the time of writing, no extension is planned to other curves or other algorithms. +The PSA API offers similar functionality via “interruptible” public-key operations. As of Mbed TLS 3.5, it is only implemented for ECDSA, for the same curves as the legacy API. This will likely be extended to ECDH in the short term. At the time of writing, no extension is planned to other curves or other algorithms. The flow of operations for an interruptible signature operation is as follows: From 059f66ce7c8a40589718ad98502e6fb542a2a7bf Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 30 Nov 2023 11:02:03 +0000 Subject: [PATCH 0863/1674] Remove redundant check Signed-off-by: Dave Rodgman --- library/aesce.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/library/aesce.c b/library/aesce.c index 17f09aa55..eaaa5b5c3 100644 --- a/library/aesce.c +++ b/library/aesce.c @@ -76,10 +76,6 @@ # endif #endif -#if !defined(MBEDTLS_HAVE_NEON_INTRINSICS) -#error "Target does not support NEON instructions" -#endif - #if !(defined(__ARM_FEATURE_CRYPTO) || defined(__ARM_FEATURE_AES)) || \ defined(MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG) # if defined(__ARMCOMPILER_VERSION) From 4d234f1edec0f583b512a6efa5d50448055a6783 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Nov 2023 13:59:49 +0100 Subject: [PATCH 0864/1674] Editorial corrections Fix typos, copypasta, and other minor clarifications. Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 5bab124e2..54a1dd642 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -338,7 +338,7 @@ Recall the flow of an unauthenticated cipher operation in the legacy Mbed TLS ci For a one-shot operation (where the whole plaintext or ciphertext is passed as a single input), the equivalent flow with the PSA API is to call a single function: -* [`psa_cipher_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga61f02fbfa681c2659546eca52277dbf1) to perform encryption with a random IV of the default size (indicated by [`PSA_CIPHER_IV_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_IV_LENGTH)). (To encrypt with a specified IV, use the multi-part API described below.) You can use the macro [`PSA_CIPHER_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. +* [`psa_cipher_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga61f02fbfa681c2659546eca52277dbf1) to perform encryption with a random IV of the default size (indicated by [`PSA_CIPHER_IV_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_IV_LENGTH)). (To encrypt with a specified IV, use the multi-part API described below.) You can use the macro [`PSA_CIPHER_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. * [`psa_cipher_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gab3593f5f14d8c0431dd306d80929215e) to perform decryption with a specified IV. You can use the macro [`PSA_CIPHER_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. For a multi-part operation, the equivalent flow with the PSA API is as follows: @@ -633,7 +633,7 @@ Here is an overview of the lifecycle of a PSA key object. 1. First define the attributes of the key by filling a [`psa_key_attributes_t` structure](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga0ec645e1fdafe59d591104451ebf5680). You need to set the following parameters: * Call [`psa_set_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga6857ef0ecb3fa844d4536939d9c64025) to set the key type to the desired `PSA_KEY_TYPE_xxx` value (see “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” and “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)”). * Call [`psa_set_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaf61683ac87f87687a40262b5afbfa018) to set the key's conceptual size in bits. This is optional with `psa_import_key`, which determines the key size from the length of the key material. - * Call [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to set the algorithm to the desired `PSA_ALG_xxx` value (see “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” and “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)” as well as “[Public-key cryptography policies](#public-key-cryptography-policies)”). + * Call [`psa_set_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaeb8341ca52baa0279475ea3fd3bcdc98) to set the permitted algorithm to the desired `PSA_ALG_xxx` value (see “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” and “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)” as well as “[Public-key cryptography policies](#public-key-cryptography-policies)”). * Call [`psa_set_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga42a65b3c4522ce9b67ea5ea7720e17de) to enable the desired usage types (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). 2. Call one of the key creation functions, passing the attributes defined in the previous step, to get an identifier of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t) to the key object. * Use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) to directly import key material. @@ -656,8 +656,8 @@ The following table lists the relevant usage flags for asymmetric cryptography. | Sign an already-calculated hash | at least one of [`PSA_KEY_USAGE_SIGN_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga552117ac92b79500cae87d4e65a85c54) or [`PSA_KEY_USAGE_SIGN_HASH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga552117ac92b79500cae87d4e65a85c54) | | Verify a message directly | [`PSA_KEY_USAGE_VERIFY_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gabea7ec4173f4f943110329ac2953b2b1) | | Verify an already-calculated hash | at least one of [`PSA_KEY_USAGE_VERIFY_MESSAGE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gabea7ec4173f4f943110329ac2953b2b1) or [`PSA_KEY_USAGE_VERIFY_HASH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gafadf131ef2182045e3483d03aadaa1bd) | -| Encryption | [`PSA_KEY_USAGE_`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga75153b296d045d529d97203a6a995dad) | -| Decryption | [`PSA_KEY_USAGE_`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gac3f2d2e5983db1edde9f142ca9bf8e6a) | +| Encryption | [`PSA_KEY_USAGE_ENCRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1ga75153b296d045d529d97203a6a995dad) | +| Decryption | [`PSA_KEY_USAGE_DECRYPT`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gac3f2d2e5983db1edde9f142ca9bf8e6a) | | Key agreement | [`PSA_KEY_USAGE_DERIVE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__policy/#group__policy_1gaf19022acc5ef23cf12477f632b48a0b2) | The sections “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elliptic curve mechanism selection](#elliptic-curve-mechanism-selection)” and “[Diffie-Hellman mechanism selection](#diffie-hellman-mechanism-selection)” cover the available algorithm values for each key type. Normally, a key can only be used with a single algorithm, following standard good practice. However, there are two ways to relax this requirement. @@ -688,7 +688,7 @@ The following cryptographic algorithms work with RSA keys: #### Elliptic curve mechanism selection -The PK types `MBEDTLS_PK_ECKEY`, `MBEDTLS_PK_ECKEY_DH` and `MBEDTLS_PK_ECDSA` correspond to RSA key types in the PSA API. In the PSA API, key pairs and public keys are separate object types. The PSA API uses policies and algorithm parameters rather than key types to distinguish between the PK EC types. +The PK types `MBEDTLS_PK_ECKEY`, `MBEDTLS_PK_ECKEY_DH` and `MBEDTLS_PK_ECDSA` correspond to elliptic-curve key types in the PSA API. In the PSA API, key pairs and public keys are separate object types. The PSA API uses policies and algorithm parameters rather than key types to distinguish between the PK EC types. An ECC public key has the type [`PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gad54c03d3b47020e571a72cd01d978cf2) where `curve` is a curve family identifier. @@ -717,6 +717,7 @@ The following cryptographic algorithms work with ECC keys: * ECDH key agreement (including X25519 and X448): [`PSA_ALG_ECDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab2dbcf71b63785e7dd7b54a100edee43). * ECDSA: [`PSA_ALG_ECDSA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga7e3ce9f514a227d5ba5d8318870452e3), [`PSA_ALG_ECDSA_ANY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga51d6b6044a62e33cae0cf64bfc3b22a4), [`PSA_ALG_DETERMINISTIC_ECDSA`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga11da566bcd341661c8de921e2ca5ed03). +* EC-JPAKE (see “[EC-JPAKE](#ec-jpake)”. #### Diffie-Hellman mechanism selection @@ -913,7 +914,7 @@ To export a PSA public key or to export the public key of a PSA key pair object, The export format is the same format used for `psa_import_key`, described in “[Creating keys for asymmetric cryptography](#creating-keys-for-asymmetric-cryptography)” above. -A future extension of the PSA API will support other export formats. Until those are implemented, see the following subsections for ways to use the PK module to format a PSA key. +A future extension of the PSA API will support other export formats. Until those are implemented, see “[Exporting a PK key by wrapping](#exporting-a-pk-key-by-wrapping)” for ways to use the PK module to format a PSA key. #### Exporting a PK key by wrapping @@ -974,7 +975,7 @@ The flow of operations for an interruptible signature verification operation is 2. Call [`psa_verify_hash_start`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga912eb51fb94056858f451f276ee289cb) with the private key object and the hash and signature to verify. 3. Call [`psa_verify_hash_complete`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga67fe82352bc2f8c0343e231a70a5bc7d) repeatedly until it returns a status other than `PSA_OPERATION_INCOMPLETE`. -If you need to interrupt the operation after calling the start function without waiting for the complete function to return a success or failure status, call [`psa_sign_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1gae893a4813aa8e03bd201fe4f1bbbb403) or [`psa_verify_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga18dc9c0cc27d590c5e3b186094d90f88). +If you need to cancel the operation after calling the start function without waiting for the loop calling the complete function to finish, call [`psa_sign_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1gae893a4813aa8e03bd201fe4f1bbbb403) or [`psa_verify_hash_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga18dc9c0cc27d590c5e3b186094d90f88). Call [`psa_interruptible_set_max_ops`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga6d86790b31657c13705214f373af869e) to set the number of basic operations per call. This is the same unit as `mbedtls_ecp_set_max_ops`. You can retrieve the current value with [`psa_interruptible_get_max_ops`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible__hash/#group__interruptible__hash_1ga73e66a6d93f2690b626fcea20ada62b2). The value is [`PSA_INTERRUPTIBLE_MAX_OPS_UNLIMITED`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__interruptible/#group__interruptible_1gad19c1da7f6b7d59d5873d5b68eb943d4) if operations are not restartable, which corresponds to `mbedtls_ecp_restart_is_enabled()` being false. @@ -1003,7 +1004,7 @@ With respect to the salt length: ### Asymmetric encryption and decryption The equivalent of `mbedtls_pk_encrypt`, `mbedtls_rsa_pkcs1_encrypt`, `mbedtls_rsa_rsaes_pkcs1_v15_encrypt` or `mbedtls_rsa_rsaes_oaep_encrypt` to encrypt a short message (typically a symmetric key) is [`psa_asymmetric_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1gaa17f61e4ddafd1823d2c834b3706c290). -The key must be a public key allowing the usage `PSA_KEY_USAGE_ENCRYPT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). +The key must be a public key or a key pair allowing the usage `PSA_KEY_USAGE_ENCRYPT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). Use the macro [`PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1a66ba3bd93e5ec52870ccc3848778bad8) or [`PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE) to determine the output buffer size. The equivalent of `mbedtls_pk_decrypt`, `mbedtls_rsa_pkcs1_decrypt`, `mbedtls_rsa_rsaes_pkcs1_v15_decrypt` or `mbedtls_rsa_rsaes_oaep_decrypt` to decrypt a short message (typically a symmetric key) is [`psa_asymmetric_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga4f968756f6b22aab362b598b202d83d7). From 951cf39b3f445cc099f2369319f599e16ef5cf8c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Nov 2023 14:01:20 +0100 Subject: [PATCH 0865/1674] Corrections and clarifications around asymmetric key formats Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 54a1dd642..21f438838 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -672,7 +672,7 @@ The sections “[RSA mechanism selection](#rsa-mechanism-selection)”, “[Elli The PK types `MBEDTLS_PK_RSA`, `MBEDTLS_PK_RSASSA_PSS` and `MBEDTLS_PK_RSA_ALT` correspond to RSA key types in the PSA API. In the PSA API, key pairs and public keys are separate object types. See “[RSA-ALT interface](#rsa-alt-interface)” for more information about `MBEDTLS_PK_RSA_ALT`. -The PSA API uses policies and algorithm parameters rather than key types to distinguish between `MBEDTLS_PK_RSA` and `MBEDTLS_PK_RSASSA_PSS`. The algorithm selection also replaces the use of `mbedtls_rsa_set_padding` on an `mbedtls_rsa_context` object. See the list of algorithms below and the signature and encryption sections for more information. +The PSA API uses policies and algorithm parameters rather than key types to distinguish between RSA-based mechanisms. The PSA algorithm selection corresponds to the `mbedtls_pk_type_t` value passed to `mbedtls_pk_{sign,verify}_ext`. It also replaces the use of `mbedtls_rsa_set_padding` on an `mbedtls_rsa_context` object. See the list of algorithms below and the signature and encryption sections for more information. An RSA public key has the type [`PSA_KEY_TYPE_RSA_PUBLIC_KEY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga9ba0878f56c8bcd1995ac017a74f513b). @@ -743,7 +743,7 @@ The easiest way to create a key pair object is by randomly generating it with [` For RSA keys, `psa_generate_key` always uses 65537 as the public exponent. If you need a different public exponent, use the legacy interface to create the key then import it as described in “[Importing legacy keys via the PK module](#importing-legacy-keys-via-the-pk-module)”. -To create a key object from existing material, use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b). While this function has the same basic goal as the PK parse functions (`mbedtls_pk_parse_key`, `mbedtls_pk_parse_public_key`, `mbedtls_pk_parse_subpubkey`), it is limited to a single format that just contains the number(s) that make up the key, with very little metadata. This format is a substring of the formats accepted by the PK functions (except for finite-field Diffie-Hellman which the PK module does not support). The table below summarizes the PSA import/export format for key pairs and public keys; see the documentation of [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) and [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) for more details. +To create a key object from existing material, use [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b). While this function has the same basic goal as the PK parse functions (`mbedtls_pk_parse_key`, `mbedtls_pk_parse_public_key`, `mbedtls_pk_parse_subpubkey`), it is limited to a single format that just contains the number(s) that make up the key, with very little metadata. This format is a substring of one of the formats accepted by the PK functions (except for finite-field Diffie-Hellman which the PK module does not support). The table below summarizes the PSA import/export format for key pairs and public keys; see the documentation of [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) and [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) for more details. | Key type | PSA import/export format | | -------- | ------------------------ | @@ -854,7 +854,7 @@ This section explains how to use the `ecp.h` API to create an elliptic curve key You can use this, for example, to import an ECC key in the form of a compressed point by calling `mbedtls_ecp_point_read_binary` then following the process below. -The following code snippet illustrates how to import a private key which is initially in an `mbedtls_ecp_keypair` object. Error checks are omitted for simplicity. A future version of Mbed TLS [will provide a function to calculate the curve family](https://github.com/Mbed-TLS/mbedtls/issues/7764). +The following code snippet illustrates how to import a private key which is initially in an `mbedtls_ecp_keypair` object. (This includes `mbedtls_ecdsa_keypair` objects since that is just a type alias.) Error checks are omitted for simplicity. A future version of Mbed TLS [will provide a function to calculate the curve family](https://github.com/Mbed-TLS/mbedtls/issues/7764). ``` mbedtls_ecp_keypair ec; @@ -904,7 +904,7 @@ You can call [`psa_get_key_attributes`](https://mbed-tls.readthedocs.io/projects The bit-size from `psa_get_key_bits` is the same as the one from `mbedtls_pk_get_bitlen`. To convert to bytes as `mbedtls_pk_get_len` or `mbedtls_rsa_get_len` do, you can use the macro `PSA_BITS_TO_BYTES`. However, note that the PSA API has generic macros for each related buffer size (export, signature size, etc.), so you should generally use those instead. The present document lists those macros where it explains the usage of the corresponding function. -Most uses of `mbedtls_pk_get_type` and `mbedtls_pk_can_do` only require knowing a key's type as reported by [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918). If needed, you can also access a key's policy from its attributes with [`psa_get_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaa1af20f142ca722222c6d98678a0c448), [`psa_get_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gac255da850a00bbed925390044f016b34) and [`psa_get_key_enrollment_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga39803b62a97198cf630854db9b53c588). The algorithm policy also conveys the padding and hash information provided by `mbedtls_rsa_get_padding_mode` and `mbedtls_rsa_get_md_alg`. +Most code that calls `mbedtls_pk_get_type` or `mbedtls_pk_can_do` only requires the key's type as reported by [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918). For code that uses both `mbedtls_pk_context` objects and PSA metadata encoding, [`mbedtls_pk_can_do_ext`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/pk_8h/#pk_8h_1a256d3e8d4323a45aafa7d2b6c59a36f6) checks the compatibility between a key object and a mechanism. If needed, you can also access a key's policy from its attributes with [`psa_get_key_usage_flags`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gaa1af20f142ca722222c6d98678a0c448), [`psa_get_key_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gac255da850a00bbed925390044f016b34) and [`psa_get_key_enrollment_algorithm`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga39803b62a97198cf630854db9b53c588). The algorithm policy also conveys the padding and hash information provided by `mbedtls_rsa_get_padding_mode` and `mbedtls_rsa_get_md_alg`. ### Exporting a public key or a key pair @@ -993,7 +993,7 @@ The PSA API has two algorithm constructors: This mechanism corresponds to `mbedtls_pk_sign_ext` and `mbedtls_pk_verify_ext` for an RSA key, as well as `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_rsa_pkcs1_sign` and `mbedtls_rsa_pkcs1_verify` if PSS has been selected on the underlying RSA context with `mbedlts_rsa_set_padding`. It also corresponds to `mbedtls_rsa_rsassa_pss_sign` and `mbedtls_rsa_rsassa_pss_sign_ext`, `mbedtls_rsa_rsassa_pss_verify` and `mbedtls_rsa_rsassa_pss_verify_ext`. -The PSA API has two algorithm constructors: [`PSA_ALG_RSA_PSS(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga62152bf4cb4bf6aace5e1be8f143564d) and [`PSA_ALG_RSA_PSS_ANY_SALT(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga9b7355a2cd6bde88177634d539127f2b). The hash algorithm `hash` corresponds to the `md_alg` parameter passed to the legacy API. It is used to hash the message, to create the salted hash, and for the mask generation with MGF1. The PSA API does not support using different hash algorithms for these different purposes. +The PSA API has two algorithm constructors: [`PSA_ALG_RSA_PSS(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga62152bf4cb4bf6aace5e1be8f143564d) and [`PSA_ALG_RSA_PSS_ANY_SALT(hash)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga9b7355a2cd6bde88177634d539127f2b). They differ only for verification, and have exactly the same behavior for signature. The hash algorithm `hash` corresponds to the `md_alg` parameter passed to the legacy API. It is used to hash the message, to create the salted hash, and for the mask generation with MGF1. The PSA API does not support using different hash algorithms for these different purposes. With respect to the salt length: From f7746bdd79e7bee875a2b4eb86162296f17d9775 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Nov 2023 14:01:44 +0100 Subject: [PATCH 0866/1674] Correct lists of sign/verify functions Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 21f438838..c62106cf3 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -922,12 +922,14 @@ You can wrap a PSA key object in a PK key context with `mbedtls_pk_setup_opaque` ### Signature operations -The equivalent of `mbedtls_pk_sign`, `mbedtls_rsa_pkcs1_sign`, `mbedtls_rsa_rsassa_pkcs1_v15_sign`, `mbedtls_rsa_rsassa_pss_sign` or `mbedtls_rsa_rsassa_pss_sign_ext` to sign an already calculated hash is [`psa_sign_hash`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga785e746a31a7b2a35ae5175c5ace3c5c). +The equivalent of `mbedtls_pk_sign` or `mbedtls_pk_sign_ext` to sign an already calculated hash is [`psa_sign_hash`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga785e746a31a7b2a35ae5175c5ace3c5c). The key must be a key pair allowing the usage `PSA_KEY_USAGE_SIGN_HASH` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). Use [`PSA_SIGN_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_SIGN_OUTPUT_SIZE) or [`PSA_SIGNATURE_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_SIGNATURE_MAX_SIZE) (similar to `MBEDTLS_PK_SIGNATURE_MAX_SIZE`) to determine the size of the output buffer. +This is also the equivalent of the type-specific functions `mbedtls_rsa_pkcs1_sign`, `mbedtls_rsa_rsassa_pkcs1_v15_sign`, `mbedtls_rsa_rsassa_pss_sign`, `mbedtls_rsa_rsassa_pss_sign_ext`, `mbedtls_ecdsa_sign`, `mbedtls_ecdsa_sign_det_ext` and `mbedtls_ecdsa_write_signature`. Note that the PSA API uses the raw format for ECDSA signatures, not the ASN.1 format; see “[ECDSA signature](#ecdsa-signature)” for more details. The equivalent of `mbedtls_pk_verify` or `mbedtls_pk_verify_ext` to verify an already calculated hash is [`psa_verify_hash`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1gae2ffbf01e5266391aff22b101a49f5f5). The key must be a public key or a key pair allowing the usage `PSA_KEY_USAGE_VERIFY_HASH` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). +This is also the equivalent of the type-specific functions `mbedtls_rsa_pkcs1_verify`, `mbedtls_rsa_rsassa_pkcs1_v15_verify`, `mbedtls_rsa_rsassa_pss_verify`, `mbedtls_rsa_rsassa_pss_verify_ext`, `mbedtls_ecdsa_verify` amd `mbedtls_ecdsa_read_signature`. Note that the PSA API uses the raw format for ECDSA signatures, not the ASN.1 format; see “[ECDSA signature](#ecdsa-signature)” for more details. Generally, `psa_sign_hash` and `psa_verify_hash` require the input to have the correct length for the hash (this has historically not always been enforced in the corresponding legacy APIs). @@ -943,10 +945,10 @@ The following subsections describe the PSA signature mechanisms that correspond #### ECDSA signature -In the PSA API, **the format of an ECDSA signature is the raw fixed-size format. This is different from the legacy API** which uses the ASN.1 DER format for ECDSA signatures. A future version of Mbed TLS [will provide a way to convert between the two formats](https://github.com/Mbed-TLS/mbedtls/issues/7765). +**Note: in the PSA API, the format of an ECDSA signature is the raw fixed-size format. This is different from the legacy API** which uses the ASN.1 DER format for ECDSA signatures. A future version of Mbed TLS [will provide a way to convert between the two formats](https://github.com/Mbed-TLS/mbedtls/issues/7765). -This is the mechanism provided by `mbedtls_pk_sign` and `mbedtls_pk_verify` for ECDSA keys, as well as by `mbedtls_ecdsa_sign`, `mbedtls_ecdsa_sign_det_ext`, `mbedtls_ecdsa_write_signature`, `mbedtls_ecdsa_write_signature` and `mbedtls_ecdsa_verify`. +ECDSA is the mechanism provided by `mbedtls_pk_sign` and `mbedtls_pk_verify` for ECDSA keys, as well as by `mbedtls_ecdsa_sign`, `mbedtls_ecdsa_sign_det_ext`, `mbedtls_ecdsa_write_signature`, `mbedtls_ecdsa_verify` and `mbedtls_ecdsa_read_signature`. The PSA API offers three algorithm constructors for ECDSA. They differ only for signature, and have exactly the same behavior for verification. From d79854b3f73fd9b0863c6fdc083cd861ae61a1da Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Nov 2023 14:01:59 +0100 Subject: [PATCH 0867/1674] That's not what mbedtls_ecdh_get_params does Keep the discussion of how to retrieve information about a key exchange. This doesn't seem to have equivalent legacy ECDH APIs. Add a todo item for mbedtls_ecdh_get_params(). At this point I don't know where it fits. Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index c62106cf3..8b25aa347 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -1064,6 +1064,8 @@ There is no PSA equivalent to Mbed TLS's custom key type names exposed by `mbedt The PSA API has a generic interface for key agreement, covering the main use of both `ecdh.h` and `dhm.h`. + + #### Diffie-Hellman key pair management The PSA API manipulates keys as such, rather than via an operation context. Thus, to use Diffie-Hellman, you need to create a key object, then perform the key exchange, then destroy the key. There is no equivalent to the types `mbedtls_ecdh_context` and `mbedtls_dhm_context`. @@ -1182,12 +1184,12 @@ The corresponding flow with the PSA API is as follows: #### ECDH and DHM metadata functions -The legacy function `mbedtls_ecdh_get_params` allows the application to retrieve an `mbedtls_ecp_keypair` containing either our key pair, or the peer's public key. The PSA equivalent depends on the use case: +You can obtain data and metadata from an ECDH key agreement through the PSA API as follows: * With either side, accessing the group: call [`psa_get_key_attributes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gacbbf5c11eac6cd70c87ffb936e1b9be2) on the key identifier, then [`psa_get_key_type`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1gae4fb812af4f57aa1ad85e335a865b918) and [`psa_get_key_bits`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__attributes/#group__attributes_1ga5bee85c2164ad3d4c0d42501241eeb06) to obtain metadata about the key. -* With `MBEDTLS_ECDH_OURS`, accessing the public key: call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on the PSA key identifier. -* With `MBEDTLS_ECDH_OURS`, accessing the private key: call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) on the key identifier. Note that the key policy must allow `PSA_KEY_USAGE_EXPORT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). -* With `MBEDTLS_ECDH_THEIRS`, accessing the public key (there is no private key): there is no PSA equivalent since the PSA API only uses the peer's public key to immediately calculate the shared secret. If your application needs the peer's public key for some other purpose, store it separately. +* Accessing our public key: call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on the PSA key identifier. +* Accessing our private key: call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf) on the key identifier. Note that the key policy must allow `PSA_KEY_USAGE_EXPORT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). +* Accessing the peer's public key: there is no PSA equivalent since the PSA API only uses the peer's public key to immediately calculate the shared secret. If your application needs the peer's public key for some other purpose, store it separately. The functions `mbedtls_dhm_get_bitlen`, `mbedtls_dhm_get_len` and `mbedtls_dhm_get_value` allow the caller to obtain metadata about the keys used for the key exchange. The PSA equivalents access the key identifier: From 08c6dc4942cc01e75d1a3ccc9c26104ad428a11a Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 30 Nov 2023 13:56:09 +0000 Subject: [PATCH 0868/1674] Rename project_crypto_name Signed-off-by: Thomas Daubney --- scripts/mbedtls_dev/build_tree.py | 2 +- tests/scripts/test_psa_compliance.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index 4e0ae1953..c2a370d7e 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -33,7 +33,7 @@ def crypto_core_directory(root: Optional[str] = None) -> str: else: raise Exception('Neither Mbed TLS nor TF-PSA-Crypto source tree found') -def project_crypto_name(root: Optional[str] = None) -> str: +def crypto_library_filename(root: Optional[str] = None) -> str: """Return the crypto library filename for either TF-PSA-Crypto or Mbed TLS.""" if root is None: root = guess_project_root() diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 034949bc6..984ddf3e1 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -50,7 +50,7 @@ def main(library_build_dir: str): in_tf_psa_crypto_repo = build_tree.looks_like_tf_psa_crypto_root(root_dir) - crypto_name = build_tree.project_crypto_name(root_dir) + crypto_name = build_tree.crypto_library_filename(root_dir) library_subdir = build_tree.crypto_core_directory(root_dir) crypto_lib_filename = (library_build_dir + '/' + From 46588de8fc6165212a4e9d5fddb0c976231152f5 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 30 Nov 2023 13:59:30 +0000 Subject: [PATCH 0869/1674] Improve documentation of crypto_core_directory Signed-off-by: Thomas Daubney --- scripts/mbedtls_dev/build_tree.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index c2a370d7e..ff8d57594 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -23,7 +23,10 @@ def looks_like_root(path: str) -> bool: return looks_like_tf_psa_crypto_root(path) or looks_like_mbedtls_root(path) def crypto_core_directory(root: Optional[str] = None) -> str: - """Return the path of the library code for either TF-PSA-Crypto or Mbed TLS.""" + """ + Return the path of the directory containing the PSA crypto core + for either TF-PSA-Crypto or Mbed TLS. + """ if root is None: root = guess_project_root() if looks_like_tf_psa_crypto_root(root): From 56bee0344ebd81ec1a60f70ca80a87fa5d254b36 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 30 Nov 2023 14:33:35 +0000 Subject: [PATCH 0870/1674] Rename variable for better clarity Signed-off-by: Thomas Daubney --- scripts/generate_driver_wrappers.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py index 5223d459f..edd98a2de 100755 --- a/scripts/generate_driver_wrappers.py +++ b/scripts/generate_driver_wrappers.py @@ -178,10 +178,10 @@ def main() -> int: project_root = os.path.abspath(args.project_root) - library_dir = build_tree.crypto_core_directory(project_root) + crypto_core_directory = build_tree.crypto_core_directory(project_root) output_directory = args.output_directory if args.output_directory is not None else \ - os.path.join(project_root, library_dir) + os.path.join(project_root, crypto_core_directory) template_directory = args.template_dir if args.template_dir is not None else \ os.path.join(project_root, From d1f2934e7880ab744a1f6fbf9ffc9497d75ccc9e Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 30 Nov 2023 17:25:55 +0000 Subject: [PATCH 0871/1674] Introduce guess_mbedtls_root Signed-off-by: Thomas Daubney --- scripts/generate_ssl_debug_helpers.py | 2 +- scripts/mbedtls_dev/build_tree.py | 17 ++++++++++++++--- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/scripts/generate_ssl_debug_helpers.py b/scripts/generate_ssl_debug_helpers.py index af8ef86ee..a0544f153 100755 --- a/scripts/generate_ssl_debug_helpers.py +++ b/scripts/generate_ssl_debug_helpers.py @@ -367,7 +367,7 @@ def generate_ssl_debug_helpers(output_directory, mbedtls_root): Generate functions of debug helps """ mbedtls_root = os.path.abspath( - mbedtls_root or build_tree.guess_project_root()) + mbedtls_root or build_tree.guess_mbedtls_root()) with open(os.path.join(mbedtls_root, 'include/mbedtls/ssl.h')) as f: source_code = remove_c_comments(f.read()) diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index ff8d57594..1868a0f89 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -48,8 +48,7 @@ def crypto_library_filename(root: Optional[str] = None) -> str: raise Exception('Neither Mbed TLS nor TF-PSA-Crypto source tree found') def check_repo_path(): - """ - Check that the current working directory is the project root, and throw + """Check that the current working directory is the project root, and throw an exception if not. """ if not all(os.path.isdir(d) for d in ["include", "library", "tests"]): @@ -69,7 +68,6 @@ def chdir_to_root() -> None: return raise Exception('Mbed TLS source tree not found') - def guess_project_root(): """Guess project source code directory. @@ -87,3 +85,16 @@ def guess_project_root(): if looks_like_root(d): return d raise Exception('Neither Mbed TLS nor TF-PSA-Crypto source tree found') + +def guess_mbedtls_root(root: Optional[str] = None) -> str: + """Guess Mbed TLS source code directory. + + Return the first possible Mbed TLS root directory. + Raise an exception if we are not in Mbed TLS. + """ + if root is None: + root = guess_project_root() + if looks_like_mbedtls_root(root): + return root + else: + raise Exception('Mbed TLS source tree not found') From db80b2301c660d54f285ac1c3ac1f5b26983eafd Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 30 Nov 2023 17:33:54 +0000 Subject: [PATCH 0872/1674] Introduce guess_tf_psa_crypto_root Signed-off-by: Thomas Daubney --- scripts/mbedtls_dev/build_tree.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index 1868a0f89..86c838900 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -98,3 +98,16 @@ def guess_mbedtls_root(root: Optional[str] = None) -> str: return root else: raise Exception('Mbed TLS source tree not found') + +def guess_tf_psa_crypto_root(root: Optional[str] = None) -> str: + """Guess TF-PSA-Crypto source code directory. + + Return the first possible TF-PSA-Crypto root directory. + Raise an exception if we are not in TF-PSA-Crypto. + """ + if root is None: + root = guess_project_root() + if looks_like_tf_psa_crypto_root(root): + return root + else: + raise Exception('TF-PSA-Crypto source tree not found') From dbcfc7dd956f889975fe978252c25bf1359b0460 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Nov 2023 21:04:06 +0100 Subject: [PATCH 0873/1674] Be more informative about "No change" Distinguish between interfaces that won't change in 4.0, and interfaces that have no PSA equivalent but are likely to change in 4.0. Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 8b25aa347..b02e2b8f1 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -81,9 +81,9 @@ PSA functions return a status of type [`psa_status_t`](https://mbed-tls.readthed | ------ | --------------- | -------------- | | `aes.h` | `mbedtls_aes_` | [Symmetric encryption](#symmetric-encryption) | | `aria.h` | `mbedtls_aria_` | [Symmetric encryption](#symmetric-encryption) | -| `asn1.h` | `mbedtls_asn1_` | No change (not a crypto API) | -| `asn1write.h` | `mbedtls_asn1write_` | No change (not a crypto API) | -| `base64.h` | `mbedtls_base64_` | [PK format support interfaces](#pk-format-support-interfaces) | +| `asn1.h` | `mbedtls_asn1_` | No change ([PK support interface](#pk-format-support-interfaces)) | +| `asn1write.h` | `mbedtls_asn1_write_` | No change ([PK support interface](#pk-format-support-interfaces)) | +| `base64.h` | `mbedtls_base64_` | No change ([PK support interface](#pk-format-support-interfaces)) | | `bignum.h` | `mbedtls_bignum_` | None (no low-level arithmetic) | | `build_info.h` | `MBEDTLS_` | No change (not a crypto API) | | `camellia.h` | `mbedtls_camellia_` | [Symmetric encryption](#symmetric-encryption) | @@ -109,15 +109,15 @@ PSA functions return a status of type [`psa_status_t`](https://mbed-tls.readthed | `gcm.h` | `mbedtls_gcm_` | [Symmetric encryption](#symmetric-encryption), [Authenticated cipher operations](#authenticated-cipher-operations) | | `hkdf.h` | `mbedtls_hkdf_` | [HKDF](#hkdf) | | `hmac_drbg.h` | `mbedtls_hmac_drbg_` | [Random generation interface](#random-generation-interface), [Deterministic pseudorandom generation](#deterministic-pseudorandom-generation) | -| `lms.h` | `mbedtls_lms_` | No migration path yet | +| `lms.h` | `mbedtls_lms_` | No change ([LMS signatures](#lms-signatures)) | | `mbedtls_config.h` | `MBEDTLS_` | [Compile-time configuration](#compile-time-configuration) | | `md.h` | `mbedtls_md_` | [Hashes and MAC](#hashes-and-mac) | | `md5.h` | `mbedtls_md5_` | [Hashes and MAC](#hashes-and-mac) | | `memory_buffer_alloc.h` | `mbedtls_memory_buffer_alloc_` | No change (not a crypto API) | | `net_sockets.h` | `mbedtls_net_` | No change (not a crypto API) | -| `nist_kw.h` | `mbedtls_nist_kw_` | No migration path yet | -| `oid.h` | `mbedtls_oid_` | [PK format support interfaces](#pk-format-support-interfaces) | -| `pem.h` | `mbedtls_pem_` | [PK format support interfaces](#pk-format-support-interfaces) | +| `nist_kw.h` | `mbedtls_nist_kw_` | Migration path not yet defined | +| `oid.h` | `mbedtls_oid_` | No change ([PK support interface](#pk-format-support-interfaces)) | +| `pem.h` | `mbedtls_pem_` | No change ([PK support interface](#pk-format-support-interfaces)) | | `pk.h` | `mbedtls_pk_` | [Asymmetric cryptography](#asymmetric-cryptography) | | `pkcs5.h` | `mbedtls_pkcs5_` | [PKCS#5 module](#pkcs5-module) | | `pkcs7.h` | `mbedtls_pkcs7_` | No change (not a crypto API) | @@ -1289,9 +1289,15 @@ There is no direct equivalent of `mbedtls_rsa_export`, `mbedtls_rsa_export_raw` A PSA key object is immutable, so there is no need for an equivalent of `mbedtls_rsa_copy`. (There is a function `psa_copy_key`, but it is only useful to make a copy of a key with a different policy of ownership; both concepts are out of scope of this document since they have no equivalent in the legacy API.) +### LMS signatures + +A future version of Mbed TLS will support LMS keys and signatures through the PSA API (`psa_generate_key`, `psa_export_public_key`, `psa_import_key`, `psa_sign_hash`, `psa_verify_hash`, etc.). However, this is likely to happen after Mbed TLS 4.0, therefore the next major version of Mbed TLS will likely keep the existing `lms.h` interface. + ### PK format support interfaces -The interfaces in `base64.h`, `asn1.h`, `asn1write.h`, `oid.h` and `pem.h` are intended to support X.509 and key file formats. They have no PSA equivalent since they are not directly about cryptography. They remain unchanged in Mbed TLS 3.x. In the future, they are likely to move out of the cryptography part of Mbed TLS and into the public-key/X.509 part. +The interfaces in `base64.h`, `asn1.h`, `asn1write.h`, `oid.h` and `pem.h` are intended to support X.509 and key file formats. They have no PSA equivalent since they are not directly about cryptography. + +In Mbed TLS 4.0, we are planning to keep the ASN.1 interfaces mostly unchanged. The evolution of Base64, OID and PEM as separate interfaces is still undecided at the time of writing. ## EC-JPAKE From 3ea22dcb5198b77bac5d2f3482e2d5f4d62a57c6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Nov 2023 21:07:24 +0100 Subject: [PATCH 0874/1674] Correct function names prefixes where they diverge from module names Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index b02e2b8f1..79780564a 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -82,20 +82,20 @@ PSA functions return a status of type [`psa_status_t`](https://mbed-tls.readthed | `aes.h` | `mbedtls_aes_` | [Symmetric encryption](#symmetric-encryption) | | `aria.h` | `mbedtls_aria_` | [Symmetric encryption](#symmetric-encryption) | | `asn1.h` | `mbedtls_asn1_` | No change ([PK support interface](#pk-format-support-interfaces)) | -| `asn1write.h` | `mbedtls_asn1_write_` | No change ([PK support interface](#pk-format-support-interfaces)) | +| `asn1write.h` | `mbedtls_asn1write_` | No change ([PK support interface](#pk-format-support-interfaces)) | | `base64.h` | `mbedtls_base64_` | No change ([PK support interface](#pk-format-support-interfaces)) | -| `bignum.h` | `mbedtls_bignum_` | None (no low-level arithmetic) | +| `bignum.h` | `mbedtls_mpi_` | None (no low-level arithmetic) | | `build_info.h` | `MBEDTLS_` | No change (not a crypto API) | | `camellia.h` | `mbedtls_camellia_` | [Symmetric encryption](#symmetric-encryption) | | `ccm.h` | `mbedtls_ccm_` | [Symmetric encryption](#symmetric-encryption), [Authenticated cipher operations](#authenticated-cipher-operations) | | `chacha20.h` | `mbedtls_chacha20_` | [Symmetric encryption](#symmetric-encryption) | -| `chachapoly.h` | `mbedtls_chachapoly_` | [Symmetric encryption](#symmetric-encryption) | +| `chachapoly.h` | `mbedtls_chachapoly_` | [Symmetric encryption](#symmetric-encryption), [Authenticated cipher operations](#authenticated-cipher-operations) | | `check_config.h` | N/A | No public APIs (internal support header) | | `cipher.h` | `mbedtls_cipher_` | [Symmetric encryption](#symmetric-encryption) | -| `cmac.h` | `mbedtls_cmac_` | [Hashes and MAC](#hashes-and-mac), [MAC calculation](#mac-calculation) | +| `cmac.h` | `mbedtls_cipher_cmac_` | [Hashes and MAC](#hashes-and-mac), [MAC calculation](#mac-calculation) | | `compat-2.x.h` | various | None (transitional APIs) | | `config_psa.h` | N/A | No public APIs (internal support header) | -| `constant_time.h` | `mbedtls_constant_time_` | [Constant-time functions](#constant-time-functions) | +| `constant_time.h` | `mbedtls_ct_` | [Constant-time functions](#constant-time-functions) | | `ctr_drbg.h` | `mbedtls_ctr_drbg_` | [Random generation interface](#random-generation-interface), [Deterministic pseudorandom generation](#deterministic-pseudorandom-generation) | | `debug.h` | `mbedtls_debug_` | No change (not a crypto API) | | `des.h` | `mbedtls_des_` | [Symmetric encryption](#symmetric-encryption) | @@ -105,7 +105,7 @@ PSA functions return a status of type [`psa_status_t`](https://mbed-tls.readthed | `ecjpake.h` | `mbedtls_ecjpake_` | [EC-JPAKE](#ec-jpake) | | `ecp.h` | `mbedtls_ecp_` | [Asymmetric cryptography](#asymmetric-cryptography) | | `entropy.h` | `mbedtls_entropy_` | [Random generation interface](#random-generation-interface), [Entropy sources](#entropy-sources) | -| `error.h` | `mbedtls_error_` | [Error messages](#error-messages) | +| `error.h` | `mbedtls_*err*` | [Error messages](#error-messages) | | `gcm.h` | `mbedtls_gcm_` | [Symmetric encryption](#symmetric-encryption), [Authenticated cipher operations](#authenticated-cipher-operations) | | `hkdf.h` | `mbedtls_hkdf_` | [HKDF](#hkdf) | | `hmac_drbg.h` | `mbedtls_hmac_drbg_` | [Random generation interface](#random-generation-interface), [Deterministic pseudorandom generation](#deterministic-pseudorandom-generation) | @@ -123,11 +123,11 @@ PSA functions return a status of type [`psa_status_t`](https://mbed-tls.readthed | `pkcs7.h` | `mbedtls_pkcs7_` | No change (not a crypto API) | | `pkcs12.h` | `mbedtls_pkcs12_` | [PKCS#12 module](#pkcs12-module) | | `platform.h` | `mbedtls_platform_` | No change (not a crypto API) | -| `platform_time.h` | `mbedtls_platform_time_` | No change (not a crypto API) | -| `platform_util.h` | `mbedtls_platform_util_` | No change (not a crypto API) | +| `platform_time.h` | `mbedtls_*time*` | No change (not a crypto API) | +| `platform_util.h` | `mbedtls_platform_` | No change (not a crypto API) | | `poly1305.h` | `mbedtls_poly1305_` | None (but there is Chacha20-Poly1305 [AEAD](#symmetric-encryption)) | | `private_access.h` | N/A | No public APIs (internal support header) | -| `psa_util.h` | `mbedtls_psa_` | No public APIs (internal support header) | +| `psa_util.h` | N/A | No public APIs (internal support header) | | `ripemd160.h` | `mbedtls_ripemd160_` | [Hashes and MAC](#hashes-and-mac) | | `rsa.h` | `mbedtls_rsa_` | [Asymmetric cryptography](#asymmetric-cryptography) | | `sha1.h` | `mbedtls_sha1_` | [Hashes and MAC](#hashes-and-mac) | @@ -136,7 +136,7 @@ PSA functions return a status of type [`psa_status_t`](https://mbed-tls.readthed | `sha512.h` | `mbedtls_sha512_` | [Hashes and MAC](#hashes-and-mac) | | `ssl.h` | `mbedtls_ssl_` | No change (not a crypto API) | | `ssl_cache.h` | `mbedtls_ssl_cache_` | No change (not a crypto API) | -| `ssl_ciphersuites.h` | `mbedtls_ssl_ciphersuites_` | No change (not a crypto API) | +| `ssl_ciphersuites.h` | `mbedtls_ssl_ciphersuite_` | No change (not a crypto API) | | `ssl_cookie.h` | `mbedtls_ssl_cookie_` | No change (not a crypto API) | | `ssl_ticket.h` | `mbedtls_ssl_ticket_` | No change (not a crypto API) | | `threading.h` | `mbedtls_threading_` | No change (not a crypto API) | From 02112cc9a1ad23ef93bd7f96974e5aea623dcc10 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Nov 2023 21:17:27 +0100 Subject: [PATCH 0875/1674] Update PBKDF2 availability for 3.5 Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 79780564a..304b16c55 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -574,7 +574,7 @@ PSA Crypto provides access to HKDF, HKDF-Extract and HKDF-Expand via its [key de ### PKCS#5 module -Applications currently using `mbedtls_pkcs5_pbkdf2_hmac` or `mbedtls_pkcs5_pbkdf2_hmac_ext` can switch to the PSA key derivation API for PBKDF2 (not yet implemented at the time of writing, scheduled to be released in Mbed TLS 3.5). This is a generic interface using an operation object with one function call for each input and one function call for each output. +Applications currently using `mbedtls_pkcs5_pbkdf2_hmac` or `mbedtls_pkcs5_pbkdf2_hmac_ext` can switch to the PSA key derivation API for PBKDF2. This is a generic interface using an operation object with one function call for each input and one function call for each output. 1. Create an operation object of type [`psa_key_derivation_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga5f099b63799a0959c3d46718c86c2609) and zero-initialize it (or use the corresponding `INIT` macro). 2. Call [`psa_key_derivation_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gac0b6a76e45cceb1862752bf041701859) to select the algorithm, which is a value of type [`psa_algorithm_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2e4d47f1300d73c2f829a6d99252d69). For PBKDF2-HMAC, select `PSA_ALG_PBKDF2_HMAC(hash)` where `hash` is the underlying hash algorithm (see “[Hash mechanism selection](#hash-mechanism-selection)”). @@ -584,7 +584,7 @@ Applications currently using `mbedtls_pkcs5_pbkdf2_hmac` or `mbedtls_pkcs5_pbkdf 2. [`PSA_KEY_DERIVATION_INPUT_SECRET`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__derivation/#group__derivation_1ga0ddfbe764baba995c402b1b0ef59392e) for the password. 5. Call [`psa_key_derivation_output_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga06b7eb34a2fa88965f68e3d023fa12b9) to obtain the output of the derivation. You may call this function more than once to retrieve the output in successive chunks. Use [`psa_key_derivation_output_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gada7a6e17222ea9e7a6be6864a00316e1) instead if you want to use a chunk as a PSA key. - If you want to verify the output against an expected value (for authentication, rather than to derive key material), call [`psa_key_derivation_verify_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gaf01520beb7ba932143ffe733b0795b08) or [`psa_key_derivation_verify_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gac041714e34a94742e8ee006ac7dfea5a) instead of `psa_key_derivation_output_bytes`. + If you want to verify the output against an expected value (for authentication, rather than to derive key material), call [`psa_key_derivation_verify_bytes`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gaf01520beb7ba932143ffe733b0795b08) or [`psa_key_derivation_verify_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1gac041714e34a94742e8ee006ac7dfea5a) instead of `psa_key_derivation_output_bytes`. (Note that the `verify` functions are not yet present in the 3.5 release of Mbed TLS. They are expected to be released in version 3.6.0.) 6. Call [`psa_key_derivation_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) to free the resources associated with the key derivation object. The function `mbedtls_pkcs5_pbes2` is only intended as a support function to parse encrypted private keys in the PK module. It has no PSA equivalent. From c3fd0958ce9ad1271a476e80e7dd57a4e3818298 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Nov 2023 21:18:04 +0100 Subject: [PATCH 0876/1674] typo Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 304b16c55..f4245cf6a 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -591,7 +591,7 @@ The function `mbedtls_pkcs5_pbes2` is only intended as a support function to par ### PKCS#12 module -The functions `mbedtls_pkcs12_derivation` and `mbedtls_pkcs12_pbes2` are only intended as support functions to parse encrypted private keys in the PK module. They have no PSA equivalent. +The functions `mbedtls_pkcs12_derivation` and `mbedtls_pkcs12_pbe` are only intended as support functions to parse encrypted private keys in the PK module. They have no PSA equivalent. ## Random generation From 1097d4e73168fea015fa23d5cada5e0530daead5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 30 Nov 2023 21:18:10 +0100 Subject: [PATCH 0877/1674] Minor clarification Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index f4245cf6a..41ae99e7e 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -52,7 +52,7 @@ To make the PSA API available, make sure that the configuration option [`MBEDTLS You should probably enable [`MBEDTLS_USE_PSA_CRYPTO`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/mbedtls__config_8h/#mbedtls__config_8h_1a70fd7b97d5f11170546583f2095942a6) as well (it is disabled by default). This option causes the PK, X.509 and TLS modules to use PSA crypto under the hood. Some functions that facilitate the transition (for example, to convert between metadata encodings or between key representations) are only available when `MBEDTLS_USE_PSA_CRYPTO` is enabled. -By default, the PSA crypto API offers a similar set of cryptographic mechanisms as those offered by the legacy API. The PSA crypto API also has its own configuration mechanism; see “[Cryptographic mechanism availability](#cryptographic-mechanism-availability)”. +By default, the PSA crypto API offers a similar set of cryptographic mechanisms as those offered by the legacy API (configured by `MBEDTLS_XXX` macros). The PSA crypto API also has its own configuration mechanism; see “[Cryptographic mechanism availability](#cryptographic-mechanism-availability)”. ### Header files From 2bef7fbc8dd6e84b5e980747a4baed9552a42bf9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 1 Dec 2023 12:02:54 +0800 Subject: [PATCH 0878/1674] tls13: early_data: cli: remove guard to fix failure Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index bdb34247d..2c76ad1c4 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2152,9 +2152,7 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) int ret; unsigned char *buf; size_t buf_len; -#if defined(MBEDTLS_SSL_EARLY_DATA) mbedtls_ssl_handshake_params *handshake = ssl->handshake; -#endif MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse encrypted extensions")); From e72dfff1d68378da70757eeedb47e427c5f9186f Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 1 Dec 2023 12:05:12 +0800 Subject: [PATCH 0879/1674] tls13: early_data: cli: improve comment Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 2c76ad1c4..62e99cfec 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2207,8 +2207,7 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) /* * Move `session_negotiate->ciphersuite` assignment here which after - * early data cipher suite check when receiving "early_data" extension - * in EncryptedExtensions. + * early data cipher suite check. * * We compute transform_handshake by the cipher suite chosen from * the server in `handshake`. `session_negotiate->ciphersuite` is the From e32fac3d23fe25c242f424be1ef25ff378a3b64f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 1 Dec 2023 16:25:16 +0800 Subject: [PATCH 0880/1674] remove wait_flight2 state Signed-off-by: Jerry Yu --- include/mbedtls/ssl.h | 1 - library/ssl_tls13_server.c | 35 ----------------------------------- 2 files changed, 36 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 2bca21a2f..043988f25 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -692,7 +692,6 @@ typedef enum { MBEDTLS_SSL_HELLO_RETRY_REQUEST, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS, MBEDTLS_SSL_END_OF_EARLY_DATA, - MBEDTLS_SSL_WAIT_FLIGHT2, MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY, MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED, MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO, diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index db6140eb0..c7dbb5388 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2815,37 +2815,6 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) return 0; } -/* - * Handler for MBEDTLS_SSL_WAIT_FLIGHT2 - * - * RFC 8446 section A.2 - * - * WAIT_FLIGHT2 - * | - * +--------+--------+ - * No auth | | Client auth - * | | - * | v - * | WAIT_CERT - * | Recv | | Recv Certificate - */ -MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_process_wait_flight2(mbedtls_ssl_context *ssl) -{ - MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_tls13_process_wait_flight2")); - - if (ssl->handshake->certificate_request_sent) { - mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); - } else { - MBEDTLS_SSL_DEBUG_MSG(2, ("skip parse certificate")); - MBEDTLS_SSL_DEBUG_MSG(2, ("skip parse certificate verify")); - mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); - } - - MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_tls13_process_wait_flight2")); - return 0; -} - #if defined(MBEDTLS_SSL_EARLY_DATA) /* * Handler for MBEDTLS_SSL_END_OF_EARLY_DATA( WAIT_EOED ) @@ -3378,10 +3347,6 @@ int mbedtls_ssl_tls13_handshake_server_step(mbedtls_ssl_context *ssl) ret = ssl_tls13_write_server_finished(ssl); break; - case MBEDTLS_SSL_WAIT_FLIGHT2: - ret = ssl_tls13_process_wait_flight2(ssl); - break; - #if defined(MBEDTLS_SSL_EARLY_DATA) case MBEDTLS_SSL_END_OF_EARLY_DATA: ret = ssl_tls13_process_wait_eoed(ssl); From 9b72e3970150416e2f8dc9d60526693fabdb6539 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 1 Dec 2023 16:27:08 +0800 Subject: [PATCH 0881/1674] re-introduce process_wait_flight2 Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 56 +++++++++++++++++++++++++++++++++++++- 1 file changed, 55 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index c7dbb5388..1f834420a 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2758,6 +2758,60 @@ static int ssl_tls13_write_certificate_verify(mbedtls_ssl_context *ssl) } #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */ + +/* + * RFC 8446 section A.2 + * + * | Send ServerHello + * | K_send = handshake + * | Send EncryptedExtensions + * | [Send CertificateRequest] + * Can send | [Send Certificate + CertificateVerify] + * app data | Send Finished + * after --> | K_send = application + * here +--------+--------+ + * No 0-RTT | | 0-RTT + * | | + * K_recv = handshake | | K_recv = early data + * [Skip decrypt errors] | +------> WAIT_EOED -+ + * | | Recv | | Recv EndOfEarlyData + * | | early data | | K_recv = handshake + * | +------------+ | + * | | + * +> WAIT_FLIGHT2 <--------+ + * | + * +--------+--------+ + * No auth | | Client auth + * | | + * | v + * | WAIT_CERT + * | Recv | | Recv Certificate + * | empty | v + * | Certificate | WAIT_CV + * | | | Recv + * | v | CertificateVerify + * +-> WAIT_FINISHED <---+ + * | Recv Finished + * + * + * The following function handles the state changes after WAIT_FLIGHT2 in the + * above diagram. + */ +static void ssl_tls13_process_wait_flight2(mbedtls_ssl_context *ssl) +{ + MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_tls13_process_wait_flight2")); + + if (ssl->handshake->certificate_request_sent) { + mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); + } else { + MBEDTLS_SSL_DEBUG_MSG(2, ("skip parse certificate")); + MBEDTLS_SSL_DEBUG_MSG(2, ("skip parse certificate verify")); + mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); + } + + MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_tls13_process_wait_flight2")); +} + /* * Handler for MBEDTLS_SSL_SERVER_FINISHED */ @@ -2810,7 +2864,7 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG(1, ("Switch to handshake keys for inbound traffic")); mbedtls_ssl_set_inbound_transform(ssl, ssl->handshake->transform_handshake); - mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_WAIT_FLIGHT2); + ssl_tls13_process_wait_flight2(ssl); return 0; } From 59d420f17b6bf8f39c74ce020152c024b74de8fc Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 1 Dec 2023 16:30:34 +0800 Subject: [PATCH 0882/1674] empty process_end_of_early_data Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 87 ++------------------------------------ 1 file changed, 4 insertions(+), 83 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 1f834420a..7b1849cb9 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2871,92 +2871,13 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_SSL_EARLY_DATA) /* - * Handler for MBEDTLS_SSL_END_OF_EARLY_DATA( WAIT_EOED ) - * - * RFC 8446 section A.2 - * - * | - * +------> WAIT_EOED -+ - * | Recv | | Recv EndOfEarlyData - * | early data | | K_recv = handshake - * +------------+ | - * | - * WAIT_FLIGHT2 <--------+ - * | + * Handler for MBEDTLS_SSL_END_OF_EARLY_DATA */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_process_wait_eoed(mbedtls_ssl_context *ssl) +static int ssl_tls13_process_end_of_early_data(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - mbedtls_ssl_handshake_params *handshake = ssl->handshake; - - MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_tls13_process_wait_eoed")); - - if ((ret = mbedtls_ssl_read_record(ssl, 0)) != 0) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); - return ret; - } - - /* RFC 8446 section 4.5 - * - * struct {} EndOfEarlyData; - */ - if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && - ssl->in_msg[0] == MBEDTLS_SSL_HS_END_OF_EARLY_DATA) { - MBEDTLS_SSL_DEBUG_MSG( - 1, ("Switch to handshake keys for inbound traffic" - "( K_recv = handshake )")); - mbedtls_ssl_set_inbound_transform(ssl, handshake->transform_handshake); - mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_WAIT_FLIGHT2); - - ret = mbedtls_ssl_add_hs_hdr_to_checksum( - ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, 0); - if (0 != ret) { - MBEDTLS_SSL_DEBUG_RET( - 1, ("mbedtls_ssl_add_hs_hdr_to_checksum"), ret); - } - - goto cleanup; - - } - - /* RFC 8446 section 2.3 figure 4 - * - * 0-RTT data is sent via application data message. - */ - ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; - if (ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA) { - MBEDTLS_SSL_DEBUG_MSG( - 2, ("Unexpected message type %d", ssl->in_msgtype)); - goto cleanup; - } - - /* - * Output early data - * - * For the time being, we print received data via debug message. - * - * TODO: Remove it when `mbedtls_ssl_read_early_data` is ready. - */ - ssl->in_msg[ssl->in_msglen] = 0; - MBEDTLS_SSL_DEBUG_MSG(3, ("\n%s", ssl->in_msg)); - - /* RFC 8446 section 4.6.1 - * - * A server receiving more than max_early_data_size bytes of 0-RTT data - * SHOULD terminate the connection with an "unexpected_message" alert. - * - * TODO: Add received data size check here. - */ - - ret = 0; - -cleanup: - if (ret == MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE) { - MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE, - MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE); - } - MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_tls13_process_wait_eoed")); + ((void) ssl); return ret; } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -3403,7 +3324,7 @@ int mbedtls_ssl_tls13_handshake_server_step(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_SSL_EARLY_DATA) case MBEDTLS_SSL_END_OF_EARLY_DATA: - ret = ssl_tls13_process_wait_eoed(ssl); + ret = ssl_tls13_process_end_of_early_data(ssl); break; #endif /* MBEDTLS_SSL_EARLY_DATA */ From d5c3496ce24986b33d471a6fee18318ed6b848ee Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 1 Dec 2023 16:32:31 +0800 Subject: [PATCH 0883/1674] Add dummy framework of eoed state Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 107 ++++++++++++++++++++++++++++++++++++- 1 file changed, 106 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 7b1849cb9..4b0acf004 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2873,11 +2873,116 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) /* * Handler for MBEDTLS_SSL_END_OF_EARLY_DATA */ +#define SSL_END_OF_EARLY_GOT_END_OF_EARLY_DATA 0 +#define SSL_END_OF_EARLY_GOT_APPLICATION_DATA 1 +/* Coordination: + * Deals with the ambiguity of not knowing if a EndOfEarlyData will be sent. + * Returns a negative code on failure, or + * - SSL_END_OF_EARLY_GOT_END_OF_EARLY_DATA + * - SSL_END_OF_EARLY_GOT_APPLICATION_DATA + * indicating which message is received. + */ +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_end_of_early_data_coordinate(mbedtls_ssl_context *ssl) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + ((void) ssl); + return ret; +} + +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_parse_end_of_early_data(mbedtls_ssl_context *ssl, + const unsigned char *buf, + const unsigned char *end) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + ((void) ssl); + ((void) buf); + ((void) end); + return ret; +} + +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_process_early_application_data(mbedtls_ssl_context *ssl) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + ((void) ssl); + return ret; +} + +/* + * RFC 8446 section A.2 + * + * | Send ServerHello + * | K_send = handshake + * | Send EncryptedExtensions + * | [Send CertificateRequest] + * Can send | [Send Certificate + CertificateVerify] + * app data | Send Finished + * after --> | K_send = application + * here +--------+--------+ + * No 0-RTT | | 0-RTT + * | | + * K_recv = handshake | | K_recv = early data + * [Skip decrypt errors] | +------> WAIT_EOED -+ + * | | Recv | | Recv EndOfEarlyData + * | | early data | | K_recv = handshake + * | +------------+ | + * | | + * +> WAIT_FLIGHT2 <--------+ + * | + * +--------+--------+ + * No auth | | Client auth + * | | + * | v + * | WAIT_CERT + * | Recv | | Recv Certificate + * | empty | v + * | Certificate | WAIT_CV + * | | | Recv + * | v | CertificateVerify + * +-> WAIT_FINISHED <---+ + * | Recv Finished + * + * The function handles actions and state changes from 0-RTT to WAIT_FLIGHT2 in + * the above diagram. + */ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_process_end_of_early_data(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ((void) ssl); + + MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_tls13_process_end_of_early_data")); + + MBEDTLS_SSL_PROC_CHK_NEG(ssl_tls13_end_of_early_data_coordinate(ssl)); + + if (ret == SSL_END_OF_EARLY_GOT_END_OF_EARLY_DATA) { + unsigned char *buf; + size_t buf_len; + + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg( + ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, + &buf, &buf_len)); + + MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_end_of_early_data( + ssl, buf, buf + buf_len)); + + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, + buf, buf_len)); + ssl_tls13_process_wait_flight2(ssl); + + } else if (ret == SSL_END_OF_EARLY_GOT_APPLICATION_DATA) { + MBEDTLS_SSL_PROC_CHK(ssl_tls13_process_early_application_data(ssl)); + } else { + MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); + ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; + goto cleanup; + } + + +cleanup: + MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_tls13_process_end_of_early_data")); return ret; } #endif /* MBEDTLS_SSL_EARLY_DATA */ From b4ed4602f241392a48bf1293024749b568639644 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 1 Dec 2023 16:34:00 +0800 Subject: [PATCH 0884/1674] implement coordinate of eoed Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 4b0acf004..83d08c554 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2886,8 +2886,27 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_end_of_early_data_coordinate(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ((void) ssl); - return ret; + + if ((ret = mbedtls_ssl_read_record(ssl, 0)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; + } + ssl->keep_current_message = 1; + + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && + ssl->in_msg[0] == MBEDTLS_SSL_HS_END_OF_EARLY_DATA) { + MBEDTLS_SSL_DEBUG_MSG(3, ("got end_of_early_data message.")); + return SSL_END_OF_EARLY_GOT_END_OF_EARLY_DATA; + } + + if (ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA) { + MBEDTLS_SSL_DEBUG_MSG(3, ("got application_data message")); + return SSL_END_OF_EARLY_GOT_APPLICATION_DATA; + } + + MBEDTLS_SSL_DEBUG_MSG(1, ("got unexpected message.")); + + return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } MBEDTLS_CHECK_RETURN_CRITICAL From 75c9ab76b59c1736720e061f721aca9bbae2801e Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 1 Dec 2023 16:41:40 +0800 Subject: [PATCH 0885/1674] implement parser of eoed Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 83d08c554..5e3508cda 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2914,11 +2914,12 @@ static int ssl_tls13_parse_end_of_early_data(mbedtls_ssl_context *ssl, const unsigned char *buf, const unsigned char *end) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + /* RFC 8446 section 4.5 + * + * struct {} EndOfEarlyData; + */ ((void) ssl); - ((void) buf); - ((void) end); - return ret; + return buf == end ? 0 : MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } MBEDTLS_CHECK_RETURN_CRITICAL From e96551276abf01c8739dbe2b928f79c81d502acc Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 1 Dec 2023 16:44:40 +0800 Subject: [PATCH 0886/1674] switch inbound transform to handshake Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 5e3508cda..b350c7ef8 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2987,9 +2987,16 @@ static int ssl_tls13_process_end_of_early_data(mbedtls_ssl_context *ssl) MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_end_of_early_data( ssl, buf, buf + buf_len)); + MBEDTLS_SSL_DEBUG_MSG( + 1, ("Switch to handshake keys for inbound traffic" + "( K_recv = handshake )")); + mbedtls_ssl_set_inbound_transform( + ssl, ssl->handshake->transform_handshake); + MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum( ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, buf, buf_len)); + ssl_tls13_process_wait_flight2(ssl); } else if (ret == SSL_END_OF_EARLY_GOT_APPLICATION_DATA) { From ee4d72955595b9e4afbe93093deba5c47be702e1 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 1 Dec 2023 16:46:14 +0800 Subject: [PATCH 0887/1674] print received early application data Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 34 ++++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index b350c7ef8..6245bb863 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2926,8 +2926,38 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_process_early_application_data(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ((void) ssl); - return ret; + + if ((ret = mbedtls_ssl_read_record(ssl, 0)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); + return ret; + } + + ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; + if (ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA) { + MBEDTLS_SSL_DEBUG_MSG( + 2, ("Unexpected message type %d", ssl->in_msgtype)); + return ret; + } + + /* + * Output early data + * + * For the time being, we print received data via debug message. + * + * TODO: Remove it when `mbedtls_ssl_read_early_data` is ready. + */ + ssl->in_msg[ssl->in_msglen] = 0; + MBEDTLS_SSL_DEBUG_MSG(3, ("\n%s", ssl->in_msg)); + + /* RFC 8446 section 4.6.1 + * + * A server receiving more than max_early_data_size bytes of 0-RTT data + * SHOULD terminate the connection with an "unexpected_message" alert. + * + * TODO: Add received data size check here. + */ + + return 0; } /* From 0af63dc263da296b96baff8e5cda883b3747a9f2 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 1 Dec 2023 17:14:51 +0800 Subject: [PATCH 0888/1674] improve comments and output message Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 22 ++++------------------ 1 file changed, 4 insertions(+), 18 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 6245bb863..7d5362caf 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2835,22 +2835,7 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_SSL_EARLY_DATA) if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { - /* TODO: compute early transform here? - * - * RFC 8446, section A.2 - * | Send Finished - * | K_send = application - * +--------+--------+ - * No 0-RTT | | 0-RTT - * | | - * | | K_recv = early data - * | +------> WAIT_EOED -+ - * - * early transform is set after server finished in this section. But - * it breaks our key computation, so we put early transform computation - * at the end of client hello. For the time being, I am not sure the - * benifit for moving computation here. - */ + /* See RFC 8446 section A.2 for more information */ MBEDTLS_SSL_DEBUG_MSG( 1, ("Switch to early keys for inbound traffic. " "( K_recv = early data )")); @@ -2860,8 +2845,9 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) return 0; } #endif /* MBEDTLS_SSL_EARLY_DATA */ - - MBEDTLS_SSL_DEBUG_MSG(1, ("Switch to handshake keys for inbound traffic")); + MBEDTLS_SSL_DEBUG_MSG( + 1, ("Switch to handshake keys for inbound traffic " + "( K_recv = handshake )")); mbedtls_ssl_set_inbound_transform(ssl, ssl->handshake->transform_handshake); ssl_tls13_process_wait_flight2(ssl); From 03a00768c0dea338801e7966b263f5940151146f Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 1 Dec 2023 17:40:19 +0800 Subject: [PATCH 0889/1674] tls13: early_data: cli: improve comment This commit improves comment of the check for handshake parameters in Encrypted Extension. Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 62e99cfec..0cdb02b6c 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2182,14 +2182,15 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) * - The selected cipher suite * - The selected ALPN [RFC7301] protocol, if any * - * When parsing EncryptedExtensions, the client does not know if - * the server will accept early data and select the first proposed - * pre-shared key with a cipher suite that is different from the - * cipher suite associated to the selected pre-shared key. To address - * aforementioned case, when early data is involved, we check: - * - the selected pre-shared key is the first proposed one - * - the selected cipher suite same as the one associated with the - * pre-shared key. + * The server has sent an early data extension in its Encrypted + * Extension message thus accepted to receive early data. We + * check here that the additional constraints on the handshake + * parameters, when early data are exchanged, are met, + * namely: + * - the selected PSK for the handshake was the first one proposed + * by the client. + * - the selected ciphersuite for the handshake is the ciphersuite + * associated with the selected PSK. */ if (handshake->selected_identity != 0 || handshake->ciphersuite_info->id != From 9ae6534c201473aafb511fa8ec2b29817a88d00f Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 1 Dec 2023 17:46:06 +0800 Subject: [PATCH 0890/1674] tls13: early_data: cli: improve comment This commit improves comment of why we assign the identifier of the ciphersuite in handshake to `ssl->session_negotiate`. Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 0cdb02b6c..4273f38c0 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2207,13 +2207,14 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) #endif /* - * Move `session_negotiate->ciphersuite` assignment here which after - * early data cipher suite check. - * - * We compute transform_handshake by the cipher suite chosen from - * the server in `handshake`. `session_negotiate->ciphersuite` is the - * cipher suite negotiated in previous connection and it is not used for - * computing transform_handshake. + * In case the client has proposed a PSK associated with a ticket, + * `ssl->session_negotiate->ciphersuite` still contains at this point the + * identifier of the ciphersuite associated with the ticket. This is that + * way because, if an exchange of early data is agreed upon, we need + * it to check that the ciphersuite selected for the handshake is the + * ticket ciphersuite (see above). This information is not needed + * anymore thus we can now set it to the identifier of the ciphersuite + * used in this session under negotiation. */ ssl->session_negotiate->ciphersuite = handshake->ciphersuite_info->id; From 99030e2a506cf7edc5611538a137658948d97179 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 1 Dec 2023 09:52:35 +0000 Subject: [PATCH 0891/1674] Remove trailing whitespace Signed-off-by: Thomas Daubney --- scripts/mbedtls_dev/build_tree.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index 86c838900..14790fc9c 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -24,7 +24,7 @@ def looks_like_root(path: str) -> bool: def crypto_core_directory(root: Optional[str] = None) -> str: """ - Return the path of the directory containing the PSA crypto core + Return the path of the directory containing the PSA crypto core for either TF-PSA-Crypto or Mbed TLS. """ if root is None: From 304fa091cf47fcdc4e289c1c2e5aa23abf856384 Mon Sep 17 00:00:00 2001 From: Oldes Huhuman Date: Fri, 1 Dec 2023 12:23:26 +0100 Subject: [PATCH 0892/1674] Shortening a comment line Related to: https://github.com/Mbed-TLS/mbedtls/issues/8562 Signed-off-by: Oldes Huhuman --- library/platform_util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/platform_util.c b/library/platform_util.c index cc463402c..63643d26f 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -245,7 +245,7 @@ extern inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x); (defined(unix) || defined(__unix) || defined(__unix__) || \ (defined(__APPLE__) && defined(__MACH__)) || defined(__HAIKU__)) #include -#endif /* !_WIN32 && (unix || __unix || __unix__ || (__APPLE__ && __MACH__) || defined(__HAIKU__)) */ +#endif /* !_WIN32 && (unix || __unix || __unix__ || (__APPLE__ && __MACH__) || __HAIKU__) */ #if (defined(_POSIX_VERSION) && _POSIX_VERSION >= 199309L) || defined(__HAIKU__) mbedtls_ms_time_t mbedtls_ms_time(void) { From f1be1f6740b2148b4f2004da476ed8143d51c2cd Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 1 Dec 2023 13:53:45 +0000 Subject: [PATCH 0893/1674] Remove unused code Signed-off-by: Dave Rodgman --- library/constant_time.c | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/library/constant_time.c b/library/constant_time.c index c7077c352..d212ddfd8 100644 --- a/library/constant_time.c +++ b/library/constant_time.c @@ -21,19 +21,6 @@ #include -#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) -#include "psa/crypto.h" -/* Define a local translating function to save code size by not using too many - * arguments in each translating place. */ -static int local_err_translation(psa_status_t status) -{ - return psa_status_to_mbedtls(status, psa_to_ssl_errors, - ARRAY_LENGTH(psa_to_ssl_errors), - psa_generic_status_to_mbedtls); -} -#define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status) -#endif - #if !defined(MBEDTLS_CT_ASM) /* * Define an object with the value zero, such that the compiler cannot prove that it From 744577a429d3815169a590f5ca7d7b0118c99e9f Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 1 Dec 2023 22:33:59 +0800 Subject: [PATCH 0894/1674] tls13: early_data: cli: check a PSK has been selected in EE Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 4273f38c0..1e1223e7e 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2187,12 +2187,14 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) * check here that the additional constraints on the handshake * parameters, when early data are exchanged, are met, * namely: + * - a PSK has been selected for the handshake * - the selected PSK for the handshake was the first one proposed * by the client. * - the selected ciphersuite for the handshake is the ciphersuite * associated with the selected PSK. */ - if (handshake->selected_identity != 0 || + if ((!mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) || + handshake->selected_identity != 0 || handshake->ciphersuite_info->id != ssl->session_negotiate->ciphersuite) { From 4577bda6d52d6954eb00fd0ebfc516772a20f601 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 1 Dec 2023 16:51:24 +0100 Subject: [PATCH 0895/1674] pkcs[5|12]: use cipher enums for encrypt and decrypt Instead of re-defining MBEDTLS_PKCS5_[EN/DE]CRYPT and MBEDTLS_PKCS12_PBE_[EN/DE]CRYPT from scratch, since these values are to be used with the mbedtls_cipher_setkey() function, ensure that their value matches with enums in cipher.h. Signed-off-by: Valerio Setti --- include/mbedtls/pkcs12.h | 4 ++-- include/mbedtls/pkcs5.h | 5 +++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index 42e84538a..09f89a23a 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -31,8 +31,8 @@ #define MBEDTLS_PKCS12_DERIVE_IV 2 /**< initialization vector */ #define MBEDTLS_PKCS12_DERIVE_MAC_KEY 3 /**< integrity / MAC key */ -#define MBEDTLS_PKCS12_PBE_DECRYPT 0 -#define MBEDTLS_PKCS12_PBE_ENCRYPT 1 +#define MBEDTLS_PKCS12_PBE_DECRYPT MBEDTLS_DECRYPT +#define MBEDTLS_PKCS12_PBE_ENCRYPT MBEDTLS_ENCRYPT #ifdef __cplusplus extern "C" { diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h index e004f4555..6cfe96769 100644 --- a/include/mbedtls/pkcs5.h +++ b/include/mbedtls/pkcs5.h @@ -17,6 +17,7 @@ #include "mbedtls/asn1.h" #include "mbedtls/md.h" +#include "mbedtls/cipher.h" #include #include @@ -30,8 +31,8 @@ /** Given private key password does not allow for correct decryption. */ #define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x2e00 -#define MBEDTLS_PKCS5_DECRYPT 0 -#define MBEDTLS_PKCS5_ENCRYPT 1 +#define MBEDTLS_PKCS5_DECRYPT MBEDTLS_DECRYPT +#define MBEDTLS_PKCS5_ENCRYPT MBEDTLS_ENCRYPT #ifdef __cplusplus extern "C" { From 04c446cc2131781303f4b09f80c08a9f418ede2c Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 1 Dec 2023 17:18:38 +0000 Subject: [PATCH 0896/1674] Modify crypto_core_directory to also return a relative path Signed-off-by: Thomas Daubney --- scripts/mbedtls_dev/build_tree.py | 9 ++++++++- tests/scripts/test_psa_compliance.py | 2 +- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py index 14790fc9c..ec67e4cdf 100644 --- a/scripts/mbedtls_dev/build_tree.py +++ b/scripts/mbedtls_dev/build_tree.py @@ -22,16 +22,23 @@ def looks_like_mbedtls_root(path: str) -> bool: def looks_like_root(path: str) -> bool: return looks_like_tf_psa_crypto_root(path) or looks_like_mbedtls_root(path) -def crypto_core_directory(root: Optional[str] = None) -> str: +def crypto_core_directory(root: Optional[str] = None, relative: Optional[bool] = False) -> str: """ Return the path of the directory containing the PSA crypto core for either TF-PSA-Crypto or Mbed TLS. + + Returns either the full path or relative path depending on the + "relative" boolean argument. """ if root is None: root = guess_project_root() if looks_like_tf_psa_crypto_root(root): + if relative: + return "core" return os.path.join(root, "core") elif looks_like_mbedtls_root(root): + if relative: + return "library" return os.path.join(root, "library") else: raise Exception('Neither Mbed TLS nor TF-PSA-Crypto source tree found') diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 984ddf3e1..57e4fbd52 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -51,7 +51,7 @@ def main(library_build_dir: str): in_tf_psa_crypto_repo = build_tree.looks_like_tf_psa_crypto_root(root_dir) crypto_name = build_tree.crypto_library_filename(root_dir) - library_subdir = build_tree.crypto_core_directory(root_dir) + library_subdir = build_tree.crypto_core_directory(root_dir, relative = True) crypto_lib_filename = (library_build_dir + '/' + library_subdir + '/' + From 3a0690647e98f40837336ba96dee97ec7b6a3422 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 1 Dec 2023 18:27:25 +0000 Subject: [PATCH 0897/1674] Use guess_mbedtls_root in Mbed-TLS-only script Signed-off-by: Thomas Daubney --- tests/scripts/audit-validity-dates.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/audit-validity-dates.py b/tests/scripts/audit-validity-dates.py index ab09b4a1e..96b705a28 100755 --- a/tests/scripts/audit-validity-dates.py +++ b/tests/scripts/audit-validity-dates.py @@ -265,7 +265,7 @@ class Auditor: @staticmethod def find_test_dir(): """Get the relative path for the Mbed TLS test directory.""" - return os.path.relpath(build_tree.guess_project_root() + '/tests') + return os.path.relpath(build_tree.guess_mbedtls_root() + '/tests') class TestDataAuditor(Auditor): From 10769bca9eeafb7b417a76142ee812760b9b82f1 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 1 Dec 2023 23:47:59 +0000 Subject: [PATCH 0898/1674] Fix bad whitespace in keyword argument assignment Signed-off-by: Thomas Daubney --- tests/scripts/test_psa_compliance.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 57e4fbd52..0d56ddfd9 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -51,7 +51,7 @@ def main(library_build_dir: str): in_tf_psa_crypto_repo = build_tree.looks_like_tf_psa_crypto_root(root_dir) crypto_name = build_tree.crypto_library_filename(root_dir) - library_subdir = build_tree.crypto_core_directory(root_dir, relative = True) + library_subdir = build_tree.crypto_core_directory(root_dir, relative=True) crypto_lib_filename = (library_build_dir + '/' + library_subdir + '/' + From 3be850782c8d89edffae4ca813a6203ba514d15b Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 4 Dec 2023 09:58:54 +0800 Subject: [PATCH 0899/1674] fix various issues - improve comments - rename function and macros name - remove unnecessary comments - remove extra empty lines - remove unnecessary condition Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 61 +++++++++++++------------------------- 1 file changed, 21 insertions(+), 40 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 7d5362caf..2e51572a6 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2758,7 +2758,6 @@ static int ssl_tls13_write_certificate_verify(mbedtls_ssl_context *ssl) } #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */ - /* * RFC 8446 section A.2 * @@ -2795,11 +2794,15 @@ static int ssl_tls13_write_certificate_verify(mbedtls_ssl_context *ssl) * * * The following function handles the state changes after WAIT_FLIGHT2 in the - * above diagram. + * above diagram. We are not going to receive early data related messages + * anymore, prepare to receive the first handshake message of the client + * second flight. */ -static void ssl_tls13_process_wait_flight2(mbedtls_ssl_context *ssl) +static void ssl_tls13_prepare_for_handshake_second_flight( + mbedtls_ssl_context *ssl) { - MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_tls13_process_wait_flight2")); + MBEDTLS_SSL_DEBUG_MSG( + 2, ("=> ssl_tls13_prepare_for_handshake_second_flight")); if (ssl->handshake->certificate_request_sent) { mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); @@ -2809,7 +2812,8 @@ static void ssl_tls13_process_wait_flight2(mbedtls_ssl_context *ssl) mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); } - MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_tls13_process_wait_flight2")); + MBEDTLS_SSL_DEBUG_MSG( + 2, ("<= ssl_tls13_prepare_for_handshake_second_flight")); } /* @@ -2850,7 +2854,7 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) "( K_recv = handshake )")); mbedtls_ssl_set_inbound_transform(ssl, ssl->handshake->transform_handshake); - ssl_tls13_process_wait_flight2(ssl); + ssl_tls13_prepare_for_handshake_second_flight(ssl); return 0; } @@ -2859,13 +2863,14 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) /* * Handler for MBEDTLS_SSL_END_OF_EARLY_DATA */ -#define SSL_END_OF_EARLY_GOT_END_OF_EARLY_DATA 0 -#define SSL_END_OF_EARLY_GOT_APPLICATION_DATA 1 +#define SSL_GOT_END_OF_EARLY_DATA 0 +#define SSL_GOT_APPLICATION_DATA 1 /* Coordination: - * Deals with the ambiguity of not knowing if a EndOfEarlyData will be sent. + * Deals with the ambiguity of not knowing if the next message is an + * EndOfEarlyData message or an application message containing early data. * Returns a negative code on failure, or - * - SSL_END_OF_EARLY_GOT_END_OF_EARLY_DATA - * - SSL_END_OF_EARLY_GOT_APPLICATION_DATA + * - SSL_GOT_END_OF_EARLY_DATA + * - SSL_GOT_APPLICATION_DATA * indicating which message is received. */ MBEDTLS_CHECK_RETURN_CRITICAL @@ -2882,12 +2887,12 @@ static int ssl_tls13_end_of_early_data_coordinate(mbedtls_ssl_context *ssl) if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && ssl->in_msg[0] == MBEDTLS_SSL_HS_END_OF_EARLY_DATA) { MBEDTLS_SSL_DEBUG_MSG(3, ("got end_of_early_data message.")); - return SSL_END_OF_EARLY_GOT_END_OF_EARLY_DATA; + return SSL_GOT_END_OF_EARLY_DATA; } if (ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA) { MBEDTLS_SSL_DEBUG_MSG(3, ("got application_data message")); - return SSL_END_OF_EARLY_GOT_APPLICATION_DATA; + return SSL_GOT_APPLICATION_DATA; } MBEDTLS_SSL_DEBUG_MSG(1, ("got unexpected message.")); @@ -2918,13 +2923,6 @@ static int ssl_tls13_process_early_application_data(mbedtls_ssl_context *ssl) return ret; } - ret = MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; - if (ssl->in_msgtype != MBEDTLS_SSL_MSG_APPLICATION_DATA) { - MBEDTLS_SSL_DEBUG_MSG( - 2, ("Unexpected message type %d", ssl->in_msgtype)); - return ret; - } - /* * Output early data * @@ -2992,7 +2990,7 @@ static int ssl_tls13_process_end_of_early_data(mbedtls_ssl_context *ssl) MBEDTLS_SSL_PROC_CHK_NEG(ssl_tls13_end_of_early_data_coordinate(ssl)); - if (ret == SSL_END_OF_EARLY_GOT_END_OF_EARLY_DATA) { + if (ret == SSL_GOT_END_OF_EARLY_DATA) { unsigned char *buf; size_t buf_len; @@ -3013,9 +3011,9 @@ static int ssl_tls13_process_end_of_early_data(mbedtls_ssl_context *ssl) ssl, MBEDTLS_SSL_HS_END_OF_EARLY_DATA, buf, buf_len)); - ssl_tls13_process_wait_flight2(ssl); + ssl_tls13_prepare_for_handshake_second_flight(ssl); - } else if (ret == SSL_END_OF_EARLY_GOT_APPLICATION_DATA) { + } else if (ret == SSL_GOT_APPLICATION_DATA) { MBEDTLS_SSL_PROC_CHK(ssl_tls13_process_early_application_data(ssl)); } else { MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); @@ -3023,7 +3021,6 @@ static int ssl_tls13_process_end_of_early_data(mbedtls_ssl_context *ssl) goto cleanup; } - cleanup: MBEDTLS_SSL_DEBUG_MSG(2, ("<= ssl_tls13_process_end_of_early_data")); return ret; @@ -3450,22 +3447,6 @@ int mbedtls_ssl_tls13_handshake_server_step(mbedtls_ssl_context *ssl) break; #endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */ - /* RFC 8446 section A.2 - * - * | Send Finished ( SERVER_FINISHED ) - * | K_send = application - * +--------+--------+ - * No 0-RTT | | 0-RTT - * | | - * K_recv = handshake | | K_recv = early data - * [Skip decrypt errors] | +------> WAIT_EOED -+ - * | | Recv | | Recv EndOfEarlyData - * | | early data | | K_recv = handshake - * | +------------+ | - * | | - * +> WAIT_FLIGHT2 <--------+ - * | - */ case MBEDTLS_SSL_SERVER_FINISHED: ret = ssl_tls13_write_server_finished(ssl); break; From fbf039932ad0a824b3b222b659c4ec76bd35bc2e Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 4 Dec 2023 10:00:37 +0800 Subject: [PATCH 0900/1674] Send decode error alert when EOED parsing fail Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 2e51572a6..65688cffc 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2910,7 +2910,12 @@ static int ssl_tls13_parse_end_of_early_data(mbedtls_ssl_context *ssl, * struct {} EndOfEarlyData; */ ((void) ssl); - return buf == end ? 0 : MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; + if (buf != end) { + MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR, + MBEDTLS_ERR_SSL_DECODE_ERROR); + return MBEDTLS_ERR_SSL_DECODE_ERROR; + } + return 0; } MBEDTLS_CHECK_RETURN_CRITICAL From 7bb40a36503f5a649141d3a69b1371c63e804e4b Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 4 Dec 2023 10:04:15 +0800 Subject: [PATCH 0901/1674] send unexpected alert when not received eoed or app during reading early data Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 65688cffc..1c359a268 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2897,6 +2897,8 @@ static int ssl_tls13_end_of_early_data_coordinate(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG(1, ("got unexpected message.")); + MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE, + MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE); return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; } From fb0f47b1f8c7dc79a4ac550747796f02b76949b9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 4 Dec 2023 15:27:28 +0800 Subject: [PATCH 0902/1674] tls13: srv: check tls version in ClientHello with min_tls_version When server is configured as TLS 1.3 only and receives ClientHello from a TLS 1.2 only client, it's expected to abort the handshake instead of downgrading protocol to TLS 1.2 and continuing handshake. This commit adds a check to make sure server min_tls_version always larger than received version in ClientHello. Signed-off-by: Yanray Wang --- library/ssl_tls13_server.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index d983a0039..b3f25b5e8 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1920,6 +1920,15 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl) * will dispatch to the TLS 1.2 state machine. */ if (SSL_CLIENT_HELLO_TLS1_2 == parse_client_hello_ret) { + /* Check if server supports TLS 1.2 */ + if (ssl->conf->min_tls_version > MBEDTLS_SSL_VERSION_TLS1_2) { + MBEDTLS_SSL_DEBUG_MSG( + 1, ("Unsupported version of TLS 1.2 was received")); + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, + MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + } ssl->keep_current_message = 1; ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; return 0; From 3d82ffce5bd6c00d3b96f214326b8c3c0b91c6ec Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 4 Dec 2023 15:32:20 +0800 Subject: [PATCH 0903/1674] ssl-opt: test handshake for TLS 1.2 only cli with TLS 1.3 only srv Signed-off-by: Yanray Wang --- tests/ssl-opt.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 4762285b0..e67cf02f0 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -11613,6 +11613,22 @@ run_test "TLS 1.3: Not supported version check:openssl: srv max TLS 1.2" \ -S "Version: TLS1.2" \ -C "Protocol : TLSv1.2" +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_SRV_C +run_test "TLS 1.3 m->m: Not supported version check: cli TLS 1.2 only, srv TLS 1.3 only, fail" \ + "$P_SRV debug_level=4 max_version=tls13 min_version=tls13" \ + "$P_CLI debug_level=4 max_version=tls12 min_version=tls12" \ + 1 \ + -c "The SSL configuration is tls12 only" \ + -c "supported_versions(43) extension does not exist." \ + -c "A fatal alert message was received from our peer" \ + -s "The SSL configuration is tls13 only" \ + -s "Unsupported version of TLS 1.2 was received" \ + -s "! mbedtls_ssl_handshake returned" + requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C From 40a93dff3291682ffaad1d873fdbf9bad470b40d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 13 Nov 2023 10:14:47 +0100 Subject: [PATCH 0904/1674] all.sh: keep CTR_DRBG enabled in test_psa_crypto_config_accel_cipher_aead() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 462597ba6..3e4baa71e 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3729,7 +3729,6 @@ common_psa_crypto_config_accel_cipher_aead() { scripts/config.py unset MBEDTLS_PKCS5_C scripts/config.py unset MBEDTLS_PKCS12_C - scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py unset MBEDTLS_NIST_KW_C } From fbefe04bf3fa8e2a1e6233251a3d755b8501eda2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 13 Nov 2023 10:15:43 +0100 Subject: [PATCH 0905/1674] check_config: fix requirements for CTR_DRBG The module now depends on either: - AES_C, which is the default and the preferred solution for backward compatibility - CRYPTO_C + KEY_TYPE_AES + ALG_ECB_NO_PADDINTG, which is the new solution when AES_C is not defined Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 9b5b6467e..34ddcb159 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -153,7 +153,9 @@ #endif /* not all curves accelerated */ #endif /* some curve accelerated */ -#if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_CTR_DRBG_C) && !(defined(MBEDTLS_AES_C) || \ + (defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_KEY_TYPE_AES) && \ + defined(PSA_WANT_ALG_ECB_NO_PADDING))) #error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites" #endif From 5f4b28defc85f95498e0dc9332c2a094d0125cb4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 13 Nov 2023 10:18:16 +0100 Subject: [PATCH 0906/1674] ctr_drbg: add alternative PSA implementation when AES_C is not defined Signed-off-by: Valerio Setti --- include/mbedtls/ctr_drbg.h | 18 +++++ library/ctr_drbg.c | 148 ++++++++++++++++++++++++++++++++++++- 2 files changed, 164 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h index d1f19e607..c00756df1 100644 --- a/include/mbedtls/ctr_drbg.h +++ b/include/mbedtls/ctr_drbg.h @@ -32,7 +32,14 @@ #include "mbedtls/build_info.h" +/* In case AES_C is defined then it is the primary option for backward + * compatibility purposes. If that's not available, PSA is used instead */ +#if defined(MBEDTLS_AES_C) #include "mbedtls/aes.h" +#else +#include "psa/crypto.h" +#endif + #include "entropy.h" #if defined(MBEDTLS_THREADING_C) @@ -150,6 +157,13 @@ extern "C" { #define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN (MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2 #endif +#if !defined(MBEDTLS_AES_C) +typedef struct mbedtls_ctr_drbg_psa_context { + mbedtls_svc_key_id_t key_id; + psa_cipher_operation_t operation; +} mbedtls_ctr_drbg_psa_context; +#endif + /** * \brief The CTR_DRBG context structure. */ @@ -175,7 +189,11 @@ typedef struct mbedtls_ctr_drbg_context { * This is the maximum number of requests * that can be made between reseedings. */ +#if defined(MBEDTLS_AES_C) mbedtls_aes_context MBEDTLS_PRIVATE(aes_ctx); /*!< The AES context. */ +#else + mbedtls_ctr_drbg_psa_context MBEDTLS_PRIVATE(psa_ctx); /*!< The PSA context. */ +#endif /* * Callbacks (Entropy) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index cf3816e9f..da34f950b 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -24,15 +24,60 @@ #include #endif +/* Using error translation functions from PSA to MbedTLS */ +#if !defined(MBEDTLS_AES_C) +#include "psa_util_internal.h" +#endif + #include "mbedtls/platform.h" +#if !defined(MBEDTLS_AES_C) +static psa_status_t ctr_drbg_setup_psa_context(mbedtls_ctr_drbg_psa_context *psa_ctx, + unsigned char *key, size_t key_len) +{ + psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status; + + psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_ENCRYPT); + psa_set_key_algorithm(&key_attr, PSA_ALG_ECB_NO_PADDING); + psa_set_key_type(&key_attr, PSA_KEY_TYPE_AES); + status = psa_import_key(&key_attr, key, key_len, &psa_ctx->key_id); + if (status != PSA_SUCCESS) { + goto exit; + } + + status = psa_cipher_encrypt_setup(&psa_ctx->operation, psa_ctx->key_id, PSA_ALG_ECB_NO_PADDING); + if (status != PSA_SUCCESS) { + goto exit; + } + +exit: + psa_reset_key_attributes(&key_attr); + return status; +} + +static void ctr_drbg_destroy_psa_contex(mbedtls_ctr_drbg_psa_context *psa_ctx) +{ + psa_cipher_abort(&psa_ctx->operation); + psa_destroy_key(psa_ctx->key_id); + + psa_ctx->operation = psa_cipher_operation_init(); + psa_ctx->key_id = MBEDTLS_SVC_KEY_ID_INIT; +} +#endif + /* * CTR_DRBG context initialization */ void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx) { memset(ctx, 0, sizeof(mbedtls_ctr_drbg_context)); +#if defined(MBEDTLS_AES_C) mbedtls_aes_init(&ctx->aes_ctx); +#else + ctx->psa_ctx.key_id = MBEDTLS_SVC_KEY_ID_INIT; + ctx->psa_ctx.operation = psa_cipher_operation_init(); +#endif /* Indicate that the entropy nonce length is not set explicitly. * See mbedtls_ctr_drbg_set_nonce_len(). */ ctx->reseed_counter = -1; @@ -56,7 +101,11 @@ void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx) mbedtls_mutex_free(&ctx->mutex); } #endif +#if defined(MBEDTLS_AES_C) mbedtls_aes_free(&ctx->aes_ctx); +#else + ctr_drbg_destroy_psa_contex(&ctx->psa_ctx); +#endif mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ctr_drbg_context)); ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL; ctx->reseed_counter = -1; @@ -117,8 +166,17 @@ static int block_cipher_df(unsigned char *output, unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE]; unsigned char chain[MBEDTLS_CTR_DRBG_BLOCKSIZE]; unsigned char *p, *iv; - mbedtls_aes_context aes_ctx; int ret = 0; +#if defined(MBEDTLS_AES_C) + mbedtls_aes_context aes_ctx; +#else + psa_status_t status; + size_t tmp_len; + mbedtls_ctr_drbg_psa_context psa_ctx; + + psa_ctx.key_id = MBEDTLS_SVC_KEY_ID_INIT; + psa_ctx.operation = psa_cipher_operation_init(); +#endif int i, j; size_t buf_len, use_len; @@ -129,7 +187,6 @@ static int block_cipher_df(unsigned char *output, memset(buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16); - mbedtls_aes_init(&aes_ctx); /* * Construct IV (16 bytes) and S in buffer @@ -151,10 +208,20 @@ static int block_cipher_df(unsigned char *output, key[i] = i; } +#if defined(MBEDTLS_AES_C) + mbedtls_aes_init(&aes_ctx); + if ((ret = mbedtls_aes_setkey_enc(&aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS)) != 0) { goto exit; } +#else + status = ctr_drbg_setup_psa_context(&psa_ctx, key, sizeof(key)); + if (status != PSA_SUCCESS) { + ret = psa_generic_status_to_mbedtls(status); + goto exit; + } +#endif /* * Reduce data to MBEDTLS_CTR_DRBG_SEEDLEN bytes of data @@ -170,10 +237,19 @@ static int block_cipher_df(unsigned char *output, use_len -= (use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE) ? MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len; +#if defined(MBEDTLS_AES_C) if ((ret = mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT, chain, chain)) != 0) { goto exit; } +#else + status = psa_cipher_update(&psa_ctx.operation, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE, + chain, MBEDTLS_CTR_DRBG_BLOCKSIZE, &tmp_len); + if (status != PSA_SUCCESS) { + ret = psa_generic_status_to_mbedtls(status); + goto exit; + } +#endif } memcpy(tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE); @@ -187,23 +263,46 @@ static int block_cipher_df(unsigned char *output, /* * Do final encryption with reduced data */ +#if defined(MBEDTLS_AES_C) if ((ret = mbedtls_aes_setkey_enc(&aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS)) != 0) { goto exit; } +#else + ctr_drbg_destroy_psa_contex(&psa_ctx); + + status = ctr_drbg_setup_psa_context(&psa_ctx, tmp, MBEDTLS_CTR_DRBG_KEYSIZE); + if (status != PSA_SUCCESS) { + ret = psa_generic_status_to_mbedtls(status); + goto exit; + } +#endif iv = tmp + MBEDTLS_CTR_DRBG_KEYSIZE; p = output; for (j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE) { +#if defined(MBEDTLS_AES_C) if ((ret = mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT, iv, iv)) != 0) { goto exit; } +#else + status = psa_cipher_update(&psa_ctx.operation, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE, + iv, MBEDTLS_CTR_DRBG_BLOCKSIZE, &tmp_len); + if (status != PSA_SUCCESS) { + ret = psa_generic_status_to_mbedtls(status); + goto exit; + } +#endif memcpy(p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE); p += MBEDTLS_CTR_DRBG_BLOCKSIZE; } exit: +#if defined(MBEDTLS_AES_C) mbedtls_aes_free(&aes_ctx); +#else + ctr_drbg_destroy_psa_contex(&psa_ctx); +#endif /* * tidy up the stack */ @@ -236,6 +335,10 @@ static int ctr_drbg_update_internal(mbedtls_ctr_drbg_context *ctx, unsigned char *p = tmp; int i, j; int ret = 0; +#if !defined(MBEDTLS_AES_C) + psa_status_t status; + size_t tmp_len; +#endif memset(tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN); @@ -252,10 +355,19 @@ static int ctr_drbg_update_internal(mbedtls_ctr_drbg_context *ctx, /* * Crypt counter block */ +#if defined(MBEDTLS_AES_C) if ((ret = mbedtls_aes_crypt_ecb(&ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p)) != 0) { goto exit; } +#else + status = psa_cipher_update(&ctx->psa_ctx.operation, ctx->counter, sizeof(ctx->counter), + p, MBEDTLS_CTR_DRBG_BLOCKSIZE, &tmp_len); + if (status != PSA_SUCCESS) { + ret = psa_generic_status_to_mbedtls(status); + goto exit; + } +#endif p += MBEDTLS_CTR_DRBG_BLOCKSIZE; } @@ -267,10 +379,20 @@ static int ctr_drbg_update_internal(mbedtls_ctr_drbg_context *ctx, /* * Update key and counter */ +#if defined(MBEDTLS_AES_C) if ((ret = mbedtls_aes_setkey_enc(&ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS)) != 0) { goto exit; } +#else + ctr_drbg_destroy_psa_contex(&ctx->psa_ctx); + + status = ctr_drbg_setup_psa_context(&ctx->psa_ctx, tmp, MBEDTLS_CTR_DRBG_KEYSIZE); + if (status != PSA_SUCCESS) { + ret = psa_generic_status_to_mbedtls(status); + goto exit; + } +#endif memcpy(ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE); @@ -447,10 +569,20 @@ int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx, good_nonce_len(ctx->entropy_len)); /* Initialize with an empty key. */ +#if defined(MBEDTLS_AES_C) if ((ret = mbedtls_aes_setkey_enc(&ctx->aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS)) != 0) { return ret; } +#else + psa_status_t status; + + status = ctr_drbg_setup_psa_context(&ctx->psa_ctx, key, MBEDTLS_CTR_DRBG_KEYSIZE); + if (status != PSA_SUCCESS) { + ret = psa_generic_status_to_mbedtls(status); + return status; + } +#endif /* Do the initial seeding. */ if ((ret = mbedtls_ctr_drbg_reseed_internal(ctx, custom, len, @@ -531,10 +663,22 @@ int mbedtls_ctr_drbg_random_with_add(void *p_rng, /* * Crypt counter block */ +#if defined(MBEDTLS_AES_C) if ((ret = mbedtls_aes_crypt_ecb(&ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, tmp)) != 0) { goto exit; } +#else + psa_status_t status; + size_t tmp_len; + + status = psa_cipher_update(&ctx->psa_ctx.operation, ctx->counter, sizeof(ctx->counter), + tmp, MBEDTLS_CTR_DRBG_BLOCKSIZE, &tmp_len); + if (status != PSA_SUCCESS) { + ret = psa_generic_status_to_mbedtls(status); + goto exit; + } +#endif use_len = (output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE) ? MBEDTLS_CTR_DRBG_BLOCKSIZE : output_len; From 402cfba4dce9bd954be534e3d0de4460dd7ec670 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 13 Nov 2023 10:24:32 +0100 Subject: [PATCH 0907/1674] psa: free RNG implementation before checking for remaining open key slots Signed-off-by: Valerio Setti --- include/psa/crypto_extra.h | 9 +++++++++ library/psa_crypto.c | 24 ++++++++++++------------ tests/include/test/psa_crypto_helpers.h | 11 ++++++++--- 3 files changed, 29 insertions(+), 15 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index ef29b77db..8005dcb2f 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -193,6 +193,15 @@ psa_status_t mbedtls_psa_register_se_key( /**@}*/ +/** + * \brief PSA random deinitialization. + * + * This function frees the RNG implementation used by PSA. + * + * This is an Mbed TLS extension. + */ +void mbedtls_psa_random_free(void); + /** * \brief Library deinitialization. * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 114994019..6caab03e1 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -7327,14 +7327,16 @@ static void mbedtls_psa_random_init(mbedtls_psa_random_context_t *rng) /** Deinitialize the PSA random generator. */ -static void mbedtls_psa_random_free(mbedtls_psa_random_context_t *rng) +void mbedtls_psa_random_free(void) { + if (global_data.rng_state != RNG_NOT_INITIALIZED) { #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - memset(rng, 0, sizeof(*rng)); + memset(&global_data.rng, 0, sizeof(global_data.rng)); #else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ - mbedtls_psa_drbg_free(MBEDTLS_PSA_RANDOM_STATE); - rng->entropy_free(&rng->entropy); + mbedtls_psa_drbg_free(MBEDTLS_PSA_RANDOM_STATE); + global_data.rng.entropy_free(&global_data.rng.entropy); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ + } } /** Seed the PSA random generator. @@ -7661,9 +7663,7 @@ psa_status_t mbedtls_psa_crypto_configure_entropy_sources( void mbedtls_psa_crypto_free(void) { psa_wipe_all_key_slots(); - if (global_data.rng_state != RNG_NOT_INITIALIZED) { - mbedtls_psa_random_free(&global_data.rng); - } + mbedtls_psa_random_free(); /* Wipe all remaining data, including configuration. * In particular, this sets all state indicator to the value * indicating "uninitialized". */ @@ -7714,6 +7714,11 @@ psa_status_t psa_crypto_init(void) } global_data.drivers_initialized = 1; + status = psa_initialize_key_slots(); + if (status != PSA_SUCCESS) { + goto exit; + } + /* Initialize and seed the random generator. */ mbedtls_psa_random_init(&global_data.rng); global_data.rng_state = RNG_INITIALIZED; @@ -7723,11 +7728,6 @@ psa_status_t psa_crypto_init(void) } global_data.rng_state = RNG_SEEDED; - status = psa_initialize_key_slots(); - if (status != PSA_SUCCESS) { - goto exit; - } - #if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS) status = psa_crypto_load_transaction(); if (status == PSA_SUCCESS) { diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index 04b90b923..f4c49fb02 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -34,6 +34,7 @@ #define PSA_DONE() \ do \ { \ + mbedtls_psa_random_free(); \ mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__); \ mbedtls_test_psa_purge_key_storage(); \ mbedtls_psa_crypto_free(); \ @@ -125,17 +126,21 @@ const char *mbedtls_test_helper_is_psa_leaking(void); /** Shut down the PSA Crypto subsystem, allowing persistent keys to survive. * Expect a clean shutdown, with no slots in use. + * mbedtls_psa_random_free() is called before any check for remaining open + * keys because when AES_C is not defined, CTR_DRBG relies on PSA to perform + * AES-ECB so it holds an open AES key for that since psa_crypto_init(). * * If some key slots are still in use, record the test case as failed and * jump to the `exit` label. */ #define PSA_SESSION_DONE() \ - do \ - { \ + do \ + { \ + mbedtls_psa_random_free(); \ mbedtls_test_psa_purge_key_cache(); \ ASSERT_PSA_PRISTINE(); \ mbedtls_psa_crypto_free(); \ - } \ + } \ while (0) From dc32ac20fd76b76a023e0d6360659adb216526c1 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 13 Nov 2023 10:27:56 +0100 Subject: [PATCH 0908/1674] test_suite_[ctr_drbg/random]: initialize/close PSA in tests This commit also adds AES_PSA_[INIT/DONE] in "psa_crypto_helpers.h". Its scope is to call PSA_[INIT/DONE] only when AES_C is not defined (which is when PSA is effectively required for CTR_DRBG). Signed-off-by: Valerio Setti --- tests/include/test/psa_crypto_helpers.h | 23 +++++++++++++++++++++++ tests/suites/test_suite_ctr_drbg.function | 20 ++++++++++++++++++++ tests/suites/test_suite_random.function | 9 +++++++++ 3 files changed, 52 insertions(+) diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index f4c49fb02..cd64dc7ad 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -397,4 +397,27 @@ uint64_t mbedtls_test_parse_binary_string(data_t *bin_string); #define MD_OR_USE_PSA_DONE() ((void) 0) #endif +/** \def AES_PSA_INIT + * + * Call this macro to initialize the PSA subsystem if AES_C is not defined, + * so that CTR_DRBG uses PSA implementation to get AES-ECB. + * + * If the initialization fails, mark the test case as failed and jump to the + * \p exit label. + */ +/** \def AES_PSA_DONE + * + * Call this macro at the end of a test case if you called #AES_PSA_INIT. + * + * This is like #PSA_DONE except it does nothing under the same conditions as + * #AES_PSA_INIT. + */ +#if defined(MBEDTLS_AES_C) +#define AES_PSA_INIT() ((void) 0) +#define AES_PSA_DONE() ((void) 0) +#else /* MBEDTLS_AES_C */ +#define AES_PSA_INIT() PSA_INIT() +#define AES_PSA_DONE() PSA_DONE() +#endif /* MBEDTLS_AES_C */ + #endif /* PSA_CRYPTO_HELPERS_H */ diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index c6896998e..066e70b35 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -137,10 +137,12 @@ void ctr_drbg_validate_no_reseed(data_t *add_init, data_t *entropy, data_t *result_string) { data_t empty = { 0, 0 }; + AES_PSA_INIT(); ctr_drbg_validate_internal(RESEED_NEVER, add_init, entropy->len, entropy, &empty, add1, add2, result_string); + AES_PSA_DONE(); goto exit; // goto is needed to avoid warning ( no test assertions in func) } /* END_CASE */ @@ -151,10 +153,12 @@ void ctr_drbg_validate_pr(data_t *add_init, data_t *entropy, data_t *result_string) { data_t empty = { 0, 0 }; + AES_PSA_INIT(); ctr_drbg_validate_internal(RESEED_ALWAYS, add_init, entropy->len / 3, entropy, &empty, add1, add2, result_string); + AES_PSA_DONE(); goto exit; // goto is needed to avoid warning ( no test assertions in func) } /* END_CASE */ @@ -164,10 +168,12 @@ void ctr_drbg_validate_reseed_between(data_t *add_init, data_t *entropy, data_t *add1, data_t *add_reseed, data_t *add2, data_t *result_string) { + AES_PSA_INIT(); ctr_drbg_validate_internal(RESEED_SECOND, add_init, entropy->len / 2, entropy, add_reseed, add1, add2, result_string); + AES_PSA_DONE(); goto exit; // goto is needed to avoid warning ( no test assertions in func) } /* END_CASE */ @@ -177,10 +183,12 @@ void ctr_drbg_validate_reseed_first(data_t *add_init, data_t *entropy, data_t *add1, data_t *add_reseed, data_t *add2, data_t *result_string) { + AES_PSA_INIT(); ctr_drbg_validate_internal(RESEED_FIRST, add_init, entropy->len / 2, entropy, add_reseed, add1, add2, result_string); + AES_PSA_DONE(); goto exit; // goto is needed to avoid warning ( no test assertions in func) } /* END_CASE */ @@ -196,6 +204,8 @@ void ctr_drbg_entropy_strength(int expected_bit_strength) size_t byte_strength = expected_bit_strength / 8; mbedtls_ctr_drbg_init(&ctx); + + AES_PSA_INIT(); test_offset_idx = 0; test_max_idx = sizeof(entropy); memset(entropy, 0, sizeof(entropy)); @@ -214,6 +224,7 @@ void ctr_drbg_entropy_strength(int expected_bit_strength) exit: mbedtls_ctr_drbg_free(&ctx); + AES_PSA_DONE(); } /* END_CASE */ @@ -228,6 +239,9 @@ void ctr_drbg_entropy_usage(int entropy_nonce_len) size_t expected_idx = 0; mbedtls_ctr_drbg_init(&ctx); + + AES_PSA_INIT(); + test_offset_idx = 0; test_max_idx = sizeof(entropy); memset(entropy, 0, sizeof(entropy)); @@ -307,6 +321,7 @@ void ctr_drbg_entropy_usage(int entropy_nonce_len) exit: mbedtls_ctr_drbg_free(&ctx); + AES_PSA_DONE(); } /* END_CASE */ @@ -317,6 +332,8 @@ void ctr_drbg_seed_file(char *path, int ret) mbedtls_ctr_drbg_init(&ctx); + AES_PSA_INIT(); + TEST_ASSERT(mbedtls_ctr_drbg_seed(&ctx, mbedtls_test_rnd_std_rand, NULL, NULL, 0) == 0); TEST_ASSERT(mbedtls_ctr_drbg_write_seed_file(&ctx, path) == ret); @@ -324,12 +341,15 @@ void ctr_drbg_seed_file(char *path, int ret) exit: mbedtls_ctr_drbg_free(&ctx); + AES_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void ctr_drbg_selftest() { + AES_PSA_INIT(); TEST_ASSERT(mbedtls_ctr_drbg_self_test(1) == 0); + AES_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_random.function b/tests/suites/test_suite_random.function index 58cddb715..155b8e708 100644 --- a/tests/suites/test_suite_random.function +++ b/tests/suites/test_suite_random.function @@ -26,7 +26,12 @@ void random_twice_with_ctr_drbg() unsigned char output1[OUTPUT_SIZE]; unsigned char output2[OUTPUT_SIZE]; +#if defined(MBEDTLS_AES_C) MD_PSA_INIT(); +#else + USE_PSA_INIT(); +#endif + /* First round */ mbedtls_entropy_init(&entropy); @@ -56,7 +61,11 @@ void random_twice_with_ctr_drbg() exit: mbedtls_ctr_drbg_free(&drbg); mbedtls_entropy_free(&entropy); +#if defined(MBEDTLS_AES_C) MD_PSA_DONE(); +#else + USE_PSA_DONE(); +#endif } /* END_CASE */ From 0a903db804e45ae53888cfc4b0ac235344e6807f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 13 Nov 2023 10:29:53 +0100 Subject: [PATCH 0909/1674] test_suite_psa_crypto_slot_management: some fix for available key slots When AES_C is not defined, CTR_DRBG relies on PSA to get AES-ECB. This means that PSA holds an open AES key since psa_crypto_init() is called, which - reduces the maximum number of available key slots - shifts the 1st available index Signed-off-by: Valerio Setti --- ..._suite_psa_crypto_slot_management.function | 40 +++++++++---------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index b4f2d234e..2137aba22 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -90,8 +90,10 @@ static int invalidate_psa(invalidate_method_t invalidate_method) break; } - PSA_ASSERT(psa_crypto_init()); + /* When AES_C is not defined CTR_DRBG relies on PSA to get AES-ECB so it + * holds an open key once psa_crypto_init() is called. */ ASSERT_PSA_PRISTINE(); + PSA_ASSERT(psa_crypto_init()); return 1; exit: @@ -746,19 +748,12 @@ void invalid_handle(int handle_construction, * MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) is a volatile * key identifier as the imported key is a volatile key. Volatile * key identifiers are in the range from PSA_KEY_ID_VOLATILE_MIN - * to PSA_KEY_ID_VOLATILE_MAX included. Thus pick a key identifier - * in the range from PSA_KEY_ID_VOLATILE_MIN to - * PSA_KEY_ID_VOLATILE_MAX different from - * MBEDTLS_SVC_KEY_ID_GET_KEY_ID( valid_handle ) to build an - * unopened and thus invalid identifier. + * to PSA_KEY_ID_VOLATILE_MAX included. It is very unlikely that + * all IDs are used up to the last one, so pick + * PSA_KEY_ID_VOLATILE_MAX to build an unopened and thus invalid + * identifier. */ - - if (MBEDTLS_SVC_KEY_ID_GET_KEY_ID(valid_handle) == - PSA_KEY_ID_VOLATILE_MIN) { - key_id = PSA_KEY_ID_VOLATILE_MIN + 1; - } else { - key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(valid_handle) - 1; - } + key_id = PSA_KEY_ID_VOLATILE_MAX; invalid_handle = mbedtls_svc_key_id_make(0, key_id); @@ -938,11 +933,16 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation() mbedtls_svc_key_id_t persistent_key2 = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT; mbedtls_svc_key_id_t *keys = NULL; + mbedtls_psa_stats_t psa_key_slots_stats; + size_t available_key_slots = 0; TEST_ASSERT(MBEDTLS_PSA_KEY_SLOT_COUNT >= 1); - TEST_CALLOC(keys, MBEDTLS_PSA_KEY_SLOT_COUNT); PSA_ASSERT(psa_crypto_init()); + mbedtls_psa_get_stats(&psa_key_slots_stats); + available_key_slots = psa_key_slots_stats.empty_slots; + + TEST_CALLOC(keys, available_key_slots); psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY); @@ -961,10 +961,10 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation() TEST_ASSERT(mbedtls_svc_key_id_equal(returned_key_id, persistent_key)); /* - * Create MBEDTLS_PSA_KEY_SLOT_COUNT volatile keys + * Create the maximum available number of volatile keys */ psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_VOLATILE); - for (i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++) { + for (i = 0; i < available_key_slots; i++) { PSA_ASSERT(psa_import_key(&attributes, (uint8_t *) &i, sizeof(i), &keys[i])); @@ -983,12 +983,12 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation() * Check we can export the volatile key created last and that it has the * expected value. Then, destroy it. */ - PSA_ASSERT(psa_export_key(keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1], + PSA_ASSERT(psa_export_key(keys[available_key_slots - 1], exported, sizeof(exported), &exported_length)); - i = MBEDTLS_PSA_KEY_SLOT_COUNT - 1; + i = available_key_slots - 1; TEST_MEMORY_COMPARE(exported, exported_length, (uint8_t *) &i, sizeof(i)); - PSA_ASSERT(psa_destroy_key(keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1])); + PSA_ASSERT(psa_destroy_key(keys[available_key_slots - 1])); /* * Check that we can now access the persistent key again. @@ -1011,7 +1011,7 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation() * Check we can export the remaining volatile keys and that they have the * expected values. */ - for (i = 0; i < (MBEDTLS_PSA_KEY_SLOT_COUNT - 1); i++) { + for (i = 0; i < (available_key_slots - 1); i++) { PSA_ASSERT(psa_export_key(keys[i], exported, sizeof(exported), &exported_length)); From 6ef82ae39dd6dac197447a53a39dd3def527446a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 13 Nov 2023 10:32:34 +0100 Subject: [PATCH 0910/1674] test_suite_psa_crypto_driver_wrappers: improving driver access counters When AES_C is not defined CTR_DRBG relies on PSA to get AES-ECB. This means that, when AES-ECB is accelerated, each random operation goes through driver access as well. This might result in unexpectedly increased counters for driver's access. We add extra counters in test_driver_[cipher/key_management].c to be more specific on which driver functions are accessed and ignore extra accesses due to CTR_DRBG. Signed-off-by: Valerio Setti --- tests/include/test/drivers/cipher.h | 3 +- tests/include/test/drivers/key_management.h | 4 +- tests/src/drivers/test_driver_cipher.c | 1 + .../src/drivers/test_driver_key_management.c | 1 + ..._suite_psa_crypto_driver_wrappers.function | 37 ++++++++++++++++--- 5 files changed, 38 insertions(+), 8 deletions(-) diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 950a17440..2e299da72 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -25,9 +25,10 @@ typedef struct { psa_status_t forced_status; /* Count the amount of times one of the cipher driver functions is called. */ unsigned long hits; + unsigned long cipher_encrypt_hits; } mbedtls_test_driver_cipher_hooks_t; -#define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0 } +#define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0, 0 } static inline mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks_init(void) { diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 9e2c89885..24ecbc3c5 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -26,6 +26,8 @@ typedef struct { /* Count the amount of times one of the key management driver functions * is called. */ unsigned long hits; + /* Subset of hits which only counts key operations with EC key */ + unsigned long export_public_key_hits; /* Location of the last key management driver called to import a key. */ psa_key_location_t location; } mbedtls_test_driver_key_management_hooks_t; @@ -34,7 +36,7 @@ typedef struct { * sense that no PSA specification will assign a meaning to this location * (stated first in version 1.0.1 of the specification) and that it is not * used as a location of an opaque test drivers. */ -#define MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0, 0x800000 } +#define MBEDTLS_TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_SUCCESS, 0, 0, 0x800000 } static inline mbedtls_test_driver_key_management_hooks_t mbedtls_test_driver_key_management_hooks_init(void) { diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 678d8d5d6..324590c0a 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -41,6 +41,7 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt( size_t *output_length) { mbedtls_test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits++; if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 6442f2231..f73ae97f6 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -529,6 +529,7 @@ psa_status_t mbedtls_test_transparent_export_public_key( uint8_t *data, size_t data_size, size_t *data_length) { ++mbedtls_test_driver_key_management_hooks.hits; + ++mbedtls_test_driver_key_management_hooks.export_public_key_hits; if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { return mbedtls_test_driver_key_management_hooks.forced_status; diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 1d96f72ac..7a41fc2f9 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -845,10 +845,10 @@ void validate_key(int force_status_arg, psa_set_key_bits(&attributes, 0); psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT); - mbedtls_test_driver_key_management_hooks.forced_status = force_status; - PSA_ASSERT(psa_crypto_init()); + mbedtls_test_driver_key_management_hooks.hits = 0; + mbedtls_test_driver_key_management_hooks.forced_status = force_status; actual_status = psa_import_key(&attributes, key_input->x, key_input->len, &key); TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits, 1); TEST_EQUAL(actual_status, expected_status); @@ -906,6 +906,7 @@ void export_key(int force_status_arg, } mbedtls_test_driver_key_management_hooks.hits = 0; + mbedtls_test_driver_key_management_hooks.export_public_key_hits = 0; mbedtls_test_driver_key_management_hooks.forced_status = force_status; if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(output_key_type)) { @@ -923,7 +924,7 @@ void export_key(int force_status_arg, if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(output_key_type) && !PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(input_key_type)) { - TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_key_management_hooks.export_public_key_hits, 1); } if (actual_status == PSA_SUCCESS) { @@ -1059,9 +1060,11 @@ void cipher_encrypt_validation(int alg_arg, PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, &key)); + mbedtls_test_driver_cipher_hooks.hits = 0; + mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits = 0; PSA_ASSERT(psa_cipher_encrypt(key, alg, input->x, input->len, output1, output1_buffer_size, &output1_length)); - TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); @@ -1161,6 +1164,7 @@ void cipher_encrypt_multipart(int alg_arg, PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, &key)); + mbedtls_test_driver_cipher_hooks.hits = 0; PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; @@ -1289,6 +1293,7 @@ void cipher_decrypt_multipart(int alg_arg, PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, &key)); + mbedtls_test_driver_cipher_hooks.hits = 0; PSA_ASSERT(psa_cipher_decrypt_setup(&operation, key, alg)); TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); mbedtls_test_driver_cipher_hooks.hits = 0; @@ -1414,6 +1419,7 @@ void cipher_decrypt(int alg_arg, mbedtls_test_driver_cipher_hooks.forced_output_length = expected_output->len; } + mbedtls_test_driver_cipher_hooks.hits = 0; status = psa_cipher_decrypt(key, alg, input, input_buffer_size, output, output_buffer_size, &output_length); TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); @@ -1468,10 +1474,12 @@ void cipher_entry_points(int alg_arg, int key_type_arg, * First test that if we don't force a driver error, encryption is * successful, then force driver error. */ + mbedtls_test_driver_cipher_hooks.hits = 0; + mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits = 0; status = psa_cipher_encrypt( key, alg, input->x, input->len, output, output_buffer_size, &function_output_length); - TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits, 1); TEST_EQUAL(status, PSA_SUCCESS); mbedtls_test_driver_cipher_hooks.hits = 0; @@ -1481,10 +1489,19 @@ void cipher_entry_points(int alg_arg, int key_type_arg, output[i] = 0xa5; } + mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits = 0; status = psa_cipher_encrypt( key, alg, input->x, input->len, output, output_buffer_size, &function_output_length); - TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); +#if defined(MBEDTLS_AES_C) + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits, 1); +#else + /* The call to psa_cipher_encrypt() is intentionally supposed to fail on the + * 1st access to the driver since "forced_status" is set. However this + * initial access happens in psa_cipher_update() (random number generation + * for IV) so psa_cipher_encrypt() never gets called. */ + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits, 0); +#endif TEST_EQUAL(status, PSA_ERROR_GENERIC_ERROR); /* * Check that the output buffer is still in the same state. @@ -1554,7 +1571,15 @@ void cipher_entry_points(int alg_arg, int key_type_arg, status = psa_cipher_generate_iv(&operation, output, 16, &function_output_length); /* When generating the IV fails, it should call abort too */ +#if defined(MBEDTLS_AES_C) TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2); +#else + /* Previously failed call to psa_cipher_encrypt() above caused PSA to abort + * the cipher operation related to RNG. Therefore this call to + * psa_cipher_generate_iv() will failed due to unitialized RNG. Only the + * last driver call to psa_cipher_abort() remains. */ + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); +#endif TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); /* * Check that the output buffer is still in the same state. From 45337a88954105374118d8d21f8742871169e4d6 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 23 Nov 2023 14:35:02 +0100 Subject: [PATCH 0911/1674] test_suite_psa_crypto_driver_wrappers: add counter for cipher_update() Signed-off-by: Valerio Setti --- tests/include/test/drivers/cipher.h | 3 ++- tests/src/drivers/test_driver_cipher.c | 1 + tests/suites/test_suite_psa_crypto_driver_wrappers.function | 4 ++-- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 2e299da72..71682303c 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -26,9 +26,10 @@ typedef struct { /* Count the amount of times one of the cipher driver functions is called. */ unsigned long hits; unsigned long cipher_encrypt_hits; + unsigned long cipher_update_hits; } mbedtls_test_driver_cipher_hooks_t; -#define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0, 0 } +#define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0, 0, 0 } static inline mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks_init(void) { diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 324590c0a..76ccdcffb 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -234,6 +234,7 @@ psa_status_t mbedtls_test_transparent_cipher_update( size_t *output_length) { mbedtls_test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.cipher_update_hits++; if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 7a41fc2f9..4fbc5e4b9 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1489,7 +1489,7 @@ void cipher_entry_points(int alg_arg, int key_type_arg, output[i] = 0xa5; } - mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits = 0; + mbedtls_test_driver_cipher_hooks.cipher_update_hits = 0; status = psa_cipher_encrypt( key, alg, input->x, input->len, output, output_buffer_size, &function_output_length); @@ -1500,7 +1500,7 @@ void cipher_entry_points(int alg_arg, int key_type_arg, * 1st access to the driver since "forced_status" is set. However this * initial access happens in psa_cipher_update() (random number generation * for IV) so psa_cipher_encrypt() never gets called. */ - TEST_EQUAL(mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits, 0); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.cipher_update_hits, 1); #endif TEST_EQUAL(status, PSA_ERROR_GENERIC_ERROR); /* From 7ab90723c4f85082bcd1dd6ca5ba576c9ff4e189 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 23 Nov 2023 16:29:51 +0100 Subject: [PATCH 0912/1674] mbedtls_config: update descriptions of MBEDTLS_CTR_DRBG_C and MBEDTLS_PSA_CRYPTO_C Signed-off-by: Valerio Setti --- include/mbedtls/mbedtls_config.h | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 96a3e437d..758a51424 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2607,6 +2607,13 @@ * The CTR_DRBG generator uses AES-256 by default. * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above. * + * AES support can either be achived through builtin (MBEDTLS_AES_C) or PSA. + * Builtin is the default option when MBEDTLS_AES_C is defined otherwise PSA + * is used. + * + * \warning When using PSA, the user should call `psa_crypto_init()` before + * using any CTR_DRBG operation (except `mbedtls_ctr_drbg_init()`). + * * \note AES-128 will be used if \c MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH is set. * * \note To achieve a 256-bit security strength with CTR_DRBG, @@ -2616,7 +2623,9 @@ * Module: library/ctr_drbg.c * Caller: * - * Requires: MBEDTLS_AES_C + * Requires: MBEDTLS_AES_C or + * (PSA_WANT_KEY_TYPE_AES and PSA_WANT_ALG_ECB_NO_PADDING and + * MBEDTLS_PSA_CRYPTO_C) * * This module provides the CTR_DRBG AES random number generator. */ @@ -3155,8 +3164,7 @@ * * Module: library/psa_crypto.c * - * Requires: MBEDTLS_CIPHER_C, - * either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C, + * Requires: either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C, * or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C, * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG. * From 7448367f68bba55da8ff2920cd5aec3584b8dfd9 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 24 Nov 2023 08:36:12 +0100 Subject: [PATCH 0913/1674] test_suite_psa_crypto_slot_management: modify check on open key slots This commit - Reverts changes previously done to psa_crypto_helpers.[c,h] - Implements a new check for open key slots in mbedtls_test_helper_is_psa_leaking(): - when CTR_DRBG does not use AES_C or PSA does not have an external RNG, then we allow 1 key slot (it's the one holding the AES key) - when the above conditions are not met, then we fallback to the usual check for "no open key slots remaining" Signed-off-by: Valerio Setti --- tests/include/test/psa_crypto_helpers.h | 11 +++-------- tests/src/psa_crypto_helpers.c | 11 +++++++++++ .../test_suite_psa_crypto_slot_management.function | 6 +++--- 3 files changed, 17 insertions(+), 11 deletions(-) diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index cd64dc7ad..0b8c22194 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -34,7 +34,6 @@ #define PSA_DONE() \ do \ { \ - mbedtls_psa_random_free(); \ mbedtls_test_fail_if_psa_leaking(__LINE__, __FILE__); \ mbedtls_test_psa_purge_key_storage(); \ mbedtls_psa_crypto_free(); \ @@ -126,21 +125,17 @@ const char *mbedtls_test_helper_is_psa_leaking(void); /** Shut down the PSA Crypto subsystem, allowing persistent keys to survive. * Expect a clean shutdown, with no slots in use. - * mbedtls_psa_random_free() is called before any check for remaining open - * keys because when AES_C is not defined, CTR_DRBG relies on PSA to perform - * AES-ECB so it holds an open AES key for that since psa_crypto_init(). * * If some key slots are still in use, record the test case as failed and * jump to the `exit` label. */ #define PSA_SESSION_DONE() \ - do \ - { \ - mbedtls_psa_random_free(); \ + do \ + { \ mbedtls_test_psa_purge_key_cache(); \ ASSERT_PSA_PRISTINE(); \ mbedtls_psa_crypto_free(); \ - } \ + } \ while (0) diff --git a/tests/src/psa_crypto_helpers.c b/tests/src/psa_crypto_helpers.c index d59a8f872..e1ea2b5c8 100644 --- a/tests/src/psa_crypto_helpers.c +++ b/tests/src/psa_crypto_helpers.c @@ -70,9 +70,20 @@ const char *mbedtls_test_helper_is_psa_leaking(void) mbedtls_psa_get_stats(&stats); +#if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C) && \ + !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) + /* When AES_C is not defined and PSA does not have an external RNG, + * then CTR_DRBG uses PSA to perform AES-ECB. In this scenario 1 key + * slot is used internally from PSA to hold the AES key and it should + * not be taken into account when evaluating remaining open slots. */ + if (stats.volatile_slots > 1) { + return "A volatile slot has not been closed properly."; + } +#else if (stats.volatile_slots != 0) { return "A volatile slot has not been closed properly."; } +#endif if (stats.persistent_slots != 0) { return "A persistent slot has not been closed properly."; } diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index 2137aba22..cc530e22c 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -90,10 +90,10 @@ static int invalidate_psa(invalidate_method_t invalidate_method) break; } - /* When AES_C is not defined CTR_DRBG relies on PSA to get AES-ECB so it - * holds an open key once psa_crypto_init() is called. */ - ASSERT_PSA_PRISTINE(); PSA_ASSERT(psa_crypto_init()); + + ASSERT_PSA_PRISTINE(); + return 1; exit: From 0ca1868fcdc582ba0c89adc747d855af089342e4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 24 Nov 2023 12:10:23 +0100 Subject: [PATCH 0914/1674] test_suite_psa_crypto_driver_wrappers: fix missing hit counter reset before test Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_driver_wrappers.function | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 4fbc5e4b9..43465527f 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1490,6 +1490,7 @@ void cipher_entry_points(int alg_arg, int key_type_arg, } mbedtls_test_driver_cipher_hooks.cipher_update_hits = 0; + mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits = 0; status = psa_cipher_encrypt( key, alg, input->x, input->len, output, output_buffer_size, &function_output_length); From 83e0de84815b3fc3e6012719b52e24548545ac3a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 24 Nov 2023 12:13:05 +0100 Subject: [PATCH 0915/1674] crypto_extra: revert changes to mbedtls_psa_random_free() Signed-off-by: Valerio Setti --- include/psa/crypto_extra.h | 9 --------- library/psa_crypto.c | 14 +++++++------- .../test_suite_psa_crypto_slot_management.function | 2 -- 3 files changed, 7 insertions(+), 18 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 8005dcb2f..ef29b77db 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -193,15 +193,6 @@ psa_status_t mbedtls_psa_register_se_key( /**@}*/ -/** - * \brief PSA random deinitialization. - * - * This function frees the RNG implementation used by PSA. - * - * This is an Mbed TLS extension. - */ -void mbedtls_psa_random_free(void); - /** * \brief Library deinitialization. * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 6caab03e1..c90119fe4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -7327,16 +7327,14 @@ static void mbedtls_psa_random_init(mbedtls_psa_random_context_t *rng) /** Deinitialize the PSA random generator. */ -void mbedtls_psa_random_free(void) +static void mbedtls_psa_random_free(mbedtls_psa_random_context_t *rng) { - if (global_data.rng_state != RNG_NOT_INITIALIZED) { #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - memset(&global_data.rng, 0, sizeof(global_data.rng)); + memset(rng, 0, sizeof(*rng)); #else /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ - mbedtls_psa_drbg_free(MBEDTLS_PSA_RANDOM_STATE); - global_data.rng.entropy_free(&global_data.rng.entropy); + mbedtls_psa_drbg_free(MBEDTLS_PSA_RANDOM_STATE); + rng->entropy_free(&rng->entropy); #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ - } } /** Seed the PSA random generator. @@ -7663,7 +7661,9 @@ psa_status_t mbedtls_psa_crypto_configure_entropy_sources( void mbedtls_psa_crypto_free(void) { psa_wipe_all_key_slots(); - mbedtls_psa_random_free(); + if (global_data.rng_state != RNG_NOT_INITIALIZED) { + mbedtls_psa_random_free(&global_data.rng); + } /* Wipe all remaining data, including configuration. * In particular, this sets all state indicator to the value * indicating "uninitialized". */ diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function index cc530e22c..8564d352a 100644 --- a/tests/suites/test_suite_psa_crypto_slot_management.function +++ b/tests/suites/test_suite_psa_crypto_slot_management.function @@ -91,9 +91,7 @@ static int invalidate_psa(invalidate_method_t invalidate_method) } PSA_ASSERT(psa_crypto_init()); - ASSERT_PSA_PRISTINE(); - return 1; exit: From 7ef35a9b3cb81e9de6c652961e69a79e88791e05 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 24 Nov 2023 12:51:42 +0100 Subject: [PATCH 0916/1674] test_suite_psa_crypto_driver_wrappers: add counter for failing psa_cipher_update() Signed-off-by: Valerio Setti --- tests/include/test/drivers/cipher.h | 2 +- tests/src/drivers/test_driver_cipher.c | 2 +- tests/suites/test_suite_psa_crypto_driver_wrappers.function | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 71682303c..67047afac 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -26,7 +26,7 @@ typedef struct { /* Count the amount of times one of the cipher driver functions is called. */ unsigned long hits; unsigned long cipher_encrypt_hits; - unsigned long cipher_update_hits; + unsigned long cipher_update_forced_status_hits; } mbedtls_test_driver_cipher_hooks_t; #define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0, 0, 0 } diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index 76ccdcffb..b9da5d244 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -234,7 +234,6 @@ psa_status_t mbedtls_test_transparent_cipher_update( size_t *output_length) { mbedtls_test_driver_cipher_hooks.hits++; - mbedtls_test_driver_cipher_hooks.cipher_update_hits++; if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { @@ -250,6 +249,7 @@ psa_status_t mbedtls_test_transparent_cipher_update( } if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { + ++mbedtls_test_driver_cipher_hooks.cipher_update_forced_status_hits; return mbedtls_test_driver_cipher_hooks.forced_status; } diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 43465527f..309b395c5 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1489,7 +1489,7 @@ void cipher_entry_points(int alg_arg, int key_type_arg, output[i] = 0xa5; } - mbedtls_test_driver_cipher_hooks.cipher_update_hits = 0; + mbedtls_test_driver_cipher_hooks.cipher_update_forced_status_hits = 0; mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits = 0; status = psa_cipher_encrypt( key, alg, input->x, input->len, @@ -1501,7 +1501,7 @@ void cipher_entry_points(int alg_arg, int key_type_arg, * 1st access to the driver since "forced_status" is set. However this * initial access happens in psa_cipher_update() (random number generation * for IV) so psa_cipher_encrypt() never gets called. */ - TEST_EQUAL(mbedtls_test_driver_cipher_hooks.cipher_update_hits, 1); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.cipher_update_forced_status_hits, 1); #endif TEST_EQUAL(status, PSA_ERROR_GENERIC_ERROR); /* From 829ce0facffb6d5a21708fc247fdd9750fba3816 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 27 Nov 2023 12:27:46 +0100 Subject: [PATCH 0917/1674] test_driver_cipher: add forced return status for encrypt and set_iv Signed-off-by: Valerio Setti --- tests/include/test/drivers/cipher.h | 10 +++-- tests/src/drivers/test_driver_cipher.c | 10 ++++- ..._suite_psa_crypto_driver_wrappers.function | 40 ++++++------------- 3 files changed, 27 insertions(+), 33 deletions(-) diff --git a/tests/include/test/drivers/cipher.h b/tests/include/test/drivers/cipher.h index 67047afac..2fe47e4d7 100644 --- a/tests/include/test/drivers/cipher.h +++ b/tests/include/test/drivers/cipher.h @@ -23,13 +23,17 @@ typedef struct { /* If not PSA_SUCCESS, return this error code instead of processing the * function call. */ psa_status_t forced_status; + psa_status_t forced_status_encrypt; + psa_status_t forced_status_set_iv; /* Count the amount of times one of the cipher driver functions is called. */ unsigned long hits; - unsigned long cipher_encrypt_hits; - unsigned long cipher_update_forced_status_hits; + unsigned long hits_encrypt; + unsigned long hits_set_iv; } mbedtls_test_driver_cipher_hooks_t; -#define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, PSA_SUCCESS, 0, 0, 0 } +#define MBEDTLS_TEST_DRIVER_CIPHER_INIT { NULL, 0, \ + PSA_SUCCESS, PSA_SUCCESS, PSA_SUCCESS, \ + 0, 0, 0 } static inline mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks_init(void) { diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c index b9da5d244..2bc751a8a 100644 --- a/tests/src/drivers/test_driver_cipher.c +++ b/tests/src/drivers/test_driver_cipher.c @@ -41,7 +41,7 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt( size_t *output_length) { mbedtls_test_driver_cipher_hooks.hits++; - mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits++; + mbedtls_test_driver_cipher_hooks.hits_encrypt++; if (mbedtls_test_driver_cipher_hooks.forced_output != NULL) { if (output_size < mbedtls_test_driver_cipher_hooks.forced_output_length) { @@ -59,6 +59,9 @@ psa_status_t mbedtls_test_transparent_cipher_encrypt( if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { return mbedtls_test_driver_cipher_hooks.forced_status; } + if (mbedtls_test_driver_cipher_hooks.forced_status_encrypt != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status_encrypt; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) @@ -209,10 +212,14 @@ psa_status_t mbedtls_test_transparent_cipher_set_iv( size_t iv_length) { mbedtls_test_driver_cipher_hooks.hits++; + mbedtls_test_driver_cipher_hooks.hits_set_iv++; if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { return mbedtls_test_driver_cipher_hooks.forced_status; } + if (mbedtls_test_driver_cipher_hooks.forced_status_set_iv != PSA_SUCCESS) { + return mbedtls_test_driver_cipher_hooks.forced_status_set_iv; + } #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) @@ -249,7 +256,6 @@ psa_status_t mbedtls_test_transparent_cipher_update( } if (mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS) { - ++mbedtls_test_driver_cipher_hooks.cipher_update_forced_status_hits; return mbedtls_test_driver_cipher_hooks.forced_status; } diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 309b395c5..ff449acf4 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -1061,10 +1061,10 @@ void cipher_encrypt_validation(int alg_arg, &key)); mbedtls_test_driver_cipher_hooks.hits = 0; - mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits = 0; + mbedtls_test_driver_cipher_hooks.hits_encrypt = 0; PSA_ASSERT(psa_cipher_encrypt(key, alg, input->x, input->len, output1, output1_buffer_size, &output1_length)); - TEST_EQUAL(mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits, 1); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits_encrypt, 1); mbedtls_test_driver_cipher_hooks.hits = 0; PSA_ASSERT(psa_cipher_encrypt_setup(&operation, key, alg)); @@ -1475,34 +1475,25 @@ void cipher_entry_points(int alg_arg, int key_type_arg, * successful, then force driver error. */ mbedtls_test_driver_cipher_hooks.hits = 0; - mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits = 0; + mbedtls_test_driver_cipher_hooks.hits_encrypt = 0; status = psa_cipher_encrypt( key, alg, input->x, input->len, output, output_buffer_size, &function_output_length); - TEST_EQUAL(mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits, 1); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits_encrypt, 1); TEST_EQUAL(status, PSA_SUCCESS); mbedtls_test_driver_cipher_hooks.hits = 0; - mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; + mbedtls_test_driver_cipher_hooks.forced_status_encrypt = PSA_ERROR_GENERIC_ERROR; /* Set the output buffer in a given state. */ for (size_t i = 0; i < output_buffer_size; i++) { output[i] = 0xa5; } - mbedtls_test_driver_cipher_hooks.cipher_update_forced_status_hits = 0; - mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits = 0; + mbedtls_test_driver_cipher_hooks.hits_encrypt = 0; status = psa_cipher_encrypt( key, alg, input->x, input->len, output, output_buffer_size, &function_output_length); -#if defined(MBEDTLS_AES_C) - TEST_EQUAL(mbedtls_test_driver_cipher_hooks.cipher_encrypt_hits, 1); -#else - /* The call to psa_cipher_encrypt() is intentionally supposed to fail on the - * 1st access to the driver since "forced_status" is set. However this - * initial access happens in psa_cipher_update() (random number generation - * for IV) so psa_cipher_encrypt() never gets called. */ - TEST_EQUAL(mbedtls_test_driver_cipher_hooks.cipher_update_forced_status_hits, 1); -#endif + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits_encrypt, 1); TEST_EQUAL(status, PSA_ERROR_GENERIC_ERROR); /* * Check that the output buffer is still in the same state. @@ -1563,25 +1554,18 @@ void cipher_entry_points(int alg_arg, int key_type_arg, TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); mbedtls_test_driver_cipher_hooks.hits = 0; + mbedtls_test_driver_cipher_hooks.hits_set_iv = 0; - mbedtls_test_driver_cipher_hooks.forced_status = PSA_ERROR_GENERIC_ERROR; + mbedtls_test_driver_cipher_hooks.forced_status_set_iv = PSA_ERROR_GENERIC_ERROR; /* Set the output buffer in a given state. */ for (size_t i = 0; i < 16; i++) { output[i] = 0xa5; } status = psa_cipher_generate_iv(&operation, output, 16, &function_output_length); - /* When generating the IV fails, it should call abort too */ -#if defined(MBEDTLS_AES_C) - TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 2); -#else - /* Previously failed call to psa_cipher_encrypt() above caused PSA to abort - * the cipher operation related to RNG. Therefore this call to - * psa_cipher_generate_iv() will failed due to unitialized RNG. Only the - * last driver call to psa_cipher_abort() remains. */ - TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits, 1); -#endif - TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status); + TEST_EQUAL(mbedtls_test_driver_cipher_hooks.hits_set_iv, 1); + TEST_EQUAL(status, mbedtls_test_driver_cipher_hooks.forced_status_set_iv); + mbedtls_test_driver_cipher_hooks.forced_status_set_iv = PSA_SUCCESS; /* * Check that the output buffer is still in the same state. * This will fail if the output buffer is used by the core to pass the IV From 302a487499d049ad8fce868a85ea93bddc078f2e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 4 Dec 2023 10:27:00 +0100 Subject: [PATCH 0918/1674] test_driver_key_management: rename counter for export_public_key() hits Signed-off-by: Valerio Setti --- tests/include/test/drivers/key_management.h | 2 +- tests/src/drivers/test_driver_key_management.c | 2 +- tests/suites/test_suite_psa_crypto_driver_wrappers.function | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 24ecbc3c5..526adbb91 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -27,7 +27,7 @@ typedef struct { * is called. */ unsigned long hits; /* Subset of hits which only counts key operations with EC key */ - unsigned long export_public_key_hits; + unsigned long hits_export_public_key; /* Location of the last key management driver called to import a key. */ psa_key_location_t location; } mbedtls_test_driver_key_management_hooks_t; diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index f73ae97f6..d522ebfe8 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -529,7 +529,7 @@ psa_status_t mbedtls_test_transparent_export_public_key( uint8_t *data, size_t data_size, size_t *data_length) { ++mbedtls_test_driver_key_management_hooks.hits; - ++mbedtls_test_driver_key_management_hooks.export_public_key_hits; + ++mbedtls_test_driver_key_management_hooks.hits_export_public_key; if (mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS) { return mbedtls_test_driver_key_management_hooks.forced_status; diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index ff449acf4..032fa478f 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -906,7 +906,7 @@ void export_key(int force_status_arg, } mbedtls_test_driver_key_management_hooks.hits = 0; - mbedtls_test_driver_key_management_hooks.export_public_key_hits = 0; + mbedtls_test_driver_key_management_hooks.hits_export_public_key = 0; mbedtls_test_driver_key_management_hooks.forced_status = force_status; if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(output_key_type)) { @@ -924,7 +924,7 @@ void export_key(int force_status_arg, if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(output_key_type) && !PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(input_key_type)) { - TEST_EQUAL(mbedtls_test_driver_key_management_hooks.export_public_key_hits, 1); + TEST_EQUAL(mbedtls_test_driver_key_management_hooks.hits_export_public_key, 1); } if (actual_status == PSA_SUCCESS) { From fe23daf8a3c0186f941068011761e34bd1ab7c99 Mon Sep 17 00:00:00 2001 From: Gabor Mezei Date: Mon, 4 Dec 2023 14:37:31 +0100 Subject: [PATCH 0919/1674] Remove leftover code from initial changelog support Signed-off-by: Gabor Mezei --- scripts/assemble_changelog.py | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/scripts/assemble_changelog.py b/scripts/assemble_changelog.py index b2fa96a07..07e6fc58a 100755 --- a/scripts/assemble_changelog.py +++ b/scripts/assemble_changelog.py @@ -246,10 +246,7 @@ class ChangeLog: self.categories = OrderedDict() for category in STANDARD_CATEGORIES: self.categories[category] = '' - if self.header: - offset = (self.header + self.top_version_title).count('\n') + 1 - else: - offset = 0 + offset = (self.header + self.top_version_title).count('\n') + 1 self.add_categories_from_text(input_stream.name, offset, top_version_body, True) From 10149c9516812e700922afd5d8b8832415b2e18d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 4 Dec 2023 09:21:46 +0100 Subject: [PATCH 0920/1674] changelog: add changelog for AEAD support without CIPHER_C Signed-off-by: Valerio Setti --- ChangeLog.d/8357.txt | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 ChangeLog.d/8357.txt diff --git a/ChangeLog.d/8357.txt b/ChangeLog.d/8357.txt new file mode 100644 index 000000000..24ba1404b --- /dev/null +++ b/ChangeLog.d/8357.txt @@ -0,0 +1,8 @@ +Features + * It is now possible to have AEADs support (CCM, GCM and ChaChaPoly) without + MBEDTLS_CIPHER_C. This holds both for the builtin suport (MBEDTLS_CCM_C, + MBEDTLS_GCM_C and MBEDTLS_CHACHAPOLY_c) as well as the PSA one + (PSA_WANT_ALG_CCM, PSA_WANT_ALG_GCM, PSA_WANT_ALG_CHACHA20_POLY1305). + On the PSA side this means that it is possible to enable + MBEDTLS_PSA_CRYPTO_C without MBEDTLS_CIPHER_C if any of the + non-authenticated ciphers is enabled. From 20e93a2a9d958329cf46a4bff33f3f45406f6773 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 4 Dec 2023 11:29:36 +0100 Subject: [PATCH 0921/1674] driver-only-builds: update documentation for AEADs Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 4bad2e879..200f43941 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -55,6 +55,7 @@ For now, only the following (families of) mechanisms are supported: - hashes: SHA-3, SHA-2, SHA-1, MD5, etc. - elliptic-curve cryptography (ECC): ECDH, ECDSA, EC J-PAKE, ECC key types. - finite-field Diffie-Hellman: FFDH algorithm, DH key types. +- AEADs: GCM, CCM and ChachaPoly Supported means that when those are provided only by drivers, everything (including PK, X.509 and TLS if `MBEDTLS_USE_PSA_CRYPTO` is enabled) should @@ -63,7 +64,7 @@ in the "Limitations" sub-sections of the sections dedicated to each family below. In the near future (end of 2023), we are planning to also add support for -ciphers (AES) and AEADs (GCM, CCM, ChachaPoly). +ciphers (AES, ARIA, Camellia). Currently (mid-2023) we don't have plans to extend this to RSA. If you're interested in driver-only support for RSA, please let us know. @@ -240,3 +241,26 @@ removing builtin support (i.e. `MBEDTLS_DHM_C`). ### Limitations Support for deterministic derivation of a DH keypair (i.e. `PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE`) is not supported. + +AEADs +----- + +It is possible to have all AEADs operations provided only by a driver. + +More precisely you can: +- enable desired PSA algorithm(s) and key type(s): + - `PSA_WANT_ALG_[CCM|GCM]` with `PSA_WANT_KEY_TYPE_[AES|ARIA|CAMELLIA]` + - `PSA_WANT_ALG_CHACHA20_POLY1305` with `PSA_WANT_KEY_TYPE_CHACHA20`; +- enable `MBEDTLS_PSA_ACCEL_xxx` symbol(s) which correspond to the + `PSA_WANT_xxx` of the previous step; +- disable builtin support of `MBEDTLS_[CCM|GCM|CHACHAPOLY]_C` algorithms and + key types `MBEDTLS_[AES|ARIA|CAMELLIA|CHACHA20]_C` for AEADs which are + accelerated. + +In such a build all AEADs operations requested through the PSA Crypto API +(including those in TLS and X.509) will be performed by the provided driver. +Of course direct calls to the disabled builtin modules +(ex: `mbedtls_ccm_init()`, etc) won't be possible. + +If no other non-authenticated cipher is required, it is also possible to +disable `MBEDTLS_CIPHER_C` in order to further reduce code's footprint. From 58d0206f390a2322b7a8e93bf0c6430126dcaebb Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 4 Dec 2023 12:01:06 +0100 Subject: [PATCH 0922/1674] test_suite_block_cipher: fix depends_on for Camellia tests Signed-off-by: Valerio Setti --- tests/suites/test_suite_block_cipher.data | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/tests/suites/test_suite_block_cipher.data b/tests/suites/test_suite_block_cipher.data index cf321ae47..097b567e4 100644 --- a/tests/suites/test_suite_block_cipher.data +++ b/tests/suites/test_suite_block_cipher.data @@ -182,56 +182,74 @@ depends_on:MBEDTLS_ARIA_C test_vec:MBEDTLS_CIPHER_ID_ARIA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"00112233445566778899aabbccddeeff":"f92bd7c79fb72e2f2b8f80c1972d24fc" Camellia-128-ECB Encrypt RFC3713 #1 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba9876543210":"0123456789abcdeffedcba9876543210":"67673138549669730857065648eabe43" Camellia-192-ECB Encrypt RFC3713 #1 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba98765432100011223344556677":"0123456789abcdeffedcba9876543210":"b4993401b3e996f84ee5cee7d79b09b9" Camellia-256-ECB Encrypt RFC3713 #1 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff":"0123456789abcdeffedcba9876543210":"9acc237dff16d76c20ef7c919e3a7509" Camellia-128-ECB Encrypt Perl EVP #1 [#1] +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F":"00112233445566778899AABBCCDDEEFF":"77CF412067AF8270613529149919546F" Camellia-192-ECB Encrypt Perl EVP #1 [#1] +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F1011121314151617":"00112233445566778899AABBCCDDEEFF":"B22F3C36B72D31329EEE8ADDC2906C68" Camellia-256-ECB Encrypt Perl EVP #1 [#1] +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"00112233445566778899AABBCCDDEEFF":"2EDF1F3418D53B88841FC8985FB1ECF2" Camellia-128-ECB Encrypt Perl EVP #1 [#2] +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"6BC1BEE22E409F96E93D7E117393172A":"432FC5DCD628115B7C388D770B270C96" Camellia-128-ECB Encrypt Perl EVP #2 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"0BE1F14023782A22E8384C5ABB7FAB2B" Camellia-128-ECB Encrypt Perl EVP #3 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"30C81C46A35CE411E5FBC1191A0A52EF":"A0A1ABCD1893AB6FE0FE5B65DF5F8636" Camellia-128-ECB Encrypt Perl EVP #4 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"F69F2445DF4F9B17AD2B417BE66C3710":"E61925E0D5DFAA9BB29F815B3076E51A" Camellia-192-ECB Encrypt Perl EVP #1 [#2] +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"6BC1BEE22E409F96E93D7E117393172A":"CCCC6C4E138B45848514D48D0D3439D3" Camellia-192-ECB Encrypt Perl EVP #2 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"5713C62C14B2EC0F8393B6AFD6F5785A" Camellia-192-ECB Encrypt Perl EVP #3 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"30C81C46A35CE411E5FBC1191A0A52EF":"B40ED2B60EB54D09D030CF511FEEF366" Camellia-192-ECB Encrypt Perl EVP #4 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"F69F2445DF4F9B17AD2B417BE66C3710":"909DBD95799096748CB27357E73E1D26" Camellia-256-ECB Encrypt Perl EVP #1 [#2] +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"6BC1BEE22E409F96E93D7E117393172A":"BEFD219B112FA00098919CD101C9CCFA" Camellia-256-ECB Encrypt Perl EVP #2 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"C91D3A8F1AEA08A9386CF4B66C0169EA" Camellia-256-ECB Encrypt Perl EVP #3 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"30C81C46A35CE411E5FBC1191A0A52EF":"A623D711DC5F25A51BB8A80D56397D28" Camellia-256-ECB Encrypt Perl EVP #4 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"F69F2445DF4F9B17AD2B417BE66C3710":"7960109FB6DC42947FCFE59EA3C5EB6B" From 5e18b90c95068efd1f3e872707b88994758af09c Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 4 Dec 2023 12:07:30 +0100 Subject: [PATCH 0923/1674] config-tfm: disable CIPHER_C We also add a check in "all.sh" components: - component_test_tfm_config_p256m_driver_accel_ec - component_test_tfm_config to ensure that CIPHER_C was not re-enabled accidentally. Signed-off-by: Valerio Setti --- configs/config-tfm.h | 5 +++++ tests/scripts/all.sh | 8 ++++++++ 2 files changed, 13 insertions(+) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index 85b677b4c..f6f527e00 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -45,6 +45,11 @@ #undef MBEDTLS_PLATFORM_STD_EXIT_SUCCESS #undef MBEDTLS_PLATFORM_STD_EXIT_FAILURE +/* CCM is the only cipher/AEAD enabled in TF-M configuration files, but it + * does not need CIPHER_C to be enabled, so we can disabled it in order + * to reduce code size further. */ +#undef MBEDTLS_CIPHER_C + /* * In order to get an example config that works cleanly out-of-the-box * for both baremetal and non-baremetal builds, we detect baremetal builds diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 462597ba6..a2dc84198 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3265,6 +3265,10 @@ component_test_tfm_config_p256m_driver_accel_ec () { # Check that p256m was built grep -q p256_ecdsa_ library/libmbedcrypto.a + # In "config-tfm.h" we disabled CIPHER_C tweaking TF-M's configuration + # files, so we want to ensure that it has not be re-enabled accidentally. + not grep mbedtls_cipher library/cipher.o + # Run the tests msg "test: TF-M config + p256m driver + accel ECDH(E)/ECDSA" make test @@ -3286,6 +3290,10 @@ component_test_tfm_config() { # Check that p256m was not built not grep p256_ecdsa_ library/libmbedcrypto.a + # In "config-tfm.h" we disabled CIPHER_C tweaking TF-M's configuration + # files, so we want to ensure that it has not be re-enabled accidentally. + not grep mbedtls_cipher library/cipher.o + msg "test: TF-M config" make test } From 8aec84f3a7d427c6ef6eca69801800cd61c484f3 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 4 Dec 2023 16:04:21 +0100 Subject: [PATCH 0924/1674] pkwrite: minor code reshape Signed-off-by: Valerio Setti --- library/pkwrite.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index c7eb1148b..bd592f4f6 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -44,15 +44,13 @@ #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) #define PK_MAX_EC_PUBLIC_KEY_SIZE PSA_EXPORT_PUBLIC_KEY_MAX_SIZE #define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH -#else -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#elif defined(MBEDTLS_USE_PSA_CRYPTO) #define PK_MAX_EC_PUBLIC_KEY_SIZE PSA_EXPORT_PUBLIC_KEY_MAX_SIZE #define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_PSA_MAX_EC_KEY_PAIR_LENGTH #else #define PK_MAX_EC_PUBLIC_KEY_SIZE MBEDTLS_ECP_MAX_PT_LEN #define PK_MAX_EC_KEY_PAIR_SIZE MBEDTLS_ECP_MAX_BYTES #endif -#endif /****************************************************************************** * Internal functions for RSA keys. From 2fffc45febbf883aa565176385f3ccd807697fb9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Dec 2023 22:22:07 +0100 Subject: [PATCH 0925/1674] fixup! Correct function names prefixes where they diverge from module names Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 41ae99e7e..80b94213a 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -82,7 +82,7 @@ PSA functions return a status of type [`psa_status_t`](https://mbed-tls.readthed | `aes.h` | `mbedtls_aes_` | [Symmetric encryption](#symmetric-encryption) | | `aria.h` | `mbedtls_aria_` | [Symmetric encryption](#symmetric-encryption) | | `asn1.h` | `mbedtls_asn1_` | No change ([PK support interface](#pk-format-support-interfaces)) | -| `asn1write.h` | `mbedtls_asn1write_` | No change ([PK support interface](#pk-format-support-interfaces)) | +| `asn1write.h` | `mbedtls_asn1_write_` | No change ([PK support interface](#pk-format-support-interfaces)) | | `base64.h` | `mbedtls_base64_` | No change ([PK support interface](#pk-format-support-interfaces)) | | `bignum.h` | `mbedtls_mpi_` | None (no low-level arithmetic) | | `build_info.h` | `MBEDTLS_` | No change (not a crypto API) | @@ -709,7 +709,7 @@ A curve is fully determined by a curve family identifier and the private key siz | `MBEDTLS_ECP_DP_BP512R1` | [`PSA_ECC_FAMILY_BRAINPOOL_P_R1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac1643f1baf38b30d07c20a6eac697f15) | 512 | | `MBEDTLS_ECP_DP_CURVE25519` | [`PSA_ECC_FAMILY_MONTGOMERY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga1f624c5cdaf25b21287af33024e1aff8) | 255 | | `MBEDTLS_ECP_DP_SECP192K1` | [`PSA_ECC_FAMILY_SECP_K1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 192 | -| `MBEDTLS_ECP_DP_SECP224K1` | not supported | 224 | +| `MBEDTLS_ECP_DP_SECP224K1` | not supported | N/A | | `MBEDTLS_ECP_DP_SECP256K1` | [`PSA_ECC_FAMILY_SECP_K1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 256 | | `MBEDTLS_ECP_DP_CURVE448` | [`PSA_ECC_FAMILY_MONTGOMERY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga1f624c5cdaf25b21287af33024e1aff8) | 448 | From 06002c5624d55eb660e0949d8586d24f613d7a41 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Dec 2023 22:24:25 +0100 Subject: [PATCH 0926/1674] typos and minor clarifications Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 80b94213a..cdc2ce11f 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -597,7 +597,7 @@ The functions `mbedtls_pkcs12_derivation` and `mbedtls_pkcs12_pbe` are only inte ### Random generation interface -The PSA subsystem has an internal random generator. As a consequence, you do not need to instantiate one manually, so most applications using PSA crypto do not need the interfaces from `entropy.h`, `ctr_drbg.` and `hmac_drbg.h`. See the next sections for remaining use cases for [entropy](#entropy-sources) and [DRBG](#deterministic-pseudorandom-generation). +The PSA subsystem has an internal random generator. As a consequence, you do not need to instantiate one manually, so most applications using PSA crypto do not need the interfaces from `entropy.h`, `ctr_drbg.h` and `hmac_drbg.h`. See the next sections for remaining use cases for [entropy](#entropy-sources) and [DRBG](#deterministic-pseudorandom-generation). The PSA API uses its internal random generator to generate keys (`psa_generate_key`), nonces for encryption (`psa_cipher_generate_iv`, `psa_cipher_encrypt`, `psa_aead_generate_nonce`, `psa_aead_encrypt`, `psa_asymmetric_encrypt`), and other random material as needed. If you need random data for some other purposes, call [`psa_generate_random`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5). @@ -928,7 +928,7 @@ Use [`PSA_SIGN_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/dev This is also the equivalent of the type-specific functions `mbedtls_rsa_pkcs1_sign`, `mbedtls_rsa_rsassa_pkcs1_v15_sign`, `mbedtls_rsa_rsassa_pss_sign`, `mbedtls_rsa_rsassa_pss_sign_ext`, `mbedtls_ecdsa_sign`, `mbedtls_ecdsa_sign_det_ext` and `mbedtls_ecdsa_write_signature`. Note that the PSA API uses the raw format for ECDSA signatures, not the ASN.1 format; see “[ECDSA signature](#ecdsa-signature)” for more details. The equivalent of `mbedtls_pk_verify` or `mbedtls_pk_verify_ext` to verify an already calculated hash is [`psa_verify_hash`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1gae2ffbf01e5266391aff22b101a49f5f5). -The key must be a public key or a key pair allowing the usage `PSA_KEY_USAGE_VERIFY_HASH` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). +The key must be a public key (or a key pair) allowing the usage `PSA_KEY_USAGE_VERIFY_HASH` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). This is also the equivalent of the type-specific functions `mbedtls_rsa_pkcs1_verify`, `mbedtls_rsa_rsassa_pkcs1_v15_verify`, `mbedtls_rsa_rsassa_pss_verify`, `mbedtls_rsa_rsassa_pss_verify_ext`, `mbedtls_ecdsa_verify` amd `mbedtls_ecdsa_read_signature`. Note that the PSA API uses the raw format for ECDSA signatures, not the ASN.1 format; see “[ECDSA signature](#ecdsa-signature)” for more details. Generally, `psa_sign_hash` and `psa_verify_hash` require the input to have the correct length for the hash (this has historically not always been enforced in the corresponding legacy APIs). @@ -1006,7 +1006,7 @@ With respect to the salt length: ### Asymmetric encryption and decryption The equivalent of `mbedtls_pk_encrypt`, `mbedtls_rsa_pkcs1_encrypt`, `mbedtls_rsa_rsaes_pkcs1_v15_encrypt` or `mbedtls_rsa_rsaes_oaep_encrypt` to encrypt a short message (typically a symmetric key) is [`psa_asymmetric_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1gaa17f61e4ddafd1823d2c834b3706c290). -The key must be a public key or a key pair allowing the usage `PSA_KEY_USAGE_ENCRYPT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). +The key must be a public key (or a key pair) allowing the usage `PSA_KEY_USAGE_ENCRYPT` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). Use the macro [`PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1a66ba3bd93e5ec52870ccc3848778bad8) or [`PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_ASYMMETRIC_ENCRYPT_OUTPUT_MAX_SIZE) to determine the output buffer size. The equivalent of `mbedtls_pk_decrypt`, `mbedtls_rsa_pkcs1_decrypt`, `mbedtls_rsa_rsaes_pkcs1_v15_decrypt` or `mbedtls_rsa_rsaes_oaep_decrypt` to decrypt a short message (typically a symmetric key) is [`psa_asymmetric_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga4f968756f6b22aab362b598b202d83d7). @@ -1064,7 +1064,9 @@ There is no PSA equivalent to Mbed TLS's custom key type names exposed by `mbedt The PSA API has a generic interface for key agreement, covering the main use of both `ecdh.h` and `dhm.h`. - + #### Diffie-Hellman key pair management @@ -1125,7 +1127,7 @@ The corresponding flow with the PSA API is as follows: * `our_pub`: a buffer of size [`PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE(key_type, bits)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE) (where `key_type` is the value passed to `psa_set_key_size` in step 2) or [`PSA_EXPORT_PUBLIC_KEY_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) to hold our key. * `their_pub`: a buffer of the same size, to hold the peer's key. This can be the same as `our_pub` if the application does not need to hold both at the same time; * `shared_secret`: a buffer of size [`PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE(key_type, bits)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE) or [`PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) (if not using a key derivation operation). -2. Prepare an attribute structure as desccribed in “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)”, in particular selecting the curve with `psa_set_key_type`. +2. Prepare an attribute structure as described in “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)”, in particular selecting the curve with `psa_set_key_type`. 3. Call [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5) on `attributes` and `our_key` (output) to generate a key pair, then [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) on `our_key` and `our_pub` (output) to obtain our public key. 4. Send `our_pub` to the peer. Retrieve the peer's public key and import it into `their_pub`. These two actions may be performed in either order. 5. Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) on `our_key`, `their_pub` and `shared_secret` (output). @@ -1218,7 +1220,7 @@ The bit-size used by the PSA API is the size of the private key. For most curves | Curve | `grp->nbits` | `grp->pbits` | `curve_info->bit_size` | PSA bit-size | | ----- | ------------ | ------------ | ---------------------- | ------------ | -| secp224k1 | 224 | 225 | 224 | not supported | +| secp224k1 | 225 | 224 | 224 | not supported | | Curve25519 | 253 | 255 | 256 | 255 | | Curve448 | 446 | 448 | 448 | 448 | From 5eeca33749a072576a988e3884a878c541005570 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Dec 2023 22:35:12 +0100 Subject: [PATCH 0927/1674] Use "workflow" rather than "flow" for clarity Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index cdc2ce11f..184dcef4e 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -328,7 +328,7 @@ Here is an overview of the lifecycle of a key object. ### Unauthenticated cipher operations -Recall the flow of an unauthenticated cipher operation in the legacy Mbed TLS cipher API: +Recall the workflow of an unauthenticated cipher operation in the legacy Mbed TLS cipher API: 1. Create a cipher context of type `mbedtls_cipher_context_t` and initialize it with `mbedtls_cipher_init`. 2. Establish the operation parameters (algorithm, key, mode) with `mbedtls_cipher_setup`, `mbedtls_cipher_setkey` (or `mbedtls_cipher_setup_psa`), `mbedtls_cipher_set_padding_mode` if applicable. @@ -336,12 +336,12 @@ Recall the flow of an unauthenticated cipher operation in the legacy Mbed TLS ci 4. For a one-shot operation, call `mbedtls_cipher_crypt`. To pass the input in multiple parts, call `mbedtls_cipher_update` as many times as necessary followed by `mbedtls_cipher_finish`. 5. Finally free the resources associated with the operation object by calling `mbedtls_cipher_free`. -For a one-shot operation (where the whole plaintext or ciphertext is passed as a single input), the equivalent flow with the PSA API is to call a single function: +For a one-shot operation (where the whole plaintext or ciphertext is passed as a single input), the equivalent workflow with the PSA API is to call a single function: * [`psa_cipher_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga61f02fbfa681c2659546eca52277dbf1) to perform encryption with a random IV of the default size (indicated by [`PSA_CIPHER_IV_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_IV_LENGTH)). (To encrypt with a specified IV, use the multi-part API described below.) You can use the macro [`PSA_CIPHER_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. * [`psa_cipher_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gab3593f5f14d8c0431dd306d80929215e) to perform decryption with a specified IV. You can use the macro [`PSA_CIPHER_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. -For a multi-part operation, the equivalent flow with the PSA API is as follows: +For a multi-part operation, the equivalent workflow with the PSA API is as follows: 1. Create an operation object of type [`psa_cipher_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga1399de29db657e3737bb09927aae51fa) and zero-initialize it (or use the corresponding `INIT` macro). 2. Select the key and algorithm with [`psa_cipher_encrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga587374c0eb8137a572f8e2fc409bb2b4) or [`psa_cipher_decrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gaa4ba3a167066eaef2ea49abc5dcd1d4b) depending on the desired direction. @@ -353,7 +353,7 @@ If you need to interrupt the operation after calling the setup function without ### Authenticated cipher operations -Recall the flow of an authenticated cipher operation in the legacy Mbed TLS cipher API (or similar flows in the `chachapoly`, `ccm` and `gcm` modules): +Recall the workflow of an authenticated cipher operation in the legacy Mbed TLS cipher API (or similar workflows in the `chachapoly`, `ccm` and `gcm` modules): 1. Create a cipher context of type `mbedtls_cipher_context_t` and initialize it with `mbedtls_cipher_init`. 2. Establish the operation parameters (algorithm, key, mode) with `mbedtls_cipher_setup`, `mbedtls_cipher_setkey` (or `mbedtls_cipher_setup_psa`), `mbedtls_cipher_set_padding_mode` if applicable. @@ -370,7 +370,7 @@ For a one-shot operation, the PSA API allows you to call a single function: * [`psa_aead_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae72e1eb3c2da3ebd843bb9c8db8df509) to perform authenticated encryption with a random nonce of the default size (indicated by [`PSA_AEAD_NONCE_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_NONCE_LENGTH)), with the authentication tag written at the end of the output. (To encrypt with a specified nonce, or to separate the tag from the rest of the ciphertext, use the multi-part API described below.) You can use the macro [`PSA_AEAD_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE) or [`PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. * [`psa_aead_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae799f6196a22d50c216c947e0320d3ba) to perform authenticated decryption of a ciphertext with the authentication tag at the end. (If the tag is separate, use the multi-part API described below.) You can use the macro [`PSA_AEAD_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE) or [`PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. -For a multi-part operation, the equivalent flow with the PSA API is as follows: +For a multi-part operation, the equivalent workflow with the PSA API is as follows: 1. Create an operation object of type [`psa_aead_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga14f6a01afbaa8c5b3d8c5d345cbaa3ed) and zero-initialize it (or use the corresponding `INIT` macro). 2. Select the key and algorithm with [`psa_aead_encrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga2732c40ce8f3619d41359a329e9b46c4) or [`psa_aead_decrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gaaa5c5018e67a7a6514b7e76b9a14de26) depending on the desired direction. @@ -770,12 +770,12 @@ You can use glue functions in the PK module to create a key object using the leg #### Importing a PK key by wrapping -If you have a PK object, you can call `mbedtls_pk_wrap_as_opaque` to create a PSA key object with the same key material. (This function is only present in builds with `MBEDTLS_USE_PSA_CRYPTO` enabled. It is experimental and [will likely be replaced by a slightly different interface in a future version of Mbed TLS](https://github.com/Mbed-TLS/mbedtls/issues/7760)). This function automatically determines the PSA key type and lets you specify the usage policy (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). Once you've called this function, you can destroy the PK object. This function calls `psa_import_key` internally; call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) to destroy the PSA key object once your application no longer needs it. Common scenarios where this flow is useful are: +If you have a PK object, you can call `mbedtls_pk_wrap_as_opaque` to create a PSA key object with the same key material. (This function is only present in builds with `MBEDTLS_USE_PSA_CRYPTO` enabled. It is experimental and [will likely be replaced by a slightly different interface in a future version of Mbed TLS](https://github.com/Mbed-TLS/mbedtls/issues/7760)). This function automatically determines the PSA key type and lets you specify the usage policy (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). Once you've called this function, you can destroy the PK object. This function calls `psa_import_key` internally; call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) to destroy the PSA key object once your application no longer needs it. Common scenarios where this workflow is useful are: * You have working code that's calling `mbedtls_pk_parse_key`, `mbedtls_pk_parse_public_key`, `mbedtls_pk_parse_subpubkey`, `mbedtls_pk_parse_keyfile` or `mbedtls_pk_parse_public_keyfile` to create a PK object. * You have working code that's using the `rsa.h` or `ecp.h` API to create a key object, and there is no PSA equivalent. -You can use this flow to import an RSA key via an `mbedtls_rsa_context` object or an ECC key via an `mbedtls_ecp_keypair` object: +You can use this workflow to import an RSA key via an `mbedtls_rsa_context` object or an ECC key via an `mbedtls_ecp_keypair` object: 1. Call `mbedtls_pk_init` then `mbedtls_pk_setup` to set up a PK context for the desired key type (`MBEDTLS_PK_RSA` or `MBEDTLS_PK_ECKEY`). 2. Call `mbedtls_pk_rsa` or `mbedtls_pk_ec` to obtain the underlying low-level context. @@ -1102,9 +1102,9 @@ Use the macros [`PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE`](https://mbed-tls.readthedoc Call [`psa_key_derivation_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga2cd5a8ac906747d3204ec442db78745f) instead of `psa_raw_key_agreement` to use the resulting shared secret as the secret input to a key derivation. See “[HKDF](#hkdf)” for an example of the key derivation interface. -#### Translating a legacy key agreement contextless flow +#### Translating a legacy key agreement contextless workflow -A typical flow for ECDH using the legacy API without a context object is: +A typical workflow for ECDH using the legacy API without a context object is: 1. Initialize objects: * `mbedtls_ecp_group grp` for the curve; @@ -1119,7 +1119,7 @@ A typical flow for ECDH using the legacy API without a context object is: 6. Use the raw shared secret `z`, typically, to construct a shared key. 7. Free `grp`, `our_priv`, `our_pub`, `their_pub` and `z`. -The corresponding flow with the PSA API is as follows: +The corresponding workflow with the PSA API is as follows: 1. Initialize objects: * `psa_key_id_t our_key`: a handle to our key pair; @@ -1136,9 +1136,9 @@ The corresponding flow with the PSA API is as follows: Steps 4–5 are only performed once for ephemeral Diffie-Hellman, but repeated multiple times for static Diffie-Hellman. -#### Translating a legacy key agreement TLS server flow +#### Translating a legacy key agreement TLS server workflow -The legacy API offers the following flow for a Diffie-Hellman key agreement in a TLS server. This flow can also be used with other protocols, on the side of the party that selects the curve or group and sends its public key first. +The legacy API offers the following workflow for a Diffie-Hellman key agreement in a TLS server. This workflow can also be used with other protocols, on the side of the party that selects the curve or group and sends its public key first. 1. Setup phase: 1. Initialize a context of type `mbedtls_ecdh_context` or `mbedtls_dhm_context` with `mbedtls_ecdh_init` or `mbedtls_dhm_init`. @@ -1149,7 +1149,7 @@ The legacy API offers the following flow for a Diffie-Hellman key agreement in a 4. Call `mbedtls_ecdh_read_public` or `mbedtls_dhm_read_public` on the peer's public key, then call `mbedtls_ecdh_calc_secret` or `mbedtls_dhm_calc_secret` to calculate the shared secret. 5. Free the context with `mbedtls_ecdh_free` or `mbedtls_dhm_free`. -The corresponding flow with the PSA API is as follows: +The corresponding workflow with the PSA API is as follows: 1. Setup phase: 1. Generate an ECDH or DHM key pair with `psa_generate_key` as described in “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)”. @@ -1161,9 +1161,9 @@ The corresponding flow with the PSA API is as follows: Alternatively, call `psa_key_derivation_key_agreement` to use the shared secret directly in a key derivation operation (see “[Performing a key agreement](#performing-a-key-agreement)”). 5. Call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) to free the resources associated with our key pair. -#### Translating a legacy key agreement TLS client flow +#### Translating a legacy key agreement TLS client workflow -The legacy API offers the following flow for a Diffie-Hellman key agreement in a TLS client. This flow can also be used with other protocols, on the side of the party that receives a message indicating both the choice of curve or group, and the peer's public key. +The legacy API offers the following workflow for a Diffie-Hellman key agreement in a TLS client. This workflow can also be used with other protocols, on the side of the party that receives a message indicating both the choice of curve or group, and the peer's public key. 1. Upon reception of a TLS ServerKeyExchange message received from the peer, which encodes the selected curve/group and the peer's public key: 1. Initialize a context of type `mbedtls_ecdh_context` or `mbedtls_dhm_context` with `mbedtls_ecdh_init` or `mbedtls_dhm_init`. @@ -1173,7 +1173,7 @@ The legacy API offers the following flow for a Diffie-Hellman key agreement in a 4. Call `mbedtls_ecdh_calc_secret` or `mbedtls_dhm_calc_secret` to calculate the shared secret. 5. Free the context with `mbedtls_ecdh_free` or `mbedtls_dhm_free`. -The corresponding flow with the PSA API is as follows: +The corresponding workflow with the PSA API is as follows: 1. Upon reception of a TLS ServerKeyExchange message received from the peer, which encodes the selected curve/group and the peer's public key: 1. Decode the selected curve/group and use this to determine a PSA key type (`PSA_KEY_TYPE_ECC_KEY_PAIR(curve)` or `PSA_KEY_TYPE_DH_KEY_PAIR(group)`), a key size and an algorithm. From d921391bf4d6d9783b3cf41e8f3018bc478774b4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Dec 2023 22:35:34 +0100 Subject: [PATCH 0928/1674] Note a few things about PAKE (thanks Manuel) Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 184dcef4e..fdf6cdae5 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -1304,3 +1304,9 @@ In Mbed TLS 4.0, we are planning to keep the ASN.1 interfaces mostly unchanged. ## EC-JPAKE The PSA API exposes EC-JPAKE via the algorithm [`PSA_ALG_JPAKE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__extra_8h/#c.PSA_ALG_JPAKE) and the PAKE API functions. At the time of writing, the PAKE API is still experimental, but it should offer the same functionality as the legacy `ecjpake.h`. Please consult the documentation of your version of Mbed TLS for more information. + +Please note a few differences between the two APIs: the legacy API is geared towards the use of EC-JPAKE in TLS 1.2, whereas the PSA API is protocol-agnostic. + +* The PSA API is finer-grained and offers more flexibility in message ordering. Where the legacy API makes a single function call, the PSA API may require multiple calls. +* The legacy API uses the TLS 1.2 wire format in the input or output format of several functions. In particular, one of the messages embeds the curve identifier in the TLS protocol. The PSA API uses protocol-agnostic formats. +* The legacy API always applies the key derivation specified by TLS 1.2 to the shared secret. With the PSA API, use a key derivation with `PSA_ALG_TLS12_ECJPAKE_TO_PMS` for the same calculation. From 76bc64e101b5321f89e5cfeabccc9a61c89de969 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Dec 2023 22:49:18 +0100 Subject: [PATCH 0929/1674] Diffie-Hellman: several clarifications and corrections Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index fdf6cdae5..cb76c3d57 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -1115,9 +1115,8 @@ A typical workflow for ECDH using the legacy API without a context object is: 2. Call `mbedtls_ecp_group_load` on `grp` to select the curve. 3. Call `mbedtls_ecdh_gen_public` on `grp`, `our_priv` (output) and `our_pub` (output) to generate a key pair and retrieve the corresponding public key. 4. Send `our_pub` to the peer. Retrieve the peer's public key and import it into `their_pub`. These two actions may be performed in either order. -5. Call `mbedtls_ecdh_compute_shared` on `grp`, `z` (output), `their_pub` and `our_priv`. -6. Use the raw shared secret `z`, typically, to construct a shared key. -7. Free `grp`, `our_priv`, `our_pub`, `their_pub` and `z`. +5. Call `mbedtls_ecdh_compute_shared` on `grp`, `z` (output), `their_pub` and `our_priv`. Use the raw shared secret `z`, typically, to construct a shared key. +6. Free `grp`, `our_priv`, `our_pub`, `their_pub` and `z`. The corresponding workflow with the PSA API is as follows: @@ -1134,11 +1133,11 @@ The corresponding workflow with the PSA API is as follows: Alternatively, call `psa_key_derivation_key_agreement` to use the shared secret directly in a key derivation operation (see “[Performing a key agreement](#performing-a-key-agreement)”). 6. Call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) on `key_id`, and free the memory buffers. -Steps 4–5 are only performed once for ephemeral Diffie-Hellman, but repeated multiple times for static Diffie-Hellman. +Steps 4–6 are only performed once for a "true" ephemeral Diffie-Hellman. They may be repeated multiple times for a "fake ephemeral" Diffie-Hellman where the same private key is used for multiple key exchanges, but it not saved. -#### Translating a legacy key agreement TLS server workflow +#### Translating a legacy ephemeral key agreement TLS server workflow -The legacy API offers the following workflow for a Diffie-Hellman key agreement in a TLS server. This workflow can also be used with other protocols, on the side of the party that selects the curve or group and sends its public key first. +The legacy API offers the following workflow for an ephemeral Diffie-Hellman key agreement in a TLS 1.2 server. The PSA version of this workflow can also be used with other protocols, on the side of the party that selects the curve or group and sends its public key first. 1. Setup phase: 1. Initialize a context of type `mbedtls_ecdh_context` or `mbedtls_dhm_context` with `mbedtls_ecdh_init` or `mbedtls_dhm_init`. @@ -1161,9 +1160,9 @@ The corresponding workflow with the PSA API is as follows: Alternatively, call `psa_key_derivation_key_agreement` to use the shared secret directly in a key derivation operation (see “[Performing a key agreement](#performing-a-key-agreement)”). 5. Call [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2) to free the resources associated with our key pair. -#### Translating a legacy key agreement TLS client workflow +#### Translating a legacy ephemeral key agreement TLS client workflow -The legacy API offers the following workflow for a Diffie-Hellman key agreement in a TLS client. This workflow can also be used with other protocols, on the side of the party that receives a message indicating both the choice of curve or group, and the peer's public key. +The legacy API offers the following workflow for an ephemeral Diffie-Hellman key agreement in a TLS 1.2 client. The PSA version of this workflow can also be used with other protocols, on the side of the party that receives a message indicating both the choice of curve or group, and the peer's public key. 1. Upon reception of a TLS ServerKeyExchange message received from the peer, which encodes the selected curve/group and the peer's public key: 1. Initialize a context of type `mbedtls_ecdh_context` or `mbedtls_dhm_context` with `mbedtls_ecdh_init` or `mbedtls_dhm_init`. @@ -1206,7 +1205,7 @@ The PSA API for finite-field Diffie-Hellman only supports predefined groups. The #### Restartable key agreement -Restartable key agreement is not yet available through the PSA API. It will be added in a future version of the library. +Restartable key agreement (enabled by `mbedtls_ecdh_enable_restart`) is not yet available through the PSA API. It will be added under the name “interruptible key agreement” in a future version of the library, with an interface that's similar to the interruptible signature interface described in “[Restartable ECDSA signature](#restartable-ecdsa-signature)”. ### Additional information about Elliptic-curve cryptography From 32dfaf485c1f606391161ce2212555bfd6bcd537 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Dec 2023 23:14:25 +0100 Subject: [PATCH 0930/1674] More information about output buffer sizes Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index cb76c3d57..e9261c782 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -75,6 +75,10 @@ Mbed TLS functions return a status of type `int`: 0 for success (or occasionally PSA functions return a status of type [`psa_status_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__error/#group__error_1ga05676e70ba5c6a7565aff3c36677c1f9): `PSA_SUCCESS == 0` for success, or a negative value [`PSA_ERROR_xxx`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__error/) indicating an error. +### Memory management + +Functions that output data require an output buffer of sufficient size. For all PSA crypto API functions that have an output buffer, there is a corresponding macro, generally called `PSA_XXX_OUTPUT_SIZE`, that calculates a sufficient size for the output buffer, given the relevant parameters. In some cases, there may be macros with less precision which can be resolved at compile time. For example, for the size of a buffer containing a hash, you can use `PSA_HASH_LENGTH(hash_alg)` where `hash_alg` is a specific hash algorithm, or `PSA_HASH_MAX_SIZE` for a buffer that is long enough for any supported hash. See the relevant sections of this document and of the reference documentation for more details. + ## Summary of API modules | Header | Function prefix | PSA equivalent | @@ -338,16 +342,16 @@ Recall the workflow of an unauthenticated cipher operation in the legacy Mbed TL For a one-shot operation (where the whole plaintext or ciphertext is passed as a single input), the equivalent workflow with the PSA API is to call a single function: -* [`psa_cipher_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga61f02fbfa681c2659546eca52277dbf1) to perform encryption with a random IV of the default size (indicated by [`PSA_CIPHER_IV_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_IV_LENGTH)). (To encrypt with a specified IV, use the multi-part API described below.) You can use the macro [`PSA_CIPHER_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. -* [`psa_cipher_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gab3593f5f14d8c0431dd306d80929215e) to perform decryption with a specified IV. You can use the macro [`PSA_CIPHER_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. +* [`psa_cipher_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga61f02fbfa681c2659546eca52277dbf1) to perform encryption with a random IV of the default size (indicated by [`PSA_CIPHER_IV_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_IV_LENGTH)). (To encrypt with a specified IV, use the multi-part API described below.) You can use the macro [`PSA_CIPHER_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_ENCRYPT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer. +* [`psa_cipher_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gab3593f5f14d8c0431dd306d80929215e) to perform decryption with a specified IV. You can use the macro [`PSA_CIPHER_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE) or [`PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer. For a multi-part operation, the equivalent workflow with the PSA API is as follows: 1. Create an operation object of type [`psa_cipher_operation_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga1399de29db657e3737bb09927aae51fa) and zero-initialize it (or use the corresponding `INIT` macro). 2. Select the key and algorithm with [`psa_cipher_encrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga587374c0eb8137a572f8e2fc409bb2b4) or [`psa_cipher_decrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gaa4ba3a167066eaef2ea49abc5dcd1d4b) depending on the desired direction. 3. When encrypting with a random IV, use [`psa_cipher_generate_iv`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga29fd7d32a5729226a2f73e7b6487bd8a). When encrypting with a chosen IV, or when decrypting, set the IV with [`psa_cipher_set_iv`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga9caddac1a429a5032d6d4a907fb70ba1). Skip this step with ECB since it does not use an IV. -4. Call [`psa_cipher_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gac3ca27ac6682917c48247d01fd96cd0f) as many times as needed. You can use [`PSA_CIPHER_UPDATE_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_UPDATE_OUTPUT_SIZE) or [`PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1ab1f6598efd6a7dc56e7ad7e34719eb32) to determine the size of the output buffer. -5. Call [`psa_cipher_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga1dcb58b8befe23f8a4d7a1d49c99249b) to obtain the last part of the output. You can use [`PSA_CIPHER_FINISH_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_FINISH_OUTPUT_SIZE) or [`PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE) to determine the size of the output buffer. +4. Call [`psa_cipher_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gac3ca27ac6682917c48247d01fd96cd0f) as many times as needed. You can use [`PSA_CIPHER_UPDATE_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_UPDATE_OUTPUT_SIZE) or [`PSA_CIPHER_UPDATE_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#crypto__sizes_8h_1ab1f6598efd6a7dc56e7ad7e34719eb32) to determine a sufficient size for the output buffer. +5. Call [`psa_cipher_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1ga1dcb58b8befe23f8a4d7a1d49c99249b) to obtain the last part of the output. You can use [`PSA_CIPHER_FINISH_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_FINISH_OUTPUT_SIZE) or [`PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_FINISH_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer. If you need to interrupt the operation after calling the setup function without calling the finish function, call [`psa_cipher_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__cipher/#group__cipher_1gaad482cdca2098bca0620596aaa02eaa4). @@ -367,8 +371,8 @@ Steps 3–6 can be replaced by a single call to `mbedtls_cipher_auth_encrypt_ext For a one-shot operation, the PSA API allows you to call a single function: -* [`psa_aead_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae72e1eb3c2da3ebd843bb9c8db8df509) to perform authenticated encryption with a random nonce of the default size (indicated by [`PSA_AEAD_NONCE_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_NONCE_LENGTH)), with the authentication tag written at the end of the output. (To encrypt with a specified nonce, or to separate the tag from the rest of the ciphertext, use the multi-part API described below.) You can use the macro [`PSA_AEAD_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE) or [`PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. -* [`psa_aead_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae799f6196a22d50c216c947e0320d3ba) to perform authenticated decryption of a ciphertext with the authentication tag at the end. (If the tag is separate, use the multi-part API described below.) You can use the macro [`PSA_AEAD_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE) or [`PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. +* [`psa_aead_encrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae72e1eb3c2da3ebd843bb9c8db8df509) to perform authenticated encryption with a random nonce of the default size (indicated by [`PSA_AEAD_NONCE_LENGTH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_NONCE_LENGTH)), with the authentication tag written at the end of the output. (To encrypt with a specified nonce, or to separate the tag from the rest of the ciphertext, use the multi-part API described below.) You can use the macro [`PSA_AEAD_ENCRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_ENCRYPT_OUTPUT_SIZE) or [`PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_ENCRYPT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer. +* [`psa_aead_decrypt`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae799f6196a22d50c216c947e0320d3ba) to perform authenticated decryption of a ciphertext with the authentication tag at the end. (If the tag is separate, use the multi-part API described below.) You can use the macro [`PSA_AEAD_DECRYPT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_SIZE) or [`PSA_AEAD_DECRYPT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_CIPHER_DECRYPT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer. For a multi-part operation, the equivalent workflow with the PSA API is as follows: @@ -376,10 +380,10 @@ For a multi-part operation, the equivalent workflow with the PSA API is as follo 2. Select the key and algorithm with [`psa_aead_encrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga2732c40ce8f3619d41359a329e9b46c4) or [`psa_aead_decrypt_setup`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gaaa5c5018e67a7a6514b7e76b9a14de26) depending on the desired direction. 3. When encrypting with a random nonce, use [`psa_aead_generate_nonce`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga5799df1c555efd35970b65be51cb07d1). When encrypting with a chosen nonce, or when decrypting, set the nonce with [`psa_aead_set_nonce`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga59132751a6f843d038924cb217b5e13b). If the algorithm is CCM, you must also call [`psa_aead_set_lengths`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gad3431e28d05002c2a7b0760610176050) before or after setting the nonce (for other algorithms, this is permitted but not needed). 4. Call [`psa_aead_update_ad`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga6d0eed03f832e5c9c91cb8adf2882569) as many times as needed. -5. Call [`psa_aead_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gaf6d49864951ca42136b4a9b71ea26e5c) as many times as needed. You can use [`PSA_AEAD_UPDATE_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_UPDATE_OUTPUT_SIZE) or [`PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE) to determine the size of the output buffer. +5. Call [`psa_aead_update`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gaf6d49864951ca42136b4a9b71ea26e5c) as many times as needed. You can use [`PSA_AEAD_UPDATE_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_UPDATE_OUTPUT_SIZE) or [`PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_UPDATE_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer. 6. Finally: - * When encrypting, call [`psa_aead_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga759791bbe1763b377c3b5447641f1fc8) to obtain the last part of the ciphertext and the authentication tag. You can use [`PSA_AEAD_FINISH_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_FINISH_OUTPUT_SIZE) or [`PSA_AEAD_FINISH_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_FINISH_OUTPUT_MAX_SIZE) to determine the size of the output buffer. - * When decrypting, call [`psa_aead_verify`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae0280e2e61a185b893c36d858453f0d0) to obtain the last part of the plaintext and check the authentication tag. You can use [`PSA_AEAD_VERIFY_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_VERIFY_OUTPUT_SIZE) or [`PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE) to determine the size of the output buffer. + * When encrypting, call [`psa_aead_finish`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1ga759791bbe1763b377c3b5447641f1fc8) to obtain the last part of the ciphertext and the authentication tag. You can use [`PSA_AEAD_FINISH_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_FINISH_OUTPUT_SIZE) or [`PSA_AEAD_FINISH_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_FINISH_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer. + * When decrypting, call [`psa_aead_verify`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae0280e2e61a185b893c36d858453f0d0) to obtain the last part of the plaintext and check the authentication tag. You can use [`PSA_AEAD_VERIFY_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_VERIFY_OUTPUT_SIZE) or [`PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer. If you need to interrupt the operation after calling the setup function without calling the finish or verify function, call [`psa_aead_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gae8a5f93d92318c8f592ee9fbb9d36ba0). @@ -924,7 +928,7 @@ You can wrap a PSA key object in a PK key context with `mbedtls_pk_setup_opaque` The equivalent of `mbedtls_pk_sign` or `mbedtls_pk_sign_ext` to sign an already calculated hash is [`psa_sign_hash`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1ga785e746a31a7b2a35ae5175c5ace3c5c). The key must be a key pair allowing the usage `PSA_KEY_USAGE_SIGN_HASH` (see “[Public-key cryptography policies](#public-key-cryptography-policies)”). -Use [`PSA_SIGN_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_SIGN_OUTPUT_SIZE) or [`PSA_SIGNATURE_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_SIGNATURE_MAX_SIZE) (similar to `MBEDTLS_PK_SIGNATURE_MAX_SIZE`) to determine the size of the output buffer. +Use [`PSA_SIGN_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_SIGN_OUTPUT_SIZE) or [`PSA_SIGNATURE_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_SIGNATURE_MAX_SIZE) (similar to `MBEDTLS_PK_SIGNATURE_MAX_SIZE`) to determine a sufficient size for the output buffer. This is also the equivalent of the type-specific functions `mbedtls_rsa_pkcs1_sign`, `mbedtls_rsa_rsassa_pkcs1_v15_sign`, `mbedtls_rsa_rsassa_pss_sign`, `mbedtls_rsa_rsassa_pss_sign_ext`, `mbedtls_ecdsa_sign`, `mbedtls_ecdsa_sign_det_ext` and `mbedtls_ecdsa_write_signature`. Note that the PSA API uses the raw format for ECDSA signatures, not the ASN.1 format; see “[ECDSA signature](#ecdsa-signature)” for more details. The equivalent of `mbedtls_pk_verify` or `mbedtls_pk_verify_ext` to verify an already calculated hash is [`psa_verify_hash`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__asymmetric/#group__asymmetric_1gae2ffbf01e5266391aff22b101a49f5f5). @@ -1095,10 +1099,10 @@ Here is an overview of the lifecycle of a key object. #### Performing a key agreement Call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062) to obtain the public key that needs to be sent to the other party. -Use the macros [`PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE) or [`PSA_EXPORT_PUBLIC_KEY_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) to determine the size of the output buffer. +Use the macros [`PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_OUTPUT_SIZE) or [`PSA_EXPORT_PUBLIC_KEY_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_EXPORT_PUBLIC_KEY_MAX_SIZE) to determine a sufficient size for the output buffer. Call [`psa_raw_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga90fdd2716124d0bd258826184824675f) to calculate the shared secret from your private key and the other party's public key. -Use the macros [`PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE) or [`PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) to determine the size of the output buffer. +Use the macros [`PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_SIZE) or [`PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__sizes_8h/#c.PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE) to determine a sufficient size for the output buffer. Call [`psa_key_derivation_key_agreement`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__derivation/#group__key__derivation_1ga2cd5a8ac906747d3204ec442db78745f) instead of `psa_raw_key_agreement` to use the resulting shared secret as the secret input to a key derivation. See “[HKDF](#hkdf)” for an example of the key derivation interface. From e5044a0eb2a1b23d69045d2e10e264f4bd16ff0e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 Dec 2023 23:14:45 +0100 Subject: [PATCH 0931/1674] Add a generic section about key management Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index e9261c782..d0a0de656 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -77,8 +77,28 @@ PSA functions return a status of type [`psa_status_t`](https://mbed-tls.readthed ### Memory management +Apart from keys, as described in “[Key management](#key-management)” below, APIs that need to preserve state between function calls store this state in a structure allocated by the calling code. For example, multipart operations store state in a multipart operation object. + +All PSA operation objects must be zero-initialized (or equivalently, initialized with the provided `PSA_XXX_INIT` macro or `psa_xxx_init()` function) before calling any API function. + Functions that output data require an output buffer of sufficient size. For all PSA crypto API functions that have an output buffer, there is a corresponding macro, generally called `PSA_XXX_OUTPUT_SIZE`, that calculates a sufficient size for the output buffer, given the relevant parameters. In some cases, there may be macros with less precision which can be resolved at compile time. For example, for the size of a buffer containing a hash, you can use `PSA_HASH_LENGTH(hash_alg)` where `hash_alg` is a specific hash algorithm, or `PSA_HASH_MAX_SIZE` for a buffer that is long enough for any supported hash. See the relevant sections of this document and of the reference documentation for more details. +#### Key management + +One of the major differences between the legacy API and the PSA API is that in the PSA API, access to keys is indirect. Operations that require a key take a parameter of type [`psa_key_id_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/crypto__types_8h/#_CPPv412psa_key_id_t), which is an identifier for the key. This allows the API to be used with keys that are not directly accessible to the application, for example because they are stored in a secure environment that does not allow the key material to be exported. + +To use a key: + +1. First create a key object with a key creation function. The two most common ones are [`psa_import_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga0336ea76bf30587ab204a8296462327b) if you have the key material available and [`psa_generate_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__random/#group__random_1ga1985eae417dfbccedf50d5fff54ea8c5) to create a random key. The key creation function has the key identifier as an output parameter. +2. Use the key as desired, passing the key identifier obtained during the key creation. +3. Finally destroy the key object with [`psa_destroy_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__key__management/#group__key__management_1ga5f52644312291335682fbc0292c43cd2). + +See “[Cipher key management](#cipher-key-management)”, “[MAC key management](#mac-key-management)”, “[Key lifecycle for asymmetric cryptography](#key-lifecycle-for-asymmetric-cryptography)”, “[Creating keys for asymmetric cryptography](#creating-keys-for-asymmetric-cryptography)” and “[Diffie-Hellman key pair management](#diffie-hellman-key-pair-management)” for more details about key management in specific workflows, including information about choosing the key's attributes. + +If you need access to the key material, call [`psa_export_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1ga668e35be8d2852ad3feeef74ac6f75bf). If you need the public key corresponding to a key pair object, call [`psa_export_public_key`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__import__export/#group__import__export_1gaf22ae73312217aaede2ea02cdebb6062). + +Note that a key consumes a key store entry, which is distinct from heap memory, until it is destroyed or the application exits. (This is not true for persistent keys, which instead consume disk space. Since persistent keys have no analog in the legacy API, we will not discuss them further in this document.) + ## Summary of API modules | Header | Function prefix | PSA equivalent | From b55f9eb5c5eadf802a02541fbac659564113ad67 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 5 Dec 2023 10:27:17 +0800 Subject: [PATCH 0932/1674] fix various issues - remove unnecessary statements - improve macro name - improve output message Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 26 +++++++------------------- 1 file changed, 7 insertions(+), 19 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 1c359a268..fcf57f06d 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1889,11 +1889,9 @@ static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl) return ret; } } - #endif /* MBEDTLS_SSL_EARLY_DATA */ return 0; - } /* @@ -2801,19 +2799,12 @@ static int ssl_tls13_write_certificate_verify(mbedtls_ssl_context *ssl) static void ssl_tls13_prepare_for_handshake_second_flight( mbedtls_ssl_context *ssl) { - MBEDTLS_SSL_DEBUG_MSG( - 2, ("=> ssl_tls13_prepare_for_handshake_second_flight")); - if (ssl->handshake->certificate_request_sent) { mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); } else { - MBEDTLS_SSL_DEBUG_MSG(2, ("skip parse certificate")); - MBEDTLS_SSL_DEBUG_MSG(2, ("skip parse certificate verify")); + MBEDTLS_SSL_DEBUG_MSG(2, ("Skip certificate and certificate verify parsing")); mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); } - - MBEDTLS_SSL_DEBUG_MSG( - 2, ("<= ssl_tls13_prepare_for_handshake_second_flight")); } /* @@ -2864,13 +2855,13 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) * Handler for MBEDTLS_SSL_END_OF_EARLY_DATA */ #define SSL_GOT_END_OF_EARLY_DATA 0 -#define SSL_GOT_APPLICATION_DATA 1 +#define SSL_GOT_EARLY_DATA 1 /* Coordination: * Deals with the ambiguity of not knowing if the next message is an * EndOfEarlyData message or an application message containing early data. * Returns a negative code on failure, or * - SSL_GOT_END_OF_EARLY_DATA - * - SSL_GOT_APPLICATION_DATA + * - SSL_GOT_EARLY_DATA * indicating which message is received. */ MBEDTLS_CHECK_RETURN_CRITICAL @@ -2886,17 +2877,15 @@ static int ssl_tls13_end_of_early_data_coordinate(mbedtls_ssl_context *ssl) if (ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && ssl->in_msg[0] == MBEDTLS_SSL_HS_END_OF_EARLY_DATA) { - MBEDTLS_SSL_DEBUG_MSG(3, ("got end_of_early_data message.")); + MBEDTLS_SSL_DEBUG_MSG(3, ("Received an end_of_early_data message.")); return SSL_GOT_END_OF_EARLY_DATA; } if (ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA) { - MBEDTLS_SSL_DEBUG_MSG(3, ("got application_data message")); - return SSL_GOT_APPLICATION_DATA; + MBEDTLS_SSL_DEBUG_MSG(3, ("Received early data")); + return SSL_GOT_EARLY_DATA; } - MBEDTLS_SSL_DEBUG_MSG(1, ("got unexpected message.")); - MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE, MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE); return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; @@ -2911,7 +2900,6 @@ static int ssl_tls13_parse_end_of_early_data(mbedtls_ssl_context *ssl, * * struct {} EndOfEarlyData; */ - ((void) ssl); if (buf != end) { MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR, MBEDTLS_ERR_SSL_DECODE_ERROR); @@ -3020,7 +3008,7 @@ static int ssl_tls13_process_end_of_early_data(mbedtls_ssl_context *ssl) ssl_tls13_prepare_for_handshake_second_flight(ssl); - } else if (ret == SSL_GOT_APPLICATION_DATA) { + } else if (ret == SSL_GOT_EARLY_DATA) { MBEDTLS_SSL_PROC_CHK(ssl_tls13_process_early_application_data(ssl)); } else { MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); From ebb1b1d48f810558d63149ec4ca8c3e30a1fb1c1 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 5 Dec 2023 11:02:15 +0800 Subject: [PATCH 0933/1674] fix ci test failure "skip parse certificate verify" can not be changed. It is used in `Authentication: client badcert, server none` test. Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index fcf57f06d..32893acac 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2802,7 +2802,10 @@ static void ssl_tls13_prepare_for_handshake_second_flight( if (ssl->handshake->certificate_request_sent) { mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); } else { - MBEDTLS_SSL_DEBUG_MSG(2, ("Skip certificate and certificate verify parsing")); + MBEDTLS_SSL_DEBUG_MSG(2, ("skip parse certificate verify")); + MBEDTLS_SSL_DEBUG_MSG( + 2, ("Skip certificate and certificate verify parsing")); + mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); } } From 70fbdcf904605fd1a53c4f6e5ff7415a753ee458 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Mon, 4 Dec 2023 08:46:02 +0000 Subject: [PATCH 0934/1674] Change early data flag to input file Signed-off-by: Xiaokang Qian --- programs/ssl/ssl_client2.c | 83 +++++++++++++++++++++++++------ tests/opt-testcases/tls13-misc.sh | 4 +- 2 files changed, 70 insertions(+), 17 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index f6a6bb6d9..ecf225688 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -52,7 +52,7 @@ int main(void) #define DFL_KEY_OPAQUE 0 #define DFL_KEY_PWD "" #define DFL_PSK "" -#define DFL_EARLY_DATA MBEDTLS_SSL_EARLY_DATA_DISABLED +#define DFL_EARLY_DATA_FILE "" #define DFL_PSK_OPAQUE 0 #define DFL_PSK_IDENTITY "Client_identity" #define DFL_ECJPAKE_PW NULL @@ -347,8 +347,9 @@ int main(void) #if defined(MBEDTLS_SSL_EARLY_DATA) #define USAGE_EARLY_DATA \ - " early_data=%%d default: 0 (disabled)\n" \ - " options: 0 (disabled), 1 (enabled)\n" + " early_data=%%s The file path to read early data from\n" \ + " default: \"\" (do nothing)\n" \ + " option: a file path\n" #else #define USAGE_EARLY_DATA "" #endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_PROTO_TLS1_3 */ @@ -543,7 +544,7 @@ struct options { int reproducible; /* make communication reproducible */ int skip_close_notify; /* skip sending the close_notify alert */ #if defined(MBEDTLS_SSL_EARLY_DATA) - int early_data; /* support for early data */ + const char *early_data_file; /* the file path of early data */ #endif int query_config_mode; /* whether to read config */ int use_srtp; /* Support SRTP */ @@ -716,6 +717,46 @@ exit: return ret; } +#if defined(MBEDTLS_SSL_EARLY_DATA) + +#define MBEDTLS_ERR_EARLY_FILE_IO_ERROR -2 + +int ssl_early_data_read_file(const char *path, unsigned char **buffer, size_t *length) +{ + FILE *f; + long size; + + if ((f = fopen(path, "rb")) == NULL) { + return MBEDTLS_ERR_EARLY_FILE_IO_ERROR; + } + + fseek(f, 0, SEEK_END); + if ((size = ftell(f)) == -1) { + fclose(f); + return MBEDTLS_ERR_EARLY_FILE_IO_ERROR; + } + fseek(f, 0, SEEK_SET); + + *length = (size_t) size; + if (*length + 1 == 0 || + (*buffer = mbedtls_calloc(1, *length + 1)) == NULL) { + fclose(f); + return MBEDTLS_ERR_SSL_ALLOC_FAILED; + } + + if (fread(*buffer, 1, *length, f) != *length) { + fclose(f); + return MBEDTLS_ERR_EARLY_FILE_IO_ERROR; + } + + fclose(f); + + (*buffer)[*length] = '\0'; + + return 0; +} +#endif /* MBEDTLS_SSL_EARLY_DATA */ + int main(int argc, char *argv[]) { int ret = 0, len, tail_len, i, written, frags, retry_left; @@ -741,6 +782,10 @@ int main(int argc, char *argv[]) size_t cid_renego_len = 0; #endif +#if defined(MBEDTLS_SSL_EARLY_DATA) + unsigned char *early_data = NULL; +#endif /* MBEDTLS_SSL_EARLY_DATA */ + #if defined(MBEDTLS_SSL_ALPN) const char *alpn_list[ALPN_LIST_SIZE]; #endif @@ -912,7 +957,7 @@ int main(int argc, char *argv[]) opt.groups = DFL_GROUPS; opt.sig_algs = DFL_SIG_ALGS; #if defined(MBEDTLS_SSL_EARLY_DATA) - opt.early_data = DFL_EARLY_DATA; + opt.early_data_file = DFL_EARLY_DATA_FILE; #endif opt.transport = DFL_TRANSPORT; opt.hs_to_min = DFL_HS_TO_MIN; @@ -1196,15 +1241,7 @@ usage: #if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_SSL_EARLY_DATA) else if (strcmp(p, "early_data") == 0) { - switch (atoi(q)) { - case 0: - opt.early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED; - break; - case 1: - opt.early_data = MBEDTLS_SSL_EARLY_DATA_ENABLED; - break; - default: goto usage; - } + opt.early_data_file = q; } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -1971,7 +2008,16 @@ usage: } #if defined(MBEDTLS_SSL_EARLY_DATA) - mbedtls_ssl_conf_early_data(&conf, opt.early_data); + int early_data_enabled = 0; + size_t early_data_len; + if (strlen(opt.early_data_file) > 0 && + ssl_early_data_read_file(opt.early_data_file, + &early_data, &early_data_len) == 0) { + early_data_enabled = MBEDTLS_SSL_EARLY_DATA_ENABLED; + } else { + early_data_enabled = MBEDTLS_SSL_EARLY_DATA_DISABLED; + } + mbedtls_ssl_conf_early_data(&conf, early_data_enabled); #endif /* MBEDTLS_SSL_EARLY_DATA */ if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { @@ -3029,6 +3075,13 @@ exit: mbedtls_ssl_config_free(&conf); mbedtls_ssl_session_free(&saved_session); +#if defined(MBEDTLS_SSL_EARLY_DATA) + if (early_data != NULL) { + mbedtls_platform_zeroize(early_data, early_data_len); + } + mbedtls_free(early_data); +#endif + if (session_data != NULL) { mbedtls_platform_zeroize(session_data, session_data_len); } diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index f03a386a0..cf8aa745a 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -263,7 +263,7 @@ requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ run_test "TLS 1.3 m->G: EarlyData: basic check, good" \ "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK \ --earlydata --maxearlydata 16384 --disable-client-cert" \ - "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1 reco_delay=900" \ + "$P_CLI debug_level=4 early_data=$EARLY_DATA_INPUT reco_mode=1 reconnect=1 reco_delay=900" \ 0 \ -c "received max_early_data_size: 16384" \ -c "Reconnecting with saved session" \ @@ -287,7 +287,7 @@ requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3 m->G: EarlyData: no early_data in NewSessionTicket, good" \ "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK --disable-client-cert" \ - "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1" \ + "$P_CLI debug_level=4 early_data=$EARLY_DATA_INPUT reco_mode=1 reconnect=1" \ 0 \ -c "Reconnecting with saved session" \ -C "NewSessionTicket: early_data(42) extension received." \ From 4ac2c1883465d3fac2e7e578c4e3569b1de8b886 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 5 Dec 2023 07:59:01 +0100 Subject: [PATCH 0935/1674] pk_wrap: try both ECDSA signature schemes in ecdsa_sign_psa() Instead of extracting key's properties in order to check whether it supports deterministic or non-deterministic ECDSA, we try both. Signed-off-by: Valerio Setti --- library/pk_wrap.c | 31 ++++++++++++++----------------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 182d07f72..0fb3c4217 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -955,37 +955,34 @@ static int pk_ecdsa_sig_asn1_from_psa(unsigned char *sig, size_t *sig_len, return 0; } -/* Common helper for ECDSA sign using PSA functions. */ +/* Common helper for ECDSA sign using PSA functions. + * Instead of extracting key's properties in order to check which kind of ECDSA + * signature it supports, we try both deterministic and non-deterministic. + */ static int ecdsa_sign_psa(mbedtls_svc_key_id_t key_id, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hash_len, unsigned char *sig, size_t sig_size, size_t *sig_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_status_t status; - psa_algorithm_t psa_sig_md; - psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg, alg2; - status = psa_get_key_attributes(key_id, &key_attr); - if (status != PSA_SUCCESS) { + status = psa_sign_hash(key_id, + PSA_ALG_DETERMINISTIC_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)), + hash, hash_len, sig, sig_size, sig_len); + if (status == PSA_SUCCESS) { + goto done; + } else if (status != PSA_ERROR_NOT_PERMITTED) { return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status); } - alg = psa_get_key_algorithm(&key_attr); - alg2 = psa_get_key_enrollment_algorithm(&key_attr); - psa_reset_key_attributes(&key_attr); - if (PSA_ALG_IS_DETERMINISTIC_ECDSA(alg) || PSA_ALG_IS_DETERMINISTIC_ECDSA(alg2)) { - psa_sig_md = PSA_ALG_DETERMINISTIC_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)); - } else { - psa_sig_md = PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)); - } - - status = psa_sign_hash(key_id, psa_sig_md, hash, hash_len, - sig, sig_size, sig_len); + status = psa_sign_hash(key_id, + PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)), + hash, hash_len, sig, sig_size, sig_len); if (status != PSA_SUCCESS) { return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status); } +done: ret = pk_ecdsa_sig_asn1_from_psa(sig, sig_len, sig_size); return ret; From 631e6bd221a75bf46cc9baaaaf5a9feefff56a49 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Tue, 5 Dec 2023 15:34:49 +0800 Subject: [PATCH 0936/1674] ChangeLog: add fix-tls13-server-min-version-check.txt Signed-off-by: Yanray Wang --- ChangeLog.d/fix-tls13-server-min-version-check.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/fix-tls13-server-min-version-check.txt diff --git a/ChangeLog.d/fix-tls13-server-min-version-check.txt b/ChangeLog.d/fix-tls13-server-min-version-check.txt new file mode 100644 index 000000000..b05ad7c54 --- /dev/null +++ b/ChangeLog.d/fix-tls13-server-min-version-check.txt @@ -0,0 +1,4 @@ +Bugfix + * Add missing check for `min_tls_version` in TLS 1.3 server-side. + Without this, TLS 1.3 server may downgrade protocol to a TLS version + below its supported minimum TLS version. Fixes #8593. From 42020fb1862375ac4fa921cabe2cf8d987319444 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 5 Dec 2023 17:35:53 +0800 Subject: [PATCH 0937/1674] revert output message which used by testing Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 32893acac..bfe805f49 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2802,9 +2802,8 @@ static void ssl_tls13_prepare_for_handshake_second_flight( if (ssl->handshake->certificate_request_sent) { mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); } else { + MBEDTLS_SSL_DEBUG_MSG(2, ("skip parse certificate")); MBEDTLS_SSL_DEBUG_MSG(2, ("skip parse certificate verify")); - MBEDTLS_SSL_DEBUG_MSG( - 2, ("Skip certificate and certificate verify parsing")); mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_FINISHED); } From 9f55e8e44267ab76bcae94184716122b6729b517 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Dec 2023 22:21:09 +0100 Subject: [PATCH 0938/1674] Add a section about ALT implementations Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index d0a0de656..acfd64ab1 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -226,6 +226,12 @@ When PSA Crypto mechanisms are implemented by the built-in code from Mbed TLS, t The PSA Crypto API may use accelerator drivers. In this case any options controlling the driver behavior are driver-specific. +### Alternative implementations (`MBEDTLS_xxx_ALT` options) + +In the Mbed TLS legacy interface, you can replace some cryptographic primitives and modes by an alternative implementation, by enabling configuration options of the form `MBEDTLS_xxx_ALT` and linking with your own implementation of the affected function or module. Alternative implementations remain supported in Mbed TLS 3.x even if the application code uses the PSA API. However, they will be removed from the next version of the library. + +The corresponding PSA feature is accelerator drivers. To implement an accelerator driver, see the [PSA cryptoprocessor driver example and guide](https://github.com/Mbed-TLS/mbedtls/blob/development/docs/psa-driver-example-and-guide.md). In an application that uses both the legacy interface and the PSA interface for the same mechanism, only some algorithms support calling a PSA driver from the legacy interface. See the [Guide to driver-only builds](https://github.com/Mbed-TLS/mbedtls/blob/development/docs/driver-only-builds.md) for more information. + ### Self-tests There is currently [no PSA equivalent to the self-tests](https://github.com/Mbed-TLS/mbedtls/issues/7781) enabled by `MBEDTLS_SELF_TEST`. From 6c678d7543d47a2e1ba0a69e98b5ffd1b7020bf6 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Wed, 6 Dec 2023 02:20:51 +0000 Subject: [PATCH 0939/1674] Improve the comments of early data input Signed-off-by: Xiaokang Qian --- programs/ssl/ssl_client2.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index ecf225688..64d2a1e39 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -348,8 +348,8 @@ int main(void) #if defined(MBEDTLS_SSL_EARLY_DATA) #define USAGE_EARLY_DATA \ " early_data=%%s The file path to read early data from\n" \ - " default: \"\" (do nothing)\n" \ - " option: a file path\n" + " default: \"\" (do nothing)\n" \ + " option: a file path\n" #else #define USAGE_EARLY_DATA "" #endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_PROTO_TLS1_3 */ @@ -544,7 +544,8 @@ struct options { int reproducible; /* make communication reproducible */ int skip_close_notify; /* skip sending the close_notify alert */ #if defined(MBEDTLS_SSL_EARLY_DATA) - const char *early_data_file; /* the file path of early data */ + const char *early_data_file; /* the path of the file containing the + * early data to send */ #endif int query_config_mode; /* whether to read config */ int use_srtp; /* Support SRTP */ From b1db72923e1b9c08bcb19b526ad142f8340fdc2c Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Wed, 6 Dec 2023 02:33:38 +0000 Subject: [PATCH 0940/1674] Rename the generic read functions to ssl_read_file_text Signed-off-by: Xiaokang Qian --- programs/ssl/ssl_client2.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 64d2a1e39..d4ca4d824 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -720,21 +720,22 @@ exit: #if defined(MBEDTLS_SSL_EARLY_DATA) -#define MBEDTLS_ERR_EARLY_FILE_IO_ERROR -2 +#define MBEDTLS_ERR_FILE_IO_ERROR -2 -int ssl_early_data_read_file(const char *path, unsigned char **buffer, size_t *length) +static int ssl_read_file_text(const char *path, + unsigned char **buffer, size_t *length) { FILE *f; long size; if ((f = fopen(path, "rb")) == NULL) { - return MBEDTLS_ERR_EARLY_FILE_IO_ERROR; + return MBEDTLS_ERR_FILE_IO_ERROR; } fseek(f, 0, SEEK_END); if ((size = ftell(f)) == -1) { fclose(f); - return MBEDTLS_ERR_EARLY_FILE_IO_ERROR; + return MBEDTLS_ERR_FILE_IO_ERROR; } fseek(f, 0, SEEK_SET); @@ -747,7 +748,7 @@ int ssl_early_data_read_file(const char *path, unsigned char **buffer, size_t *l if (fread(*buffer, 1, *length, f) != *length) { fclose(f); - return MBEDTLS_ERR_EARLY_FILE_IO_ERROR; + return MBEDTLS_ERR_FILE_IO_ERROR; } fclose(f); From eaebedb30b3810ff4dde12395d396a92740c847b Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Wed, 6 Dec 2023 02:55:16 +0000 Subject: [PATCH 0941/1674] Refine the detect code to enable early data or not Signed-off-by: Xiaokang Qian --- programs/ssl/ssl_client2.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index d4ca4d824..848fa123d 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -2010,14 +2010,12 @@ usage: } #if defined(MBEDTLS_SSL_EARLY_DATA) - int early_data_enabled = 0; + int early_data_enabled = MBEDTLS_SSL_EARLY_DATA_DISABLED; size_t early_data_len; if (strlen(opt.early_data_file) > 0 && - ssl_early_data_read_file(opt.early_data_file, - &early_data, &early_data_len) == 0) { + ssl_read_file_text(opt.early_data_file, + &early_data, &early_data_len) == 0) { early_data_enabled = MBEDTLS_SSL_EARLY_DATA_ENABLED; - } else { - early_data_enabled = MBEDTLS_SSL_EARLY_DATA_DISABLED; } mbedtls_ssl_conf_early_data(&conf, early_data_enabled); #endif /* MBEDTLS_SSL_EARLY_DATA */ From f8fe11d14d5cfbfbd16589fc44aa974757b7db11 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Wed, 6 Dec 2023 07:40:50 +0000 Subject: [PATCH 0942/1674] Remove the generic file read functions and simply the early data read Signed-off-by: Xiaokang Qian --- programs/ssl/ssl_client2.c | 67 ++++++++------------------------------ 1 file changed, 14 insertions(+), 53 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 848fa123d..297da65b2 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -718,47 +718,6 @@ exit: return ret; } -#if defined(MBEDTLS_SSL_EARLY_DATA) - -#define MBEDTLS_ERR_FILE_IO_ERROR -2 - -static int ssl_read_file_text(const char *path, - unsigned char **buffer, size_t *length) -{ - FILE *f; - long size; - - if ((f = fopen(path, "rb")) == NULL) { - return MBEDTLS_ERR_FILE_IO_ERROR; - } - - fseek(f, 0, SEEK_END); - if ((size = ftell(f)) == -1) { - fclose(f); - return MBEDTLS_ERR_FILE_IO_ERROR; - } - fseek(f, 0, SEEK_SET); - - *length = (size_t) size; - if (*length + 1 == 0 || - (*buffer = mbedtls_calloc(1, *length + 1)) == NULL) { - fclose(f); - return MBEDTLS_ERR_SSL_ALLOC_FAILED; - } - - if (fread(*buffer, 1, *length, f) != *length) { - fclose(f); - return MBEDTLS_ERR_FILE_IO_ERROR; - } - - fclose(f); - - (*buffer)[*length] = '\0'; - - return 0; -} -#endif /* MBEDTLS_SSL_EARLY_DATA */ - int main(int argc, char *argv[]) { int ret = 0, len, tail_len, i, written, frags, retry_left; @@ -784,10 +743,6 @@ int main(int argc, char *argv[]) size_t cid_renego_len = 0; #endif -#if defined(MBEDTLS_SSL_EARLY_DATA) - unsigned char *early_data = NULL; -#endif /* MBEDTLS_SSL_EARLY_DATA */ - #if defined(MBEDTLS_SSL_ALPN) const char *alpn_list[ALPN_LIST_SIZE]; #endif @@ -2011,11 +1966,18 @@ usage: #if defined(MBEDTLS_SSL_EARLY_DATA) int early_data_enabled = MBEDTLS_SSL_EARLY_DATA_DISABLED; - size_t early_data_len; - if (strlen(opt.early_data_file) > 0 && - ssl_read_file_text(opt.early_data_file, - &early_data, &early_data_len) == 0) { - early_data_enabled = MBEDTLS_SSL_EARLY_DATA_ENABLED; + FILE *early_data_fp = NULL; + size_t early_data_len = 0; + if (strlen(opt.early_data_file) > 0) { + if ((early_data_fp = fopen(opt.early_data_file, "rb")) == NULL) { + mbedtls_printf("failed\n ! Cannot open '%s' for reading.\n", + opt.early_data_file); + goto exit; + } + early_data_len = fread(buf, 1, sizeof(buf), early_data_fp); + if (early_data_len > 0) { + early_data_enabled = MBEDTLS_SSL_EARLY_DATA_ENABLED; + } } mbedtls_ssl_conf_early_data(&conf, early_data_enabled); #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -3076,10 +3038,9 @@ exit: mbedtls_ssl_session_free(&saved_session); #if defined(MBEDTLS_SSL_EARLY_DATA) - if (early_data != NULL) { - mbedtls_platform_zeroize(early_data, early_data_len); + if (early_data_fp != NULL) { + fclose(early_data_fp); } - mbedtls_free(early_data); #endif if (session_data != NULL) { From fbbafa0d2d52d0b78ae52b9e66cb73058b285aa3 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 6 Dec 2023 10:07:34 +0100 Subject: [PATCH 0943/1674] pkparse: do not set key algorithm for Montgomery keys in pk_ecc_set_key() Signed-off-by: Valerio Setti --- library/pkparse.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index edebf92ff..18498e5f0 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -105,16 +105,21 @@ static int pk_ecc_set_key(mbedtls_pk_context *pk, { #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_usage_t flags; psa_status_t status; psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); - psa_set_key_algorithm(&attributes, PSA_ALG_ECDH); - psa_key_usage_t flags = PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE; - /* Montgomery allows only ECDH, others ECDSA too */ - if (pk->ec_family != PSA_ECC_FAMILY_MONTGOMERY) { - flags |= PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE; - psa_set_key_enrollment_algorithm(&attributes, - MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET(PSA_ALG_ANY_HASH)); + if (pk->ec_family == PSA_ECC_FAMILY_MONTGOMERY) { + /* Do not set algorithm here because Montgomery keys cannot do ECDSA and + * the PK module cannot do ECDH. When the key will be used in TLS for + * ECDH, it will be exported and then re-imported with proper flags + * and algorithm. */ + flags = PSA_KEY_USAGE_EXPORT; + } else { + psa_set_key_algorithm(&attributes, + MBEDTLS_PK_PSA_ALG_ECDSA_MAYBE_DET(PSA_ALG_ANY_HASH)); + flags = PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | + PSA_KEY_USAGE_EXPORT; } psa_set_key_usage_flags(&attributes, flags); From 611c717c02751b07870f482fcfd415ec38371f60 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Wed, 6 Dec 2023 09:24:58 +0000 Subject: [PATCH 0944/1674] Sync the early_data option with internal parameters in ssl_client2 Signed-off-by: Xiaokang Qian --- programs/ssl/ssl_client2.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 297da65b2..69f9d5131 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -544,8 +544,8 @@ struct options { int reproducible; /* make communication reproducible */ int skip_close_notify; /* skip sending the close_notify alert */ #if defined(MBEDTLS_SSL_EARLY_DATA) - const char *early_data_file; /* the path of the file containing the - * early data to send */ + const char *early_data; /* the path of the file containing the + * early data to send */ #endif int query_config_mode; /* whether to read config */ int use_srtp; /* Support SRTP */ @@ -914,7 +914,7 @@ int main(int argc, char *argv[]) opt.groups = DFL_GROUPS; opt.sig_algs = DFL_SIG_ALGS; #if defined(MBEDTLS_SSL_EARLY_DATA) - opt.early_data_file = DFL_EARLY_DATA_FILE; + opt.early_data = DFL_EARLY_DATA_FILE; #endif opt.transport = DFL_TRANSPORT; opt.hs_to_min = DFL_HS_TO_MIN; @@ -1198,7 +1198,7 @@ usage: #if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_SSL_EARLY_DATA) else if (strcmp(p, "early_data") == 0) { - opt.early_data_file = q; + opt.early_data = q; } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -1968,10 +1968,10 @@ usage: int early_data_enabled = MBEDTLS_SSL_EARLY_DATA_DISABLED; FILE *early_data_fp = NULL; size_t early_data_len = 0; - if (strlen(opt.early_data_file) > 0) { - if ((early_data_fp = fopen(opt.early_data_file, "rb")) == NULL) { + if (strlen(opt.early_data) > 0) { + if ((early_data_fp = fopen(opt.early_data, "rb")) == NULL) { mbedtls_printf("failed\n ! Cannot open '%s' for reading.\n", - opt.early_data_file); + opt.early_data); goto exit; } early_data_len = fread(buf, 1, sizeof(buf), early_data_fp); From bced8bc8d7c77c76dd5cfd962cd97c15ba33cab3 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 6 Dec 2023 10:40:47 +0100 Subject: [PATCH 0945/1674] ssl_tls12_server: export/import PK parsed key in TLS side Instead of setting both algorithm and enrollement algorithm in the PK module when parsing the key: - for Weierstrass keys we only set ECDSA algorithm, - for Montgomery keys we don't set any algorithm. Reasons: - PK module can only do ECDSA and not ECDH - ECDH is only used in TLS - Montgomery keys cannot be used to do ECDSA, while Weierstrass ones can do both ECDSA and ECDH. So the idea is that once TLS needs the key to do ECDH (either Weierstrass and Montgomery), it exports the one parsed from the PK module and then re-imports it setting proper algorithm and flags. In this way the TLS module will own the new key so it will be its duty to clear it on exit. Signed-off-by: Valerio Setti --- library/ssl_tls12_server.c | 49 ++++++++++++++++++++++++++++---------- 1 file changed, 36 insertions(+), 13 deletions(-) diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index a07d0fb34..f9ce7a6b6 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -2597,12 +2597,12 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) mbedtls_pk_context *pk; mbedtls_pk_type_t pk_type; psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT; + unsigned char buf[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)]; + size_t key_len; #if !defined(MBEDTLS_PK_USE_PSA_EC_DATA) uint16_t tls_id = 0; psa_key_type_t key_type = PSA_KEY_TYPE_NONE; - size_t key_len; mbedtls_ecp_group_id grp_id; - unsigned char buf[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(PSA_VENDOR_ECC_MAX_CURVE_BITS)]; mbedtls_ecp_keypair *key; #endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */ @@ -2625,22 +2625,41 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } - ssl->handshake->xxdh_psa_privkey = pk->priv_id; - - /* Key should not be destroyed in the TLS library */ - ssl->handshake->xxdh_psa_privkey_is_external = 1; - - status = psa_get_key_attributes(ssl->handshake->xxdh_psa_privkey, - &key_attributes); + /* Get the attributes of the key previously parsed by PK module in + * order to extract its type and length (in bits). */ + status = psa_get_key_attributes(pk->priv_id, &key_attributes); if (status != PSA_SUCCESS) { - ssl->handshake->xxdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT; - return PSA_TO_MBEDTLS_ERR(status); + ret = PSA_TO_MBEDTLS_ERR(status); + goto exit; } - ssl->handshake->xxdh_psa_type = psa_get_key_type(&key_attributes); ssl->handshake->xxdh_psa_bits = psa_get_key_bits(&key_attributes); - psa_reset_key_attributes(&key_attributes); + /* Now export and then re-import the same key with proper flags + * and algorithm. We also set key's type and bits that we just got + * above. */ + key_attributes = psa_key_attributes_init(); + psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH); + psa_set_key_type(&key_attributes, + PSA_KEY_TYPE_ECC_KEY_PAIR(ssl->handshake->xxdh_psa_type)); + psa_set_key_bits(&key_attributes, ssl->handshake->xxdh_psa_bits); + + status = psa_export_key(pk->priv_id, buf, sizeof(buf), &key_len); + if (status != PSA_SUCCESS) { + ret = PSA_TO_MBEDTLS_ERR(status); + goto exit; + } + status = psa_import_key(&key_attributes, buf, key_len, + &ssl->handshake->xxdh_psa_privkey); + if (status != PSA_SUCCESS) { + ret = PSA_TO_MBEDTLS_ERR(status); + goto exit; + } + + /* Set this key as owned by the TLS library: it will be its duty + * to clear it exit. */ + ssl->handshake->xxdh_psa_privkey_is_external = 0; ret = 0; break; @@ -2696,6 +2715,10 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) ret = MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } +exit: + psa_reset_key_attributes(&key_attributes); + mbedtls_platform_zeroize(buf, sizeof(buf)); + return ret; } #else /* MBEDTLS_USE_PSA_CRYPTO */ From 01da35e2c868ee7f324bad239d835b1670759b27 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 12 Dec 2022 15:09:22 +0800 Subject: [PATCH 0946/1674] add early data extension of NST Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 69 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 66 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index bfe805f49..78a85633b 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3195,6 +3195,49 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl, return 0; } +#if defined(MBEDTLS_SSL_EARLY_DATA) +/* RFC 8446 section 4.2.10 + * + * struct { + * select ( Handshake.msg_type ) { + * case new_session_ticket: uint32 max_early_data_size; + * ... + * }; + * } EarlyDataIndication; + */ +MBEDTLS_CHECK_RETURN_CRITICAL +static int ssl_tls13_write_early_data_ext_of_nst(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *out_len) +{ + unsigned char *p = buf; + *out_len = 0; + + if ((ssl->session->ticket_flags & + MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA) == 0) { + MBEDTLS_SSL_DEBUG_MSG( + 4, ("Skip early_data extension in NST for it is not allowed.")); + return 0; + } + + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 8); + + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_EARLY_DATA, p, 0); + MBEDTLS_PUT_UINT16_BE(4, p, 2); + MBEDTLS_PUT_UINT32_BE(ssl->conf->max_early_data_size, p, 4); + MBEDTLS_SSL_DEBUG_MSG( + 4, ("Sent max_early_data_size=%u", + (unsigned int) ssl->conf->max_early_data_size)); + + *out_len = 8; + + mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_EARLY_DATA); + + return 0; +} +#endif /* MBEDTLS_SSL_EARLY_DATA */ + /* This function creates a NewSessionTicket message in the following format: * * struct { @@ -3232,10 +3275,20 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, mbedtls_ssl_session *session = ssl->session; size_t ticket_len; uint32_t ticket_lifetime; + unsigned char *p_extensions_len; + size_t output_len; + + ((void) output_len); *out_len = 0; MBEDTLS_SSL_DEBUG_MSG(2, ("=> write NewSessionTicket msg")); +#if defined(MBEDTLS_SSL_EARLY_DATA) + if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { + session->ticket_flags |= MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA; + } +#endif /* MBEDTLS_SSL_EARLY_DATA */ + /* * ticket_lifetime 4 bytes * ticket_age_add 4 bytes @@ -3293,15 +3346,25 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, /* Ticket Extensions * - * Note: We currently don't have any extensions. - * Set length to zero. + * Extension extensions<0..2^16-2>; */ ssl->handshake->sent_extensions = MBEDTLS_SSL_EXT_MASK_NONE; MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2); - MBEDTLS_PUT_UINT16_BE(0, p, 0); + p_extensions_len = p; p += 2; +#if defined(MBEDTLS_SSL_EARLY_DATA) + if ((ret = ssl_tls13_write_early_data_ext_of_nst( + ssl, p, end, &output_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET(1, "ssl_tls13_write_early_data_ext_of_nst", ret); + return ret; + } + p += output_len; +#endif /* MBEDTLS_SSL_EARLY_DATA */ + + MBEDTLS_PUT_UINT16_BE(p - p_extensions_len - 2, p_extensions_len, 0); + *out_len = p - buf; MBEDTLS_SSL_DEBUG_BUF(4, "ticket", buf, *out_len); MBEDTLS_SSL_DEBUG_MSG(2, ("<= write new session ticket")); From fceddb310e740605b389cf97035b8d9303fb4b58 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 12 Dec 2022 15:30:34 +0800 Subject: [PATCH 0947/1674] Add early data permission check Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 78a85633b..e3ee95b1c 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1845,6 +1845,14 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) } + if (mbedtls_ssl_session_get_ticket_flags( + ssl->session_negotiate, + MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA) == 0) { + MBEDTLS_SSL_DEBUG_MSG( + 1, + ("EarlyData: rejected, denied by ticket permission bits.")); + return; + } ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED; From 3c2b21ed0e182586caab4954517149f5ca44a147 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 8 Feb 2023 16:39:13 +0800 Subject: [PATCH 0948/1674] Enable multi max_early_data_size value for connections For test purpose, we set different value for each session Signed-off-by: Jerry Yu --- programs/ssl/ssl_server2.c | 61 +++++++++++++++++++++++++------------- 1 file changed, 41 insertions(+), 20 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index c96128b94..4ef249468 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -122,7 +122,7 @@ int main(void) #define DFL_SNI NULL #define DFL_ALPN_STRING NULL #define DFL_GROUPS NULL -#define DFL_MAX_EARLY_DATA_SIZE 0 +#define DFL_MAX_EARLY_DATA_SIZE NULL #define DFL_SIG_ALGS NULL #define DFL_DHM_FILE NULL #define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM @@ -427,11 +427,15 @@ int main(void) #define USAGE_ECJPAKE "" #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ +#define ARRAY_LENGTH(a) (sizeof(a)/sizeof(a[0])) #if defined(MBEDTLS_SSL_EARLY_DATA) + #define USAGE_EARLY_DATA \ - " max_early_data_size=%%d default: -1 (disabled)\n" \ - " options: -1 (disabled), " \ - " >= 0 (enabled, max amount of early data )\n" + " max_early_data_size=%%d default: -1 (disabled)\n" \ + " The max amount of 0-RTT data for 1st and 2nd connection\n" \ + " format: 1st_connection_value[,2nd_connection_value]\n" \ + " available values: < 0 (disabled), >= 0 (enabled).\n" \ + " The absolute value is the max amount of 0-RTT data.\n" #else #define USAGE_EARLY_DATA "" #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -556,6 +560,7 @@ int main(void) USAGE_GROUPS \ USAGE_SIG_ALGS \ USAGE_KEY_OPAQUE_ALGS \ + USAGE_EARLY_DATA \ "\n" #if defined(MBEDTLS_SSL_PROTO_TLS1_3) @@ -693,7 +698,7 @@ struct options { const char *cid_val_renego; /* the CID to use for incoming messages * after renegotiation */ int reproducible; /* make communication reproducible */ - uint32_t max_early_data_size; /* max amount of early data */ + const char *max_early_data_size; /* max amount list of early data */ int query_config_mode; /* whether to read config */ int use_srtp; /* Support SRTP */ int force_srtp_profile; /* SRTP protection profile to use or all */ @@ -1609,7 +1614,9 @@ int main(int argc, char *argv[]) #endif /* MBEDTLS_SSL_DTLS_SRTP */ #if defined(MBEDTLS_SSL_EARLY_DATA) - int tls13_early_data_enabled = MBEDTLS_SSL_EARLY_DATA_DISABLED; + long long max_early_data_size_list[2]; + size_t max_early_data_size_count = 0; + size_t tls13_connection_counter = 0; #endif #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf)); @@ -1979,12 +1986,23 @@ usage: #endif #if defined(MBEDTLS_SSL_EARLY_DATA) else if (strcmp(p, "max_early_data_size") == 0) { - long long value = atoll(q); - tls13_early_data_enabled = - value >= 0 ? MBEDTLS_SSL_EARLY_DATA_ENABLED : - MBEDTLS_SSL_EARLY_DATA_DISABLED; - if (tls13_early_data_enabled) { - opt.max_early_data_size = atoi(q); + char *endptr, *str; + opt.max_early_data_size = q; + str = endptr = q; + for (size_t early_data_size_iter = 0; + early_data_size_iter < ARRAY_LENGTH(max_early_data_size_list); + early_data_size_iter++) { + long long value = strtoll(str, &endptr, 0); + if (str == endptr || (*endptr != ',' && *endptr != '\0')) { + mbedtls_printf("fail\n illegal digital number for max_early_data_size %s\n", + endptr); + goto exit; + } + max_early_data_size_list[max_early_data_size_count++] = value; + if (*endptr == '\0') { + break; + } + str = endptr + 1; } } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -2806,14 +2824,6 @@ usage: mbedtls_ssl_conf_cert_req_ca_list(&conf, opt.cert_req_ca_list); } -#if defined(MBEDTLS_SSL_EARLY_DATA) - mbedtls_ssl_conf_early_data(&conf, tls13_early_data_enabled); - if (tls13_early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { - mbedtls_ssl_conf_max_early_data_size( - &conf, opt.max_early_data_size); - } -#endif /* MBEDTLS_SSL_EARLY_DATA */ - #if defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) /* exercise setting DN hints for server certificate request * (Intended for use where the client cert expected has been signed by @@ -3311,6 +3321,17 @@ usage: mbedtls_printf(" ok\n"); reset: + +#if defined(MBEDTLS_SSL_EARLY_DATA) + if (tls13_connection_counter < max_early_data_size_count) { + long long max_early_data_size = max_early_data_size_list[tls13_connection_counter]; + mbedtls_ssl_conf_early_data( + &conf, max_early_data_size < 0 ? MBEDTLS_SSL_EARLY_DATA_DISABLED : + MBEDTLS_SSL_EARLY_DATA_ENABLED); + mbedtls_ssl_conf_max_early_data_size(&conf, (uint32_t) llabs(max_early_data_size)); + } + tls13_connection_counter++; +#endif /* MBEDTLS_SSL_EARLY_DATA */ #if !defined(_WIN32) if (received_sigterm) { mbedtls_printf(" interrupted by SIGTERM (not in net_accept())\n"); From 391c9433401a673b849e37ebbc4b5c985e650d1d Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 15 Nov 2023 12:46:58 +0800 Subject: [PATCH 0949/1674] Add tests for ticket early data permission bit Signed-off-by: Jerry Yu --- tests/opt-testcases/tls13-misc.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index e4df1fe2f..5b624b5ec 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -502,7 +502,7 @@ run_test "TLS 1.3 G->m: EarlyData: feature is disabled, fail." \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL -d 10 -r --earlydata $EARLY_DATA_INPUT" \ 1 \ -s "ClientHello: early_data(42) extension exists." \ - -s "EncryptedExtensions: early_data(42) extension does not exist." \ + -s "EncryptedExtensions: early_data(42) extension does not exist." \ -s "NewSessionTicket: early_data(42) extension does not exist." \ -s "Last error was: -29056 - SSL - Verification of the message MAC failed" @@ -518,7 +518,10 @@ run_test "TLS 1.3 G->m: EarlyData: feature is enabled, good." \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL:+KX-ALL \ -d 10 -r --earlydata $EARLY_DATA_INPUT " \ 0 \ + -s "NewSessionTicket: early_data(42) extension exists." \ + -s "Sent max_early_data_size=$EARLY_DATA_INPUT_LEN" \ -s "ClientHello: early_data(42) extension exists." \ -s "EncryptedExtensions: early_data(42) extension exists." \ - -s "NewSessionTicket: early_data(42) extension does not exist." \ -s "$( tail -1 $EARLY_DATA_INPUT )" + + From 3db60dfe5e9b6b1a377f488b898a6facac3dd003 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 21 Nov 2023 16:39:10 +0800 Subject: [PATCH 0950/1674] rename nst early data write function Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index e3ee95b1c..9f4926a9f 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3214,10 +3214,10 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl, * } EarlyDataIndication; */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_write_early_data_ext_of_nst(mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *out_len) +static int ssl_tls13_write_nst_early_data_ext(mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *out_len) { unsigned char *p = buf; *out_len = 0; @@ -3363,9 +3363,9 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, p += 2; #if defined(MBEDTLS_SSL_EARLY_DATA) - if ((ret = ssl_tls13_write_early_data_ext_of_nst( + if ((ret = ssl_tls13_write_nst_early_data_ext( ssl, p, end, &output_len)) != 0) { - MBEDTLS_SSL_DEBUG_RET(1, "ssl_tls13_write_early_data_ext_of_nst", ret); + MBEDTLS_SSL_DEBUG_RET(1, "ssl_tls13_write_nst_early_data_ext", ret); return ret; } p += output_len; From ea96ac3da97a3647b6d801a20ca524156c327757 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 21 Nov 2023 17:06:36 +0800 Subject: [PATCH 0951/1674] fix various issues - get ticket_flags with function. - improve output message and check it. - improve `ssl_server2` help message Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 10 ++++++---- programs/ssl/ssl_server2.c | 4 +++- tests/opt-testcases/tls13-misc.sh | 2 -- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 9f4926a9f..7a02c7169 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1850,7 +1850,8 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA) == 0) { MBEDTLS_SSL_DEBUG_MSG( 1, - ("EarlyData: rejected, denied by ticket permission bits.")); + ("EarlyData: rejected, early_data not allowed in ticket " + "permission bits.")); return; } @@ -3222,10 +3223,11 @@ static int ssl_tls13_write_nst_early_data_ext(mbedtls_ssl_context *ssl, unsigned char *p = buf; *out_len = 0; - if ((ssl->session->ticket_flags & - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA) == 0) { + if (mbedtls_ssl_session_get_ticket_flags( + ssl->session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA) == 0) { MBEDTLS_SSL_DEBUG_MSG( - 4, ("Skip early_data extension in NST for it is not allowed.")); + 4, ("early_data not allowed, skip early_data extension in " + "NewSessionTicket")); return 0; } diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 4ef249468..28cd33b11 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -435,7 +435,9 @@ int main(void) " The max amount of 0-RTT data for 1st and 2nd connection\n" \ " format: 1st_connection_value[,2nd_connection_value]\n" \ " available values: < 0 (disabled), >= 0 (enabled).\n" \ - " The absolute value is the max amount of 0-RTT data.\n" + " The absolute value is the max amount of 0-RTT data \n" \ + " up to UINT32_MAX. \n" + #else #define USAGE_EARLY_DATA "" #endif /* MBEDTLS_SSL_EARLY_DATA */ diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index 5b624b5ec..74b6aa2d0 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -523,5 +523,3 @@ run_test "TLS 1.3 G->m: EarlyData: feature is enabled, good." \ -s "ClientHello: early_data(42) extension exists." \ -s "EncryptedExtensions: early_data(42) extension exists." \ -s "$( tail -1 $EARLY_DATA_INPUT )" - - From 4da7c22cd67782f67f3fea523a474ce637b8194d Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 21 Nov 2023 17:30:43 +0800 Subject: [PATCH 0952/1674] add early data flag check function Signed-off-by: Jerry Yu --- library/ssl_misc.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index eae192bac..36f332f8c 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2795,6 +2795,13 @@ static inline unsigned int mbedtls_ssl_session_ticket_allow_psk_ephemeral( MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION); } +static inline unsigned int mbedtls_ssl_session_ticket_allow_early_data( + mbedtls_ssl_session *session) +{ + return !mbedtls_ssl_session_check_ticket_flags(session, + MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); +} + static inline void mbedtls_ssl_session_set_ticket_flags( mbedtls_ssl_session *session, unsigned int flags) { From c2b1bc4fb62ef7acd9e82aceeb8b6c88109fae5f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 22 Nov 2023 10:08:13 +0800 Subject: [PATCH 0953/1674] replace early data permission check Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 6 ++---- library/ssl_tls13_server.c | 7 ++----- 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 052df7e66..bc8b16128 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -695,10 +695,8 @@ static int ssl_tls13_early_data_has_valid_ticket(mbedtls_ssl_context *ssl) mbedtls_ssl_session *session = ssl->session_negotiate; return ssl->handshake->resume && session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3 && - (session->ticket_flags & - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA) && - mbedtls_ssl_tls13_cipher_suite_is_offered( - ssl, session->ciphersuite); + mbedtls_ssl_session_ticket_allow_early_data(session) && + mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, session->ciphersuite); } #endif diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 7a02c7169..dd2bb6942 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1845,9 +1845,7 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) } - if (mbedtls_ssl_session_get_ticket_flags( - ssl->session_negotiate, - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA) == 0) { + if (!mbedtls_ssl_session_ticket_allow_early_data(ssl->session_negotiate)) { MBEDTLS_SSL_DEBUG_MSG( 1, ("EarlyData: rejected, early_data not allowed in ticket " @@ -3223,8 +3221,7 @@ static int ssl_tls13_write_nst_early_data_ext(mbedtls_ssl_context *ssl, unsigned char *p = buf; *out_len = 0; - if (mbedtls_ssl_session_get_ticket_flags( - ssl->session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA) == 0) { + if (!mbedtls_ssl_session_ticket_allow_early_data(ssl->session)) { MBEDTLS_SSL_DEBUG_MSG( 4, ("early_data not allowed, skip early_data extension in " "NewSessionTicket")); From 10795a0c3b2b03e5dbfc82530fc855c43915bcb1 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 22 Nov 2023 12:29:17 +0800 Subject: [PATCH 0954/1674] replace ticket permission set Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index dd2bb6942..900ed006e 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3292,7 +3292,8 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_EARLY_DATA) if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { - session->ticket_flags |= MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA; + mbedtls_ssl_session_set_ticket_flags( + session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); } #endif /* MBEDTLS_SSL_EARLY_DATA */ From db6fda71e588a20e77e3dd61ba0d18682b24aa76 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 22 Nov 2023 12:40:20 +0800 Subject: [PATCH 0955/1674] improve early data comments Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 900ed006e..df10cc64f 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3206,10 +3206,10 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl, /* RFC 8446 section 4.2.10 * * struct { - * select ( Handshake.msg_type ) { - * case new_session_ticket: uint32 max_early_data_size; - * ... - * }; + * select (Handshake.msg_type) { + * case new_session_ticket: uint32 max_early_data_size; + * ... + * }; * } EarlyDataIndication; */ MBEDTLS_CHECK_RETURN_CRITICAL From 525990fb62a9b72cc59e37e4a3342e4285f3c2f2 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 15 Nov 2023 14:51:18 +0800 Subject: [PATCH 0956/1674] set init value for max_early_data_size in session Signed-off-by: Jerry Yu --- library/ssl_tls.c | 3 +++ library/ssl_tls13_server.c | 3 +++ 2 files changed, 6 insertions(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4daf2e7ee..02e828e58 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1100,6 +1100,9 @@ static int ssl_handshake_init(mbedtls_ssl_context *ssl) /* Initialize structures */ mbedtls_ssl_session_init(ssl->session_negotiate); ssl_handshake_params_init(ssl->handshake); +#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) + ssl->session_negotiate->max_early_data_size = ssl->conf->max_early_data_size; +#endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) mbedtls_ssl_transform_init(ssl->transform_negotiate); diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index df10cc64f..c04b8bd46 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -564,6 +564,9 @@ static int ssl_tls13_parse_pre_shared_key_ext( #if defined(MBEDTLS_SSL_SESSION_TICKETS) mbedtls_ssl_session session; mbedtls_ssl_session_init(&session); +#if defined(MBEDTLS_SSL_EARLY_DATA) + session.max_early_data_size = ssl->conf->max_early_data_size; +#endif #endif MBEDTLS_SSL_CHK_BUF_READ_PTR(p_identity_len, identities_end, 2 + 1 + 4); From d450fd25ae5f2935e1a8ce98b606b1b1e1846d2c Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 22 Nov 2023 16:38:00 +0800 Subject: [PATCH 0957/1674] change max_early_data_size source Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index c04b8bd46..4ce9670f8 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3235,10 +3235,10 @@ static int ssl_tls13_write_nst_early_data_ext(mbedtls_ssl_context *ssl, MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_EARLY_DATA, p, 0); MBEDTLS_PUT_UINT16_BE(4, p, 2); - MBEDTLS_PUT_UINT32_BE(ssl->conf->max_early_data_size, p, 4); + MBEDTLS_PUT_UINT32_BE(ssl->session->max_early_data_size, p, 4); MBEDTLS_SSL_DEBUG_MSG( 4, ("Sent max_early_data_size=%u", - (unsigned int) ssl->conf->max_early_data_size)); + (unsigned int) ssl->session->max_early_data_size)); *out_len = 8; From 2f5d93b1c9908cfa4c175e5ccd60ea5228e91201 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 23 Nov 2023 17:27:55 +0800 Subject: [PATCH 0958/1674] Revert "set init value for max_early_data_size in session" This reverts commit 8b02d75ed1af883e135979d24e38c0847e66fede. Signed-off-by: Jerry Yu --- library/ssl_tls.c | 3 --- library/ssl_tls13_server.c | 3 --- 2 files changed, 6 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 02e828e58..4daf2e7ee 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1100,9 +1100,6 @@ static int ssl_handshake_init(mbedtls_ssl_context *ssl) /* Initialize structures */ mbedtls_ssl_session_init(ssl->session_negotiate); ssl_handshake_params_init(ssl->handshake); -#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) - ssl->session_negotiate->max_early_data_size = ssl->conf->max_early_data_size; -#endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) mbedtls_ssl_transform_init(ssl->transform_negotiate); diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 4ce9670f8..84129f729 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -564,9 +564,6 @@ static int ssl_tls13_parse_pre_shared_key_ext( #if defined(MBEDTLS_SSL_SESSION_TICKETS) mbedtls_ssl_session session; mbedtls_ssl_session_init(&session); -#if defined(MBEDTLS_SSL_EARLY_DATA) - session.max_early_data_size = ssl->conf->max_early_data_size; -#endif #endif MBEDTLS_SSL_CHK_BUF_READ_PTR(p_identity_len, identities_end, 2 + 1 + 4); From 930ce4cfac0f149ea4b4b40a5266fbd55d0d8e59 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 23 Nov 2023 17:28:01 +0800 Subject: [PATCH 0959/1674] Revert "change max_early_data_size source" This reverts commit 3d8d6a770f3a0f3045820970bc4a5d6ee7df8e10. Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 84129f729..df10cc64f 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3232,10 +3232,10 @@ static int ssl_tls13_write_nst_early_data_ext(mbedtls_ssl_context *ssl, MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_EARLY_DATA, p, 0); MBEDTLS_PUT_UINT16_BE(4, p, 2); - MBEDTLS_PUT_UINT32_BE(ssl->session->max_early_data_size, p, 4); + MBEDTLS_PUT_UINT32_BE(ssl->conf->max_early_data_size, p, 4); MBEDTLS_SSL_DEBUG_MSG( 4, ("Sent max_early_data_size=%u", - (unsigned int) ssl->session->max_early_data_size)); + (unsigned int) ssl->conf->max_early_data_size)); *out_len = 8; From f135bac89cfd4e92698cb623ca545a145f5ed4cc Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 23 Nov 2023 18:10:51 +0800 Subject: [PATCH 0960/1674] Add max_early_data_size check Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index df10cc64f..d5f740e1e 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3291,7 +3291,8 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG(2, ("=> write NewSessionTicket msg")); #if defined(MBEDTLS_SSL_EARLY_DATA) - if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { + if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED && + ssl->conf->max_early_data_size > 0) { mbedtls_ssl_session_set_ticket_flags( session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); } @@ -3363,12 +3364,17 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, p += 2; #if defined(MBEDTLS_SSL_EARLY_DATA) - if ((ret = ssl_tls13_write_nst_early_data_ext( - ssl, p, end, &output_len)) != 0) { - MBEDTLS_SSL_DEBUG_RET(1, "ssl_tls13_write_nst_early_data_ext", ret); - return ret; + if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED && + ssl->conf->max_early_data_size > 0) { + if ((ret = mbedtls_ssl_tls13_write_early_data_ext( + ssl, p, end, &output_len)) != 0) { + MBEDTLS_SSL_DEBUG_RET( + 1, "mbedtls_ssl_tls13_write_early_data_ext", ret); + return ret; + } + p += output_len; } - p += output_len; + #endif /* MBEDTLS_SSL_EARLY_DATA */ MBEDTLS_PUT_UINT16_BE(p - p_extensions_len - 2, p_extensions_len, 0); From 1a160703f86c23e49bdc71fb70e77fa7ee4ee312 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 23 Nov 2023 18:17:38 +0800 Subject: [PATCH 0961/1674] set max_early_data_size of ticket to keep consistent Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index d5f740e1e..18fbbc70d 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3295,6 +3295,9 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, ssl->conf->max_early_data_size > 0) { mbedtls_ssl_session_set_ticket_flags( session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); + /* In resumption connection, server get `max_early_data_size` from + * ticket. */ + session->max_early_data_size = ssl->conf->max_early_data_size; } #endif /* MBEDTLS_SSL_EARLY_DATA */ From 0069abc141fab9a262fa253c0cd2f34e9a167450 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 23 Nov 2023 21:07:28 +0800 Subject: [PATCH 0962/1674] improve comments of new session ticket Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 18fbbc70d..133245baa 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3262,12 +3262,13 @@ static int ssl_tls13_write_nst_early_data_ext(mbedtls_ssl_context *ssl, * The following fields are placed inside the ticket by the * f_ticket_write() function: * - * - creation time (start) - * - flags (flags) + * - creation time (ticket_creation_time) + * - flags (ticket_flags) * - age add (ticket_age_add) - * - key (key) - * - key length (key_len) + * - key (resumption_key) + * - key length (resumption_key_len) * - ciphersuite (ciphersuite) + * - max_early_data_size (max_early_data_size) */ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, From 5233539d9f6c0eb7132d95cf58e0a853f30bb16b Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 23 Nov 2023 18:06:06 +0800 Subject: [PATCH 0963/1674] share write_early_data_ext function Signed-off-by: Jerry Yu --- library/ssl_misc.h | 3 ++- library/ssl_tls13_client.c | 4 +++- library/ssl_tls13_generic.c | 34 ++++++++++++++++++++------ library/ssl_tls13_server.c | 48 +++---------------------------------- 4 files changed, 35 insertions(+), 54 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 36f332f8c..8c3da4902 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2115,7 +2115,8 @@ int mbedtls_ssl_tls13_generate_and_write_xxdh_key_exchange( int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, unsigned char *buf, const unsigned char *end, - size_t *out_len); + size_t *out_len, + const mbedtls_ssl_session *session); #if defined(MBEDTLS_SSL_SRV_C) #define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED \ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index bc8b16128..fa6c4c693 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1174,7 +1174,9 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, if (mbedtls_ssl_conf_tls13_some_psk_enabled(ssl) && ssl_tls13_early_data_has_valid_ticket(ssl) && ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { - ret = mbedtls_ssl_tls13_write_early_data_ext(ssl, p, end, &ext_len); + + ret = mbedtls_ssl_tls13_write_early_data_ext( + ssl, p, end, &ext_len, NULL); if (ret != 0) { return ret; } diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index cc77a9438..938bf808c 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1402,28 +1402,48 @@ cleanup: * * struct { * select ( Handshake.msg_type ) { - * ... + * case new_session_ticket: uint32 max_early_data_size; * case client_hello: Empty; * case encrypted_extensions: Empty; * }; * } EarlyDataIndication; + * + * We use `mbedtls_ssl_is_handshake_over()` to decide if `max_early_data_size` + * should be sent for `new_session_ticket` is post-handshake message. */ #if defined(MBEDTLS_SSL_EARLY_DATA) int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, unsigned char *buf, const unsigned char *end, - size_t *out_len) + size_t *out_len, + const mbedtls_ssl_session *session) { unsigned char *p = buf; - *out_len = 0; - ((void) ssl); - MBEDTLS_SSL_CHK_BUF_PTR(p, end, 4); +#if defined(MBEDTLS_SSL_SRV_C) + const size_t needed = session != NULL ? 8 : 4; +#else + const size_t needed = 4; + ((void) session); +#endif + + *out_len = 0; + + MBEDTLS_SSL_CHK_BUF_PTR(p, end, needed); MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_EARLY_DATA, p, 0); - MBEDTLS_PUT_UINT16_BE(0, p, 2); + MBEDTLS_PUT_UINT16_BE(needed - 4, p, 2); - *out_len = 4; +#if defined(MBEDTLS_SSL_SRV_C) + if (session != NULL) { + MBEDTLS_PUT_UINT32_BE(session->max_early_data_size, p, 4); + MBEDTLS_SSL_DEBUG_MSG( + 4, ("Sent max_early_data_size=%u", + (unsigned int) session->max_early_data_size)); + } +#endif + + *out_len = needed; mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_EARLY_DATA); diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 133245baa..addbbe188 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2524,7 +2524,8 @@ static int ssl_tls13_write_encrypted_extensions_body(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_EARLY_DATA) if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { - ret = mbedtls_ssl_tls13_write_early_data_ext(ssl, p, end, &output_len); + ret = mbedtls_ssl_tls13_write_early_data_ext( + ssl, p, end, &output_len, NULL); if (ret != 0) { return ret; } @@ -3202,49 +3203,6 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl, return 0; } -#if defined(MBEDTLS_SSL_EARLY_DATA) -/* RFC 8446 section 4.2.10 - * - * struct { - * select (Handshake.msg_type) { - * case new_session_ticket: uint32 max_early_data_size; - * ... - * }; - * } EarlyDataIndication; - */ -MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_write_nst_early_data_ext(mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *out_len) -{ - unsigned char *p = buf; - *out_len = 0; - - if (!mbedtls_ssl_session_ticket_allow_early_data(ssl->session)) { - MBEDTLS_SSL_DEBUG_MSG( - 4, ("early_data not allowed, skip early_data extension in " - "NewSessionTicket")); - return 0; - } - - MBEDTLS_SSL_CHK_BUF_PTR(p, end, 8); - - MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_EARLY_DATA, p, 0); - MBEDTLS_PUT_UINT16_BE(4, p, 2); - MBEDTLS_PUT_UINT32_BE(ssl->conf->max_early_data_size, p, 4); - MBEDTLS_SSL_DEBUG_MSG( - 4, ("Sent max_early_data_size=%u", - (unsigned int) ssl->conf->max_early_data_size)); - - *out_len = 8; - - mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_EARLY_DATA); - - return 0; -} -#endif /* MBEDTLS_SSL_EARLY_DATA */ - /* This function creates a NewSessionTicket message in the following format: * * struct { @@ -3371,7 +3329,7 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED && ssl->conf->max_early_data_size > 0) { if ((ret = mbedtls_ssl_tls13_write_early_data_ext( - ssl, p, end, &output_len)) != 0) { + ssl, p, end, &output_len, session)) != 0) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_write_early_data_ext", ret); return ret; From db97163ac7fc1c81672d6a37846d24c60049811a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 27 Nov 2023 15:27:59 +0800 Subject: [PATCH 0964/1674] add ticket max_early_data_size check Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index addbbe188..e0cdf2323 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -247,6 +247,11 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( #endif /* MBEDTLS_HAVE_TIME */ +#if defined(MBEDTLS_SSL_EARLY_DATA) + MBEDTLS_SSL_DEBUG_MSG(2, ("ticket->max_early_data_size=%u", + (unsigned int) session->max_early_data_size)); +#endif + exit: if (ret != 0) { mbedtls_ssl_session_free(session); From 9e7f9bc253cb45c8a6a18700d28fcd9bcee2138c Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Mon, 27 Nov 2023 16:52:07 +0800 Subject: [PATCH 0965/1674] Add missing debug message Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index e0cdf2323..22f8ab726 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3340,6 +3340,10 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, return ret; } p += output_len; + } else { + MBEDTLS_SSL_DEBUG_MSG( + 4, ("early_data not allowed, " + "skip early_data extension in NewSessionTicket")); } #endif /* MBEDTLS_SSL_EARLY_DATA */ From ebe1de62f92ac41313830f21ee13ca611c122b9a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 28 Nov 2023 15:16:35 +0800 Subject: [PATCH 0966/1674] fix various issue - rename connection time variable - remove unnecessary comments Signed-off-by: Jerry Yu --- library/ssl_tls13_generic.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 938bf808c..f711e9747 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1407,9 +1407,6 @@ cleanup: * case encrypted_extensions: Empty; * }; * } EarlyDataIndication; - * - * We use `mbedtls_ssl_is_handshake_over()` to decide if `max_early_data_size` - * should be sent for `new_session_ticket` is post-handshake message. */ #if defined(MBEDTLS_SSL_EARLY_DATA) int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, From 163e12f7ffacae88b27ca164ac9c654b3f5f8b0f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 5 Dec 2023 10:37:23 +0800 Subject: [PATCH 0967/1674] remove assignment for `session->max_early_data_size` Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 8 -------- 1 file changed, 8 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 22f8ab726..6c49f8d52 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -247,11 +247,6 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( #endif /* MBEDTLS_HAVE_TIME */ -#if defined(MBEDTLS_SSL_EARLY_DATA) - MBEDTLS_SSL_DEBUG_MSG(2, ("ticket->max_early_data_size=%u", - (unsigned int) session->max_early_data_size)); -#endif - exit: if (ret != 0) { mbedtls_ssl_session_free(session); @@ -3259,9 +3254,6 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, ssl->conf->max_early_data_size > 0) { mbedtls_ssl_session_set_ticket_flags( session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); - /* In resumption connection, server get `max_early_data_size` from - * ticket. */ - session->max_early_data_size = ssl->conf->max_early_data_size; } #endif /* MBEDTLS_SSL_EARLY_DATA */ From c59c586ac4c761230107f2c58b57df6228d955ad Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 5 Dec 2023 10:40:49 +0800 Subject: [PATCH 0968/1674] change prototype of `write_early_data_ext` Signed-off-by: Jerry Yu --- library/ssl_misc.h | 4 ++-- library/ssl_tls13_client.c | 2 +- library/ssl_tls13_generic.c | 14 +++++++------- library/ssl_tls13_server.c | 4 ++-- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 8c3da4902..b9801a06c 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2113,10 +2113,10 @@ int mbedtls_ssl_tls13_generate_and_write_xxdh_key_exchange( #if defined(MBEDTLS_SSL_EARLY_DATA) int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, + int in_new_session_ticket, unsigned char *buf, const unsigned char *end, - size_t *out_len, - const mbedtls_ssl_session *session); + size_t *out_len); #if defined(MBEDTLS_SSL_SRV_C) #define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED \ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index fa6c4c693..ae1136431 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1176,7 +1176,7 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { ret = mbedtls_ssl_tls13_write_early_data_ext( - ssl, p, end, &ext_len, NULL); + ssl, 0, p, end, &ext_len); if (ret != 0) { return ret; } diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index f711e9747..fe2a2eba7 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1410,18 +1410,18 @@ cleanup: */ #if defined(MBEDTLS_SSL_EARLY_DATA) int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, + int in_new_session_ticket, unsigned char *buf, const unsigned char *end, - size_t *out_len, - const mbedtls_ssl_session *session) + size_t *out_len) { unsigned char *p = buf; #if defined(MBEDTLS_SSL_SRV_C) - const size_t needed = session != NULL ? 8 : 4; + const size_t needed = in_new_session_ticket ? 8 : 4; #else const size_t needed = 4; - ((void) session); + ((void) in_new_session_ticket); #endif *out_len = 0; @@ -1432,11 +1432,11 @@ int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, MBEDTLS_PUT_UINT16_BE(needed - 4, p, 2); #if defined(MBEDTLS_SSL_SRV_C) - if (session != NULL) { - MBEDTLS_PUT_UINT32_BE(session->max_early_data_size, p, 4); + if (in_new_session_ticket) { + MBEDTLS_PUT_UINT32_BE(ssl->conf->max_early_data_size, p, 4); MBEDTLS_SSL_DEBUG_MSG( 4, ("Sent max_early_data_size=%u", - (unsigned int) session->max_early_data_size)); + (unsigned int) ssl->conf->max_early_data_size)); } #endif diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 6c49f8d52..39caa9baa 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2525,7 +2525,7 @@ static int ssl_tls13_write_encrypted_extensions_body(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_EARLY_DATA) if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { ret = mbedtls_ssl_tls13_write_early_data_ext( - ssl, p, end, &output_len, NULL); + ssl, 0, p, end, &output_len); if (ret != 0) { return ret; } @@ -3326,7 +3326,7 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED && ssl->conf->max_early_data_size > 0) { if ((ret = mbedtls_ssl_tls13_write_early_data_ext( - ssl, p, end, &output_len, session)) != 0) { + ssl, 1, p, end, &output_len)) != 0) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_write_early_data_ext", ret); return ret; From 95648b0134d555e9c26c61eb7ace331f749a7ca7 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 6 Dec 2023 15:03:34 +0800 Subject: [PATCH 0969/1674] Some minor improvement - move early data check to `prepare` - avoid `((void) output_len) - replace check with `session_ticket_allow` in 2nd place Signed-off-by: Jerry Yu --- library/ssl_tls13_server.c | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 39caa9baa..fe7a674d6 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3137,6 +3137,15 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl, mbedtls_ssl_session_set_ticket_flags( session, ssl->handshake->tls13_kex_modes); #endif + +#if defined(MBEDTLS_SSL_EARLY_DATA) + if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED && + ssl->conf->max_early_data_size > 0) { + mbedtls_ssl_session_set_ticket_flags( + session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); + } +#endif /* MBEDTLS_SSL_EARLY_DATA */ + MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags); /* Generate ticket_age_add */ @@ -3242,21 +3251,10 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, size_t ticket_len; uint32_t ticket_lifetime; unsigned char *p_extensions_len; - size_t output_len; - - ((void) output_len); *out_len = 0; MBEDTLS_SSL_DEBUG_MSG(2, ("=> write NewSessionTicket msg")); -#if defined(MBEDTLS_SSL_EARLY_DATA) - if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED && - ssl->conf->max_early_data_size > 0) { - mbedtls_ssl_session_set_ticket_flags( - session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); - } -#endif /* MBEDTLS_SSL_EARLY_DATA */ - /* * ticket_lifetime 4 bytes * ticket_age_add 4 bytes @@ -3323,8 +3321,9 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, p += 2; #if defined(MBEDTLS_SSL_EARLY_DATA) - if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED && - ssl->conf->max_early_data_size > 0) { + if (mbedtls_ssl_session_ticket_allow_early_data(session)) { + size_t output_len; + if ((ret = mbedtls_ssl_tls13_write_early_data_ext( ssl, 1, p, end, &output_len)) != 0) { MBEDTLS_SSL_DEBUG_RET( From 750e06743f4ecbb929dc28779bfb1081575589de Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 6 Dec 2023 15:43:23 +0800 Subject: [PATCH 0970/1674] remove misbehavior tests and code Signed-off-by: Jerry Yu --- programs/ssl/ssl_server2.c | 62 ++++++++++--------------------- tests/opt-testcases/tls13-misc.sh | 16 -------- 2 files changed, 20 insertions(+), 58 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 28cd33b11..e6ebd8e1d 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -122,7 +122,7 @@ int main(void) #define DFL_SNI NULL #define DFL_ALPN_STRING NULL #define DFL_GROUPS NULL -#define DFL_MAX_EARLY_DATA_SIZE NULL +#define DFL_MAX_EARLY_DATA_SIZE 0 #define DFL_SIG_ALGS NULL #define DFL_DHM_FILE NULL #define DFL_TRANSPORT MBEDTLS_SSL_TRANSPORT_STREAM @@ -427,17 +427,11 @@ int main(void) #define USAGE_ECJPAKE "" #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ -#define ARRAY_LENGTH(a) (sizeof(a)/sizeof(a[0])) #if defined(MBEDTLS_SSL_EARLY_DATA) - #define USAGE_EARLY_DATA \ - " max_early_data_size=%%d default: -1 (disabled)\n" \ - " The max amount of 0-RTT data for 1st and 2nd connection\n" \ - " format: 1st_connection_value[,2nd_connection_value]\n" \ - " available values: < 0 (disabled), >= 0 (enabled).\n" \ - " The absolute value is the max amount of 0-RTT data \n" \ - " up to UINT32_MAX. \n" - + " max_early_data_size=%%d default: -1 (disabled)\n" \ + " options: -1 (disabled), " \ + " >= 0 (enabled, max amount of early data )\n" #else #define USAGE_EARLY_DATA "" #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -700,7 +694,7 @@ struct options { const char *cid_val_renego; /* the CID to use for incoming messages * after renegotiation */ int reproducible; /* make communication reproducible */ - const char *max_early_data_size; /* max amount list of early data */ + uint32_t max_early_data_size; /* max amount of early data */ int query_config_mode; /* whether to read config */ int use_srtp; /* Support SRTP */ int force_srtp_profile; /* SRTP protection profile to use or all */ @@ -1616,9 +1610,7 @@ int main(int argc, char *argv[]) #endif /* MBEDTLS_SSL_DTLS_SRTP */ #if defined(MBEDTLS_SSL_EARLY_DATA) - long long max_early_data_size_list[2]; - size_t max_early_data_size_count = 0; - size_t tls13_connection_counter = 0; + int tls13_early_data_enabled = MBEDTLS_SSL_EARLY_DATA_DISABLED; #endif #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf)); @@ -1988,23 +1980,12 @@ usage: #endif #if defined(MBEDTLS_SSL_EARLY_DATA) else if (strcmp(p, "max_early_data_size") == 0) { - char *endptr, *str; - opt.max_early_data_size = q; - str = endptr = q; - for (size_t early_data_size_iter = 0; - early_data_size_iter < ARRAY_LENGTH(max_early_data_size_list); - early_data_size_iter++) { - long long value = strtoll(str, &endptr, 0); - if (str == endptr || (*endptr != ',' && *endptr != '\0')) { - mbedtls_printf("fail\n illegal digital number for max_early_data_size %s\n", - endptr); - goto exit; - } - max_early_data_size_list[max_early_data_size_count++] = value; - if (*endptr == '\0') { - break; - } - str = endptr + 1; + long long value = atoll(q); + tls13_early_data_enabled = + value >= 0 ? MBEDTLS_SSL_EARLY_DATA_ENABLED : + MBEDTLS_SSL_EARLY_DATA_DISABLED; + if (tls13_early_data_enabled) { + opt.max_early_data_size = atoi(q); } } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -2826,6 +2807,14 @@ usage: mbedtls_ssl_conf_cert_req_ca_list(&conf, opt.cert_req_ca_list); } +#if defined(MBEDTLS_SSL_EARLY_DATA) + mbedtls_ssl_conf_early_data(&conf, tls13_early_data_enabled); + if (tls13_early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { + mbedtls_ssl_conf_max_early_data_size( + &conf, opt.max_early_data_size); + } +#endif /* MBEDTLS_SSL_EARLY_DATA */ + #if defined(MBEDTLS_KEY_EXCHANGE_CERT_REQ_ALLOWED_ENABLED) /* exercise setting DN hints for server certificate request * (Intended for use where the client cert expected has been signed by @@ -3323,17 +3312,6 @@ usage: mbedtls_printf(" ok\n"); reset: - -#if defined(MBEDTLS_SSL_EARLY_DATA) - if (tls13_connection_counter < max_early_data_size_count) { - long long max_early_data_size = max_early_data_size_list[tls13_connection_counter]; - mbedtls_ssl_conf_early_data( - &conf, max_early_data_size < 0 ? MBEDTLS_SSL_EARLY_DATA_DISABLED : - MBEDTLS_SSL_EARLY_DATA_ENABLED); - mbedtls_ssl_conf_max_early_data_size(&conf, (uint32_t) llabs(max_early_data_size)); - } - tls13_connection_counter++; -#endif /* MBEDTLS_SSL_EARLY_DATA */ #if !defined(_WIN32) if (received_sigterm) { mbedtls_printf(" interrupted by SIGTERM (not in net_accept())\n"); diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index 74b6aa2d0..a4742030b 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -490,22 +490,6 @@ run_test "TLS 1.3 m->m: Resumption with ticket flags, psk_all/psk_all." \ EARLY_DATA_INPUT_LEN_BLOCKS=$(( ( $( cat $EARLY_DATA_INPUT | wc -c ) + 31 ) / 32 )) EARLY_DATA_INPUT_LEN=$(( $EARLY_DATA_INPUT_LEN_BLOCKS * 32 )) -requires_gnutls_next -requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ - MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ - MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED \ - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED -run_test "TLS 1.3 G->m: EarlyData: feature is disabled, fail." \ - "$P_SRV force_version=tls13 debug_level=4 max_early_data_size=-1" \ - "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL -d 10 -r --earlydata $EARLY_DATA_INPUT" \ - 1 \ - -s "ClientHello: early_data(42) extension exists." \ - -s "EncryptedExtensions: early_data(42) extension does not exist." \ - -s "NewSessionTicket: early_data(42) extension does not exist." \ - -s "Last error was: -29056 - SSL - Verification of the message MAC failed" - requires_gnutls_next requires_all_configs_enabled MBEDTLS_SSL_EARLY_DATA MBEDTLS_SSL_SESSION_TICKETS \ MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C MBEDTLS_HAVE_TIME \ From 2bd53667d6d7d3d3f47e9abaf660bc86668d264d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 5 Dec 2023 10:14:06 +0100 Subject: [PATCH 0971/1674] pk: guard key enrollment function with PSA_CRYPTO_CLIENT Use key enrollment function only when MBEDTLS_PSA_CRYPTO_CLIENT is enabled, i.e. when the Mbed TLS implementation of PSA Crypto is being used. Signed-off-by: Valerio Setti --- library/pk.c | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/library/pk.c b/library/pk.c index 5a1698f12..957f64ed1 100644 --- a/library/pk.c +++ b/library/pk.c @@ -311,7 +311,6 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, } psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t key_alg, key_alg2; psa_status_t status; status = psa_get_key_attributes(ctx->priv_id, &attributes); @@ -319,8 +318,15 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, return 0; } - key_alg = psa_get_key_algorithm(&attributes); - key_alg2 = psa_get_key_enrollment_algorithm(&attributes); + psa_algorithm_t key_alg = psa_get_key_algorithm(&attributes); + /* Key's enrollment is available only when MBEDTLS_PSA_CRYPTO_CLIENT is + * defined, i.e. when the Mbed TLS implementation of PSA Crypto is being used. + * Even though we don't officially support using other implementations of PSA + * Crypto with TLS and X.509 (yet), we're still trying to simplify the life of + * people who would like to try it before it's officially supported. */ +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) + psa_algorithm_t key_alg2 = psa_get_key_enrollment_algorithm(&attributes); +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ key_usage = psa_get_key_usage_flags(&attributes); psa_reset_key_attributes(&attributes); @@ -329,18 +335,23 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, } /* - * Common case: the key alg or alg2 only allows alg. + * Common case: the key alg [or alg2] only allows alg. * This will match PSA_ALG_RSA_PKCS1V15_CRYPT & PSA_ALG_IS_ECDH * directly. * This would also match ECDSA/RSA_PKCS1V15_SIGN/RSA_PSS with - * a fixed hash on key_alg/key_alg2. + * a fixed hash on key_alg [or key_alg2]. */ - if (alg == key_alg || alg == key_alg2) { + if (alg == key_alg) { return 1; } +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) + if (alg == key_alg2) { + return 1; + } +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ /* - * If key_alg or key_alg2 is a hash-and-sign with a wildcard for the hash, + * If key_alg [or key_alg2] is a hash-and-sign with a wildcard for the hash, * and alg is the same hash-and-sign family with any hash, * then alg is compliant with this key alg */ @@ -351,12 +362,13 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, (alg & ~PSA_ALG_HASH_MASK) == (key_alg & ~PSA_ALG_HASH_MASK)) { return 1; } - +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) if (PSA_ALG_IS_SIGN_HASH(key_alg2) && PSA_ALG_SIGN_GET_HASH(key_alg2) == PSA_ALG_ANY_HASH && (alg & ~PSA_ALG_HASH_MASK) == (key_alg2 & ~PSA_ALG_HASH_MASK)) { return 1; } +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ } return 0; From ae952174a7f211238980c7cbc4afd3f92c7031d3 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Wed, 6 Dec 2023 10:27:27 +0000 Subject: [PATCH 0972/1674] Enable early data depend on whether the early data file exist Signed-off-by: Xiaokang Qian --- programs/ssl/ssl_client2.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 69f9d5131..ceffb2f3d 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1967,17 +1967,13 @@ usage: #if defined(MBEDTLS_SSL_EARLY_DATA) int early_data_enabled = MBEDTLS_SSL_EARLY_DATA_DISABLED; FILE *early_data_fp = NULL; - size_t early_data_len = 0; if (strlen(opt.early_data) > 0) { if ((early_data_fp = fopen(opt.early_data, "rb")) == NULL) { mbedtls_printf("failed\n ! Cannot open '%s' for reading.\n", opt.early_data); goto exit; } - early_data_len = fread(buf, 1, sizeof(buf), early_data_fp); - if (early_data_len > 0) { - early_data_enabled = MBEDTLS_SSL_EARLY_DATA_ENABLED; - } + early_data_enabled = MBEDTLS_SSL_EARLY_DATA_ENABLED; } mbedtls_ssl_conf_early_data(&conf, early_data_enabled); #endif /* MBEDTLS_SSL_EARLY_DATA */ From 69402fd6a2f9ccae6f209e3cd9dad235aab4e9cb Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 6 Dec 2023 11:32:10 +0100 Subject: [PATCH 0973/1674] changelog: fix typos and working Signed-off-by: Valerio Setti --- ChangeLog.d/8357.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog.d/8357.txt b/ChangeLog.d/8357.txt index 24ba1404b..9cae396ec 100644 --- a/ChangeLog.d/8357.txt +++ b/ChangeLog.d/8357.txt @@ -1,8 +1,8 @@ Features * It is now possible to have AEADs support (CCM, GCM and ChaChaPoly) without MBEDTLS_CIPHER_C. This holds both for the builtin suport (MBEDTLS_CCM_C, - MBEDTLS_GCM_C and MBEDTLS_CHACHAPOLY_c) as well as the PSA one + MBEDTLS_GCM_C and MBEDTLS_CHACHAPOLY_C) as well as the PSA one (PSA_WANT_ALG_CCM, PSA_WANT_ALG_GCM, PSA_WANT_ALG_CHACHA20_POLY1305). On the PSA side this means that it is possible to enable - MBEDTLS_PSA_CRYPTO_C without MBEDTLS_CIPHER_C if any of the + MBEDTLS_PSA_CRYPTO_C without MBEDTLS_CIPHER_C if none of the non-authenticated ciphers is enabled. From 1e3fcc5692c776695b8e7190cfe17939e28499c1 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 6 Dec 2023 11:56:08 +0100 Subject: [PATCH 0974/1674] config-tfm: fix typo in comment Signed-off-by: Valerio Setti --- configs/config-tfm.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index f6f527e00..197b80814 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -46,7 +46,7 @@ #undef MBEDTLS_PLATFORM_STD_EXIT_FAILURE /* CCM is the only cipher/AEAD enabled in TF-M configuration files, but it - * does not need CIPHER_C to be enabled, so we can disabled it in order + * does not need CIPHER_C to be enabled, so we can disable it in order * to reduce code size further. */ #undef MBEDTLS_CIPHER_C From acd7bafcbbc1d97abc82551958cdba8d580e1f74 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 6 Dec 2023 15:17:12 +0100 Subject: [PATCH 0975/1674] driver-only-build: update AEADs section Note: this section shouldn't actually be updated in #8357, but rather in #8358 which is the wrapup related to cipher and AEADs accelaration. As a consequence we start the AEAD section with a disclaimer explaining that the information written there will be updated soon by a follow up PR. Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 200f43941..2dcfe6797 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -245,6 +245,9 @@ Support for deterministic derivation of a DH keypair AEADs ----- +[This section might contain incomplete data and it is going to be updated in +#8358, i.e. the wrap-up task for accelerated ciphers and AEADs.] + It is possible to have all AEADs operations provided only by a driver. More precisely you can: @@ -252,15 +255,20 @@ More precisely you can: - `PSA_WANT_ALG_[CCM|GCM]` with `PSA_WANT_KEY_TYPE_[AES|ARIA|CAMELLIA]` - `PSA_WANT_ALG_CHACHA20_POLY1305` with `PSA_WANT_KEY_TYPE_CHACHA20`; - enable `MBEDTLS_PSA_ACCEL_xxx` symbol(s) which correspond to the - `PSA_WANT_xxx` of the previous step; -- disable builtin support of `MBEDTLS_[CCM|GCM|CHACHAPOLY]_C` algorithms and - key types `MBEDTLS_[AES|ARIA|CAMELLIA|CHACHA20]_C` for AEADs which are - accelerated. + `PSA_WANT_xxx` of the previous step (both for algorithms and key types); +- disable builtin support of `MBEDTLS_[CCM|GCM|CHACHAPOLY|POLY1305]_C` + algorithms and key types `MBEDTLS_[AES|ARIA|CAMELLIA|CHACHA20]_C` for AEADs + which are accelerated. -In such a build all AEADs operations requested through the PSA Crypto API -(including those in TLS and X.509) will be performed by the provided driver. -Of course direct calls to the disabled builtin modules -(ex: `mbedtls_ccm_init()`, etc) won't be possible. +In a build in which all AEADs algorithms and related key types are accelerated +all AEADs operations requested through the PSA Crypto API (including those in +TLS and X.509) will be performed by the driver. +Moreover if no unauthenticated cipher is required, it is also possible to +disable all built-in block cipher's key types +(i.e. `MBEDTLS_[AES|ARIA|CAMELLIA|CHACHA20]_C`) and `MBEDTLS_CIPHER_C`. This +helps in further reducing code's footprint, but unfortunately it makes the +following modules unavailable: +- `MBEDTLS_PKCS[5|12]_C` +- `MBEDTLS_CTR_DRBG_C` +- `MBEDTLS_NIST_KW_C` -If no other non-authenticated cipher is required, it is also possible to -disable `MBEDTLS_CIPHER_C` in order to further reduce code's footprint. From 0354d04d3c5258df49cc7d1adcb5f9598dcb16d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Wed, 6 Dec 2023 16:14:37 +0100 Subject: [PATCH 0976/1674] Do not run Valgrind tests in PR jobs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Dave Rodgman Signed-off-by: Bence Szépkúti --- tests/scripts/all.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 462597ba6..5c9b46463 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2100,7 +2100,7 @@ component_test_memsan_constant_flow_psa () { make test } -component_test_valgrind_constant_flow () { +component_release_test_valgrind_constant_flow () { # This tests both (1) everything that valgrind's memcheck usually checks # (heap buffer overflows, use of uninitialized memory, use-after-free, # etc.) and (2) branches or memory access depending on secret values, @@ -2134,7 +2134,7 @@ component_test_valgrind_constant_flow () { make memcheck } -component_test_valgrind_constant_flow_psa () { +component_release_test_valgrind_constant_flow_psa () { # This tests both (1) everything that valgrind's memcheck usually checks # (heap buffer overflows, use of uninitialized memory, use-after-free, # etc.) and (2) branches or memory access depending on secret values, @@ -5767,7 +5767,7 @@ component_test_memsan () { fi } -component_test_valgrind () { +component_release_test_valgrind () { msg "build: Release (clang)" # default config, in particular without MBEDTLS_USE_PSA_CRYPTO CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release . @@ -5795,7 +5795,7 @@ component_test_valgrind () { fi } -component_test_valgrind_psa () { +component_release_test_valgrind_psa () { msg "build: Release, full (clang)" # full config, in particular with MBEDTLS_USE_PSA_CRYPTO scripts/config.py full From f482dcc6c7a6003a86a69948f1f05f4e9490967e Mon Sep 17 00:00:00 2001 From: Jan Bruckner Date: Wed, 15 Mar 2023 09:09:06 +0100 Subject: [PATCH 0977/1674] Comply with the received Record Size Limit extension Fixes #7010 Signed-off-by: Jan Bruckner --- include/mbedtls/ssl.h | 5 ++ library/ssl_misc.h | 18 ++++ library/ssl_tls.c | 24 ++++++ library/ssl_tls13_client.c | 11 ++- library/ssl_tls13_generic.c | 48 +++++++++-- library/ssl_tls13_server.c | 13 ++- programs/ssl/ssl_server2.c | 2 +- tests/scripts/all.sh | 7 +- tests/ssl-opt.sh | 168 ++++++++++++++++++++++++++++++++++-- 9 files changed, 263 insertions(+), 33 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 043988f25..39baa4213 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1188,6 +1188,11 @@ struct mbedtls_ssl_session { unsigned char MBEDTLS_PRIVATE(mfl_code); /*!< MaxFragmentLength negotiated by peer */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ +/*!< Record Size Limit for outgoing data requested by peer */ +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + uint16_t MBEDTLS_PRIVATE(record_size_limit); +#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ + unsigned char MBEDTLS_PRIVATE(exported); /** TLS version negotiated in the session. Used if and when renegotiating diff --git a/library/ssl_misc.h b/library/ssl_misc.h index eae192bac..6b799eebd 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -439,6 +439,24 @@ size_t mbedtls_ssl_get_output_max_frag_len(const mbedtls_ssl_context *ssl); size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl); #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) +/** + * \brief Return the record size limit (in bytes) for + * the output buffer. This is less than the value requested by the + * peer (using RFC 8449), since it subtracts the space required for the + * content type and padding of the TLSInnerPlaintext struct (RFC 8446). + * Returns MBEDTLS_SSL_OUT_CONTENT_LEN if no limit was requested by the peer. + * + * \sa mbedtls_ssl_get_max_out_record_payload() + * ssl_compute_internal_record_size_limit() + * + * \param ssl SSL context + * + * \return Current record size limit for the output buffer. + */ +size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl); +#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ + #if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) static inline size_t mbedtls_ssl_get_output_buflen(const mbedtls_ssl_context *ctx) { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4daf2e7ee..7a8c759fa 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2455,6 +2455,7 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite( * uint8 ticket_flags; * opaque resumption_key<0..255>; * uint32 max_early_data_size; + * uint16 record_size_limit; * select ( endpoint ) { * case client: ClientOnlyData; * case server: uint64 ticket_creation_time; @@ -2490,6 +2491,9 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session, #if defined(MBEDTLS_SSL_EARLY_DATA) needed += 4; /* max_early_data_size */ #endif +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + needed += 2; /* record_size_limit */ +#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ #if defined(MBEDTLS_HAVE_TIME) needed += 8; /* ticket_creation_time or ticket_reception_time */ @@ -2534,6 +2538,10 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session, MBEDTLS_PUT_UINT32_BE(session->max_early_data_size, p, 0); p += 4; #endif +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + MBEDTLS_PUT_UINT16_BE(session->record_size_limit, p, 0); + p += 2; +#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { @@ -2610,6 +2618,13 @@ static int ssl_tls13_session_load(mbedtls_ssl_session *session, session->max_early_data_size = MBEDTLS_GET_UINT32_BE(p, 0); p += 4; #endif +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + if (end - p < 2) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + session->record_size_limit = MBEDTLS_GET_UINT16_BE(p, 0); + p += 2; +#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { @@ -3458,6 +3473,7 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; #if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \ + !defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) && \ !defined(MBEDTLS_SSL_PROTO_DTLS) (void) ssl; #endif @@ -3470,6 +3486,14 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) } #endif +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + const size_t record_size_limit = mbedtls_ssl_get_output_record_size_limit(ssl); + + if (max_len > record_size_limit) { + max_len = record_size_limit; + } +#endif + #if defined(MBEDTLS_SSL_PROTO_DTLS) if (mbedtls_ssl_get_current_mtu(ssl) != 0) { const size_t mtu = mbedtls_ssl_get_current_mtu(ssl); diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 052df7e66..1a246c4df 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2113,12 +2113,11 @@ static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl, ret = mbedtls_ssl_tls13_parse_record_size_limit_ext( ssl, p, p + extension_data_len); - - /* TODO: Return unconditionally here until we handle the record - * size limit correctly. Once handled correctly, only return in - * case of errors. */ - return ret; - + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET( + 1, ("mbedtls_ssl_tls13_parse_record_size_limit_ext"), ret); + return ret; + } break; #endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index cc77a9438..7c7aac80e 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1714,7 +1714,7 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG(2, ("RecordSizeLimit: %u Bytes", record_size_limit)); - /* RFC 8449, section 4 + /* RFC 8449, section 4: * * Endpoints MUST NOT send a "record_size_limit" extension with a value * smaller than 64. An endpoint MUST treat receipt of a smaller value @@ -1727,13 +1727,47 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl, return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; } - MBEDTLS_SSL_DEBUG_MSG( - 2, ("record_size_limit extension is still in development. Aborting handshake.")); + ssl->session_negotiate->record_size_limit = record_size_limit; - MBEDTLS_SSL_PEND_FATAL_ALERT( - MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT, - MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION); - return MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION; + return 0; +} + +static inline size_t ssl_compute_internal_record_size_limit(size_t record_size_limit) +{ + /* RFC 8449, section 4: + * + * This value [record_size_limit] is the length of the plaintext of a protected record. + * The value includes the content type and padding added in TLS 1.3 (that is, the complete + * length of TLSInnerPlaintext). + * + * Thus, round down to a multiple of MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY + * and subtract 1 (for the content type that will be added later) + */ + return ((record_size_limit / MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) * + MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) - 1; +} + +size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl) +{ + const size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; + size_t record_size_limit = max_len; + + if (ssl->session != NULL && + ssl->session->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN && + ssl->session->record_size_limit < max_len) { + record_size_limit = ssl_compute_internal_record_size_limit(ssl->session->record_size_limit); + } + + // TODO: this is currently untested + /* During a handshake, use the value being negotiated */ + if (ssl->session_negotiate != NULL && + ssl->session_negotiate->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN && + ssl->session_negotiate->record_size_limit < max_len) { + record_size_limit = ssl_compute_internal_record_size_limit( + ssl->session_negotiate->record_size_limit); + } + + return record_size_limit; } #endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index bfe805f49..9e2cbbf24 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1699,14 +1699,11 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, ret = mbedtls_ssl_tls13_parse_record_size_limit_ext( ssl, p, extension_data_end); - - /* - * TODO: Return unconditionally here until we handle the record - * size limit correctly. - * Once handled correctly, only return in case of errors. - */ - return ret; - + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET( + 1, ("mbedtls_ssl_tls13_parse_record_size_limit_ext"), ret); + return ret; + } break; #endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index c96128b94..8f90345f5 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -3520,7 +3520,7 @@ handshake: mbedtls_printf(" [ Record expansion is unknown ]\n"); } -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) +#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) || defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) mbedtls_printf(" [ Maximum incoming record payload length is %u ]\n", (unsigned int) mbedtls_ssl_get_max_in_record_payload(&ssl)); mbedtls_printf(" [ Maximum outgoing record payload length is %u ]\n", diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 462597ba6..27e020db9 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -5709,11 +5709,8 @@ component_test_tls13_only_record_size_limit () { msg "test_suite_ssl: TLS 1.3 only, record size limit extension enabled" cd tests; ./test_suite_ssl; cd .. - msg "ssl-opt.sh: (TLS 1.3 only, record size limit extension tests only)" - # Both the server and the client will currently abort the handshake when they encounter the - # record size limit extension. There is no way to prevent gnutls-cli from sending the extension - # which makes all G_NEXT_CLI + P_SRV tests fail. Thus, run only the tests for the this extension. - tests/ssl-opt.sh -f "Record Size Limit" + msg "ssl-opt.sh: (TLS 1.3 only, record size limit extension enabled)" + tests/ssl-opt.sh } component_build_mingw () { diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 4762285b0..427849d24 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4837,22 +4837,24 @@ run_test "Max fragment length: DTLS client, larger message" \ requires_gnutls_tls1_3 requires_gnutls_record_size_limit requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -run_test "Record Size Limit: TLS 1.3: Server-side parsing, debug output and fatal alert" \ +run_test "Record Size Limit: TLS 1.3: Server-side parsing and debug output" \ "$P_SRV debug_level=3 force_version=tls13" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4" \ - 1 \ + 0 \ -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ -c "Sending extension Record Size Limit/28 (2 bytes)" \ -s "ClientHello: record_size_limit(28) extension received."\ -s "found record_size_limit extension" \ -s "RecordSizeLimit: 16385 Bytes" \ - -c "Received alert \[110]: An unsupported extension was sent" + -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Maximum outgoing record payload length is 16384" \ + -s "bytes written in 1 fragments" requires_gnutls_tls1_3 requires_gnutls_record_size_limit requires_gnutls_next_disable_tls13_compat requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -run_test "Record Size Limit: TLS 1.3: Client-side parsing, debug output and fatal alert" \ +run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert -d 4" \ "$P_CLI debug_level=4 force_version=tls13" \ 0 \ @@ -4863,8 +4865,162 @@ run_test "Record Size Limit: TLS 1.3: Client-side parsing, debug output and f # -s "Sending extension Record Size Limit/28 (2 bytes)" \ # -c "EncryptedExtensions: record_size_limit(28) extension received."\ # -c "found record_size_limit extension" \ -# -c "RecordSizeLimit: 16385 Bytes" \ -# -s "Received alert \[110]: An unsupported extension was sent" +# -c "RecordSizeLimit: 16385 Bytes" + +# In the following (9) tests, --recordsize is the value used by the G_NEXT_CLI (3.7.2) to configure the +# maximum record size using "https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-size". +# There is currently a lower limit of 512, caused by this function not respecting the +# "%ALLOW_SMALL_RECORDS" priority string and not using the more recent function +# https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-recv-size. +# There is currently an upper limit of 4096, caused by the cli arg parser: +# https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/src/cli-args.def#L395. +# Thus, these tests are currently limit to that value range. +# Moreover, the value sent in the extension is expected to be larger by one compared +# to the value passed on the cli: +# https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/lib/ext/record_size_limit.c#L142 +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 1 fragment" \ + "$P_SRV debug_level=3 force_version=tls13 response_size=256" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 512" \ + 0 \ + -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ + -c "Sending extension Record Size Limit/28 (2 bytes)" \ + -s "ClientHello: record_size_limit(28) extension received."\ + -s "found record_size_limit extension" \ + -s "RecordSizeLimit: 513 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Maximum outgoing record payload length is 511" \ + -s "256 bytes written in 1 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 2 fragments" \ + "$P_SRV debug_level=3 force_version=tls13 response_size=768" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 512" \ + 0 \ + -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ + -c "Sending extension Record Size Limit/28 (2 bytes)" \ + -s "ClientHello: record_size_limit(28) extension received."\ + -s "found record_size_limit extension" \ + -s "RecordSizeLimit: 513 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Maximum outgoing record payload length is 511" \ + -s "768 bytes written in 2 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 3 fragments" \ + "$P_SRV debug_level=3 force_version=tls13 response_size=1280" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 512" \ + 0 \ + -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ + -c "Sending extension Record Size Limit/28 (2 bytes)" \ + -s "ClientHello: record_size_limit(28) extension received."\ + -s "found record_size_limit extension" \ + -s "RecordSizeLimit: 513 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Maximum outgoing record payload length is 511" \ + -s "1280 bytes written in 3 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 1 fragment" \ + "$P_SRV debug_level=3 force_version=tls13 response_size=512" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ + 0 \ + -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ + -c "Sending extension Record Size Limit/28 (2 bytes)" \ + -s "ClientHello: record_size_limit(28) extension received."\ + -s "found record_size_limit extension" \ + -s "RecordSizeLimit: 1024 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Maximum outgoing record payload length is 1023" \ + -s "512 bytes written in 1 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 2 fragments" \ + "$P_SRV debug_level=3 force_version=tls13 response_size=1536" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ + 0 \ + -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ + -c "Sending extension Record Size Limit/28 (2 bytes)" \ + -s "ClientHello: record_size_limit(28) extension received."\ + -s "found record_size_limit extension" \ + -s "RecordSizeLimit: 1024 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Maximum outgoing record payload length is 1023" \ + -s "1536 bytes written in 2 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 3 fragments" \ + "$P_SRV debug_level=3 force_version=tls13 response_size=2560" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ + 0 \ + -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ + -c "Sending extension Record Size Limit/28 (2 bytes)" \ + -s "ClientHello: record_size_limit(28) extension received."\ + -s "found record_size_limit extension" \ + -s "RecordSizeLimit: 1024 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Maximum outgoing record payload length is 1023" \ + -s "2560 bytes written in 3 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 1 fragment" \ + "$P_SRV debug_level=3 force_version=tls13 response_size=2048" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ + 0 \ + -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ + -c "Sending extension Record Size Limit/28 (2 bytes)" \ + -s "ClientHello: record_size_limit(28) extension received."\ + -s "found record_size_limit extension" \ + -s "RecordSizeLimit: 4096 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Maximum outgoing record payload length is 4095" \ + -s "2048 bytes written in 1 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 2 fragments" \ + "$P_SRV debug_level=3 force_version=tls13 response_size=6144" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ + 0 \ + -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ + -c "Sending extension Record Size Limit/28 (2 bytes)" \ + -s "ClientHello: record_size_limit(28) extension received."\ + -s "found record_size_limit extension" \ + -s "RecordSizeLimit: 4096 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Maximum outgoing record payload length is 4095" \ + -s "6144 bytes written in 2 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 3 fragments" \ + "$P_SRV debug_level=3 force_version=tls13 response_size=10240" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ + 0 \ + -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ + -c "Sending extension Record Size Limit/28 (2 bytes)" \ + -s "ClientHello: record_size_limit(28) extension received."\ + -s "found record_size_limit extension" \ + -s "RecordSizeLimit: 4096 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Maximum outgoing record payload length is 4095" \ + -s "10240 bytes written in 3 fragments" # Tests for renegotiation From 9aec1c71f2055c742ba854359cbc25f302224e14 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Tue, 5 Dec 2023 20:08:51 +0000 Subject: [PATCH 0978/1674] Add record size checking during handshake Signed-off-by: Waleed Elmelegy --- include/mbedtls/ssl.h | 2 +- library/ssl_misc.h | 4 +- library/ssl_msg.c | 12 ++-- library/ssl_tls.c | 5 +- library/ssl_tls13_generic.c | 3 +- tests/ssl-opt.sh | 111 +++++++++++++++++++++--------------- 6 files changed, 79 insertions(+), 58 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 39baa4213..85ec7ab36 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1188,7 +1188,7 @@ struct mbedtls_ssl_session { unsigned char MBEDTLS_PRIVATE(mfl_code); /*!< MaxFragmentLength negotiated by peer */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -/*!< Record Size Limit for outgoing data requested by peer */ +/*!< RecordSizeLimit received by peer */ #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) uint16_t MBEDTLS_PRIVATE(record_size_limit); #endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 6b799eebd..fabb48bd8 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -441,9 +441,9 @@ size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) /** - * \brief Return the record size limit (in bytes) for + * \brief Return the RecordSizeLimit (in bytes) for * the output buffer. This is less than the value requested by the - * peer (using RFC 8449), since it subtracts the space required for the + * peer (see RFC 8449), since it subtracts the space required for the * content type and padding of the TLSInnerPlaintext struct (RFC 8446). * Returns MBEDTLS_SSL_OUT_CONTENT_LEN if no limit was requested by the peer. * diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 6579c9686..29518c385 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -917,6 +917,7 @@ int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl, #endif size_t add_data_len; size_t post_avail; + int max_out_record_len = mbedtls_ssl_get_max_out_record_payload(ssl); /* The SSL context is only used for debugging purposes! */ #if !defined(MBEDTLS_DEBUG_C) @@ -957,11 +958,11 @@ int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_BUF(4, "before encrypt: output payload", data, rec->data_len); - if (rec->data_len > MBEDTLS_SSL_OUT_CONTENT_LEN) { + if (rec->data_len > (size_t) max_out_record_len) { MBEDTLS_SSL_DEBUG_MSG(1, ("Record content %" MBEDTLS_PRINTF_SIZET " too large, maximum %" MBEDTLS_PRINTF_SIZET, rec->data_len, - (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN)); + (size_t) max_out_record_len)); return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } @@ -2742,7 +2743,7 @@ int mbedtls_ssl_start_handshake_msg(mbedtls_ssl_context *ssl, unsigned char hs_t * ... */ *buf = ssl->out_msg + 4; - *buf_len = MBEDTLS_SSL_OUT_CONTENT_LEN - 4; + *buf_len = mbedtls_ssl_get_max_out_record_payload(ssl) - 4; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = hs_type; @@ -2779,6 +2780,7 @@ int mbedtls_ssl_write_handshake_msg_ext(mbedtls_ssl_context *ssl, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const size_t hs_len = ssl->out_msglen - 4; const unsigned char hs_type = ssl->out_msg[0]; + int max_out_record_len = mbedtls_ssl_get_max_out_record_payload(ssl); MBEDTLS_SSL_DEBUG_MSG(2, ("=> write handshake message")); @@ -2817,12 +2819,12 @@ int mbedtls_ssl_write_handshake_msg_ext(mbedtls_ssl_context *ssl, * * Note: We deliberately do not check for the MTU or MFL here. */ - if (ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN) { + if (ssl->out_msglen > (size_t) max_out_record_len) { MBEDTLS_SSL_DEBUG_MSG(1, ("Record too large: " "size %" MBEDTLS_PRINTF_SIZET ", maximum %" MBEDTLS_PRINTF_SIZET, ssl->out_msglen, - (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN)); + (size_t) max_out_record_len)); return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 7a8c759fa..419185c56 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -7004,6 +7004,7 @@ int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl) const mbedtls_x509_crt *crt; const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; + int max_out_record_len = mbedtls_ssl_get_max_out_record_payload(ssl); MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate")); @@ -7048,10 +7049,10 @@ int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl) while (crt != NULL) { n = crt->raw.len; - if (n > MBEDTLS_SSL_OUT_CONTENT_LEN - 3 - i) { + if (n > max_out_record_len - 3 - i) { MBEDTLS_SSL_DEBUG_MSG(1, ("certificate too large, %" MBEDTLS_PRINTF_SIZET " > %" MBEDTLS_PRINTF_SIZET, - i + 3 + n, (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN)); + i + 3 + n, (size_t) max_out_record_len)); return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 7c7aac80e..237502178 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1376,13 +1376,14 @@ static int ssl_tls13_write_change_cipher_spec_body(mbedtls_ssl_context *ssl, int mbedtls_ssl_tls13_write_change_cipher_spec(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + int max_out_record_len = mbedtls_ssl_get_max_out_record_payload(ssl); MBEDTLS_SSL_DEBUG_MSG(2, ("=> write change cipher spec")); /* Write CCS message */ MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_change_cipher_spec_body( ssl, ssl->out_msg, - ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN, + ssl->out_msg + max_out_record_len, &ssl->out_msglen)); ssl->out_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 427849d24..c6ae2cab7 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4837,6 +4837,7 @@ run_test "Max fragment length: DTLS client, larger message" \ requires_gnutls_tls1_3 requires_gnutls_record_size_limit requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE run_test "Record Size Limit: TLS 1.3: Server-side parsing and debug output" \ "$P_SRV debug_level=3 force_version=tls13" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4" \ @@ -4854,6 +4855,7 @@ requires_gnutls_tls1_3 requires_gnutls_record_size_limit requires_gnutls_next_disable_tls13_compat requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert -d 4" \ "$P_CLI debug_level=4 force_version=tls13" \ @@ -4878,57 +4880,67 @@ run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \ # Moreover, the value sent in the extension is expected to be larger by one compared # to the value passed on the cli: # https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/lib/ext/record_size_limit.c#L142 -requires_gnutls_tls1_3 -requires_gnutls_record_size_limit -requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 1 fragment" \ - "$P_SRV debug_level=3 force_version=tls13 response_size=256" \ - "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 512" \ - 0 \ - -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ - -c "Sending extension Record Size Limit/28 (2 bytes)" \ - -s "ClientHello: record_size_limit(28) extension received."\ - -s "found record_size_limit extension" \ - -s "RecordSizeLimit: 513 Bytes" \ - -s "ClientHello: record_size_limit(28) extension exists." \ - -s "Maximum outgoing record payload length is 511" \ - -s "256 bytes written in 1 fragments" - -requires_gnutls_tls1_3 -requires_gnutls_record_size_limit -requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 2 fragments" \ - "$P_SRV debug_level=3 force_version=tls13 response_size=768" \ - "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 512" \ - 0 \ - -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ - -c "Sending extension Record Size Limit/28 (2 bytes)" \ - -s "ClientHello: record_size_limit(28) extension received."\ - -s "found record_size_limit extension" \ - -s "RecordSizeLimit: 513 Bytes" \ - -s "ClientHello: record_size_limit(28) extension exists." \ - -s "Maximum outgoing record payload length is 511" \ - -s "768 bytes written in 2 fragments" - -requires_gnutls_tls1_3 -requires_gnutls_record_size_limit -requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 3 fragments" \ - "$P_SRV debug_level=3 force_version=tls13 response_size=1280" \ - "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 512" \ - 0 \ - -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ - -c "Sending extension Record Size Limit/28 (2 bytes)" \ - -s "ClientHello: record_size_limit(28) extension received."\ - -s "found record_size_limit extension" \ - -s "RecordSizeLimit: 513 Bytes" \ - -s "ClientHello: record_size_limit(28) extension exists." \ - -s "Maximum outgoing record payload length is 511" \ - -s "1280 bytes written in 3 fragments" + +# Currently test certificates being used do not fit in 513 record size limit +# so 513 record size limit tests will not pass until certificates size +# is reduced. +# TODO: use smaller certificates in during MbedTLS TLS 1.3 server testing. + +# requires_gnutls_tls1_3 +# requires_gnutls_record_size_limit +# requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +# requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +# run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 1 fragment" \ +# "$P_SRV debug_level=3 force_version=tls13 response_size=256" \ +# "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 512" \ +# 0 \ +# -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ +# -c "Sending extension Record Size Limit/28 (2 bytes)" \ +# -s "ClientHello: record_size_limit(28) extension received."\ +# -s "found record_size_limit extension" \ +# -s "RecordSizeLimit: 513 Bytes" \ +# -s "ClientHello: record_size_limit(28) extension exists." \ +# -s "Maximum outgoing record payload length is 511" \ +# -s "256 bytes written in 1 fragments" + +# requires_gnutls_tls1_3 +# requires_gnutls_record_size_limit +# requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +# requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +# run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 2 fragments" \ +# "$P_SRV debug_level=3 force_version=tls13 response_size=768" \ +# "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 512" \ +# 0 \ +# -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ +# -c "Sending extension Record Size Limit/28 (2 bytes)" \ +# -s "ClientHello: record_size_limit(28) extension received."\ +# -s "found record_size_limit extension" \ +# -s "RecordSizeLimit: 513 Bytes" \ +# -s "ClientHello: record_size_limit(28) extension exists." \ +# -s "Maximum outgoing record payload length is 511" \ +# -s "768 bytes written in 2 fragments" + +# requires_gnutls_tls1_3 +# requires_gnutls_record_size_limit +# requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +# requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +# run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 3 fragments" \ +# "$P_SRV debug_level=3 force_version=tls13 response_size=1280" \ +# "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 512" \ +# 0 \ +# -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ +# -c "Sending extension Record Size Limit/28 (2 bytes)" \ +# -s "ClientHello: record_size_limit(28) extension received."\ +# -s "found record_size_limit extension" \ +# -s "RecordSizeLimit: 513 Bytes" \ +# -s "ClientHello: record_size_limit(28) extension exists." \ +# -s "Maximum outgoing record payload length is 511" \ +# -s "1280 bytes written in 3 fragments" requires_gnutls_tls1_3 requires_gnutls_record_size_limit requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 1 fragment" \ "$P_SRV debug_level=3 force_version=tls13 response_size=512" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ @@ -4945,6 +4957,7 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit requires_gnutls_tls1_3 requires_gnutls_record_size_limit requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 2 fragments" \ "$P_SRV debug_level=3 force_version=tls13 response_size=1536" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ @@ -4961,6 +4974,7 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit requires_gnutls_tls1_3 requires_gnutls_record_size_limit requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 3 fragments" \ "$P_SRV debug_level=3 force_version=tls13 response_size=2560" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ @@ -4977,6 +4991,7 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit requires_gnutls_tls1_3 requires_gnutls_record_size_limit requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 1 fragment" \ "$P_SRV debug_level=3 force_version=tls13 response_size=2048" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ @@ -4993,6 +5008,7 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit requires_gnutls_tls1_3 requires_gnutls_record_size_limit requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 2 fragments" \ "$P_SRV debug_level=3 force_version=tls13 response_size=6144" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ @@ -5009,6 +5025,7 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit requires_gnutls_tls1_3 requires_gnutls_record_size_limit requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 3 fragments" \ "$P_SRV debug_level=3 force_version=tls13 response_size=10240" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ From 202bb71dcd3c6da9e273fbf21c7145bf5970f851 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 6 Dec 2023 17:05:24 +0100 Subject: [PATCH 0979/1674] ssl_tls12_server: do not export/import opaque keys Signed-off-by: Valerio Setti --- library/ssl_tls12_server.c | 56 ++++++++++++++++++++++---------------- 1 file changed, 33 insertions(+), 23 deletions(-) diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index f9ce7a6b6..923b093af 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -2635,31 +2635,41 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) ssl->handshake->xxdh_psa_type = psa_get_key_type(&key_attributes); ssl->handshake->xxdh_psa_bits = psa_get_key_bits(&key_attributes); - /* Now export and then re-import the same key with proper flags - * and algorithm. We also set key's type and bits that we just got - * above. */ - key_attributes = psa_key_attributes_init(); - psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); - psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH); - psa_set_key_type(&key_attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR(ssl->handshake->xxdh_psa_type)); - psa_set_key_bits(&key_attributes, ssl->handshake->xxdh_psa_bits); + if (pk_type == MBEDTLS_PK_OPAQUE) { + /* Opaque key is created by the user (externally from Mbed TLS) + * so we assume it already has the right algorithm and flags + * set. Just copy its ID as reference. */ + ssl->handshake->xxdh_psa_privkey = pk->priv_id; + ssl->handshake->xxdh_psa_privkey_is_external = 1; + } else { + /* PK_ECKEY[_DH] and PK_ECDSA instead as parsed from the PK + * module and only have ECDSA capabilities. Since we need + * them for ECDH later, we export and then re-import them with + * proper flags and algorithm. Of course We also set key's type + * and bits that we just got above. */ + key_attributes = psa_key_attributes_init(); + psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDH); + psa_set_key_type(&key_attributes, + PSA_KEY_TYPE_ECC_KEY_PAIR(ssl->handshake->xxdh_psa_type)); + psa_set_key_bits(&key_attributes, ssl->handshake->xxdh_psa_bits); - status = psa_export_key(pk->priv_id, buf, sizeof(buf), &key_len); - if (status != PSA_SUCCESS) { - ret = PSA_TO_MBEDTLS_ERR(status); - goto exit; - } - status = psa_import_key(&key_attributes, buf, key_len, - &ssl->handshake->xxdh_psa_privkey); - if (status != PSA_SUCCESS) { - ret = PSA_TO_MBEDTLS_ERR(status); - goto exit; - } + status = psa_export_key(pk->priv_id, buf, sizeof(buf), &key_len); + if (status != PSA_SUCCESS) { + ret = PSA_TO_MBEDTLS_ERR(status); + goto exit; + } + status = psa_import_key(&key_attributes, buf, key_len, + &ssl->handshake->xxdh_psa_privkey); + if (status != PSA_SUCCESS) { + ret = PSA_TO_MBEDTLS_ERR(status); + goto exit; + } - /* Set this key as owned by the TLS library: it will be its duty - * to clear it exit. */ - ssl->handshake->xxdh_psa_privkey_is_external = 0; + /* Set this key as owned by the TLS library: it will be its duty + * to clear it exit. */ + ssl->handshake->xxdh_psa_privkey_is_external = 0; + } ret = 0; break; From 4749007f6488dfcc7b78649e510f725c28ae3fd2 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Wed, 6 Dec 2023 17:22:53 +0000 Subject: [PATCH 0980/1674] Fix possible integer overflows before widening When calculating a result to go into an mbedtls_ms_time_t, make sure that arithmetic is performed at the final size to prevent overflow. Signed-off-by: David Horstmann --- library/ssl_client.c | 3 ++- library/ssl_ticket.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/library/ssl_client.c b/library/ssl_client.c index 55fe352fe..270db4168 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -753,7 +753,8 @@ static int ssl_prepare_client_hello(mbedtls_ssl_context *ssl) session_negotiate->ticket != NULL) { mbedtls_ms_time_t now = mbedtls_ms_time(); mbedtls_ms_time_t age = now - session_negotiate->ticket_reception_time; - if (age < 0 || age > session_negotiate->ticket_lifetime * 1000) { + if (age < 0 || + age > (mbedtls_ms_time_t) session_negotiate->ticket_lifetime * 1000) { /* Without valid ticket, disable session resumption.*/ MBEDTLS_SSL_DEBUG_MSG( 3, ("Ticket expired, disable session resumption")); diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c index 8e7c145bc..cd730fb31 100644 --- a/library/ssl_ticket.c +++ b/library/ssl_ticket.c @@ -510,7 +510,8 @@ int mbedtls_ssl_ticket_parse(void *p_ticket, } #endif - mbedtls_ms_time_t ticket_lifetime = ctx->ticket_lifetime * 1000; + mbedtls_ms_time_t ticket_lifetime = + (mbedtls_ms_time_t) ctx->ticket_lifetime * 1000; if (ticket_age < 0 || ticket_age > ticket_lifetime) { ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED; From e705f572f927fa69297b2aaed8b9061d8988c955 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 6 Dec 2023 16:38:15 +0800 Subject: [PATCH 0981/1674] Add components to test crypto_full w/wo accelerated RSA Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 75 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 462597ba6..f40253fa4 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3434,6 +3434,81 @@ component_test_psa_crypto_config_accel_rsa_signature () { make test } +config_psa_crypto_accel_rsa () { + driver_only=$1 + + # Start from crypto_full config (no X.509, no TLS) + helper_libtestdriver1_adjust_config "crypto_full" + + if [ "$driver_only" -eq 1 ]; then + # Remove RSA support and its dependencies + scripts/config.py unset MBEDTLS_RSA_C + scripts/config.py unset MBEDTLS_PKCS1_V15 + scripts/config.py unset MBEDTLS_PKCS1_V21 + + # We need PEM parsing in the test library as well to support the import + # of PEM encoded RSA keys. + scripts/config.py -f "$CONFIG_TEST_DRIVER_H" set MBEDTLS_PEM_PARSE_C + scripts/config.py -f "$CONFIG_TEST_DRIVER_H" set MBEDTLS_BASE64_C + fi +} + +component_test_psa_crypto_config_accel_rsa_crypto () { + msg "build: crypto_full with accelerated RSA" + + loc_accel_list="ALG_RSA_OAEP ALG_RSA_PSS \ + ALG_RSA_PKCS1V15_CRYPT ALG_RSA_PKCS1V15_SIGN \ + KEY_TYPE_RSA_PUBLIC_KEY \ + KEY_TYPE_RSA_KEY_PAIR_BASIC \ + KEY_TYPE_RSA_KEY_PAIR_GENERATE \ + KEY_TYPE_RSA_KEY_PAIR_IMPORT \ + KEY_TYPE_RSA_KEY_PAIR_EXPORT" + + # Configure + # --------- + + config_psa_crypto_accel_rsa 1 + + # Build + # ----- + + # These hashes are needed for unit tests. + loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ + ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512 ALG_MD5" + helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" + + helper_libtestdriver1_make_main "$loc_accel_list" + + # Make sure this was not re-enabled by accident (additive config) + not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o + not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o + not grep mbedtls_rsa_rsaes_pkcs1_v15_encrypt library/rsa.o + not grep mbedtls_rsa_rsaes_oaep_encrypt library/rsa.o + + # Run the tests + # ------------- + + msg "test: crypto_full with accelerated RSA" + make test +} + +component_test_psa_crypto_config_reference_rsa_crypto () { + msg "build: crypto_full with non-accelerated RSA" + + # Configure + # --------- + config_psa_crypto_accel_rsa 0 + + # Build + # ----- + make + + # Run the tests + # ------------- + msg "test: crypto_full with non-accelerated RSA" + make test +} + # This is a temporary test to verify that full RSA support is present even when # only one single new symbols (PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) is defined. component_test_new_psa_want_key_pair_symbol() { From f1cacad87090a7166cf5fb4fcc96f2ffc0b59ea2 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 6 Dec 2023 16:52:48 +0800 Subject: [PATCH 0982/1674] Correctly use asymmetric encrypt/decrypt driver Signed-off-by: Pengyu Lv --- tests/src/drivers/test_driver_asymmetric_encryption.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/tests/src/drivers/test_driver_asymmetric_encryption.c b/tests/src/drivers/test_driver_asymmetric_encryption.c index c906a664a..ff46387d5 100644 --- a/tests/src/drivers/test_driver_asymmetric_encryption.c +++ b/tests/src/drivers/test_driver_asymmetric_encryption.c @@ -46,8 +46,7 @@ psa_status_t mbedtls_test_transparent_asymmetric_encrypt( return mbedtls_test_driver_asymmetric_encryption_hooks.forced_status; } -#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) return libtestdriver1_mbedtls_psa_asymmetric_encrypt( (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, @@ -88,8 +87,7 @@ psa_status_t mbedtls_test_transparent_asymmetric_decrypt( return mbedtls_test_driver_asymmetric_encryption_hooks.forced_status; } -#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ - defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER) +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) return libtestdriver1_mbedtls_psa_asymmetric_decrypt( (const libtestdriver1_psa_key_attributes_t *) attributes, key_buffer, key_buffer_size, From 9e976f36493881a270683cdc02fec33105cfc207 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 6 Dec 2023 16:58:05 +0800 Subject: [PATCH 0983/1674] Conditionally check the attribute of generated RSA key `psa_get_key_attributes` depends on some built-in implementation of RSA. Guard the check with coresponding macros. Signed-off-by: Pengyu Lv --- tests/suites/test_suite_psa_crypto.data | 2 +- tests/suites/test_suite_psa_crypto.function | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index e239a4452..1bd8b6500 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -7342,7 +7342,7 @@ PSA generate key: RSA, e=1 generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"01":PSA_ERROR_INVALID_ARGUMENT PSA generate key: RSA, e=2 -generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"01":PSA_ERROR_INVALID_ARGUMENT +generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"02":PSA_ERROR_INVALID_ARGUMENT PSA generate key: FFDH, 2048 bits, good depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a510f8e01..154d4150a 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -9685,6 +9685,9 @@ void generate_key_rsa(int bits_arg, } /* Test the key information */ +#if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) PSA_ASSERT(psa_get_key_attributes(key, &attributes)); TEST_EQUAL(psa_get_key_type(&attributes), type); TEST_EQUAL(psa_get_key_bits(&attributes), bits); @@ -9696,6 +9699,10 @@ void generate_key_rsa(int bits_arg, } else { TEST_MEMORY_COMPARE(e_read_buffer, e_read_length, e_arg->x, e_arg->len); } +#else + (void) e_read_length; + (void) is_default_public_exponent; +#endif /* Do something with the key according to its type and permitted usage. */ if (!mbedtls_test_psa_exercise_key(key, usage, alg)) { From 3cd16c47bd3397085dcdf9d05d98d752701a956e Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 6 Dec 2023 18:17:39 +0800 Subject: [PATCH 0984/1674] Add analyze_driver_vs_reference_rsa for analyze_outcomes Signed-off-by: Pengyu Lv --- tests/scripts/analyze_outcomes.py | 32 +++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index ca349d38e..5e3f469c5 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -501,6 +501,38 @@ KNOWN_TASKS = { ], } } + }, + 'analyze_driver_vs_reference_rsa': { + 'test_function': do_analyze_driver_vs_reference, + 'args': { + 'component_ref': 'test_psa_crypto_config_reference_rsa_crypto', + 'component_driver': 'test_psa_crypto_config_accel_rsa_crypto', + 'ignored_suites': [ + # Modules replaced by drivers. + 'rsa', 'pkcs1_v15', 'pkcs1_v21', + # We temporarily don't care about PK staff. + 'pk', 'pkwrite', 'pkparse' + ], + 'ignored_tests': { + 'test_suite_platform': [ + # Incompatible with sanitizers (e.g. ASan). If the driver + # component uses a sanitizer but the reference component + # doesn't, we have a PASS vs SKIP mismatch. + 'Check mbedtls_calloc overallocation', + ], + # Following tests depend on RSA_C but are not about + # them really, just need to know some error code is there. + 'test_suite_error': [ + 'Low and high error', + 'Single high error' + ], + # Constant time operations only used for PKCS1_V15 + 'test_suite_constant_time': [ + re.compile(r'mbedtls_ct_zeroize_if .*'), + re.compile(r'mbedtls_ct_memmove_left .*') + ], + } + } } } From 57db59058635e620fdda31b5bd20e99eb5fb81df Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Thu, 7 Dec 2023 03:29:22 +0000 Subject: [PATCH 0985/1674] Rework to revert the early_data enabled flag We have two options for early data. early_data to indicate early data enable or not. early_data_file to provide path file to read early data from Signed-off-by: Xiaokang Qian --- programs/ssl/ssl_client2.c | 44 ++++++++++++++++++++++---------------- 1 file changed, 26 insertions(+), 18 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index ceffb2f3d..02004c3f7 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -52,6 +52,7 @@ int main(void) #define DFL_KEY_OPAQUE 0 #define DFL_KEY_PWD "" #define DFL_PSK "" +#define DFL_EARLY_DATA MBEDTLS_SSL_EARLY_DATA_DISABLED #define DFL_EARLY_DATA_FILE "" #define DFL_PSK_OPAQUE 0 #define DFL_PSK_IDENTITY "Client_identity" @@ -347,9 +348,11 @@ int main(void) #if defined(MBEDTLS_SSL_EARLY_DATA) #define USAGE_EARLY_DATA \ - " early_data=%%s The file path to read early data from\n" \ - " default: \"\" (do nothing)\n" \ - " option: a file path\n" + " early_data=%%d default: 0 (disabled)\n" \ + " options: 0 (disabled), 1 (enabled)\n" \ + " early_data_file=%%s The file path to read early data from\n" \ + " default: \"\" (do nothing)\n" \ + " option: a file path\n" #else #define USAGE_EARLY_DATA "" #endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_PROTO_TLS1_3 */ @@ -544,8 +547,8 @@ struct options { int reproducible; /* make communication reproducible */ int skip_close_notify; /* skip sending the close_notify alert */ #if defined(MBEDTLS_SSL_EARLY_DATA) - const char *early_data; /* the path of the file containing the - * early data to send */ + int early_data; /* support for early data */ + const char *early_data_file; /* the path of the file to read early data from */ #endif int query_config_mode; /* whether to read config */ int use_srtp; /* Support SRTP */ @@ -743,6 +746,10 @@ int main(int argc, char *argv[]) size_t cid_renego_len = 0; #endif +#if defined(MBEDTLS_SSL_EARLY_DATA) + FILE *early_data_fp = NULL; +#endif /* MBEDTLS_SSL_EARLY_DATA */ + #if defined(MBEDTLS_SSL_ALPN) const char *alpn_list[ALPN_LIST_SIZE]; #endif @@ -914,7 +921,8 @@ int main(int argc, char *argv[]) opt.groups = DFL_GROUPS; opt.sig_algs = DFL_SIG_ALGS; #if defined(MBEDTLS_SSL_EARLY_DATA) - opt.early_data = DFL_EARLY_DATA_FILE; + opt.early_data = DFL_EARLY_DATA; + opt.early_data_file = DFL_EARLY_DATA_FILE; #endif opt.transport = DFL_TRANSPORT; opt.hs_to_min = DFL_HS_TO_MIN; @@ -1198,7 +1206,17 @@ usage: #if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_SSL_EARLY_DATA) else if (strcmp(p, "early_data") == 0) { - opt.early_data = q; + switch (atoi(q)) { + case 0: + opt.early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED; + break; + case 1: + opt.early_data = MBEDTLS_SSL_EARLY_DATA_ENABLED; + break; + default: goto usage; + } + } else if (strcmp(p, "early_data_file") == 0) { + opt.early_data_file = q; } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -1965,17 +1983,7 @@ usage: } #if defined(MBEDTLS_SSL_EARLY_DATA) - int early_data_enabled = MBEDTLS_SSL_EARLY_DATA_DISABLED; - FILE *early_data_fp = NULL; - if (strlen(opt.early_data) > 0) { - if ((early_data_fp = fopen(opt.early_data, "rb")) == NULL) { - mbedtls_printf("failed\n ! Cannot open '%s' for reading.\n", - opt.early_data); - goto exit; - } - early_data_enabled = MBEDTLS_SSL_EARLY_DATA_ENABLED; - } - mbedtls_ssl_conf_early_data(&conf, early_data_enabled); + mbedtls_ssl_conf_early_data(&conf, opt.early_data); #endif /* MBEDTLS_SSL_EARLY_DATA */ if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { From 2a8035b49506a888bd4edc1891a27b51c920105f Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Thu, 7 Dec 2023 03:54:40 +0000 Subject: [PATCH 0986/1674] Add read early data code Signed-off-by: Xiaokang Qian --- programs/ssl/ssl_client2.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 02004c3f7..85ba831f4 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -3007,6 +3007,22 @@ reconnect: (unsigned int) -ret); goto exit; } +#if defined(MBEDTLS_SSL_EARLY_DATA) + if (opt.early_data == MBEDTLS_SSL_EARLY_DATA_ENABLED + && strlen(opt.early_data) > 0) { + if ((early_data_fp = fopen(opt.early_data_file, "rb")) == NULL) { + mbedtls_printf("failed\n ! Cannot open '%s' for reading.\n", + opt.early_data); + goto exit; + } + + /* TODO: read the early data from early_data_fp in chunks, and call + * mbedtls_ssl_write_early_data() to initial the handshake and send + * out the early data. Then finish the handshake. + */ + + } +#endif while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { if (ret != MBEDTLS_ERR_SSL_WANT_READ && From dd8a7f8acfe8997e3b6d37bbdefc88ce8ac145db Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Thu, 7 Dec 2023 03:58:05 +0000 Subject: [PATCH 0987/1674] Revert the early data test case Signed-off-by: Xiaokang Qian --- tests/opt-testcases/tls13-misc.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index cf8aa745a..f03a386a0 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -263,7 +263,7 @@ requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ run_test "TLS 1.3 m->G: EarlyData: basic check, good" \ "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK \ --earlydata --maxearlydata 16384 --disable-client-cert" \ - "$P_CLI debug_level=4 early_data=$EARLY_DATA_INPUT reco_mode=1 reconnect=1 reco_delay=900" \ + "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1 reco_delay=900" \ 0 \ -c "received max_early_data_size: 16384" \ -c "Reconnecting with saved session" \ @@ -287,7 +287,7 @@ requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3 m->G: EarlyData: no early_data in NewSessionTicket, good" \ "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK --disable-client-cert" \ - "$P_CLI debug_level=4 early_data=$EARLY_DATA_INPUT reco_mode=1 reconnect=1" \ + "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1" \ 0 \ -c "Reconnecting with saved session" \ -C "NewSessionTicket: early_data(42) extension received." \ From 35c026c09eb5cf91b070ca7d34ca298a72986464 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Thu, 7 Dec 2023 06:10:34 +0000 Subject: [PATCH 0988/1674] Read early data file Signed-off-by: Xiaokang Qian --- programs/ssl/ssl_client2.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 85ba831f4..cdc43522b 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -3007,21 +3007,24 @@ reconnect: (unsigned int) -ret); goto exit; } -#if defined(MBEDTLS_SSL_EARLY_DATA) +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_EARLY_DATA) if (opt.early_data == MBEDTLS_SSL_EARLY_DATA_ENABLED - && strlen(opt.early_data) > 0) { + && strlen(opt.early_data_file) > 0) { if ((early_data_fp = fopen(opt.early_data_file, "rb")) == NULL) { mbedtls_printf("failed\n ! Cannot open '%s' for reading.\n", - opt.early_data); + opt.early_data_file); + ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto exit; } + mbedtls_printf("Read early data successfully..."); + /* TODO: read the early data from early_data_fp in chunks, and call * mbedtls_ssl_write_early_data() to initial the handshake and send * out the early data. Then finish the handshake. */ - } + } else #endif while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { From 864c62a906b4df17e1db10156ca225067c530229 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Thu, 7 Dec 2023 06:11:38 +0000 Subject: [PATCH 0989/1674] Add one test case with early_data_file Signed-off-by: Xiaokang Qian --- tests/opt-testcases/tls13-misc.sh | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index f03a386a0..a98cfa05a 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -295,6 +295,32 @@ run_test "TLS 1.3 m->G: EarlyData: no early_data in NewSessionTicket, good" \ -C "EncryptedExtensions: early_data(42) extension received." \ -C "EncryptedExtensions: early_data(42) extension exists." +requires_gnutls_tls1_3 +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ + MBEDTLS_SSL_EARLY_DATA +requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED +run_test "TLS 1.3 m->G: EarlyData: write early data, fallback, good" \ + "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK \ + --earlydata --maxearlydata 16384 --disable-client-cert" \ + "$P_CLI debug_level=4 early_data=1 early_data_file=$EARLY_DATA_INPUT reco_mode=1 reconnect=1 reco_delay=900" \ + 0 \ + -c "received max_early_data_size: 16384" \ + -c "Reconnecting with saved session" \ + -c "Read early data successfully..." \ + -c "NewSessionTicket: early_data(42) extension received." \ + -c "ClientHello: early_data(42) extension exists." \ + -c "EncryptedExtensions: early_data(42) extension received." \ + -c "EncryptedExtensions: early_data(42) extension exists." \ + -c "<= write EndOfEarlyData" \ + -s "Parsing extension 'Early Data/42' (0 bytes)" \ + -s "Sending extension Early Data/42 (0 bytes)" \ + -s "END OF EARLY DATA (5) was received." \ + -s "early data accepted" + #TODO: OpenSSL tests don't work now. It might be openssl options issue, cause GnuTLS has worked. skip_next_test requires_openssl_tls1_3 From daddfb520d5b9113b5c73dc10c435817abe2287b Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Thu, 7 Dec 2023 08:14:30 +0000 Subject: [PATCH 0990/1674] Open the file once read in the file path Signed-off-by: Xiaokang Qian --- programs/ssl/ssl_client2.c | 25 ++++++------------------- 1 file changed, 6 insertions(+), 19 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index cdc43522b..dfae74549 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1217,6 +1217,12 @@ usage: } } else if (strcmp(p, "early_data_file") == 0) { opt.early_data_file = q; + if ((early_data_fp = fopen(opt.early_data_file, "rb")) == NULL) { + mbedtls_printf("failed\n ! Cannot open '%s' for reading.\n", + opt.early_data_file); + ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; + goto exit; + } } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -3007,25 +3013,6 @@ reconnect: (unsigned int) -ret); goto exit; } -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_EARLY_DATA) - if (opt.early_data == MBEDTLS_SSL_EARLY_DATA_ENABLED - && strlen(opt.early_data_file) > 0) { - if ((early_data_fp = fopen(opt.early_data_file, "rb")) == NULL) { - mbedtls_printf("failed\n ! Cannot open '%s' for reading.\n", - opt.early_data_file); - ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; - goto exit; - } - - mbedtls_printf("Read early data successfully..."); - - /* TODO: read the early data from early_data_fp in chunks, and call - * mbedtls_ssl_write_early_data() to initial the handshake and send - * out the early data. Then finish the handshake. - */ - - } else -#endif while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { if (ret != MBEDTLS_ERR_SSL_WANT_READ && From 963468035dc857c121899f1f83856b3c0b96ae82 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Thu, 7 Dec 2023 09:19:43 +0000 Subject: [PATCH 0991/1674] Add the test framework of early data Signed-off-by: Xiaokang Qian --- programs/ssl/ssl_client2.c | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index dfae74549..c15a75dcf 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -34,6 +34,10 @@ int main(void) #define MAX_REQUEST_SIZE 20000 #define MAX_REQUEST_SIZE_STR "20000" + +/* the max record size of TLS 1.3 is 2^14 */ +#define MAX_EARLY_DATA_CHUNK_SIZE 16384 + #define DFL_SERVER_NAME "localhost" #define DFL_SERVER_ADDR NULL #define DFL_SERVER_PORT "4433" @@ -721,6 +725,29 @@ exit: return ret; } +#if defined(MBEDTLS_SSL_EARLY_DATA) +int ssl_write_early_data(mbedtls_ssl_context *ssl, FILE *fp, + int *early_data_written) +{ + + /* TODO: Will add code of calling mbedtls_ssl_write_early_data() + * to write real early data. + */ + unsigned char early_data_buf[MAX_EARLY_DATA_CHUNK_SIZE]; + unsigned char *p_early_data_start = &early_data_buf[0]; + unsigned char *p_early_data_end = p_early_data_start + + MAX_EARLY_DATA_CHUNK_SIZE; + ((void) fp); + ((void) early_data_buf); + ((void) p_early_data_start); + ((void) p_early_data_end); + ((void) early_data_written); + + return mbedtls_ssl_handshake(ssl); + +} +#endif /* MBEDTLS_SSL_EARLY_DATA */ + int main(int argc, char *argv[]) { int ret = 0, len, tail_len, i, written, frags, retry_left; @@ -3014,7 +3041,14 @@ reconnect: goto exit; } +#if defined(MBEDTLS_SSL_EARLY_DATA) + + int early_data_written = 0; + while ((ret = ssl_write_early_data(&ssl, early_data_fp, + &early_data_written)) != 0) { +#else while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { +#endif if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE && ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { From dce183f2e2eae9e1910f2d1316a62dbcb2e46946 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Thu, 7 Dec 2023 09:22:38 +0000 Subject: [PATCH 0992/1674] Remove the duplicate cases and add early_data_file option Signed-off-by: Xiaokang Qian --- tests/opt-testcases/tls13-misc.sh | 28 +--------------------------- 1 file changed, 1 insertion(+), 27 deletions(-) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index a98cfa05a..2fe81141c 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -263,7 +263,7 @@ requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ run_test "TLS 1.3 m->G: EarlyData: basic check, good" \ "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK \ --earlydata --maxearlydata 16384 --disable-client-cert" \ - "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1 reco_delay=900" \ + "$P_CLI debug_level=4 early_data=1 early_data_file=$EARLY_DATA_INPUT reco_mode=1 reconnect=1 reco_delay=900" \ 0 \ -c "received max_early_data_size: 16384" \ -c "Reconnecting with saved session" \ @@ -295,32 +295,6 @@ run_test "TLS 1.3 m->G: EarlyData: no early_data in NewSessionTicket, good" \ -C "EncryptedExtensions: early_data(42) extension received." \ -C "EncryptedExtensions: early_data(42) extension exists." -requires_gnutls_tls1_3 -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_CLI_C -requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \ - MBEDTLS_SSL_EARLY_DATA -requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED -run_test "TLS 1.3 m->G: EarlyData: write early data, fallback, good" \ - "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK \ - --earlydata --maxearlydata 16384 --disable-client-cert" \ - "$P_CLI debug_level=4 early_data=1 early_data_file=$EARLY_DATA_INPUT reco_mode=1 reconnect=1 reco_delay=900" \ - 0 \ - -c "received max_early_data_size: 16384" \ - -c "Reconnecting with saved session" \ - -c "Read early data successfully..." \ - -c "NewSessionTicket: early_data(42) extension received." \ - -c "ClientHello: early_data(42) extension exists." \ - -c "EncryptedExtensions: early_data(42) extension received." \ - -c "EncryptedExtensions: early_data(42) extension exists." \ - -c "<= write EndOfEarlyData" \ - -s "Parsing extension 'Early Data/42' (0 bytes)" \ - -s "Sending extension Early Data/42 (0 bytes)" \ - -s "END OF EARLY DATA (5) was received." \ - -s "early data accepted" - #TODO: OpenSSL tests don't work now. It might be openssl options issue, cause GnuTLS has worked. skip_next_test requires_openssl_tls1_3 From 98a90c6542e4e8c7063e2c4918f24864288c0c20 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 7 Dec 2023 17:23:25 +0800 Subject: [PATCH 0993/1674] Fix various issue Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 5 +---- tests/scripts/analyze_outcomes.py | 2 +- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f40253fa4..a98a04d77 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3480,10 +3480,7 @@ component_test_psa_crypto_config_accel_rsa_crypto () { helper_libtestdriver1_make_main "$loc_accel_list" # Make sure this was not re-enabled by accident (additive config) - not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o - not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o - not grep mbedtls_rsa_rsaes_pkcs1_v15_encrypt library/rsa.o - not grep mbedtls_rsa_rsaes_oaep_encrypt library/rsa.o + not grep mbedtls_rsa library/rsa.o # Run the tests # ------------- diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 5e3f469c5..d3ea8c0e1 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -510,7 +510,7 @@ KNOWN_TASKS = { 'ignored_suites': [ # Modules replaced by drivers. 'rsa', 'pkcs1_v15', 'pkcs1_v21', - # We temporarily don't care about PK staff. + # We temporarily don't care about PK stuff. 'pk', 'pkwrite', 'pkparse' ], 'ignored_tests': { From abeca020d8a7004719b6a39bfe6a40ee0803c385 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Thu, 7 Dec 2023 17:25:15 +0800 Subject: [PATCH 0994/1674] Remove test_psa_crypto_config_accel_rsa_signature Signed-off-by: Pengyu Lv --- tests/scripts/all.sh | 74 -------------------------------------------- 1 file changed, 74 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a98a04d77..4281557fa 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3360,80 +3360,6 @@ component_test_psa_ecc_key_pair_no_generate() { build_and_test_psa_want_key_pair_partial "ECC" "GENERATE" } -component_test_psa_crypto_config_accel_rsa_signature () { - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature" - - loc_accel_list="ALG_RSA_PKCS1V15_SIGN ALG_RSA_PSS KEY_TYPE_RSA_KEY_PAIR KEY_TYPE_RSA_PUBLIC_KEY" - - # Configure - # --------- - - # Start from default config (no TLS 1.3, no USE_PSA) - helper_libtestdriver1_adjust_config "default" - - # It seems it is not possible to remove only the support for RSA signature - # in the library. Thus we have to remove all RSA support (signature and - # encryption/decryption). AS there is no driver support for asymmetric - # encryption/decryption so far remove RSA encryption/decryption from the - # application algorithm list. - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT - - # Remove RSA support and its dependencies - scripts/config.py unset MBEDTLS_RSA_C - scripts/config.py unset MBEDTLS_PKCS1_V15 - scripts/config.py unset MBEDTLS_PKCS1_V21 - scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED - scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED - - # Make sure both the library and the test library support the SHA hash - # algorithms and only those ones (SHA256 is included by default). That way: - # - the test library can compute the RSA signatures even in the case of a - # composite RSA signature algorithm based on a SHA hash (no other hash - # used in the unit tests). - # - the dependency of RSA signature tests on PSA_WANT_ALG_SHA_xyz is - # fulfilled as the hash SHA algorithm is supported by the library, and - # thus the tests are run, not skipped. - # - when testing a signature key with an algorithm wildcard built from - # PSA_ALG_ANY_HASH as algorithm to test with the key, the chosen hash - # algorithm based on the hashes supported by the library is also - # supported by the test library. - # Disable unwanted hashes here, we'll enable hashes we want in loc_extra_list. - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160_C - scripts/config.py unset MBEDTLS_MD5_C - scripts/config.py unset MBEDTLS_RIPEMD160_C - - # We need PEM parsing in the test library as well to support the import - # of PEM encoded RSA keys. - scripts/config.py -f "$CONFIG_TEST_DRIVER_H" set MBEDTLS_PEM_PARSE_C - scripts/config.py -f "$CONFIG_TEST_DRIVER_H" set MBEDTLS_BASE64_C - - # Build - # ----- - - # These hashes are needed for some RSA-PSS signature tests. - loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512 \ - ALG_SHA3_224 ALG_SHA3_256 ALG_SHA3_384 ALG_SHA3_512" - helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" - - helper_libtestdriver1_make_main "$loc_accel_list" - - # Make sure this was not re-enabled by accident (additive config) - not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o - not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o - - # Run the tests - # ------------- - - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature" - make test -} - config_psa_crypto_accel_rsa () { driver_only=$1 From 303121eb1682f3e4e18f2a7d9578c21a53f17f2a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 7 Dec 2023 12:05:07 +0100 Subject: [PATCH 0995/1674] Fix a typo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- docs/architecture/psa-migration/md-cipher-dispatch.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index a4c8fccf0..f165b21e0 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -351,7 +351,7 @@ This excludes things like: ### Dual-dispatch for block cipher primitives -Considering the priorities stated above, initially we want to support GCM, CCM and CTR-DRBG. All trhee of them use the block cipher primitive only in the encrypt direction. Currently, GCM and CCM use the Cipher layer in order to work with AES, Aria and Camellia (DES is excluded by the standards due to its smaller block size) and CTR-DRBG directly uses the low-level API from `aes.h`. In all cases, access to the "block cipher primitive" is done by using "ECB mode" (which for both Cipher and `aes.h` only allows a single block, contrary to PSA which implements actual ECB mode). +Considering the priorities stated above, initially we want to support GCM, CCM and CTR-DRBG. All three of them use the block cipher primitive only in the encrypt direction. Currently, GCM and CCM use the Cipher layer in order to work with AES, Aria and Camellia (DES is excluded by the standards due to its smaller block size) and CTR-DRBG directly uses the low-level API from `aes.h`. In all cases, access to the "block cipher primitive" is done by using "ECB mode" (which for both Cipher and `aes.h` only allows a single block, contrary to PSA which implements actual ECB mode). The two AEAD modes, GCM and CCM, have very similar needs and positions in the stack, strongly suggesting using the same design for both. On the other hand, there are a number of differences between CTR-DRBG and them. - CTR-DRBG only uses AES (and there is no plan to extend it to other block ciphers at the moment), while GCM and CCM need to work with 3 block ciphers already. From 9f06681cb4d44ea31d9200909dd075f80729d91f Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 7 Dec 2023 11:02:48 +0000 Subject: [PATCH 0996/1674] Update psa-thread-safety.md Signed-off-by: Ryan Everett --- docs/architecture/psa-thread-safety.md | 34 ++++++++++++-------------- 1 file changed, 15 insertions(+), 19 deletions(-) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md index 0d03e324d..79881a624 100644 --- a/docs/architecture/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety.md @@ -281,28 +281,24 @@ Note that a thread must hold the global mutex when it reads or changes a slot's #### Slot states -For concurrency purposes, a slot can be in one of three states: +For concurrency purposes, a slot can be in one of four states: -* UNUSED: no thread is currently accessing the slot. It may be occupied by a volatile key or a cached key. -* WRITING: a thread has exclusive access to the slot. This can only happen in specific circumstances as detailed below. -* READING: any thread may read from the slot. +* EMPTY: no thread is currently accessing the slot, and no information is stored in the slot. +* FILLING: one thread is currently loading or creating material to fill the slot, this thread is responsible for the next state transition. +* FULL: the slot contains a key, and any thread is able to use the key after registering as a reader. +* PENDING_DELETION: the key within the slot has been destroyed or marked for destruction, but at least one thread is still registered as a reader. No thread can register to read this slot. The slot must not be wiped until the last reader de-registers, wiping the slot by calling `psa_wipe_key_slot`. -A high-level view of state transitions: +To change `slot` to state `new_state`, a function must call `psa_slot_state_transition(slot, new_state)`. -* `psa_get_empty_key_slot`: UNUSED → WRITING. -* `psa_get_and_lock_key_slot_in_memory`: UNUSED or READING → READING. This function only accepts slots in the UNUSED or READING state. A slot with the correct id but in the WRITING state is considered free. -* `psa_unlock_key_slot`: READING → UNUSED or READING. -* `psa_finish_key_creation`: WRITING → READING. -* `psa_fail_key_creation`: WRITING → UNUSED. -* `psa_wipe_key_slot`: any → UNUSED. If the slot is READING or WRITING on entry, this function must wait until the writer or all readers have finished. (By the way, the WRITING state is possible if `mbedtls_psa_crypto_free` is called while a key creation is in progress.) See [“Destruction of a key in use”](#destruction-of-a-key-in-use). +A counter field within each slot keeps track of how many readers have registered. Library functions must call `psa_register_read` before reading the key data witin a slot, and `psa_unregister_read` after they have finished operating. -The current `state->lock_count` corresponds to the difference between UNUSED and READING: a slot is in use iff its lock count is nonzero, so `lock_count == 0` corresponds to UNUSED and `lock_count != 0` corresponds to READING. +Library functions which operate on a slot will return `PSA_ERROR_BAD_STATE` if the slot is in an inappropriate state for the function at the linearization point. -There is currently no indication of when a slot is in the WRITING state. This only happens between a call to `psa_start_key_creation` and a call to one of `psa_finish_key_creation` or `psa_fail_key_creation`. This new state can be conveyed by a new boolean flag, or by setting `lock_count` to `~0`. +A state transition diagram can be found in docs/architecture/psa-thread-safety/key-slot-state-transitions.jpg. In this diagram, an arrow between two states `q1` and `q2` with label `f` indicates that if the state of a slot is `q1` immediately before `f`'s linearization point, it may be `q2` immediately after `f`'s linearization point. This means that the linearization point of a state changing call to a function must be a call to `psa_slot_state_transition`. #### Destruction of a key in use -Problem: In [Key destruction long-term requirements](#key-destruction-long-term-requirements) we require that the key slot is destroyed (by `psa_wipe_key_slot`) even while it's in use (READING or WRITING). +Problem: In [Key destruction long-term requirements](#key-destruction-long-term-requirements) we require that the key slot is destroyed (by `psa_wipe_key_slot`) even while it's in use (FILLING or with at least one reader). How do we ensure that? This needs something more sophisticated than mutexes (concurrency number >2)! Even a per-slot mutex isn't enough (we'd need a reader-writer lock). @@ -310,11 +306,11 @@ Solution: after some team discussion, we've decided to rely on a new threading a ##### Mutex only -When calling `psa_wipe_key_slot` it is the callers responsibility to set the slot state to WRITING first. For most functions this is a clean UNUSED -> WRITING transition: psa_get_empty_key_slot, psa_get_and_lock_key_slot, psa_close_key, psa_purge_key. +When calling `psa_wipe_key_slot` it is the callers responsibility to set the slot state to PENDING_DELETION first. For most functions this is a clean {FULL, !has_readers} -> PENDING_DELETION transition: psa_get_empty_key_slot, psa_get_and_lock_key_slot, psa_close_key, psa_purge_key. `psa_wipe_all_key_slots` is only called from `mbedtls_psa_crypto_free`, here we will need to return an error as we won't be able to free the key store if a key is in use without compromising the state of the secure side. This is acceptable as an untrusted application cannot call `mbedtls_psa_crypto_free` in a crypto service. In a service integration, `mbedtls_psa_crypto_free` on the client cuts the communication with the crypto service. Also, this is the current behaviour. -`psa_destroy_key` marks the slot as deleted, deletes persistent keys and opaque keys and returns. This only works if drivers are protected by a mutex (and the persistent storage as well if needed). When the last reading operation finishes, it wipes the key slot. This will free the key ID, but the slot might be still in use. In case of volatile keys freeing up the ID while the slot is still in use does not provide any benefit and we don't need to do it. +`psa_destroy_key` marks the slot as deleted, deletes persistent keys and opaque keys and returns. This only works if drivers are protected by a mutex (and the persistent storage as well if needed).`psa_destroy_key` transfers to PENDING_DELETION as an intermediate state, then, when the last reading operation finishes, it wipes the key slot. This will free the key ID, but the slot might be still in use. In case of volatile keys freeing up the ID while the slot is still in use does not provide any benefit and we don't need to do it. These are serious limitations, but this can be implemented with mutexes only and arguably satisfies the [Key destruction short-term requirements](#key-destruction-short-term-requirements). @@ -329,9 +325,9 @@ We can't reuse the `lock_count` field to mark key slots deleted, as we still nee #### Condition variables -Clean UNUSED -> WRITING transition works as before. +Clean UNUSED -> PENDING_DELETION transition works as before. -`psa_wipe_all_key_slots` and `psa_destroy_key` mark the slot as deleted and go to sleep until the slot state becomes UNUSED. When waking up, they wipe the slot, and return. +`psa_wipe_all_key_slots` and `psa_destroy_key` mark the slot as deleted and go to sleep until the slot has no registered readers. When waking up, they wipe the slot, and return. If the slot is already marked as deleted the threads calling `psa_wipe_all_key_slots` and `psa_destroy_key` go to sleep until the deletion completes. To satisfy [Key destruction long-term requirements](#key-destruction-long-term-requirements) none of the threads may return from the call until the slot is deleted completely. This can be achieved by signalling them when the slot has already been wiped and ready for use, that is not marked for deletion anymore. To handle spurious wake-ups, these threads need to be able to tell whether the slot was already deleted. This is not trivial, because by the time the thread wakes up, theoretically the slot might be in any state. It might have been reused and maybe even marked for deletion again. @@ -354,7 +350,7 @@ Alternatively, protecting operation contexts can be left as the responsibility o #### Drivers -Each driver that hasn’t got the "thread_safe” property set has a dedicated mutex. +Each driver that hasn’t got the "thread_safe” property set has a dedicated mutex. Implementing "thread_safe” drivers depends on the condition variable protection in the key store, as we must guarantee that the core never starts the destruction of a key while there are operations in progress on it. From 1e9733c6a8d2505218801dd415065fdf34a8aa7c Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 7 Dec 2023 11:03:14 +0000 Subject: [PATCH 0997/1674] Add graph Signed-off-by: Ryan Everett --- .../key-slot-state-transitions.drawio | 183 ++++++++++++++++++ .../key-slot-state-transitions.jpg | Bin 0 -> 46583 bytes 2 files changed, 183 insertions(+) create mode 100644 docs/architecture/psa-thread-safety/key-slot-state-transitions.drawio create mode 100644 docs/architecture/psa-thread-safety/key-slot-state-transitions.jpg diff --git a/docs/architecture/psa-thread-safety/key-slot-state-transitions.drawio b/docs/architecture/psa-thread-safety/key-slot-state-transitions.drawio new file mode 100644 index 000000000..5da2a7fcc --- /dev/null +++ b/docs/architecture/psa-thread-safety/key-slot-state-transitions.drawio @@ -0,0 +1,183 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/docs/architecture/psa-thread-safety/key-slot-state-transitions.jpg b/docs/architecture/psa-thread-safety/key-slot-state-transitions.jpg new file mode 100644 index 0000000000000000000000000000000000000000..ebfadcb4963d39f59cc3f21d30a21a62ce1676c0 GIT binary patch literal 46583 zcmeFZ2UL^mwl4fZC{jc3BubYmU8D-qM5HKPKm?=-5d{g-dj|o5B}nfAA~p101VlPW zs0o5}5~M_FH|~AbI(zMN_8n`V@sB&kKkj`qNXXan&9}_?%xBK|U3|G%254?;Xlnoj z1OPyQe*qVBfEoZI{MCNFgYb=rgy>hhL_$JLLUxIqoa_=A8961GlAMB?f{cucmWmoo zLqkhLPDw{kM?;VQpXS#^2!5RjBD#b>k%oed0>Aa&Y!@8>?InV4f=v(sEkH<10HP(h z=mDVk`y?j#TLb>15fFlih)GB4~aPOBPp<&?>kx|h}$*)sV(|&uCo|j)xSX5k6 z`mVaBwyqx0(Ad<~-P7CG|8Zb&d}4BHdgjY45`|v*y1MplePa{5|NY?b=ot6o=P$Vk z0MOsX!oUAruz!*Z-w6bSMEEWx{UsLxp%?xSL`y_`MVy50rU9vqJ3W^~&?N@d#N4V* zGHyvj4CA9`W8_RcQYc>RFVX%c*dckE{?W%h^YXI17%dDossn{99I24w{=8!Bl|kIa~jc=>?FViZi+Z!csFY zfc_G~@S2kcr^Ed(3U5#NbRYQU&+R`I zK<>|sJ5++=()T@E;+|xkqeMmM|)@B0tJ#gL~KB=`-zF8`(~QC zeRh|1q}RFSVzYyjJIuvq)w(UgWBPc9)~8OeJ>5goPm?1l=)hA}WMvot?1zv^A9~F%sf(cD= z34K{q)3tu)-*3g3A|~=Jyzl1NwV%*gAX73!ZaerGA-4nl-b1_}=0GB_8GY#q-Pxg8 z;@G1^#)7mq&e1(jd5>n}Yf`VeKIf^F7rZxld+qwJ0BA&dZw`tQjmmd=d7vE-U|+f5 zOtYS>=~+Cd`EKsZYn`%>JWWmEl7s_XeXC{UVV7QIQ6@VwH5Zu4X!46bBA9u3tSS83~9CtR8crzIeHb}-BUehjngx>kk6!7Zyc{psZ*cY ztrI#qnX_^Ien;d8J;tJhg)HoQhh4f%*yKNz#S+tJ?v`1(QGv3ix&Z85B)5?5k$dIk z_inXUwbj&~NO#wD-nH5x`6~L}0U=%^B&Sau^53l--~tG*I!jevUu|OyK-m`uU^f9} zRC$1X!cRF^m^IGKY3cN3AQc3#thF>R=Lj6C%x}Q(D->!VfI(-I~mqIw(8Qqx&?``5f|vl)_LtLY8W1{-}clnme8b6^rX^p*D3aVuw1JH!BL#O)1WI zbsCM_u2^`tdD)BaAp!ZVfJ^X*&Ma;$q;=Uv$JNN!I)JIP#C#LkSQ|dQCa)!;X7R)L zStFRS)*_^lAX$)PEr*=$l&={}8r6=vK6$EMfwRzWby41l6Y54bY1_UNDTqBf_o%ku z*?c-@Js=Ld!=0v24CvWoWV>F_&FNC-mnFN%MmgwCs0SlgS1cDoPTHcl6QOy_GT(=R zr&$DNDHXo570#~Z@P4c8?lE|>&h)`Bm1vHOPU^(L7KM*aOyxY;tpVv*$xogM-?7ER z7;zQm{_Pc4aC94+I_DDdR2qYJIn$W-nX8x?ACmiItZ_Y8Yq<9AmACTET6T3ImtQ>y z^z;|SEXDcr;!I3&J}b%;>oVrdQNj-6hwO3kJiPXR+8Zv)$gBqZ59jn*559)VADfm|PO zvVKLU_6@j7#>~*2Je^UFjfNa+cLE%J*(Uads?7bOf09+Cy2xkvsqUVM+UW5Q7)x3|06|k9?thHERdP+`2Kdq`Ip$l4 zuX+KlMi0x>{=Cd-tDIskqttbw&TFzL*d?NokOo91@=)M1tzalQ$w+FTBHup&pg+T* z|MCqq*lxG?LpmWO;7IRO@d7AX7XVE;{sVye=QH*zXXVdzZI_qMk}m*oz(x}}aA^J~ z$o0=>{39Iu3;Pr`6&+x3jm4e&V z!zP9It^^s!C~3~WRw)bwtJc+Cr|JEj?I--_kPBeKgMnbP_J5;<{#(t2-$?qg?JBMq zo2-lJecvwDtHa5Dce?E|uIyIh)S=uHk0C{-{=1W&>^}0IjY)lLQr_w<&g1hMsFpf) zfxX5+@k3ZbHnWJ-u*6DFJL3}%FwG@j9*+v4yW{9<@FI$ngXsMo!=qWZcrIUBnn>0A zHKoQkRj5N&9AXrN(9KkQ${gk!O&(c-(_NEqf z**D`m;c?>Z$#ehOlt%6mpnt_FaiVgpMF)^aT*>f7S6^220!?Sf^bG;lz3SpAV4k`|et z#fhc%2wY_~7N(~pSzd0ES;Nl!z!aZESf1oY~6*KlNWBf z`?(h*H;$@y5Fw6mhjf|bK~INtI^eoqq%zdkWu-FEN@n8J9{XZRHAM-s`P9t3+sW}; zZ+ZmsP)GhFOAEoL#7IzXcEovD&M*h zRu`UaLzE_KVj@wlKi3s)_BHWKn7R>BDi1)w7bsU25DO)9JD|7#7?Gz2m{=rVn({2H zPT;Wlaa~sHmI5;x8Y`K{+&LSDB_m0Ln-*(;j4 ztG=JeE>pevtPXgL-?$Yg{JtcTLQ=c~@Z=dK<#fdsFR!k}_@OQIVw9+|wZ?l~{Q@AZ z&ePL*ns%}HA1PrSoARPfiY2`~3aZVHX{SEiW9wh0qVIj_dS0m%!yI{8$D*OoY}@Wt z-Vm#?e7K1mh(+-EFyI15^h3xoBq zr3miAqM=kGheJ?GJuH2<_|}cAkq;XqWpgnZ6`Pz2B{6$`gM;0UazwP9Ih2REVa(dM z{-bQlg9Q4GpY`qX3!2YeiWfWOH%16y_D$-3m?Q}X#;+k03Gf4V=c%Rj?{^8(tc?4;#LO@n8yLc13dkiIkLUFVw8qn{T6>JU*eR`+52vB z^C|p89G~1yA)UopDfe6Rmc);PA0HbI&Ry!H2&7Kd!*ydW0K*y4T9*Kt*-Nh5wK40S zGR+~|vSp<@?u>aBpP+Q|t!070H(whaIu&3V+aBvNLI8gTqu-*j)ODfit*GIxF4Hnc zqp#Bhe#$2(H1uAlmVjSofkc5zxARf6<1Oh)#C>=Cchf#e%=i54*N_87Gm%;*_ON_ro>BuMS2o zM8}HfQ0dXav%CGlf!e-REvX?viZqT+z@5>_$n&W&7I0>(jF; zoJ!%vx)TRGQ1$V;jk@OMEqLvKh$q>56yoaBaaW$Y*v8MyV90pSs~jeegkRI+0$}U? z+x&3LEt_|&f`=2;HAfp|^=Xp}SEbmt&^3N!>AaWa2-54Zk{f_{Exp>nS_T1Im zn|Eh;p@qicrYlR58P9hfVM~*=P4Jo)Q5!S1IHU#Uq?Ehd&g6(Zt0>=bRrqOn zYGTkU5qRgxSQU8(ZHmIa0AY4y8=tQ%CcMlg2ZunDhS%!eJsCO?NzE_2>8fyUE74yq z$06xv_w*X|?GKz(!2PrpXcvou9BC{+u5=l9z+RSYPx9{PYDrD%vct9V-XqCa=xYuP zJco44n%SQL4l}kS?XjjmId5a}^3NEDWU^ zo>;JTyhQKI4=dc-eKZcUpRPz+()V3?LdQIJb%aILkr0IoTc)j)4NHiZA}B8}b3=L^ zy;gRn`@pN;+w6}fxNOT$5-9DlV4*YpFlkF`vI3SHjds!IsefaCKZ}*^YCf+v!T2o? z`_1xl>PuXKBBTETIzx<3_yY#Yec3O7>HyT#zzO)Wy zYObgqS-pwc;ph6*QIE!lH<+V*7#n%?htIbiAuCHhls+yL6o0j>Tm zq}*3oDZ3Q@Y`6aob9!G8NiJ_(e4(qLU)lDkRd1aq%L1>(v)o**{@+SIsVK^#+Plv5 zmi=pr;o--3Yb^O(snK2MGn#%DMp?*n*V|~^Zz26s-~0O3RK`DIPX{llQ_})c=X@Iw zAza<_T+7oNA~5PG-oZ_pEg8g5%6&5QmpJ0N+1k$gWU~F>)CUqFf&}3J`V@3>4L;Ky z0M5g#Rk@>5r_g#4M@vqKhV)xWVqiVzaq-7trp%^1jx$6g$;5#}`oxu_z7TACH;f(* zHO2BGBGxc_-6eH%@;*C)LR&l5_Y(|L%ihwnfy?Nrh0pIl63pHTY2I#eOHVS_vdnxr$26fyZ(`cajBy{8rdG5 zjLzIi3l^3>liBOuH-oh_kaLH#@)LrIkyksxQUH@@fGp<7sgl?$D zO)Tr|g{K2prfi?Gk;lfHd#Y0&>u4>vyew5w^Z85Jc6wFSN`5&scO5~W>hxx<`(;vJ zioVIe0Bl@t1cV8Dwo|Rw&-n9Ac|1cZ9;8mF9!q>F`tdljYjlA2V}nYPROuBP6}EP& zbLQe8f4tq9H-6a!hjzYHj5YWBFt%qsJX2U3KDg;)6d>WW5)}`6 zMLWaJd!=iROfO}FrD9U2JTmVtnM7{AK=wy;dHbaKwPFx_S36(P{C_X!-6 z1M6+9zG7I}PFFW5BRpJ3XpVhY)*!|pLKD%_lr*@%XVx@n%~|X#C>GJtl(0jV=gejj0?}cHFktyY`>nKt{Q7PsSc`#R zdUhib5m!!2zZDx@} zJR~;zVoPTtJi#6uK~-3vyKLra6uV6~qnbpLqU^UeaQrBFkcuZ_?Z;cYIzWF)*+Dr< z#88`Q*LhD;e8V(Q$?-uXvJ5`=_p=8$4haRiQ)njNqAa{(HDv( z?XC=NQ>-4d%`nF*9<|%N$C+EOUw!|ce{y?go38VHm%x___eXgqBCF+hd*2d%0gj>J zSrjp-Z-KR9#D%lX$vQP!@7=!Gyx-LuR_qR_6RzNi+g%I1;ruWBpZ_t6{ImZB8u1r8 z)xtu9Ji#RE5L%39cBE$jn~TKy(b(c<|6K%Pf7{J%(TvxW&ox)%fsHM{FrJ&-32<(1 zE?c7P=I^eZsF3zXcAbB}KTTEFB8zoS-k33dQS%!mGrhWWv(l_RLV_pJ+h#UefMh91 z+0nbj2J2=Wo{Tf^qA<&uD*7;4E*;(`a+d8$Nypn^%5*8Sp}%^vv9 z4owK4(Ts;F@F{RI_O(`6ZKRst4JmO>w6Jh`CX*tv^DWy4#?U+En+CkoGJ6A%7e)u_ z7MxF+u+`V0TtJvZk0BAy<=V!UDbIlFyd_RmABq?YZAy~GO)Y!GqmL76+y#j&Ng7XU z35qd3M+uYu!nkxQMSsSvpT;3&W((FEY?G;Ji+5i2atTs|r;iJ8c^jR6?2&wM)#yp} zTS8zDDZdhX0f59>pcS7HUTj9&O-WW?<}AuGk~uR5n0}CF*Yw274u}gzMt}O|$Q396 zMOyTXV5wms(^JTlG>fpbye`OKvYaH>oro>=Xmrrb-U3>aaUF@4^8T7G2h5+})RzT3 z+ey!5ZeoMYEOanivlgc7KV7HudD3noC+;`WNg-_oZoYAy;+Bxn{P`8|>>w@rSLXlE zblU$I4E*^r9HhOsy-b+W=p;?&=fqN;!+4%`47!2b zj0ea~^4Wl*00(G@P3?$Smti+knhSBdMd!Okb=Y%C$<`hnFY-a|mN}`UL8`8gUIW|? zqCJ5!OUvM31-S|fIHKc)!)+{e){OP+_r;}6+36SV3o={3<=31TY9wks?UOzFEuBP<$#}&kHviGHs#cQfnB@6BrUx~~i zk2r$kl+vG=TV{vxOrQ}y+OCBYb@D^3sR6r+0MeU?jM33=$4;y`{&O&)N4jwfc4{>8FQzX2EF?eFuocpd%;_(^q<;vY{kZ z)rx(bjHS22l8vEmRHT$NS5?(DSc5?V!K%FDqIo_CuEoc)+EV#XlXwJ|In%Z)JXdhO z*60e^Ua}S2ym`l$BD-&WZ&KHB@#2!O(nJ<<`eYO<+jj2?#Isu&R7f5X=pDsP9!lcL z1@-d@+*=W46yfCigA+aC;gYXgTx(KwNv7NJdL$~8-P;$y_nEj_0&uv3Ha2gj$BF~v z5L?^MK7b}`@pLM2o-wXxPAKRvl!h$X8aOFq@GF$)4Y!JO`gL(tSC9W0FXP#GJ^O}h^$)OX? zA*Fou5;L-^jdua&KoV3klCO=z+Fdefl8q@U`ZiCt&xX;B1wp8Qm#`iFJa~H#l)BvG z0w5@1`+~I&|5pEI+iF+dTFj*GMMDyU;0VX<3huZ;ncN|P0RSquWgJi|eQ@J$raM|J zDht{^alkmSQ&czR>1y-d_kP-pj*rK^qe?(azcVO*wtav8 z29m#zg+|oMx8CSBpQ+tZ`exd20?DMB8dvB2dZP0~zl_Gt@7-|Sv!?|scxR>TNE3hb z`wPIqI&_h_Zl-plE(08)#M;8}zgb3HYafKu47WIL#;GAh7^+bGlpkn%8B#8du zzOJ?<77moDRcaSo)EB~FyagtYui0zy*g0`iO$tdFB;BBk_8|vW&$;0+LsyU&8~ZN1 z>nI5NhYg$aIRAG)H=1fT_N(6d&H!4#*cJ==1(`TfGfYZ_! z)6LX-PRPvH%rDXe9;K75&}j-n$g4kG2|AD>NX+w9#xRFh2Gq95EysawH-E7`QBTdF zq;pj?c_wiEI){%wiC(m?%R5{E+B&F3AoVD&5MJu3~i7wqGB!^2J#@+s`McsdjA zL=}j`1whn|`PP{olntVzx`(a|D#YR^yQuL6U|AQ_V{ABYF1Txf7@x50a2bYf-fX#n_9RFc@{WE30-_FS}sq6?1dnpzDN%&xo zc57X-t3@1X7T%}aTzdTi2+}8ghwm&7y-20&zD$_63E*gdF&w`}l4RY4K9;z!@!klL zLI@}Lt0N(&(8{-tikGY9waRfyph-8z)1v5!o)^!r`}-S~U6EVHZaadS;!VbDPRI43E{&cVy^nt$)c$xV}gzv8t z@DgUW;j-yYOxIToKW{%}pw{L&U?5n7VyaGUumV!bL{EfGH0*!)I+bhKPw;T>d4 zzmEgQ`jY-~hzbYK1yEDmox#f2it|m+?jBZkQdsds2~~d3u#@A>nxJwJ=SlMY!a+a4 znnQ8{blt-$qoNaVruCpcC5YH2j4tjH=Za;7QlE!=s#CB;m8ZE%1i@^;g!n?!W@80zbPFMI(ps2CzYpHyN= zU!9^GK^;f3$X_Fm;ma@B<5yIk;#b}tC2Ie_rIVoy{!`HUgx<;s<=Xb((+RaaC%ucEYmr2;BdZbf%%E&$4@q{F@AB~uz$5^HExmLcW%+^uV*H&rNp zr}rREmFqVWy3RCC`WFeu*P6#gS6$j^anHsmq{{EwwO7Y_G;WUH%0J^yQuaIl0BRqr zixcWGS4@bM;?!8upOBV!tQ3B~^A*h4Lni?Ls=*;q{o!&vo@^BTU5bCfIsVyOfH1=F zmhC7EJC)X(sWTh^GIL7axMB3hw;K)T$+{XhIdp2QzN|*aQNBz@{Ya1pI99=@&IR5e z2mXj2VqlR0gbJLfy{L5P4t*XRdh+PFYusw#fs@R+4IH_lI=?il5@9>PL!8A`JS_i4 z=JWH*r1k5_z7(_wq`!xaIv> zE{=u*dHRWc(ToNv9RM`|ssprtA0~Wv5v;Z`QDBD9eoNiu)o`Ca!YwPz<`Y7B_8tM) zw*HZc!^s0@?@wv)AKXUzV8j1RV*6(k@Vg{`SPAeoT!mDY%*;VT&=LI*$BnNd@8GG9 z5#sBwK1Lt)d|Q=`?^>GdKFTYQAkhcw1YdH^jYlFGq6J>_xaWo4*S`jU0)ZVBx_=yS zZ&+CHsRSW2_ zRpytI9Dv~Ykq<5eA9Cez&XPc2?^YgtIjGzQS0&W+Leq{i={~Q)8uDLk6ea%nEc@^w z0N`~`haM9yq%VtXN;-hv8TzCdflY`$C@I)aQmn6kxwBJI3s)hSr4;8w%gW4G32R@5 zB;Y6Q|2G|t2jO=wfMipg>;+(V0dz0@bPEntH2$wB8#L5zzy6#5h%$JuAXv+O%0tNY zkw@BIR3-C{1k>^}tH=C7(}9W_fl3B5B8Pg6{-YNFokyllXFKcZz2c3U^$+ICp>0>R z^GuzhL_%Sg;Utyz4XM0CJcjgJSptOc7EAP(Hl;XXU!w|6IVIUR4)gk4N%bQF%=aDZ z$AT6lVzqdTVDrOwY0=h8ieNK6ysE5tM=b~ECvDL?zJ{T$^yZDs3~Qd}%P-EmZToqA zv-(Cj_hotDsV)FV^etGUmC9DYkq~-JLQjQPw-*dQK7^)DCNE~5F?^7P2GF`8AHC>I zRc_|`D)U^0HB0a;_Z0SSi&@X1Y#wJ~7NI`YB97J(m(3szKh(*ly=mhEuWGZk<&Y(D zw70*K@5mXXst&w#3y;C%uPjBhP!aF-I!v4zz`UIp`y&-@lGGJCr-@ro_ z0FfO|dD%=s9V>aecFLmL+@=lD@Z$TU2AQfKk$AhbNcGCEGlzQUoGt$degWjw zoHGCc-S^KwUjPRtzDi0p*_dC6e8oqe_ygKeorjGVz?MG21weK0&_qVe;TXWRz5m!4R+8Cw}<6vsFS#x(9!cEe?qn`m2SI@Ulh zXZ;rR?ktZVYwoB-Uxlf}i(VC9xT455_|wSjc*yw}8*Gh(ja(Wk5VA=y!0!J=gwrvfbD zl(As62ZZ;-xPorUMtXL{sqPAlbHkYHR)ed?sOjeM4w+9xN+O!JYqVUIcYlnln?@#( zY7gntzbJ}xcUlJ1!X;Iv71Vqc44$()n%nok{`oGB)Hv~>?<+QO9{1ZfDK%fS8fD(6 zq2>Z3_0XS-(ehH5qA*l89!>P%+&I;Bon7BWT8z~DRH*YHRBD149#f>IYay>~ zE&%d-!R;(9W?0FdrnCrYUHLnR08+DoVtDQjDpB(Y(~?fh!2WhSW}se{-NJ`u&s8g+ zwSjP?w=zmeW>mr2VR?ku8A3Pq)tbsV>uU34ivh=o(!9dF1IkUBu6>n7+RicMPX+we?yKpUJ`cwn18FJ|}ui^UXWj-Z!KBXt`(hy1HvD zBlw!yE_*#dwM2YA-A=sg%bjoOtAlIAryg`e1hV?b>U0Ia^)Man!6Yx+My|fnD(Q&O zpWm_ndU%=L8Z(8D`0kx?ICP62Vl5Lc0M1`4u>0r%KBYYYXM;~^ca8XCqXm9rBJP1w zo7lt!fZGA!vYlc$LH>^RNQhV?&KAqJHqvP&SU1Tt!POL_Z>f26vcQa7XwI3ogdOVi za9og&_35rI;Ip^gN)Mj>hB`ZVrA^uNKFqcJZqgZ68huuzI!~?hsRwgol(Ym7ayb@* zmUX$ivqZ3ZvE^Ctxvme#`yv74;=)5c0b(M;cVzPxS-)}UlQN?BW=B-8R+VU- zFA82OBBXb)?b+nfeK#|ty!u!%WI5j(f@lUJ;gCj_9I_UAjOua6jj7(XAZ%Jc z=vL$Oq2dcYYF+C1BNCUb#`oV6KAix~`=?t`teQw!f}n<=Xy6bJzCirFO*{}@Oi>+b zsO0pcr=`-`;H~rhA@(cKNM~TJjc{}3#&O3;g!#_qM+93!=s`@Qv2`0n=lYwFr*Z>w z%lf2Ve@B6&f7KuGhHbZH+v5n9;~08*baOUha+^P`d$eur}XpuqWL%j4{R~nxQp3JlJbEx&1;QI8rp_ENdy|lN3J-V673?(2lMc6 zJ5B1X!I& zTYWNyt@hWv-K0i|-&X4gm+wnFw5#GB5o>unN|bg15c@N3wq3qyE4&PgW}0IdOvEknnIRH@#TB9|%^0AyP<(Odu}>i`pqQWSE0*q zb$ImN;424qAKvARc&@@E+(Ik3pspNwYW5DE&hDkXvs34ysL)H?b8d1_Q9!95 zrV|;~vY)!2o=H*p5KjLlcu9N`dNk!0qdYo?hTdu(Vonh|k<(j0PB>a6;Dlq2^ zIKJ92HbzPhxAqRN7VgBwAu^qwKixf+RA19ruf9Eg+wM_8W8%QTBS*rvjOEhHldhg3 z0lhcUq99#riqV_(Fa3pg$)z5{&Dk9nc=iiY6~a%F8v2J-C}U98T{vk=Ny`vadszNt zt+nKd3|7j=T`}#q-F)h!sWu8H4G%D9_e= zrn7d(X*1Np3R;l)E=JpUmPsCG)ozxNMPUNPrLGZ5T=cY%UL>Y-WwN%xqD%~@Emfhk zvi&S54oieksW_h|TL~5b>6qXGmX&E7kJ}(Kr}R0_=EnKYU}C~BsV|QajSW2FsagxS zo0ACUZ^{AqDiaqd8Gc@d%d^zsiyy4$CzJ0~-*8P@bgZACuuu)7YPmVO9a$=9@U-E2 zp8#P`0F^(dy7X#~6@WqOlxRxHCW)p1E|F_m<3_J`h9b0Vj7hJAYEi4k0y??B$kwp! zgEQrBrAwnyF_wHzZo-$VCTtM#<7SMhno$NSac?ZAqL*LwK#K5LM8jft#-3amKXAP< z-8H!IqTAJ#yqCe{Ey_Rzu*(V#6#1Kb2j}l>|B}6I-ML4%c&esLZOsJ#e!n%tunlV+ zdD>j|ttkbmnR=P=5kfxm+%eIbDtK6h-uJ3r^?ARs`PFExjGLIawcw2_LqcErMe;!% zdjvZw5Q`jNReYXKC2BXhU`v_d{d=y-HrDm@%+Qz|q#oa!Qe96Md(PI^&R6IP;-0fz zZt_B+%)VZ2&?k}!U^-WHX8Ji2ywhTW29>V+-|*wpip^rRX3{IBqNC_$xUG3~zeZEx zho?UK01N5MBo(DhoFcjxJJK~m4sUR2pVNJ}Au~hg41IV)*7Pa|d z#QCna%q~#qiOoQtm!c|UyDtDt8ZNlIN9H>&%gdE%sXKY;!N$)gqdjS|$Mm0mdX|KJ zGu`D5m5N^x;3D4yu8*+$THvCvup>XLSIp^6tl(VttBp2hOonz&x6KpR!^e2^E&rxC zu|OkJZOD^{=2AhN(N4zGa@6L(6QevDcMTC{k1dP1~d6g8pL?L0#p zb%ifrN2ZmFxC!~u*6~enAM=v}P)ZEiYX|VBJe9!4_4l?K?w|CuQD*o4+!*uNA#yhE zFrQ^9jQ)(Z)!w#UlAJGp!Y^?<>mCCX@B{`t)R!kPSIr66cfiPgev9U_fOz$EL}n$)G~D+zuGe+UtZp)&nA zLs1*cVXf)c>fMnl;ohQ8>K?ERCUmaXE!y-aAB73e-97*4;(hSNF7}HZv^vF}dtk71 z|9o%oIyz9?0Y{5b+Pa;r+K7{0cB-9?rQ&^?#aZLX(ZQj5=dofzAI~d3&7sz+*mMBl zzO1NgN9$-!d#aYRF~+6tQnWGs(s0fkPbb;NYCqm)Am|WwAI1Ch6iKH_7*~9O3`{}f zJ3ivVkG!U5bVIFcO({OiyM8BMCW!me zkwb1i(xn%s#65P9K#hw)rG*~q3UzNr6__rr*H6rCY`$YuZ*dEIL|~-yh2$4o_Ur6x&-q)9gW%Bdqr2^dQ<4n?C3mc5kJ={x0UOzXu@(>>Y|SZcNe;Q-HD^*u53A8>1$9rJDZzs$!63PF1IW4P~S=`b5~)&M#aM2o7=EA zu|qLiZN@{7e*MV*GG?*T{@upQP#wj>o!5VhnSAs}Bs0FZNiFdE;LwgJFn!SW^ptwq zP0q@bq(NSiV^_tG&)=3J_~D72J14(_YNtE@at^^gFUHkdvHrLZJ# zywLXb>8#4N+p}(ubYgH)XIW2-_ge=)PWQ0x+r7ROYc2;Uy&64Spzryqm>sDgTQ=+5 zWR*)d;^bq0W0<(-jsz!wqN&+$l<<%n=w@7)Gv3uzAn}YnxkoIm~YpkFeT3|xy0R{Ip8{4P0ZHkSo#^y}qNQNd8^ zQ}Ja!=#el8AMDardPwbY{T_wo`p?*2gj5=n(j&pae)-~{yp(;}+MxRYxiY4%B>*Mm zc+T(3F>S>CupOC2BT{Lu)pB~S%4Jo$Oc%V+@fp-6sX~4M)RA^j=v{NMX7KPM&hv{; z$NKS3H7-{m`+Oh^B?R_oB>@gO&GF6ua%X>(p=ZX6(D#T9dv4k zWsYna3JALZNKXwaw4jfyT}JUy{IQuehbFz+YWL&3`ZPHreD)-D26#>;Wa}*u96l9>aaZu!&rxE275raMJzh9 zuH%*1o%7*{?KGH7F>2;bVT9WNMU`-GkgzsCU!Y4PS3@=%;ja7!ppl6MenrzN}6n+##yE?GC$i()zHePEL^xr5_ru+ zEaK(2$io;t4qxlW`nJjKLgpKHgPgdv3mucd&0M=ivR-QE{&og6(8hSqaaKTJ6T0v5 z6MU9@hG!@4-tYq)T>{8O%RMcYn0y7Wl5oujlbpq^2)Oy4=Hz3M#)5{b@3h9oatjJn z43&wk1>`w^0iNWjSh)bm@-?yY%WKu8?8N7jm>}1eH)8rc1fOcV$%VW zvl1o1+&jb^m!H2bLci@X6SE;&F+%J%E&1hWM}EpYhcr;);dvoch`^5S`mQI2Nv0|s0cu0Rjb83sf2Qc_w zgns|9wttulMo&dO-7$}?3R|;Dk#b>S8=si6vQlG#hfxF$i3^cNMnIA_K#;5gaXQ*# zIdwW)j1etEfeDnUN=scVZ7uJjC*67DYN!>y*P}XZX+kf3dkVgVIgaoUBU`V};>1iR zyA(O4UR|9-&S}tHpW%5+FrTEYsLk{CSDMY}uSrr8Ffg&Me57{>JG;Jd@Q>w^q$%*3 z^SiRBfU`hf{KCt1s{QlczaH;4k2uX#3i(@92%k7J5ug31iWP5@sP?bx=bQmwqE^6X zVwl5Ub>RP7MD+J=w1Zdnyu#_-$~Mo?nmSZt)k4>dm)kWrW|=%JiH^LMQw4lnwN=s4 zS`YdSa5s18-U;Y8kE@J6mlSzh>Lg+5q(qNUa?39I7|SO2{sGqKMLCF6uu8Slw?H)8 z@fB#|KfH+lVv@i{|EW+F%KF;(-P`eXecK>(!Wo5b&Y$=G#ef))Lv6Uy(H77v501)4 zX88A_PFg9ptu(xT9Ls$7ZhO2dbC&J4P%K}Q7)wL_{#QT^q};=Hlz?)j(8tO~img}uD7CNl`Q$!+6-bHLs-G|?W-IS} z-`M}r_INMN;mBWRN4{l#^#v+W=Frkdb9Avw(fnNg@st={*C(X_zo&zrs$#vau$(gx z|zc^a7$UGX=rhL|R>dJ0~rVYL+zfS_e7H(khFO1b?g7bz;Om$14xt(@E>1dl=`g>OlO$@SUDNO5xwWM_zI=* zFApqq3VKV1iH8@yBB<#4hKk>PqST^&Z05D{HHX68e{_lNy;K-xy#;gD9)A~cbXE8< zCi6!__}n(sS+0sX%i`MgGh923x5JB_3!o_n?0^$nX&#BX04|+!V(Im(gU9!JUh-xY zx)V3=Ma$VonN3mOy-(*pu)={)Li_Fze*ri_qi^V)avKanvn`1n42{p zD6)#t(aF>^Xs>H((BJRB+8H(wm&mdmMRt!}G7$fC4u9O2MBd$qVw|#3n#oLy9!im0 z-GcqMJ;Mt?Gx)5xXYVMLL?~jy^itQ=NGpqMi3c_PB-#lp! zrh1^sE{u4QsLrM<6k`gsy~kFQEMkYah9UY_F8~c~Hp{FBfudA^F#;!owZ02cK#coS z&kd2ZGHk(-t*fsQ=E>S+okGIT=N@#Q zhqdw4XDq`-Pt}wPbG~f83{P=vf0%lS%rvJqc_37{>)}`qIZG1Togc9TtIEvpPsP#M zaqhff;R)y+m?^e6=nzb~W!#imp6v9}@_qheSjBSez)=+aH7i|il>};@0O^$6UcjXO zEJeY`9R-CtBJouNLpuTYFfZDR7M7fue_ozA)qOXAqqQK{CiKB4wLTtgSb+wDhYLpe zIR~nzyRsKC17S(-G6%=ENTV{%EkMO)rU6c~)Nel-x}gquyB8C_^LKH)s*15U!>Fi0?=J z)p!8~ z9Ik#`b7~5=AEg>0qIQU?KC0%u0^d4&>#M^Qh1my3DYKng<~n5w;esEvr|gLt&OWY1 z1k1ZT4!v!J56WG6j(`d+v{wLj@S0BKQk;^~dOO4aV(&epn(WrK(I8#A^o~^NN*6*A zq=`sTsRAlBVCW?X5(McT1O%iB2-16vAiZ~_1OyU_R7nsaK)~;L*IsMA>)m^wZ|^hC zch1;9&JP9ye&xxW&z$#t-B&>nqFhw3ZGTcpxwgAsGH>Jz8DQmQBDL}b)P~SI8uNm>xEEZONb}&|Zf8PyE3AA3SR8VZk9MPlv}#tVc67AGFRLix$JFwud2Nt3 z#~vZ3A#fxi3gLMdEu@XL3byxpFHB-hGqe=IeGjw;w7mwTuy*R}ks!Y&oAU8%Hl^$9tt9);|OHp&PqTJef&NQ=PHrsWsPP@c<)DO^V&`PVb z`KrB1s(HkbluY2N8nQylJHd;2Z$pk?$>e9YfyU@tk<3^W^~s$MGmVDa_h_bEi=7}c zSY>ykG8+fJo8O@LU)-cyav_$lpM6|_$Q{c$>n58R9>+dnlH_Bu9lizl3#>%Us(`Rn z(Fb@BR8=UF4KjBt-G=qsHemMRk}g20FDASmCD7!Q^O#v;fS>BTD4F>hEp?F!C7wH> z`x;D8HH?eehI-grvT%wd%vmgF-Ikt3&fnny>1ZqlcvKpkX%6Tdno|IL8u^IJx#Gpe z1*E}625E*H(KY{SO?K!Izb9y`fWR`5U^AEpfrGA|e3i9faBAhs%7>Mi)(7Y!^ok*A zp^qMmfZP;ya{aAJ)e;r)WvM*RgN2;{4kQnzDXd~$s=Tg{5kp{$RduWd(>XMBT}p)P{YGV95LsYnH^T9?L&U7UIr(gGg|LdAR7?N5fQX=X-h_#A#<#nozs= zryH-;m_TYsuT41hZO{*80B0f2qwJuArQgNm7@u>*D%O z&0t(+Qqbddo0xit8c7jQmJJ08VI=V)Ku4WJg>$_4bWsc}Z+gVhKE-~!cFJ*8?V>hK z*2WKL7UJ`wpPY2;dxv1f*8hyd4jwysI8$&@B=d?%S$)I%6i@T%+ptq@b-3=-W$!hU z`}-25Kk_37D8B#%s+acvtl$VXg9K-O@n3uhB+V1d_iVK~3B^D3@Uatk<_4~@+KORF z;PS2G9ldFMM?}E=R`dElEAqb==6@8o27P}}!?=lbAw`33{^hucN2XB8?la?l!Ga)q z_653cbbQ7`Y!GV&!&XwCr54a8cc%?g5KpdZf4gE<7u%!P_qMpMy%iWVzO9$7KQ}6L z`PpRY6ZbBMAxTaQhIF+()K9P&f|*uto+xYn+heY}Rnn7$i?@mR?(Y@r0Ua!5Sj-~~ngxt`p8Nq3FKMa9s{tZw3fKcNHf{ zRzibr%;RDnyOF_Cv|2I6F{sy-{1d-eZ5?wMuUnv}%;x)jKmwjyeuB83PxRIIK!8*M zs6-q4LxV^!Cpu^@Nq3U86|e$D8^;Zb{K=zs?GIzfp5H}nG&dVaLeBH@6=<44FJ+5g z2kK(wb~pppI6qiGZVuFKFH?lC>qFUvhx9%v2BxRPlF-J@PO9>a!`9w|UjDTvC;qqf z<)&H=8qB%bh=XGeG~5VXq(|*B$Njpkb(6AGOsw8j^!`Q_qxd=Inh~Q#y5dE#lW~?t z0!DybN*WcY%6ZTqV?(N)cc&8fLz3f(jV@ZKy-~hj^Rn~3CX_#*cStM#xlN`(y~N{L z4Y4dI!jG8rFK})%+oa{(z3GO43+v6UAG4y5CZ@(VS@`2M+uoeMPO6~v zV@h5hZn0K3B+SIj?R8*D$PmON6|3-Tke}NsoS3l;M~RdYCt7V(TbYn5@*1mMyg&Nq z6V~npCYJ>1;dk1x!8Ad*JI_{ELR9F|4X~rYYz85TrgAa;+8|o@s$@~y!=EEFuKUaW z^}vA-tbA9cd?lDEVnNj0Xyz`8gJ?c@~PBS!4mA^HOdkOy1w-uE?g1SJlM8dr_RE=8;?ce+v9#Gl zi+2^ghxNlc<^`>(vBEz5_d5&Ni{IWL^gej4%IKEW-4t{acgLp`Rsq&qwR#q4YHzGEOMjq>h@M5UD~2-{Y>L3KYTfg>Q(Fl<~=QR z3T$#75nXX3gk2r(ocy-3WYu1Q=Cn$-vbAVd6Z)Lw)u1+bn6E#=7xrL=XiaQvgkT0h zGye7|NoZp6jQOx#T`Nh;=tlwmX*+$#3;41!iXtL`UPQsW^(RS5ohJ5Aheiqs*Xhs6 z@Wi+*0QW>T?O%sh;mZ2YKExRVBO8;3>0f_{#wcV9eY@miHO}7^y&2f22Wxxi+B$&F zDLR9wFe}|FS0O=UnDF;6WUQDLpkmO#ZNbB5Hm$GM9Xv_zB*XHkO8+=9sUHHyj#fe_ zgHYE%XaywmV*%97&(==dd%)N-<6~P}_$=dHUqiURqT?oqBdY=tVem|cb1vETjWo81 zkU(?N$c~1Ola83Z51o=vTL4zWha%*bWK7I&ad(I?ENrqcaxZf>;CORaT_;$@eH@|wklq|`{0cHxaS-3e4Z$II7& zYqh?@LD}R)_Z7Qg*8Tcsb8+!~$CgArS@fb5@A6{F;w?wX^9GNfhNPyLfHiM!7M~6} z07rE4BS#IhzY;vr`npg+Ub1MtpzT>vtz)MVMM@n57+bD`$lImx{+N|c3bS9T47dQR z)@hSj%f-d>Th3|6hFWS4zAZVDvZwqSptR=6PPDj89XPo41u|caXqz{Vnp$&wF1$|KqQe2te2O;Hk+#sT5+!jHPaB{j9e7mHyTI;USf2|!I)?zQ`HDzF!{(1l5GO(#n& z`IN6dc<_~1iAsUJJp@W^Wtd@yctlVwFO|HLH$iNGgNR>Mmx+;#Se8Oy?fgz&zM2c; z2_M)osc>;4?it&2)vSrt@OMHb`+hrq7ZU#b5y%whbFKwZk;7$G;U&)*rgn}^(Ut)^ z(EIfB5K{e`7R&5Ag6@;j2C#|Juw@;>;U3Rs&^O!$HdG%cT;Rkdf+Z>XxQ%2SYvGKq z3J7F}e$H=fPR*7}3>=-vGYTKuBj%3=t>bOZZ39IyRF_#FVSVE!QxdNA!}`xJ*;~qa z({<}xlBSq*g>c^8I}{uv#4p zAIDDij5WL(#uhAmvJE9xgGO%+Amu^a43|<)+*kQ0#bx!`O}@Gz?#N8cn{W3m*uCw^ zS|_M<2$zEvi?Y=uozBOF22-m`A{F)ASOAsZH5i{I@EpavQg;d=FFAo9q@AK%Qh=A2 zyF_smK|J)aEt2Kd%C%By5`Mw}6mwt6rG(2ee}eWzu>tiq1|r|8QaQ>ss)alrQhMti zqQRS8OBk-X8v8R5#EunO3(CcG_sGj-wr78GHksHyds4FiNh24SnUhDBzYM$@|FiV{ zu#CTYD4{swVhFU;&W$@BMw6ua!%1RFolYzq^5xP?Ajr%v32}+%op!dA$#=h$@sa4V z>O31a1Supi1x;BI(J|rU3x6D3Y?^Us-c|(~qbK0PC{Z+dbZGoQXtRW&T zo`Hck0KEvIeeQ;5!@Oro#)XJm^qJH*w|^C{w5th!#l<2iA+{;4Eija^;41bb#l9HH zaVn;s_^6s><6vK@Py?NgsZ7Vz^=I~smw&^(?AsYy{$gpfBR7#1^)zauP5sstU7lpM zB-+@v6BHR?!9^*U(9flKm(3v*?Xpk3W-$3nT-!8yma%d2!_2@rPn&6m{gU4mG|R@} zO!%u(FE!?)T%=MbGQ`4WhmEP@!xl0;zjQmTwXcW~;afXiEYQ7_kmitN3eBE0u_JgR zrp>}nh`@9JUX;QB0*!{ra2ofCTlY~MHGDQJXnt)U_e5JH;<}Z_vta%!G(r_1=$}*6 z|Kf%zyL{k>>bQu?kpOO(&sYEb4RaNlR$yDOJ!jGQ$&axj^{u3b7r3HHO!Jw&7Os;A&bsYvk4 z$Nwx?0b4*utZ8R!LbNxFtR$r#XHzu(wr6JJYtL2N{aY8ieyTtF(9!~k&t3ONn(a+M zY?nmX_zWy*CsI332DTYJXWF3mnsT?%#SaXYs=^GihihBsr$#t~mjBkWuBzO|E6=nG z2P(UfKrCL@q`h)e|D3!bcuSXoDYKzyW}iLm#Xa5-{S20sCIwa=!gpWc4m32oiVyOO zcU0-X_R7mGuauA5;L_WNjn#Hd;VZ)}P05oLa{O`=g+WiqCieu)m=l|c%~kCU$RRI# zg7`5Vk$7#W$Fo<(yG*SCR>)I&!1Y2C3d-EnGk49D3nz~Inmt46ch_958aQ2IPzh1F zba>7Hl*EmiV@SBI&bEKV{6sRD>X{1jVFg%v_KnRx^o#9 z6BGHDCs9FsE@uXDRlnl&jML304xrz&c|J!^30Gw5?#;3?_J)y}T1!Hq(8l;Y&9decW+Yp*(;>n0WEnX(;unS+JhtxiZeS3mK~- zhIw;Vn8RB=1I)Ie-w`vIIo4@t{i(Qw1RJYefIn|tlixDuNKIKdu_=hzXP?@Q%O!_% zLPcmhh^?B5xuSBr(f8$PTjrSyY~+50oAUc0JCUZ_p2Z@4surNpDY(NZVRyelLU#u( z!lP)>9BBzjmpg8Kb5-)_+%n3czCKffAk~;L17#YvminPq1o((II(eeufT^%NT5=C-kM0ORQ|+Qs(3FoDk0Pll{kFp#+hnvT`}5mU z_tjonb1+tHwosbK%+d4y8|YIS$o3Zi!}upp@4uS1n&RJo?}ne#2U`6G6}{yA_X9&N z%X78jW1ulRq6xdapWKfnwP~CWDML$M!G$k&o1XOtU$X96sO#EN&9J%VSGvgi&c*uWLkeyc z>W1?}^#>c?)qs|<2K(mdVSa@@dQ0NUS#OC-~i> zVQROq5kEcuyA3kXUj1(n9j+hM-`hb6lkZbymp!0|cj=5fdI3%mYmnSkeUIL`4o zMh9!|WGy($*uSJ(0F_(NUHhcBptcTYwgCNN18w33R+afWGmB$nUrB5pnj>rhZiAbR zcz2nYAGd8|{UXy>BB69gx^5<=j4^jL5XU1M0v~#A0!*fYByhh$YIWGVOlioz^rGQnZQ?1* zMe$m+V_iUr-rZoPXz$yDRv&{UomJ~1y4w~i;|iQD?90y_!;T`$%ZuW88X6|tHa^$r zglhHJZ`uW>ynRej9nwPp);O2Ji(yTBKD(iP+dh7KvJ6Yo8L`PJ42W0=MQ(lT|-Kw&=L*lEh7Y!7IY&nVmg=0ut zc@aBpj zr?C2e&u3wR502nv0j;7&Z^zlg5C5KN0tnCL4XW{QoK=O4F=OjASUWF*bi*`T?8g_d zADfpSr_uyTM}O|=^$t4t-a|lAb`);`!YClfF$XB$0?a*wH|@-m;9FI&oY_roT5~7g znuW@uLMoCSNO5a4ZJAKIZ<><5yBYZPoeLBZA@}i9oDo+NMzvE#7QRrtI`+m6=kKP7 zYtwE2DSH~*YRKi)f04?>|L*or_*54A%4SM4sot7X&?MlivQ!3E$p9TPh2Y=W0LrX_h}g!A|n-y!T?bvi~{iF{T6 z)Ga*xbKWP9h6O{~oe+^jcaeE{4HwguLx}kiQ@V4hjA`9rMh2x5H}s-EBHDrgArGK07KI-muIe=!|8gp*xP%s_qP zvki`I{r0E+5Pki*BS3jHA~UM%+eh5zLT62v@4e6dm4QV#gmC!{5@N@6Tz*lx@f$Qz z{}+PRe^;mfpO7#A%4O;8IP~JCg6|n)9WUQ*{e=tk2lD10u}|eD5D_AF$%|an_wd5( znlxd};^{KjkRa@e2#DN4PI~!cs#Ngg9AWB&fWEkZ}sqa#5u8$g((1X)Sx7SdZ_dPUn2;;GJZ|>>o=J3cq z9pbG5mf^|t(K!`w*W$gYa_C-pdA?qNiwi7GAwP;igqJs%@v$0+AQ*HdSj85210imq zIV8Bba%a_Rf!e_E2M^TgRUaqu(j_ZYjo0S4;-QV;3*MiSf-`n;Stl>v$YHDqL9evP z_;}XY{%Dvr_Kej(hfLY^NJs@6Zq z$JBK#Ga_myz(T7uG&{$)ljf6dgfGZ!$yJR_rfW&vri^K4&DDDso zrleIqG?`2ZetrzFP*1j5+Bz|kPx2~0fVcAGus*-h!DHu%U<3U^{`3C$pR*h*z-m0k z+FT|~{)H|1w<@1-;8J>LHt2e514bwW`f=ux4>F})3Nbbx-jH~Go$`}kfJehD8Rz}T z=k|Wh8X|?B1lQH56FPJ0tWO?u5n$Klkn(XAD2V=tYMeeGf7kdG z%g0;IZD~Tu^`o`()bn7rWlm%#ZlgNHc(HR75?t3d@){YOn9-;8o>z2`!v9zWwfb)h^2XW5aJ+a}&1 zEuVL8Y^_XyRzhC?fL4ho|5$NCP8F2ce|hmVQTvI{cLsu0Mdp3zMG|IL9XsC3eZ|Fu zydtBrD052mMuqpThVMidXVGWDP5nG3OSsg-xaE5!k9jx~!rCQwfMAL?w^hdI(WCF7 zy#_KLNAoiTrX{^gu0K}sDigL+e?Fp~Ch|t?DeV^;+#q&N4=0OGAYXumt+LrfKAYh) zOQl%;wxTsV2yt;P`f8zT?b&7-|E5-?&X82N>T(uNe54xLWWo78Lb5W@ps27_GRy5E zO8|wCLvPnNr|hdj#5VZ!J5@#;u6}$1O#B{Ww0jOH12sO+K=C)`n0;HJjk)e;!H>^n zJ{~ST>Axno-#bgrll0o~%93VCPqiWC0VDp|H2BsU!D^cg87{X+zHv4!GraUnyzt@2 zREQTiu~TMeN-UmpHFx8+fO~ZtBOy_+d*;D@0%omyR?ZKZ9)Y-XWhcEgJ0~;!;dZ0e zsrNP_W?{`Gt9g1j-Z(1U-k+i>EnZ5Eq#$VK67)*1s~U19(cxc&n^L}g1hqGwWw%Uk zkJN>-X@j@Du0I_ppX{3K8;!6NIaj+4)LxfgrJRxCIW_29(jDKXv$T}Lar-=T%R2(! zzHa>bwO{YiE02u5E59KB+(1mLbnKA!ULQdP{M;00JP9s?N3_eg&xpSOMy!?(8XM|< z9!1s<7DWHtC;nj~XD_Wablv}c^p}2wAxUne8?=EN$%nEou)mSEyxV1cBa;~vH!!ue zSDfQdWJp^1C-O@S5_+Hy@_*4Tjg{~HWTS`E3q;z4Yq0#lLpS<)a_h7U`+4lLKf4w_ zbS-9QT0Ni(_PwOW*hGLy3*zXz5D#fP1bTyUg)SK02Zqx z<5z=A&(~rQ`24F2(z-`Ra#LvW*m4&9R7X5=y*}QFVEkMY#;*I558D@qJ|NYj--GXW zP=Bjv-W_NQ<8OG@IcOfQFeW7hQr*`-m%Urd+O7h-A{f#ykL6>pNy@(=wd}ztG z<|vN{4kX2;u4FL3Nr()zaZlKYL@1%o7uOxWUs{&K9q)9W=4cwaOAic?zJm=PXJN}P zxwCq2I!WQ!yWDB$z;jdm)SoH`T6ve)x7O;H8ygR@bWLt^SqAsBM%|%NV-KRj<*sr^ z&>0k)2TJ2Y0xipSnO@p2DVAAU?Y^w&IZkJmtJ8Ns(dT|UNVHRGe>Zpo+-%61$Fv8B zCcHk$Y_Iz$SL8!!p;=k%$2phbqR_4nPV(dpAz$8LdDck&A!d~D)&YwQ!Am!!qrU#j zmAhZT*U@g2R%Xs0$IWWLde2J;9>&L%0Es@Ii)Ny-({3-d`x^XcBzcYn+1mt7y(DR4 z?ml2#z~7v4nEItkFI&3vGU3>}tave-_YhUJUmU%uGycOi$!6G#xBq*=4d1)&!~o*8 z-++nfLFykD6`Jk(Nn2!J-`^9@?AzHn=Dc?)$`0W(lX#+ieu}1I7-bk>p=VKGAo!tQ z#v;R4>CEOcnh`&}?}gN{h2(d+I?WeIF>{1A46VEOc&TyGR0J*Akl|&Ew-t+{WGVu5 zBOXukVC5FKWpILxlbd4K5isj5T^_iE@%1qK_hgISdWY+TpMXvZvI4@n^_ebT!#>EU zaH?KF?#RcKE{j(;Hb?g@EjzP5Gm;A=E>Ct9IumjTFvv?_wT*3<}$ zL=`GVU%uPIq=k}ghE8Cw!zE{*aFcu^VOaDG}Y(7vcxMxao8mzl|92XeK+Mr|}JmVMK3EJs;e>K^Qs*w*?@*v*pZ8 zV_049%Rn1ULITx;<0*5QI;7b2NG`Z>Y*K2_>$)I4OCpi^-ROKL!jcBu9p+HH9&-Yi zcY5b+557n?>5NQ9F1GG?EsT3^~LFFeN`cy|wDRmj*A7J0^>eeLHQrz0RK}fHK^UBAG_NO7`60jP5%xCLq z4`FX%L1)JbFMKRZo<)!8?S9H{SY}<;$yhTzjE%LYWg?m&&IS4!3Lpqb167%UqM_Kb z=9-aoXlb31byG5HZVYEFO7V7ATX9G&3}@&MgXW84&e}j1cA&PiBw&CZRzT1;o zFkhLqB@h(#xhmWzEZ~*N&@4o-DH>ALV4mV)pzw_#YG`Q4DjWpTO9*CTgCI3KB7lsv zD(W3YzMU2OuSW|NL38WQrmB#(CO1WL-dpu$blh#r?f30&@+1?amRt@8QGdqD zA^L4gLwJ|C6wbg|XqqY&$bzZUIFE}psuGAjE#rZGF{RXF0!>VHII5CBlAI}#%N_m! zsOqJ6_u2qr>}AhI;Rk40+3)^KRTH2)>#*mPHbWJx9qUIUmZ%snB9& z%c0kaqYEe= zvyV-8)9bL%s7$Gb;89962&Iam!>abF9(6>&^q2y(;TLhYq7khj@Bq^!vx0o?!}W{= zcEtBwSUeAnarBM6sO#af@d`5{ys;uBt02In@$Wi2!lBu*LF|4m>GzGzNCr7YQo zYDM&jEcta+ho9ydmHgg6t?#gN+#tJ0OFd_dQ$}S!>`%mNG`G*p8HHR98<{1W^^oXU zS`IsP5>r5hU)_4vrj&Y9jp!z+Wa;IYg(c3h=aPLI$Oxhsl{B6DrN=4Xjf~r=Oet30 zW#z~Vk!gO)e;%%Dck>gkIG_^k!bt9Ys~rBcV=a!WSmQMLZqxR4+9(97YG#^x#py)x zd0KPy)QqUV-*oHgP4&mgf=eSD%_NPv=VCZM{n3k)=s@jH&QxWKyYhY~6i<__W#rPC z!i7JC%qm#%H?=j#Ytu!&Q&4eO*D@r=aCfPazzR@5B1*R5^mqt5fy&tk=Vpn)x5mxf zYdi)dBF=K;9M6}f8%8|Hx$Ipc?u+VN4awvDx`x;KN_nP#5(bv%%JOSnb^)Y%x3izR zrDog8Dd~mrhe^g_+kn70S;@WAyne0(uCO&Y^A?}}gc$f13~9ATr&958A?>E7`zDi} zh<)x!+9oS$E)OM;m;8MBau81A!|D0+QO6u!TQ=^pplnB8@lL=k7injYCz=5q@#4Kb zk-I*E@+1b;7&Jr3 z!Zn`gr9U;VrMRZ$L^x6MKciRcQ$6&AQ+Di`V@)sPrv3%BB#gl}^}GvID(OaXQ#l>N z()*aJqxQWm{oknH&|_qlPoXuLotJ7lV3C&VH%o?)rm2bIv{4nkmGwDbTxeNUB*La< zioC}`iIZ2J#Yv2Z|5PoW%RyY`Gv_hcS}Y;rPXzxK-X3Ko)Nf5Ui)XC5Yd`ICp}2M* zac8Dm2Fkv+;sOBTm!!Dj$5?}ID`AAb;vm|JMK>Q80ZPDSn%9JE1cSr;VuvDd1xYN| zSgsK)|65f_kg&!XwAhtHHwQNI=k0eZ*lvOfC%G=2evXWuo;Eh&`oNx}>wLc(^8*if@pG(W3s$Pu~mVxy!iU-tvf$%5X=A)O#lu~iNo3a20i6wfNxnq|8?;2-}hwp zH^~QpM1#CP5bCcTM{C6s|7u{%1wnrndfW^E|Cj^wrfG?d={fwe+L=eA_ixKfI3B2n26%tDmaQ1=?l$%~Y9;lWopzD0GT#p?nr^sB z8iX5uIP@&Pb!)W#?grvmyNQRBG$fE1)d7M`o56x6@w*FgvjuRk>zO}|T0|Jey`%%D z2GmP8;u#+ssedR9rjGu{68#M_r4j#1iWfPE20mxXz79eX%M{=uZf(41GHmlWetF1u zuur1Etb%-Zv(qk`JT(&ZOXT066L8boCl%3}$;+z?#A$2&>DCX5xrYKPu8?TYZ1^Y} ztvT)e42_b^=eL#lTOUuF6=*x_Gfw3Um}BVKx}inm*!8huRcNw$J@&F~i@~F8^&9wM zm&g7Nu~xcHzHfk$#Q=dkh$iPKj&BVP81j1cy^I_0wWKoD!UUz3I9YftJJXWPELzT5 z+ogT8gpPbz5Hmu%uMIiXHs1oIbZe5-cq^-$J3nE$XsWdA64-eUdHFl>U!T=sG6R*8 zs&z~hRw`)r!Ulo22aPYPod|z~fz+r?`&;LF#VNXZ7yGPl;Zh|dU*K<{(l8f&nG*H; zP0Va>CckAr5H&9h5k^Y#f~|BGkL45ZFFSzb1MkT9DXW@HyUs46eU7SKF8PwD^%@c$ zHid5(L>=h2Q8deUsIf%kF*uAgzz(ZWyH}86FSv$`NS7^`i|!TN@+R+9YF{ zhvx zxmH` zeWDPL8cKF&5xyRN2ZY^!xYpkr=he@a{w9z>C}cI}J}{hUhq(TtpvbCzs0|h7ixe}x zg+CC?muhpQsL^@y$plnTayezgR9T;G+QY?;S$-{0x1+)_>0PGvx-i?d!9|oJR}RA8 z8X{=cKFuo@P#_IXtjb`TvIFS?HBxTu{)bU}m6X*L8kbgyI5gDHsAcB(n}v0E;W&}? zBaej@9dSF`+dusbZUy&;B)bxU9Q)7J@rHWhmPQj|-VZ%IN_)LvQ@uW)8XBrGV{rj| z8pRhif;Xe8Sgk6W$X;vT95_^}Cep=zU%QD7YAS|FyyENGM&~k^FK$t$UD5GASH)@V z{UW8S=)K5m{t2FV95`V19Q{P@t`5Pr4Vj8~;C)=`8oQN}=@de~0Fu^DIT@%~((QJm zBQv0EH`|!1@#N-%34euYbgG$u1hpxD_5i_Gygn8ld!)($qv>j=Rs&deLF}r$}F4~O^?ai(2jxN1cUF`SohX~P~W+f8ZblKE1_jUl$u-2eAFge%r#3C+BJPI|8HkzpzZ_*ar1&);FIfZKd|ntAO|T7E+H*(B+Av;@b5n!$D{V#t zN}Su-su3+MnH!Z{=KNvi?}nCI_%GJxDnKux|EQ%MaiQI3^3g|10LBiBc>tWQ_hK*WoeA_>%XpgAo5M3NVcV2A2rWWh7o<}87D=3}JTfi} z8WkNBoO#G$1oA!lJ9tkJRf^;8wD{5V3=Q?_ViPPVhumeSQa><=cF9twUVWbWwjKt? z7XpE&&zqpt#uhbfz_(Z^#lDM9kF{8N;K^*;uQg4IY( zt6-*Gmm=Y!a3E7sZq3!Xrs4m{-?ql`SflX1i6hzLwRR zokC}S@_jG`qZ)w%$gvWXNA-`J=>L?e{6C$`5Jq81`)NX!>61`cgI)j&+?vwzZFT12 zsc#bTUyVq#&Bw=qG>QTPag0?@8qy-L#a~{=b#=U*w1CBrIns;|J+>19b1BDx{EYrX zF>)oRDc>naaLU!2n{Mk^u`=Uj&g0S4U#$j2+ZS_johBUKz})3R2595032>n($?$eI zoH=S#k<(9mP9QpfokcutiY4=l!Ihq*)xz_M=lyC{E)GGAOFKxmv+2*(8#Xp%Z zE=jybsZv2^+3!j*nr5d3_&=LQsoy&8+>m0niyKK6b0yd=Kyi1!a_c@;bc<iyI28(}#De2SQ#_T3gEh{%PM0HG+@0-ADEi)+P zPSb>Jgej-?)thZ@9j|!|5WO@Ay&Uvs%CE$QocE;5C2X4Mms*$|)Og0mPt-GE871N$ zM+t4L1wT*|?Z@PzUg%Zw+fW6H#Gt*}0BdMVf>O@jIVbdU}ihhA?w5T@!5lf;zctv zq*nFfqUGHhP0FWFMR-E{b!8SU-E}m0mEiO0O8D$0 z`;0wSHBxr>H;4iEag&dzb*!+aOoJTSw~S;-wQY=0I5qN9>5)Q|=Wh|#{@HW@<>LPZ zZ3rEB2iv{c^ky9v_z(;4RFp}|uFQ;x6c-=Lfn8r`*@E+_(Qeyts}Q@)iQDJnAsDU# z_o@vUlN`RfjP9R@spjP4qzSfaoHL%*t_49T5gEpbt$3aQ{bo-%l?hgs{Y zSi>3bcAYsi4l7LC=(ILBA*_ro-EMaLs1P4XCVm&}hmm7^O4Hom17``mM@7>qO2Igp z5oE)*gU#?BJnefSzLsR)&N6r{E&AK*ha7c*ooe)#tlzs{p2_4g{`%~NmN~43@M5VZ z6yfkx?=2=JeZ<;k)cat0X}V0%{t>_}6Y9dg3zS{mr_qhg?iKUKJ!SpXbz?JFXci%a za=T{v8R!UQi<}d6Pu4!y#e2JzxZla6z6M{IMvca%SmRan4N#l;GC3ZtnAEv>J}Hjm zaY%UGyJTIJ7u4kIu@i)FlrSKr@72bOSrV*q(_DvM@=m-6Y#V0zLZrMO>>wp+IE8e* z-FdDkxM>JzZgP7%2yuRB)$ZS*7}Fr$+7`^mTp(|FSMrnjNE7X-Q_RP~c0qL${UH^r z!XNwu?n9{z&_^v{3Nj8riP&E?k5CY?isz7zq@v?f@*un+2$w59!fNL8WL z6U$|ZPvTAQY)(wlHg&Izs43ytuU3;T*`ifrRRl;PR#U^Gw?;Z7<9uKvt#B$OO1ZlnjX^>CB6*gqOnai=Lu_qH*ceY#aa+=9hGy`Bj`l(2iddvqDpx{meT<|DfNxpJgLhgwbq z9hkRx1Kjh1OD6GPY(hk0Bfuzhl2ftTh<$p6>-dW_D{~11D$lWckxlP)gP6+8d=jsT zT|seuMqQYUKb)4Op~9u1r;f*bGASb8Z5P?a-xaXZ;RzuJ#!c1#5Qzam;eR(qnRMJJ zkQe85eiv_CbCKr*r?40=fSf(t%2b}NtHBB+rH}qByuatdc^<3wNxH0#e!bZor1A!^ zVq_uA`;*g3^Y%B$d3=Ge3r=6r(S#VM??-)^yN1i^&f&=BO*274RloI%4j#2=^I1@N?(Nte%h`Zl$@1s1KX%xMolv{sX7P>5Fc zQPSs-?W=L$`SSt)34{I}4gF7kaVu+LVo>Az^w@j-$H8Cm;w~z2#oGoSoK7B$_4lM{ z*~pJ2N!OJ7{kV0daIA8~AQ@!`I-><1?J0FgFw;M}Zm>JykXYHVQ@?MXtTg7$4OBJ|#JoW}x5IOf}RRrkQD7)DdLbG5V7kXy~`in~XVPo{+ z(2r#`?2|jZ5%G7Qb&HB#AzKZ(ab@El^{2n-fA3f%eHUnwX~6Dsrv2rdd?TLIlj$p1 zPe$Y2k&c~az;my|to~w5@p>go()4K!%O`J@@pz`j_yEOY7yYum!Ys4k+phJZ{!mpFsl$p_s0&Hz#5(H|!? z$4m#k3VSEI7XwTZXu-1FQQ7#0NgI=3o4QjMiAh(R5usu4KI@8Y*{%gtCMY?%nLuUY}3~YtXLXC&Y?$VGu2MJAYVyW|AJ+tMCaSI@{sX~6& zvCXJh=#C6k5W|5TK|o^0MQ*QZxMEmkL%=gEch`yBCHwQtk%?WVADJ#!?l6mS)4ngG zR8a&h5&Gc?xum8xQ($l|U7)g9=4PCKmARGnr^SZyMw6+2j%0F;eLn99mH}Sjc)0Hj zK{0dh%A21n3lKxR0p@LbYiixHxurzI3;UKPtHq)?`HcyGw=_ew`6Y}Kp=Wnb5Z6~% z-ukIu`-+GDowhujICpd&o+G7%@8rMu>s$sK>>I}oFh{W0KOSS=CJ6S>dua4-!p&y-2EO}#U8D_&CfWlA1@UUUB>t^r4MTfMtswZh)dlN5XSQE@TOYrvmJ)V8T2*B*}9we=6Ol?J~|{lER5q~Tc&a5{)PYrt%TnRbAG z_Sb2>60_H|{*<+z&R5uZ_?FE`abnPfjsow0U?WOid{_iUzYyN>)@`O%=E(dc0UteIiKPDF~6niO*H)yJ# zJQ7#xZq4mcrPwv7u$IB@T$lN*s@?n>bT?MrHk(Vwnoj6_h~Q70S1RB#OSAVK+oXY6 zKU2wlwfaqk;_l??^wGQzd1V3Jf|bmOc$GwXVe_;tPl5>dQ3ua@KX2~);FmO=S^9db zxnYultZTagyJhEbUXNz;(>1HV{(2WH-(>tGEO~8jL8@$+S58-q(Pm?%M(wth->PFg z-n{b3ctHXUyi2wm$U@NvB=yHRc_+TDUprE%5K@a24o#;|_{BGdri97vYTdf54ZaDM zKIg}kX<+PH8T+D8mf0HG6Efp8+w%0VHk)@g+Ago$JnaSEQ3=<%(DzjHU*7MK`>tl| zPJx`;o5Q;Fa4{=tRh8l_j@Jw^2hm5OlgiTx{LbmVrnF3HN_Wp~X=?HZ<;hktsCG&ZZ6&wKq$nBNobc!SzrJ;q02 z9&dLgcMp{(-*s?xr=1_GpB_2nd=|5RoFfQ|PM|2m*oEP3KAuN|1=uCsXc)Ll|&Jg0Fv(bdQQQV_^Y*#DS-C4EvoV>@Sun8dT9 z!zX@JTHJt+c!Imm2F>}z`XO1k=7(w=LOpJDfcJ53Oc0gJOJ2M>CMV)UFPhU4Ks2%P z(fnU4CA@#NPKy_({cvmiRz6I`obpYJa=dOBM8ppWor8q%I)J-0E@jOv^5}pCR^)yA zXcVw&Z*@&C8+MrJhE~BHpA5bj7JDx2Dj0Hb(mCzz#yrB{5UlKln(MM*fyMML^E6@w zQ?V{x+%y8ydvPB#ssisLn!nn8P1X$@M77n-6z8zRg}+(|wj%c!PHi1@NDMkxBDf^6 zGhiRE%&msO~8C$xRoQGnuYy8^l+PR7A zgbQ2$`{)vYgO-bVxbhlK7(@l**2{G1V8LD5T-}!X=HyGwr>7SshW1QPf6>N!oByU} zvZm@w*)b==tpw_zIqtfOxrq9 zmjTeKBLhJJ01(;&{E^AwKoLOtH~io?Xl;g|Z7nxu83?Zqei6iH+3kmZC2G<#E$&@| z`bjnIOjTmQz!XO)6T@DBz$Tt|?L!xOK^~?y4Su074#d50BN)*rw6H|g-j5@0!QuT` zW2AW9Na3sE;byqR@$B9BuiumJzGcwr{6c#7H;5}xmb5p9`;Ffv*W8P$UzVTt>UYnR zoYUq~x}8sq#XS6hI((itUS04enXY>Npa>bsci>oyvT*DAc6Hox25?6-f2IAXezJVe z``w3ts2`O!!(pUZ{7!(KWSzoeKx}#qblXbuI2q$mL|t3w#Kl|Pf%%bAy3^X8?L)-v zRHqp5Vcd05&^ z+D@M`w*to~Pw^#zA22Cc=svk(A{`n`|*_D#f5Ef&zjfA`n2SVkjyK z(v<)qK?Fe{5ydDF-}%b@%JshS-o5wzcw^k38Rz8Woa}Y>-fOP8<}8AhMi|H^lB)rX z*v0PvIyeQ)S-C+DWb=f{ivp6}P{lO|!q9ZjyywH(4X5tR)}~1H)Kiw{m!avBv!`<2 zIyUUeL?JAOR z#YNsYz^tX$Q?akHRKFNIdd0;K;wGgQ8?>Z9CKvc|{p$^v>q{NMSFSbAOO2aY0_QvE zW2SYzThdKWYBsfqt1J^U$fjQQhgwjNP@7%_Qf9P4_&NI*m$4s040I=RW%bE@I#1cr zL9ZL`V15SV{vTZqtf`_8vHB?j;d0uuv1bl8jQR4P?{V+mIC7D0sJ&mdXyF%YMgCwj zx@rz}K$Kb0;|zmkN7LR^tF~pioDe|=2R%^BXHQ^r;#|=lIKr>ak;aJpFkgbHabc)@ zkTqfu5^rP1kqmfx*|dAFZ&lMJ!iRpJ_;>L)xNqSnrd{oJ^Il&w6Odz59**(7hiU2b z5^F_K)jz*KTi!MVZHbk&Q`K)Abhi>)b{0N@>)ydGdT=tsk#l-GQz3drCXlvf2KLFs z-#WQ;;YN#EifW2=G>6{j$??$McdfzvE|XGgam|`ClK_x zkvN|N_lrY)6|qsinU}J=^Z-m`XZFOvdKflwnhPr&_X^7oUG{F(yDekhztP<&c#?c_ zi(sm+ajcv-S98VL8A#xkmsRJe15HFEfc7X~FMsf;7MF!! zz~&FImOLASrDu1V3hP2Mt-JT4j!iFEVLxoNDRmu4&ItjoI{C_?^BG2(oF}V<4BnfG z+ywQ>M$w9O9m5T=-U`E?O*DMQHV;)U=1G~Dnd?xIK@~Y~q}{vrxGqmbpeNq|Nv8fa ziHv|omTY$Cj4J{J*?B`^+m{r3`e&C#8H6?1Ubps81(nIXwkyJBvgu~xtetd_OUy-$ z)$EKD9%hkB0~%}JxRRr4bn|xb?q1EgN(RDDJG23^JL%aetq^LpX(vkrJg*Gt_*Im^ zLiNqvKHT$O;>t${kiH2rl2{?H4sHry= zhn0+jFoj8`!ZAG3k}R*taR}iI|xMv_CQwNW|g@VHwMMJ1@ zu>!av0eR1dHJM8@IIV5$5a^8`(!`v}vI8|(peHqXujAanNDF)g#fn=pAf!0OanP!Q zxD|mFc0<;CAbJD7thw8x)eA$BDt$eSleWc1PtWjev|VAxDT87zxXg2?jX2l} z*s&+cG%or%3Ba3tU(3>wCWO0B$3HmiJy+8cr6YhkXZx z$sV3wDlG^PcVy$Ypi}woNAS%Puh~@+!p~@xRPwd}`(wm5_Vkr9jgHigz!fnCRt!b` zrmc!Q3u1#&1(yN~^T*fRjqAy|WaVo-A(DsoC|u=rfBp(m{!F*aFJf5iNt`t6rSfAn zxbnmOU*#g>NInN+TbFgBW+N{ER4r3qFZKoJ<|CdW3|;&uo+6q)`+cCq8Hcui1S`WE{kqW=JYv0u;#TR+CVE6#u!4N9aCF<(pQ(-jOX=#Km@?OTjMpjO)S zk#RnG2jbTys8PI|MVu?o96@D)g9k*9W#IbP?1NrmzES5#S#o4%v1JDX-H5NSYT7qV z;ygdm9XPNK3QfhB7ra!$vqO|2oE#LaznAz@yV|Q5>vCq57h_v#H8a>FR{x_6_UQ0( zgOt$N*jkw|{Q67exrlxlzl-u3igz5JcH;~v*Te|t~mO*%Ot@g09oXWX(mPN6D3K~z96AN^IEhQ zPmDnW)y~|l2E$o`5!7x00lhxBxh8O7`Ac@3VW6xyV?6Z( zOI{^u6Rw{~l7y#Km6M73bIYCq%N5NT-P#*kdA)*HGt_qMAQ)A0ykg00+Bdf_IchKi zC&$A*KxHSA#(m35yF19nbr*)6ukxD&%(BPwM8N1SNgIIz1&_tMQUSmR_;yU3!}b_) zx_{stf&R`>la7MrTQU4k5`&<54PqiA@&fK7hk+ut#T8w-L zsJcTWIf9+Zv7&i$uTw`F^MS-~EcdqzM0(BooR||C=G`9Kmn^BZyVcNh>roarWOHPt$OGls(V#%NR4mn(ZT>mvv z&}={|>MVE69ytw&i8{yp6l%6O14=gW8zvPKcM)2sRVF7a@y7lUP_mNpxajym)NN~w zw$#yN*NN$VOH?ZEJ7BYCKi*Rx5HUWn;fQJO@!}2~!wS|A2W1M9bsG3gU2BJ-BO~aQ z8jHwrT^_A3!fe~-{Tp+|709i9in$^ji@F&sWdKM-BKd|0K+3ou4%mp^=1q_yi-YI~;={sd18 zBThJI?GV+uY4C83{S5SJadluGwP8*H~(k+leM0%`C@z zxNo@hhwD_qa%80-syKM^4?Q0$nNGgSs)m&Nwu6fp-+9$&Jl(>XL85P#6em~#+R1>YThDW3` zUU5x1JdT5meTsD;O$;PLHMcYoS0)#oVTiDO<(qmTrU-16x~fp3cJLL1G#Q zdq3iN0Dg-3I20?qP>97Fn^tyKA}>_mb7^#mSdrCCRd!@N%{Wk{!6|phOzaOxjML8v zEdBz|)EqHN%5_|VP3#kl!EOx@`hUYe3QM!%5sx9s} zTl(h=uVko~Bop-$Jv((7F>g1ftz6fd5+8OI| z6!0kKt4NmuRtBKO)(W>G&Tv`t@d44yO3OQL6lT`poBg9L44u+&!KX^^(vWYY5;twn zowJsg1m3H2h#jFvrhwJ~C|RA_`hpEFPdiM_{oBn1zkm{61w3blv--$0CGOcBEoC{3 zN3Spas>%2RT)0GQ$KQSJu|V0isaD>Ht!7%5Wzn8<`dvFVxFTuV#-0vf9 z`)!4LRIuO2NB*>?Alz7bmfyz{jk_u}gv8}GiFM*~i!4DSBp2r^S20VYAeAx}>6UMgd+`pYA?tMr(*QV1+gqNU92c+NO z;7-hzjpLhpM&lGP98~KxJ)=GWAjan5BVwYPrBma0hPkoD$p>M>=T)gPM%o!BkF@UER7F*3v#JLt%umtWZf)N;ZGDW9T09sMGK_J zx6$Vl!(Q&U={iB~jIJybntY~}_Uv8Mm&5>WtI^|KvjM<{Cbj0`XDmBL%!(fIXjc1B zcO=5(0g?53`;zq8#}Byg&WS4>QfbdW_=+Gi7E;E;WvgA%|;F(?HR*cdy!A?m3@s zY%fbc$SK$&4+2>`50>y!5w)4D&LFEr(Xbdfc{Zt{MS7B z-}@BR5g*ou>IB2d7)d2OXvOlQa;<4as!M%-2@~&vr@Y>*EL8Mo2I17Sf>nFBdT5Y`QQ*Z{5FqenLM{|0b z9u=XDc0K@G*CG}aYuggA8jta)L}1L(T2q)chrxR^P>na$=ap}}d(?du7?-b`b9Z77 zUV4(N$MOW zSnJ$j9#!k>JClJ)dT*~+CJfYlDWT6%E)r2S{0K~%?sm_qM3g^tT(R4qu%e`M%a=3P z$NeBmNqie)zayk#697r>?FySR^z1HE85s#Z-Cf}F|GH_Yx;#zFbp?GZ-}0(*PEovH zpAWxTC;1W1xVHx@1K;<)u)q2?)64vouJNjDMLaQp@U#!=gTzhd;ZPiXAhMYXZW z@x3Z=<*?u-{@^Z3gG+a;*pqW8%Ii3Z#AB~M&5yKNmiMxaz@F$CrK^{TIePNAt6V|Y zK5s`)-ZEo+J$rg`M#=^3-ECLKa9$;JG}$jUcMvU{0WYFos2z~MNd z0CD3o*T~pnlp-w0P9Ba+18PHNf;p$&6dhRY{H8p1+wRQ~AtasXyULrq+<3XiZ~qY= z(~rY1V&6=j2VOcnmgO94Xw&U#9!Ln2+VVOiKJ=NVNM9o8Y&47Je0&i5*rr54AA~LZ zvD^zc6c_?sZ7>oj&F40HrsXgZ?daOcH3AE|wWxmu@wGtvZB$NI!TH1Dkmpl7_J#u# zx_!lC5IPS;%%_D3a4|!S4~NUWHa=2t0J;-oiz)$RuPWVZYx2^DyO$Em^ApStn82vn zBo8U~dWKF8{R>I|Kzp%IA^OHmbQ!rjG&mqtPt#r>S{`} zO!eDhq19F%>XLZ%r#4gjVKj8E(HyWrSKo|2tn4q(Wpn14!H)C^oE#O)``!~q_xPNh z-7bObt5|Z;4AIMKK%u}+5cMqiCPY$m*Mo8rn2C;NZa67EbAE9Q7qEzhu!K;Ku81X5 zo){%8e}T^gIwSIc3b6_m@Z6~+b>GgMT`IOZA_-RN>@Q4t<0Q$x3txbovVdYU{5A5k9h0|4$`ZuG5o*re+ d5U5ktw6nb3f))mHy6iZU!2foQ=lK5SzW`I|))@c* literal 0 HcmV?d00001 From 204c8524422e3a2c9010b01f9427d3b8d1daf35d Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 7 Dec 2023 11:03:43 +0000 Subject: [PATCH 0998/1674] Move psa-thread-safety.md Signed-off-by: Ryan Everett --- docs/architecture/{ => psa-thread-safety}/psa-thread-safety.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename docs/architecture/{ => psa-thread-safety}/psa-thread-safety.md (100%) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety/psa-thread-safety.md similarity index 100% rename from docs/architecture/psa-thread-safety.md rename to docs/architecture/psa-thread-safety/psa-thread-safety.md From b8c4254f449e263cac03c282f9a9b0124c54151c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 7 Dec 2023 12:12:39 +0100 Subject: [PATCH 0999/1674] Update cipher light -> block cipher definition MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- .../psa-migration/md-cipher-dispatch.md | 58 +++++++------------ 1 file changed, 21 insertions(+), 37 deletions(-) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index f165b21e0..bc92d00b3 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -379,6 +379,8 @@ Those costs could be avoided by refactoring (parts of) Cipher, but that would pr - significant differences in how the `cipher.h` API is implemented between builds with the full Cipher or only a subset; - or more work to apply the simplifications to all of Cipher. +Prototyping both approaches showed better code size savings and cleaner code with a new internal module. + ## Specification ### MD light @@ -564,50 +566,32 @@ The architecture can be extended to support `MBEDTLS_PSA_CRYPTO_CLIENT` with a l * Compile-time dependencies: instead of checking `defined(MBEDTLS_PSA_CRYPTO_C)`, check `defined(MBEDTLS_PSA_CRYPTO_C) || defined(MBEDTLS_PSA_CRYPTO_CLIENT)`. * Implementers of `MBEDTLS_PSA_CRYPTO_CLIENT` will need to provide `psa_can_do_hash()` (or a more general function `psa_can_do`) alongside `psa_crypto_init()`. Note that at this point, it will become a public interface, hence we won't be able to change it at a whim. -### Cipher light +### Internal "block cipher" abstraction (Cipher light) #### Definition -**Note:** this definition is tentative an may be refined when implementing and -testing, based and what's needed by internal users of Cipher light. The new -config symbol will not be considered public so its definition may change. +The new module is automatically enabled in `build_info.h` by modules that need +it, namely: CCM, GCM, only when `CIPHER_C` is not available. Note: CCM and GCM +currently depend on the full `CIPHER_C` (enforced by `check_config.h`); this +hard dependency would be replaced by the above auto-enablement. -Cipher light will be automatically enabled in `build_info.h` by modules that -need it, namely: CCM, GCM. Note: CCM and GCM currently depend on the full -`CIPHER_C` (enforced by `check_config.h`); this hard dependency would be -replaced by the above auto-enablement. - -Cipher light includes: -- some info functions; -- support for block ciphers in ECB mode, encrypt only (note: in Cipher, "ECB" - means just one block, contrary to PSA); -- part of the streaming API for unauthenticated ciphers; -- only AES, Aria and Camellia. - -This excludes: -- the one-shot API for unauthenticated ciphers; -- the AEAD/KW API (both one-shot and streaming); -- support for stream ciphers; -- support for other modes of block ciphers (CBC, CTR, CFB, etc.); -- DES and variants (3DES). - -The following API functions, and supporting types, are candidates for -inclusion in the Cipher light API, with limited features as above: +The following API functions are offered: ``` -mbedtls_cipher_info_from_values -mbedtls_cipher_info_get_block_size - -mbedtls_cipher_init -mbedtls_cipher_setup -mbedtls_cipher_setkey -mbedtls_cipher_free - -mbedtls_cipher_update +void mbedtls_block_cipher_init(mbedtls_block_cipher_context_t *ctx); +void mbedtls_block_cipher_free(mbedtls_block_cipher_context_t *ctx); +int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx, + mbedtls_cipher_id_t cipher_id); +int mbedtls_block_cipher_setkey(mbedtls_block_cipher_context_t *ctx, + const unsigned char *key, + unsigned key_bitlen); +int mbedtls_block_cipher_encrypt(mbedtls_block_cipher_context_t *ctx, + const unsigned char input[16], + unsigned char output[16]); ``` -Note: `mbedtls_cipher_info_get_block_size()` can be hard-coded to return 16, -as all three supported block ciphers have the same block size (DES was -excluded). +The only supported ciphers are AES, ARIA and Camellia. They are identified by +an `mbedtls_cipher_id_t` in the `setup()` function, because that's how they're +identifed by callers (GCM/CCM). #### Cipher light dual dispatch From 177a45f556f9a44f35c37a34926eefd45260def8 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 7 Dec 2023 11:24:30 +0000 Subject: [PATCH 1000/1674] Small clarifications in documentation Signed-off-by: Ryan Everett --- docs/architecture/psa-thread-safety/psa-thread-safety.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/architecture/psa-thread-safety/psa-thread-safety.md b/docs/architecture/psa-thread-safety/psa-thread-safety.md index 79881a624..97273f387 100644 --- a/docs/architecture/psa-thread-safety/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety/psa-thread-safety.md @@ -294,7 +294,7 @@ A counter field within each slot keeps track of how many readers have registered Library functions which operate on a slot will return `PSA_ERROR_BAD_STATE` if the slot is in an inappropriate state for the function at the linearization point. -A state transition diagram can be found in docs/architecture/psa-thread-safety/key-slot-state-transitions.jpg. In this diagram, an arrow between two states `q1` and `q2` with label `f` indicates that if the state of a slot is `q1` immediately before `f`'s linearization point, it may be `q2` immediately after `f`'s linearization point. This means that the linearization point of a state changing call to a function must be a call to `psa_slot_state_transition`. +A state transition diagram can be found in docs/architecture/psa-thread-safety/key-slot-state-transitions.jpg. In this diagram, an arrow between two states `q1` and `q2` with label `f` indicates that if the state of a slot is `q1` immediately before `f`'s linearization point, it may be `q2` immediately after `f`'s linearization point. The linearization point of a state changing call to a function must be a call to `psa_slot_state_transition`. #### Destruction of a key in use @@ -310,7 +310,7 @@ When calling `psa_wipe_key_slot` it is the callers responsibility to set the slo `psa_wipe_all_key_slots` is only called from `mbedtls_psa_crypto_free`, here we will need to return an error as we won't be able to free the key store if a key is in use without compromising the state of the secure side. This is acceptable as an untrusted application cannot call `mbedtls_psa_crypto_free` in a crypto service. In a service integration, `mbedtls_psa_crypto_free` on the client cuts the communication with the crypto service. Also, this is the current behaviour. -`psa_destroy_key` marks the slot as deleted, deletes persistent keys and opaque keys and returns. This only works if drivers are protected by a mutex (and the persistent storage as well if needed).`psa_destroy_key` transfers to PENDING_DELETION as an intermediate state, then, when the last reading operation finishes, it wipes the key slot. This will free the key ID, but the slot might be still in use. In case of volatile keys freeing up the ID while the slot is still in use does not provide any benefit and we don't need to do it. +`psa_destroy_key` registers as a reader, marks the slot as deleted, deletes persistent keys and opaque keys and unregisters before returning. This will free the key ID, but the slot might be still in use. This only works if drivers are protected by a mutex (and the persistent storage as well if needed). `psa_destroy_key` transfers to PENDING_DELETION as an intermediate state. The last reading operation will wipe the key slot upon unregistering. In case of volatile keys freeing up the ID while the slot is still in use does not provide any benefit and we don't need to do it. These are serious limitations, but this can be implemented with mutexes only and arguably satisfies the [Key destruction short-term requirements](#key-destruction-short-term-requirements). From 64cd2f21edfee11451768b0e793801d28752532e Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Thu, 7 Dec 2023 14:14:21 +0000 Subject: [PATCH 1001/1674] Fix potential double-free in calloc selftest Where calloc returns two references to the same buffer, avoid calling free() on both references by setting one to NULL. Signed-off-by: David Horstmann --- programs/test/selftest.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/programs/test/selftest.c b/programs/test/selftest.c index 61dde5ed1..e132e4c0c 100644 --- a/programs/test/selftest.c +++ b/programs/test/selftest.c @@ -79,6 +79,7 @@ static int calloc_self_test(int verbose) if (verbose) { mbedtls_printf(" CALLOC(0,1): passed (same non-null)\n"); } + empty2 = NULL; } else { if (verbose) { mbedtls_printf(" CALLOC(0,1): passed (distinct non-null)\n"); @@ -103,6 +104,7 @@ static int calloc_self_test(int verbose) if (verbose) { mbedtls_printf(" CALLOC(1,0): passed (same non-null)\n"); } + empty2 = NULL; } else { if (verbose) { mbedtls_printf(" CALLOC(1,0): passed (distinct non-null)\n"); @@ -119,6 +121,7 @@ static int calloc_self_test(int verbose) mbedtls_printf(" CALLOC(1): failed (same buffer twice)\n"); } ++failures; + buffer2 = NULL; } else { if (verbose) { mbedtls_printf(" CALLOC(1): passed\n"); From 419f841511e0e26e846b6d512094fd935b03ef2d Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 7 Dec 2023 18:30:22 +0000 Subject: [PATCH 1002/1674] Skip checking on maximum fragment length during handshake MbedTLS currently does not support maximum fragment length during handshake so we skip it for now. Signed-off-by: Waleed Elmelegy --- library/ssl_tls.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 419185c56..4d6b95863 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3472,6 +3472,10 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) { size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; + if (ssl == NULL || ssl->conf == NULL) { + return max_len; + } + #if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \ !defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) && \ !defined(MBEDTLS_SSL_PROTO_DTLS) @@ -3479,10 +3483,14 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) #endif #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - const size_t mfl = mbedtls_ssl_get_output_max_frag_len(ssl); + /* MbedTLS currently does not support maximum fragment length + during handshake so we skip it for now. */ + if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) { + const size_t mfl = mbedtls_ssl_get_output_max_frag_len(ssl); - if (max_len > mfl) { - max_len = mfl; + if (max_len > mfl) { + max_len = mfl; + } } #endif From 981ec147448829de901b75d1756867506ee42a1a Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 25 Oct 2023 11:39:49 +0800 Subject: [PATCH 1003/1674] tls13: rename ssl_tls13_check_*_key_exchange functions Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index fe7a674d6..6c42b73f4 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -95,9 +95,9 @@ static int ssl_tls13_parse_key_exchange_modes_ext(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_SESSION_TICKETS) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_check_psk_key_exchange(mbedtls_ssl_context *ssl); +static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_check_psk_ephemeral_key_exchange(mbedtls_ssl_context *ssl); +static int ssl_tls13_key_exchange_psk_ephemeral_available(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_offered_psks_check_identity_match_ticket( @@ -176,11 +176,11 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( key_exchanges = 0; if (mbedtls_ssl_session_ticket_allow_psk_ephemeral(session) && - ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) { + ssl_tls13_key_exchange_psk_ephemeral_available(ssl)) { key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; } if (mbedtls_ssl_session_ticket_allow_psk(session) && - ssl_tls13_check_psk_key_exchange(ssl)) { + ssl_tls13_key_exchange_psk_available(ssl)) { key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; } @@ -1022,7 +1022,7 @@ static int ssl_tls13_ticket_permission_check(mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_check_ephemeral_key_exchange(mbedtls_ssl_context *ssl) +static int ssl_tls13_key_exchange_ephemeral_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) return mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl) && @@ -1034,7 +1034,7 @@ static int ssl_tls13_check_ephemeral_key_exchange(mbedtls_ssl_context *ssl) } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_check_psk_key_exchange(mbedtls_ssl_context *ssl) +static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) return ssl_tls13_ticket_permission_check( @@ -1049,7 +1049,7 @@ static int ssl_tls13_check_psk_key_exchange(mbedtls_ssl_context *ssl) } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_check_psk_ephemeral_key_exchange(mbedtls_ssl_context *ssl) +static int ssl_tls13_key_exchange_psk_ephemeral_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) return ssl_tls13_ticket_permission_check( @@ -1083,17 +1083,17 @@ static int ssl_tls13_determine_key_exchange_mode(mbedtls_ssl_context *ssl) ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE; - if (ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) { + if (ssl_tls13_key_exchange_psk_ephemeral_available(ssl)) { ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: psk_ephemeral")); } else - if (ssl_tls13_check_ephemeral_key_exchange(ssl)) { + if (ssl_tls13_key_exchange_ephemeral_available(ssl)) { ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL; MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: ephemeral")); } else - if (ssl_tls13_check_psk_key_exchange(ssl)) { + if (ssl_tls13_key_exchange_psk_available(ssl)) { ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: psk")); @@ -1737,8 +1737,8 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, * - The content up to but excluding the PSK extension, if present. */ /* If we've settled on a PSK-based exchange, parse PSK identity ext */ - if (ssl_tls13_check_psk_key_exchange(ssl) || - ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) { + if (ssl_tls13_key_exchange_psk_available(ssl) || + ssl_tls13_key_exchange_psk_ephemeral_available(ssl)) { ret = handshake->update_checksum(ssl, buf, pre_shared_key_ext - buf); if (0 != ret) { From 60a22567e42fa05a93ae8f1cdca4a7d5d69bddb7 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 25 Oct 2023 11:41:02 +0800 Subject: [PATCH 1004/1674] tls13: change return value of mbedtls_ssl_conf_tls13_check_kex_modes To keep the convention in TLS code, check functions should return 0 when check is successful. Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 22 +++++++++++----------- library/ssl_tls13_client.c | 4 ++-- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index b9801a06c..08741bc05 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1904,37 +1904,37 @@ int mbedtls_ssl_tls13_handshake_server_step(mbedtls_ssl_context *ssl); static inline unsigned mbedtls_ssl_conf_tls13_check_kex_modes(mbedtls_ssl_context *ssl, int kex_mode_mask) { - return (ssl->conf->tls13_kex_modes & kex_mode_mask) != 0; + return (ssl->conf->tls13_kex_modes & kex_mode_mask) == 0; } static inline int mbedtls_ssl_conf_tls13_psk_enabled(mbedtls_ssl_context *ssl) { - return mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); + return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); } static inline int mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); + return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); } static inline int mbedtls_ssl_conf_tls13_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); + return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); } static inline int mbedtls_ssl_conf_tls13_some_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); + return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); } static inline int mbedtls_ssl_conf_tls13_some_psk_enabled(mbedtls_ssl_context *ssl) { - return mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); + return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); } #if defined(MBEDTLS_SSL_SRV_C) && \ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index ae1136431..7844cedbe 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -684,7 +684,7 @@ static int ssl_tls13_has_configured_ticket(mbedtls_ssl_context *ssl) mbedtls_ssl_session *session = ssl->session_negotiate; return ssl->handshake->resume && session != NULL && session->ticket != NULL && - mbedtls_ssl_conf_tls13_check_kex_modes( + !mbedtls_ssl_conf_tls13_check_kex_modes( ssl, mbedtls_ssl_session_get_ticket_flags( session, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL)); } @@ -1879,7 +1879,7 @@ static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl) goto cleanup; } - if (!mbedtls_ssl_conf_tls13_check_kex_modes( + if (mbedtls_ssl_conf_tls13_check_kex_modes( ssl, handshake->key_exchange_mode)) { ret = MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; MBEDTLS_SSL_DEBUG_MSG( From fc2cb9632bb43f585c697bd499aec8b780ee6601 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Fri, 10 Nov 2023 10:22:36 +0800 Subject: [PATCH 1005/1674] tls13: rename mbedtls_ssl_conf_tls13_check_kex_modes The function is renamed to mbedtls_ssl_conf_tls13_is_kex_mode_enabled. Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 26 +++++++++++++------------- library/ssl_tls13_client.c | 4 ++-- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 08741bc05..862838433 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1901,40 +1901,40 @@ int mbedtls_ssl_tls13_handshake_server_step(mbedtls_ssl_context *ssl); /* * Helper functions around key exchange modes. */ -static inline unsigned mbedtls_ssl_conf_tls13_check_kex_modes(mbedtls_ssl_context *ssl, - int kex_mode_mask) +static inline int mbedtls_ssl_conf_tls13_is_kex_mode_enabled(mbedtls_ssl_context *ssl, + int kex_mode_mask) { - return (ssl->conf->tls13_kex_modes & kex_mode_mask) == 0; + return (ssl->conf->tls13_kex_modes & kex_mode_mask) != 0; } static inline int mbedtls_ssl_conf_tls13_psk_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); + return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); } static inline int mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); + return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); } static inline int mbedtls_ssl_conf_tls13_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); + return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); } static inline int mbedtls_ssl_conf_tls13_some_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); + return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); } static inline int mbedtls_ssl_conf_tls13_some_psk_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_conf_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); + return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); } #if defined(MBEDTLS_SSL_SRV_C) && \ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 7844cedbe..c2cd18d92 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -684,7 +684,7 @@ static int ssl_tls13_has_configured_ticket(mbedtls_ssl_context *ssl) mbedtls_ssl_session *session = ssl->session_negotiate; return ssl->handshake->resume && session != NULL && session->ticket != NULL && - !mbedtls_ssl_conf_tls13_check_kex_modes( + mbedtls_ssl_conf_tls13_is_kex_mode_enabled( ssl, mbedtls_ssl_session_get_ticket_flags( session, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL)); } @@ -1879,7 +1879,7 @@ static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl) goto cleanup; } - if (mbedtls_ssl_conf_tls13_check_kex_modes( + if (!mbedtls_ssl_conf_tls13_is_kex_mode_enabled( ssl, handshake->key_exchange_mode)) { ret = MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; MBEDTLS_SSL_DEBUG_MSG( From d72e858fd154a6ec37edf0a32ef5063feb9f922d Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Fri, 10 Nov 2023 10:37:18 +0800 Subject: [PATCH 1006/1674] tls13: srv: rename ssl_tls13_ticket_permission_check The function is renamed to ssl_tls13_ticket_is_kex_mode_permitted Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 6c42b73f4..6995f4714 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1003,8 +1003,8 @@ static int ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange( #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_ticket_permission_check(mbedtls_ssl_context *ssl, - unsigned int kex_mode) +static int ssl_tls13_ticket_is_kex_mode_permitted(mbedtls_ssl_context *ssl, + unsigned int kex_mode) { #if defined(MBEDTLS_SSL_SESSION_TICKETS) if (ssl->handshake->resume) { @@ -1037,7 +1037,7 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) - return ssl_tls13_ticket_permission_check( + return ssl_tls13_ticket_is_kex_mode_permitted( ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK) && mbedtls_ssl_conf_tls13_psk_enabled(ssl) && mbedtls_ssl_tls13_psk_enabled(ssl) && @@ -1052,7 +1052,7 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_key_exchange_psk_ephemeral_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) - return ssl_tls13_ticket_permission_check( + return ssl_tls13_ticket_is_kex_mode_permitted( ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL) && mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(ssl) && mbedtls_ssl_tls13_psk_ephemeral_enabled(ssl) && From 4f537f73fa11ae22bfa9df0fb672e34be9c08e2a Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Mon, 13 Nov 2023 18:07:22 +0800 Subject: [PATCH 1007/1674] tls13: rename mbedtls_ssl_session_check_ticket_flags The function is renamed to mbedtls_ssl_session_ticket_has_flags. Descriptions are added. Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 22 ++++++++++++++-------- library/ssl_tls13_server.c | 2 +- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 862838433..b6f213ef0 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2776,24 +2776,30 @@ static inline unsigned int mbedtls_ssl_session_get_ticket_flags( (flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK); } -static inline unsigned int mbedtls_ssl_session_check_ticket_flags( +/** + * Check if at least one of the given flags is set in + * the session ticket. See the definition of + * `MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK` to get all + * permitted flags. + */ +static inline int mbedtls_ssl_session_ticket_has_flags( mbedtls_ssl_session *session, unsigned int flags) { - return mbedtls_ssl_session_get_ticket_flags(session, flags) == 0; + return mbedtls_ssl_session_get_ticket_flags(session, flags) != 0; } -static inline unsigned int mbedtls_ssl_session_ticket_allow_psk( +static inline int mbedtls_ssl_session_ticket_allow_psk( mbedtls_ssl_session *session) { - return !mbedtls_ssl_session_check_ticket_flags(session, - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION); + return mbedtls_ssl_session_ticket_has_flags(session, + MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION); } -static inline unsigned int mbedtls_ssl_session_ticket_allow_psk_ephemeral( +static inline int mbedtls_ssl_session_ticket_allow_psk_ephemeral( mbedtls_ssl_session *session) { - return !mbedtls_ssl_session_check_ticket_flags(session, - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION); + return mbedtls_ssl_session_ticket_has_flags(session, + MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION); } static inline unsigned int mbedtls_ssl_session_ticket_allow_early_data( diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 6995f4714..53a01cf71 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1008,7 +1008,7 @@ static int ssl_tls13_ticket_is_kex_mode_permitted(mbedtls_ssl_context *ssl, { #if defined(MBEDTLS_SSL_SESSION_TICKETS) if (ssl->handshake->resume) { - if (mbedtls_ssl_session_check_ticket_flags( + if (!mbedtls_ssl_session_ticket_has_flags( ssl->session_negotiate, kex_mode)) { return 0; } From 0a1ff2b969d9750d66185bbf6ff61e94f2a0b476 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 14 Nov 2023 11:03:32 +0800 Subject: [PATCH 1008/1674] Consistent renaming Signed-off-by: Pengyu Lv --- library/ssl_client.c | 6 +++--- library/ssl_misc.h | 10 +++++----- library/ssl_tls.c | 2 +- library/ssl_tls13_client.c | 16 ++++++++-------- library/ssl_tls13_server.c | 6 +++--- 5 files changed, 20 insertions(+), 20 deletions(-) diff --git a/library/ssl_client.c b/library/ssl_client.c index 270db4168..d585ca524 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -609,7 +609,7 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl, int ssl_write_supported_groups_ext_flags = 0; #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) - if (propose_tls13 && mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) { + if (propose_tls13 && mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { ssl_write_supported_groups_ext_flags |= SSL_WRITE_SUPPORTED_GROUPS_EXT_TLS1_3_FLAG; } @@ -637,7 +637,7 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl, int write_sig_alg_ext = 0; #if defined(MBEDTLS_SSL_PROTO_TLS1_3) write_sig_alg_ext = write_sig_alg_ext || - (propose_tls13 && mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl)); + (propose_tls13 && mbedtls_ssl_conf_tls13_is_ephemeral_enabled(ssl)); #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) write_sig_alg_ext = write_sig_alg_ext || propose_tls12; @@ -668,7 +668,7 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl, /* The "pre_shared_key" extension (RFC 8446 Section 4.2.11) * MUST be the last extension in the ClientHello. */ - if (propose_tls13 && mbedtls_ssl_conf_tls13_some_psk_enabled(ssl)) { + if (propose_tls13 && mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl)) { ret = mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext( ssl, p, end, &output_len, binders_len); if (ret != 0) { diff --git a/library/ssl_misc.h b/library/ssl_misc.h index b6f213ef0..e362ebd9d 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1907,31 +1907,31 @@ static inline int mbedtls_ssl_conf_tls13_is_kex_mode_enabled(mbedtls_ssl_context return (ssl->conf->tls13_kex_modes & kex_mode_mask) != 0; } -static inline int mbedtls_ssl_conf_tls13_psk_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_conf_tls13_is_psk_enabled(mbedtls_ssl_context *ssl) { return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); } -static inline int mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(mbedtls_ssl_context *ssl) { return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); } -static inline int mbedtls_ssl_conf_tls13_ephemeral_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_conf_tls13_is_ephemeral_enabled(mbedtls_ssl_context *ssl) { return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); } -static inline int mbedtls_ssl_conf_tls13_some_ephemeral_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(mbedtls_ssl_context *ssl) { return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); } -static inline int mbedtls_ssl_conf_tls13_some_psk_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_conf_tls13_is_some_psk_enabled(mbedtls_ssl_context *ssl) { return mbedtls_ssl_conf_tls13_is_kex_mode_enabled(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4daf2e7ee..1a66d915f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1342,7 +1342,7 @@ static int ssl_conf_check(const mbedtls_ssl_context *ssl) * bad config. * */ - if (mbedtls_ssl_conf_tls13_ephemeral_enabled( + if (mbedtls_ssl_conf_tls13_is_ephemeral_enabled( (mbedtls_ssl_context *) ssl) && ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT && ssl->conf->max_tls_version == MBEDTLS_SSL_VERSION_TLS1_3 && diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index c2cd18d92..82ebe7e60 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -621,7 +621,7 @@ static int ssl_tls13_write_psk_key_exchange_modes_ext(mbedtls_ssl_context *ssl, /* Skip writing extension if no PSK key exchange mode * is enabled in the config. */ - if (!mbedtls_ssl_conf_tls13_some_psk_enabled(ssl)) { + if (!mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl)) { MBEDTLS_SSL_DEBUG_MSG(3, ("skip psk_key_exchange_modes extension")); return 0; } @@ -640,14 +640,14 @@ static int ssl_tls13_write_psk_key_exchange_modes_ext(mbedtls_ssl_context *ssl, */ p += 5; - if (mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(ssl)) { + if (mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(ssl)) { *p++ = MBEDTLS_SSL_TLS1_3_PSK_MODE_ECDHE; ke_modes_len++; MBEDTLS_SSL_DEBUG_MSG(4, ("Adding PSK-ECDHE key exchange mode")); } - if (mbedtls_ssl_conf_tls13_psk_enabled(ssl)) { + if (mbedtls_ssl_conf_tls13_is_psk_enabled(ssl)) { *p++ = MBEDTLS_SSL_TLS1_3_PSK_MODE_PURE; ke_modes_len++; @@ -1161,7 +1161,7 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, p += ext_len; #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) - if (mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) { + if (mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { ret = ssl_tls13_write_key_share_ext(ssl, p, end, &ext_len); if (ret != 0) { return ret; @@ -1171,7 +1171,7 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, #endif #if defined(MBEDTLS_SSL_EARLY_DATA) - if (mbedtls_ssl_conf_tls13_some_psk_enabled(ssl) && + if (mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl) && ssl_tls13_early_data_has_valid_ticket(ssl) && ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { @@ -1457,7 +1457,7 @@ static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl, ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, (size_t) (end - buf))); - if (mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) { + if (mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { ret = ssl_tls13_reset_key_share(ssl); if (ret != 0) { return ret; @@ -1499,7 +1499,7 @@ static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl, * in the ClientHello. * In a PSK only key exchange that what we expect. */ - if (!mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) { + if (!mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { MBEDTLS_SSL_DEBUG_MSG(1, ("Unexpected HRR in pure PSK key exchange.")); MBEDTLS_SSL_PEND_FATAL_ALERT( @@ -1776,7 +1776,7 @@ static int ssl_tls13_parse_server_hello(mbedtls_ssl_context *ssl, case MBEDTLS_TLS_EXT_KEY_SHARE: MBEDTLS_SSL_DEBUG_MSG(3, ("found key_shares extension")); - if (!mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) { + if (!mbedtls_ssl_conf_tls13_is_some_ephemeral_enabled(ssl)) { fatal_alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT; goto cleanup; } diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 53a01cf71..4fff15d7f 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1025,7 +1025,7 @@ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_key_exchange_ephemeral_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) - return mbedtls_ssl_conf_tls13_ephemeral_enabled(ssl) && + return mbedtls_ssl_conf_tls13_is_ephemeral_enabled(ssl) && ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange(ssl); #else ((void) ssl); @@ -1039,7 +1039,7 @@ static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) return ssl_tls13_ticket_is_kex_mode_permitted( ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK) && - mbedtls_ssl_conf_tls13_psk_enabled(ssl) && + mbedtls_ssl_conf_tls13_is_psk_enabled(ssl) && mbedtls_ssl_tls13_psk_enabled(ssl) && ssl_tls13_client_hello_has_exts_for_psk_key_exchange(ssl); #else @@ -1054,7 +1054,7 @@ static int ssl_tls13_key_exchange_psk_ephemeral_available(mbedtls_ssl_context *s #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) return ssl_tls13_ticket_is_kex_mode_permitted( ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL) && - mbedtls_ssl_conf_tls13_psk_ephemeral_enabled(ssl) && + mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(ssl) && mbedtls_ssl_tls13_psk_ephemeral_enabled(ssl) && ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange(ssl); #else From 2333b826f4e33bf233e617914866f19990e1d0bc Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 14 Nov 2023 12:03:49 +0800 Subject: [PATCH 1009/1674] tls13: srv: rename mbedtls_ssl_tls13_check_kex_modes The function is renamed to `mbedtls_ssl_tls13_is_kex_mode_supported` and the behaviour is reversed. Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index e362ebd9d..1439ca0f1 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1941,49 +1941,49 @@ static inline int mbedtls_ssl_conf_tls13_is_some_psk_enabled(mbedtls_ssl_context defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) /** * Given a list of key exchange modes, check if at least one of them is - * supported. + * supported by peer. * * \param[in] ssl SSL context * \param kex_modes_mask Mask of the key exchange modes to check * - * \return 0 if at least one of the key exchange modes is supported, - * !=0 otherwise. + * \return True, if at least one of the key exchange modes is supported, + * False, otherwise. */ -static inline unsigned mbedtls_ssl_tls13_check_kex_modes(mbedtls_ssl_context *ssl, - int kex_modes_mask) +static inline int mbedtls_ssl_tls13_is_kex_mode_supported(mbedtls_ssl_context *ssl, + int kex_modes_mask) { - return (ssl->handshake->tls13_kex_modes & kex_modes_mask) == 0; + return (ssl->handshake->tls13_kex_modes & kex_modes_mask) != 0; } static inline int mbedtls_ssl_tls13_psk_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); + return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); } static inline int mbedtls_ssl_tls13_psk_ephemeral_enabled( mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); + return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); } static inline int mbedtls_ssl_tls13_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); + return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); } static inline int mbedtls_ssl_tls13_some_ephemeral_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); + return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); } static inline int mbedtls_ssl_tls13_some_psk_enabled(mbedtls_ssl_context *ssl) { - return !mbedtls_ssl_tls13_check_kex_modes(ssl, - MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); + return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); } #endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */ From b2cfafbb9e65e98b98f2d53bdff6824782bdc5a8 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 14 Nov 2023 13:56:13 +0800 Subject: [PATCH 1010/1674] Consistent renaming Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 10 +++++----- library/ssl_tls13_server.c | 6 +++--- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 1439ca0f1..e756c9aed 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1955,32 +1955,32 @@ static inline int mbedtls_ssl_tls13_is_kex_mode_supported(mbedtls_ssl_context *s return (ssl->handshake->tls13_kex_modes & kex_modes_mask) != 0; } -static inline int mbedtls_ssl_tls13_psk_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_tls13_is_psk_supported(mbedtls_ssl_context *ssl) { return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK); } -static inline int mbedtls_ssl_tls13_psk_ephemeral_enabled( +static inline int mbedtls_ssl_tls13_is_psk_ephemeral_supported( mbedtls_ssl_context *ssl) { return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); } -static inline int mbedtls_ssl_tls13_ephemeral_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_tls13_is_ephemeral_supported(mbedtls_ssl_context *ssl) { return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL); } -static inline int mbedtls_ssl_tls13_some_ephemeral_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_tls13_is_some_ephemeral_supported(mbedtls_ssl_context *ssl) { return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL); } -static inline int mbedtls_ssl_tls13_some_psk_enabled(mbedtls_ssl_context *ssl) +static inline int mbedtls_ssl_tls13_is_some_psk_supported(mbedtls_ssl_context *ssl) { return mbedtls_ssl_tls13_is_kex_mode_supported(ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL); diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 4fff15d7f..5c4f2ea81 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1040,7 +1040,7 @@ static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl) return ssl_tls13_ticket_is_kex_mode_permitted( ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK) && mbedtls_ssl_conf_tls13_is_psk_enabled(ssl) && - mbedtls_ssl_tls13_psk_enabled(ssl) && + mbedtls_ssl_tls13_is_psk_supported(ssl) && ssl_tls13_client_hello_has_exts_for_psk_key_exchange(ssl); #else ((void) ssl); @@ -1055,7 +1055,7 @@ static int ssl_tls13_key_exchange_psk_ephemeral_available(mbedtls_ssl_context *s return ssl_tls13_ticket_is_kex_mode_permitted( ssl, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL) && mbedtls_ssl_conf_tls13_is_psk_ephemeral_enabled(ssl) && - mbedtls_ssl_tls13_psk_ephemeral_enabled(ssl) && + mbedtls_ssl_tls13_is_psk_ephemeral_supported(ssl) && ssl_tls13_client_hello_has_exts_for_psk_ephemeral_key_exchange(ssl); #else ((void) ssl); @@ -3072,7 +3072,7 @@ static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) * expected to be resolved with issue#6395. */ /* Sent NewSessionTicket message only when client supports PSK */ - if (mbedtls_ssl_tls13_some_psk_enabled(ssl)) { + if (mbedtls_ssl_tls13_is_some_psk_supported(ssl)) { mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET); } else From bc4aab7673ac6946f34563b99e6cd6d0757691b8 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Fri, 1 Dec 2023 15:37:24 +0800 Subject: [PATCH 1011/1674] Add "_is_" to functions ssl_tls13_key_exchange_.*_available Done by command: ``` sed -i \ "s/ssl_tls13_key_exchange_\(.*\)_available/ssl_tls13_key_exchange_is_\1_available/g" \ library/*.[ch] ``` Signed-off-by: Pengyu Lv --- library/ssl_tls13_server.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 5c4f2ea81..e5e510ba3 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -95,9 +95,9 @@ static int ssl_tls13_parse_key_exchange_modes_ext(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_SESSION_TICKETS) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl); +static int ssl_tls13_key_exchange_is_psk_available(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_key_exchange_psk_ephemeral_available(mbedtls_ssl_context *ssl); +static int ssl_tls13_key_exchange_is_psk_ephemeral_available(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_offered_psks_check_identity_match_ticket( @@ -176,11 +176,11 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( key_exchanges = 0; if (mbedtls_ssl_session_ticket_allow_psk_ephemeral(session) && - ssl_tls13_key_exchange_psk_ephemeral_available(ssl)) { + ssl_tls13_key_exchange_is_psk_ephemeral_available(ssl)) { key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; } if (mbedtls_ssl_session_ticket_allow_psk(session) && - ssl_tls13_key_exchange_psk_available(ssl)) { + ssl_tls13_key_exchange_is_psk_available(ssl)) { key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; } @@ -1022,7 +1022,7 @@ static int ssl_tls13_ticket_is_kex_mode_permitted(mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_key_exchange_ephemeral_available(mbedtls_ssl_context *ssl) +static int ssl_tls13_key_exchange_is_ephemeral_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) return mbedtls_ssl_conf_tls13_is_ephemeral_enabled(ssl) && @@ -1034,7 +1034,7 @@ static int ssl_tls13_key_exchange_ephemeral_available(mbedtls_ssl_context *ssl) } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl) +static int ssl_tls13_key_exchange_is_psk_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) return ssl_tls13_ticket_is_kex_mode_permitted( @@ -1049,7 +1049,7 @@ static int ssl_tls13_key_exchange_psk_available(mbedtls_ssl_context *ssl) } MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_key_exchange_psk_ephemeral_available(mbedtls_ssl_context *ssl) +static int ssl_tls13_key_exchange_is_psk_ephemeral_available(mbedtls_ssl_context *ssl) { #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) return ssl_tls13_ticket_is_kex_mode_permitted( @@ -1083,17 +1083,17 @@ static int ssl_tls13_determine_key_exchange_mode(mbedtls_ssl_context *ssl) ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE; - if (ssl_tls13_key_exchange_psk_ephemeral_available(ssl)) { + if (ssl_tls13_key_exchange_is_psk_ephemeral_available(ssl)) { ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: psk_ephemeral")); } else - if (ssl_tls13_key_exchange_ephemeral_available(ssl)) { + if (ssl_tls13_key_exchange_is_ephemeral_available(ssl)) { ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL; MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: ephemeral")); } else - if (ssl_tls13_key_exchange_psk_available(ssl)) { + if (ssl_tls13_key_exchange_is_psk_available(ssl)) { ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; MBEDTLS_SSL_DEBUG_MSG(2, ("key exchange mode: psk")); @@ -1737,8 +1737,8 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, * - The content up to but excluding the PSK extension, if present. */ /* If we've settled on a PSK-based exchange, parse PSK identity ext */ - if (ssl_tls13_key_exchange_psk_available(ssl) || - ssl_tls13_key_exchange_psk_ephemeral_available(ssl)) { + if (ssl_tls13_key_exchange_is_psk_available(ssl) || + ssl_tls13_key_exchange_is_psk_ephemeral_available(ssl)) { ret = handshake->update_checksum(ssl, buf, pre_shared_key_ext - buf); if (0 != ret) { From 02e72f65da309885c4ae8e0b816cc269e0c1eba2 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Mon, 4 Dec 2023 16:11:51 +0800 Subject: [PATCH 1012/1674] Reword return value description for mbedtls_ssl_tls13_is_kex_mode_supported Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index e756c9aed..5e2aa6096 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1946,8 +1946,8 @@ static inline int mbedtls_ssl_conf_tls13_is_some_psk_enabled(mbedtls_ssl_context * \param[in] ssl SSL context * \param kex_modes_mask Mask of the key exchange modes to check * - * \return True, if at least one of the key exchange modes is supported, - * False, otherwise. + * \return Non-zero, if at least one of the key exchange modes is supported by + * the peer, otherwise \0. */ static inline int mbedtls_ssl_tls13_is_kex_mode_supported(mbedtls_ssl_context *ssl, int kex_modes_mask) From abd844f379884cde62e07b36546b2aff07277fdd Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Tue, 5 Dec 2023 15:28:58 +0800 Subject: [PATCH 1013/1674] Fix wrong format in the function doc Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 5e2aa6096..32bef110e 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1946,8 +1946,8 @@ static inline int mbedtls_ssl_conf_tls13_is_some_psk_enabled(mbedtls_ssl_context * \param[in] ssl SSL context * \param kex_modes_mask Mask of the key exchange modes to check * - * \return Non-zero, if at least one of the key exchange modes is supported by - * the peer, otherwise \0. + * \return Non-zero if at least one of the key exchange modes is supported by + * the peer, otherwise \c 0. */ static inline int mbedtls_ssl_tls13_is_kex_mode_supported(mbedtls_ssl_context *ssl, int kex_modes_mask) From 408ba6f7b8cdd8180972e2ed2af8fad234a36416 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 8 Dec 2023 10:18:03 +0800 Subject: [PATCH 1014/1674] tls13: srv: replace with internal API to check is_tls12_enabled Signed-off-by: Yanray Wang --- library/ssl_tls13_server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index b3f25b5e8..eb0b5281a 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1921,7 +1921,7 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl) */ if (SSL_CLIENT_HELLO_TLS1_2 == parse_client_hello_ret) { /* Check if server supports TLS 1.2 */ - if (ssl->conf->min_tls_version > MBEDTLS_SSL_VERSION_TLS1_2) { + if (!mbedtls_ssl_conf_is_tls12_enabled(ssl->conf)) { MBEDTLS_SSL_DEBUG_MSG( 1, ("Unsupported version of TLS 1.2 was received")); MBEDTLS_SSL_PEND_FATAL_ALERT( From 177e49ad7a2e1827089ff28484b985068a626985 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 8 Dec 2023 10:51:04 +0800 Subject: [PATCH 1015/1674] tls13: srv: improve DEBUG_MSG in case of TLS 1.2 disabled Signed-off-by: Yanray Wang --- library/ssl_tls13_server.c | 2 +- tests/ssl-opt.sh | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index eb0b5281a..52d2db6e7 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1923,7 +1923,7 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl) /* Check if server supports TLS 1.2 */ if (!mbedtls_ssl_conf_is_tls12_enabled(ssl->conf)) { MBEDTLS_SSL_DEBUG_MSG( - 1, ("Unsupported version of TLS 1.2 was received")); + 1, ("TLS 1.2 not supported.")); MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index e67cf02f0..764fb4a94 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -11626,8 +11626,7 @@ run_test "TLS 1.3 m->m: Not supported version check: cli TLS 1.2 only, srv TLS 1 -c "supported_versions(43) extension does not exist." \ -c "A fatal alert message was received from our peer" \ -s "The SSL configuration is tls13 only" \ - -s "Unsupported version of TLS 1.2 was received" \ - -s "! mbedtls_ssl_handshake returned" + -s "TLS 1.2 not supported." requires_openssl_tls1_3_with_compatible_ephemeral requires_config_enabled MBEDTLS_DEBUG_C From 2bef917a3c11090d063aa2ebd59d445e185dbdb7 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 8 Dec 2023 10:21:53 +0800 Subject: [PATCH 1016/1674] tls13: srv: return BAD_PROTOCOL_VERSION if chosen unsupported version Signed-off-by: Yanray Wang --- library/ssl_tls13_server.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 52d2db6e7..3baff36e7 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1925,9 +1925,9 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG( 1, ("TLS 1.2 not supported.")); MBEDTLS_SSL_PEND_FATAL_ALERT( - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, - MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); - return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION, + MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION); + return MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION; } ssl->keep_current_message = 1; ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2; From 90acdc65e582151a58189ac0651036568316155e Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 8 Dec 2023 10:29:42 +0800 Subject: [PATCH 1017/1674] tl13: srv: improve comment Improve comment when received version 1.2 of the protocol while TLS 1.2 is disabled on server side. Signed-off-by: Yanray Wang --- library/ssl_tls13_server.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 3baff36e7..67bf6daae 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1913,7 +1913,8 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl) * by MBEDTLS_SSL_PROC_CHK_NEG. */ /* - * Version 1.2 of the protocol has been chosen, set the + * Version 1.2 of the protocol has to be used for the handshake. + * If TLS 1.2 is not supported, abort the handshake. Otherwise, set the * ssl->keep_current_message flag for the ClientHello to be kept and parsed * as a TLS 1.2 ClientHello. We also change ssl->tls_version to * MBEDTLS_SSL_VERSION_TLS1_2 thus from now on mbedtls_ssl_handshake_step() From e9be2a259e831e6de4eec5808d0c328a5f9e5258 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 8 Dec 2023 10:38:13 +0800 Subject: [PATCH 1018/1674] fix-tls13-server-min-version-check.txt: rephrase ChangeLog Signed-off-by: Yanray Wang --- ChangeLog.d/fix-tls13-server-min-version-check.txt | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/fix-tls13-server-min-version-check.txt b/ChangeLog.d/fix-tls13-server-min-version-check.txt index b05ad7c54..258ec6d38 100644 --- a/ChangeLog.d/fix-tls13-server-min-version-check.txt +++ b/ChangeLog.d/fix-tls13-server-min-version-check.txt @@ -1,4 +1,3 @@ Bugfix - * Add missing check for `min_tls_version` in TLS 1.3 server-side. - Without this, TLS 1.3 server may downgrade protocol to a TLS version - below its supported minimum TLS version. Fixes #8593. + * Fix TLS server accepting TLS 1.2 handshake while TLS 1.2 + is disabled at runtime. Fixes #8593. From 94a42ccb3e26554498c6e4a3e78c6822036fc931 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Wed, 6 Dec 2023 10:04:17 +0800 Subject: [PATCH 1019/1674] Add tls13 in ticket flags helper function names ``` sed -i \ "s/\(mbedtls_ssl\)_\(session_\(\w*_\)\?ticket\)/\1_tls13_\2/g" \ library/*.[ch] ``` Signed-off-by: Pengyu Lv --- library/ssl_misc.h | 28 ++++++++++++++-------------- library/ssl_tls13_client.c | 10 +++++----- library/ssl_tls13_server.c | 16 ++++++++-------- 3 files changed, 27 insertions(+), 27 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 32bef110e..71d140761 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2769,7 +2769,7 @@ int mbedtls_ssl_session_set_hostname(mbedtls_ssl_session *session, #define MBEDTLS_SSL_TLS1_3_MAX_ALLOWED_TICKET_LIFETIME (604800) -static inline unsigned int mbedtls_ssl_session_get_ticket_flags( +static inline unsigned int mbedtls_ssl_tls13_session_get_ticket_flags( mbedtls_ssl_session *session, unsigned int flags) { return session->ticket_flags & @@ -2782,40 +2782,40 @@ static inline unsigned int mbedtls_ssl_session_get_ticket_flags( * `MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK` to get all * permitted flags. */ -static inline int mbedtls_ssl_session_ticket_has_flags( +static inline int mbedtls_ssl_tls13_session_ticket_has_flags( mbedtls_ssl_session *session, unsigned int flags) { - return mbedtls_ssl_session_get_ticket_flags(session, flags) != 0; + return mbedtls_ssl_tls13_session_get_ticket_flags(session, flags) != 0; } -static inline int mbedtls_ssl_session_ticket_allow_psk( +static inline int mbedtls_ssl_tls13_session_ticket_allow_psk( mbedtls_ssl_session *session) { - return mbedtls_ssl_session_ticket_has_flags(session, - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION); + return mbedtls_ssl_tls13_session_ticket_has_flags( + session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION); } -static inline int mbedtls_ssl_session_ticket_allow_psk_ephemeral( +static inline int mbedtls_ssl_tls13_session_ticket_allow_psk_ephemeral( mbedtls_ssl_session *session) { - return mbedtls_ssl_session_ticket_has_flags(session, - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION); + return mbedtls_ssl_tls13_session_ticket_has_flags( + session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION); } -static inline unsigned int mbedtls_ssl_session_ticket_allow_early_data( +static inline unsigned int mbedtls_ssl_tls13_session_ticket_allow_early_data( mbedtls_ssl_session *session) { - return !mbedtls_ssl_session_check_ticket_flags(session, - MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); + return mbedtls_ssl_tls13_session_ticket_has_flags( + session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); } -static inline void mbedtls_ssl_session_set_ticket_flags( +static inline void mbedtls_ssl_tls13_session_set_ticket_flags( mbedtls_ssl_session *session, unsigned int flags) { session->ticket_flags |= (flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK); } -static inline void mbedtls_ssl_session_clear_ticket_flags( +static inline void mbedtls_ssl_tls13_session_clear_ticket_flags( mbedtls_ssl_session *session, unsigned int flags) { session->ticket_flags &= ~(flags & MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK); diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 82ebe7e60..e418ee01b 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -685,7 +685,7 @@ static int ssl_tls13_has_configured_ticket(mbedtls_ssl_context *ssl) return ssl->handshake->resume && session != NULL && session->ticket != NULL && mbedtls_ssl_conf_tls13_is_kex_mode_enabled( - ssl, mbedtls_ssl_session_get_ticket_flags( + ssl, mbedtls_ssl_tls13_session_get_ticket_flags( session, MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL)); } @@ -695,7 +695,7 @@ static int ssl_tls13_early_data_has_valid_ticket(mbedtls_ssl_context *ssl) mbedtls_ssl_session *session = ssl->session_negotiate; return ssl->handshake->resume && session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3 && - mbedtls_ssl_session_ticket_allow_early_data(session) && + mbedtls_ssl_tls13_session_ticket_allow_early_data(session) && mbedtls_ssl_tls13_cipher_suite_is_offered(ssl, session->ciphersuite); } #endif @@ -2685,7 +2685,7 @@ static int ssl_tls13_parse_new_session_ticket_early_data_ext( MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4); session->max_early_data_size = MBEDTLS_GET_UINT32_BE(buf, 0); - mbedtls_ssl_session_set_ticket_flags( + mbedtls_ssl_tls13_session_set_ticket_flags( session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); MBEDTLS_SSL_DEBUG_MSG( 3, ("received max_early_data_size: %u", @@ -2836,7 +2836,7 @@ static int ssl_tls13_parse_new_session_ticket(mbedtls_ssl_context *ssl, session->ticket_len = ticket_len; /* Clear all flags in ticket_flags */ - mbedtls_ssl_session_clear_ticket_flags( + mbedtls_ssl_tls13_session_clear_ticket_flags( session, MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK); MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, 2); @@ -2923,7 +2923,7 @@ static int ssl_tls13_postprocess_new_session_ticket(mbedtls_ssl_context *ssl, session->resumption_key_len); /* Set ticket_flags depends on the selected key exchange modes */ - mbedtls_ssl_session_set_ticket_flags( + mbedtls_ssl_tls13_session_set_ticket_flags( session, ssl->conf->tls13_kex_modes); MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags); diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index e5e510ba3..9f3b39897 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -175,11 +175,11 @@ static int ssl_tls13_offered_psks_check_identity_match_ticket( MBEDTLS_SSL_PRINT_TICKET_FLAGS(4, session->ticket_flags); key_exchanges = 0; - if (mbedtls_ssl_session_ticket_allow_psk_ephemeral(session) && + if (mbedtls_ssl_tls13_session_ticket_allow_psk_ephemeral(session) && ssl_tls13_key_exchange_is_psk_ephemeral_available(ssl)) { key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL; } - if (mbedtls_ssl_session_ticket_allow_psk(session) && + if (mbedtls_ssl_tls13_session_ticket_allow_psk(session) && ssl_tls13_key_exchange_is_psk_available(ssl)) { key_exchanges |= MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK; } @@ -1008,7 +1008,7 @@ static int ssl_tls13_ticket_is_kex_mode_permitted(mbedtls_ssl_context *ssl, { #if defined(MBEDTLS_SSL_SESSION_TICKETS) if (ssl->handshake->resume) { - if (!mbedtls_ssl_session_ticket_has_flags( + if (!mbedtls_ssl_tls13_session_ticket_has_flags( ssl->session_negotiate, kex_mode)) { return 0; } @@ -1845,7 +1845,7 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) } - if (!mbedtls_ssl_session_ticket_allow_early_data(ssl->session_negotiate)) { + if (!mbedtls_ssl_tls13_session_ticket_allow_early_data(ssl->session_negotiate)) { MBEDTLS_SSL_DEBUG_MSG( 1, ("EarlyData: rejected, early_data not allowed in ticket " @@ -3131,17 +3131,17 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl, #endif /* Set ticket_flags depends on the advertised psk key exchange mode */ - mbedtls_ssl_session_clear_ticket_flags( + mbedtls_ssl_tls13_session_clear_ticket_flags( session, MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK); #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED) - mbedtls_ssl_session_set_ticket_flags( + mbedtls_ssl_tls13_session_set_ticket_flags( session, ssl->handshake->tls13_kex_modes); #endif #if defined(MBEDTLS_SSL_EARLY_DATA) if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED && ssl->conf->max_early_data_size > 0) { - mbedtls_ssl_session_set_ticket_flags( + mbedtls_ssl_tls13_session_set_ticket_flags( session, MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA); } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -3321,7 +3321,7 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl, p += 2; #if defined(MBEDTLS_SSL_EARLY_DATA) - if (mbedtls_ssl_session_ticket_allow_early_data(session)) { + if (mbedtls_ssl_tls13_session_ticket_allow_early_data(session)) { size_t output_len; if ((ret = mbedtls_ssl_tls13_write_early_data_ext( From e9efbc2aa543e00fabe4904550fec8e69cf6e166 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Fri, 8 Dec 2023 16:59:08 +0800 Subject: [PATCH 1020/1674] Error out when get domain_parameters is not supported From time being, domain_parameters could not be extracted from driver. We need to return error to indicate this situation. This is temporary and would be fixed after #6494. Signed-off-by: Pengyu Lv --- library/psa_crypto.c | 6 ++++++ library/psa_crypto_client.c | 5 +++++ 2 files changed, 11 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 114994019..894167abd 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1400,6 +1400,12 @@ psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key, mbedtls_free(rsa); } break; +#else + case PSA_KEY_TYPE_RSA_KEY_PAIR: + case PSA_KEY_TYPE_RSA_PUBLIC_KEY: + attributes->domain_parameters = NULL; + attributes->domain_parameters_size = SIZE_MAX; + break; #endif /* (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \ * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ diff --git a/library/psa_crypto_client.c b/library/psa_crypto_client.c index 564463fed..472d3d31a 100644 --- a/library/psa_crypto_client.c +++ b/library/psa_crypto_client.c @@ -53,6 +53,11 @@ psa_status_t psa_get_key_domain_parameters( const psa_key_attributes_t *attributes, uint8_t *data, size_t data_size, size_t *data_length) { + if (attributes->domain_parameters == NULL && + attributes->domain_parameters_size == SIZE_MAX) { + return PSA_ERROR_NOT_SUPPORTED; + } + if (attributes->domain_parameters_size > data_size) { return PSA_ERROR_BUFFER_TOO_SMALL; } From d90fbf776941d66aeca66d0819eb3ec32044bd5e Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Fri, 8 Dec 2023 17:13:22 +0800 Subject: [PATCH 1021/1674] Adjuest checks in generate_key_rsa suite Signed-off-by: Pengyu Lv --- tests/suites/test_suite_psa_crypto.function | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 154d4150a..4c08a9017 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -9685,23 +9685,26 @@ void generate_key_rsa(int bits_arg, } /* Test the key information */ -#if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || \ - defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) PSA_ASSERT(psa_get_key_attributes(key, &attributes)); TEST_EQUAL(psa_get_key_type(&attributes), type); TEST_EQUAL(psa_get_key_bits(&attributes), bits); - PSA_ASSERT(psa_get_key_domain_parameters(&attributes, - e_read_buffer, e_read_size, - &e_read_length)); + psa_status_t status = psa_get_key_domain_parameters(&attributes, + e_read_buffer, e_read_size, + &e_read_length); + + +#if (defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_IMPORT) && \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_EXPORT)) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) if (is_default_public_exponent) { TEST_EQUAL(e_read_length, 0); } else { + TEST_EQUAL(status, PSA_SUCCESS); TEST_MEMORY_COMPARE(e_read_buffer, e_read_length, e_arg->x, e_arg->len); } #else - (void) e_read_length; (void) is_default_public_exponent; + TEST_EQUAL(status, PSA_ERROR_NOT_SUPPORTED); #endif /* Do something with the key according to its type and permitted usage. */ From f75893bb36162c424ae26151ac27c1cc20d3a230 Mon Sep 17 00:00:00 2001 From: Pengyu Lv Date: Fri, 8 Dec 2023 17:21:39 +0800 Subject: [PATCH 1022/1674] Update comments Signed-off-by: Pengyu Lv --- library/psa_crypto.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 894167abd..5455fa287 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1378,9 +1378,9 @@ psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key, defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) case PSA_KEY_TYPE_RSA_KEY_PAIR: case PSA_KEY_TYPE_RSA_PUBLIC_KEY: - /* TODO: reporting the public exponent for opaque keys - * is not yet implemented. - * https://github.com/ARMmbed/mbed-crypto/issues/216 + /* TODO: This is a temporary situation where domain parameters are deprecated, + * but we need it for namely generating an RSA key with a non-default exponent. + * This would be improved after https://github.com/Mbed-TLS/mbedtls/issues/6494. */ if (!psa_key_lifetime_is_external(slot->attr.lifetime)) { mbedtls_rsa_context *rsa = NULL; From f05b768457dd5088089391d3d350a74a53389ed9 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 8 Dec 2023 09:47:48 +0000 Subject: [PATCH 1023/1674] Use existing variable containing full path Signed-off-by: Thomas Daubney --- scripts/generate_driver_wrappers.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/generate_driver_wrappers.py b/scripts/generate_driver_wrappers.py index edd98a2de..624ab81df 100755 --- a/scripts/generate_driver_wrappers.py +++ b/scripts/generate_driver_wrappers.py @@ -181,7 +181,7 @@ def main() -> int: crypto_core_directory = build_tree.crypto_core_directory(project_root) output_directory = args.output_directory if args.output_directory is not None else \ - os.path.join(project_root, crypto_core_directory) + crypto_core_directory template_directory = args.template_dir if args.template_dir is not None else \ os.path.join(project_root, From aedfc0932b086e626948e3adbafb91afcb65a682 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Fri, 8 Dec 2023 10:42:08 +0000 Subject: [PATCH 1024/1674] Revert to ae952174a7 and addressing some comments Signed-off-by: Xiaokang Qian --- programs/ssl/ssl_client2.c | 83 +++++++------------------------ tests/opt-testcases/tls13-misc.sh | 4 +- 2 files changed, 19 insertions(+), 68 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index c15a75dcf..d2f47ff06 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -34,10 +34,6 @@ int main(void) #define MAX_REQUEST_SIZE 20000 #define MAX_REQUEST_SIZE_STR "20000" - -/* the max record size of TLS 1.3 is 2^14 */ -#define MAX_EARLY_DATA_CHUNK_SIZE 16384 - #define DFL_SERVER_NAME "localhost" #define DFL_SERVER_ADDR NULL #define DFL_SERVER_PORT "4433" @@ -56,8 +52,7 @@ int main(void) #define DFL_KEY_OPAQUE 0 #define DFL_KEY_PWD "" #define DFL_PSK "" -#define DFL_EARLY_DATA MBEDTLS_SSL_EARLY_DATA_DISABLED -#define DFL_EARLY_DATA_FILE "" +#define DFL_EARLY_DATA "" #define DFL_PSK_OPAQUE 0 #define DFL_PSK_IDENTITY "Client_identity" #define DFL_ECJPAKE_PW NULL @@ -352,11 +347,9 @@ int main(void) #if defined(MBEDTLS_SSL_EARLY_DATA) #define USAGE_EARLY_DATA \ - " early_data=%%d default: 0 (disabled)\n" \ - " options: 0 (disabled), 1 (enabled)\n" \ - " early_data_file=%%s The file path to read early data from\n" \ - " default: \"\" (do nothing)\n" \ - " option: a file path\n" + " early_data=%%s The file path to read early data from\n" \ + " default: \"\" (do nothing)\n" \ + " option: a file path\n" #else #define USAGE_EARLY_DATA "" #endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_PROTO_TLS1_3 */ @@ -551,8 +544,7 @@ struct options { int reproducible; /* make communication reproducible */ int skip_close_notify; /* skip sending the close_notify alert */ #if defined(MBEDTLS_SSL_EARLY_DATA) - int early_data; /* support for early data */ - const char *early_data_file; /* the path of the file to read early data from */ + const char *early_data; /* the path of the file to read early data from */ #endif int query_config_mode; /* whether to read config */ int use_srtp; /* Support SRTP */ @@ -725,29 +717,6 @@ exit: return ret; } -#if defined(MBEDTLS_SSL_EARLY_DATA) -int ssl_write_early_data(mbedtls_ssl_context *ssl, FILE *fp, - int *early_data_written) -{ - - /* TODO: Will add code of calling mbedtls_ssl_write_early_data() - * to write real early data. - */ - unsigned char early_data_buf[MAX_EARLY_DATA_CHUNK_SIZE]; - unsigned char *p_early_data_start = &early_data_buf[0]; - unsigned char *p_early_data_end = p_early_data_start + - MAX_EARLY_DATA_CHUNK_SIZE; - ((void) fp); - ((void) early_data_buf); - ((void) p_early_data_start); - ((void) p_early_data_end); - ((void) early_data_written); - - return mbedtls_ssl_handshake(ssl); - -} -#endif /* MBEDTLS_SSL_EARLY_DATA */ - int main(int argc, char *argv[]) { int ret = 0, len, tail_len, i, written, frags, retry_left; @@ -773,10 +742,6 @@ int main(int argc, char *argv[]) size_t cid_renego_len = 0; #endif -#if defined(MBEDTLS_SSL_EARLY_DATA) - FILE *early_data_fp = NULL; -#endif /* MBEDTLS_SSL_EARLY_DATA */ - #if defined(MBEDTLS_SSL_ALPN) const char *alpn_list[ALPN_LIST_SIZE]; #endif @@ -949,7 +914,6 @@ int main(int argc, char *argv[]) opt.sig_algs = DFL_SIG_ALGS; #if defined(MBEDTLS_SSL_EARLY_DATA) opt.early_data = DFL_EARLY_DATA; - opt.early_data_file = DFL_EARLY_DATA_FILE; #endif opt.transport = DFL_TRANSPORT; opt.hs_to_min = DFL_HS_TO_MIN; @@ -1233,23 +1197,7 @@ usage: #if defined(MBEDTLS_SSL_PROTO_TLS1_3) #if defined(MBEDTLS_SSL_EARLY_DATA) else if (strcmp(p, "early_data") == 0) { - switch (atoi(q)) { - case 0: - opt.early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED; - break; - case 1: - opt.early_data = MBEDTLS_SSL_EARLY_DATA_ENABLED; - break; - default: goto usage; - } - } else if (strcmp(p, "early_data_file") == 0) { - opt.early_data_file = q; - if ((early_data_fp = fopen(opt.early_data_file, "rb")) == NULL) { - mbedtls_printf("failed\n ! Cannot open '%s' for reading.\n", - opt.early_data_file); - ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; - goto exit; - } + opt.early_data = q; } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -2016,7 +1964,17 @@ usage: } #if defined(MBEDTLS_SSL_EARLY_DATA) - mbedtls_ssl_conf_early_data(&conf, opt.early_data); + int early_data_enabled = MBEDTLS_SSL_EARLY_DATA_DISABLED; + FILE *early_data_fp = NULL; + if (strlen(opt.early_data) > 0) { + if ((early_data_fp = fopen(opt.early_data, "rb")) == NULL) { + mbedtls_printf("failed\n ! Cannot open '%s' for reading.\n", + opt.early_data); + goto exit; + } + early_data_enabled = MBEDTLS_SSL_EARLY_DATA_ENABLED; + } + mbedtls_ssl_conf_early_data(&conf, early_data_enabled); #endif /* MBEDTLS_SSL_EARLY_DATA */ if ((ret = mbedtls_ssl_setup(&ssl, &conf)) != 0) { @@ -3041,14 +2999,7 @@ reconnect: goto exit; } -#if defined(MBEDTLS_SSL_EARLY_DATA) - - int early_data_written = 0; - while ((ret = ssl_write_early_data(&ssl, early_data_fp, - &early_data_written)) != 0) { -#else while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { -#endif if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE && ret != MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) { diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index 2fe81141c..cf8aa745a 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -263,7 +263,7 @@ requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ run_test "TLS 1.3 m->G: EarlyData: basic check, good" \ "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK \ --earlydata --maxearlydata 16384 --disable-client-cert" \ - "$P_CLI debug_level=4 early_data=1 early_data_file=$EARLY_DATA_INPUT reco_mode=1 reconnect=1 reco_delay=900" \ + "$P_CLI debug_level=4 early_data=$EARLY_DATA_INPUT reco_mode=1 reconnect=1 reco_delay=900" \ 0 \ -c "received max_early_data_size: 16384" \ -c "Reconnecting with saved session" \ @@ -287,7 +287,7 @@ requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED run_test "TLS 1.3 m->G: EarlyData: no early_data in NewSessionTicket, good" \ "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:+ECDHE-PSK:+PSK --disable-client-cert" \ - "$P_CLI debug_level=4 early_data=1 reco_mode=1 reconnect=1" \ + "$P_CLI debug_level=4 early_data=$EARLY_DATA_INPUT reco_mode=1 reconnect=1" \ 0 \ -c "Reconnecting with saved session" \ -C "NewSessionTicket: early_data(42) extension received." \ From e04a97a1eb3586e2cafb74fb744cc5b3205b5539 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Fri, 8 Dec 2023 18:27:48 +0000 Subject: [PATCH 1025/1674] Move MPI initialization to start of function This prevents a call to mbedtls_mpi_free() on uninitialized data when USE_PSA_INIT() fails. Signed-off-by: David Horstmann --- tests/suites/test_suite_x509write.function | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 4de9addca..b59fd48f3 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -665,13 +665,15 @@ void x509_set_serial_check() mbedtls_x509write_cert ctx; uint8_t invalid_serial[MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN + 1]; +#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi serial_mpi; + mbedtls_mpi_init(&serial_mpi); +#endif + USE_PSA_INIT(); memset(invalid_serial, 0x01, sizeof(invalid_serial)); #if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) - mbedtls_mpi serial_mpi; - - mbedtls_mpi_init(&serial_mpi); TEST_EQUAL(mbedtls_mpi_read_binary(&serial_mpi, invalid_serial, sizeof(invalid_serial)), 0); TEST_EQUAL(mbedtls_x509write_crt_set_serial(&ctx, &serial_mpi), From 656d4b3c748638ec024dc6182994c96d1f9522d9 Mon Sep 17 00:00:00 2001 From: Tom Cosgrove Date: Fri, 8 Dec 2023 21:51:15 +0000 Subject: [PATCH 1026/1674] Avoid use of `ip_len` as it clashes with a macro in AIX system headers Fixes #8624 Signed-off-by: Tom Cosgrove --- include/mbedtls/net_sockets.h | 4 ++-- library/net_sockets.c | 14 +++++++------- programs/x509/cert_req.c | 6 +++--- programs/x509/cert_write.c | 6 +++--- 4 files changed, 15 insertions(+), 15 deletions(-) diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h index 026f627ce..85c11971d 100644 --- a/include/mbedtls/net_sockets.h +++ b/include/mbedtls/net_sockets.h @@ -143,7 +143,7 @@ int mbedtls_net_bind(mbedtls_net_context *ctx, const char *bind_ip, const char * * \param client_ctx Will contain the connected client socket * \param client_ip Will contain the client IP address, can be NULL * \param buf_size Size of the client_ip buffer - * \param ip_len Will receive the size of the client IP written, + * \param cip_len Will receive the size of the client IP written, * can be NULL if client_ip is null * * \return 0 if successful, or @@ -156,7 +156,7 @@ int mbedtls_net_bind(mbedtls_net_context *ctx, const char *bind_ip, const char * */ int mbedtls_net_accept(mbedtls_net_context *bind_ctx, mbedtls_net_context *client_ctx, - void *client_ip, size_t buf_size, size_t *ip_len); + void *client_ip, size_t buf_size, size_t *cip_len); /** * \brief Check and wait for the context to be ready for read/write diff --git a/library/net_sockets.c b/library/net_sockets.c index 2b120c551..edec5876a 100644 --- a/library/net_sockets.c +++ b/library/net_sockets.c @@ -316,7 +316,7 @@ static int net_would_block(const mbedtls_net_context *ctx) */ int mbedtls_net_accept(mbedtls_net_context *bind_ctx, mbedtls_net_context *client_ctx, - void *client_ip, size_t buf_size, size_t *ip_len) + void *client_ip, size_t buf_size, size_t *cip_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int type; @@ -399,22 +399,22 @@ int mbedtls_net_accept(mbedtls_net_context *bind_ctx, if (client_ip != NULL) { if (client_addr.ss_family == AF_INET) { struct sockaddr_in *addr4 = (struct sockaddr_in *) &client_addr; - *ip_len = sizeof(addr4->sin_addr.s_addr); + *cip_len = sizeof(addr4->sin_addr.s_addr); - if (buf_size < *ip_len) { + if (buf_size < *cip_len) { return MBEDTLS_ERR_NET_BUFFER_TOO_SMALL; } - memcpy(client_ip, &addr4->sin_addr.s_addr, *ip_len); + memcpy(client_ip, &addr4->sin_addr.s_addr, *cip_len); } else { struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) &client_addr; - *ip_len = sizeof(addr6->sin6_addr.s6_addr); + *cip_len = sizeof(addr6->sin6_addr.s6_addr); - if (buf_size < *ip_len) { + if (buf_size < *cip_len) { return MBEDTLS_ERR_NET_BUFFER_TOO_SMALL; } - memcpy(client_ip, &addr6->sin6_addr.s6_addr, *ip_len); + memcpy(client_ip, &addr6->sin6_addr.s6_addr, *cip_len); } } diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c index 072441bef..6ae43a9d9 100644 --- a/programs/x509/cert_req.c +++ b/programs/x509/cert_req.c @@ -261,10 +261,10 @@ usage: } else if (strcmp(q, "DNS") == 0) { cur->node.type = MBEDTLS_X509_SAN_DNS_NAME; } else if (strcmp(q, "IP") == 0) { - size_t ip_len = 0; + size_t ip_addr_len = 0; cur->node.type = MBEDTLS_X509_SAN_IP_ADDRESS; - ip_len = mbedtls_x509_crt_parse_cn_inet_pton(subtype_value, ip); - if (ip_len == 0) { + ip_addr_len = mbedtls_x509_crt_parse_cn_inet_pton(subtype_value, ip); + if (ip_addr_len == 0) { mbedtls_printf("mbedtls_x509_crt_parse_cn_inet_pton failed to parse %s\n", subtype_value); goto exit; diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c index 8395f746f..bf25c4cbd 100644 --- a/programs/x509/cert_write.c +++ b/programs/x509/cert_write.c @@ -583,10 +583,10 @@ usage: } else if (strcmp(q, "DNS") == 0) { cur->node.type = MBEDTLS_X509_SAN_DNS_NAME; } else if (strcmp(q, "IP") == 0) { - size_t ip_len = 0; + size_t ip_addr_len = 0; cur->node.type = MBEDTLS_X509_SAN_IP_ADDRESS; - ip_len = mbedtls_x509_crt_parse_cn_inet_pton(subtype_value, ip); - if (ip_len == 0) { + ip_addr_len = mbedtls_x509_crt_parse_cn_inet_pton(subtype_value, ip); + if (ip_addr_len == 0) { mbedtls_printf("mbedtls_x509_crt_parse_cn_inet_pton failed to parse %s\n", subtype_value); goto exit; From a9581d2d5f83ef6b8d984ca997055b5310746911 Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Mon, 11 Dec 2023 01:50:34 +0000 Subject: [PATCH 1027/1674] Fix CI failure of uninitialized fp Signed-off-by: Xiaokang Qian --- programs/ssl/ssl_client2.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index d2f47ff06..1b3dedb22 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -742,6 +742,10 @@ int main(int argc, char *argv[]) size_t cid_renego_len = 0; #endif +#if defined(MBEDTLS_SSL_EARLY_DATA) + FILE *early_data_fp = NULL; +#endif /* MBEDTLS_SSL_EARLY_DATA */ + #if defined(MBEDTLS_SSL_ALPN) const char *alpn_list[ALPN_LIST_SIZE]; #endif @@ -1965,7 +1969,6 @@ usage: #if defined(MBEDTLS_SSL_EARLY_DATA) int early_data_enabled = MBEDTLS_SSL_EARLY_DATA_DISABLED; - FILE *early_data_fp = NULL; if (strlen(opt.early_data) > 0) { if ((early_data_fp = fopen(opt.early_data, "rb")) == NULL) { mbedtls_printf("failed\n ! Cannot open '%s' for reading.\n", From c5b7285da99abc3ca65991d3fd4f87201a30d43e Mon Sep 17 00:00:00 2001 From: Joakim Andersson Date: Mon, 11 Dec 2023 21:25:44 +0100 Subject: [PATCH 1028/1674] library: Remove unused psa_crypto_core.h include Remove unused psa_crypto_core.h include. The PSA util file provides helper functions when using the PSA API. It should not rely on PSA internal headers, and instead only use public headers. Signed-off-by: Joakim Andersson --- library/psa_util.c | 1 - 1 file changed, 1 deletion(-) diff --git a/library/psa_util.c b/library/psa_util.c index 0225bbf02..b462d1859 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -12,7 +12,6 @@ #include -#include "psa_crypto_core.h" #include "psa_util_internal.h" /* The following includes are needed for MBEDTLS_ERR_XXX macros */ From 0308d79a340b88463610afa5af3703258fb2d10e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 12 Dec 2023 19:20:30 +0100 Subject: [PATCH 1029/1674] Fix some MAC-related function names Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index acfd64ab1..7e3eceb90 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -427,7 +427,7 @@ The PSA API does have a direct interface for the AES-CMAC-PRF-128 from RFC 4615 ### Hash mechanism selection -The equivalent to `mbedtls_md_type_t` and `MBEDTLS_MD` constants is the type `psa_algorithm_t` and `PSA_ALG_xxx` constants (the type encompasses all categories of cryptographic algorithms, not just hashes). PSA offers a similar selection of algorithms, but note that SHA-1 and SHA-2 are spelled slightly differently. +The equivalent to `mbedtls_md_type_t` and `MBEDTLS_MD_XXX` constants is the type `psa_algorithm_t` and `PSA_ALG_xxx` constants (the type encompasses all categories of cryptographic algorithms, not just hashes). PSA offers a similar selection of algorithms, but note that SHA-1 and SHA-2 are spelled slightly differently. | Mbed TLS constant | PSA constant | | ---------------------- | ------------------- | @@ -574,7 +574,7 @@ To verify a MAC against an expected value, use the following process instead: If you need to interrupt the operation after calling the setup function without calling the finish function, call [`psa_mac_abort`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gacd8dd54855ba1bc0a03f104f252884fd). -The PSA API also offers functions for a one-shot MAC calculation, similar to `mbedtls_cipher_cmac`: +The PSA API also offers functions for a one-shot MAC calculation, similar to `mbedtls_cipher_cmac` and `mbedtls_md_hmac`: * [`psa_mac_compute`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gabf02ebd3595ea15436967092b5d52878) to calculate the MAC of a buffer in memory. * [`psa_mac_verify`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group___m_a_c/#group___m_a_c_1gaf6988545df5d5e2466c34d753443b15a) to verify the MAC of a buffer in memory against an expected value. From 5feac959a5f18af7f6de9f8634179de30418b0f2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 12 Dec 2023 19:20:45 +0100 Subject: [PATCH 1030/1674] Correct and clarify discussion of AES-CMAC-PRF-128 Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 7e3eceb90..8cb94ccd5 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -423,7 +423,7 @@ There is no equivalent for the `mbedtls_cipher_get_xxx` functions to extract inf The PSA API groups functions by purpose rather than by underlying primitive: there is a MAC API (equivalent to `md.h` for HMAC, and `cmac.h` for CMAC) and a hash API (equivalent to `md.h` for hashing). There is no special API for a particular hash algorithm (`md5.h`, `sha1.h`, `sha256.h`, `sha512.h`, `sha3.h`). To migrate code using those low-level modules, please follow the recommendations in the following section, using the same principles as the corresponding `md.h` API. -The PSA API does have a direct interface for the AES-CMAC-PRF-128 from RFC 4615 at the time of writing. You can calculate it using the interface to AES-CMAC. +The PSA API does not have a direct interface for the AES-CMAC-PRF-128 algorithm from RFC 4615 calculated by `mbedtls_aes_cmac_prf_128` at the time of writing. You can implement it using the MAC interface with an AES key and the CMAC algorithm. ### Hash mechanism selection From 1ef1eb234fe18b2dfeedde4e524eb6688c1e23e3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 13 Dec 2023 11:09:47 +0100 Subject: [PATCH 1031/1674] Clarify psa_constant_names Signed-off-by: Gilles Peskine --- docs/psa-transition.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 8cb94ccd5..067ffafbd 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -240,7 +240,7 @@ There is currently [no PSA equivalent to the self-tests](https://github.com/Mbed ### Error messages -At the time of writing, there is no equivalent to the error messages provided by `mbedtls_strerror`. However, you can use the companion program `programs/psa/psa_constant_names` to convert various numbers (`psa_status_t`, `psa_algorithm_t`, `psa_key_type_t`, `psa_ecc_family_t`, `psa_dh_family_t`, `psa_key_usage_t`) to their input representation. The conversion doesn't depend on the library configuration or the target platform, so you can use a native build of this program even if you cross-compile your application. +At the time of writing, there is no equivalent to the error messages provided by `mbedtls_strerror`. However, you can use the companion program `programs/psa/psa_constant_names` to convert various numbers (`psa_status_t`, `psa_algorithm_t`, `psa_key_type_t`, `psa_ecc_family_t`, `psa_dh_family_t`, `psa_key_usage_t`) to a programmer-friendly representation. The conversion doesn't depend on the library configuration or the target platform, so you can use a native build of this program even if you cross-compile your application. ``` $ programs/psa/psa_constant_names error -138 From 4dde0b293cd84dd0eff77a1d6d5f9387a55f8a46 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 14 Dec 2023 12:09:38 +0100 Subject: [PATCH 1032/1674] md-cipher-dispatch: editorial improvements MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fix a typo, add a reference. Signed-off-by: Manuel Pégourié-Gonnard --- docs/architecture/psa-migration/md-cipher-dispatch.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index bc92d00b3..430b0caec 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -358,7 +358,7 @@ The two AEAD modes, GCM and CCM, have very similar needs and positions in the st - CTR-DRBG holds a special position in the stack: most users don't care about it per se, they only care about getting random numbers - in fact PSA users don't even need to know what DRBG is used. In particular, no part of the stack is asking questions like "is CTR-DRBG-AES available?" - an RNG needs to be available and that's it - contrary to similar questions about AES-GCM etc. which are asked for example by TLS. So, it makes sense to use different designs for CTR-DRBG on one hand, and GCM/CCM on the other hand: -- CTR-DRBG can just check if `AES_C` is present and "fall back" to PSA is not. +- CTR-DRBG can just check if `AES_C` is present and "fall back" to PSA if not. - GCM and CCM need an common abstraction layer that allows: - Using AES, Aria or Camellia in a uniform way. - Dispatching to built-in or driver. @@ -379,7 +379,7 @@ Those costs could be avoided by refactoring (parts of) Cipher, but that would pr - significant differences in how the `cipher.h` API is implemented between builds with the full Cipher or only a subset; - or more work to apply the simplifications to all of Cipher. -Prototyping both approaches showed better code size savings and cleaner code with a new internal module. +Prototyping both approaches showed better code size savings and cleaner code with a new internal module (see section "Internal "block cipher" abstraction (Cipher light)" below). ## Specification From f3c04f3f47c242924a9927c6c411bb5464aa1107 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 5 Dec 2023 12:06:11 +0000 Subject: [PATCH 1033/1674] Better definition of MBEDTLS_IS_BIG_ENDIAN for IAR Signed-off-by: Dave Rodgman --- library/alignment.h | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/library/alignment.h b/library/alignment.h index 4aab8e027..634d61046 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -224,10 +224,25 @@ static inline uint64_t mbedtls_bswap64(uint64_t x) #endif /* !defined(MBEDTLS_BSWAP64) */ #if !defined(__BYTE_ORDER__) + +#if defined(__LITTLE_ENDIAN__) +/* IAR defines __xxx_ENDIAN__, but not __BYTE_ORDER__ */ +#define MBEDTLS_IS_BIG_ENDIAN 0 +#elif defined(__BIG_ENDIAN__) +#define MBEDTLS_IS_BIG_ENDIAN 1 +#else static const uint16_t mbedtls_byte_order_detector = { 0x100 }; #define MBEDTLS_IS_BIG_ENDIAN (*((unsigned char *) (&mbedtls_byte_order_detector)) == 0x01) +#endif + #else -#define MBEDTLS_IS_BIG_ENDIAN ((__BYTE_ORDER__) == (__ORDER_BIG_ENDIAN__)) + +#if (__BYTE_ORDER__) == (__ORDER_BIG_ENDIAN__) +#define MBEDTLS_IS_BIG_ENDIAN 1 +#else +#define MBEDTLS_IS_BIG_ENDIAN 0 +#endif + #endif /* !defined(__BYTE_ORDER__) */ /** From 650674bb41f2147be7eeb1d25913e45aa0dc4b39 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 5 Dec 2023 12:16:48 +0000 Subject: [PATCH 1034/1674] Add MBEDTLS_BSWAPxx intrinsics for IAR Signed-off-by: Dave Rodgman --- library/alignment.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/library/alignment.h b/library/alignment.h index 634d61046..9e1e044ec 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -180,6 +180,16 @@ inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x) #define MBEDTLS_BSWAP32 __rev #endif +/* Detect IAR built-in byteswap routine */ +#if defined(__IAR_SYSTEMS_ICC__) +#if defined(__ARM_ACLE) +#include +#define MBEDTLS_BSWAP16(x) ((uint16_t) __rev16((uint32_t) (x))) +#define MBEDTLS_BSWAP32 __rev +#define MBEDTLS_BSWAP64 __revll +#endif +#endif + /* * Where compiler built-ins are not present, fall back to C code that the * compiler may be able to detect and transform into the relevant bswap or From 69928dbe86cefd1640b2fa08f6f8d896bde255d3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 14 Dec 2023 12:09:18 +0000 Subject: [PATCH 1035/1674] Fix compile warning from IAR Signed-off-by: Dave Rodgman --- library/ccm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ccm.c b/library/ccm.c index 6700dc743..6b137d7bf 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -91,7 +91,7 @@ int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, } #endif - return 0; + return ret; } /* From b349108b99283cf5afadb0a432d186ad18612302 Mon Sep 17 00:00:00 2001 From: Joakim Andersson Date: Mon, 11 Dec 2023 21:29:19 +0100 Subject: [PATCH 1036/1674] library: Move mbedtls_ecc helper functions to psa_util Move the mbedtls_ecc helper functions from psa_core to psa_util. These files are not implemented as part of the PSA API and should not be part of the PSA crypto implementation. Signed-off-by: Joakim Andersson --- include/mbedtls/psa_util.h | 50 +++++++++++ include/psa/crypto_extra.h | 47 ---------- library/psa_crypto.c | 175 ------------------------------------- library/psa_util.c | 174 ++++++++++++++++++++++++++++++++++++ 4 files changed, 224 insertions(+), 222 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 643e8aac4..5f6a05315 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -14,6 +14,8 @@ #include "mbedtls/build_info.h" +#include "psa/crypto.h" + #if defined(MBEDTLS_PSA_CRYPTO_C) /* Expose whatever RNG the PSA subsystem uses to applications using the @@ -100,5 +102,53 @@ extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state; #endif /* !defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) */ +/** \defgroup psa_tls_helpers TLS helper functions + * @{ + */ +#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +#include + +/** Convert an ECC curve identifier from the Mbed TLS encoding to PSA. + * + * \note This function is provided solely for the convenience of + * Mbed TLS and may be removed at any time without notice. + * + * \param grpid An Mbed TLS elliptic curve identifier + * (`MBEDTLS_ECP_DP_xxx`). + * \param[out] bits On success, the bit size of the curve. + * + * \return The corresponding PSA elliptic curve identifier + * (`PSA_ECC_FAMILY_xxx`). + * \return \c 0 on failure (\p grpid is not recognized). + */ +psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, + size_t *bits); + +/** Convert an ECC curve identifier from the PSA encoding to Mbed TLS. + * + * \note This function is provided solely for the convenience of + * Mbed TLS and may be removed at any time without notice. + * + * \param curve A PSA elliptic curve identifier + * (`PSA_ECC_FAMILY_xxx`). + * \param bits The bit-length of a private key on \p curve. + * \param bits_is_sloppy If true, \p bits may be the bit-length rounded up + * to the nearest multiple of 8. This allows the caller + * to infer the exact curve from the length of a key + * which is supplied as a byte string. + * + * \return The corresponding Mbed TLS elliptic curve identifier + * (`MBEDTLS_ECP_DP_xxx`). + * \return #MBEDTLS_ECP_DP_NONE if \c curve is not recognized. + * \return #MBEDTLS_ECP_DP_NONE if \p bits is not + * correct for \p curve. + */ +mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, + size_t bits, + int bits_is_sloppy); +#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ + +/**@}*/ + #endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_PSA_UTIL_H */ diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index ef29b77db..f7207a1be 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -557,53 +557,6 @@ psa_status_t psa_get_key_domain_parameters( /**@}*/ -/** \defgroup psa_tls_helpers TLS helper functions - * @{ - */ -#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) -#include - -/** Convert an ECC curve identifier from the Mbed TLS encoding to PSA. - * - * \note This function is provided solely for the convenience of - * Mbed TLS and may be removed at any time without notice. - * - * \param grpid An Mbed TLS elliptic curve identifier - * (`MBEDTLS_ECP_DP_xxx`). - * \param[out] bits On success, the bit size of the curve. - * - * \return The corresponding PSA elliptic curve identifier - * (`PSA_ECC_FAMILY_xxx`). - * \return \c 0 on failure (\p grpid is not recognized). - */ -psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, - size_t *bits); - -/** Convert an ECC curve identifier from the PSA encoding to Mbed TLS. - * - * \note This function is provided solely for the convenience of - * Mbed TLS and may be removed at any time without notice. - * - * \param curve A PSA elliptic curve identifier - * (`PSA_ECC_FAMILY_xxx`). - * \param bits The bit-length of a private key on \p curve. - * \param bits_is_sloppy If true, \p bits may be the bit-length rounded up - * to the nearest multiple of 8. This allows the caller - * to infer the exact curve from the length of a key - * which is supplied as a byte string. - * - * \return The corresponding Mbed TLS elliptic curve identifier - * (`MBEDTLS_ECP_DP_xxx`). - * \return #MBEDTLS_ECP_DP_NONE if \c curve is not recognized. - * \return #MBEDTLS_ECP_DP_NONE if \p bits is not - * correct for \p curve. - */ -mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, - size_t bits, - int bits_is_sloppy); -#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ - -/**@}*/ /** \defgroup psa_external_rng External random generator * @{ diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c90119fe4..692da9f55 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -408,181 +408,6 @@ static void psa_wipe_tag_output_buffer(uint8_t *output_buffer, psa_status_t stat } - - -/****************************************************************/ -/* Key management */ -/****************************************************************/ - -#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) -psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, - size_t *bits) -{ - switch (grpid) { -#if defined(MBEDTLS_ECP_HAVE_SECP192R1) - case MBEDTLS_ECP_DP_SECP192R1: - *bits = 192; - return PSA_ECC_FAMILY_SECP_R1; -#endif -#if defined(MBEDTLS_ECP_HAVE_SECP224R1) - case MBEDTLS_ECP_DP_SECP224R1: - *bits = 224; - return PSA_ECC_FAMILY_SECP_R1; -#endif -#if defined(MBEDTLS_ECP_HAVE_SECP256R1) - case MBEDTLS_ECP_DP_SECP256R1: - *bits = 256; - return PSA_ECC_FAMILY_SECP_R1; -#endif -#if defined(MBEDTLS_ECP_HAVE_SECP384R1) - case MBEDTLS_ECP_DP_SECP384R1: - *bits = 384; - return PSA_ECC_FAMILY_SECP_R1; -#endif -#if defined(MBEDTLS_ECP_HAVE_SECP521R1) - case MBEDTLS_ECP_DP_SECP521R1: - *bits = 521; - return PSA_ECC_FAMILY_SECP_R1; -#endif -#if defined(MBEDTLS_ECP_HAVE_BP256R1) - case MBEDTLS_ECP_DP_BP256R1: - *bits = 256; - return PSA_ECC_FAMILY_BRAINPOOL_P_R1; -#endif -#if defined(MBEDTLS_ECP_HAVE_BP384R1) - case MBEDTLS_ECP_DP_BP384R1: - *bits = 384; - return PSA_ECC_FAMILY_BRAINPOOL_P_R1; -#endif -#if defined(MBEDTLS_ECP_HAVE_BP512R1) - case MBEDTLS_ECP_DP_BP512R1: - *bits = 512; - return PSA_ECC_FAMILY_BRAINPOOL_P_R1; -#endif -#if defined(MBEDTLS_ECP_HAVE_CURVE25519) - case MBEDTLS_ECP_DP_CURVE25519: - *bits = 255; - return PSA_ECC_FAMILY_MONTGOMERY; -#endif -#if defined(MBEDTLS_ECP_HAVE_SECP192K1) - case MBEDTLS_ECP_DP_SECP192K1: - *bits = 192; - return PSA_ECC_FAMILY_SECP_K1; -#endif -#if defined(MBEDTLS_ECP_HAVE_SECP224K1) - case MBEDTLS_ECP_DP_SECP224K1: - *bits = 224; - return PSA_ECC_FAMILY_SECP_K1; -#endif -#if defined(MBEDTLS_ECP_HAVE_SECP256K1) - case MBEDTLS_ECP_DP_SECP256K1: - *bits = 256; - return PSA_ECC_FAMILY_SECP_K1; -#endif -#if defined(MBEDTLS_ECP_HAVE_CURVE448) - case MBEDTLS_ECP_DP_CURVE448: - *bits = 448; - return PSA_ECC_FAMILY_MONTGOMERY; -#endif - default: - *bits = 0; - return 0; - } -} - -mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, - size_t bits, - int bits_is_sloppy) -{ - switch (curve) { - case PSA_ECC_FAMILY_SECP_R1: - switch (bits) { -#if defined(PSA_WANT_ECC_SECP_R1_192) - case 192: - return MBEDTLS_ECP_DP_SECP192R1; -#endif -#if defined(PSA_WANT_ECC_SECP_R1_224) - case 224: - return MBEDTLS_ECP_DP_SECP224R1; -#endif -#if defined(PSA_WANT_ECC_SECP_R1_256) - case 256: - return MBEDTLS_ECP_DP_SECP256R1; -#endif -#if defined(PSA_WANT_ECC_SECP_R1_384) - case 384: - return MBEDTLS_ECP_DP_SECP384R1; -#endif -#if defined(PSA_WANT_ECC_SECP_R1_521) - case 521: - return MBEDTLS_ECP_DP_SECP521R1; - case 528: - if (bits_is_sloppy) { - return MBEDTLS_ECP_DP_SECP521R1; - } - break; -#endif - } - break; - - case PSA_ECC_FAMILY_BRAINPOOL_P_R1: - switch (bits) { -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) - case 256: - return MBEDTLS_ECP_DP_BP256R1; -#endif -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) - case 384: - return MBEDTLS_ECP_DP_BP384R1; -#endif -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) - case 512: - return MBEDTLS_ECP_DP_BP512R1; -#endif - } - break; - - case PSA_ECC_FAMILY_MONTGOMERY: - switch (bits) { -#if defined(PSA_WANT_ECC_MONTGOMERY_255) - case 255: - return MBEDTLS_ECP_DP_CURVE25519; - case 256: - if (bits_is_sloppy) { - return MBEDTLS_ECP_DP_CURVE25519; - } - break; -#endif -#if defined(PSA_WANT_ECC_MONTGOMERY_448) - case 448: - return MBEDTLS_ECP_DP_CURVE448; -#endif - } - break; - - case PSA_ECC_FAMILY_SECP_K1: - switch (bits) { -#if defined(PSA_WANT_ECC_SECP_K1_192) - case 192: - return MBEDTLS_ECP_DP_SECP192K1; -#endif -#if defined(PSA_WANT_ECC_SECP_K1_224) - case 224: - return MBEDTLS_ECP_DP_SECP224K1; -#endif -#if defined(PSA_WANT_ECC_SECP_K1_256) - case 256: - return MBEDTLS_ECP_DP_SECP256K1; -#endif - } - break; - } - - (void) bits_is_sloppy; - return MBEDTLS_ECP_DP_NONE; -} -#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ - psa_status_t psa_validate_unstructured_key_bit_size(psa_key_type_t type, size_t bits) { diff --git a/library/psa_util.c b/library/psa_util.c index b462d1859..9b06de273 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -156,4 +156,178 @@ int psa_pk_status_to_mbedtls(psa_status_t status) } } #endif /* MBEDTLS_PK_C */ + +/****************************************************************/ +/* Key management */ +/****************************************************************/ + +#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, + size_t *bits) +{ + switch (grpid) { +#if defined(MBEDTLS_ECP_HAVE_SECP192R1) + case MBEDTLS_ECP_DP_SECP192R1: + *bits = 192; + return PSA_ECC_FAMILY_SECP_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_SECP224R1) + case MBEDTLS_ECP_DP_SECP224R1: + *bits = 224; + return PSA_ECC_FAMILY_SECP_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_SECP256R1) + case MBEDTLS_ECP_DP_SECP256R1: + *bits = 256; + return PSA_ECC_FAMILY_SECP_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_SECP384R1) + case MBEDTLS_ECP_DP_SECP384R1: + *bits = 384; + return PSA_ECC_FAMILY_SECP_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_SECP521R1) + case MBEDTLS_ECP_DP_SECP521R1: + *bits = 521; + return PSA_ECC_FAMILY_SECP_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_BP256R1) + case MBEDTLS_ECP_DP_BP256R1: + *bits = 256; + return PSA_ECC_FAMILY_BRAINPOOL_P_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_BP384R1) + case MBEDTLS_ECP_DP_BP384R1: + *bits = 384; + return PSA_ECC_FAMILY_BRAINPOOL_P_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_BP512R1) + case MBEDTLS_ECP_DP_BP512R1: + *bits = 512; + return PSA_ECC_FAMILY_BRAINPOOL_P_R1; +#endif +#if defined(MBEDTLS_ECP_HAVE_CURVE25519) + case MBEDTLS_ECP_DP_CURVE25519: + *bits = 255; + return PSA_ECC_FAMILY_MONTGOMERY; +#endif +#if defined(MBEDTLS_ECP_HAVE_SECP192K1) + case MBEDTLS_ECP_DP_SECP192K1: + *bits = 192; + return PSA_ECC_FAMILY_SECP_K1; +#endif +#if defined(MBEDTLS_ECP_HAVE_SECP224K1) + case MBEDTLS_ECP_DP_SECP224K1: + *bits = 224; + return PSA_ECC_FAMILY_SECP_K1; +#endif +#if defined(MBEDTLS_ECP_HAVE_SECP256K1) + case MBEDTLS_ECP_DP_SECP256K1: + *bits = 256; + return PSA_ECC_FAMILY_SECP_K1; +#endif +#if defined(MBEDTLS_ECP_HAVE_CURVE448) + case MBEDTLS_ECP_DP_CURVE448: + *bits = 448; + return PSA_ECC_FAMILY_MONTGOMERY; +#endif + default: + *bits = 0; + return 0; + } +} + +mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, + size_t bits, + int bits_is_sloppy) +{ + switch (curve) { + case PSA_ECC_FAMILY_SECP_R1: + switch (bits) { +#if defined(PSA_WANT_ECC_SECP_R1_192) + case 192: + return MBEDTLS_ECP_DP_SECP192R1; +#endif +#if defined(PSA_WANT_ECC_SECP_R1_224) + case 224: + return MBEDTLS_ECP_DP_SECP224R1; +#endif +#if defined(PSA_WANT_ECC_SECP_R1_256) + case 256: + return MBEDTLS_ECP_DP_SECP256R1; +#endif +#if defined(PSA_WANT_ECC_SECP_R1_384) + case 384: + return MBEDTLS_ECP_DP_SECP384R1; +#endif +#if defined(PSA_WANT_ECC_SECP_R1_521) + case 521: + return MBEDTLS_ECP_DP_SECP521R1; + case 528: + if (bits_is_sloppy) { + return MBEDTLS_ECP_DP_SECP521R1; + } + break; +#endif + } + break; + + case PSA_ECC_FAMILY_BRAINPOOL_P_R1: + switch (bits) { +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) + case 256: + return MBEDTLS_ECP_DP_BP256R1; +#endif +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) + case 384: + return MBEDTLS_ECP_DP_BP384R1; +#endif +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) + case 512: + return MBEDTLS_ECP_DP_BP512R1; +#endif + } + break; + + case PSA_ECC_FAMILY_MONTGOMERY: + switch (bits) { +#if defined(PSA_WANT_ECC_MONTGOMERY_255) + case 255: + return MBEDTLS_ECP_DP_CURVE25519; + case 256: + if (bits_is_sloppy) { + return MBEDTLS_ECP_DP_CURVE25519; + } + break; +#endif +#if defined(PSA_WANT_ECC_MONTGOMERY_448) + case 448: + return MBEDTLS_ECP_DP_CURVE448; +#endif + } + break; + + case PSA_ECC_FAMILY_SECP_K1: + switch (bits) { +#if defined(PSA_WANT_ECC_SECP_K1_192) + case 192: + return MBEDTLS_ECP_DP_SECP192K1; +#endif +#if defined(PSA_WANT_ECC_SECP_K1_224) + case 224: + return MBEDTLS_ECP_DP_SECP224K1; +#endif +#if defined(PSA_WANT_ECC_SECP_K1_256) + case 256: + return MBEDTLS_ECP_DP_SECP256K1; +#endif + } + break; + } + + (void) bits_is_sloppy; + return MBEDTLS_ECP_DP_NONE; +} +#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ + #endif /* MBEDTLS_PSA_CRYPTO_C */ From b461b8731c5549c5fb5e20f4c7f80ab8e40973bd Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 14 Dec 2023 14:40:36 +0000 Subject: [PATCH 1037/1674] Change how the state transition diagram is stored Store the source of the diagram as a url instead of an xml file. Signed-off-by: Ryan Everett --- .../key-slot-state-transitions.drawio | 183 ------------------ .../psa-thread-safety/psa-thread-safety.md | 6 + 2 files changed, 6 insertions(+), 183 deletions(-) delete mode 100644 docs/architecture/psa-thread-safety/key-slot-state-transitions.drawio diff --git a/docs/architecture/psa-thread-safety/key-slot-state-transitions.drawio b/docs/architecture/psa-thread-safety/key-slot-state-transitions.drawio deleted file mode 100644 index 5da2a7fcc..000000000 --- a/docs/architecture/psa-thread-safety/key-slot-state-transitions.drawio +++ /dev/null @@ -1,183 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/docs/architecture/psa-thread-safety/psa-thread-safety.md b/docs/architecture/psa-thread-safety/psa-thread-safety.md index 97273f387..d8256b5c5 100644 --- a/docs/architecture/psa-thread-safety/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety/psa-thread-safety.md @@ -296,6 +296,12 @@ Library functions which operate on a slot will return `PSA_ERROR_BAD_STATE` if t A state transition diagram can be found in docs/architecture/psa-thread-safety/key-slot-state-transitions.jpg. In this diagram, an arrow between two states `q1` and `q2` with label `f` indicates that if the state of a slot is `q1` immediately before `f`'s linearization point, it may be `q2` immediately after `f`'s linearization point. The linearization point of a state changing call to a function must be a call to `psa_slot_state_transition`. +#### Generating the state transition diagram from source + +To generate the state transition diagram in https://app.diagrams.net/, open the following url: + +https://viewer.diagrams.net/?tags=%7B%7D&highlight=FFFFFF&edit=_blank&layers=1&nav=1&title=key-slot-state-transitions#R5Vxbd5s4EP4t%2B%2BDH5iAJcXms4ySbrdtNT7qX9MWHgGyrxcABHNv59SsM2EhgDBhs3PVL0CANoBl9fDMaMkC3i%2FWDb3jzz65F7AGUrPUAjQYQAqBh9ieSbGKJIqFYMPOplXTaC57pO0mEUiJdUosEXMfQde2QerzQdB2HmCEnM3zfXfHdpq7NX9UzZiQneDYNOy%2F9h1rhPJZqUN3Lfyd0Nk%2BvDBQ9PrMw0s7JkwRzw3JXGRG6G6Bb33XD%2BGixviV2NHnpvMTj7g%2Bc3d2YT5ywyoDv4H08%2Ffvxj9VX3XGGw5cf3o9PHxJjvBn2MnngAVRspm9o0Td2OIsO7%2F8aj1Mx0585U9B5bgQTnxgW8YP07Ksv9he1bOcn3KSTzm6c2Zc1hqs5DcmzZ5jRmRVzsegK4cJmLcAOjcCLjT6la2LtVGUnJZmnN%2BKHZJ0RJZP0QNwFCf0N65KclbXEYDuPTdqrjP0T0Txj%2BlRmJB4322neG4UdJHapYSMACowkzphjfYy8nbVM2wgCavIT5btLx4pmaCSxFpscf%2FNvcmrbeMk2Rutsv9Emba1puBvEjl8y8v2QqJGOOGiNwF36Jjnul6Hhz0hY0k%2BO%2BxGLW8V522Zshwtsl8p8YhshfePXfpFBkys8uZQ92UHXwYrgE%2FFzJ6Oya1VUpOo3euancWplJKiNpymnduttu0k4wQFhzgGXjk9mNAiJv13seX9kBhkbr%2BxlwK9Xm86cyEeZQxCfCaJlSRnafkxOLKhlRTqGPgnou%2FG61Re5khc93PZx8XCAR4XOVb56RADYvTOSq3CwXAQM0g2UVJ2zxAd4mt%2BkaoAwxJ1OA9KNLasA%2Ft3np28v14nevQNvvXXwTmBYysAwKIXhHdxLWbiXjsB9c%2FCGFcEb9Au8ec%2FJgWxl7D7yDugYrFO6mXE4LzAmU4Pak59kMzEZXofUdfoM2ema6SNkJ5ohp1Qc3x1%2B51%2FF94%2Fj8eOXh17DMFIuDMNyldderTjnt18u0Lm4kXAVIz3dfRlt3b2inUZ347tvj39%2BuU4b9Y7PqF3RmepRZbPotTmdSdNOx%2BgM7BWdgRJ7%2BWkyVAGLJmWs8G9BLCs3KsAq1FTMGkhQX5XrAEUgTfJ5yY5WyHXYFSdk4YWbLeEJbDfsMdlJF1Qfuc5OjXwuegOKXtTt48sNbhIwxaMuGjL1K98VYYwkpRijMDjg0QBEWawUZJAmqc1QRpYElGG%2BjgSX7DoFVow0U%2BrQYH41cVW6uE7Gmg%2FM7rKu8mCDWvEpRSvUegboKaKfgi3Npf%2B2RZaYbZwv51492dMcg6rm3FGvMEhWMecwitowb4MVQZHIoQ9ADPMBY5PplizPwzes82imSlL5fUGhPzjSX9bK9LOD%2BI6bLp7RUDYBfTA9%2B50sH%2Bkz%2Fvi0rha6CVsGFQO4lNEZjjWxXfNnhtTV0GDabkCiobVGeUtm8uyo%2BtFjf9A%2FtVEb6A%2BQxntZO1k1nr5CfC7sR0X74K3QzixwVwxrMzyz2zy9XBHw%2B5WnhyrkvATjhoAPDuVWzsQpUVGsUwhDFglC392cDl%2FNoPKKQW%2B3sFsIr2VN4eObdGGc6NA7ZN5wINg96smXYLzH4Kw%2BcB4EwJ4AFiN8mVwb0gBnbaSCorO12ausZtJ9CtDrXKQjZouQVn7P4l2iI8wWl%2BrvhtnmCyaup%2FZFbo3ysXgfC47bEvh1kVosNGT7OxeXxrfWCB7sFV4iIeDFTSsxkCrkDStG9G153HXtTpQumlZiRl3YhGqLPqV5zS5ThoWzc5barsqbFTwMdbhZUTVRiHsNKwpoCitChZfSXTluMSMprvDigsTeAkprpV0RoECekbQVj%2FH7Gl2UdhXb9Ux1%2FsehoQkMNYcTXBFO%2BhXVwQNp%2BdpwAgWWonRXMFrsdrDA7XKJoVzQUyOhtKIeyWXtryOpVL5Q26jZ2H0h1y6IAXQhEMuT3pwlz55TOohNfcESIXHSeA8TbbNAGpahrMs6RBoS9XL1GrAS0NRNA7GnyV4F6PxNqBK6UaG0%2B6HyJwJ6qTIA6ijDze%2Bso%2BxSPoToZXqpfK3%2Fz9JLT3S5Hk%2FhRNNmX9%2B%2B338yHccr%2FLCqHfLGFaE1%2BkizM%2BpWtTS2X2VrSKgnw2JeqDLc4iOZqvaoW6HPVWJuEQOzXcOaeMQPIlxxwi0ZY%2Ffk1q%2Bj2Gp6XVI7pM4JakoLOq6DGpaiQAuIiGVQGIie6Pxnq6mAl6wJqu9Cv9g3mFVT%2F1WL%2Bfa74OmW%2Brk2T%2Fnkbu4Lg8pFxIKiqtUee0WnLBnW3P%2Bnj7j7%2Fv%2BloLv%2FAA%3D%3D + #### Destruction of a key in use Problem: In [Key destruction long-term requirements](#key-destruction-long-term-requirements) we require that the key slot is destroyed (by `psa_wipe_key_slot`) even while it's in use (FILLING or with at least one reader). From 3b9de382084bb7a8b5f8735457844b0048e51748 Mon Sep 17 00:00:00 2001 From: Wenxing Hou Date: Thu, 14 Dec 2023 16:22:01 +0800 Subject: [PATCH 1038/1674] Make clienthello comment clear Signed-off-by: Wenxing Hou --- library/ssl_tls12_server.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 923b093af..96b65f8b0 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -1128,11 +1128,11 @@ read_record_header: msg_len -= mbedtls_ssl_hs_hdr_len(ssl); /* - * ClientHello layer: + * ClientHello layout: * 0 . 1 protocol version * 2 . 33 random bytes (starting with 4 bytes of Unix time) - * 34 . 35 session id length (1 byte) - * 35 . 34+x session id + * 34 . 34 session id length (1 byte) + * 35 . 34+x session id, where x = session id length from byte 34 * 35+x . 35+x DTLS only: cookie length (1 byte) * 36+x . .. DTLS only: cookie * .. . .. ciphersuite list length (2 bytes) From a19c75381c726c072511da480e6528cb9396d252 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 14 Dec 2023 14:42:42 +0000 Subject: [PATCH 1039/1674] Remove redundant use of -O2 with ASAN_FLAGS Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 52 ++++++++++++++++++++++---------------------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b8acfb5eb..ab422ea15 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1441,7 +1441,7 @@ component_test_psa_external_rng_no_drbg_classic () { # When MBEDTLS_USE_PSA_CRYPTO is disabled and there is no DRBG, # the SSL test programs don't have an RNG and can't work. Explicitly # make them use the PSA RNG with -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG. - make CFLAGS="$ASAN_CFLAGS -O2 -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS" + make CFLAGS="$ASAN_CFLAGS -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS" msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto - main suites" make test @@ -1460,7 +1460,7 @@ component_test_psa_external_rng_no_drbg_use_psa () { scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py unset MBEDTLS_HMAC_DRBG_C scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG - make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" + make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - main suites" make test @@ -1475,7 +1475,7 @@ component_test_psa_external_rng_use_psa_crypto () { scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG scripts/config.py set MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_CTR_DRBG_C - make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" + make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" make test @@ -1954,7 +1954,7 @@ component_test_everest_curve25519_only () { scripts/config.py unset-all "MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED" scripts/config.py set MBEDTLS_ECP_DP_CURVE25519_ENABLED - make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" + make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: Everest ECDH context, only Curve25519" # ~ 50s make test @@ -3831,7 +3831,7 @@ component_test_aead_chachapoly_disabled() { scripts/config.py full scripts/config.py unset MBEDTLS_CHACHAPOLY_C scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305 - make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: full minus CHACHAPOLY" make test @@ -3844,7 +3844,7 @@ component_test_aead_only_ccm() { scripts/config.py unset MBEDTLS_GCM_C scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_GCM - make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: full minus CHACHAPOLY and GCM" make test @@ -3875,7 +3875,7 @@ component_build_psa_accel_alg_ecdh() { scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator HMAC code is in place and ready to test. @@ -3885,7 +3885,7 @@ component_build_psa_accel_alg_hmac() { scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator HKDF code is in place and ready to test. @@ -3898,7 +3898,7 @@ component_build_psa_accel_alg_hkdf() { # Make sure to unset TLS1_3 since it requires HKDF_C and will not build properly without it. scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test. @@ -3917,7 +3917,7 @@ component_build_psa_accel_alg_md5() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RIPEMD160 code is in place and ready to test. @@ -3936,7 +3936,7 @@ component_build_psa_accel_alg_ripemd160() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA1 code is in place and ready to test. @@ -3955,7 +3955,7 @@ component_build_psa_accel_alg_sha1() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA224 code is in place and ready to test. @@ -3971,7 +3971,7 @@ component_build_psa_accel_alg_sha224() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA256 code is in place and ready to test. @@ -3987,7 +3987,7 @@ component_build_psa_accel_alg_sha256() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA384 code is in place and ready to test. @@ -4005,7 +4005,7 @@ component_build_psa_accel_alg_sha384() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA512 code is in place and ready to test. @@ -4024,7 +4024,7 @@ component_build_psa_accel_alg_sha512() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4038,7 +4038,7 @@ component_build_psa_accel_alg_rsa_pkcs1v15_crypt() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4052,7 +4052,7 @@ component_build_psa_accel_alg_rsa_pkcs1v15_sign() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4066,7 +4066,7 @@ component_build_psa_accel_alg_rsa_oaep() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4080,7 +4080,7 @@ component_build_psa_accel_alg_rsa_pss() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4095,7 +4095,7 @@ component_build_psa_accel_key_type_rsa_key_pair() { scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4107,7 +4107,7 @@ component_build_psa_accel_key_type_rsa_public_key() { scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } @@ -4476,7 +4476,7 @@ component_test_platform_calloc_macro () { component_test_malloc_0_null () { msg "build: malloc(0) returns NULL (ASan+UBSan build)" scripts/config.py full - make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS -O" LDFLAGS="$ASAN_CFLAGS" + make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: malloc(0) returns NULL (ASan+UBSan build)" make test @@ -4800,7 +4800,7 @@ component_build_aes_via_padlock () { scripts/config.py unset MBEDTLS_AESNI_C scripts/config.py set MBEDTLS_PADLOCK_C scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" grep -q mbedtls_padlock_has_support ./programs/test/selftest } @@ -5251,7 +5251,7 @@ component_test_m32_o2 () { msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s scripts/config.py full scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O2 (ASan build)" make test @@ -5267,7 +5267,7 @@ component_test_m32_everest () { msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s make test From 3eb4274a57cbfc514e9dcb36bf92fc231dcf9e1e Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 14 Dec 2023 14:47:03 +0000 Subject: [PATCH 1040/1674] Fix transitions in diagram Move the finish_key_creation transition Neaten the diagram Add transitions for the key loading functions in psa_get_and_lock_key_slot Add psa_wipe_key_slot transition Change file to be a png Signed-off-by: Ryan Everett --- .../key-slot-state-transitions.jpg | Bin 46583 -> 0 bytes .../key-slot-state-transitions.png | Bin 0 -> 70492 bytes .../psa-thread-safety/psa-thread-safety.md | 2 +- 3 files changed, 1 insertion(+), 1 deletion(-) delete mode 100644 docs/architecture/psa-thread-safety/key-slot-state-transitions.jpg create mode 100644 docs/architecture/psa-thread-safety/key-slot-state-transitions.png diff --git a/docs/architecture/psa-thread-safety/key-slot-state-transitions.jpg b/docs/architecture/psa-thread-safety/key-slot-state-transitions.jpg deleted file mode 100644 index ebfadcb4963d39f59cc3f21d30a21a62ce1676c0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 46583 zcmeFZ2UL^mwl4fZC{jc3BubYmU8D-qM5HKPKm?=-5d{g-dj|o5B}nfAA~p101VlPW zs0o5}5~M_FH|~AbI(zMN_8n`V@sB&kKkj`qNXXan&9}_?%xBK|U3|G%254?;Xlnoj z1OPyQe*qVBfEoZI{MCNFgYb=rgy>hhL_$JLLUxIqoa_=A8961GlAMB?f{cucmWmoo zLqkhLPDw{kM?;VQpXS#^2!5RjBD#b>k%oed0>Aa&Y!@8>?InV4f=v(sEkH<10HP(h z=mDVk`y?j#TLb>15fFlih)GB4~aPOBPp<&?>kx|h}$*)sV(|&uCo|j)xSX5k6 z`mVaBwyqx0(Ad<~-P7CG|8Zb&d}4BHdgjY45`|v*y1MplePa{5|NY?b=ot6o=P$Vk z0MOsX!oUAruz!*Z-w6bSMEEWx{UsLxp%?xSL`y_`MVy50rU9vqJ3W^~&?N@d#N4V* zGHyvj4CA9`W8_RcQYc>RFVX%c*dckE{?W%h^YXI17%dDossn{99I24w{=8!Bl|kIa~jc=>?FViZi+Z!csFY zfc_G~@S2kcr^Ed(3U5#NbRYQU&+R`I zK<>|sJ5++=()T@E;+|xkqeMmM|)@B0tJ#gL~KB=`-zF8`(~QC zeRh|1q}RFSVzYyjJIuvq)w(UgWBPc9)~8OeJ>5goPm?1l=)hA}WMvot?1zv^A9~F%sf(cD= z34K{q)3tu)-*3g3A|~=Jyzl1NwV%*gAX73!ZaerGA-4nl-b1_}=0GB_8GY#q-Pxg8 z;@G1^#)7mq&e1(jd5>n}Yf`VeKIf^F7rZxld+qwJ0BA&dZw`tQjmmd=d7vE-U|+f5 zOtYS>=~+Cd`EKsZYn`%>JWWmEl7s_XeXC{UVV7QIQ6@VwH5Zu4X!46bBA9u3tSS83~9CtR8crzIeHb}-BUehjngx>kk6!7Zyc{psZ*cY ztrI#qnX_^Ien;d8J;tJhg)HoQhh4f%*yKNz#S+tJ?v`1(QGv3ix&Z85B)5?5k$dIk z_inXUwbj&~NO#wD-nH5x`6~L}0U=%^B&Sau^53l--~tG*I!jevUu|OyK-m`uU^f9} zRC$1X!cRF^m^IGKY3cN3AQc3#thF>R=Lj6C%x}Q(D->!VfI(-I~mqIw(8Qqx&?``5f|vl)_LtLY8W1{-}clnme8b6^rX^p*D3aVuw1JH!BL#O)1WI zbsCM_u2^`tdD)BaAp!ZVfJ^X*&Ma;$q;=Uv$JNN!I)JIP#C#LkSQ|dQCa)!;X7R)L zStFRS)*_^lAX$)PEr*=$l&={}8r6=vK6$EMfwRzWby41l6Y54bY1_UNDTqBf_o%ku z*?c-@Js=Ld!=0v24CvWoWV>F_&FNC-mnFN%MmgwCs0SlgS1cDoPTHcl6QOy_GT(=R zr&$DNDHXo570#~Z@P4c8?lE|>&h)`Bm1vHOPU^(L7KM*aOyxY;tpVv*$xogM-?7ER z7;zQm{_Pc4aC94+I_DDdR2qYJIn$W-nX8x?ACmiItZ_Y8Yq<9AmACTET6T3ImtQ>y z^z;|SEXDcr;!I3&J}b%;>oVrdQNj-6hwO3kJiPXR+8Zv)$gBqZ59jn*559)VADfm|PO zvVKLU_6@j7#>~*2Je^UFjfNa+cLE%J*(Uads?7bOf09+Cy2xkvsqUVM+UW5Q7)x3|06|k9?thHERdP+`2Kdq`Ip$l4 zuX+KlMi0x>{=Cd-tDIskqttbw&TFzL*d?NokOo91@=)M1tzalQ$w+FTBHup&pg+T* z|MCqq*lxG?LpmWO;7IRO@d7AX7XVE;{sVye=QH*zXXVdzZI_qMk}m*oz(x}}aA^J~ z$o0=>{39Iu3;Pr`6&+x3jm4e&V z!zP9It^^s!C~3~WRw)bwtJc+Cr|JEj?I--_kPBeKgMnbP_J5;<{#(t2-$?qg?JBMq zo2-lJecvwDtHa5Dce?E|uIyIh)S=uHk0C{-{=1W&>^}0IjY)lLQr_w<&g1hMsFpf) zfxX5+@k3ZbHnWJ-u*6DFJL3}%FwG@j9*+v4yW{9<@FI$ngXsMo!=qWZcrIUBnn>0A zHKoQkRj5N&9AXrN(9KkQ${gk!O&(c-(_NEqf z**D`m;c?>Z$#ehOlt%6mpnt_FaiVgpMF)^aT*>f7S6^220!?Sf^bG;lz3SpAV4k`|et z#fhc%2wY_~7N(~pSzd0ES;Nl!z!aZESf1oY~6*KlNWBf z`?(h*H;$@y5Fw6mhjf|bK~INtI^eoqq%zdkWu-FEN@n8J9{XZRHAM-s`P9t3+sW}; zZ+ZmsP)GhFOAEoL#7IzXcEovD&M*h zRu`UaLzE_KVj@wlKi3s)_BHWKn7R>BDi1)w7bsU25DO)9JD|7#7?Gz2m{=rVn({2H zPT;Wlaa~sHmI5;x8Y`K{+&LSDB_m0Ln-*(;j4 ztG=JeE>pevtPXgL-?$Yg{JtcTLQ=c~@Z=dK<#fdsFR!k}_@OQIVw9+|wZ?l~{Q@AZ z&ePL*ns%}HA1PrSoARPfiY2`~3aZVHX{SEiW9wh0qVIj_dS0m%!yI{8$D*OoY}@Wt z-Vm#?e7K1mh(+-EFyI15^h3xoBq zr3miAqM=kGheJ?GJuH2<_|}cAkq;XqWpgnZ6`Pz2B{6$`gM;0UazwP9Ih2REVa(dM z{-bQlg9Q4GpY`qX3!2YeiWfWOH%16y_D$-3m?Q}X#;+k03Gf4V=c%Rj?{^8(tc?4;#LO@n8yLc13dkiIkLUFVw8qn{T6>JU*eR`+52vB z^C|p89G~1yA)UopDfe6Rmc);PA0HbI&Ry!H2&7Kd!*ydW0K*y4T9*Kt*-Nh5wK40S zGR+~|vSp<@?u>aBpP+Q|t!070H(whaIu&3V+aBvNLI8gTqu-*j)ODfit*GIxF4Hnc zqp#Bhe#$2(H1uAlmVjSofkc5zxARf6<1Oh)#C>=Cchf#e%=i54*N_87Gm%;*_ON_ro>BuMS2o zM8}HfQ0dXav%CGlf!e-REvX?viZqT+z@5>_$n&W&7I0>(jF; zoJ!%vx)TRGQ1$V;jk@OMEqLvKh$q>56yoaBaaW$Y*v8MyV90pSs~jeegkRI+0$}U? z+x&3LEt_|&f`=2;HAfp|^=Xp}SEbmt&^3N!>AaWa2-54Zk{f_{Exp>nS_T1Im zn|Eh;p@qicrYlR58P9hfVM~*=P4Jo)Q5!S1IHU#Uq?Ehd&g6(Zt0>=bRrqOn zYGTkU5qRgxSQU8(ZHmIa0AY4y8=tQ%CcMlg2ZunDhS%!eJsCO?NzE_2>8fyUE74yq z$06xv_w*X|?GKz(!2PrpXcvou9BC{+u5=l9z+RSYPx9{PYDrD%vct9V-XqCa=xYuP zJco44n%SQL4l}kS?XjjmId5a}^3NEDWU^ zo>;JTyhQKI4=dc-eKZcUpRPz+()V3?LdQIJb%aILkr0IoTc)j)4NHiZA}B8}b3=L^ zy;gRn`@pN;+w6}fxNOT$5-9DlV4*YpFlkF`vI3SHjds!IsefaCKZ}*^YCf+v!T2o? z`_1xl>PuXKBBTETIzx<3_yY#Yec3O7>HyT#zzO)Wy zYObgqS-pwc;ph6*QIE!lH<+V*7#n%?htIbiAuCHhls+yL6o0j>Tm zq}*3oDZ3Q@Y`6aob9!G8NiJ_(e4(qLU)lDkRd1aq%L1>(v)o**{@+SIsVK^#+Plv5 zmi=pr;o--3Yb^O(snK2MGn#%DMp?*n*V|~^Zz26s-~0O3RK`DIPX{llQ_})c=X@Iw zAza<_T+7oNA~5PG-oZ_pEg8g5%6&5QmpJ0N+1k$gWU~F>)CUqFf&}3J`V@3>4L;Ky z0M5g#Rk@>5r_g#4M@vqKhV)xWVqiVzaq-7trp%^1jx$6g$;5#}`oxu_z7TACH;f(* zHO2BGBGxc_-6eH%@;*C)LR&l5_Y(|L%ihwnfy?Nrh0pIl63pHTY2I#eOHVS_vdnxr$26fyZ(`cajBy{8rdG5 zjLzIi3l^3>liBOuH-oh_kaLH#@)LrIkyksxQUH@@fGp<7sgl?$D zO)Tr|g{K2prfi?Gk;lfHd#Y0&>u4>vyew5w^Z85Jc6wFSN`5&scO5~W>hxx<`(;vJ zioVIe0Bl@t1cV8Dwo|Rw&-n9Ac|1cZ9;8mF9!q>F`tdljYjlA2V}nYPROuBP6}EP& zbLQe8f4tq9H-6a!hjzYHj5YWBFt%qsJX2U3KDg;)6d>WW5)}`6 zMLWaJd!=iROfO}FrD9U2JTmVtnM7{AK=wy;dHbaKwPFx_S36(P{C_X!-6 z1M6+9zG7I}PFFW5BRpJ3XpVhY)*!|pLKD%_lr*@%XVx@n%~|X#C>GJtl(0jV=gejj0?}cHFktyY`>nKt{Q7PsSc`#R zdUhib5m!!2zZDx@} zJR~;zVoPTtJi#6uK~-3vyKLra6uV6~qnbpLqU^UeaQrBFkcuZ_?Z;cYIzWF)*+Dr< z#88`Q*LhD;e8V(Q$?-uXvJ5`=_p=8$4haRiQ)njNqAa{(HDv( z?XC=NQ>-4d%`nF*9<|%N$C+EOUw!|ce{y?go38VHm%x___eXgqBCF+hd*2d%0gj>J zSrjp-Z-KR9#D%lX$vQP!@7=!Gyx-LuR_qR_6RzNi+g%I1;ruWBpZ_t6{ImZB8u1r8 z)xtu9Ji#RE5L%39cBE$jn~TKy(b(c<|6K%Pf7{J%(TvxW&ox)%fsHM{FrJ&-32<(1 zE?c7P=I^eZsF3zXcAbB}KTTEFB8zoS-k33dQS%!mGrhWWv(l_RLV_pJ+h#UefMh91 z+0nbj2J2=Wo{Tf^qA<&uD*7;4E*;(`a+d8$Nypn^%5*8Sp}%^vv9 z4owK4(Ts;F@F{RI_O(`6ZKRst4JmO>w6Jh`CX*tv^DWy4#?U+En+CkoGJ6A%7e)u_ z7MxF+u+`V0TtJvZk0BAy<=V!UDbIlFyd_RmABq?YZAy~GO)Y!GqmL76+y#j&Ng7XU z35qd3M+uYu!nkxQMSsSvpT;3&W((FEY?G;Ji+5i2atTs|r;iJ8c^jR6?2&wM)#yp} zTS8zDDZdhX0f59>pcS7HUTj9&O-WW?<}AuGk~uR5n0}CF*Yw274u}gzMt}O|$Q396 zMOyTXV5wms(^JTlG>fpbye`OKvYaH>oro>=Xmrrb-U3>aaUF@4^8T7G2h5+})RzT3 z+ey!5ZeoMYEOanivlgc7KV7HudD3noC+;`WNg-_oZoYAy;+Bxn{P`8|>>w@rSLXlE zblU$I4E*^r9HhOsy-b+W=p;?&=fqN;!+4%`47!2b zj0ea~^4Wl*00(G@P3?$Smti+knhSBdMd!Okb=Y%C$<`hnFY-a|mN}`UL8`8gUIW|? zqCJ5!OUvM31-S|fIHKc)!)+{e){OP+_r;}6+36SV3o={3<=31TY9wks?UOzFEuBP<$#}&kHviGHs#cQfnB@6BrUx~~i zk2r$kl+vG=TV{vxOrQ}y+OCBYb@D^3sR6r+0MeU?jM33=$4;y`{&O&)N4jwfc4{>8FQzX2EF?eFuocpd%;_(^q<;vY{kZ z)rx(bjHS22l8vEmRHT$NS5?(DSc5?V!K%FDqIo_CuEoc)+EV#XlXwJ|In%Z)JXdhO z*60e^Ua}S2ym`l$BD-&WZ&KHB@#2!O(nJ<<`eYO<+jj2?#Isu&R7f5X=pDsP9!lcL z1@-d@+*=W46yfCigA+aC;gYXgTx(KwNv7NJdL$~8-P;$y_nEj_0&uv3Ha2gj$BF~v z5L?^MK7b}`@pLM2o-wXxPAKRvl!h$X8aOFq@GF$)4Y!JO`gL(tSC9W0FXP#GJ^O}h^$)OX? zA*Fou5;L-^jdua&KoV3klCO=z+Fdefl8q@U`ZiCt&xX;B1wp8Qm#`iFJa~H#l)BvG z0w5@1`+~I&|5pEI+iF+dTFj*GMMDyU;0VX<3huZ;ncN|P0RSquWgJi|eQ@J$raM|J zDht{^alkmSQ&czR>1y-d_kP-pj*rK^qe?(azcVO*wtav8 z29m#zg+|oMx8CSBpQ+tZ`exd20?DMB8dvB2dZP0~zl_Gt@7-|Sv!?|scxR>TNE3hb z`wPIqI&_h_Zl-plE(08)#M;8}zgb3HYafKu47WIL#;GAh7^+bGlpkn%8B#8du zzOJ?<77moDRcaSo)EB~FyagtYui0zy*g0`iO$tdFB;BBk_8|vW&$;0+LsyU&8~ZN1 z>nI5NhYg$aIRAG)H=1fT_N(6d&H!4#*cJ==1(`TfGfYZ_! z)6LX-PRPvH%rDXe9;K75&}j-n$g4kG2|AD>NX+w9#xRFh2Gq95EysawH-E7`QBTdF zq;pj?c_wiEI){%wiC(m?%R5{E+B&F3AoVD&5MJu3~i7wqGB!^2J#@+s`McsdjA zL=}j`1whn|`PP{olntVzx`(a|D#YR^yQuL6U|AQ_V{ABYF1Txf7@x50a2bYf-fX#n_9RFc@{WE30-_FS}sq6?1dnpzDN%&xo zc57X-t3@1X7T%}aTzdTi2+}8ghwm&7y-20&zD$_63E*gdF&w`}l4RY4K9;z!@!klL zLI@}Lt0N(&(8{-tikGY9waRfyph-8z)1v5!o)^!r`}-S~U6EVHZaadS;!VbDPRI43E{&cVy^nt$)c$xV}gzv8t z@DgUW;j-yYOxIToKW{%}pw{L&U?5n7VyaGUumV!bL{EfGH0*!)I+bhKPw;T>d4 zzmEgQ`jY-~hzbYK1yEDmox#f2it|m+?jBZkQdsds2~~d3u#@A>nxJwJ=SlMY!a+a4 znnQ8{blt-$qoNaVruCpcC5YH2j4tjH=Za;7QlE!=s#CB;m8ZE%1i@^;g!n?!W@80zbPFMI(ps2CzYpHyN= zU!9^GK^;f3$X_Fm;ma@B<5yIk;#b}tC2Ie_rIVoy{!`HUgx<;s<=Xb((+RaaC%ucEYmr2;BdZbf%%E&$4@q{F@AB~uz$5^HExmLcW%+^uV*H&rNp zr}rREmFqVWy3RCC`WFeu*P6#gS6$j^anHsmq{{EwwO7Y_G;WUH%0J^yQuaIl0BRqr zixcWGS4@bM;?!8upOBV!tQ3B~^A*h4Lni?Ls=*;q{o!&vo@^BTU5bCfIsVyOfH1=F zmhC7EJC)X(sWTh^GIL7axMB3hw;K)T$+{XhIdp2QzN|*aQNBz@{Ya1pI99=@&IR5e z2mXj2VqlR0gbJLfy{L5P4t*XRdh+PFYusw#fs@R+4IH_lI=?il5@9>PL!8A`JS_i4 z=JWH*r1k5_z7(_wq`!xaIv> zE{=u*dHRWc(ToNv9RM`|ssprtA0~Wv5v;Z`QDBD9eoNiu)o`Ca!YwPz<`Y7B_8tM) zw*HZc!^s0@?@wv)AKXUzV8j1RV*6(k@Vg{`SPAeoT!mDY%*;VT&=LI*$BnNd@8GG9 z5#sBwK1Lt)d|Q=`?^>GdKFTYQAkhcw1YdH^jYlFGq6J>_xaWo4*S`jU0)ZVBx_=yS zZ&+CHsRSW2_ zRpytI9Dv~Ykq<5eA9Cez&XPc2?^YgtIjGzQS0&W+Leq{i={~Q)8uDLk6ea%nEc@^w z0N`~`haM9yq%VtXN;-hv8TzCdflY`$C@I)aQmn6kxwBJI3s)hSr4;8w%gW4G32R@5 zB;Y6Q|2G|t2jO=wfMipg>;+(V0dz0@bPEntH2$wB8#L5zzy6#5h%$JuAXv+O%0tNY zkw@BIR3-C{1k>^}tH=C7(}9W_fl3B5B8Pg6{-YNFokyllXFKcZz2c3U^$+ICp>0>R z^GuzhL_%Sg;Utyz4XM0CJcjgJSptOc7EAP(Hl;XXU!w|6IVIUR4)gk4N%bQF%=aDZ z$AT6lVzqdTVDrOwY0=h8ieNK6ysE5tM=b~ECvDL?zJ{T$^yZDs3~Qd}%P-EmZToqA zv-(Cj_hotDsV)FV^etGUmC9DYkq~-JLQjQPw-*dQK7^)DCNE~5F?^7P2GF`8AHC>I zRc_|`D)U^0HB0a;_Z0SSi&@X1Y#wJ~7NI`YB97J(m(3szKh(*ly=mhEuWGZk<&Y(D zw70*K@5mXXst&w#3y;C%uPjBhP!aF-I!v4zz`UIp`y&-@lGGJCr-@ro_ z0FfO|dD%=s9V>aecFLmL+@=lD@Z$TU2AQfKk$AhbNcGCEGlzQUoGt$degWjw zoHGCc-S^KwUjPRtzDi0p*_dC6e8oqe_ygKeorjGVz?MG21weK0&_qVe;TXWRz5m!4R+8Cw}<6vsFS#x(9!cEe?qn`m2SI@Ulh zXZ;rR?ktZVYwoB-Uxlf}i(VC9xT455_|wSjc*yw}8*Gh(ja(Wk5VA=y!0!J=gwrvfbD zl(As62ZZ;-xPorUMtXL{sqPAlbHkYHR)ed?sOjeM4w+9xN+O!JYqVUIcYlnln?@#( zY7gntzbJ}xcUlJ1!X;Iv71Vqc44$()n%nok{`oGB)Hv~>?<+QO9{1ZfDK%fS8fD(6 zq2>Z3_0XS-(ehH5qA*l89!>P%+&I;Bon7BWT8z~DRH*YHRBD149#f>IYay>~ zE&%d-!R;(9W?0FdrnCrYUHLnR08+DoVtDQjDpB(Y(~?fh!2WhSW}se{-NJ`u&s8g+ zwSjP?w=zmeW>mr2VR?ku8A3Pq)tbsV>uU34ivh=o(!9dF1IkUBu6>n7+RicMPX+we?yKpUJ`cwn18FJ|}ui^UXWj-Z!KBXt`(hy1HvD zBlw!yE_*#dwM2YA-A=sg%bjoOtAlIAryg`e1hV?b>U0Ia^)Man!6Yx+My|fnD(Q&O zpWm_ndU%=L8Z(8D`0kx?ICP62Vl5Lc0M1`4u>0r%KBYYYXM;~^ca8XCqXm9rBJP1w zo7lt!fZGA!vYlc$LH>^RNQhV?&KAqJHqvP&SU1Tt!POL_Z>f26vcQa7XwI3ogdOVi za9og&_35rI;Ip^gN)Mj>hB`ZVrA^uNKFqcJZqgZ68huuzI!~?hsRwgol(Ym7ayb@* zmUX$ivqZ3ZvE^Ctxvme#`yv74;=)5c0b(M;cVzPxS-)}UlQN?BW=B-8R+VU- zFA82OBBXb)?b+nfeK#|ty!u!%WI5j(f@lUJ;gCj_9I_UAjOua6jj7(XAZ%Jc z=vL$Oq2dcYYF+C1BNCUb#`oV6KAix~`=?t`teQw!f}n<=Xy6bJzCirFO*{}@Oi>+b zsO0pcr=`-`;H~rhA@(cKNM~TJjc{}3#&O3;g!#_qM+93!=s`@Qv2`0n=lYwFr*Z>w z%lf2Ve@B6&f7KuGhHbZH+v5n9;~08*baOUha+^P`d$eur}XpuqWL%j4{R~nxQp3JlJbEx&1;QI8rp_ENdy|lN3J-V673?(2lMc6 zJ5B1X!I& zTYWNyt@hWv-K0i|-&X4gm+wnFw5#GB5o>unN|bg15c@N3wq3qyE4&PgW}0IdOvEknnIRH@#TB9|%^0AyP<(Odu}>i`pqQWSE0*q zb$ImN;424qAKvARc&@@E+(Ik3pspNwYW5DE&hDkXvs34ysL)H?b8d1_Q9!95 zrV|;~vY)!2o=H*p5KjLlcu9N`dNk!0qdYo?hTdu(Vonh|k<(j0PB>a6;Dlq2^ zIKJ92HbzPhxAqRN7VgBwAu^qwKixf+RA19ruf9Eg+wM_8W8%QTBS*rvjOEhHldhg3 z0lhcUq99#riqV_(Fa3pg$)z5{&Dk9nc=iiY6~a%F8v2J-C}U98T{vk=Ny`vadszNt zt+nKd3|7j=T`}#q-F)h!sWu8H4G%D9_e= zrn7d(X*1Np3R;l)E=JpUmPsCG)ozxNMPUNPrLGZ5T=cY%UL>Y-WwN%xqD%~@Emfhk zvi&S54oieksW_h|TL~5b>6qXGmX&E7kJ}(Kr}R0_=EnKYU}C~BsV|QajSW2FsagxS zo0ACUZ^{AqDiaqd8Gc@d%d^zsiyy4$CzJ0~-*8P@bgZACuuu)7YPmVO9a$=9@U-E2 zp8#P`0F^(dy7X#~6@WqOlxRxHCW)p1E|F_m<3_J`h9b0Vj7hJAYEi4k0y??B$kwp! zgEQrBrAwnyF_wHzZo-$VCTtM#<7SMhno$NSac?ZAqL*LwK#K5LM8jft#-3amKXAP< z-8H!IqTAJ#yqCe{Ey_Rzu*(V#6#1Kb2j}l>|B}6I-ML4%c&esLZOsJ#e!n%tunlV+ zdD>j|ttkbmnR=P=5kfxm+%eIbDtK6h-uJ3r^?ARs`PFExjGLIawcw2_LqcErMe;!% zdjvZw5Q`jNReYXKC2BXhU`v_d{d=y-HrDm@%+Qz|q#oa!Qe96Md(PI^&R6IP;-0fz zZt_B+%)VZ2&?k}!U^-WHX8Ji2ywhTW29>V+-|*wpip^rRX3{IBqNC_$xUG3~zeZEx zho?UK01N5MBo(DhoFcjxJJK~m4sUR2pVNJ}Au~hg41IV)*7Pa|d z#QCna%q~#qiOoQtm!c|UyDtDt8ZNlIN9H>&%gdE%sXKY;!N$)gqdjS|$Mm0mdX|KJ zGu`D5m5N^x;3D4yu8*+$THvCvup>XLSIp^6tl(VttBp2hOonz&x6KpR!^e2^E&rxC zu|OkJZOD^{=2AhN(N4zGa@6L(6QevDcMTC{k1dP1~d6g8pL?L0#p zb%ifrN2ZmFxC!~u*6~enAM=v}P)ZEiYX|VBJe9!4_4l?K?w|CuQD*o4+!*uNA#yhE zFrQ^9jQ)(Z)!w#UlAJGp!Y^?<>mCCX@B{`t)R!kPSIr66cfiPgev9U_fOz$EL}n$)G~D+zuGe+UtZp)&nA zLs1*cVXf)c>fMnl;ohQ8>K?ERCUmaXE!y-aAB73e-97*4;(hSNF7}HZv^vF}dtk71 z|9o%oIyz9?0Y{5b+Pa;r+K7{0cB-9?rQ&^?#aZLX(ZQj5=dofzAI~d3&7sz+*mMBl zzO1NgN9$-!d#aYRF~+6tQnWGs(s0fkPbb;NYCqm)Am|WwAI1Ch6iKH_7*~9O3`{}f zJ3ivVkG!U5bVIFcO({OiyM8BMCW!me zkwb1i(xn%s#65P9K#hw)rG*~q3UzNr6__rr*H6rCY`$YuZ*dEIL|~-yh2$4o_Ur6x&-q)9gW%Bdqr2^dQ<4n?C3mc5kJ={x0UOzXu@(>>Y|SZcNe;Q-HD^*u53A8>1$9rJDZzs$!63PF1IW4P~S=`b5~)&M#aM2o7=EA zu|qLiZN@{7e*MV*GG?*T{@upQP#wj>o!5VhnSAs}Bs0FZNiFdE;LwgJFn!SW^ptwq zP0q@bq(NSiV^_tG&)=3J_~D72J14(_YNtE@at^^gFUHkdvHrLZJ# zywLXb>8#4N+p}(ubYgH)XIW2-_ge=)PWQ0x+r7ROYc2;Uy&64Spzryqm>sDgTQ=+5 zWR*)d;^bq0W0<(-jsz!wqN&+$l<<%n=w@7)Gv3uzAn}YnxkoIm~YpkFeT3|xy0R{Ip8{4P0ZHkSo#^y}qNQNd8^ zQ}Ja!=#el8AMDardPwbY{T_wo`p?*2gj5=n(j&pae)-~{yp(;}+MxRYxiY4%B>*Mm zc+T(3F>S>CupOC2BT{Lu)pB~S%4Jo$Oc%V+@fp-6sX~4M)RA^j=v{NMX7KPM&hv{; z$NKS3H7-{m`+Oh^B?R_oB>@gO&GF6ua%X>(p=ZX6(D#T9dv4k zWsYna3JALZNKXwaw4jfyT}JUy{IQuehbFz+YWL&3`ZPHreD)-D26#>;Wa}*u96l9>aaZu!&rxE275raMJzh9 zuH%*1o%7*{?KGH7F>2;bVT9WNMU`-GkgzsCU!Y4PS3@=%;ja7!ppl6MenrzN}6n+##yE?GC$i()zHePEL^xr5_ru+ zEaK(2$io;t4qxlW`nJjKLgpKHgPgdv3mucd&0M=ivR-QE{&og6(8hSqaaKTJ6T0v5 z6MU9@hG!@4-tYq)T>{8O%RMcYn0y7Wl5oujlbpq^2)Oy4=Hz3M#)5{b@3h9oatjJn z43&wk1>`w^0iNWjSh)bm@-?yY%WKu8?8N7jm>}1eH)8rc1fOcV$%VW zvl1o1+&jb^m!H2bLci@X6SE;&F+%J%E&1hWM}EpYhcr;);dvoch`^5S`mQI2Nv0|s0cu0Rjb83sf2Qc_w zgns|9wttulMo&dO-7$}?3R|;Dk#b>S8=si6vQlG#hfxF$i3^cNMnIA_K#;5gaXQ*# zIdwW)j1etEfeDnUN=scVZ7uJjC*67DYN!>y*P}XZX+kf3dkVgVIgaoUBU`V};>1iR zyA(O4UR|9-&S}tHpW%5+FrTEYsLk{CSDMY}uSrr8Ffg&Me57{>JG;Jd@Q>w^q$%*3 z^SiRBfU`hf{KCt1s{QlczaH;4k2uX#3i(@92%k7J5ug31iWP5@sP?bx=bQmwqE^6X zVwl5Ub>RP7MD+J=w1Zdnyu#_-$~Mo?nmSZt)k4>dm)kWrW|=%JiH^LMQw4lnwN=s4 zS`YdSa5s18-U;Y8kE@J6mlSzh>Lg+5q(qNUa?39I7|SO2{sGqKMLCF6uu8Slw?H)8 z@fB#|KfH+lVv@i{|EW+F%KF;(-P`eXecK>(!Wo5b&Y$=G#ef))Lv6Uy(H77v501)4 zX88A_PFg9ptu(xT9Ls$7ZhO2dbC&J4P%K}Q7)wL_{#QT^q};=Hlz?)j(8tO~img}uD7CNl`Q$!+6-bHLs-G|?W-IS} z-`M}r_INMN;mBWRN4{l#^#v+W=Frkdb9Avw(fnNg@st={*C(X_zo&zrs$#vau$(gx z|zc^a7$UGX=rhL|R>dJ0~rVYL+zfS_e7H(khFO1b?g7bz;Om$14xt(@E>1dl=`g>OlO$@SUDNO5xwWM_zI=* zFApqq3VKV1iH8@yBB<#4hKk>PqST^&Z05D{HHX68e{_lNy;K-xy#;gD9)A~cbXE8< zCi6!__}n(sS+0sX%i`MgGh923x5JB_3!o_n?0^$nX&#BX04|+!V(Im(gU9!JUh-xY zx)V3=Ma$VonN3mOy-(*pu)={)Li_Fze*ri_qi^V)avKanvn`1n42{p zD6)#t(aF>^Xs>H((BJRB+8H(wm&mdmMRt!}G7$fC4u9O2MBd$qVw|#3n#oLy9!im0 z-GcqMJ;Mt?Gx)5xXYVMLL?~jy^itQ=NGpqMi3c_PB-#lp! zrh1^sE{u4QsLrM<6k`gsy~kFQEMkYah9UY_F8~c~Hp{FBfudA^F#;!owZ02cK#coS z&kd2ZGHk(-t*fsQ=E>S+okGIT=N@#Q zhqdw4XDq`-Pt}wPbG~f83{P=vf0%lS%rvJqc_37{>)}`qIZG1Togc9TtIEvpPsP#M zaqhff;R)y+m?^e6=nzb~W!#imp6v9}@_qheSjBSez)=+aH7i|il>};@0O^$6UcjXO zEJeY`9R-CtBJouNLpuTYFfZDR7M7fue_ozA)qOXAqqQK{CiKB4wLTtgSb+wDhYLpe zIR~nzyRsKC17S(-G6%=ENTV{%EkMO)rU6c~)Nel-x}gquyB8C_^LKH)s*15U!>Fi0?=J z)p!8~ z9Ik#`b7~5=AEg>0qIQU?KC0%u0^d4&>#M^Qh1my3DYKng<~n5w;esEvr|gLt&OWY1 z1k1ZT4!v!J56WG6j(`d+v{wLj@S0BKQk;^~dOO4aV(&epn(WrK(I8#A^o~^NN*6*A zq=`sTsRAlBVCW?X5(McT1O%iB2-16vAiZ~_1OyU_R7nsaK)~;L*IsMA>)m^wZ|^hC zch1;9&JP9ye&xxW&z$#t-B&>nqFhw3ZGTcpxwgAsGH>Jz8DQmQBDL}b)P~SI8uNm>xEEZONb}&|Zf8PyE3AA3SR8VZk9MPlv}#tVc67AGFRLix$JFwud2Nt3 z#~vZ3A#fxi3gLMdEu@XL3byxpFHB-hGqe=IeGjw;w7mwTuy*R}ks!Y&oAU8%Hl^$9tt9);|OHp&PqTJef&NQ=PHrsWsPP@c<)DO^V&`PVb z`KrB1s(HkbluY2N8nQylJHd;2Z$pk?$>e9YfyU@tk<3^W^~s$MGmVDa_h_bEi=7}c zSY>ykG8+fJo8O@LU)-cyav_$lpM6|_$Q{c$>n58R9>+dnlH_Bu9lizl3#>%Us(`Rn z(Fb@BR8=UF4KjBt-G=qsHemMRk}g20FDASmCD7!Q^O#v;fS>BTD4F>hEp?F!C7wH> z`x;D8HH?eehI-grvT%wd%vmgF-Ikt3&fnny>1ZqlcvKpkX%6Tdno|IL8u^IJx#Gpe z1*E}625E*H(KY{SO?K!Izb9y`fWR`5U^AEpfrGA|e3i9faBAhs%7>Mi)(7Y!^ok*A zp^qMmfZP;ya{aAJ)e;r)WvM*RgN2;{4kQnzDXd~$s=Tg{5kp{$RduWd(>XMBT}p)P{YGV95LsYnH^T9?L&U7UIr(gGg|LdAR7?N5fQX=X-h_#A#<#nozs= zryH-;m_TYsuT41hZO{*80B0f2qwJuArQgNm7@u>*D%O z&0t(+Qqbddo0xit8c7jQmJJ08VI=V)Ku4WJg>$_4bWsc}Z+gVhKE-~!cFJ*8?V>hK z*2WKL7UJ`wpPY2;dxv1f*8hyd4jwysI8$&@B=d?%S$)I%6i@T%+ptq@b-3=-W$!hU z`}-25Kk_37D8B#%s+acvtl$VXg9K-O@n3uhB+V1d_iVK~3B^D3@Uatk<_4~@+KORF z;PS2G9ldFMM?}E=R`dElEAqb==6@8o27P}}!?=lbAw`33{^hucN2XB8?la?l!Ga)q z_653cbbQ7`Y!GV&!&XwCr54a8cc%?g5KpdZf4gE<7u%!P_qMpMy%iWVzO9$7KQ}6L z`PpRY6ZbBMAxTaQhIF+()K9P&f|*uto+xYn+heY}Rnn7$i?@mR?(Y@r0Ua!5Sj-~~ngxt`p8Nq3FKMa9s{tZw3fKcNHf{ zRzibr%;RDnyOF_Cv|2I6F{sy-{1d-eZ5?wMuUnv}%;x)jKmwjyeuB83PxRIIK!8*M zs6-q4LxV^!Cpu^@Nq3U86|e$D8^;Zb{K=zs?GIzfp5H}nG&dVaLeBH@6=<44FJ+5g z2kK(wb~pppI6qiGZVuFKFH?lC>qFUvhx9%v2BxRPlF-J@PO9>a!`9w|UjDTvC;qqf z<)&H=8qB%bh=XGeG~5VXq(|*B$Njpkb(6AGOsw8j^!`Q_qxd=Inh~Q#y5dE#lW~?t z0!DybN*WcY%6ZTqV?(N)cc&8fLz3f(jV@ZKy-~hj^Rn~3CX_#*cStM#xlN`(y~N{L z4Y4dI!jG8rFK})%+oa{(z3GO43+v6UAG4y5CZ@(VS@`2M+uoeMPO6~v zV@h5hZn0K3B+SIj?R8*D$PmON6|3-Tke}NsoS3l;M~RdYCt7V(TbYn5@*1mMyg&Nq z6V~npCYJ>1;dk1x!8Ad*JI_{ELR9F|4X~rYYz85TrgAa;+8|o@s$@~y!=EEFuKUaW z^}vA-tbA9cd?lDEVnNj0Xyz`8gJ?c@~PBS!4mA^HOdkOy1w-uE?g1SJlM8dr_RE=8;?ce+v9#Gl zi+2^ghxNlc<^`>(vBEz5_d5&Ni{IWL^gej4%IKEW-4t{acgLp`Rsq&qwR#q4YHzGEOMjq>h@M5UD~2-{Y>L3KYTfg>Q(Fl<~=QR z3T$#75nXX3gk2r(ocy-3WYu1Q=Cn$-vbAVd6Z)Lw)u1+bn6E#=7xrL=XiaQvgkT0h zGye7|NoZp6jQOx#T`Nh;=tlwmX*+$#3;41!iXtL`UPQsW^(RS5ohJ5Aheiqs*Xhs6 z@Wi+*0QW>T?O%sh;mZ2YKExRVBO8;3>0f_{#wcV9eY@miHO}7^y&2f22Wxxi+B$&F zDLR9wFe}|FS0O=UnDF;6WUQDLpkmO#ZNbB5Hm$GM9Xv_zB*XHkO8+=9sUHHyj#fe_ zgHYE%XaywmV*%97&(==dd%)N-<6~P}_$=dHUqiURqT?oqBdY=tVem|cb1vETjWo81 zkU(?N$c~1Ola83Z51o=vTL4zWha%*bWK7I&ad(I?ENrqcaxZf>;CORaT_;$@eH@|wklq|`{0cHxaS-3e4Z$II7& zYqh?@LD}R)_Z7Qg*8Tcsb8+!~$CgArS@fb5@A6{F;w?wX^9GNfhNPyLfHiM!7M~6} z07rE4BS#IhzY;vr`npg+Ub1MtpzT>vtz)MVMM@n57+bD`$lImx{+N|c3bS9T47dQR z)@hSj%f-d>Th3|6hFWS4zAZVDvZwqSptR=6PPDj89XPo41u|caXqz{Vnp$&wF1$|KqQe2te2O;Hk+#sT5+!jHPaB{j9e7mHyTI;USf2|!I)?zQ`HDzF!{(1l5GO(#n& z`IN6dc<_~1iAsUJJp@W^Wtd@yctlVwFO|HLH$iNGgNR>Mmx+;#Se8Oy?fgz&zM2c; z2_M)osc>;4?it&2)vSrt@OMHb`+hrq7ZU#b5y%whbFKwZk;7$G;U&)*rgn}^(Ut)^ z(EIfB5K{e`7R&5Ag6@;j2C#|Juw@;>;U3Rs&^O!$HdG%cT;Rkdf+Z>XxQ%2SYvGKq z3J7F}e$H=fPR*7}3>=-vGYTKuBj%3=t>bOZZ39IyRF_#FVSVE!QxdNA!}`xJ*;~qa z({<}xlBSq*g>c^8I}{uv#4p zAIDDij5WL(#uhAmvJE9xgGO%+Amu^a43|<)+*kQ0#bx!`O}@Gz?#N8cn{W3m*uCw^ zS|_M<2$zEvi?Y=uozBOF22-m`A{F)ASOAsZH5i{I@EpavQg;d=FFAo9q@AK%Qh=A2 zyF_smK|J)aEt2Kd%C%By5`Mw}6mwt6rG(2ee}eWzu>tiq1|r|8QaQ>ss)alrQhMti zqQRS8OBk-X8v8R5#EunO3(CcG_sGj-wr78GHksHyds4FiNh24SnUhDBzYM$@|FiV{ zu#CTYD4{swVhFU;&W$@BMw6ua!%1RFolYzq^5xP?Ajr%v32}+%op!dA$#=h$@sa4V z>O31a1Supi1x;BI(J|rU3x6D3Y?^Us-c|(~qbK0PC{Z+dbZGoQXtRW&T zo`Hck0KEvIeeQ;5!@Oro#)XJm^qJH*w|^C{w5th!#l<2iA+{;4Eija^;41bb#l9HH zaVn;s_^6s><6vK@Py?NgsZ7Vz^=I~smw&^(?AsYy{$gpfBR7#1^)zauP5sstU7lpM zB-+@v6BHR?!9^*U(9flKm(3v*?Xpk3W-$3nT-!8yma%d2!_2@rPn&6m{gU4mG|R@} zO!%u(FE!?)T%=MbGQ`4WhmEP@!xl0;zjQmTwXcW~;afXiEYQ7_kmitN3eBE0u_JgR zrp>}nh`@9JUX;QB0*!{ra2ofCTlY~MHGDQJXnt)U_e5JH;<}Z_vta%!G(r_1=$}*6 z|Kf%zyL{k>>bQu?kpOO(&sYEb4RaNlR$yDOJ!jGQ$&axj^{u3b7r3HHO!Jw&7Os;A&bsYvk4 z$Nwx?0b4*utZ8R!LbNxFtR$r#XHzu(wr6JJYtL2N{aY8ieyTtF(9!~k&t3ONn(a+M zY?nmX_zWy*CsI332DTYJXWF3mnsT?%#SaXYs=^GihihBsr$#t~mjBkWuBzO|E6=nG z2P(UfKrCL@q`h)e|D3!bcuSXoDYKzyW}iLm#Xa5-{S20sCIwa=!gpWc4m32oiVyOO zcU0-X_R7mGuauA5;L_WNjn#Hd;VZ)}P05oLa{O`=g+WiqCieu)m=l|c%~kCU$RRI# zg7`5Vk$7#W$Fo<(yG*SCR>)I&!1Y2C3d-EnGk49D3nz~Inmt46ch_958aQ2IPzh1F zba>7Hl*EmiV@SBI&bEKV{6sRD>X{1jVFg%v_KnRx^o#9 z6BGHDCs9FsE@uXDRlnl&jML304xrz&c|J!^30Gw5?#;3?_J)y}T1!Hq(8l;Y&9decW+Yp*(;>n0WEnX(;unS+JhtxiZeS3mK~- zhIw;Vn8RB=1I)Ie-w`vIIo4@t{i(Qw1RJYefIn|tlixDuNKIKdu_=hzXP?@Q%O!_% zLPcmhh^?B5xuSBr(f8$PTjrSyY~+50oAUc0JCUZ_p2Z@4surNpDY(NZVRyelLU#u( z!lP)>9BBzjmpg8Kb5-)_+%n3czCKffAk~;L17#YvminPq1o((II(eeufT^%NT5=C-kM0ORQ|+Qs(3FoDk0Pll{kFp#+hnvT`}5mU z_tjonb1+tHwosbK%+d4y8|YIS$o3Zi!}upp@4uS1n&RJo?}ne#2U`6G6}{yA_X9&N z%X78jW1ulRq6xdapWKfnwP~CWDML$M!G$k&o1XOtU$X96sO#EN&9J%VSGvgi&c*uWLkeyc z>W1?}^#>c?)qs|<2K(mdVSa@@dQ0NUS#OC-~i> zVQROq5kEcuyA3kXUj1(n9j+hM-`hb6lkZbymp!0|cj=5fdI3%mYmnSkeUIL`4o zMh9!|WGy($*uSJ(0F_(NUHhcBptcTYwgCNN18w33R+afWGmB$nUrB5pnj>rhZiAbR zcz2nYAGd8|{UXy>BB69gx^5<=j4^jL5XU1M0v~#A0!*fYByhh$YIWGVOlioz^rGQnZQ?1* zMe$m+V_iUr-rZoPXz$yDRv&{UomJ~1y4w~i;|iQD?90y_!;T`$%ZuW88X6|tHa^$r zglhHJZ`uW>ynRej9nwPp);O2Ji(yTBKD(iP+dh7KvJ6Yo8L`PJ42W0=MQ(lT|-Kw&=L*lEh7Y!7IY&nVmg=0ut zc@aBpj zr?C2e&u3wR502nv0j;7&Z^zlg5C5KN0tnCL4XW{QoK=O4F=OjASUWF*bi*`T?8g_d zADfpSr_uyTM}O|=^$t4t-a|lAb`);`!YClfF$XB$0?a*wH|@-m;9FI&oY_roT5~7g znuW@uLMoCSNO5a4ZJAKIZ<><5yBYZPoeLBZA@}i9oDo+NMzvE#7QRrtI`+m6=kKP7 zYtwE2DSH~*YRKi)f04?>|L*or_*54A%4SM4sot7X&?MlivQ!3E$p9TPh2Y=W0LrX_h}g!A|n-y!T?bvi~{iF{T6 z)Ga*xbKWP9h6O{~oe+^jcaeE{4HwguLx}kiQ@V4hjA`9rMh2x5H}s-EBHDrgArGK07KI-muIe=!|8gp*xP%s_qP zvki`I{r0E+5Pki*BS3jHA~UM%+eh5zLT62v@4e6dm4QV#gmC!{5@N@6Tz*lx@f$Qz z{}+PRe^;mfpO7#A%4O;8IP~JCg6|n)9WUQ*{e=tk2lD10u}|eD5D_AF$%|an_wd5( znlxd};^{KjkRa@e2#DN4PI~!cs#Ngg9AWB&fWEkZ}sqa#5u8$g((1X)Sx7SdZ_dPUn2;;GJZ|>>o=J3cq z9pbG5mf^|t(K!`w*W$gYa_C-pdA?qNiwi7GAwP;igqJs%@v$0+AQ*HdSj85210imq zIV8Bba%a_Rf!e_E2M^TgRUaqu(j_ZYjo0S4;-QV;3*MiSf-`n;Stl>v$YHDqL9evP z_;}XY{%Dvr_Kej(hfLY^NJs@6Zq z$JBK#Ga_myz(T7uG&{$)ljf6dgfGZ!$yJR_rfW&vri^K4&DDDso zrleIqG?`2ZetrzFP*1j5+Bz|kPx2~0fVcAGus*-h!DHu%U<3U^{`3C$pR*h*z-m0k z+FT|~{)H|1w<@1-;8J>LHt2e514bwW`f=ux4>F})3Nbbx-jH~Go$`}kfJehD8Rz}T z=k|Wh8X|?B1lQH56FPJ0tWO?u5n$Klkn(XAD2V=tYMeeGf7kdG z%g0;IZD~Tu^`o`()bn7rWlm%#ZlgNHc(HR75?t3d@){YOn9-;8o>z2`!v9zWwfb)h^2XW5aJ+a}&1 zEuVL8Y^_XyRzhC?fL4ho|5$NCP8F2ce|hmVQTvI{cLsu0Mdp3zMG|IL9XsC3eZ|Fu zydtBrD052mMuqpThVMidXVGWDP5nG3OSsg-xaE5!k9jx~!rCQwfMAL?w^hdI(WCF7 zy#_KLNAoiTrX{^gu0K}sDigL+e?Fp~Ch|t?DeV^;+#q&N4=0OGAYXumt+LrfKAYh) zOQl%;wxTsV2yt;P`f8zT?b&7-|E5-?&X82N>T(uNe54xLWWo78Lb5W@ps27_GRy5E zO8|wCLvPnNr|hdj#5VZ!J5@#;u6}$1O#B{Ww0jOH12sO+K=C)`n0;HJjk)e;!H>^n zJ{~ST>Axno-#bgrll0o~%93VCPqiWC0VDp|H2BsU!D^cg87{X+zHv4!GraUnyzt@2 zREQTiu~TMeN-UmpHFx8+fO~ZtBOy_+d*;D@0%omyR?ZKZ9)Y-XWhcEgJ0~;!;dZ0e zsrNP_W?{`Gt9g1j-Z(1U-k+i>EnZ5Eq#$VK67)*1s~U19(cxc&n^L}g1hqGwWw%Uk zkJN>-X@j@Du0I_ppX{3K8;!6NIaj+4)LxfgrJRxCIW_29(jDKXv$T}Lar-=T%R2(! zzHa>bwO{YiE02u5E59KB+(1mLbnKA!ULQdP{M;00JP9s?N3_eg&xpSOMy!?(8XM|< z9!1s<7DWHtC;nj~XD_Wablv}c^p}2wAxUne8?=EN$%nEou)mSEyxV1cBa;~vH!!ue zSDfQdWJp^1C-O@S5_+Hy@_*4Tjg{~HWTS`E3q;z4Yq0#lLpS<)a_h7U`+4lLKf4w_ zbS-9QT0Ni(_PwOW*hGLy3*zXz5D#fP1bTyUg)SK02Zqx z<5z=A&(~rQ`24F2(z-`Ra#LvW*m4&9R7X5=y*}QFVEkMY#;*I558D@qJ|NYj--GXW zP=Bjv-W_NQ<8OG@IcOfQFeW7hQr*`-m%Urd+O7h-A{f#ykL6>pNy@(=wd}ztG z<|vN{4kX2;u4FL3Nr()zaZlKYL@1%o7uOxWUs{&K9q)9W=4cwaOAic?zJm=PXJN}P zxwCq2I!WQ!yWDB$z;jdm)SoH`T6ve)x7O;H8ygR@bWLt^SqAsBM%|%NV-KRj<*sr^ z&>0k)2TJ2Y0xipSnO@p2DVAAU?Y^w&IZkJmtJ8Ns(dT|UNVHRGe>Zpo+-%61$Fv8B zCcHk$Y_Iz$SL8!!p;=k%$2phbqR_4nPV(dpAz$8LdDck&A!d~D)&YwQ!Am!!qrU#j zmAhZT*U@g2R%Xs0$IWWLde2J;9>&L%0Es@Ii)Ny-({3-d`x^XcBzcYn+1mt7y(DR4 z?ml2#z~7v4nEItkFI&3vGU3>}tave-_YhUJUmU%uGycOi$!6G#xBq*=4d1)&!~o*8 z-++nfLFykD6`Jk(Nn2!J-`^9@?AzHn=Dc?)$`0W(lX#+ieu}1I7-bk>p=VKGAo!tQ z#v;R4>CEOcnh`&}?}gN{h2(d+I?WeIF>{1A46VEOc&TyGR0J*Akl|&Ew-t+{WGVu5 zBOXukVC5FKWpILxlbd4K5isj5T^_iE@%1qK_hgISdWY+TpMXvZvI4@n^_ebT!#>EU zaH?KF?#RcKE{j(;Hb?g@EjzP5Gm;A=E>Ct9IumjTFvv?_wT*3<}$ zL=`GVU%uPIq=k}ghE8Cw!zE{*aFcu^VOaDG}Y(7vcxMxao8mzl|92XeK+Mr|}JmVMK3EJs;e>K^Qs*w*?@*v*pZ8 zV_049%Rn1ULITx;<0*5QI;7b2NG`Z>Y*K2_>$)I4OCpi^-ROKL!jcBu9p+HH9&-Yi zcY5b+557n?>5NQ9F1GG?EsT3^~LFFeN`cy|wDRmj*A7J0^>eeLHQrz0RK}fHK^UBAG_NO7`60jP5%xCLq z4`FX%L1)JbFMKRZo<)!8?S9H{SY}<;$yhTzjE%LYWg?m&&IS4!3Lpqb167%UqM_Kb z=9-aoXlb31byG5HZVYEFO7V7ATX9G&3}@&MgXW84&e}j1cA&PiBw&CZRzT1;o zFkhLqB@h(#xhmWzEZ~*N&@4o-DH>ALV4mV)pzw_#YG`Q4DjWpTO9*CTgCI3KB7lsv zD(W3YzMU2OuSW|NL38WQrmB#(CO1WL-dpu$blh#r?f30&@+1?amRt@8QGdqD zA^L4gLwJ|C6wbg|XqqY&$bzZUIFE}psuGAjE#rZGF{RXF0!>VHII5CBlAI}#%N_m! zsOqJ6_u2qr>}AhI;Rk40+3)^KRTH2)>#*mPHbWJx9qUIUmZ%snB9& z%c0kaqYEe= zvyV-8)9bL%s7$Gb;89962&Iam!>abF9(6>&^q2y(;TLhYq7khj@Bq^!vx0o?!}W{= zcEtBwSUeAnarBM6sO#af@d`5{ys;uBt02In@$Wi2!lBu*LF|4m>GzGzNCr7YQo zYDM&jEcta+ho9ydmHgg6t?#gN+#tJ0OFd_dQ$}S!>`%mNG`G*p8HHR98<{1W^^oXU zS`IsP5>r5hU)_4vrj&Y9jp!z+Wa;IYg(c3h=aPLI$Oxhsl{B6DrN=4Xjf~r=Oet30 zW#z~Vk!gO)e;%%Dck>gkIG_^k!bt9Ys~rBcV=a!WSmQMLZqxR4+9(97YG#^x#py)x zd0KPy)QqUV-*oHgP4&mgf=eSD%_NPv=VCZM{n3k)=s@jH&QxWKyYhY~6i<__W#rPC z!i7JC%qm#%H?=j#Ytu!&Q&4eO*D@r=aCfPazzR@5B1*R5^mqt5fy&tk=Vpn)x5mxf zYdi)dBF=K;9M6}f8%8|Hx$Ipc?u+VN4awvDx`x;KN_nP#5(bv%%JOSnb^)Y%x3izR zrDog8Dd~mrhe^g_+kn70S;@WAyne0(uCO&Y^A?}}gc$f13~9ATr&958A?>E7`zDi} zh<)x!+9oS$E)OM;m;8MBau81A!|D0+QO6u!TQ=^pplnB8@lL=k7injYCz=5q@#4Kb zk-I*E@+1b;7&Jr3 z!Zn`gr9U;VrMRZ$L^x6MKciRcQ$6&AQ+Di`V@)sPrv3%BB#gl}^}GvID(OaXQ#l>N z()*aJqxQWm{oknH&|_qlPoXuLotJ7lV3C&VH%o?)rm2bIv{4nkmGwDbTxeNUB*La< zioC}`iIZ2J#Yv2Z|5PoW%RyY`Gv_hcS}Y;rPXzxK-X3Ko)Nf5Ui)XC5Yd`ICp}2M* zac8Dm2Fkv+;sOBTm!!Dj$5?}ID`AAb;vm|JMK>Q80ZPDSn%9JE1cSr;VuvDd1xYN| zSgsK)|65f_kg&!XwAhtHHwQNI=k0eZ*lvOfC%G=2evXWuo;Eh&`oNx}>wLc(^8*if@pG(W3s$Pu~mVxy!iU-tvf$%5X=A)O#lu~iNo3a20i6wfNxnq|8?;2-}hwp zH^~QpM1#CP5bCcTM{C6s|7u{%1wnrndfW^E|Cj^wrfG?d={fwe+L=eA_ixKfI3B2n26%tDmaQ1=?l$%~Y9;lWopzD0GT#p?nr^sB z8iX5uIP@&Pb!)W#?grvmyNQRBG$fE1)d7M`o56x6@w*FgvjuRk>zO}|T0|Jey`%%D z2GmP8;u#+ssedR9rjGu{68#M_r4j#1iWfPE20mxXz79eX%M{=uZf(41GHmlWetF1u zuur1Etb%-Zv(qk`JT(&ZOXT066L8boCl%3}$;+z?#A$2&>DCX5xrYKPu8?TYZ1^Y} ztvT)e42_b^=eL#lTOUuF6=*x_Gfw3Um}BVKx}inm*!8huRcNw$J@&F~i@~F8^&9wM zm&g7Nu~xcHzHfk$#Q=dkh$iPKj&BVP81j1cy^I_0wWKoD!UUz3I9YftJJXWPELzT5 z+ogT8gpPbz5Hmu%uMIiXHs1oIbZe5-cq^-$J3nE$XsWdA64-eUdHFl>U!T=sG6R*8 zs&z~hRw`)r!Ulo22aPYPod|z~fz+r?`&;LF#VNXZ7yGPl;Zh|dU*K<{(l8f&nG*H; zP0Va>CckAr5H&9h5k^Y#f~|BGkL45ZFFSzb1MkT9DXW@HyUs46eU7SKF8PwD^%@c$ zHid5(L>=h2Q8deUsIf%kF*uAgzz(ZWyH}86FSv$`NS7^`i|!TN@+R+9YF{ zhvx zxmH` zeWDPL8cKF&5xyRN2ZY^!xYpkr=he@a{w9z>C}cI}J}{hUhq(TtpvbCzs0|h7ixe}x zg+CC?muhpQsL^@y$plnTayezgR9T;G+QY?;S$-{0x1+)_>0PGvx-i?d!9|oJR}RA8 z8X{=cKFuo@P#_IXtjb`TvIFS?HBxTu{)bU}m6X*L8kbgyI5gDHsAcB(n}v0E;W&}? zBaej@9dSF`+dusbZUy&;B)bxU9Q)7J@rHWhmPQj|-VZ%IN_)LvQ@uW)8XBrGV{rj| z8pRhif;Xe8Sgk6W$X;vT95_^}Cep=zU%QD7YAS|FyyENGM&~k^FK$t$UD5GASH)@V z{UW8S=)K5m{t2FV95`V19Q{P@t`5Pr4Vj8~;C)=`8oQN}=@de~0Fu^DIT@%~((QJm zBQv0EH`|!1@#N-%34euYbgG$u1hpxD_5i_Gygn8ld!)($qv>j=Rs&deLF}r$}F4~O^?ai(2jxN1cUF`SohX~P~W+f8ZblKE1_jUl$u-2eAFge%r#3C+BJPI|8HkzpzZ_*ar1&);FIfZKd|ntAO|T7E+H*(B+Av;@b5n!$D{V#t zN}Su-su3+MnH!Z{=KNvi?}nCI_%GJxDnKux|EQ%MaiQI3^3g|10LBiBc>tWQ_hK*WoeA_>%XpgAo5M3NVcV2A2rWWh7o<}87D=3}JTfi} z8WkNBoO#G$1oA!lJ9tkJRf^;8wD{5V3=Q?_ViPPVhumeSQa><=cF9twUVWbWwjKt? z7XpE&&zqpt#uhbfz_(Z^#lDM9kF{8N;K^*;uQg4IY( zt6-*Gmm=Y!a3E7sZq3!Xrs4m{-?ql`SflX1i6hzLwRR zokC}S@_jG`qZ)w%$gvWXNA-`J=>L?e{6C$`5Jq81`)NX!>61`cgI)j&+?vwzZFT12 zsc#bTUyVq#&Bw=qG>QTPag0?@8qy-L#a~{=b#=U*w1CBrIns;|J+>19b1BDx{EYrX zF>)oRDc>naaLU!2n{Mk^u`=Uj&g0S4U#$j2+ZS_johBUKz})3R2595032>n($?$eI zoH=S#k<(9mP9QpfokcutiY4=l!Ihq*)xz_M=lyC{E)GGAOFKxmv+2*(8#Xp%Z zE=jybsZv2^+3!j*nr5d3_&=LQsoy&8+>m0niyKK6b0yd=Kyi1!a_c@;bc<iyI28(}#De2SQ#_T3gEh{%PM0HG+@0-ADEi)+P zPSb>Jgej-?)thZ@9j|!|5WO@Ay&Uvs%CE$QocE;5C2X4Mms*$|)Og0mPt-GE871N$ zM+t4L1wT*|?Z@PzUg%Zw+fW6H#Gt*}0BdMVf>O@jIVbdU}ihhA?w5T@!5lf;zctv zq*nFfqUGHhP0FWFMR-E{b!8SU-E}m0mEiO0O8D$0 z`;0wSHBxr>H;4iEag&dzb*!+aOoJTSw~S;-wQY=0I5qN9>5)Q|=Wh|#{@HW@<>LPZ zZ3rEB2iv{c^ky9v_z(;4RFp}|uFQ;x6c-=Lfn8r`*@E+_(Qeyts}Q@)iQDJnAsDU# z_o@vUlN`RfjP9R@spjP4qzSfaoHL%*t_49T5gEpbt$3aQ{bo-%l?hgs{Y zSi>3bcAYsi4l7LC=(ILBA*_ro-EMaLs1P4XCVm&}hmm7^O4Hom17``mM@7>qO2Igp z5oE)*gU#?BJnefSzLsR)&N6r{E&AK*ha7c*ooe)#tlzs{p2_4g{`%~NmN~43@M5VZ z6yfkx?=2=JeZ<;k)cat0X}V0%{t>_}6Y9dg3zS{mr_qhg?iKUKJ!SpXbz?JFXci%a za=T{v8R!UQi<}d6Pu4!y#e2JzxZla6z6M{IMvca%SmRan4N#l;GC3ZtnAEv>J}Hjm zaY%UGyJTIJ7u4kIu@i)FlrSKr@72bOSrV*q(_DvM@=m-6Y#V0zLZrMO>>wp+IE8e* z-FdDkxM>JzZgP7%2yuRB)$ZS*7}Fr$+7`^mTp(|FSMrnjNE7X-Q_RP~c0qL${UH^r z!XNwu?n9{z&_^v{3Nj8riP&E?k5CY?isz7zq@v?f@*un+2$w59!fNL8WL z6U$|ZPvTAQY)(wlHg&Izs43ytuU3;T*`ifrRRl;PR#U^Gw?;Z7<9uKvt#B$OO1ZlnjX^>CB6*gqOnai=Lu_qH*ceY#aa+=9hGy`Bj`l(2iddvqDpx{meT<|DfNxpJgLhgwbq z9hkRx1Kjh1OD6GPY(hk0Bfuzhl2ftTh<$p6>-dW_D{~11D$lWckxlP)gP6+8d=jsT zT|seuMqQYUKb)4Op~9u1r;f*bGASb8Z5P?a-xaXZ;RzuJ#!c1#5Qzam;eR(qnRMJJ zkQe85eiv_CbCKr*r?40=fSf(t%2b}NtHBB+rH}qByuatdc^<3wNxH0#e!bZor1A!^ zVq_uA`;*g3^Y%B$d3=Ge3r=6r(S#VM??-)^yN1i^&f&=BO*274RloI%4j#2=^I1@N?(Nte%h`Zl$@1s1KX%xMolv{sX7P>5Fc zQPSs-?W=L$`SSt)34{I}4gF7kaVu+LVo>Az^w@j-$H8Cm;w~z2#oGoSoK7B$_4lM{ z*~pJ2N!OJ7{kV0daIA8~AQ@!`I-><1?J0FgFw;M}Zm>JykXYHVQ@?MXtTg7$4OBJ|#JoW}x5IOf}RRrkQD7)DdLbG5V7kXy~`in~XVPo{+ z(2r#`?2|jZ5%G7Qb&HB#AzKZ(ab@El^{2n-fA3f%eHUnwX~6Dsrv2rdd?TLIlj$p1 zPe$Y2k&c~az;my|to~w5@p>go()4K!%O`J@@pz`j_yEOY7yYum!Ys4k+phJZ{!mpFsl$p_s0&Hz#5(H|!? z$4m#k3VSEI7XwTZXu-1FQQ7#0NgI=3o4QjMiAh(R5usu4KI@8Y*{%gtCMY?%nLuUY}3~YtXLXC&Y?$VGu2MJAYVyW|AJ+tMCaSI@{sX~6& zvCXJh=#C6k5W|5TK|o^0MQ*QZxMEmkL%=gEch`yBCHwQtk%?WVADJ#!?l6mS)4ngG zR8a&h5&Gc?xum8xQ($l|U7)g9=4PCKmARGnr^SZyMw6+2j%0F;eLn99mH}Sjc)0Hj zK{0dh%A21n3lKxR0p@LbYiixHxurzI3;UKPtHq)?`HcyGw=_ew`6Y}Kp=Wnb5Z6~% z-ukIu`-+GDowhujICpd&o+G7%@8rMu>s$sK>>I}oFh{W0KOSS=CJ6S>dua4-!p&y-2EO}#U8D_&CfWlA1@UUUB>t^r4MTfMtswZh)dlN5XSQE@TOYrvmJ)V8T2*B*}9we=6Ol?J~|{lER5q~Tc&a5{)PYrt%TnRbAG z_Sb2>60_H|{*<+z&R5uZ_?FE`abnPfjsow0U?WOid{_iUzYyN>)@`O%=E(dc0UteIiKPDF~6niO*H)yJ# zJQ7#xZq4mcrPwv7u$IB@T$lN*s@?n>bT?MrHk(Vwnoj6_h~Q70S1RB#OSAVK+oXY6 zKU2wlwfaqk;_l??^wGQzd1V3Jf|bmOc$GwXVe_;tPl5>dQ3ua@KX2~);FmO=S^9db zxnYultZTagyJhEbUXNz;(>1HV{(2WH-(>tGEO~8jL8@$+S58-q(Pm?%M(wth->PFg z-n{b3ctHXUyi2wm$U@NvB=yHRc_+TDUprE%5K@a24o#;|_{BGdri97vYTdf54ZaDM zKIg}kX<+PH8T+D8mf0HG6Efp8+w%0VHk)@g+Ago$JnaSEQ3=<%(DzjHU*7MK`>tl| zPJx`;o5Q;Fa4{=tRh8l_j@Jw^2hm5OlgiTx{LbmVrnF3HN_Wp~X=?HZ<;hktsCG&ZZ6&wKq$nBNobc!SzrJ;q02 z9&dLgcMp{(-*s?xr=1_GpB_2nd=|5RoFfQ|PM|2m*oEP3KAuN|1=uCsXc)Ll|&Jg0Fv(bdQQQV_^Y*#DS-C4EvoV>@Sun8dT9 z!zX@JTHJt+c!Imm2F>}z`XO1k=7(w=LOpJDfcJ53Oc0gJOJ2M>CMV)UFPhU4Ks2%P z(fnU4CA@#NPKy_({cvmiRz6I`obpYJa=dOBM8ppWor8q%I)J-0E@jOv^5}pCR^)yA zXcVw&Z*@&C8+MrJhE~BHpA5bj7JDx2Dj0Hb(mCzz#yrB{5UlKln(MM*fyMML^E6@w zQ?V{x+%y8ydvPB#ssisLn!nn8P1X$@M77n-6z8zRg}+(|wj%c!PHi1@NDMkxBDf^6 zGhiRE%&msO~8C$xRoQGnuYy8^l+PR7A zgbQ2$`{)vYgO-bVxbhlK7(@l**2{G1V8LD5T-}!X=HyGwr>7SshW1QPf6>N!oByU} zvZm@w*)b==tpw_zIqtfOxrq9 zmjTeKBLhJJ01(;&{E^AwKoLOtH~io?Xl;g|Z7nxu83?Zqei6iH+3kmZC2G<#E$&@| z`bjnIOjTmQz!XO)6T@DBz$Tt|?L!xOK^~?y4Su074#d50BN)*rw6H|g-j5@0!QuT` zW2AW9Na3sE;byqR@$B9BuiumJzGcwr{6c#7H;5}xmb5p9`;Ffv*W8P$UzVTt>UYnR zoYUq~x}8sq#XS6hI((itUS04enXY>Npa>bsci>oyvT*DAc6Hox25?6-f2IAXezJVe z``w3ts2`O!!(pUZ{7!(KWSzoeKx}#qblXbuI2q$mL|t3w#Kl|Pf%%bAy3^X8?L)-v zRHqp5Vcd05&^ z+D@M`w*to~Pw^#zA22Cc=svk(A{`n`|*_D#f5Ef&zjfA`n2SVkjyK z(v<)qK?Fe{5ydDF-}%b@%JshS-o5wzcw^k38Rz8Woa}Y>-fOP8<}8AhMi|H^lB)rX z*v0PvIyeQ)S-C+DWb=f{ivp6}P{lO|!q9ZjyywH(4X5tR)}~1H)Kiw{m!avBv!`<2 zIyUUeL?JAOR z#YNsYz^tX$Q?akHRKFNIdd0;K;wGgQ8?>Z9CKvc|{p$^v>q{NMSFSbAOO2aY0_QvE zW2SYzThdKWYBsfqt1J^U$fjQQhgwjNP@7%_Qf9P4_&NI*m$4s040I=RW%bE@I#1cr zL9ZL`V15SV{vTZqtf`_8vHB?j;d0uuv1bl8jQR4P?{V+mIC7D0sJ&mdXyF%YMgCwj zx@rz}K$Kb0;|zmkN7LR^tF~pioDe|=2R%^BXHQ^r;#|=lIKr>ak;aJpFkgbHabc)@ zkTqfu5^rP1kqmfx*|dAFZ&lMJ!iRpJ_;>L)xNqSnrd{oJ^Il&w6Odz59**(7hiU2b z5^F_K)jz*KTi!MVZHbk&Q`K)Abhi>)b{0N@>)ydGdT=tsk#l-GQz3drCXlvf2KLFs z-#WQ;;YN#EifW2=G>6{j$??$McdfzvE|XGgam|`ClK_x zkvN|N_lrY)6|qsinU}J=^Z-m`XZFOvdKflwnhPr&_X^7oUG{F(yDekhztP<&c#?c_ zi(sm+ajcv-S98VL8A#xkmsRJe15HFEfc7X~FMsf;7MF!! zz~&FImOLASrDu1V3hP2Mt-JT4j!iFEVLxoNDRmu4&ItjoI{C_?^BG2(oF}V<4BnfG z+ywQ>M$w9O9m5T=-U`E?O*DMQHV;)U=1G~Dnd?xIK@~Y~q}{vrxGqmbpeNq|Nv8fa ziHv|omTY$Cj4J{J*?B`^+m{r3`e&C#8H6?1Ubps81(nIXwkyJBvgu~xtetd_OUy-$ z)$EKD9%hkB0~%}JxRRr4bn|xb?q1EgN(RDDJG23^JL%aetq^LpX(vkrJg*Gt_*Im^ zLiNqvKHT$O;>t${kiH2rl2{?H4sHry= zhn0+jFoj8`!ZAG3k}R*taR}iI|xMv_CQwNW|g@VHwMMJ1@ zu>!av0eR1dHJM8@IIV5$5a^8`(!`v}vI8|(peHqXujAanNDF)g#fn=pAf!0OanP!Q zxD|mFc0<;CAbJD7thw8x)eA$BDt$eSleWc1PtWjev|VAxDT87zxXg2?jX2l} z*s&+cG%or%3Ba3tU(3>wCWO0B$3HmiJy+8cr6YhkXZx z$sV3wDlG^PcVy$Ypi}woNAS%Puh~@+!p~@xRPwd}`(wm5_Vkr9jgHigz!fnCRt!b` zrmc!Q3u1#&1(yN~^T*fRjqAy|WaVo-A(DsoC|u=rfBp(m{!F*aFJf5iNt`t6rSfAn zxbnmOU*#g>NInN+TbFgBW+N{ER4r3qFZKoJ<|CdW3|;&uo+6q)`+cCq8Hcui1S`WE{kqW=JYv0u;#TR+CVE6#u!4N9aCF<(pQ(-jOX=#Km@?OTjMpjO)S zk#RnG2jbTys8PI|MVu?o96@D)g9k*9W#IbP?1NrmzES5#S#o4%v1JDX-H5NSYT7qV z;ygdm9XPNK3QfhB7ra!$vqO|2oE#LaznAz@yV|Q5>vCq57h_v#H8a>FR{x_6_UQ0( zgOt$N*jkw|{Q67exrlxlzl-u3igz5JcH;~v*Te|t~mO*%Ot@g09oXWX(mPN6D3K~z96AN^IEhQ zPmDnW)y~|l2E$o`5!7x00lhxBxh8O7`Ac@3VW6xyV?6Z( zOI{^u6Rw{~l7y#Km6M73bIYCq%N5NT-P#*kdA)*HGt_qMAQ)A0ykg00+Bdf_IchKi zC&$A*KxHSA#(m35yF19nbr*)6ukxD&%(BPwM8N1SNgIIz1&_tMQUSmR_;yU3!}b_) zx_{stf&R`>la7MrTQU4k5`&<54PqiA@&fK7hk+ut#T8w-L zsJcTWIf9+Zv7&i$uTw`F^MS-~EcdqzM0(BooR||C=G`9Kmn^BZyVcNh>roarWOHPt$OGls(V#%NR4mn(ZT>mvv z&}={|>MVE69ytw&i8{yp6l%6O14=gW8zvPKcM)2sRVF7a@y7lUP_mNpxajym)NN~w zw$#yN*NN$VOH?ZEJ7BYCKi*Rx5HUWn;fQJO@!}2~!wS|A2W1M9bsG3gU2BJ-BO~aQ z8jHwrT^_A3!fe~-{Tp+|709i9in$^ji@F&sWdKM-BKd|0K+3ou4%mp^=1q_yi-YI~;={sd18 zBThJI?GV+uY4C83{S5SJadluGwP8*H~(k+leM0%`C@z zxNo@hhwD_qa%80-syKM^4?Q0$nNGgSs)m&Nwu6fp-+9$&Jl(>XL85P#6em~#+R1>YThDW3` zUU5x1JdT5meTsD;O$;PLHMcYoS0)#oVTiDO<(qmTrU-16x~fp3cJLL1G#Q zdq3iN0Dg-3I20?qP>97Fn^tyKA}>_mb7^#mSdrCCRd!@N%{Wk{!6|phOzaOxjML8v zEdBz|)EqHN%5_|VP3#kl!EOx@`hUYe3QM!%5sx9s} zTl(h=uVko~Bop-$Jv((7F>g1ftz6fd5+8OI| z6!0kKt4NmuRtBKO)(W>G&Tv`t@d44yO3OQL6lT`poBg9L44u+&!KX^^(vWYY5;twn zowJsg1m3H2h#jFvrhwJ~C|RA_`hpEFPdiM_{oBn1zkm{61w3blv--$0CGOcBEoC{3 zN3Spas>%2RT)0GQ$KQSJu|V0isaD>Ht!7%5Wzn8<`dvFVxFTuV#-0vf9 z`)!4LRIuO2NB*>?Alz7bmfyz{jk_u}gv8}GiFM*~i!4DSBp2r^S20VYAeAx}>6UMgd+`pYA?tMr(*QV1+gqNU92c+NO z;7-hzjpLhpM&lGP98~KxJ)=GWAjan5BVwYPrBma0hPkoD$p>M>=T)gPM%o!BkF@UER7F*3v#JLt%umtWZf)N;ZGDW9T09sMGK_J zx6$Vl!(Q&U={iB~jIJybntY~}_Uv8Mm&5>WtI^|KvjM<{Cbj0`XDmBL%!(fIXjc1B zcO=5(0g?53`;zq8#}Byg&WS4>QfbdW_=+Gi7E;E;WvgA%|;F(?HR*cdy!A?m3@s zY%fbc$SK$&4+2>`50>y!5w)4D&LFEr(Xbdfc{Zt{MS7B z-}@BR5g*ou>IB2d7)d2OXvOlQa;<4as!M%-2@~&vr@Y>*EL8Mo2I17Sf>nFBdT5Y`QQ*Z{5FqenLM{|0b z9u=XDc0K@G*CG}aYuggA8jta)L}1L(T2q)chrxR^P>na$=ap}}d(?du7?-b`b9Z77 zUV4(N$MOW zSnJ$j9#!k>JClJ)dT*~+CJfYlDWT6%E)r2S{0K~%?sm_qM3g^tT(R4qu%e`M%a=3P z$NeBmNqie)zayk#697r>?FySR^z1HE85s#Z-Cf}F|GH_Yx;#zFbp?GZ-}0(*PEovH zpAWxTC;1W1xVHx@1K;<)u)q2?)64vouJNjDMLaQp@U#!=gTzhd;ZPiXAhMYXZW z@x3Z=<*?u-{@^Z3gG+a;*pqW8%Ii3Z#AB~M&5yKNmiMxaz@F$CrK^{TIePNAt6V|Y zK5s`)-ZEo+J$rg`M#=^3-ECLKa9$;JG}$jUcMvU{0WYFos2z~MNd z0CD3o*T~pnlp-w0P9Ba+18PHNf;p$&6dhRY{H8p1+wRQ~AtasXyULrq+<3XiZ~qY= z(~rY1V&6=j2VOcnmgO94Xw&U#9!Ln2+VVOiKJ=NVNM9o8Y&47Je0&i5*rr54AA~LZ zvD^zc6c_?sZ7>oj&F40HrsXgZ?daOcH3AE|wWxmu@wGtvZB$NI!TH1Dkmpl7_J#u# zx_!lC5IPS;%%_D3a4|!S4~NUWHa=2t0J;-oiz)$RuPWVZYx2^DyO$Em^ApStn82vn zBo8U~dWKF8{R>I|Kzp%IA^OHmbQ!rjG&mqtPt#r>S{`} zO!eDhq19F%>XLZ%r#4gjVKj8E(HyWrSKo|2tn4q(Wpn14!H)C^oE#O)``!~q_xPNh z-7bObt5|Z;4AIMKK%u}+5cMqiCPY$m*Mo8rn2C;NZa67EbAE9Q7qEzhu!K;Ku81X5 zo){%8e}T^gIwSIc3b6_m@Z6~+b>GgMT`IOZA_-RN>@Q4t<0Q$x3txbovVdYU{5A5k9h0|4$`ZuG5o*re+ d5U5ktw6nb3f))mHy6iZU!2foQ=lK5SzW`I|))@c* diff --git a/docs/architecture/psa-thread-safety/key-slot-state-transitions.png b/docs/architecture/psa-thread-safety/key-slot-state-transitions.png new file mode 100644 index 0000000000000000000000000000000000000000..34cc79b3596d12a8e4e98ffbbb5620d0c7c8221c GIT binary patch literal 70492 zcmeGF2|Uzm|38i+)u3!cWy@fUD9hL<*<~HFm6EK3QDe!LE$fI;Axlljo`{M_DLYw; zLYt*Tqy=TmzWlCXrc<5n`<(m!oO8bSIsgB8^r)Hla=owjb-k|F>-l=Vp4S|Lp@G(B zdQN&ODyq#o+8V}GR5S=GD(WK025{uS-jgsYsw4M3_a5|g_Hl5+*;5Hhsjqz!l$5}_ zdUy&-X$VS6+PJxiVVrCn-EEvb#9Zt>!69(o*%jmD;AD?kyGBw%Qc4slDTbv?m;czyBlA1DN5}>Ia2a!lYDK+qEzpa;xr`OtN zw3CaM4>;x{FKZ5BCBPpfIHc+1Ztvg6xMIJlxgXbljvJ%+{{)ws-e%a&;lUjieY-OrCT?YOkP# zDrlGVM@pSM3gC+q`Mn(sMBOCxvXz!az`}Q>DB4;0UdmL%7DdR|f4zQa4{NAsl;r`XW|1Zs%BmK}0 z2Xu5#7@=HT)YJ|gbvvpjN}hOc8=Mz;a0Ml0ao|POFizg!qa*2~=6*Dqau~eHH)kkE zzd3}p@vw5Yx4{6br<}EQr?f;l@?$F`tMc&lrA#mwLtsmwLux0mPM-EAZZ>wL-kkvE z431$vopInBX<^%VxUCtOgOd-*VStrPYRb*#mmwpMB3Ol<_LLPsy6WFgE|=VAh*MH;Yg7L%8YyS<~6ho`;!s!Lou|E-?`#)Y=A1>yO7 zuZDASB;f@+uz>8{!8wxiasu&Bm3+e434W;0 zvLE@z-BK?39}mLhweXGK__d?>&w?;HoKiyQA>d0$Xvv-wLBB@eZ^P-=u)TT@4p#@$@t`-7KF*BN;chJg}^@{27mv=Uq$`DZO~l{M&AWpHxC;t z2OB4x)iHZtD?5;ic#^X3)zJLE8G0$}|DPOsNnQuc0eRh%4PTPHy#LN|nEXcHIB!iI zG+M_%>(>_dKb_Q4VkLQMq$qj8-!7bz^R{m$gaUxR0Y?83qrvz8dz8lCclycH=D(kQ z!@UL?t4nl^>H*gFP0`Vz~9Y2@X+6Ji~kjr zroiW~u=uy3^y)1XDE;-z9}cC-G4wZ~G&xZH!=SXJ1fUb-r6uK%lG1Y0G8Cep9K~d$ zWyR!>GIEmgax#)K(o#R*jXxe|BPn5%+yQB6GVrEAoWCv5CbM?mtSl1F1{A85y|bIA z?<&~#z=0CU|1Qv`IEQ~S&L-QPs3aK%QS9z-NpbxQ%Kh=)Tnto||8r_&?XFcil$TmlDw&arHpIp5lQz)|E*Uu;we2V@5 zEgk*OlC~cly`7i4_iB}S4N3oXHR<0^qObX>Z%b`tyt(F+))=s#R^NVaO`3e&Kg{Dx z%aP}wyq;v`egMsXyib>r{o#?644ATv{%eO$sSX0ogpDuAJSh#5E3*I{|DMX}S}T;c zoPEgU@UIFK)c1V893@2k-s82Ft86(tw5alu&OT9mSCUc<_LvfCcg+ztZKDNB-B~;V+C(KgXezMC#wlfk{pu=)XPP zT~}$p|68#5T_NT-1Je)50?EezH*|GhUDBT)P$a~pGoOV;)VfXxkmiMCV}?9ccX zHIf4iWmWtgBZ@Qy4}7~IelWH_JTv_**%e8~b&wKLz~`^wKOQ-M zN_J3+t^X!)+W%*%7^%8O3VUCr6kp@szp29gfwA&8S=`^7h>;VPe^~65`hhc)p?K^+ zFTP4qh+?u6|GF`c^2q->hW>?#*iTmvIhcOqs3{EJ|DxLBr>{V90Dr!_1~oY(>Idb| zU+b@tU{m_Hna|&>DEHI(BZJj%Oz_X((tfY_;(Mq63$^wO3HJwyFMe++j+_|&!=1P+ zrSL=XsDFHtBt?%=Kz_stUe6?OIlm+=3Dxcaxt|F3c1l${`C8~BTP ztMBC;P_k9_tIsw_wWf%?CDI1&`0{=A3F{P}PGcdL2)n#lN7)c&8%!oJG$|B9IU z|1Wy1d8c3h{gdBQGj#IuK|4rV$;&$$d7EqM*}1s5QPS4$FyoK5_1_gezG?yveOm$f z7wi`$=~^YtC<1{$E$JeIpWjTn$Q0>6EObjzq}OC9C_@p4Q9|V(pL9w6P`mzBrRDFC zbp3Sw{H~mf#G&C_Z7^1Dq#srVKd$EDxhi)CzkKHUT`u*zq-Cou*?KvFUoUm}KQu$y z2>UO^*ME^~^uxXW?X|kw0bP{+gmYnLDB^+y8Oe@2B!jiiZ2U`132y z;!oOP@Shv`e-;UUB6_35w_m~_NdZT4#9zbZSDhS*za+)ZuV;R_=?|(L{oe9FIown8ptR`ju;wP#pVuoLS4E)>OQmbbvKR>>9f_ww%huhb7t0|}F4O3CUsB|<`O?@m! zF44`h+buMv8LJ(Nk`-kobckpqZ($eRaoC3;DDfIRGw!l!W?YAwF-FKd)-ukJwb|f2 zoTd5v<@@tN$}vO{M_26*=-TCz&^Mjo>nsYI&h(tP26%%;V`RAc0F9U#V>@? z&sYwcs>O-ZsHryf)+Cu@*%|jfSN4=oK2mU)df%R-d6qLrCm!K2H}N(H*LBljsO4gg z`K_Zl_7BewO+DEs2Ng1qzELrqwAlRkk-}%3fx@V?l;?Xxr(@G2T@HQKArmWF+{f|4 zX4g|VlmhOQgft9ZyWJ}pwqdg*Z_r{9YA{y41spiK-S0i0$1ATFgafwYZ|+Y7xj1_) zEoKyUlyF`&MiI zjmo29clv0Gj}K^?+{EZeId@BYOtotz->95_kaBXm%UyBX_(G4%J$)I(MMZbN+ms>b zJFCKP8;Y=imoQv6tH zs730rbacaD#Z0e<^TNvV=N0^jiZ+bPk_P#q3#VB7hh-1Ry(*}&zx1KGY+mttfPh7gT< z+R+-h*8z6kue{8pPJFT`wyvR(vVXwFhmd>e7UuNwPEpxV(y^AMnb)q*FD z^plg~4R-64FvKV?-&tHaE7yw+ob8X`iEO@fqE|TS;&w$p2vTKdhxQ^mwrcM|)|7{G&^j8H zY+YKIxiAc4z#bT53Gpdx7a-zd51KHpEWgi+!ON%Tsq}@nFYciNlUgDDVxSvQfDH=dDa_lOF*yTr*(?B0lEn2B%>wDAlLvPQZjaLMmQDVNOA z1W6=yWi*dM6k?-E8+6|un;e5nN5L`^Xjf+5(h#$6lae4-Q(~?!TLIT8F|KaIc=Q3? z2i2zz>}&pnjd~+>37n{3>hkJn^qvXrcIH_@L$*jV7E(6o)Oy`9n(%C zmUrcw-H^3^kiask1-!$3vkk@?cosNA8f%HnY?HNv`91Gz7G@<_BaW=2=&4smlsV)- zMRiU>{nRGp?U(MSaqnN<^@0kSw;)752&DU>I~ol>o335C!;RL>=j8l{E3IH!M3RU| zy9U~5i22reHz>DO6&F_bOQw0o z_vb$x@p`uZ&ENx{ED>FF=3V#QE~`$LEu@VFHq+Es6DAlXB%*fUkb9bi|L83vjtRyA zQ(M+%`zNY9*L*hqEY-Q4gDMwA~k%`EuJjNKZ}Chb5Hx}!e$kcVAOD;Spt zHx<~ZZ5lo`ceoU%QwFiQ{w}{B{$gkP61lO15mX%JbSwI%R~qiBHg1l5Das}WPeJKs z*28u4FWZqV9>PN{Sr&I-xj%xJvEoLdLbc6_uABC8mt{r3bs{@250J;IiJm6g!?h!u zfH6FK*HAsebW-k>rwJwpTqUV@c^#!SE^5}xMtf&Zi&sMKSoi0*PTH`tv1X_48-9LG04XGhICl`ilT99AS?2Ud`e{lh zvpL-=n-YXgT6$cooDus{xe3C;NJ72j2N-!!YBi~(3>KzGTQm2buKgsEKN>Xi>cpzk z+o$-&^uU7tZ7D&-2mUKF!fS&)$WF7eJX6(r=lDQN=z4~Uqn79#;30;-ys(mE7cngi zbkRi@Sn>0uf9=RNdAD@Z5-gi|u(P=R$bp5(xHJN5e1Q^Y_eHWdzXmbf8o}>#mP@YG zE7B<@-}QARDT=*Ow!60jS#&boGl0CT52>aDn{lW+wK)gV9Czr0c=Dx}-aXDkt#YrW zb0h-C7R;iiSK~=tEH5(_7`>~3lF^nIkowo`iN^itQ?_2ZMFi%>|nC;H8E-$y` zJsr&pp7?MjE$O`IVO=BTp1lOZ=+5i`a;S&!gpeQrc=*eykuIsJO853v56_4iWahIf zJIpE6r7hK#ZA53tDzM`n*6``PQ))vJ%JH*PcP`&w_2w4EJ50d$*1! z-FYG6D4OO-?}*HXxpYgKy(zP(emt}Vzz7>grCDn}PI;!$n-9f$2oO47;M3oYYOI&( zTKHTg4nLI!>@f*={Ffz1pXmm6mpbnp%_SqS&X8&_N3JByq+WCnT|cxGMib7RIxbUm z#MEvgjr~nV3d$n~M1TL5<%Q3#)2~jv9@XH7B)%ZU$V=}Ftg3noj@*0h`MLMi;;_|< zB=9O1MjuD6O>aoKW-xR2^J|Bb_bJW6-}-9WuYh>UiwUwTFV$0p#-Dh7^2HersfLzI z3MUkdic0=Y$io5QkEqxgg+vAE<(A!SW zXARy!<97d+mQ=-_zGBvJe!bGZoPkxW3p1e|6XHhN;(e#P z9HFx8_m}KGSIlgAeesodkNyOaxnvx8k!Blt_RU5)+pf3=)i6Ul`@0;|oJrx&%RyO0 z#WG<0zC*(qjyGYMaoa+y0_X0Z;gWl_i9-@TY^XTVB=AP!MWIby!hAzxq)7|Fen}lC zFIv1TI3!h9e80I_-<@EGnC$Rp4}meOoUT5BsR>+keN?%W8Dg60|#B~xf9%HB? zBl=LH=ckv4WSO^@?|>MoTsY!=QNB5IuhF<>ALyZsezI($b}mkj2BwdK){gSMe(XCCal!FE{O=3Qs7@V!U#Av=w1fN2!qQw8FM_Q{ga{yVL3h{SEL z$Y(@}6Z~yaY{LBJWyh|UHONJ0>@n@m<&U+aO%0gP$rEYu@7Gou<-K4PST-U6d2LfE zBdgcT3YCrd@Z<_tO3=Z`TzW43#%Lb>&%G7)#U4=ElhV70TXMt3URVW%%N~hr27%sQ zpwYXl@}xf>r0Jn})vn~}H}_AkpGkJPt0QYJ>u6XcAx`G4O z%+;h*bhA1Wnr-ST2Gebz5%9he?tEkjGgwy7r-onb(>4MAE*y4;ppJ&=Z9U?7E;okG zNT>$7RP?B2^9aNWZ>n)0O5y~% zX=#HloWvYI-k;?`z=z8hT+)p9@Tu-S(JXj@Xq2THF6$gg$EA3Mf%Xi_nb`4e-%M6j$d$?~Z|XB|vxD0kubZkrx?9LtHA=Tz6u#Lui>c;8uMclj}fO9b-< zIL6m5`;Odpx%9H`w0REt;;2qy+jbQ^%(#W{v~}G^#)M4E!89AC1V+a**1URXZTro> z7I!`K@{F=h)jZ_Qe6trFE&m3RXI3K*L&;~Urh}wHYzceRDBwYQ+Cn3uDgwpxA~S3(d&+gc=oG7HLS&(hUnKuWE~ z@8f_(W!i@XgXsp~d&}82Gpmz=__t@I9x?AJmqr={xePPwp%eum zHi_RfccCtUl;Iil$S0o{JJRj>zD>1hBbQ9FVx=HC=-w69ZR!* zGQ)~C#s)%Og-xlj5e1gFU89CWU#QU?t(wgD~^)TE-j6{}oj@8PFm(|$X`F>`H$tI8a{Nu)&m;#U z=fV_}WGzECzyot>|C}NAmTWi^{9Vq$CabqJ|dOGS#t3jdu!woh3 zR^dxwilNHR=gavJxvyn$ov|0ta?8}UDJFTwf?Z=e31MlpT+&yZWG5x$wxChiz4EOd zagN0ee9)2hL2Cpb4Sj@J3c4$IT(ky9jZzs_-636HtKSx!UIv@v$$kfrOQNr>i;5nt zstWeP9_dc>xLiM6<({P^$gcS0O2VFq)H9BQ7iN*qvW>1SWB1Tb6xmOEERxC&6V}+3 z=$ot;WY2 zgSMcL1RgJ$v&*qFq3uwmvJy*qtfLdNvbU09p)qh_RA||)RM(OjDoek(eWLjaylY(; zf?A5oAVpqE%`i7$ld#G$w(~0Jwu9*?h&l|3#g7SRWJ<||M@}^-_PvjyXETmP!@#$9vI#n}N=p?0;x3-0+Q`u>%!p>5RC}phP9x&Jl%kPJOn)TACi33>S()WF zl#P%!&lc%IiPn{U_%{gRUYO$Gvvf(Ram&CeFmvm^q8+8b7_mg(&BlH7l4qAq>$A^3Q@i)V9zd+8_e$x! zS57+eN;xjbs<@)}oDc$2Sa*i`ZET93m_J__3a1wX9!lHPyUMC&3@}E3yskW5u*8APPU=uJav8*#U`o(B#c3gzB4U|C_i@t1sqxObL~U;{WOoT1?&bL~^x8tB za@wYz>6j)KXp5WyYrfja@$w;k4F(QHCdDbkaLv^_Le+xtAg67P{$-&ix~C$MQxZsq*^s?x|h%TLYBz>#6C-&b6|ssnP5e2k*T=D0EthWJB^z zBDyq$O>^EvQ+;?cu5v>1l!(DB9!=YeS`7qf>%Qu7Jjig)OuYKE~NHDP; zVkjTuCkm2=duo?Sxr>S=-x#2CqR!(v_Zi$D!$6-d32>+dt@NH+5|FINn@b#fUa-n4 z1mPK`bfaGJxHs_)Wu6ujF{JhE20e{+g&4L#)oucsk8mCX(w!;Ay|0u5)CKPwdsGBz zoFW=#rtTKCc@{igg`2i211X#bDI5Z<(Y0Lj5we=eYKK-wvIw+f>%`+@4a=qX)A_HY z6Gggi=Y3}1x${7Qg!0N_amIU*jl%~sqIN6skU(2@)iy~?WX3_qf<-_x#mS}_!}6Gm zOvecoq>i)JZ^28q>2{dTKj{$NKA@B&o?x zGezn=$O7$Vl^IwMd>fKyfUbv!o6F0&;r-^n4?;c8wEvAk6=p$p+z3(XX%gC_KbxeD# zBlXQzX&aabBsLs?4RLlgR*j__-`>{QC&-<6p_}81Uxt?Reb4eJ6&r!Ep=8&n^MjEB z(U6i7P0(XG-gr`^UgXchK4|{3Y@>+mx8YIrD=C}l^=DYPrf)ahX@9(+HajbGHATG! znHueRQ9f47kSRzfSb#`^7#t!QhYfwxv9vAud2{Q~Zw#c|^=MALcMy>I31THca+ zQ#RdwtQGLn@McfRa~k~?0HsTjvb8<(0H957dh9pREF_pc47i7tM#Dk^KY(2Eelqw7 z7LfyhkR5&D-m0`PB4EA=?`D~K_P})uryX@?=_luhZ!nG2Q#sr}z4e09+H4lC4*`rY zp$h;ZNe4hF$0frz(H&jUmMzt&9|UP*Z0*(2p4%6!@mKffM}6jfQ;t&0Ml<3z^WK?Rsb*7@@JM{}fk!-UTEn^E$(g z>L>>@Hd5jb_Zg^I3OhI*& zw|T=wY*2qMNKWf5j^Aguy*>}#UVmx+%iF^-i1i^vYwtJApR{kgyjsmYHoj#Q)NSg2 z#=?z1}GD#9HJ1WYpVC3rY6jY<|7!K=IB=ZWb$8PC_zA`UFXQ}~U5Y?!1e4Og=;>Zb^`~%lmJ3b@u znWS9kl*zpdrUeJvW1XJfV1A@~yd40J`3k`+FN{J`xV5-bN!S@xj=wbd{-R^*xzGK+ z?=CsEVQBeEE=Injy%j`@e4cyj+{2|hKU=j#ivYCbGZ^UTSSAyfEZUOus`+_wt3U-L zpJq8IaKy1NBe>6(gQcV9R(SmC4w|_$RF$+?At8elY~bR!*1EYq9*_8{<#|1WLW1m@ z9W3#nw4#qL&4Vm+!)eu_72c!f#h)t|a$cT#z1(CO)pcsOBUV@5XT2as-Tqp8ty}Qf z3+dA_=?z?$z1K|L$Hv+vV8^OS+7R7g2xgHIIF~Gr`P~sMJGJmZkVkN;-Q=!$)a0cN z7^TZc9dgw8l&`vwD2|J=muGg;aPX;g4g!Xw{_{sbWo#YYaP*_-;nHpVl9s-2*~hDF z!~tbb6BGZ06s{gr7Mz0~n`3Nx*Bdd)>)Gk}$aw;28N@ zWi{+c#U9;65!)A9b`#GJyIxcc+i(#W@WGE^5{SUZs-f|UIfnCE!%d2oZ?NdfrRl?A zCIZhY+M^`p48F9S4Q$G7=405^nU0c<&97^9ZT)aMg>{w?!anob^NGIu`x;)C-f~}u z79#Q{YVu?Vt+dO_PV}YS`_WV`^5D#&7Ao9FK(1Y2s~y-krh1Rzz`c>1r{%M~KR(rg z@E*#ZGl&~Ilgm-*IR4?qt3tlAE|B!y$HnKNdas?7e!@NFlOy4kP9O;G0EW(?xX4n0 zy08%Or5;aTmTT(UEP2iXi-sYvduRKO8xxg-Dg)Bp{A#WiT;NS7aZ%XDjVu+>dWhmjd z3{~Xr2%AJXqv~n(X+CfF(&>EJeqP0r+qTxB>-rG|B+^>*?Gk=ReecGM;1Rekfe{%J zoSuP^asgx)F0Opw3|;7bzK~<`B`P$)kqcqM)wj|%=)-7;hhbuu^)77b*r1eVYQq^eYi#NW)r3gC4Yw<3$Uao;poWG?ai5=!NB7Js27st@D&bShyQ~-` zNkCPkoe6;j1C;G^ePe`xNCoSX3&MeNB!@?Xk9{v6VB(R|*waQAf)+#|!0Y#cWr@N2aRWVUkoWfp9X&p5$h%z|U;jOl!Wr1U3~h1Qp$A zr`7i843EMAY2gb0nJxOX8n%EwPjwLDUxZ;ihFZ?ag3^dc68)lMC%&CA82VZcvZ>Z4 zvM6i)L~Z+7Vjqr4_m&7TPH2gT3;4^Cm_NHk{UhvQ-)|$#7T>1}{Q>9#e!*c-j%qCegWe*}chA>$e00_Svz>M?|=vHDra%6^f z$CuJ^4Pk2a>LP?pnlGP~cv3XHG#3t5lRj0%ZdvqVL8tWb$ole7S2_oVUX~WRY!*lL z<0Ujiwzfiecl9eYsyUL*9BsOcb#6n;J7j^8GD6L|GOI>T*3-rH-=XG@G%g*xoy?bn0XALs{Ir#0Av$_2eL1mp1t05kbC6K zaXgXvtoqX^y9YLBJI}OjvY|ivH1{0wc(oD>60D}PL}wTVo8EQ+qi1^(&8^0oA3oi! z?5>Z7a4^zbF(uGBC|6N$U5nr!_g`AxnW}f=r!F0cgM}EJ~-)znl%t_<#kBojE5| z$YPrbi#f0KrrG!m;k`uY&|zBJ8jIOkq0_ml3}HbGNdk=GvxO=+@S^^+@A|HU3e%ae zaBh*Nv6Roetd?I*O)phEu-Kh%CayEvltVWZizvBgSx;*PZHVAyT84LRY2q9bjdU(Q zlv3m~$~#_9tJXN#?9tR8ABK3m{h&u@eI7^0CYDTnZK)w;?(lItYR3|P0zSYZ_IS5l zIkS2|usrdm1M%J1u#HlIAg9DKBS(0(?e@W72D-ty5cv+d_WfA&wtI*DvHcw4kA)EE z<<>7)8kSyE>J^{nRS>}!CL(Tt+wcshyl6BU!?fw>ex)&yC>1f5U}CxqthnewkW4-f zPGVEx{lPvqr6E43iv=D?mXsh+))?-(^An>Y;CN1-KV6j- z@@8gM59x|_z)cuT*=Lr^Z(_EkDXPX3_OT+QA`uH*&TWW6YJINP&e~E2FF?K?QmwuW zgU4z@#FMm|pc-}girPYWuFNy9p?Lhl@pSLVT^?ulHLoFx(3SP49gDN}i&<(bpLFNs zA2|pum{ZleK?eW(H#oHVLW$hQ2n5B6&95PTf;<*-O?zZk44?|*@ z5X#HZu1wk0uF;~Abd2|zxzYC6p|Aw9*AVo1jpOF77xh3<#SWvA+!@(5) zrugtJj3(J;{(FjNckO0;iha?h=5Bqzy=&(P+0SpRChWUCx4!T=E``2ODANTb)FA5d z`WO(2yr!81s%{?BWukN3MN!L$x8M0!Ur4g@Hif9e8*J0jrL3e`{3;m zq6*{KMvVoPr|h&s7wg39Y16iMM-bHzZ{inKqhVRZrxN3Rol#wzo#_!=G>EYe$MM63 z2xk4EXWL&42o27PW`0q%tKI$Pargl`lOyGi$$qEws(SYX|9Vuk#es-T?%TW1gY3~R+d*`Lmbd8&aA8k23wmp!`EF~ zU*^FoNE1#}p=k>~F1oD1yg_S>D~^>jJ*2* zo1V8pe`6A}Qzb=!Ua#=6>?+X<~{ZSI-PvvNuFk?Zt z@S);{SJUA2;jO3)Z=*n+n=;;es>XL+iOOB$NCKIwOQ`s2va5A^_9=2Jj}A?6zEU>U zQhu?Z1&^dFMc$OM^)MNapeo~tY~42$`}T%R1xfHS!9y(s6~)tPJq$R98|5A3sX1|9 zKayBuBqOr+L|S(CbAo>JGb;xNWMbxT0O859YsXHI=BM{DTdVKYQ)_Y;v3YDntveI* z)J$aUX@$1O1olf>Hi-~es!yj{&~?K1ujc7)>cJAG5W3Lw@HF)@ua&VC#?C?#rGU}n zc^5P{QX%=`sJ#EV_H&@TO$B-BGjKN3C_EN^^;x_)_QP_2kf3v?GQT=nyG?`BinTTu zt_jPHYKbZ)+3;2xJTX(ShR+iyz2;=fXo~?Qvtrz{+B((FyjbA?b}N@2<-xfi!TT-R zv!n{`Vp_o?LofmXd@8-0AapiaSe?ZjqnT$u8e$zw0&{9zH-j{yh=Vt~Z6*Y74bUse zCqxK6vRq4`J8r~_uTxW-xUR+yXqg-3q6=Etk#vP|n@$Z%8Rb2TT{MDxqCdJjHZgWl zki_K}c0yuhc|_?rbU)u2h_2l*5LEmEa7IWHXT*(cXZzC2bU@4mGHgbwYLBP}Z@Qd~ z0(^#%eBug!`hu49Dt%?`^^pdyM{S`kK2T493JMmPN#Cv64 zSlG?ae7;e52bK<~FV!OFl}I>}`oP4zYfot_seZhEWg=wV7Z?C_=3@tUP(`Wm@sB+- zvm$hz>J~DMf9s$A=4|jM-XJ@>fn}CMwraQf*>@fw9(F0a-1l1fs=;OSwvTwOG_j0re>JojX%h%Vpd~=D(7^Hq;ls21 z3n);9y?tTl?cw7c?Ih~X5E5I%VHI~yK#P-6K%}2<3{>8TKs~6FEyQ6sxj*w}&>%Z< zRY6Axhg=G$ewRFU{HkF_Xh1f|G80{&JedQnR0lCv=dl;-UzD`3zmN@-8Buyv5bIAX zgYo-Xz-S3_yagOWYr|Qt)>E6gT0U2;xI`;_k}vlAauf)#ddgoZi|oIO5xe`Ie|RRQ zTmZowH$B?JFxe`U1`W_H6ldBdQB5k=gRD~^*ld3?saBoLyluBhiz#}fC%cYQ`gPQh1UEBGZFB8Sr&63vETGIcc#;h$q2=tAZ~U|=jj2{ z#(c;~Wc5&Ma`+iHsv4ZhWnK309T?h%7+%-w71QR$PEQaY2o?zC#j&s&c2JGF8-y>1 z=p;QpX8We40x*g>?r$Hk7O9`5?FsK*Pb#x!EZ+wT0{%L|6V%;t2hZOy2VxRqASUq< zP^oDRS+_B&OS5jdF31?bdi&)sH-b1Ol>2XonIIz+ONOzR2MB-%Fd1ZcB{EJMH!+I}Rl!`m; z>~cAf4%wErpJ{C#e=tQa8JZl^#@K zv|bAx9AP2kQ&qJz-SY;kS+94UR(u>(K6Aa-FldHTLR zi=^PNA!%@3?tVb{_QOO;uGCtb28(Nt>#MUaZg_4ebFj9Uu`*sPu;U zDR>95zBhkC>*KL=A9>d6pt)mxu#IOp?6ff&5V4k|L3^8rU}@nT9;FD2ZyMrM3vM3# zD3}{~=}Zis8L&QyfHst6y|ius5SM

d&V^xPxt`1u{SZJl+Il&MJLLq@Q1%9Pm05CLl?jYF~PN$>$~XP#qKF zHK4|L>&>5VG_&NOZQOWu2}z3x*&M>Beu@YrH&zh3_7L!d>J!{*#^pZ8QB&uV;p{qz zU?R`a-_1J$RC0{sk}KoEyEQ^F3i$Wi1IB7{99okmgeteoXHAf_&s>%e)3C+9+<8F9 z5a`eGW(H#)^X&%1{7}0tqaJ>1qs5H_v^UREacH*3#o9ox=p~M^q<@r5!a$nogi>M; zM0{Y4?|kIBqRlWL^b#nZ>7oHCcb$2&S}Tkb=v9%#1Kj+fgzz8*jrHQLDaL%r#iv*I z5Ay~JT-(e4{6ybB;c{K0m+4Mv#bt{=H4Vthy?m}-MGe39GhsS(G_whhQ; zA46(6=ENm+f=)F9ueXPhZ((hNYL6K$PQ@A&g#ixGQ1Bi($aN}V#t!DwS5W*YE)Di% zW+$@fUAvL3?PK#xv>YMG(XAEuwUDVa9Y?``MmoSpzCAlaB+)QTcR^ zYy&#MO{PzdnGkgR?z|ll6GWiGEEUAuXqD#Q3-G~Hp0>xaiJF&Gv(N?2KiwP_Yq)uv zD4kKP4N&40#_Crb5k%zKoqwW`KpbQX94%L2N$=c#>i`T61f)9+*={O~0`~DD&?g>* z=*T{Z0IG*i^N5f71cKtR{$p@mbU;n^R$&^zP|;C~(uK=3$7irA(Ewc{RJ2)jBM$~h zVWP(r7Oj|c(Kk1Ebwno+;o(i!84`${x3=$2TGSw^cG%U_4ERgn3nRt*0u7$tJam>D zWgKv#Eza;HDjB?6GFIr5-Ve`n5>Ppg4uru!II!s7o202Y2Tz3SW_?@$g&_CPP}caA z>QCKytWf{wwJ)?2h_j(O;>NVbn$`e?X9}W7axEa2CQdB*srx~I?Bj8;BB28)^J1qs z>H5I(Y-GN7F@PLP3`GsbJhSZ(^{?IBsHwg^~(99q`u_HU0H0iN)p%(k{y ztB(tINFdTu*~%sx+Q#XZ+`194H@G$htHY=`)mESxIJh%4@SPVBX(p3OH;`ry$CUn= z(gKSs_3)h%3m-KI1aaa>nKr2d83F_Z4Sv~HQ$?=>fC#Jszirks;50P!j6tzoeaM0f z$Q2dyGwbV9Z;i>Y3L+}4J5IBO1i@57rAy!>DKJS{#h)O!s&~w-Jaax9IH^M)Wxlv1 z5VNBX9XzoENypF?+r8hGm9?-N*UJyYT^o?RBS6!aDcE)FM#Y5pby@v0G!a;x+;a5n ztx?jW*p0tm52W1}+4x}A_=G8 zg)ZqLE~1K&Q@V*8R2giqy2s1)`qTkuv~dUkO+DY}z)$z{z5wY5lIR?I9^;XvEZHy( zN={k)K}Ge0q*CXml9)Xck?%ZbdDim)(tg`ig8DIWk%b7>__pmKZk*8%!q^{;+}ghv z=0lsQh9+;-K$=m(_A7iYFYW@Pek5oGlsl8c8MY<~o8)9~N>B5zgCm-U8t`BThrr}c ztIB`}lO8VGi9{8AlB{#mmM%U2SdQLptM20z!==%ltO;v-uC1fuRV=U%94yj6IbYsI zl5vFDn^ebyK)(Rt7s_3^g1C=41tgpqx*N9rsNFxudQ^%Vkih{BFxgwhO6%)dIAY7%{ANZna+A z&7;q*HdjS3^4zWaTsA|ri#}J*2MR%#Z5b-UR2))7t-Lh##GO}YCja_f5k4epwl8e+l}P}7lYo{^6TJ(_ z0%Dy&B?0cQFxev2D)o4eKz%TZlrFWbw`+`+0f@QsLuXOe%Sj+5ZW?NmCm}{Ygck3~ zlHt#w{8jza!LP&gU@MbK4Q_{-A+O##SZ#>y8$++V$KKPlkVaq zE9C7>`-ik95>|!QAvHGLe26^?#37&Sk-L)i_};X*!5KfM#Hov}t&>eSpGd^hV2Ijpeve*}2%J0+hU#2JcFmzbxJZIft>) zg%vHBB5qKlw6Ms1er5FbYfQ8jk5|GO!d)e-cS>ur{_D}1Xp}=Oo-TDM7>XYR+1`a^ zE@><*S$c8`Xo4WP_p@CVZZ+%GVEa&S6GoM`VQnNH22*EKrzM;gyQ_Wu!^^T_aa$VA z*8!7fNotXBxTI2vBd7(L76mdZ;2lqW89kGR&G_y3%qF0ueHosum@KAv;L}Qa> zk0V6VIcJ8b&c^E}o{dJ?in&ELlS;M8{5jk$@|wi5nUHYFS}@0%2P&dw%F3sTWAwr`Q)^B3QL@ z_yN1nxrXD$)BK162F_iy{LS+f0IjEvW_hWuqp1n04gnguWf4wji}W6a0w$$B)(l7+ z=M9Y9x%Keum{Y9rvB8`34+$b{`0_`)&rl@`HNMeBMh#mK+@6z z;R9@tHl87wB@lw!fn}FJM@kI6qKY`71~s@;oH2GMj1QNBGhS5Y5?0!X-PO4md5|RJ z58sx-5{zlv2lk6Sk1#>u*NxUcNZh$OXA4?d=#pm~kr&2IjPHDEN1!`td$aaNXlr@k z(tKQU_%I)0_Qjp0?PsaD#GL)U#77e4XZ#ceihwBaX6GG_jTm|wYB6GS=OCXK^9E^) zmc+qhgnDtL%^7Q&O6$9z#!PS`=?PMwWge1}Mq^E3KC^M@N9VjJZEqS%8)a#W`?xc-8dlo7w6sWx!4!LsBIDbIA#s|w} zqWZe>r2Uh3(lI&Vn~^L?)%-AzornxD5~uU%)W$(%B@wR2;hyDTpAtOB}X2 zn$8R1h)$cms)Cl#14E(AaXnmGb?D{%I6s1TKgGYDvrK0fva8&;7--3G*lpF0KmwEb z$`2GT?@!?;#gjIs?4Mgf6X-CZx2*Nu0>im8z64wM)x|ZKU+5&wn`) zNjIbdVNBvorR8%j6CRdXNy2E9gQ-B!IHe3 z=ApJqHxaF2lO~!Fs*O!qqM3Bhafj&a0JbdNQmF|5$5ynT(RNsMGuM9QN73@S4!Y=a zG%CgWp7$u{4qMBU85}ioh$yi4E@9vv3)2?PWDRpd=Wu&cUz#fZ^Z@3JH;ukgd3tzl z`T4xrL;iw@i<#UnmjFDeliVpPjBKWF>DGy6sg8a;6uv_1EAN(FzsTZMQyz@U1;NoM zO}F=~6~I_}SHHtp{83b;Cre1+S_)qZ1PfhiDg>Rg59hjfg3wb)xO!FGZ$(zFk@L^zyhHMdsS8W zF8V5fJy?x~he_HrX=WJhRyDQvqUNlU$GUe7K7lc9OuB@=uj4-Sj4`7fFBI?lJf<*@ zwKPgy*g+yihwh}82>n7{+wilP_{)g}`Kk{eps9EaAkI^fEz$b^CwHXe1Bw50 zl^uoAor7K4d~l4~+0afj+DB`L3Z(yduMleuDsOPf^nI%=l5apnXJmC>?AsZWF8ODU zLL5ldFs%^ni3@|tU?6U@>)R<|F10*cm+BHC%tg=A~uR&c!ek!B8A@J-Hovojd6UwKGr2cW>$zI(at>nNiBf zx%En>L~~C{!WS2Izquolwzd8~i{p)Yp~$$*5MjQ0Yx*tRSnbBgoU!uJccs|ia7RLN zY-e;}J8?D-haTF0`@v(&fm69<*Zg-O`S^H=MjL{6UB?t$ww1W(DJ-QDwG;r*IqG0* zp)xu)Jw4X*}3gP=@ zoi5B#xmO&f^HPEo36{;t&n_JVuj;-fRx?TYlH~g$!LH`R)nU-d=%^Cxx6?R zXP$~nEjPh<3nnUN6H2Bn0sKhSx=mk-A$a8! zi12*e$o@GF+d)LY&R5T0@gZVm8fJkGu6Z=T&ex@SkJ-it>8}a1(+NcU*+RVqn;@c3 zq|RmZ7c^S%=`ifABrp8-g@md5&D-5Nc1+fyytdEA8av0waM0p+Lj$bm`pykqG+|kP zZ+2Vk?w)+SUqJ(YswGf)3yAa<)_U*knwnelO?Qi1)w{9m=s1NIL2J=jUsrrZs{2ne0y1YIyj4^ zFT1*tQT1B0Vs2vIg>kUCsCgwzF&J{ZcEC=LMV!^JEYUEc1lZM4Wnf<_=vgYZod?hj z<8A6p1n4C*9dD&UQ;o~h8wS)*4+`c5?&vghi&Z~)X;Y(hD$H3>n|6oih8j)1*aE}D z%u5r?CLzQbx*D_K8N6dc*gDStkEt^cgtGnqf0!7AG4?ISGWKP%mn>u7vm{YsNGf~U zBt7lLQ

DwSm4q9_S%c4@O#6#AXJ=lOhp&;Q2UbKTc+uJeAM*U5rpVb`OS zAqC0TN&oW#plVUnXNV6&)Wr2yG?nVP)stH&cyIb#atP{KBYIvQpXt{|K6mCerfwG| zTl@G>pgdljuD8DMtfMd-7IcHsO5{zZ5BNsQu@ow6x|&}qi^v6E6tP1$zLoz18@H$T z2B;fn)q)xn<@X=L|R6@yeVqqJzRn(Y_myXFw0go zLO)F&o-$<(Yida78~!S1e*WSYCP_%qF#N99Q)x+J*EGDAhI!C!D2oq}X_BB&VPSUJ zHDpphWG0&04ZBLY1(+&G&+Ju_*rk6>UMVm>Ie&C$e~+snKNLOk6|Hs2wG!Gb&DD8C zm?#=}$M^ZGACs#e&TP!Cq`o9Unf6t8i9*47mU(`U!tbA7r_S&?8^;-0X%86FqIz>^ z(duD#`j}8ymabo6S*C@c%Zo%b{VDfYRi!?p`n93>xcyQVuTYCaCEKWfEO*7}WS`DC z-ImJG+ZzYlvb~v|p6fzTrRV)yf$wSD+y((x`zIC-5??l*PW_p;XtJV_eU^F%64uQ( zmTL1Yk`nCKA71%Ber{{nq-XMFJ`b#wSCt~$SM}$njgWT|uL>BJ#M>NliNji|I{0F? z4rUIgzVmX9&i}%cd~s5~28y)TjCWqM?G=iqQ1`KaU!}i=MF{cNa9Y?y--HtJN1oQF z@(MClmyeh()cg!TSSiT?#Rq+QiZDoQnT4n3;dEN#Hqk@Pc_9h=_WJhfuB5J^gIFAH zHth2v)@$JT#7_-~5}y%18<(xVgFqF>#-t?>p!kl$z8qf3Y}zG0`#M4kkKwaoYYYu2 zl(KSNY3EOhou`kO%(>p6cfJ=7;cjFc;vH4H zB+;c9bKB)wh5^qSWY)r~FTlJ)>Kj%e=P;#}bVW##!%#d}T~VGHc75){G_ldo143sILWOK2fe4~Z(KEyu&*@IAPt8K3)t6)+hG6UXLVNZ90~r96Dm z{6!tri-M{it`4Zxi?Z2Lhb|2_u4A(`j06K*78)&06Uf@H{e(Zy*Jd_NW*VuH`Tr_S6Zl+}3Q6MZb(Y>%}W(@C+j3s&bDTP$~lXYD~y_qiF zJZbMx&XmcW`Yv5mv!Nq1COgmHCPocTmc&Z#udqJqNNGHjZXIZ{>zaeWq%^yTNHOnH zH0CQMGk~YD-LVbt7|1zyiG zwU?}O3*-l4N`8ZlZ1m($*{HH|0e@+6x^=k4DNmy|*~a3FF4s7+*#?qjon>+jsgl;I zjx~B{cJ}X9(N=D5>QtMJo7EI{;hIxpNwFgApBG*)Ni$^GWKZ+6fAs>F^4iOr{mRE} z&BRAqskAb)W^m}=-xpM##5=w&yLv@RWvxc40Ap9f?lMUKbK-d6=kD;ddxJOXXI-J!eYXjvKwx?$v$$^WN@4Gs@JriAaqJ5t)dC+IZgIpOgsH;dt}F`Z8DfT6qtw zq1Kx8y;lR$H;(ThG5;8ReHJJUW&Kk71G_PONfU0A%p!?Z=ByC*I9Gc6AP<469xyvt zA)UC(jB>0QJvTqlVSGS@Q;a>Prb1R4?{xi1E+=WiLIWp=;j_6+b9#NFU%B9vBCqkx zA+*Ab@{eS95;4gat<+8E%#>6wSqW$mPiIGs+@PrVu@RX^7O)idyX8`jeu6)ge%M&} z-M4vPHa2ExXG=R&7lk=42hYFs&-44$2YN*{?0Mr7iTluYZ>L9qAz0XI6t5H%tDr7$ zEVb`x<0ehyxm`-%MrvUfEMeZ6_!HLNaQrDq)%Ds>9eW6609WlP*iSK=_9jLtyu{ey zV)zelK8H-lGtTUdOk#M`O;1ek{g{iz1qgM?lQF86J!$Tw7ABTHyUgvo$-;W57dZSN zaal>4^K7{xw!9Sr!!YOjicWW4a|kHayDi~;6rZbzT;aW>*j0zkrkszO=lQ;FC1(} zwax20xrjFX?-j%|#_kg*tT{q!?qm(~_KAW&F)!3P**FY)I{W(IhaN$K$qAD=6gpww zJ88I_3iL{OC3@lRVR)?6;=5U?a`^Saa9)FufEVtXTC&`P5<%K!=^DtqOp;N)4l7DO zKJD#(1U_V~wEMSOBwgkl z*nS|v(KxVP!;CV^cH-rwbKll7D`54yxg%!g<7^MgK55TzTb0AXy!WHPS7whL>sBD% z%NgRUOjQUV?4$=6pB>V8YV4p8!A|gLuGd zEotRR)W5DMAAiUL=F$PJr%7p}617~tal@;Par1@_i?3fE%*DqycBj>vuj zZHc4|$td_|-Jv5zzkYmG_7^ksO2j9+S>EU$(xt3fq%$;*h2Y15M&K=}e zJ8|#j9c*?}KH)7ZBs)_>8t-l*#@4*4>Q-)BhNjGinV^?ZU7urFCU*aP>s#qsL3-IA zp+Z2LWih5cGb5|8=kHRS4y~WMB&EB>11qiXT9dlvM-2TE@7>V%XJ-%JKk-%dFp49N zVTL4z=u4A@Z^TNMyr%`PwtU-wJUz&P@7Kt*NEALQSh^SQpWF2FD65^PKAita%_FB(C=Hk);@Ic%|0G0uey0MmLYhpLJ{DkI z>2~wN&lC58;-BWJ^34u?d-q5z<$Z;j*xxU?{GTsTysa+XldxkMgQY7~_(?L=9Hs9R zn;jzBxaOZPt9^Y1WK*AuRlr5*#?*ZIX=A72NmJoYUYZH822Dmuv21Tm<`!*V5EwH% zZgklHu)MmPH4c8c)ShkSTyps4F~(gth}yZ1-Pl=rZ)-VAoh-!D_m2f8Y6u@IGPXi= zp#ge8o6F|ShsZ;@B7)n$T4;{0kQ1}GDtkq_`ooW<4F&sh@Zp^jr>%CzpsiouI(S7Z zLgF|F1SZx@RWx;YDLa}>bZ@uG2AF*f%%uOs&|&wZxJhu{;mY*A?=J~-(O&?rcK3qL05DB&FW}b;_7FVl*^+S3d3DWoff5a05 zNZz{pfs`y_0rBg&=*V&r3OE9+-Pwu`?B(G5`#q2T^F7_aQjt=a0eaohmmLU0;@9HL zWOru-&AxNL{^)X64q zj|>QAbsBs89uoF5KuzEymX4g@T=!Z1u#(FdUKU3J#Q%+DRYL$2(9FC&@mw1rAUuxz zUK5_SW_TT73eI)1dn;WD;P~$PIrnMZ*%(rG9Nvjh6_CPa;(mA*(rz-M(dQ6o0wV~@ z#Qe)0F9(B+a&2MPtL>X{O<*o*4@}A{gVcEnO}d(e*~ae6S*ib~DTfYd1@ud49v@O6 zywM7I|Mo(dzzgH|QOou)3L$`Ocza!eIT(p&XCELV{69;<^m?iMr8C4{9UyJ#Lgjw% z+8K_MTcG4a3W8iVtNjnnsMdM0+?8TTqEN(P7rexaj39*{ zNh1g?ZakvwCf>|@yd{zDunA?6`H~R-ionCtaXF7aC=QB$KM7pZFeeC0Rf*W$4du?@s7pzwS)=8@Ipu@9^w@gs$y_fo%%}VXCj{`wfYW z^rrhCqLs;H)X@NIU{jPXC@?ERC@*`si}=WdY8}v@^s*Y89U5wXcWiJ3n3D^Q+$?TSfz9K#(oP2k2S= z0$byXOq3pDfw^vI-19;Xyb!2}J?|iUz+wI8D-;EK5@Sa&+AD)b!6t_g4>P^5WDwBS=;2RU3~oP?llQa)8*vB%>Zja zeN=r^V2(ouB-H9<@E)r5X#ez#g&cmQc_T?ISVPZ^bZ@S|#Prn8S6(nd5i{A`l)U`~ zSr27+=PGb`kP`zxeN`e@OVk#<2M5oARf1486I3Zy_ycic{8ahPbJ7cN^GX@XHOk}99UdQSfvIF+!<-|`i`X}|~q z-8yF_@-g_4m|=8GiiPdOAj95FIDQjGXZt5a!ae|G88C7N7SqL03pl1ft=zkM?TYjW zx(WSWoPx;yq4M}Y`-io9iZCu%z%8u%B2^UyMIW#`){ShQexxc=|iQ%LQGX?m3+ zF@CqA3zoRFbxjhavU`FWZ$Ab}xexSyUxk`$Bq8QO5uz<|{4qj4xz#)uz=34hf2iF5 z_Y0S@7<)dKK_HbBclb8h8~)N>w}4ZvzL-|h|G*Q% z3BGfJrvILguw4S0>H@+BvQ3!EW6KrJ=v3{0=lmt;MW7 z6_$W&Q6(foXYRiC%Dy9Ub}DOzZmY&y+O&b}?2bkob$>~ga7R#TOKyaE;ja}3!zk8J zT}19T`1SD$!n+EW@P!RY?g(q4yrdEZacImO4_Ya0L&HXCj%I%@a-7`>>Ma6IU|Ojv z`=tFlAK+ROz={B_j$ZED1Td2pSX8bcD;l9R1wK6WRf){xQ+s4N8dR=Cl*;~^HiRK_ zGB9uyo>v<-jGPZHgBkaJugv*6AUgC(I|O)$ATqn(c6UgA2!SLTDW26I@JRkpUs?_& zCZ(@%nOnu)fb&lEkA>-rN2fz-gWv5G`3#=nFH}jWpsWL{3+?O)o8+5Bj zzgl)6V!%8+Js;okI)2VPe#-?lG@eYJwKwOj=0c`;73Kf`q`)7H2+U?%n#=v*g98T) zz^Fh}(YOpEexOvksP+zo^Z4bOR~xyHl{E3z_7TJCR>P9bK!0(NNf&Q?Qhd(00Mf+o ztIi>iOyA=)N)(IFW059$oawd2@Hw}e#`YH(pVF{Co1V3a!><>!H@{s0i(L14FW!z#;)-TCl>G4pFJ}GUSe}wX2L1Ekh6OB7oE2w=h`K6*ME*g>z!>V7p_JDFrSpJ z`WACZ?Q26=LSjZ2*rF66zqJpC3G8AVU0C#92CHrB!OjltPVp0IdK#o2#1hu-IE~QM zfN3U}jqw+xaBOIB_nIzlOqdc6Nk*@hthVU2ksUGteRE>uaDD;6rR=f6?;=0nO!_EU zrzmUEI*+P#l%{?sJor?3gFI~P|F#1yV(Lqd;S%xYJ4%XDb!R%HMQTG2y>le@-}9NyO=!NxVsBwcHPskKAwUV^Ypf!sso8dXd;!n8!5~$@;J^d7cA2QkRy*Em-oLXp<=V0= zNHu!n=nxp&TzREdKnQ&=QYWjY2L(S)f3G4p{=JIOA%wqe@m(6R-BLPQrnchr!L{=; zz$C;8>LdO-`bz$DX?c-KG>cVf_iF6s-!Bj0`L zMk#tq?C%6|`gej%DHGT$=^9c>gvIX)YmFa~DD9!8nNrqqi+^Aw8p!#Je~7EQ$WFjL z-nn(dN-F8{mbtm^6q_HeJ6fIVxp9+oK%i5x?t8ZT=YeIowc3u~1tYLkp1V43L{vMV zOO+@Z>G0a`m|WUvxI?_z;1y;OO$R)k6~VA(fc`x#3Cj^3EA;{NnZP$)sV#@GbMsfcwU)vg&tY%?mcT_^#FaFu!b?Q_MZ}+ zE>`$?HF4pw=lyK#x-O*j)C9e`m$bf}CJ^oz@nzU)a}!)oRzLQBdixfNduIT#r3r!0 z;{cqM*b{JSklVA=1J9(%z(eT~Y1ljB{xS>O`kj#eNk+dVu@4s}lXY7)^v>4r(HbTUMk z$M*r0V9S~tA~Y21n85=jdQy91cnx>*Z(O->M~G0;;c$o4KJ^f;HC^6HO8aZdj=pbr zu#&hZKN%J7r~KWsLNA=hE`_E1883LokFHn1^x=q$=zYY`K7Fw~Bd@T{ZO2bd^(Vdy z=MI({=0cu1 zdcs>rsXFE8Rb#24hE$zbPt(o;79sUsE_2DbZx62di3daesseHb;$Hm^ovZkEwEQ*# z)YCxT()r2iw$sfwgBpFrE3HJke7Gc)b(@QN$JxH_&~Ad@c%8?EFzQ~ku$HuRak8*I z?i1)Md8Bf23WCqP{=5BLa-OrfHa_bd>kh;Xv%oTL-fos4$)?Vwt}(^r!Y+%7kKNDu zfm!Etbn+aED{0?5i7314?`_9-?}#NDKzY)c0Ww09^D?u-T;QowT5KaX_74{0;s$BT zEG^_r&PI9LJQdy;zTQ1id%)*7Wo=hmBOT3Pla!D0SiO!cn{b}AOeWKH ziwto^NeeCizcscL?fKHUlbVx6=GADYfNT%%fG9~Ql#-xWgCE`eC8tv}`Kd0YmEFU& z(a9^wm*W%AssmCUytb9XJ1B0edlXzws?(+MROX)k_I3nZoi7c5t+#Zmj>q1&O)V7?$7+!Er+?@o@ zC43Hue1seyqTMPclx}UQXCGSXlL4%g9Z~K`-A2R(o4HFG$^zH4XewT5I@>Pe9D*6o z04w8(fmc)$_oyH&%mjz8*XyAibhiL#}Q zKPQc`XGEOs+^?k_0#~&0Tehff!ykLEj}=(D*!rBOxz{wO49f>B+J z9C%joWwv(c$?28migIADhNpDSx7o*6Mt*Ut(7U>oI^2G}QJ)v7SHo_-T8bV{GFBnP z$<`Ny4U}bU-|f*$5KroFAzeC2VJ{c$-NncpaQAko@Ou1k^_~f7b?D4p`zZ%tJ#3=} zrs)b~$H(=|q`e-v)vue(Y^R?S(KMg=z}sOji7rQqXOZS%Id(>x_?FBg%Oj{1xm~(b zzmo)=f7=JPrK4ls7jF3x?OuF!nNQVW zrum9f7k@7HY+%2NeEP`A#bnnY9=X;yA(iPbFngx7$F(%mIO~rdYI7^DX&@_rlXzv% z@&v_dRe)!Uy!V&W*NZ~)$ORJ^YFEsfP9;}LCh7)v8!d)LaGoSuAEL~6r!vvP3l9+W1MOglqMQ=V`CB!Eqt zXFegFldgk4J?*H4*K^SKDY!lq*2b((PYoKav+mgPv~!WOHc19p+kajhKF(@jY2azL zv!o(n9f?e0w|sCD{}`5I$!Ayo383{d3l;iKy1`t_eHNcfum;RTyJ3`*jL(}Rrudx+ zTJMHurKE?i&OX1aUWl*U@x>Qddf2-H$L^RN?XfHl3B#YQ>3u7dboz+mU#5 zDn9s zKLyH8CdL%@!f}X~)qQ8kJZocrhKt$nv~9NIslGDND2z~1>M+W?Qe&Sw$T`C=CR)q= zpI^GTgJ5zvc`expx7*9-kb{Mz7B3@vq5sE=Z-K+rCZF!n0ywy~`X*BOq(750u8Lwi z-oB-*PH3Z$Woy zQY?mV$(|O=YI395|9SZ{yuBBPK`P-LZH0r2o!g-7M+fHxmugUL1a)#Dz}8AANZJ;u zr*t;)ybrOZH~uo`i8BC(GI*V=a$WEGgg6J2>0b02?pSLW*+yGdg_nTKyGXMq7m4eI zl(4t>r2eL9P^?Rd(ZK~+!aRYy&Tlvz=ZLvsR$vllWop`@Y0Aw+oRrGU=pegCYgyE> zElRhlC^_9H##ga;sJT`$_#b5IJO;0L|8~4Vug{rzO&)`9bJ0I?rG* zvi*vWFs54_&lED8vC%qWz{gl~KR!y0WHP!WQzsj+3l|F~at?2oMak|T8r*fyaQ$5B zjjzQo=)EnMt}x5!kWa9?dO6~@z0U2xvCDy90Q0j=g7rmyZj>&-rAuoTfs_-gW9rB{90E|DKK^fD%=3W~+$K zKn)XZ&1cAGd1{6Fgs4KW)|O4P&&^i3=3WgD8eG(Bv6SBQ&S$qrr0~Is>%%MWpzE2T zPO#3|P=C!Mj~6<__|V+TM6tMHfo3g>V7@M9KNOwmfpNcI@z&<3X*VlOpZEnKExRty zkjHXn+3CZnjIp9VQR0s?!30U?^kHk+q*Eztq#sQM`aN6M8Ip{JD1CG8?8hs=&Y3s) zqnuUi@}C{ZVVvQ+h5YtDK(_Rx=1EB=+GE0V)fMk+ruP61VQ<%SRTt^!s6xq^o$G=W zm50-Lo(5F*8N*&f{ti>AEsXP0)!c;fXsrk|na$F-^vPQeb|ejn{W(wLh$_+;IGbgM zRx;9yS+c7=YHA$7V$T!*2O}$L~YO>x>oS6E&nmj%E`^E_lNhZ5m+UYt*gV?HI zc-N%ym|(%&-kfL0%NmXc@akDDZFjkx$|5=HuB)l)@oJcOF8J%x&7~cLD*{1)*b=|D zs3@C^W;^uh#hAL)L9s?I@f{n-?B13thzMN>;r2x*+jAFWbjTWp4+d=qV|pXCUSdH$ z`P%A7M}Bl&x32g&t?Pc@@sQ<|s`OWk`o5<;n?6RlaTvbAgR;RXLfbh?{hf1*M<<)x z*|rK8-gUyL*YeHqJ3PN}!z;8;;j6JvvaCB)H@$bi-cToMmeiY5m%3B1g>0Ri zfBBAaO{rT`W*>79FWz`4%}Na}_z4YN1aL1B0Q*G02>j`zpy032wMnRqPvqO2AfLg z1WBU9k=|q>5qtLY(oTwF$*pSTZoN8;y?glqNj|pGTGn$e-aEL%h?}p@)2|#E4tKq_ z>Nt8nyU%Uh_njYhz^pm{Yee|5U9Y%@l)+TrglDV&a|?$E{3su}iG2pFs|)sFsijk% z@!gkCW5>^RzFjCx%@hY?oq~pqoBK@K4>_k5`ANCQyDN4|oe^JXK;6uF^Gm<2?YNit z`;9Tlw%XZO7G462tA7;^0Z%i=R8k}p1yZ;ow$s{rvIqWUk3>`eo=Y+@x zu}3)icCc}vPJF4_U+ecWBePfbaxU`VjIJI8GoB)n+$YAR=;6+df;VZ0>DIB}w(!Ew z4CnlSOIZkoy^Pc3L~9hltnMq=bP1f0!6`C3Nyo;~-eIIU=9yA18&ecB!g_e z=iX80KmxbW8~XvRFnolTIL|!X`bIojE5Mq9x4G|eqB;H=pCdaHgx9Q8C9aw zM*7W!jAmHcO3JOakXFDGFQ{Y>h`vZr#F9*%t+5dug-63u(pBqbhw#Z9>U_0ggys+N zXD58)_!Q>_o;AX1**qHTloR+XK&Zb*L+BRH&q(Kho=!Obi9HQ%$(*JEQmkX&+%UA? zcQ}d(HaYpJpWjL!-~YsYcHjN8Yt2Si*;LX~a~Wk!9%>=oIgGZE^zb ziH#JzW?CofwMGgzvXL-plxj*!_dV;55`MyM#~1Y|v{+u1$?1&J94?l9n^B(G*#|F< zk6e26Z>A5+PbjI{0^m?~Y(~Y@cBaAcA{F*=8N%fhX&M(QUJ6f5c{k3(G>0={)la7w zH|xq2pbppA4?6DQE$*Jdx@swm^2cK|sJM|Pg^{-{tB=9Xw}ldDO|0 zzf?{MGL?!;$qx4p(7k5?by}0S?+5vbw(%V)etVGm zewrsr>z!HfV&>O_|EE&$MG08_Xq}nuy!H7wCeq0QjS(@{L7r|CZYC+l-yp?C|E(Qr zf#jZ%;@KyFi;Y~RSF>a3*XZX^{RaT+Yl)hBfILUjc6bU93jb9=tu5?|K6MTjHszD+ zdX*knZuziXx}@lW*#pU}45Zx{3H~?f`SQR2nGUWfyO^>A9f8@mUzMJZ^BXWHJJILp zq&&YSARO{D?fU!Y5C4_15f&ZM=N|510_m*MDJkO&;T=cmb6BoCBqAOLwG+Gw7XSWA z0RF_go4uheiPYM|wI}LsiBMu{tP2l0Eq^r!#O9RPjlYT7^nYLe1O{n;v5&*n=U&OT z1e>ei4A@*EqLhXNAqzRV;@zUdQ+>0 zl!8Pfj;~0AwHM|fYd-AS8gm(&Jx1WVX7NF- z{QZ^yX=Gqdx*+NPGZ|!zOA$mS-`x<|T=DKZNROk_44x$GAxb**umX$5(!+JH;};KZ z{^RjU4N$_;7jJ?cphJn6Ik66zCsI%Tu}*-r?5B!UhT~*` zT6!bE8XCgQ?}RMW$iZqTz-Gtc?izW}LH5;u#M1vB`JghqCn!Z~-1%2s4+UdP(jFId zx3&DmoNCy##&4MieulPhIR^+BI&>yGeB1Y{H4J}E2B_avrr$R&Y9cnwxY+sa^ zvS~)H1pKSir>TJ!mT6`i4kcZ-vN?Z|Ge&>Y(Y{cT;*koqwa;lREUMkOWbuh}{D1;5 z%^gbQC(7>I2L7Lszl+7^@5DIiMxsyOl}a@5po3J}eYpan0axDT(;F|Y+Ja^X1j6Gu zvl!akUW6x&yyIzT^R(cx$9*1}$?*qSf#Kuc{mo`JNi=W8{@U^Y>lXq@XQJ8j9}q_B z`{>_6P)HA*H=0iut17|V{r-3EQlXZfl&Kd4Bqgtl@j$70A1G%5f4c@?YZADHHKb^l zAl=U`^O+fkXq8Y{52p2Au~&k~OL_74Kdiw6)C*2M9DaE6hT`7J9E8@27)7%FJ-h;nX_!GArH_pc_8z zHn4Ic(YIefYGkX-Z+hJAg*v)RUNVvSu+XPe|Gpyd=rL8bL$>xPw0H{!R7t0V#~ToF z?Lp=21$n6#v@S7YM~l?et8o+Hk~Ke(n1|@tN9&63BfDJV-}x)xM#46EAiYEoNH767 z&B^QQpcza&*+OWJftv7O4JZxcEC#DpMeHh6dtIn~w(}`czc~XHwvN+okKGV-)3(2w zc|EikIv%G(?*9Ol*&@W~(@h7#p&M<{0P1xdaS4twcFIY=VYB9%ak%j@^v ztOCcLxALuW@t8e82ihln1*x8733FvlsO*}kV&eZ45Og}rnu;;EW8waIg{qAZsrrqLd?;gnVxe>uXW zRUB~^T1x1`xY92}`J2tIIUCpQRS~oKbLU-;SlI3WKLvrt?!56xok%MZ6mw&AcCn%&k9e98Z9KXkB&@DnnSIT!YkCb(aN z!9H z8>XNdCwIyNK&1$MCnk-t`G~ zwkel%t~Z9V^qY4Z^QcV;V8W6wDodOtEy0w%09I7%_cV}v3gFG#x^6R+)H8<6WF*^^ z{{Bg}7k7{EOSsn}cotF}+Z10c?uTt4Wwsg&@L%NjZcY;Rwsu&Z z90HKKzGf}(p~6M}cfaEf=@jN4|MnLuhm?5uNgOsC;Re^qBF!wJCrZrJ(7+JWr1+(f z`Q)4KpXZH2egor6_qvLLurVtyD?mg0Wq^{fD4{EF>CvCZCnxHxwpzS|pK+7{+u z@n$RTD3~i7)qI}K>_yLaA|g4`q-WK|oY!h=9PtdYe5SYvCcD$siH4U@lZVu-x}iVE z5vVK7?>Tqm>s>!#IEJA08UuE@kI<5IkhxAF?;HN~>aG^erK3G?#sDHUHD z-_jnDQi_sEi6s#iHP{StW&JVM9M=^{TcB>3JtbxT<{!t6OEVoO{ZIR!I(7fZ{ZD7# zvz`A?aOqOWY5SN*l@EL3-jnBv$SiL-yDWRrU>fDhksSNU^4H3h&{`AEXJ*FVTkSWj zv>xZdj=jn$@k|<A)xve}DSJvBV!rTuZNuuBJ0Vs4 zYtg9a;85m7FY9?5JaeUF@MlXUDm!})9Esl|a>qz99Nz$shs2MXeqA(@(df^!h>5d4 z$fGX6hm~jh7qiPsSNSR>V$GQ!KwpDh=UBp4F-m|kT@e6*~ju!|6_ zD{Pr|2*jYS3oL=H>jHpM_ywe$V>Q*>twnVL-3O0+Zr$X8zkjP);`%G=(UC~=5*W#@ z^lIf_SxThvnSvu1kS27~S zm37Xa-_t1kr`2r*LHJn@vQC*BIh+3Ns(Nqqm~t(!$KHN)TNMxst}oeN7mzjLoxsJB z)P|TggAy?FE>!k!9IU}x?R zy6pYOZ{D5S3ifj)-=5BMAb)G;#K>kCH`rPHQv zmL&0!zayQ7!5o}r#J6lFj+NX^4(AXHs>{l8xekFUW)3bTqBSg@;}^iWbi4ccGQ8)% zXO{sOkVw2$`)*(Awd61vJ$j5rq6h_l54n zWhkn)-g(+6j-es+@btXeiC!B#0Wr?C9kZM;O1WwhDAh~bZbWKHEdh5fZrpZlo;VTq|GSa%!^$S19~BJ*Be!Fua>Ij zM5se5k%?(Hsmq%xbx6BpaAzHyczbF2()C|i)^=x_z~rvB6$f3jZ8b@4l%h62=&hmM zn#`l?O6_YND z63SL&X2(8mm9vzpjBc9?eZZRyi&Kfhu5U}Z{!Hscdx3FoI8W+RNH!endWYEuhQDJP zpYON_KKgnutZ?n=`7(4SDe@Xq56_+~y~3@Ot@QSg+CH79Bl}J*`Uuukzdn4|U!q7+wU(DKm=vvw) zeFE5!Jy(V$5X#`vxgDKD6)u*7K!PVN!K~_0TLbt{)-cNX{bW)-G_h_|YF4}SVeM|; z_bA7cuC3> zxuhiKA8A;fNF_Q~zo*@wMtZI1I3`E&Vr<@wJv(2YhZIvFaCKX`FGNhX-mmf5o<)+$ z!g1kLYpBITT>(3_-COlEs_yEm4#x1kR(Cse@a&XCUL$~EITR0j5h<&$Z-2v1eJn2w zriZ0S!+_YliM%O>ZX3wd+pVsf$}XJaY*ZwVkNUV~jCA@8o3S3;tb`&8Md!QY@&{k~*s+t$s>v9Gj-%XFoN4+kY8NRH zx7*2Qn7fp&vP-eL%Yhxh-F;)!Ki~dxS9APloEV|x@=9SljYSvR^gl1a&ykov8?WE8 zgvBuiL3yOGrS6d5BNgs`u9~CT_89a~H;8{JbHy@K4Nah4k+jD0z2{M8WvZ(yOlQOj zT;q!;*$qb-|E0d^Uu{a}eJbp`WlqL0(OnaLL!ioKtoH-d6)F76vXxw!50(Zwexkuz zhty)hZmaZxa2w(G)>MqwU9i0t9w=#BA^D6i8*rZ8cgzKAWMx0P3#Cd(8rqGDuSwJ2 zC=XutDb`r5m5O}REWHPKQ6t}L6OOQTPb7Ndul+fN^E2_)eP;HZb-AXWud_Mc%7~89 zXcf)68O)W6%Huk<>aO1cTk-fofR!qcnSOG8ph>eQP#PS`*4o*{udM6T_wAO~Ynz zvR&+foMKqBeG+seZNc!B!L2S{^F(^KUISa$p8DR-V+ugFvxemwb~(OW;V-1e}^ z2h}Lzjv7cT&^*#}y2YI2Y_k!1iGj&(Qrp?9X4p&a(TS^v+DGX&C$n>-u^(RYL`{C_ zP$l@xX6hHVr=H<>i)qtuioNO0JC^XYbChEyWb<;&&B8?Mri>-n5}!XT`qV`r#*@)rQ%QveY+12T+z zt2pb=QDnx~4GH)h+ya(Q&>&R)dX7Za$txOO^+}DZ6PzFJbsxrnr*&(VK1G?L9|~r9 z1_Bgz_@lA!qY;6iLUXqWUBi^wrg3ws%XsO?&Xu^_p^sP$NbV|y_RPJrL2alYd)JkRQBhS!jdVS zPTo1a6MezVw(PR;7g@`H*{VJ8vtLjS+x|mXYu8CZWkET?-K2fPi5jfYL7h0f_|?OK zVKRX=-FVW5cQi(sMUk|a=(kwX?9poAlhJ$G=+LcJW=ly5<=s0e9mv{(dQdvQ@MonzbW%d#Dr)>;YNAhlz*~xFWZbfD7-=W5cy-*McB25 zsk&C5>W>MNT9^~qF%z+4ZcVOfkC<*yBndtk>giZBlbux%BsfITzVqZWaT0DxJ!xu; zV%>y%AWh2g_x8GWHKC{5uBq!Kn#?%ZE!;xaFWe#Txl>$wyy+GBjoI{VwCqjET=JdE z(ZfGGucmx|slCx9e!0Gl%#b2IY-&=r7SFu4dmn}R$ucVaS-Iq*C)ep~%WZzCs`oJY zY{3b#vI>Bp`HFh)L%`{>#1$(D-4XVT zd?1~g!N?1|<~`A{Yf;912W6w_XJ#%c8}}-i_m@LV5TQ};xkB6Sdd5d}yyGv(D*S1a zOn8-eWR*Qw`!&68D-*3QT9&)6l`HaltF6_SJKyVnHRCyS)$iD#K9No(qcFAPTwdqc z&-|&l@^j&JnAF7StUfMFyV|WsT=c~!P)DV?*;2O)@>T7sOVlRMPKLK}jr~0EHobnd z+I4hT|D3^g+hh4^2ixqs*C)=_dxe?y<6Cw|>7w7S@Tn7+9Ca++MehXo|H$&4Ws``Y zp?2|Q#wF&=`n>Di=V~+|^YI#tQR*oeqqbj*PSvuqY3(RdJbk&O9&)==Q|Lt&g%h-P z+3O*22>%?@X;F&3A$=65kY#LVxZN*wnk8v$rwMv&9g>yw=&F1B%uw{9OzBgPr!s4P zF*(Jqdl2cjqpPVkw{}-$2L@6IQqd{H+6OL)8yzw6$IXbb5O9KQujK?iPW_4|+6gTl zsQ2ApuV2cw1})oIV`?9?sP<@%*ky^~mmjPQc-Za8?5q_TD-$q_`+cX1I1yGz7w4I1 ztql!gl~b&1BWEASh)%>ey}6x<`aOyDzhapt+?MuG)0zU4f&XT-v3siOGd{jkg4JKj zWK{^wk#V_XJ?4ypn$J>Ob{r)UGq@+*&{ZmABr*^e^@-;U|1tV<|sTq_OL zT>j&3RV~ZMXL*R-jRzu#vP45-{#SKIt7(pMw}JZaS2<&)f!bwuFV~J z@i}Dpy`G~T-M<0$h+v5vaa*pqJe`NT?AzKN$;c|?O5l1f&1YzQnR@Y=BNJ{!U3(XG zYd=+g-K`zrKIXoK`Uh99=Tfs*)<3K|uFoCKNVvzL%qiSiPo1s)O2oJi4x7{l)HY3q zdxuSW3GO;IVerzElj8;p!Lxp@#j0e5rL>h4GC8rDpU!16;I8&jvMqj)1wEgb81LdM zep$XziNY9j8&`PvIR8{wR_K9C!+Pg>FKKOUkd&X1vMqQnH~juM;ZEn|oupV*GqQ1X zRR@MIqf2ws-GRYbUskjAgyyYv4U76hy~Ca7P0ss?Hz%8&#pG&COShzj>1-5-xEIqi zzH+|29d+C1)`^t#MfIHP?XsLT*1yp>ypB%WZ}+H5yFC!q5=^M8#Wl;`@z?rD6SFc? z7gbECpH0iEN2`_xok0xSz6Y$honEx0XKb%w}lFDiIWOqBV|C#blVIIGKjfU8pdX z`Xn4bjbG54LxKL2(x4KUQZFRUTEdQftB(=Uu??(4^UJN~iaHgc%j~N}91Rx9{Prv7 z)WQ_o=*FaKi~XtW&rw1>YO(sk5>;A5s)^^sI4M8>Ut4D$59J=Vai+o8#}X>bjD44V z&AtuF&In;pNsFaKWZ%ZV8_`Ok&>*E!mWB{2Q6Wo6NJ&vhdhh3)&ii@)c+dGy!_54i z=lL!7eO=#c_Nte`qX&#v+l`-S`NXY!5@W(p`@V7zgm1xD#qwbIX*mLVU5S(S<;>PX zv$=YveI_0@WkY_A?J?!|Ft6)8oZsO6(A*{m>V;K=(R7VQ$$G|pS`n#JU#9<%C)(U+V4oX4Z9^;C(bN zUwr_T(-ql$m+ba-v;6l2eWOaSVo8VMrEvujwt_UXxNLUa9PtDENWFZJ&&u+vh*fWg zc(#5TIdtcvqLUaR3<8yXDoY~<3k)zDGpGT~Z80{fG$1#YbXz{drS+hCV!04xwxHQ^mkSz8ZDz{uIN_Sl!dyggv z)aLtW!|(fN-TQv3R_#k=UeUqYPA44|$*9-LBl9`zUL9wK6GK+vJ%x|HHg6-^1js9P z`(SL`lq_K#yei1a)mv489r$w)G@dP#Oj2ZFt{qggl?7FVD z-#TtC<$vimDl&suiVZcJL zA<`wtA1!0EQDOFdtHiR|^LA>w{&ikO);r%3{2!i4nN!J2)br26JT-n()tgdBjIq)aYPBMo@!wVy`fEUvEBv-Vn#*65HlRbWv z8vpf#x8s0n{qdJdn{nQ2ZR~8yJ+FmniAPkAP>oG2G1MCw$+e2YiC$M%#rm3cY;C;L z&@DdZjxc`eAzzPl^?boF8!=lhb8JUZzDAnRZC%@1a4UGluzt{InIdl=6rD;Zm85^T z7gS^0WEiE8wv1lIwz-)1JK`5qrIoC?r5NJP+ip{@WGeeS-FbS@2ce5zO8wLeGe7{9 zviIIP=9kcAsb7kGJY8?NdAbs`Sfihx)MPNC8R--m1Pna_zPiZ(_i{Ord|(!RaWS9Ze2Xq-Rf@I>&-tIBM@ zEXjPOM2sfy^F+$jw(pENPA8s~QI54j(LEAyh$lijg4jxbko!A&F(d6~K1dY$2WNj#KJ zo|IvVe2Ypkd>em2#~a_9Lizi!t$#AkVD{y>@25H6 z^my+wk+&_Kvl?hDQ9E6g!cDxNz+7NqF!)2EYH0iLtL(lh*X2JZEJ5ru`hLFVFO*6# z)5`0QuRL!iQoE-qhidpxme6*BVdlEtFxMp_6)eir_%DH*( z^8R@7t&+QT-jv8C_1A?@I+7%IXk@GSoLo!)mVNF)?8hrqd1H#i%GnT)JRy2CgGgO5 z#qUyxcfEzZ&$dU3tw_j|156>)Qb~F;Q?A6Ez6-Alc}@?~hbnwgDYaMa6$n1T`x}mK zt!b@_Wxe>hq--T+wxuQNO|Cl@ZTQxYZ*?m}T4-oNjCkkp6GA=}nTAqz4xBq5fbG5^ z0z1j?oPp?4Rrf1-cV9SrBu9lJ@U)XB<>jyxT#vXU`WpA`ghJl*RV4L&MKXtJdykw7 zpYOZFQKz&YWd6$Q-}ME@!4M=gX`KqgGM`>dp^k`6phGxUIvA`BsDtZ-e+C5Q&BndN z6;{d3K_5oh>nnLiFph$?>_xT3GyFR2bL8HIp#_w6^jl>rolh=aafeDF!Dj1#_7ul- zIbDP?PMczyP?00Wu*JgK@T?wYn~EI*Qx7`M#C6JKB@RPI_1&~qjcoGe<&iGB;0o36 z&0;^_$3Jt)ef!w8PJpM**F$^3aEq&F26qeV*v))6(13(`Ic?G(&z($}y(JRdMOc<$ zM;UGA0#pf8#n|^qelCYz<8V}Q&}7g#%s#xmaJ@`Pu-k-YzqsU`&a`WseqooF6T;M17xeJh5!%3GLDQyoRDZr!HI9id5qy zqwIVtM))oc+C-eaY~^E!a-NZ#@@W^h(jTkuBt1G`eL$OcvBGe$xjNd^Le1-U>bB{l zawljfm|8p@+RSAk#rFvR+1KX;Wn{`vsv&JWNy^A3PsbCRMB)8bLD%zWZ{uN>IRB+{ zRuVTwUgkb`HMnMAzbw5ImGqjEw4a&=C!r6DhzFDu%D)0>Fy-E177}h zre>2%_*Te$hc&S+%Li9Ps_~LZ8c&l%G=AQeZ`w6*KC$<93ex9rS`*WA`4Dn_(PBOK zv=P#E(Mss=$-IK{eea|6N3PtdOd&>1c7`2VE7^^U7U4C$AFSZdi!H=QS0q#D2=INBTc4&ITdAPIazT(X+yCuB&3sG>L)C4bgE!lZHgRX?7$H8)& zyRa8}gJR+DoDF0hrCLtaZsv0QwiHq(=fyu99HJJ;B+9V|x=y;nOZ=P+JT5kMekxwH z&{-8bgZ#DK<}Vd{%WrLopq!jPv^-Yez25Ak2)&*dp~&Iv-rXo7lop z^w7{(7hJ8=@D8S9I$Kb#C}fFye3lVj{%42jn#r&jw9EeM7Cv#ZZUJwl?4eIc98w7& z4cx7Q!1RK&2wNkrY+lvLCC4tNjBVx~B%x{!mi15^_}vF>FFk}?sw%o!SJ!${b(r() zn%FQcv0CWvY~;c)ZbP`>f!djGrz#XAGh-K@Y8-}8DZ-PRp9`7cBb;2cSS0sk>{7J> ziU0y|=rwijXzcDoEf$Ij>72&8 z79DP{E#S)jbLpnYO8qO{XGjC|XIHa4q`!d#sSP?HZSTN={^e>}P&NV=DDh-o1Y}4D zd@n9WiAOgapywA9IQtB_4c2`2_Cx2x^W@bs?^8$;!m9>G3f>xN!z6G_ScUF9y8+NO;D=e(lAlTN~f^gR!U& z!f0mcrbm<3cA0S;?79-j0~&>WqD zA4*AuRpm}Sup65JL#{?Tzmf((GAcfe4{u+mqt`c=bE(-2nv5@A=iE6qgP~PP&@V?a z&7+*D@F+wI`y}VcRE=zy9n2wpIMZ?e%q_o{hkI?G0T>Uw!}Ygwy$g;sE$MIw|bUF z8rdJ3f=xgkb=(6e9)2M5ENXq1clbA=|FQvJ_#da)LiV(0=*Of~^2GpXZ(KrR^g5eD zfi;kLv5}!QOY9iJC#rV7RkTYlJgEJ0C1;g9T4U_ED$n4` zM=%Y&1>Nj@Ph=SMhu(OEX1=FcS10D1Kxl^sbmK}9>{UPb?1?w)=0l$e#39~h$W|Ls zJ2oW!(f!7LgQb)=zeq?g7f-48d>E!Z>8fOhHjLFX0PC(Bk1uzk)rHlBpjafLgp&_X zvc}2GcOh-+bF1?{i0kyDq@fu%k1orsZk!MV7S7y&I1ePKCV$pHsR+VjQd^fn(a3wY zU!vGUw8R5^2F7?QXe!fnArS7yRgqlA-^54fnwHkJe5l)-pR9wFDmgH*5-#c91~B?; zsIuuOxV`#?&c5TC3+X8?OkPVk+py=*yHW&_0-;xri2|;WEcNH}1t&G-`h<3iK5mA1 zKjlc@-E&7~GBpPx`}ST8Zb%jpke@TQPF$yee=Es6c3n2ASFkcuR`Cshhp$&NGO%RSWW+KvkEgKHJRQ5Kd%4L~4ig_iK>9 zrJ1$5kO_>lQA04e_mV9I!`}LEFSL$_jghr8VgiS%@Fm~ZeJZ5nNxuWmNW1-FF*?IN^1bi_TOSxo) z@M7LThTc)IQZH?Nl2HzhPQ8oc zH%c#X>aVvAfx&FCcED@$wwHl+SuW!(2-5mknIC4y)h$B*PRsMb>D)W3A7no~o>6!c z9J+waeo7{8SPu1q($iol2RVxV4S0wLS}(xwrC91#VZ;;Yv?KI?uR5Bz42AF>i$_wT zLXH#7xKb172pWWiAdtXx-5+0wwB&F5^%+9ge(Hwvcx7KtI3$l z;DAt$q18XX?OY8q>A+B+4s{~G-|ZRioV(Qhf38eo8xo<;+`YY$9V0$;&Aq<`A_4Ol z!hrR5@{CPn{%&;lz<&R;y-5Z66$_?W2W@%-<`y1GqqMQ92U*2W#OC>w7#|li&#-iV z)6|-Uv#TR)4jyK9NGFT2Tpb5#Yi1jCi2Okw^3F+|n3ll6Fr2FTUaaOChGs^0OVlOb z^X$0#NuGi6Vkbfx=@ErHpMl8&F+J4!j%e6qvx5D_dm2VMQa_f4%jj0 zcppQ58%a|fDzHibR^Suq0Fj+>iP)pSJHYST=N$fQ|G~S*Wtt9vOv(P_?HkLErf5kU zig(?EMOoG8t#wiTrl9O|t1m73yK}|ZnO_fz0$y3gVbsClwof1h_DRB3S6LK2 z#%?JD@?$iC17N9cjsztUx%m}6C^vtCGvem^!2wy+h8QxHSwG5vse5jcBBp?_ot$b9 z4toITBx}|3VeVmcuY}YZ*5hfQERt;^!LC90OETO;w4}q5P2Ci(#WZ zdN6q&2F;XwvFqSZX=N1X15^6-RR{(cQ0d ze)F`pn;OV$)y_oj_W}=2$lE)w(hQ?9STw74iL$SGG<)ItmyrG;HxhAeMHt;p-+@AM zwQevLL$`6)>4Z(K0A2~n073Q7jiNbpD45nBAVTH+AVT6fTC27{h&zRQ?a1ZxVF5Z< zY!xEW(k$dNDU>ya(ozVTdK>l66{0zMD5UvU4IuFikZtFkYQZQ(L*^{^j@S{1 z(v=oR2|m2Oe*M$amypFCh-isSBv#a5vQ*2y^uv>@n}@!^7^Hi{@507TMBH`S8UvJy z_eA&%yCX1HrVTtU6N52!5$gtjHnOh@%)$2at_@Z#tRO zIRU+J>QL?df7CZCu1ig?zTmeXn~bP-x%`2N}G|uo)0R1>o4uc zOvZ+~Bj8Ez2bG&#laZFXGHji-tEu5Dq|mNiN4nR%X_L#4x7$RaT?qIP;W($)0;7HY zquhv7NhQ!O)ggSLU^+ZSFr<68XE@}tu{TxW#OC?k$OJzv*k_d_oP8IZvJ$8pn&mkD z*7gNKgA3Vng3!6O8irZilLCrwr}sBp`1}PSb=2r3=NnT6$-2zc9~NAxafTYCc!_Bc z#%Wew47*TKeK>`we(Fij%MOq&bpBtd4bL-%4WrR}r%q+<`$05OC#lf#Hu89wVT-%X zqZ~&QJU4$8S+Ks@LoCDHsEpc9KQM$mJ^^$Tw{8xRb0E0+`tnB3?pbCPfOg0cs=8DU zMXi`^?Dc*0KEe7#4&p59e)G28_xg#!FQFoJ5?N7sPG3OZ4(18pONE~lCL#nXSaV`Q zdWU&=s5$6r&O1o5-Xc@Hg~}j1txt1K+Mk7bxG^?HYFCUES=^&mrY4&=|8XD1>m zvH9RjnOK5r_bvC_Y_5e3SS)7W6OGp?!Z7S4PXRb=ZEb_xv>@^Lq4XYjZl#KLsq`4L zt$T|>d&qhoM@(_+oYK-_k2Ty#M%cpc1l!Q4hpW=Og zY6r7V+j(E>%SX6*-pMr^tskuqY?;57KD!^sN_0u(iVLT{5Nke;RZ@QchcLz-+~&}3 zvFlU1ge06!zMt3=|NgVP2Fch!IscW^C;odhNRX45KBP09D#k{5^ELwbzCTGfk}1dG zU<1&LPSF-6Q$m85wO)YGxt6oSj0>ptTjJjvb>iK*&R#F3>@}#Tcn=%$2N`_<`g5SX zq|u31cnYR%JW(^6n zGo*28ERTnYSJX<34VyY+0<+9R9Pt2X~0=alTEA{Sp1mrc7NG4rTI9 z)||5_nl}0DTb~rN*(wwpf=`Mb%^-)GToZCYzcY%>-%Ftq+WX_92MJOHtinl%N#V&RLOfnMw6PU@k0M~X0frZ2k7lGDHlZ^c2sm;Qu`WM z9BTv$3yI&`qnCbRuxE#B-8IRT#{5)F$h2I5z2{zYGGVaMYRnPLoqt!iw_pV$vtOL3 z`fml4MiCIMYk+CfzJFhWyfQTt?0j!uEM)$(NJ^tV#2PBIeCE=!7Ul{0gk~-&)Nb#p zzAW7#qxOv{xWJ$|NGCH;TgOYjXYEkQx}37i>+bo`zi(M)iaU1ok(LrrUnxQU(?F*l zV0#t$_a8}OLEu2M-k{^o%5_YbjhelGwOKG}MeBlfvZKnaJU00%Lti^4@RsTJ_?u*L zaHAbQk*^iOqW|#D^B(?DDFe>eI~MmvuzucXvUYg`dP}=rogfd&H`W%WU8xBy{tm^- zPTz-`uA1{iSack;>25OlK^py-s$cmEo3-pH&O6G{f$MOYHC0;c!}UmnUGN+MB%u zw;+6`9N8$yjA(Cj5Uy6lDcs>7k`zzTha5>6@jVqzI|#qFSo{%6MP6Kq{1b7H@)r_4 zuR#=tVOvJ*EejlLHI_xG&vrP_RhR$qv%PUmi|`63K4o4s0^k_6AR;jIgdD~ktw8n zDiJ^b>+9kt1^G@{@lQ>(-;5njoD_5FO?H}!?>4hJ1X+mnHaUKoLi(Ls-KlKKD{=)r zs?fVsL_cF+-U9(nm#8mr1u0YeaIP(-3iR~$*W#7`*m}yPeKU$})3AgLwmAmwIQ2xU z8KX{R#H2IaLXc$2YChILo?MS0lP4qJA8;V$-F8{{{r6F;hx|@&_A6h7%%rsUqc(`p zOKv8lUc9m{Rv6)y5gfO^^C;UQotXp()jeOqks80R**WL~_NfZgy6~*L(@!25Z?VKQ zCjE#XU4lkp&K?hI-eoL`RBuMpngSA#L3-4>6!q7B&a-$rEvf zL2lm68EmpIF!f(~8?_rO&!{};LE{XTHMF4R2P&xTx+1h3!!KH0%{tdQ z_{oJ?=%Fi8wgj9y=g=(myYBlT#Te_9%ic}6E9zeD*Og&s*s7K=EHM^vq3XHBl_A?8 zRbJ zb^#|-+>BLrf*;)p*#T^(iG5A8%=lvF2+NwzM4JCl2flt!rJq){NgWT%yWADN_u-1# zuCUmBa1Y-*KXNFY`Ex%2%vA;)P_aL+OmIAJfpF(pw~DtPTe%zt@-ym)Pva9N0Lk84 zX!G#)--$|?KD7r9yEx1!%#nO9$Q zdR5#@?3RL?BjgTql8igF7RPgr*8+mx*ic&3vaS&E>3V53nNF)=*k(I!f1QGg^YX93 zBFa~JOD1u0MiZFl)sd2l;BSe}eNUqa$1HTkvlFO6>=q?5Rzxc}W?HSTjr<)&Gqc#F z%T6m;3=6tJI^X3IDm-TgcdO3_+#4oS24>lbk8gr89J}0WKkT@Lx$o3{3*{D@kwYld zlgAXX)kyidNObB|kH~minjaio%pVxP{S{Zl4nCSyIGZ)h=XG6Ly6^Wu;(JXkm+83B z#81Q@@l)?(S*ZA!;s~i{!{HcwnnkV`AOBu?UUrz)T{3_-(4)G+Zyi_rDxniSX!wKZ z9;;Lpe%Y&%U~1mGjsyX0v(d-Wy%%kuB~Hf-jTljn*?mgxyOSeOvzzD&wmJ#*<3YFA zcM7vL9D|s?t6Gy#f0o}_fXChO37pI^VU%Ox6WSzrH7Dyk6i|n*(JF?-t~_`B_a2qr zje1>}urp4JTOLy5`u0Mh@Cs2LVU?p%a>n3i=!d#IH?igU?N>zC)c05Bg_@3WXwPEt z!n~{%o~ev=;+Hmlw*DC}JM-Gjp^2ZHUinI|N=1TvqmyM<-n46Y&dqKkKAuR~6l3y` z*fr0^WkU+iXK3uIl9Q!ma?%4++FQWgJvus*^V!JCrc8kGb0SPs$evRf8%vqGIRa&f z&NKEvlY?5;ZLdja5O}ft$`y{z-uDB0k8wCSA?+u_TCum|JDFyiDpeC~t>*g9c)Ebt zRkgs^Hfg`#-$jVO{Rl5Q@dG%gibczLbKl`t|B8M7bS>M?CLM$*4`Y__{yVOI^{aBJAzll$b5*I%? zGp{h>++(H!=>|PDR?~ODp43yz3#)W695AhFcjwgsh}6QtCc8CvrEqmc+(*m}4v@p* zmA!BtKKa`1h*0%Clb8gWHRwW^hu4c+WW`UaWf_)*k)cZEhzT z+R+ym%Y{CNbhCZ$S@fs3k5o2qm3LF;uInHR<1dY|d_t zvRl(hCz+Zf0O&4)v7)83tqXCq;s-ke-EXi!bpONAz7(?^(X-V1(mRdkQb?~%UYJN8 zidj^y#yV-MfKoO6ckXsVql_4~aC@Q|R_Pc%F;$ONUp47^y;IJ`PePLSgV-xs?5 z1xiZRb>&oCo#^0ON8X$x_?f5K#j;NTst|fJ2goRCb{6Lee{Y@R3|m_)^G4iM2RmB! zsQOTw+k?{qE~E|;C)rSXo(YeCRZ~n6grog8T@USw)~Ei7OLxakI*2f7a-8HpHg9)4 z`xuSrQgtH1&<|<_3Z_qNK`&%;146yNh_h_k^B+ZOx`>HuH_2EC*!qiFuHCj|^5V_E zPnsDH3$(xK_pXMV_t@O*-QMB(nh#LDk*Y4g5}ZrpzQcTC`QcFNQ!WcZd{GYM_gKdn z-W2fNXuFvQMm)Z?Kx&TRu>dkVL|49zpmiIlbUeZ z(54HBpgYg^D5e*Z;0RzWdGs=oEB+|6UXr{YcYdLq>jeO}_ai;3Z}$MCY$-2@NupzR z`3*&rPW7ROXP4XP`}GQU5ZdDr8Vd6qu8U} z##7`yn(gBKXS$)&+BrV>;7lMA{qd^a*FqJ*n_BzL9z1O_js|cM`{hG5|1NH^avU~c#Rz(@>2C&3$B?q+reQZVXcJrucB!hld zsT!J+710ZwG3Lnpg8A>EH{=Rpgw4bNTT+ Date: Thu, 14 Dec 2023 14:48:43 +0000 Subject: [PATCH 1041/1674] Add some clarifications in thread_safety.md Make it clearer how it is possible to reason here using linearization Signed-off-by: Ryan Everett --- docs/architecture/psa-thread-safety/psa-thread-safety.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/architecture/psa-thread-safety/psa-thread-safety.md b/docs/architecture/psa-thread-safety/psa-thread-safety.md index 8e9f59e30..f7452a5e1 100644 --- a/docs/architecture/psa-thread-safety/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety/psa-thread-safety.md @@ -292,9 +292,11 @@ To change `slot` to state `new_state`, a function must call `psa_slot_state_tran A counter field within each slot keeps track of how many readers have registered. Library functions must call `psa_register_read` before reading the key data witin a slot, and `psa_unregister_read` after they have finished operating. +Any call to `psa_slot_state_transition`, `psa_register_read` or `psa_unregister_read` must be performed by a function which holds the global mutex. + Library functions which operate on a slot will return `PSA_ERROR_BAD_STATE` if the slot is in an inappropriate state for the function at the linearization point. -A state transition diagram can be found in docs/architecture/psa-thread-safety/key-slot-state-transitions.jpg. In this diagram, an arrow between two states `q1` and `q2` with label `f` indicates that if the state of a slot is `q1` immediately before `f`'s linearization point, it may be `q2` immediately after `f`'s linearization point. The linearization point of a state changing call to a function must be a call to `psa_slot_state_transition`. +A state transition diagram can be found in docs/architecture/psa-thread-safety/key-slot-state-transitions.png. In this diagram, an arrow between two states `q1` and `q2` with label `f` indicates that if the state of a slot is `q1` immediately before `f`'s linearization point, it may be `q2` immediately after `f`'s linearization point. The linearization point of a state changing call to a function must be a call to `psa_slot_state_transition`. (A function which: locks the global mutex, performs some operation, calls `psa_slot_state_transition` and then unlocks the global mutex, cleans up and returns can satisfy this requirement). #### Generating the state transition diagram from source @@ -316,7 +318,7 @@ When calling `psa_wipe_key_slot` it is the callers responsibility to set the slo `psa_wipe_all_key_slots` is only called from `mbedtls_psa_crypto_free`, here we will need to return an error as we won't be able to free the key store if a key is in use without compromising the state of the secure side. This is acceptable as an untrusted application cannot call `mbedtls_psa_crypto_free` in a crypto service. In a service integration, `mbedtls_psa_crypto_free` on the client cuts the communication with the crypto service. Also, this is the current behaviour. -`psa_destroy_key` registers as a reader, marks the slot as deleted, deletes persistent keys and opaque keys and unregisters before returning. This will free the key ID, but the slot might be still in use. This only works if drivers are protected by a mutex (and the persistent storage as well if needed). `psa_destroy_key` transfers to PENDING_DELETION as an intermediate state. The last reading operation will wipe the key slot upon unregistering. In case of volatile keys freeing up the ID while the slot is still in use does not provide any benefit and we don't need to do it. +`psa_destroy_key` registers as a reader, marks the slot as deleted, deletes persistent keys and opaque keys and unregisters before returning. This will free the key ID, but the slot might be still in use. This only works if drivers are protected by a mutex (and the persistent storage as well if needed). `psa_destroy_key` transfers to PENDING_DELETION as an intermediate state. The last reading operation will wipe the key slot upon unregistering. In case of volatile keys freeing up the ID while the slot is still in use does not provide any benefit and we don't need to do it. These are serious limitations, but this can be implemented with mutexes only and arguably satisfies the [Key destruction short-term requirements](#key-destruction-short-term-requirements). From 6ecb9ce5fc7d77b6d54881ab4d78231fb4784f98 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 14 Dec 2023 14:54:24 +0000 Subject: [PATCH 1042/1674] Link directly to the state transition diagram Signed-off-by: Ryan Everett --- docs/architecture/psa-thread-safety/psa-thread-safety.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/architecture/psa-thread-safety/psa-thread-safety.md b/docs/architecture/psa-thread-safety/psa-thread-safety.md index f7452a5e1..4b122c838 100644 --- a/docs/architecture/psa-thread-safety/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety/psa-thread-safety.md @@ -296,7 +296,9 @@ Any call to `psa_slot_state_transition`, `psa_register_read` or `psa_unregister_ Library functions which operate on a slot will return `PSA_ERROR_BAD_STATE` if the slot is in an inappropriate state for the function at the linearization point. -A state transition diagram can be found in docs/architecture/psa-thread-safety/key-slot-state-transitions.png. In this diagram, an arrow between two states `q1` and `q2` with label `f` indicates that if the state of a slot is `q1` immediately before `f`'s linearization point, it may be `q2` immediately after `f`'s linearization point. The linearization point of a state changing call to a function must be a call to `psa_slot_state_transition`. (A function which: locks the global mutex, performs some operation, calls `psa_slot_state_transition` and then unlocks the global mutex, cleans up and returns can satisfy this requirement). +![](key-slot-state-transitions.png) + +In the state transition diagram above, an arrow between two states `q1` and `q2` with label `f` indicates that if the state of a slot is `q1` immediately before `f`'s linearization point, it may be `q2` immediately after `f`'s linearization point. The linearization point of a state changing call to a function must be a call to `psa_slot_state_transition`. (A function which: locks the global mutex, performs some operation, calls `psa_slot_state_transition` and then unlocks the global mutex, cleans up and returns can satisfy this requirement). #### Generating the state transition diagram from source From 9ede76cd1d3ccac24c9545fd9c8b2eb6f2cf65cb Mon Sep 17 00:00:00 2001 From: Joakim Andersson Date: Thu, 14 Dec 2023 14:17:31 +0100 Subject: [PATCH 1043/1674] changelog: add changelog for move of mbedtls_ecc psa helper functions add changelog for move of mbedtls_ecc psa helper functions. Signed-off-by: Joakim Andersson --- ChangeLog.d/move-mbedtls-ecc-psa-helpers.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/move-mbedtls-ecc-psa-helpers.txt diff --git a/ChangeLog.d/move-mbedtls-ecc-psa-helpers.txt b/ChangeLog.d/move-mbedtls-ecc-psa-helpers.txt new file mode 100644 index 000000000..85d970c7f --- /dev/null +++ b/ChangeLog.d/move-mbedtls-ecc-psa-helpers.txt @@ -0,0 +1,3 @@ +Changes + * Moved declaration of functions mbedtls_ecc_group_to_psa and + mbedtls_ecc_group_of_psa from psa/crypto_extra.h to mbedtls/psa_util.h From 05d670b71152520169672421018c588d0e17c294 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 14 Dec 2023 16:00:57 +0000 Subject: [PATCH 1044/1674] Revert "Skip checking on maximum fragment length during handshake" This reverts commit 419f841511e0e26e846b6d512094fd935b03ef2d. Signed-off-by: Waleed Elmelegy --- library/ssl_tls.c | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4d6b95863..419185c56 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3472,10 +3472,6 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) { size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; - if (ssl == NULL || ssl->conf == NULL) { - return max_len; - } - #if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \ !defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) && \ !defined(MBEDTLS_SSL_PROTO_DTLS) @@ -3483,14 +3479,10 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) #endif #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - /* MbedTLS currently does not support maximum fragment length - during handshake so we skip it for now. */ - if (ssl->state == MBEDTLS_SSL_HANDSHAKE_OVER) { - const size_t mfl = mbedtls_ssl_get_output_max_frag_len(ssl); + const size_t mfl = mbedtls_ssl_get_output_max_frag_len(ssl); - if (max_len > mfl) { - max_len = mfl; - } + if (max_len > mfl) { + max_len = mfl; } #endif From 26e36983575e857e5a0364b11f20700bcdc6f9a2 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 14 Dec 2023 16:14:05 +0000 Subject: [PATCH 1045/1674] Revert back checking on handshake messages length Revert back checking on handshake messages length due to limitation on our fragmentation support of handshake messages. Signed-off-by: Waleed Elmelegy --- library/ssl_msg.c | 12 +++++------- library/ssl_tls.c | 5 ++--- library/ssl_tls13_generic.c | 3 +-- tests/ssl-opt.sh | 3 +-- 4 files changed, 9 insertions(+), 14 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 29518c385..6579c9686 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -917,7 +917,6 @@ int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl, #endif size_t add_data_len; size_t post_avail; - int max_out_record_len = mbedtls_ssl_get_max_out_record_payload(ssl); /* The SSL context is only used for debugging purposes! */ #if !defined(MBEDTLS_DEBUG_C) @@ -958,11 +957,11 @@ int mbedtls_ssl_encrypt_buf(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_BUF(4, "before encrypt: output payload", data, rec->data_len); - if (rec->data_len > (size_t) max_out_record_len) { + if (rec->data_len > MBEDTLS_SSL_OUT_CONTENT_LEN) { MBEDTLS_SSL_DEBUG_MSG(1, ("Record content %" MBEDTLS_PRINTF_SIZET " too large, maximum %" MBEDTLS_PRINTF_SIZET, rec->data_len, - (size_t) max_out_record_len)); + (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN)); return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } @@ -2743,7 +2742,7 @@ int mbedtls_ssl_start_handshake_msg(mbedtls_ssl_context *ssl, unsigned char hs_t * ... */ *buf = ssl->out_msg + 4; - *buf_len = mbedtls_ssl_get_max_out_record_payload(ssl) - 4; + *buf_len = MBEDTLS_SSL_OUT_CONTENT_LEN - 4; ssl->out_msgtype = MBEDTLS_SSL_MSG_HANDSHAKE; ssl->out_msg[0] = hs_type; @@ -2780,7 +2779,6 @@ int mbedtls_ssl_write_handshake_msg_ext(mbedtls_ssl_context *ssl, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const size_t hs_len = ssl->out_msglen - 4; const unsigned char hs_type = ssl->out_msg[0]; - int max_out_record_len = mbedtls_ssl_get_max_out_record_payload(ssl); MBEDTLS_SSL_DEBUG_MSG(2, ("=> write handshake message")); @@ -2819,12 +2817,12 @@ int mbedtls_ssl_write_handshake_msg_ext(mbedtls_ssl_context *ssl, * * Note: We deliberately do not check for the MTU or MFL here. */ - if (ssl->out_msglen > (size_t) max_out_record_len) { + if (ssl->out_msglen > MBEDTLS_SSL_OUT_CONTENT_LEN) { MBEDTLS_SSL_DEBUG_MSG(1, ("Record too large: " "size %" MBEDTLS_PRINTF_SIZET ", maximum %" MBEDTLS_PRINTF_SIZET, ssl->out_msglen, - (size_t) max_out_record_len)); + (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN)); return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 419185c56..7a8c759fa 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -7004,7 +7004,6 @@ int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl) const mbedtls_x509_crt *crt; const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; - int max_out_record_len = mbedtls_ssl_get_max_out_record_payload(ssl); MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate")); @@ -7049,10 +7048,10 @@ int mbedtls_ssl_write_certificate(mbedtls_ssl_context *ssl) while (crt != NULL) { n = crt->raw.len; - if (n > max_out_record_len - 3 - i) { + if (n > MBEDTLS_SSL_OUT_CONTENT_LEN - 3 - i) { MBEDTLS_SSL_DEBUG_MSG(1, ("certificate too large, %" MBEDTLS_PRINTF_SIZET " > %" MBEDTLS_PRINTF_SIZET, - i + 3 + n, (size_t) max_out_record_len)); + i + 3 + n, (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN)); return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL; } diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 237502178..7c7aac80e 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1376,14 +1376,13 @@ static int ssl_tls13_write_change_cipher_spec_body(mbedtls_ssl_context *ssl, int mbedtls_ssl_tls13_write_change_cipher_spec(mbedtls_ssl_context *ssl) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - int max_out_record_len = mbedtls_ssl_get_max_out_record_payload(ssl); MBEDTLS_SSL_DEBUG_MSG(2, ("=> write change cipher spec")); /* Write CCS message */ MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_change_cipher_spec_body( ssl, ssl->out_msg, - ssl->out_msg + max_out_record_len, + ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN, &ssl->out_msglen)); ssl->out_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index c6ae2cab7..8fd295f30 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4883,8 +4883,7 @@ run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \ # Currently test certificates being used do not fit in 513 record size limit # so 513 record size limit tests will not pass until certificates size -# is reduced. -# TODO: use smaller certificates in during MbedTLS TLS 1.3 server testing. +# is reduced or handshake messages fragmentation is supported. # requires_gnutls_tls1_3 # requires_gnutls_record_size_limit From 852de3c3f5df22820d215446cc4437a4c7a80104 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 14 Dec 2023 14:46:45 +0000 Subject: [PATCH 1046/1674] Build with -O2, but without assembly Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index ab422ea15..6a8331954 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4561,7 +4561,7 @@ component_test_aesni () { # ~ 60s } support_test_aesni_m32() { - support_test_m32_o0 && (lscpu | grep -qw aes) + support_test_m32_no_asm && (lscpu | grep -qw aes) } component_test_aesni_m32 () { # ~ 60s @@ -5227,18 +5227,20 @@ component_build_psa_alt_headers () { programs/test/query_included_headers | not grep -x PSA_CRYPTO_STRUCT_H } -component_test_m32_o0 () { - # Build without optimization, so as to use portable C code (in a 32-bit +component_test_m32_no_asm () { + # Build without assembly, so as to use portable C code (in a 32-bit # build) and not the i386-specific inline assembly. - msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s + msg "build: i386, make, gcc, no asm (ASan build)" # ~ 30s scripts/config.py full + scripts/config.py unset MBEDTLS_HAVE_ASM + scripts/config.py unset MBEDTLS_PADLOCK_C scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" - msg "test: i386, make, gcc -O0 (ASan build)" + msg "test: i386, make, gcc, no asm (ASan build)" make test } -support_test_m32_o0 () { +support_test_m32_no_asm () { case $(uname -m) in amd64|x86_64) true;; *) false;; @@ -5260,7 +5262,7 @@ component_test_m32_o2 () { tests/ssl-opt.sh } support_test_m32_o2 () { - support_test_m32_o0 "$@" + support_test_m32_no_asm "$@" } component_test_m32_everest () { @@ -5280,7 +5282,7 @@ component_test_m32_everest () { tests/compat.sh -f ECDH -V NO -e 'ARIA\|CAMELLIA\|CHACHA' } support_test_m32_everest () { - support_test_m32_o0 "$@" + support_test_m32_no_asm "$@" } component_test_mx32 () { From c1db99d3f52154d3a357485a08ffb08c302a64e1 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 12 Dec 2023 11:19:17 +0100 Subject: [PATCH 1047/1674] block_cipher: add PSA dispatch if possible "if possible" means: - PSA has been initialized - requested key type is available in PSA Signed-off-by: Valerio Setti --- include/mbedtls/block_cipher.h | 20 ++++++++ library/block_cipher.c | 92 ++++++++++++++++++++++++++++++++++ 2 files changed, 112 insertions(+) diff --git a/include/mbedtls/block_cipher.h b/include/mbedtls/block_cipher.h index 154ae26e2..d76d860ea 100644 --- a/include/mbedtls/block_cipher.h +++ b/include/mbedtls/block_cipher.h @@ -24,6 +24,10 @@ #include "mbedtls/camellia.h" #endif +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) +#include "psa/crypto.h" +#endif + #ifdef __cplusplus extern "C" { #endif @@ -35,8 +39,24 @@ typedef enum { MBEDTLS_BLOCK_CIPHER_ID_ARIA, /**< The Aria cipher. */ } mbedtls_block_cipher_id_t; +/** + * Used internally to indicate whether a context uses legacy or PSA. + * + * Internal use only. + */ +typedef enum { + MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY = 0, + MBEDTLS_BLOCK_CIPHER_ENGINE_PSA, +} mbedtls_block_cipher_engine_t; + typedef struct { mbedtls_block_cipher_id_t MBEDTLS_PRIVATE(id); +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) + mbedtls_block_cipher_engine_t engine; + psa_cipher_operation_t psa_operation; + psa_key_type_t psa_key_type; + mbedtls_svc_key_id_t psa_key_id; +#endif union { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ #if defined(MBEDTLS_AES_C) diff --git a/library/block_cipher.c b/library/block_cipher.c index 1118d3abb..0fd78abdb 100644 --- a/library/block_cipher.c +++ b/library/block_cipher.c @@ -11,12 +11,53 @@ #include "common.h" +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) +#include "psa_crypto_core.h" +#include "psa/crypto.h" +#include "psa_util_internal.h" +#endif + #include "block_cipher_internal.h" #if defined(MBEDTLS_BLOCK_CIPHER_C) +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) +static psa_key_type_t psa_key_type_from_cipher_id(mbedtls_cipher_id_t cipher_id) +{ + switch (cipher_id) { +#if defined(MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA) + case MBEDTLS_CIPHER_ID_AES: + return PSA_KEY_TYPE_AES; +#endif +#if defined(MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA) + case MBEDTLS_CIPHER_ID_ARIA: + return PSA_KEY_TYPE_ARIA; +#endif +#if defined(MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA) + case MBEDTLS_CIPHER_ID_CAMELLIA: + return PSA_KEY_TYPE_CAMELLIA; +#endif + default: + return PSA_KEY_TYPE_NONE; + } +} + +int mbedtls_cipher_error_from_psa(psa_status_t status) +{ + return PSA_TO_MBEDTLS_ERR_LIST(status, psa_to_cipher_errors, + psa_generic_status_to_mbedtls); +} +#endif /* MBEDTLS_BLOCK_CIPHER_SOME_PSA */ + void mbedtls_block_cipher_free(mbedtls_block_cipher_context_t *ctx) { +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) + if (ctx->engine == MBEDTLS_BLOCK_CIPHER_ENGINE_PSA) { + psa_cipher_abort(&ctx->psa_operation); + psa_destroy_key(ctx->psa_key_id); + return; + } +#endif switch (ctx->id) { #if defined(MBEDTLS_AES_C) case MBEDTLS_BLOCK_CIPHER_ID_AES: @@ -42,6 +83,17 @@ void mbedtls_block_cipher_free(mbedtls_block_cipher_context_t *ctx) int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx, mbedtls_cipher_id_t cipher_id) { +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) + if (psa_can_do_cipher(cipher_id)) { + ctx->psa_key_type = psa_key_type_from_cipher_id(cipher_id); + if (ctx->psa_key_type != PSA_KEY_TYPE_NONE) { + ctx->engine = MBEDTLS_BLOCK_CIPHER_ENGINE_PSA; + return 0; + } + } + ctx->engine = MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY; +#endif + switch (cipher_id) { #if defined(MBEDTLS_AES_C) case MBEDTLS_CIPHER_ID_AES: @@ -70,6 +122,32 @@ int mbedtls_block_cipher_setkey(mbedtls_block_cipher_context_t *ctx, const unsigned char *key, unsigned key_bitlen) { +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) + if (ctx->engine == MBEDTLS_BLOCK_CIPHER_ENGINE_PSA) { + psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status; + + psa_set_key_type(&key_attr, ctx->psa_key_type); + psa_set_key_bits(&key_attr, key_bitlen); + psa_set_key_algorithm(&key_attr, PSA_ALG_ECB_NO_PADDING); + psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_ENCRYPT); + + status = psa_import_key(&key_attr, key, key_bitlen/8, &ctx->psa_key_id); + if (status != PSA_SUCCESS) { + return mbedtls_cipher_error_from_psa(status); + } + psa_reset_key_attributes(&key_attr); + + status = psa_cipher_encrypt_setup(&ctx->psa_operation, ctx->psa_key_id, + PSA_ALG_ECB_NO_PADDING); + if (status != PSA_SUCCESS) { + return mbedtls_cipher_error_from_psa(status); + } + + return 0; + } +#endif /* MBEDTLS_BLOCK_CIPHER_SOME_PSA */ + switch (ctx->id) { #if defined(MBEDTLS_AES_C) case MBEDTLS_BLOCK_CIPHER_ID_AES: @@ -92,6 +170,20 @@ int mbedtls_block_cipher_encrypt(mbedtls_block_cipher_context_t *ctx, const unsigned char input[16], unsigned char output[16]) { +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) + if (ctx->engine == MBEDTLS_BLOCK_CIPHER_ENGINE_PSA) { + psa_status_t status; + size_t olen; + + status = psa_cipher_encrypt(ctx->psa_key_id, PSA_ALG_ECB_NO_PADDING, + input, 16, output, 16, &olen); + if (status != PSA_SUCCESS) { + return mbedtls_cipher_error_from_psa(status); + } + return 0; + } +#endif /* MBEDTLS_BLOCK_CIPHER_SOME_PSA */ + switch (ctx->id) { #if defined(MBEDTLS_AES_C) case MBEDTLS_BLOCK_CIPHER_ID_AES: From 8ceaa75b73bd84f10137e282386e3fba911d89e2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 12 Dec 2023 11:20:18 +0100 Subject: [PATCH 1048/1674] psa_util: add error translations from PSA to cipher Signed-off-by: Valerio Setti --- library/psa_util.c | 15 +++++++++++++++ library/psa_util_internal.h | 4 ++++ 2 files changed, 19 insertions(+) diff --git a/library/psa_util.c b/library/psa_util.c index 0225bbf02..d19458c4f 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -38,6 +38,9 @@ #if defined(MBEDTLS_PK_C) #include #endif +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) +#include +#endif /* PSA_SUCCESS is kept at the top of each error table since * it's the most common status when everything functions properly. */ @@ -50,6 +53,17 @@ const mbedtls_error_pair_t psa_to_md_errors[] = { PSA_ERROR_INSUFFICIENT_MEMORY, MBEDTLS_ERR_MD_ALLOC_FAILED } }; #endif + +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) +const mbedtls_error_pair_t psa_to_cipher_errors[] = +{ + { PSA_SUCCESS, 0 }, + { PSA_ERROR_NOT_SUPPORTED, MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE }, + { PSA_ERROR_INVALID_ARGUMENT, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA }, + { PSA_ERROR_INSUFFICIENT_MEMORY, MBEDTLS_ERR_CIPHER_ALLOC_FAILED } +}; +#endif + #if defined(MBEDTLS_LMS_C) const mbedtls_error_pair_t psa_to_lms_errors[] = { @@ -58,6 +72,7 @@ const mbedtls_error_pair_t psa_to_lms_errors[] = { PSA_ERROR_INVALID_ARGUMENT, MBEDTLS_ERR_LMS_BAD_INPUT_DATA } }; #endif + #if defined(MBEDTLS_SSL_TLS_C) && \ (defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3)) const mbedtls_error_pair_t psa_to_ssl_errors[] = diff --git a/library/psa_util_internal.h b/library/psa_util_internal.h index fcc79aef4..3e62d5f85 100644 --- a/library/psa_util_internal.h +++ b/library/psa_util_internal.h @@ -52,6 +52,10 @@ typedef struct { extern const mbedtls_error_pair_t psa_to_md_errors[4]; #endif +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) +extern const mbedtls_error_pair_t psa_to_cipher_errors[4]; +#endif + #if defined(MBEDTLS_LMS_C) extern const mbedtls_error_pair_t psa_to_lms_errors[3]; #endif From c6f004f0e2ec4ff25d8e3f6101b081118073415c Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 12 Dec 2023 11:27:36 +0100 Subject: [PATCH 1049/1674] psa_crypto: add internal helper to signal that cipher driver is ready Signed-off-by: Valerio Setti --- library/psa_crypto.c | 8 ++++++++ library/psa_crypto_core.h | 12 ++++++++++++ 2 files changed, 20 insertions(+) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d61e118b5..a9ba787d0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -115,6 +115,14 @@ int psa_can_do_hash(psa_algorithm_t hash_alg) (void) hash_alg; return global_data.drivers_initialized; } + +int psa_can_do_cipher(psa_algorithm_t cipher_alg) +{ + (void) cipher_alg; + return global_data.drivers_initialized; +} + + #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY) || \ defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 46c57755e..43b1c2377 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -33,6 +33,18 @@ */ int psa_can_do_hash(psa_algorithm_t hash_alg); +/** + * Tell if PSA is ready for this cipher. + * + * \note For now, only checks the state of the driver subsystem, + * not the algorithm. Might do more in the future. + * + * \param cipher_alg The cipher algorithm (ignored for now). + * + * \return 1 if the driver subsytem is ready, 0 otherwise. + */ +int psa_can_do_cipher(psa_algorithm_t cipher_alg); + typedef enum { PSA_SLOT_EMPTY = 0, PSA_SLOT_OCCUPIED, From 8bba087fe185526d9ae82f43d74c5fd20ba420f2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 12 Dec 2023 11:49:02 +0100 Subject: [PATCH 1050/1674] adjust_legacy_crypto: add helpers for block ciphers capabilities Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_crypto.h | 50 +++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index e66d67a1b..5842d2a54 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -165,6 +165,56 @@ #endif /* MBEDTLS_MD_LIGHT */ +/* BLOCK_CIPHER module can dispatch to PSA when: + * - PSA is enabled and drivers have been initialized + * - desired key type is supported on the PSA side + * If the above conditions are not met, but the legacy support is enabled, then + * BLOCK_CIPHER will dinamically fallback to it. + */ +#if defined(MBEDTLS_BLOCK_CIPHER_C) + +#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) +#define MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA +#define MBEDTLS_BLOCK_CIPHER_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA) +#define MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA +#define MBEDTLS_BLOCK_CIPHER_SOME_PSA +#endif +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA) +#define MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA +#define MBEDTLS_BLOCK_CIPHER_SOME_PSA +#endif +#endif /* MBEDTLS_PSA_CRYPTO_C */ + +#if defined(MBEDTLS_AES_C) +#define MBEDTLS_BLOCK_CIPHER_AES_VIA_LEGACY +#endif +#if defined(MBEDTLS_ARIA_C) +#define MBEDTLS_BLOCK_CIPHER_ARIA_VIA_LEGACY +#endif +#if defined(MBEDTLS_CAMELLIA_C) +#define MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_LEGACY +#endif + +#endif /* MBEDTLS_BLOCK_CIPHER_C */ + +/* Generic helpers to state that BLOCK_CIPHER module supports AES, ARIA and/or + * Camellia block ciphers via either PSA or legacy. */ +#if defined(MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA) || \ + defined(MBEDTLS_BLOCK_CIPHER_AES_VIA_LEGACY) +#define MBEDTLS_BLOCK_CIPHER_CAN_AES +#endif +#if defined(MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA) || \ + defined(MBEDTLS_BLOCK_CIPHER_ARIA_VIA_LEGACY) +#define MBEDTLS_BLOCK_CIPHER_CAN_ARIA +#endif +#if defined(MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA) || \ + defined(MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_LEGACY) +#define MBEDTLS_BLOCK_CIPHER_CAN_CAMELLIA +#endif + /* MBEDTLS_ECP_LIGHT is auto-enabled by the following symbols: * - MBEDTLS_ECP_C because now it consists of MBEDTLS_ECP_LIGHT plus functions * for curve arithmetic. As a consequence if MBEDTLS_ECP_C is required for From c0f9bbca2c3735eff94c2a3e5a5f9fc6d1f77e7c Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 12 Dec 2023 11:49:28 +0100 Subject: [PATCH 1051/1674] check_config: use new helpers for legacy GCM_C/CCM_C Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 34ddcb159..30ef7d6fc 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -333,13 +333,17 @@ #endif #undef MBEDTLS_HAS_MEMSAN -#if defined(MBEDTLS_CCM_C) && ( \ - !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) ) +#if defined(MBEDTLS_CCM_C) && \ + !(defined(MBEDTLS_BLOCK_CIPHER_CAN_AES) || defined(MBEDTLS_AES_C) || \ + defined(MBEDTLS_BLOCK_CIPHER_CAN_ARIA) || defined(MBEDTLS_ARIA_C) || \ + defined(MBEDTLS_BLOCK_CIPHER_CAN_CAMELLIA) || defined(MBEDTLS_CAMELLIA_C)) #error "MBEDTLS_CCM_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_GCM_C) && ( \ - !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) ) +#if defined(MBEDTLS_GCM_C) && \ + !(defined(MBEDTLS_BLOCK_CIPHER_CAN_AES) || defined(MBEDTLS_AES_C) || \ + defined(MBEDTLS_BLOCK_CIPHER_CAN_ARIA) || defined(MBEDTLS_ARIA_C) || \ + defined(MBEDTLS_BLOCK_CIPHER_CAN_CAMELLIA) || defined(MBEDTLS_CAMELLIA_C)) #error "MBEDTLS_GCM_C defined, but not all prerequisites" #endif From 4bc7fac99a1a8492eb207efd1643fffbeb81d6c2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 12 Dec 2023 11:52:36 +0100 Subject: [PATCH 1052/1674] crypto_builtin_composites: add missing guards for includes Signed-off-by: Valerio Setti --- include/psa/crypto_builtin_composites.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h index 35c2e29b9..c14f5dd11 100644 --- a/include/psa/crypto_builtin_composites.h +++ b/include/psa/crypto_builtin_composites.h @@ -25,8 +25,12 @@ #include #include "mbedtls/cmac.h" +#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) #include "mbedtls/gcm.h" +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) #include "mbedtls/ccm.h" +#endif #include "mbedtls/chachapoly.h" /* From f8e6cbacc0401e92ab61c11710bb5f8ffb42e471 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 12 Dec 2023 11:53:39 +0100 Subject: [PATCH 1053/1674] all.sh: add new component for block_cipher dispatch to PSA Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 55 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 10a76ec18..85c32b0b4 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3824,6 +3824,61 @@ component_test_psa_crypto_config_reference_cipher_aead () { tests/compat.sh -V NO -p mbedTLS } +component_test_full_block_cipher_psa_dispatch () { + msg "build: full + PSA dispatch in block_cipher" + + loc_accel_list="ALG_ECB_NO_PADDING \ + KEY_TYPE_AES KEY_TYPE_ARIA KEY_TYPE_CAMELLIA" + + # Configure + # --------- + + # Start from the full config + helper_libtestdriver1_adjust_config "full" + + # Disable CCM/GCM support in PSA as we are testing dispatching of legacy + # modules (GCM_C/CCM_C through BLOCK_CIPHER_C) to PSA. + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_GCM + + # Disable CIPHER_C because we want legacy GCM_C/CCM_C to use BLOCK_CIPHER_C. + scripts/config.py unset MBEDTLS_CIPHER_C + + # Disable unauthenticated ciphers which are not accelerated in this + # test component because their builtin support depends on CIPHER_C. + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM_STAR_NO_TAG + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CMAC + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CBC_NO_PADDING + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CBC_PKCS7 + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CFB + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CTR + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_OFB + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_XTS + scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_STREAM_CIPHER + + # Disable remaining direct dependencies on CIPHER_C. + scripts/config.py unset MBEDTLS_PKCS5_C + scripts/config.py unset MBEDTLS_PKCS12_C + scripts/config.py unset MBEDTLS_NIST_KW_C + scripts/config.py unset MBEDTLS_CMAC_C + + # Build + # ----- + + helper_libtestdriver1_make_drivers "$loc_accel_list" + + helper_libtestdriver1_make_main "$loc_accel_list" + + # Make sure cipher was not re-enabled by accident (additive config) + not grep mbedtls_cipher library/cipher.o + + # Run the tests + # ------------- + + msg "test: full + PSA dispatch in block_cipher" + make test +} + component_test_aead_chachapoly_disabled() { msg "build: full minus CHACHAPOLY" scripts/config.py full From 10e9aa26c5a0eeba46810123bf909a05bce52313 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 12 Dec 2023 11:54:20 +0100 Subject: [PATCH 1054/1674] tests: add PSA_INIT/PSA_DONE to CCM and GCM test suites Signed-off-by: Valerio Setti --- tests/include/test/psa_crypto_helpers.h | 24 ++++++++++++++ tests/suites/test_suite_ccm.function | 42 +++++++++++++++++++++++++ tests/suites/test_suite_gcm.function | 22 +++++++++++++ 3 files changed, 88 insertions(+) diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index 0b8c22194..41d204da9 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -367,6 +367,30 @@ uint64_t mbedtls_test_parse_binary_string(data_t *bin_string); #define MD_PSA_DONE() ((void) 0) #endif /* MBEDTLS_MD_SOME_PSA */ +/** \def BLOCK_CIPHER_PSA_INIT + * + * Call this macro to initialize the PSA subsystem if BLOCK_CIPHER uses a driver, + * and do nothing otherwise. + * + * If the initialization fails, mark the test case as failed and jump to the + * \p exit label. + */ +/** \def BLOCK_CIPHER_PSA_DONE + * + * Call this macro at the end of a test case if you called #BLOCK_CIPHER_PSA_INIT. + * + * This is like #PSA_DONE except it does nothing under the same conditions as + * #BLOCK_CIPHER_PSA_INIT. + */ +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) +#define BLOCK_CIPHER_PSA_INIT() PSA_INIT() +#define BLOCK_CIPHER_PSA_DONE() PSA_DONE() +#else /* MBEDTLS_MD_SOME_PSA */ +#define BLOCK_CIPHER_PSA_INIT() ((void) 0) +#define BLOCK_CIPHER_PSA_DONE() ((void) 0) +#endif /* MBEDTLS_MD_SOME_PSA */ + + /** \def MD_OR_USE_PSA_INIT * * Call this macro to initialize the PSA subsystem if MD uses a driver, diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 5aaaaa2e4..0685e5bd1 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -69,7 +69,9 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */ void mbedtls_ccm_self_test() { + BLOCK_CIPHER_PSA_INIT(); TEST_ASSERT(mbedtls_ccm_self_test(1) == 0); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -105,6 +107,7 @@ void ccm_lengths(int msg_len, int iv_len, int add_len, int tag_len, int res) unsigned char tag[18]; int decrypt_ret; + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_CALLOC_OR_SKIP(add, add_len); @@ -132,6 +135,7 @@ void ccm_lengths(int msg_len, int iv_len, int add_len, int tag_len, int res) exit: mbedtls_free(add); mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -148,6 +152,7 @@ void ccm_star_lengths(int msg_len, int iv_len, int add_len, int tag_len, unsigned char tag[18]; int decrypt_ret; + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); memset(key, 0, sizeof(key)); @@ -174,6 +179,7 @@ void ccm_star_lengths(int msg_len, int iv_len, int add_len, int tag_len, exit: mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -198,6 +204,7 @@ void mbedtls_ccm_encrypt_and_tag(int cipher_id, data_t *key, /* Prepare tag buffer */ TEST_CALLOC(tag_buf, expected_tag_len); + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); /* Test with input == output */ @@ -230,6 +237,7 @@ exit: mbedtls_ccm_free(&ctx); mbedtls_free(io_msg_buf); mbedtls_free(tag_buf); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -241,6 +249,7 @@ void mbedtls_ccm_star_no_tag(int cipher_id, int mode, data_t *key, uint8_t *output = NULL; size_t olen; + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); @@ -255,6 +264,7 @@ void mbedtls_ccm_star_no_tag(int cipher_id, int mode, data_t *key, exit: mbedtls_free(output); mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -277,6 +287,7 @@ void mbedtls_ccm_auth_decrypt(int cipher_id, data_t *key, memcpy(io_msg_buf, msg->x, expected_msg_len); } + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); /* Test with input == output */ @@ -317,6 +328,7 @@ void mbedtls_ccm_auth_decrypt(int cipher_id, data_t *key, exit: mbedtls_free(io_msg_buf); mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -364,6 +376,7 @@ void mbedtls_ccm_star_encrypt_and_tag(int cipher_id, iv[source_address->len + frame_counter->len] = sec_level; iv_len = sizeof(iv); + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); @@ -402,6 +415,7 @@ exit: mbedtls_ccm_free(&ctx); mbedtls_free(io_msg_buf); mbedtls_free(tag_buf); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -443,6 +457,7 @@ void mbedtls_ccm_star_auth_decrypt(int cipher_id, iv[source_address->len + frame_counter->len] = sec_level; iv_len = sizeof(iv); + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_ASSERT(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8) == 0); /* Test with input == output */ @@ -479,6 +494,7 @@ void mbedtls_ccm_star_auth_decrypt(int cipher_id, exit: mbedtls_ccm_free(&ctx); mbedtls_free(io_msg_buf); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -495,6 +511,7 @@ void mbedtls_ccm_skip_ad(int cipher_id, int mode, /* Sanity checks on the test data */ TEST_EQUAL(msg->len, result->len); + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); @@ -517,6 +534,7 @@ void mbedtls_ccm_skip_ad(int cipher_id, int mode, exit: mbedtls_free(output); mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -529,6 +547,7 @@ void mbedtls_ccm_skip_update(int cipher_id, int mode, mbedtls_ccm_context ctx; uint8_t *output = NULL; + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); @@ -545,6 +564,7 @@ void mbedtls_ccm_skip_update(int cipher_id, int mode, exit: mbedtls_free(output); mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -556,6 +576,7 @@ void mbedtls_ccm_overflow_ad(int cipher_id, int mode, { mbedtls_ccm_context ctx; + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); @@ -566,6 +587,7 @@ void mbedtls_ccm_overflow_ad(int cipher_id, int mode, TEST_EQUAL(MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad(&ctx, add->x, add->len)); exit: mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -577,6 +599,7 @@ void mbedtls_ccm_unexpected_ad(int cipher_id, int mode, { mbedtls_ccm_context ctx; + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); @@ -586,6 +609,7 @@ void mbedtls_ccm_unexpected_ad(int cipher_id, int mode, TEST_EQUAL(MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad(&ctx, add->x, add->len)); exit: mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -599,6 +623,7 @@ void mbedtls_ccm_unexpected_text(int cipher_id, int mode, uint8_t *output = NULL; size_t olen; + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); @@ -614,6 +639,7 @@ void mbedtls_ccm_unexpected_text(int cipher_id, int mode, exit: mbedtls_free(output); mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -625,6 +651,7 @@ void mbedtls_ccm_incomplete_ad(int cipher_id, int mode, mbedtls_ccm_context ctx; uint8_t *output = NULL; + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); @@ -639,6 +666,7 @@ void mbedtls_ccm_incomplete_ad(int cipher_id, int mode, exit: mbedtls_free(output); mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -651,6 +679,7 @@ void mbedtls_ccm_full_ad_and_overflow(int cipher_id, int mode, { mbedtls_ccm_context ctx; + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); @@ -663,6 +692,7 @@ void mbedtls_ccm_full_ad_and_overflow(int cipher_id, int mode, TEST_EQUAL(MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad(&ctx, add->x, 1)); exit: mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -679,6 +709,7 @@ void mbedtls_ccm_incomplete_ad_and_overflow(int cipher_id, int mode, add_second_buffer[0] = add->x[add->len - 1]; add_second_buffer[1] = 0xAB; // some magic value + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); @@ -691,6 +722,7 @@ void mbedtls_ccm_incomplete_ad_and_overflow(int cipher_id, int mode, TEST_EQUAL(MBEDTLS_ERR_CCM_BAD_INPUT, mbedtls_ccm_update_ad(&ctx, add_second_buffer, 2)); exit: mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -704,6 +736,7 @@ void mbedtls_ccm_overflow_update(int cipher_id, int mode, uint8_t *output = NULL; size_t olen; + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); @@ -719,6 +752,7 @@ void mbedtls_ccm_overflow_update(int cipher_id, int mode, exit: mbedtls_free(output); mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -732,6 +766,7 @@ void mbedtls_ccm_incomplete_update(int cipher_id, int mode, uint8_t *output = NULL; size_t olen; + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); @@ -752,6 +787,7 @@ void mbedtls_ccm_incomplete_update(int cipher_id, int mode, exit: mbedtls_free(output); mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -766,6 +802,7 @@ void mbedtls_ccm_full_update_and_overflow(int cipher_id, int mode, uint8_t *output = NULL; size_t olen; + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); @@ -783,6 +820,7 @@ void mbedtls_ccm_full_update_and_overflow(int cipher_id, int mode, exit: mbedtls_free(output); mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -801,6 +839,7 @@ void mbedtls_ccm_incomplete_update_overflow(int cipher_id, int mode, msg_second_buffer[0] = msg->x[msg->len - 1]; msg_second_buffer[1] = 0xAB; // some magic value + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); @@ -818,6 +857,7 @@ void mbedtls_ccm_incomplete_update_overflow(int cipher_id, int mode, exit: mbedtls_free(output); mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -829,6 +869,7 @@ void mbedtls_ccm_instant_finish(int cipher_id, int mode, mbedtls_ccm_context ctx; uint8_t *output = NULL; + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); TEST_EQUAL(mbedtls_ccm_setkey(&ctx, cipher_id, key->x, key->len * 8), 0); TEST_EQUAL(0, mbedtls_ccm_starts(&ctx, mode, iv->x, iv->len)); @@ -842,5 +883,6 @@ void mbedtls_ccm_instant_finish(int cipher_id, int mode, exit: mbedtls_free(output); mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index 747914f6b..097e42408 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -171,6 +171,7 @@ void gcm_bad_parameters(int cipher_id, int direction, mbedtls_gcm_context ctx; size_t tag_len = tag_len_bits / 8; + BLOCK_CIPHER_PSA_INIT(); mbedtls_gcm_init(&ctx); memset(output, 0x00, sizeof(output)); @@ -183,6 +184,7 @@ void gcm_bad_parameters(int cipher_id, int direction, exit: mbedtls_gcm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -200,6 +202,7 @@ void gcm_encrypt_and_tag(int cipher_id, data_t *key_str, size_t n1; size_t n1_add; + BLOCK_CIPHER_PSA_INIT(); mbedtls_gcm_init(&ctx); memset(output, 0x00, 128); @@ -230,6 +233,7 @@ void gcm_encrypt_and_tag(int cipher_id, data_t *key_str, exit: mbedtls_gcm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -247,6 +251,7 @@ void gcm_decrypt_and_verify(int cipher_id, data_t *key_str, size_t n1; size_t n1_add; + BLOCK_CIPHER_PSA_INIT(); mbedtls_gcm_init(&ctx); memset(output, 0x00, 128); @@ -287,6 +292,7 @@ void gcm_decrypt_and_verify(int cipher_id, data_t *key_str, exit: mbedtls_gcm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -300,6 +306,7 @@ void gcm_decrypt_and_verify_empty_cipher(int cipher_id, { mbedtls_gcm_context ctx; + BLOCK_CIPHER_PSA_INIT(); mbedtls_gcm_init(&ctx); TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0); @@ -308,6 +315,7 @@ void gcm_decrypt_and_verify_empty_cipher(int cipher_id, cipher_update_calls); mbedtls_gcm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -322,6 +330,7 @@ void gcm_decrypt_and_verify_empty_ad(int cipher_id, { mbedtls_gcm_context ctx; + BLOCK_CIPHER_PSA_INIT(); mbedtls_gcm_init(&ctx); TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0); @@ -330,6 +339,7 @@ void gcm_decrypt_and_verify_empty_ad(int cipher_id, ad_update_calls); mbedtls_gcm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -341,6 +351,7 @@ void gcm_decrypt_and_verify_no_ad_no_cipher(int cipher_id, { mbedtls_gcm_context ctx; + BLOCK_CIPHER_PSA_INIT(); mbedtls_gcm_init(&ctx); TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0); @@ -348,6 +359,7 @@ void gcm_decrypt_and_verify_no_ad_no_cipher(int cipher_id, iv_str, tag_str); mbedtls_gcm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -361,6 +373,7 @@ void gcm_encrypt_and_tag_empty_cipher(int cipher_id, { mbedtls_gcm_context ctx; + BLOCK_CIPHER_PSA_INIT(); mbedtls_gcm_init(&ctx); TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0); @@ -370,6 +383,7 @@ void gcm_encrypt_and_tag_empty_cipher(int cipher_id, exit: mbedtls_gcm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -384,6 +398,7 @@ void gcm_encrypt_and_tag_empty_ad(int cipher_id, { mbedtls_gcm_context ctx; + BLOCK_CIPHER_PSA_INIT(); mbedtls_gcm_init(&ctx); TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0); @@ -393,6 +408,7 @@ void gcm_encrypt_and_tag_empty_ad(int cipher_id, exit: mbedtls_gcm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -404,6 +420,7 @@ void gcm_encrypt_and_verify_no_ad_no_cipher(int cipher_id, { mbedtls_gcm_context ctx; + BLOCK_CIPHER_PSA_INIT(); mbedtls_gcm_init(&ctx); TEST_ASSERT(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8) == 0); @@ -411,6 +428,7 @@ void gcm_encrypt_and_verify_no_ad_no_cipher(int cipher_id, iv_str, tag_str); mbedtls_gcm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -444,6 +462,7 @@ void gcm_update_output_buffer_too_small(int cipher_id, int mode, size_t olen = 0; size_t output_len = input->len - 1; + BLOCK_CIPHER_PSA_INIT(); mbedtls_gcm_init(&ctx); TEST_EQUAL(mbedtls_gcm_setkey(&ctx, cipher_id, key_str->x, key_str->len * 8), 0); TEST_EQUAL(0, mbedtls_gcm_starts(&ctx, mode, iv->x, iv->len)); @@ -455,12 +474,15 @@ void gcm_update_output_buffer_too_small(int cipher_id, int mode, exit: mbedtls_free(output); mbedtls_gcm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */ void gcm_selftest() { + BLOCK_CIPHER_PSA_INIT(); TEST_ASSERT(mbedtls_gcm_self_test(1) == 0); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ From 1cf81c3c8065c560c0aa79cc77b6e2c22aa064c5 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 12 Dec 2023 15:34:25 +0100 Subject: [PATCH 1055/1674] test_suite_block_cipher: add new data file for PSA/legacy dispatch test Signed-off-by: Valerio Setti --- tests/suites/test_suite_block_cipher.function | 34 ++++++++++++++++ tests/suites/test_suite_block_cipher.psa.data | 39 +++++++++++++++++++ 2 files changed, 73 insertions(+) create mode 100644 tests/suites/test_suite_block_cipher.psa.data diff --git a/tests/suites/test_suite_block_cipher.function b/tests/suites/test_suite_block_cipher.function index 239568c34..2b166ba50 100644 --- a/tests/suites/test_suite_block_cipher.function +++ b/tests/suites/test_suite_block_cipher.function @@ -92,3 +92,37 @@ exit: mbedtls_block_cipher_free(&ctx); } /* END_CASE */ + +/* BEGIN_CASE */ +void block_cipher_psa_dynamic_dispatch(int cipher_type, int pre_psa_ret, int post_psa_engine) +{ + mbedtls_block_cipher_context_t ctx; + + /* Intentionally no PSA init here! (Will be done later.) */ + + mbedtls_block_cipher_init(&ctx); + + /* Before PSA crypto init */ + TEST_EQUAL(pre_psa_ret, mbedtls_block_cipher_setup(&ctx, cipher_type)); + +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) + TEST_EQUAL(ctx.engine, MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY); +#endif + + mbedtls_block_cipher_free(&ctx); + + /* Now initilize PSA Crypto */ + BLOCK_CIPHER_PSA_INIT(); + + mbedtls_block_cipher_init(&ctx); + /* After PSA Crypto init */ + TEST_EQUAL(0, mbedtls_block_cipher_setup(&ctx, cipher_type)); +#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) + TEST_EQUAL(ctx.engine, post_psa_engine); +#endif + +exit: + mbedtls_block_cipher_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); +} +/* END_CASE */ diff --git a/tests/suites/test_suite_block_cipher.psa.data b/tests/suites/test_suite_block_cipher.psa.data new file mode 100644 index 000000000..e9b48e195 --- /dev/null +++ b/tests/suites/test_suite_block_cipher.psa.data @@ -0,0 +1,39 @@ +# These tests behave differently depending on the presence of +# drivers and/or built-in, so they're isolated here for the benefit of +# analyze_outcomes.py (driver vs reference comparison). + +AES - legacy only +depends_on:MBEDTLS_BLOCK_CIPHER_AES_VIA_LEGACY:!MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA +block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_AES:0:MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY + +AES - driver only +depends_on:!MBEDTLS_BLOCK_CIPHER_AES_VIA_LEGACY:MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA +block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_AES:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA:MBEDTLS_BLOCK_CIPHER_ENGINE_PSA + +AES - legacy + driver +depends_on:MBEDTLS_BLOCK_CIPHER_AES_VIA_LEGACY:MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA +block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_AES:0:MBEDTLS_BLOCK_CIPHER_ENGINE_PSA + +ARIA - legacy only +depends_on:MBEDTLS_BLOCK_CIPHER_ARIA_VIA_LEGACY:!MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA +block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_ARIA:0:MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY + +ARIA - driver only +depends_on:!MBEDTLS_BLOCK_CIPHER_ARIA_VIA_LEGACY:MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA +block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_ARIA:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA:MBEDTLS_BLOCK_CIPHER_ENGINE_PSA + +ARIA - legacy + driver +depends_on:MBEDTLS_BLOCK_CIPHER_ARIA_VIA_LEGACY:MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA +block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_ARIA:0:MBEDTLS_BLOCK_CIPHER_ENGINE_PSA + +Camellia - legacy only +depends_on:MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_LEGACY:!MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA +block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_CAMELLIA:0:MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY + +Camellia - driver only +depends_on:!MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_LEGACY:MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA +block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_CAMELLIA:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA:MBEDTLS_BLOCK_CIPHER_ENGINE_PSA + +Camellia - legacy + driver +depends_on:MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_LEGACY:MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA +block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_CAMELLIA:0:MBEDTLS_BLOCK_CIPHER_ENGINE_PSA From 849a1abfddc06609aa888624413776da96178c47 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 13 Dec 2023 16:34:07 +0100 Subject: [PATCH 1056/1674] block_cipher: remove useless use of psa_cipher_operation_t Signed-off-by: Valerio Setti --- include/mbedtls/block_cipher.h | 3 +-- library/block_cipher.c | 9 +-------- 2 files changed, 2 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/block_cipher.h b/include/mbedtls/block_cipher.h index d76d860ea..535412a85 100644 --- a/include/mbedtls/block_cipher.h +++ b/include/mbedtls/block_cipher.h @@ -25,7 +25,7 @@ #endif #if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) -#include "psa/crypto.h" +#include "psa/crypto_types.h" #endif #ifdef __cplusplus @@ -53,7 +53,6 @@ typedef struct { mbedtls_block_cipher_id_t MBEDTLS_PRIVATE(id); #if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) mbedtls_block_cipher_engine_t engine; - psa_cipher_operation_t psa_operation; psa_key_type_t psa_key_type; mbedtls_svc_key_id_t psa_key_id; #endif diff --git a/library/block_cipher.c b/library/block_cipher.c index 0fd78abdb..fb09374c8 100644 --- a/library/block_cipher.c +++ b/library/block_cipher.c @@ -12,8 +12,8 @@ #include "common.h" #if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) -#include "psa_crypto_core.h" #include "psa/crypto.h" +#include "psa_crypto_core.h" #include "psa_util_internal.h" #endif @@ -53,7 +53,6 @@ void mbedtls_block_cipher_free(mbedtls_block_cipher_context_t *ctx) { #if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) if (ctx->engine == MBEDTLS_BLOCK_CIPHER_ENGINE_PSA) { - psa_cipher_abort(&ctx->psa_operation); psa_destroy_key(ctx->psa_key_id); return; } @@ -138,12 +137,6 @@ int mbedtls_block_cipher_setkey(mbedtls_block_cipher_context_t *ctx, } psa_reset_key_attributes(&key_attr); - status = psa_cipher_encrypt_setup(&ctx->psa_operation, ctx->psa_key_id, - PSA_ALG_ECB_NO_PADDING); - if (status != PSA_SUCCESS) { - return mbedtls_cipher_error_from_psa(status); - } - return 0; } #endif /* MBEDTLS_BLOCK_CIPHER_SOME_PSA */ From c4831224d50c975bb16093d56da1fde3424442a5 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 13 Dec 2023 16:35:33 +0100 Subject: [PATCH 1057/1674] all.sh: keep PSA_WANT_ALG_[GCM/CCM] enabled in test_full_block_cipher_psa_dispatch() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 5 ----- 1 file changed, 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 85c32b0b4..3f8ada36a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3836,11 +3836,6 @@ component_test_full_block_cipher_psa_dispatch () { # Start from the full config helper_libtestdriver1_adjust_config "full" - # Disable CCM/GCM support in PSA as we are testing dispatching of legacy - # modules (GCM_C/CCM_C through BLOCK_CIPHER_C) to PSA. - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_GCM - # Disable CIPHER_C because we want legacy GCM_C/CCM_C to use BLOCK_CIPHER_C. scripts/config.py unset MBEDTLS_CIPHER_C From 291571b44736bcb40bec24e31e2a61ce7acc0395 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 13 Dec 2023 16:41:19 +0100 Subject: [PATCH 1058/1674] block_cipher: add MBEDTLS_PRIVATE to new PSA fields in mbedtls_block_cipher_context_t Signed-off-by: Valerio Setti --- include/mbedtls/block_cipher.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/block_cipher.h b/include/mbedtls/block_cipher.h index 535412a85..2286a5781 100644 --- a/include/mbedtls/block_cipher.h +++ b/include/mbedtls/block_cipher.h @@ -52,9 +52,9 @@ typedef enum { typedef struct { mbedtls_block_cipher_id_t MBEDTLS_PRIVATE(id); #if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) - mbedtls_block_cipher_engine_t engine; - psa_key_type_t psa_key_type; - mbedtls_svc_key_id_t psa_key_id; + mbedtls_block_cipher_engine_t MBEDTLS_PRIVATE(engine); + psa_key_type_t MBEDTLS_PRIVATE(psa_key_type); + mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psa_key_id); #endif union { unsigned dummy; /* Make the union non-empty even with no supported algorithms. */ From 785ec17795c893ecdfd7cf15bdcf6499f604c5c7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 13 Dec 2023 16:49:05 +0100 Subject: [PATCH 1059/1674] block_cipher: use PSA_BITS_TO_BYTES() in mbedtls_block_cipher_setkey() Signed-off-by: Valerio Setti --- library/block_cipher.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/block_cipher.c b/library/block_cipher.c index fb09374c8..6f09d9476 100644 --- a/library/block_cipher.c +++ b/library/block_cipher.c @@ -131,7 +131,7 @@ int mbedtls_block_cipher_setkey(mbedtls_block_cipher_context_t *ctx, psa_set_key_algorithm(&key_attr, PSA_ALG_ECB_NO_PADDING); psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_ENCRYPT); - status = psa_import_key(&key_attr, key, key_bitlen/8, &ctx->psa_key_id); + status = psa_import_key(&key_attr, key, PSA_BITS_TO_BYTES(key_bitlen), &ctx->psa_key_id); if (status != PSA_SUCCESS) { return mbedtls_cipher_error_from_psa(status); } From 2684e3f2e380a0b6d1a5953fcf5eb20979d6d465 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 13 Dec 2023 16:53:02 +0100 Subject: [PATCH 1060/1674] config_adjust_legacy_crypto: fix typo Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 5842d2a54..5df3ebaf5 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -169,7 +169,7 @@ * - PSA is enabled and drivers have been initialized * - desired key type is supported on the PSA side * If the above conditions are not met, but the legacy support is enabled, then - * BLOCK_CIPHER will dinamically fallback to it. + * BLOCK_CIPHER will dynamically fallback to it. */ #if defined(MBEDTLS_BLOCK_CIPHER_C) From ac7df142e8a251146fd7f6eb10add7eadfaa39d2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 13 Dec 2023 17:40:21 +0100 Subject: [PATCH 1061/1674] test_suite_block_cipher: fix unused variable when !MBEDTLS_BLOCK_CIPHER_SOME_PSA Signed-off-by: Valerio Setti --- tests/suites/test_suite_block_cipher.function | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suites/test_suite_block_cipher.function b/tests/suites/test_suite_block_cipher.function index 2b166ba50..3350b0f26 100644 --- a/tests/suites/test_suite_block_cipher.function +++ b/tests/suites/test_suite_block_cipher.function @@ -97,6 +97,7 @@ exit: void block_cipher_psa_dynamic_dispatch(int cipher_type, int pre_psa_ret, int post_psa_engine) { mbedtls_block_cipher_context_t ctx; + (void) post_psa_engine; /* Intentionally no PSA init here! (Will be done later.) */ From 4a5d57d2255d2b0d862cb006b6743fdb894f62b2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 14 Dec 2023 09:34:15 +0100 Subject: [PATCH 1062/1674] adjust_legacy_crypto: enable BLOCK_CIPHER also when a driver is available As a consequence BLOCK_CIPHER will be enabled when: - CIPHER_C is not defined - a proper driver is present for one of AES, ARIA and/or Camellia key types Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_crypto.h | 35 ++++++++++++------- 1 file changed, 22 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 5df3ebaf5..a926550be 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -22,13 +22,6 @@ #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H #define MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H -/* GCM_C and CCM_C can either depend on (in order of preference) CIPHER_C or - * BLOCK_CIPHER_C. If the former is not defined, auto-enable the latter. */ -#if (defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)) && \ - !defined(MBEDTLS_CIPHER_C) -#define MBEDTLS_BLOCK_CIPHER_C -#endif - /* Auto-enable MBEDTLS_MD_LIGHT based on MBEDTLS_MD_C. * This allows checking for MD_LIGHT rather than MD_LIGHT || MD_C. */ @@ -170,9 +163,16 @@ * - desired key type is supported on the PSA side * If the above conditions are not met, but the legacy support is enabled, then * BLOCK_CIPHER will dynamically fallback to it. + * + * In case BLOCK_CIPHER is defined (see below) the following symbols/helpers + * can be used to define its capabilities: + * - MBEDTLS_BLOCK_CIPHER_SOME_PSA: there is at least 1 key type between AES, + * ARIA and Camellia which is supported through a driver; + * - MBEDTLS_BLOCK_CIPHER_xxx_VIA_PSA: xxx key type is supported through a + * driver; + * - MBEDTLS_BLOCK_CIPHER_xxx_VIA_LEGACY: xxx key type is supported through + * a legacy module (i.e. MBEDTLS_xxx_C) */ -#if defined(MBEDTLS_BLOCK_CIPHER_C) - #if defined(MBEDTLS_PSA_CRYPTO_C) #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) #define MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA @@ -198,10 +198,8 @@ #define MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_LEGACY #endif -#endif /* MBEDTLS_BLOCK_CIPHER_C */ - -/* Generic helpers to state that BLOCK_CIPHER module supports AES, ARIA and/or - * Camellia block ciphers via either PSA or legacy. */ +/* Helpers to state that BLOCK_CIPHER module supports AES, ARIA and/or Camellia + * block ciphers via either PSA or legacy. */ #if defined(MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA) || \ defined(MBEDTLS_BLOCK_CIPHER_AES_VIA_LEGACY) #define MBEDTLS_BLOCK_CIPHER_CAN_AES @@ -215,6 +213,17 @@ #define MBEDTLS_BLOCK_CIPHER_CAN_CAMELLIA #endif +/* GCM_C and CCM_C can either depend on (in order of preference) BLOCK_CIPHER_C + * or CIPHER_C. The former is auto-enabled when: + * - CIPHER_C is not defined, which is also the legacy solution; + * - BLOCK_CIPHER_SOME_PSA because in this case BLOCK_CIPHER can take advantage + * of the driver's acceleration. + */ +#if (defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)) && \ + (!defined(MBEDTLS_CIPHER_C) || defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)) +#define MBEDTLS_BLOCK_CIPHER_C +#endif + /* MBEDTLS_ECP_LIGHT is auto-enabled by the following symbols: * - MBEDTLS_ECP_C because now it consists of MBEDTLS_ECP_LIGHT plus functions * for curve arithmetic. As a consequence if MBEDTLS_ECP_C is required for From bd7528a5920740722b9ab2cb830b45adf21aabfe Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 14 Dec 2023 09:36:03 +0100 Subject: [PATCH 1063/1674] ccm/gcm: use BLOCK_CIPHER whenever possible Prefer BLOCK_CIPHER instead of CIPHER_C whenever it's enabled. Signed-off-by: Valerio Setti --- include/mbedtls/ccm.h | 8 +++--- include/mbedtls/gcm.h | 8 +++--- library/ccm.c | 66 +++++++++++++++++++++---------------------- library/gcm.c | 50 ++++++++++++++++---------------- 4 files changed, 66 insertions(+), 66 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 8bf8c3238..018db64b6 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -40,7 +40,7 @@ #include "mbedtls/cipher.h" -#if !defined(MBEDTLS_CIPHER_C) +#if defined(MBEDTLS_BLOCK_CIPHER_C) #include "mbedtls/block_cipher.h" #endif @@ -84,10 +84,10 @@ typedef struct mbedtls_ccm_context { #MBEDTLS_CCM_DECRYPT or #MBEDTLS_CCM_STAR_ENCRYPT or #MBEDTLS_CCM_STAR_DECRYPT. */ -#if defined(MBEDTLS_CIPHER_C) - mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ -#else +#if defined(MBEDTLS_BLOCK_CIPHER_C) mbedtls_block_cipher_context_t MBEDTLS_PRIVATE(block_cipher_ctx); /*!< The cipher context used. */ +#else + mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ #endif int MBEDTLS_PRIVATE(state); /*!< Working value holding context's state. Used for chunked data input */ diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 3925f6827..631b392fd 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -24,7 +24,7 @@ #include "mbedtls/cipher.h" -#if !defined(MBEDTLS_CIPHER_C) +#if defined(MBEDTLS_BLOCK_CIPHER_C) #include "mbedtls/block_cipher.h" #endif @@ -50,10 +50,10 @@ extern "C" { * \brief The GCM context structure. */ typedef struct mbedtls_gcm_context { -#if defined(MBEDTLS_CIPHER_C) - mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ -#else +#if defined(MBEDTLS_BLOCK_CIPHER_C) mbedtls_block_cipher_context_t MBEDTLS_PRIVATE(block_cipher_ctx); /*!< The cipher context used. */ +#else + mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ #endif uint64_t MBEDTLS_PRIVATE(HL)[16]; /*!< Precalculated HTable low. */ uint64_t MBEDTLS_PRIVATE(HH)[16]; /*!< Precalculated HTable high. */ diff --git a/library/ccm.c b/library/ccm.c index 6700dc743..392ceb84b 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -23,7 +23,7 @@ #include "mbedtls/error.h" #include "mbedtls/constant_time.h" -#if !defined(MBEDTLS_CIPHER_C) +#if defined(MBEDTLS_BLOCK_CIPHER_C) #include "block_cipher_internal.h" #endif @@ -56,7 +56,17 @@ int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; -#if defined(MBEDTLS_CIPHER_C) +#if defined(MBEDTLS_BLOCK_CIPHER_C) + mbedtls_block_cipher_free(&ctx->block_cipher_ctx); + + if ((ret = mbedtls_block_cipher_setup(&ctx->block_cipher_ctx, cipher)) != 0) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } + + if ((ret = mbedtls_block_cipher_setkey(&ctx->block_cipher_ctx, key, keybits)) != 0) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } +#else const mbedtls_cipher_info_t *cipher_info; cipher_info = mbedtls_cipher_info_from_values(cipher, keybits, @@ -79,16 +89,6 @@ int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, MBEDTLS_ENCRYPT)) != 0) { return ret; } -#else - mbedtls_block_cipher_free(&ctx->block_cipher_ctx); - - if ((ret = mbedtls_block_cipher_setup(&ctx->block_cipher_ctx, cipher)) != 0) { - return MBEDTLS_ERR_CCM_BAD_INPUT; - } - - if ((ret = mbedtls_block_cipher_setkey(&ctx->block_cipher_ctx, key, keybits)) != 0) { - return MBEDTLS_ERR_CCM_BAD_INPUT; - } #endif return 0; @@ -102,10 +102,10 @@ void mbedtls_ccm_free(mbedtls_ccm_context *ctx) if (ctx == NULL) { return; } -#if defined(MBEDTLS_CIPHER_C) - mbedtls_cipher_free(&ctx->cipher_ctx); -#else +#if defined(MBEDTLS_BLOCK_CIPHER_C) mbedtls_block_cipher_free(&ctx->block_cipher_ctx); +#else + mbedtls_cipher_free(&ctx->cipher_ctx); #endif mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ccm_context)); } @@ -128,11 +128,11 @@ static int mbedtls_ccm_crypt(mbedtls_ccm_context *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char tmp_buf[16] = { 0 }; -#if defined(MBEDTLS_CIPHER_C) +#if defined(MBEDTLS_BLOCK_CIPHER_C) + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->ctr, tmp_buf); +#else size_t olen = 0; ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, &olen); -#else - ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->ctr, tmp_buf); #endif if (ret != 0) { ctx->state |= CCM_STATE__ERROR; @@ -158,7 +158,7 @@ static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; size_t len_left; -#if defined(MBEDTLS_CIPHER_C) +#if !defined(MBEDTLS_BLOCK_CIPHER_C) size_t olen; #endif @@ -206,10 +206,10 @@ static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) } /* Start CBC-MAC with first block*/ -#if defined(MBEDTLS_CIPHER_C) - ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); -#else +#if defined(MBEDTLS_BLOCK_CIPHER_C) ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); +#else + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); #endif if (ret != 0) { ctx->state |= CCM_STATE__ERROR; @@ -292,7 +292,7 @@ int mbedtls_ccm_update_ad(mbedtls_ccm_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t use_len, offset; -#if defined(MBEDTLS_CIPHER_C) +#if !defined(MBEDTLS_BLOCK_CIPHER_C) size_t olen; #endif @@ -334,10 +334,10 @@ int mbedtls_ccm_update_ad(mbedtls_ccm_context *ctx, add += use_len; if (use_len + offset == 16 || ctx->processed == ctx->add_len) { -#if defined(MBEDTLS_CIPHER_C) - ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); -#else +#if defined(MBEDTLS_BLOCK_CIPHER_C) ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); +#else + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); #endif if (ret != 0) { ctx->state |= CCM_STATE__ERROR; @@ -363,7 +363,7 @@ int mbedtls_ccm_update(mbedtls_ccm_context *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; size_t use_len, offset; -#if defined(MBEDTLS_CIPHER_C) +#if !defined(MBEDTLS_BLOCK_CIPHER_C) size_t olen; #endif @@ -403,10 +403,10 @@ int mbedtls_ccm_update(mbedtls_ccm_context *ctx, mbedtls_xor(ctx->y + offset, ctx->y + offset, input, use_len); if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) { -#if defined(MBEDTLS_CIPHER_C) - ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); -#else +#if defined(MBEDTLS_BLOCK_CIPHER_C) ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); +#else + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); #endif if (ret != 0) { ctx->state |= CCM_STATE__ERROR; @@ -438,10 +438,10 @@ int mbedtls_ccm_update(mbedtls_ccm_context *ctx, memcpy(output, local_output, use_len); if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) { -#if defined(MBEDTLS_CIPHER_C) - ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); -#else +#if defined(MBEDTLS_BLOCK_CIPHER_C) ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); +#else + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); #endif if (ret != 0) { ctx->state |= CCM_STATE__ERROR; diff --git a/library/gcm.c b/library/gcm.c index 8181ec88a..ac6b94530 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -25,7 +25,7 @@ #include "mbedtls/error.h" #include "mbedtls/constant_time.h" -#if !defined(MBEDTLS_CIPHER_C) +#if defined(MBEDTLS_BLOCK_CIPHER_C) #include "block_cipher_internal.h" #endif @@ -66,11 +66,11 @@ static int gcm_gen_table(mbedtls_gcm_context *ctx) memset(h, 0, 16); -#if defined(MBEDTLS_CIPHER_C) +#if defined(MBEDTLS_BLOCK_CIPHER_C) + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, h, h); +#else size_t olen = 0; ret = mbedtls_cipher_update(&ctx->cipher_ctx, h, 16, h, &olen); -#else - ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, h, h); #endif if (ret != 0) { return ret; @@ -139,7 +139,17 @@ int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx, return MBEDTLS_ERR_GCM_BAD_INPUT; } -#if defined(MBEDTLS_CIPHER_C) +#if defined(MBEDTLS_BLOCK_CIPHER_C) + mbedtls_block_cipher_free(&ctx->block_cipher_ctx); + + if ((ret = mbedtls_block_cipher_setup(&ctx->block_cipher_ctx, cipher)) != 0) { + return ret; + } + + if ((ret = mbedtls_block_cipher_setkey(&ctx->block_cipher_ctx, key, keybits)) != 0) { + return ret; + } +#else const mbedtls_cipher_info_t *cipher_info; cipher_info = mbedtls_cipher_info_from_values(cipher, keybits, @@ -162,16 +172,6 @@ int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx, MBEDTLS_ENCRYPT)) != 0) { return ret; } -#else - mbedtls_block_cipher_free(&ctx->block_cipher_ctx); - - if ((ret = mbedtls_block_cipher_setup(&ctx->block_cipher_ctx, cipher)) != 0) { - return ret; - } - - if ((ret = mbedtls_block_cipher_setkey(&ctx->block_cipher_ctx, key, keybits)) != 0) { - return ret; - } #endif if ((ret = gcm_gen_table(ctx)) != 0) { @@ -277,7 +277,7 @@ int mbedtls_gcm_starts(mbedtls_gcm_context *ctx, const unsigned char *p; size_t use_len; uint64_t iv_bits; -#if defined(MBEDTLS_CIPHER_C) +#if !defined(MBEDTLS_BLOCK_CIPHER_C) size_t olen = 0; #endif @@ -320,10 +320,10 @@ int mbedtls_gcm_starts(mbedtls_gcm_context *ctx, } -#if defined(MBEDTLS_CIPHER_C) - ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr, &olen); -#else +#if defined(MBEDTLS_BLOCK_CIPHER_C) ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->base_ectr); +#else + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr, &olen); #endif if (ret != 0) { return ret; @@ -419,11 +419,11 @@ static int gcm_mask(mbedtls_gcm_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; -#if defined(MBEDTLS_CIPHER_C) +#if defined(MBEDTLS_BLOCK_CIPHER_C) + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ectr); +#else size_t olen = 0; ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ectr, &olen); -#else - ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ectr); #endif if (ret != 0) { mbedtls_platform_zeroize(ectr, 16); @@ -649,10 +649,10 @@ void mbedtls_gcm_free(mbedtls_gcm_context *ctx) if (ctx == NULL) { return; } -#if defined(MBEDTLS_CIPHER_C) - mbedtls_cipher_free(&ctx->cipher_ctx); -#else +#if defined(MBEDTLS_BLOCK_CIPHER_C) mbedtls_block_cipher_free(&ctx->block_cipher_ctx); +#else + mbedtls_cipher_free(&ctx->cipher_ctx); #endif mbedtls_platform_zeroize(ctx, sizeof(mbedtls_gcm_context)); } From efdb8261b9649e116113f57a9e77750a89608653 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 14 Dec 2023 09:36:54 +0100 Subject: [PATCH 1064/1674] all.sh: keep CIPHER_C enabled in test_full_block_cipher_psa_dispatch() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 24 ------------------------ 1 file changed, 24 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 3f8ada36a..464113c24 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3836,27 +3836,6 @@ component_test_full_block_cipher_psa_dispatch () { # Start from the full config helper_libtestdriver1_adjust_config "full" - # Disable CIPHER_C because we want legacy GCM_C/CCM_C to use BLOCK_CIPHER_C. - scripts/config.py unset MBEDTLS_CIPHER_C - - # Disable unauthenticated ciphers which are not accelerated in this - # test component because their builtin support depends on CIPHER_C. - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CCM_STAR_NO_TAG - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CMAC - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CBC_NO_PADDING - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CBC_PKCS7 - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CFB - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_CTR - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_OFB - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_XTS - scripts/config.py -f $CRYPTO_CONFIG_H unset PSA_WANT_ALG_STREAM_CIPHER - - # Disable remaining direct dependencies on CIPHER_C. - scripts/config.py unset MBEDTLS_PKCS5_C - scripts/config.py unset MBEDTLS_PKCS12_C - scripts/config.py unset MBEDTLS_NIST_KW_C - scripts/config.py unset MBEDTLS_CMAC_C - # Build # ----- @@ -3864,9 +3843,6 @@ component_test_full_block_cipher_psa_dispatch () { helper_libtestdriver1_make_main "$loc_accel_list" - # Make sure cipher was not re-enabled by accident (additive config) - not grep mbedtls_cipher library/cipher.o - # Run the tests # ------------- From 52ab8fa565d324e788d8053881d1b0e5171b616a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 14 Dec 2023 18:04:04 +0100 Subject: [PATCH 1065/1674] analyze_outcomes/all.sh: add reference component and entry for coverage comparison Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 13 +++++++++++++ tests/scripts/analyze_outcomes.py | 17 +++++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 464113c24..a8c11003a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1159,6 +1159,19 @@ component_test_default_cmake_gcc_asan_new_bignum () { tests/context-info.sh } +# This is a common component testing the full config. Its purpose is to be used +# as the "reference" for driver's acceleration tests below when possible (this +# not always the case because some reference test require extra configuration +# in addition to the default one) +component_test_full_common_reference () { + msg "build: full config (common reference)" + helper_libtestdriver1_adjust_config "full" + make + + msg "test: full config (common reference)" + make test +} + component_test_full_cmake_gcc_asan () { msg "build: full config, cmake, gcc, ASan" scripts/config.py full diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index d3ea8c0e1..cb0f3655f 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -533,6 +533,23 @@ KNOWN_TASKS = { ], } } + }, + 'analyze_block_cipher_dispatch': { + 'test_function': do_analyze_driver_vs_reference, + 'args': { + 'component_ref': 'test_full_common_reference', + 'component_driver': 'test_full_block_cipher_psa_dispatch', + 'ignored_suites': [ + ], + 'ignored_tests': { + 'test_suite_platform': [ + # Incompatible with sanitizers (e.g. ASan). If the driver + # component uses a sanitizer but the reference component + # doesn't, we have a PASS vs SKIP mismatch. + 'Check mbedtls_calloc overallocation', + ], + } + } } } From 17127e9f397fc58884883130328a458ddf824f93 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 14 Dec 2023 16:42:48 +0000 Subject: [PATCH 1066/1674] Use clang as default compiler for Asan Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 118 ++++++++++++++++++++++--------------------- 1 file changed, 60 insertions(+), 58 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 6a8331954..7c7cce3c0 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -196,6 +196,8 @@ pre_initialize_variables () { # CFLAGS and LDFLAGS for Asan builds that don't use CMake # default to -O2, use -Ox _after_ this if you want another level ASAN_CFLAGS='-O2 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' + # Normally, tests should use this compiler for ASAN testing + ASAN_CC=clang # Platform tests have an allocation that returns null export ASAN_OPTIONS="allocator_may_return_null=1" @@ -928,7 +930,7 @@ helper_get_psa_key_type_list() { # Here "things" are PSA_WANT_ symbols but with PSA_WANT_ removed. helper_libtestdriver1_make_drivers() { loc_accel_flags=$( echo "$1 ${2-}" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) - make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" } # Build the main libraries, programs and tests, @@ -946,7 +948,7 @@ helper_libtestdriver1_make_main() { # we need flags both with and without the LIBTESTDRIVER1_ prefix loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" - make CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" "$@" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" "$@" } ################################################################ @@ -1274,14 +1276,14 @@ component_test_ref_configs () { # whether they're on or off. So, disable cmake's (over-sensitive here) # dependency resolution for generated files and just rely on them being # present (thanks to pre_generate_files) by turning GEN_FILES off. - CC=gcc cmake -D GEN_FILES=Off -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D GEN_FILES=Off -D CMAKE_BUILD_TYPE:String=Asan . tests/scripts/test-ref-configs.pl } component_test_no_renegotiation () { msg "build: Default + !MBEDTLS_SSL_RENEGOTIATION (ASan build)" # ~ 6 min scripts/config.py unset MBEDTLS_SSL_RENEGOTIATION - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: !MBEDTLS_SSL_RENEGOTIATION - main suites (inc. selftests) (ASan build)" # ~ 50s @@ -1297,7 +1299,7 @@ component_test_no_pem_no_fs () { scripts/config.py unset MBEDTLS_FS_IO scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C # requires a filesystem scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA ITS - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: !MBEDTLS_PEM_PARSE_C !MBEDTLS_FS_IO - main suites (inc. selftests) (ASan build)" # ~ 50s @@ -1310,7 +1312,7 @@ component_test_no_pem_no_fs () { component_test_rsa_no_crt () { msg "build: Default + RSA_NO_CRT (ASan build)" # ~ 6 min scripts/config.py set MBEDTLS_RSA_NO_CRT - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s @@ -1333,7 +1335,7 @@ component_test_no_ctr_drbg_classic () { scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: Full minus CTR_DRBG, classic crypto - main suites" @@ -1355,7 +1357,7 @@ component_test_no_ctr_drbg_use_psa () { scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: Full minus CTR_DRBG, USE_PSA_CRYPTO - main suites" @@ -1379,7 +1381,7 @@ component_test_no_hmac_drbg_classic () { scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: Full minus HMAC_DRBG, classic crypto - main suites" @@ -1406,7 +1408,7 @@ component_test_no_hmac_drbg_use_psa () { scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG scripts/config.py set MBEDTLS_USE_PSA_CRYPTO - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: Full minus HMAC_DRBG, USE_PSA_CRYPTO - main suites" @@ -1441,7 +1443,7 @@ component_test_psa_external_rng_no_drbg_classic () { # When MBEDTLS_USE_PSA_CRYPTO is disabled and there is no DRBG, # the SSL test programs don't have an RNG and can't work. Explicitly # make them use the PSA RNG with -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG. - make CFLAGS="$ASAN_CFLAGS -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS" msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto - main suites" make test @@ -1460,7 +1462,7 @@ component_test_psa_external_rng_no_drbg_use_psa () { scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py unset MBEDTLS_HMAC_DRBG_C scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG - make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - main suites" make test @@ -1475,7 +1477,7 @@ component_test_psa_external_rng_use_psa_crypto () { scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG scripts/config.py set MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_CTR_DRBG_C - make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" make test @@ -1493,7 +1495,7 @@ component_test_psa_inject_entropy () { scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_READ scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_WRITE - make CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS" msg "test: full + MBEDTLS_PSA_INJECT_ENTROPY" make test @@ -1527,7 +1529,7 @@ component_test_crypto_full_md_light_only () { # Note: MD-light is auto-enabled in build_info.h by modules that need it, # which we haven't disabled, so no need to explicitly enable it. - make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" # Make sure we don't have the HMAC functions, but the hashing functions not grep mbedtls_md_hmac library/md.o @@ -1954,7 +1956,7 @@ component_test_everest_curve25519_only () { scripts/config.py unset-all "MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED" scripts/config.py set MBEDTLS_ECP_DP_CURVE25519_ENABLED - make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: Everest ECDH context, only Curve25519" # ~ 50s make test @@ -1964,7 +1966,7 @@ component_test_small_ssl_out_content_len () { msg "build: small SSL_OUT_CONTENT_LEN (ASan build)" scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384 scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: small SSL_OUT_CONTENT_LEN - ssl-opt.sh MFL and large packet tests" @@ -1975,7 +1977,7 @@ component_test_small_ssl_in_content_len () { msg "build: small SSL_IN_CONTENT_LEN (ASan build)" scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 4096 scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 16384 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: small SSL_IN_CONTENT_LEN - ssl-opt.sh MFL tests" @@ -1985,7 +1987,7 @@ component_test_small_ssl_in_content_len () { component_test_small_ssl_dtls_max_buffering () { msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0" scripts/config.py set MBEDTLS_SSL_DTLS_MAX_BUFFERING 1000 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #0 - ssl-opt.sh specific reordering test" @@ -1995,7 +1997,7 @@ component_test_small_ssl_dtls_max_buffering () { component_test_small_mbedtls_ssl_dtls_max_buffering () { msg "build: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1" scripts/config.py set MBEDTLS_SSL_DTLS_MAX_BUFFERING 190 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: small MBEDTLS_SSL_DTLS_MAX_BUFFERING #1 - ssl-opt.sh specific reordering test" @@ -2430,7 +2432,7 @@ component_test_no_use_psa_crypto_full_cmake_asan() { scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: main suites (full minus MBEDTLS_USE_PSA_CRYPTO)" @@ -3251,7 +3253,7 @@ component_test_tfm_config_p256m_driver_accel_ec () { common_tfm_config # Build crypto library - make CFLAGS="$ASAN_CFLAGS -I../tests/include/spe" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include/spe" LDFLAGS="$ASAN_CFLAGS" # Make sure any built-in EC alg was not re-enabled by accident (additive config) not grep mbedtls_ecdsa_ library/ecdsa.o @@ -3354,7 +3356,7 @@ build_and_test_psa_want_key_pair_partial() { # crypto_config.h so we just disable the one we don't want. scripts/config.py -f "$CRYPTO_CONFIG_H" unset "$disabled_psa_want" - make CC=gcc CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: full - MBEDTLS_USE_PSA_CRYPTO - ${disabled_psa_want}" make test @@ -3831,7 +3833,7 @@ component_test_aead_chachapoly_disabled() { scripts/config.py full scripts/config.py unset MBEDTLS_CHACHAPOLY_C scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305 - make CC=gcc CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: full minus CHACHAPOLY" make test @@ -3844,7 +3846,7 @@ component_test_aead_only_ccm() { scripts/config.py unset MBEDTLS_GCM_C scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_GCM - make CC=gcc CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: full minus CHACHAPOLY and GCM" make test @@ -3875,7 +3877,7 @@ component_build_psa_accel_alg_ecdh() { scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator HMAC code is in place and ready to test. @@ -3885,7 +3887,7 @@ component_build_psa_accel_alg_hmac() { scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator HKDF code is in place and ready to test. @@ -3898,7 +3900,7 @@ component_build_psa_accel_alg_hkdf() { # Make sure to unset TLS1_3 since it requires HKDF_C and will not build properly without it. scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test. @@ -3917,7 +3919,7 @@ component_build_psa_accel_alg_md5() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RIPEMD160 code is in place and ready to test. @@ -3936,7 +3938,7 @@ component_build_psa_accel_alg_ripemd160() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA1 code is in place and ready to test. @@ -3955,7 +3957,7 @@ component_build_psa_accel_alg_sha1() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA224 code is in place and ready to test. @@ -3971,7 +3973,7 @@ component_build_psa_accel_alg_sha224() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA256 code is in place and ready to test. @@ -3987,7 +3989,7 @@ component_build_psa_accel_alg_sha256() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA384 code is in place and ready to test. @@ -4005,7 +4007,7 @@ component_build_psa_accel_alg_sha384() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA512 code is in place and ready to test. @@ -4024,7 +4026,7 @@ component_build_psa_accel_alg_sha512() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4038,7 +4040,7 @@ component_build_psa_accel_alg_rsa_pkcs1v15_crypt() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4052,7 +4054,7 @@ component_build_psa_accel_alg_rsa_pkcs1v15_sign() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4066,7 +4068,7 @@ component_build_psa_accel_alg_rsa_oaep() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4080,7 +4082,7 @@ component_build_psa_accel_alg_rsa_pss() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4095,7 +4097,7 @@ component_build_psa_accel_key_type_rsa_key_pair() { scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4107,7 +4109,7 @@ component_build_psa_accel_key_type_rsa_public_key() { scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } @@ -4346,7 +4348,7 @@ component_test_no_max_fragment_length () { # Run max fragment length tests with MFL disabled msg "build: default config except MFL extension (ASan build)" # ~ 30s scripts/config.py unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: ssl-opt.sh, MFL-related tests" @@ -4356,7 +4358,7 @@ component_test_no_max_fragment_length () { component_test_asan_remove_peer_certificate () { msg "build: default config with MBEDTLS_SSL_KEEP_PEER_CERTIFICATE disabled (ASan build)" scripts/config.py unset MBEDTLS_SSL_KEEP_PEER_CERTIFICATE - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE" @@ -4377,7 +4379,7 @@ component_test_no_max_fragment_length_small_ssl_out_content_len () { scripts/config.py unset MBEDTLS_SSL_MAX_FRAGMENT_LENGTH scripts/config.py set MBEDTLS_SSL_IN_CONTENT_LEN 16384 scripts/config.py set MBEDTLS_SSL_OUT_CONTENT_LEN 4096 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: MFL tests (disabled MFL extension case) & large packet tests" @@ -4390,7 +4392,7 @@ component_test_no_max_fragment_length_small_ssl_out_content_len () { component_test_variable_ssl_in_out_buffer_len () { msg "build: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled (ASan build)" scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH enabled" @@ -4407,7 +4409,7 @@ component_test_dtls_cid_legacy () { msg "build: MBEDTLS_SSL_DTLS_CONNECTION_ID (legacy) enabled (ASan build)" scripts/config.py set MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT 1 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: MBEDTLS_SSL_DTLS_CONNECTION_ID (legacy)" @@ -4466,7 +4468,7 @@ component_test_platform_calloc_macro () { scripts/config.py set MBEDTLS_PLATFORM_MEMORY scripts/config.py set MBEDTLS_PLATFORM_CALLOC_MACRO calloc scripts/config.py set MBEDTLS_PLATFORM_FREE_MACRO free - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: MBEDTLS_PLATFORM_{CALLOC/FREE}_MACRO enabled (ASan build)" @@ -4476,7 +4478,7 @@ component_test_platform_calloc_macro () { component_test_malloc_0_null () { msg "build: malloc(0) returns NULL (ASan+UBSan build)" scripts/config.py full - make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: malloc(0) returns NULL (ASan+UBSan build)" make test @@ -4800,7 +4802,7 @@ component_build_aes_via_padlock () { scripts/config.py unset MBEDTLS_AESNI_C scripts/config.py set MBEDTLS_PADLOCK_C scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" grep -q mbedtls_padlock_has_support ./programs/test/selftest } @@ -5039,7 +5041,7 @@ component_test_ctr_drbg_aes_256_sha_256 () { scripts/config.py full scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.py set MBEDTLS_ENTROPY_FORCE_SHA256 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: full + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)" @@ -5051,7 +5053,7 @@ component_test_ctr_drbg_aes_128_sha_512 () { scripts/config.py full scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.py set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY (ASan build)" @@ -5064,7 +5066,7 @@ component_test_ctr_drbg_aes_128_sha_256 () { scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.py set MBEDTLS_CTR_DRBG_USE_128_BIT_KEY scripts/config.py set MBEDTLS_ENTROPY_FORCE_SHA256 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: full + MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + MBEDTLS_ENTROPY_FORCE_SHA256 (ASan build)" @@ -5088,7 +5090,7 @@ component_test_psa_crypto_drivers () { loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" loc_cflags="${loc_cflags} -I../tests/include -O2" - make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS" msg "test: full + test drivers dispatching to builtins" make test @@ -5238,7 +5240,7 @@ component_test_m32_no_asm () { make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc, no asm (ASan build)" - make test + #make test } support_test_m32_no_asm () { case $(uname -m) in @@ -5269,7 +5271,7 @@ component_test_m32_everest () { msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s make test @@ -5303,7 +5305,7 @@ support_test_mx32 () { component_test_min_mpi_window_size () { msg "build: Default + MBEDTLS_MPI_WINDOW_SIZE=1 (ASan build)" # ~ 10s scripts/config.py set MBEDTLS_MPI_WINDOW_SIZE 1 - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: MBEDTLS_MPI_WINDOW_SIZE=1 - main suites (inc. selftests) (ASan build)" # ~ 10s @@ -5688,7 +5690,7 @@ component_test_tls13 () { scripts/config.py set MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 scripts/config.py set MBEDTLS_SSL_EARLY_DATA - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding" make test @@ -5702,7 +5704,7 @@ component_test_tls13_no_compatibility_mode () { scripts/config.py unset MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE scripts/config.py set MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 1 scripts/config.py set MBEDTLS_SSL_EARLY_DATA - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: default config with MBEDTLS_SSL_PROTO_TLS1_3 enabled, without padding" make test From 815b240d72f593bdadfd190098178121bd386698 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 14 Dec 2023 20:51:21 +0000 Subject: [PATCH 1067/1674] Fix unused function/variable warnings from clang Signed-off-by: Dave Rodgman --- library/ecp.c | 18 ++++-------------- .../suites/test_suite_psa_crypto_pake.function | 2 ++ 2 files changed, 6 insertions(+), 14 deletions(-) diff --git a/library/ecp.c b/library/ecp.c index b6ea070a6..ee86cbc6e 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -1074,13 +1074,7 @@ cleanup: MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi((N), (N), &grp->P)); \ } while (0) -#if (defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) && \ - !(defined(MBEDTLS_ECP_NO_FALLBACK) && \ - defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \ - defined(MBEDTLS_ECP_ADD_MIXED_ALT))) || \ - (defined(MBEDTLS_ECP_MONTGOMERY_ENABLED) && \ - !(defined(MBEDTLS_ECP_NO_FALLBACK) && \ - defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT))) +MBEDTLS_MAYBE_UNUSED static inline int mbedtls_mpi_sub_mod(const mbedtls_ecp_group *grp, mbedtls_mpi *X, const mbedtls_mpi *A, @@ -1092,7 +1086,6 @@ static inline int mbedtls_mpi_sub_mod(const mbedtls_ecp_group *grp, cleanup: return ret; } -#endif /* All functions referencing mbedtls_mpi_sub_mod() are alt-implemented without fallback */ /* * Reduce a mbedtls_mpi mod p in-place, to use after mbedtls_mpi_add_mpi and mbedtls_mpi_mul_int. @@ -1115,6 +1108,7 @@ cleanup: return ret; } +MBEDTLS_MAYBE_UNUSED static inline int mbedtls_mpi_mul_int_mod(const mbedtls_ecp_group *grp, mbedtls_mpi *X, const mbedtls_mpi *A, @@ -1128,6 +1122,7 @@ cleanup: return ret; } +MBEDTLS_MAYBE_UNUSED static inline int mbedtls_mpi_sub_int_mod(const mbedtls_ecp_group *grp, mbedtls_mpi *X, const mbedtls_mpi *A, @@ -1144,10 +1139,7 @@ cleanup: #define MPI_ECP_SUB_INT(X, A, c) \ MBEDTLS_MPI_CHK(mbedtls_mpi_sub_int_mod(grp, X, A, c)) -#if defined(MBEDTLS_ECP_SHORT_WEIERSTRASS_ENABLED) && \ - !(defined(MBEDTLS_ECP_NO_FALLBACK) && \ - defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) && \ - defined(MBEDTLS_ECP_ADD_MIXED_ALT)) +MBEDTLS_MAYBE_UNUSED static inline int mbedtls_mpi_shift_l_mod(const mbedtls_ecp_group *grp, mbedtls_mpi *X, size_t count) @@ -1158,8 +1150,6 @@ static inline int mbedtls_mpi_shift_l_mod(const mbedtls_ecp_group *grp, cleanup: return ret; } -#endif \ - /* All functions referencing mbedtls_mpi_shift_l_mod() are alt-implemented without fallback */ /* * Macro wrappers around ECP modular arithmetic diff --git a/tests/suites/test_suite_psa_crypto_pake.function b/tests/suites/test_suite_psa_crypto_pake.function index 96c119592..ecff8bc4a 100644 --- a/tests/suites/test_suite_psa_crypto_pake.function +++ b/tests/suites/test_suite_psa_crypto_pake.function @@ -59,9 +59,11 @@ typedef enum { PAKE_ROUND_TWO } pake_round_t; +#if defined(PSA_WANT_ALG_JPAKE) /* The only two JPAKE user/peer identifiers supported for the time being. */ static const uint8_t jpake_server_id[] = { 's', 'e', 'r', 'v', 'e', 'r' }; static const uint8_t jpake_client_id[] = { 'c', 'l', 'i', 'e', 'n', 't' }; +#endif /* * Inject an error on the specified buffer ONLY it this is the correct stage. From b90f87b9a877faed1424e07db70dacac204c8496 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 14 Dec 2023 23:27:33 +0000 Subject: [PATCH 1068/1674] Use gcc for -m32 Asan builds There seem to be known issues with clang for this target. Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7c7cce3c0..553ba1d1c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4802,7 +4802,7 @@ component_build_aes_via_padlock () { scripts/config.py unset MBEDTLS_AESNI_C scripts/config.py set MBEDTLS_PADLOCK_C scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" grep -q mbedtls_padlock_has_support ./programs/test/selftest } @@ -5271,7 +5271,7 @@ component_test_m32_everest () { msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s make test From c1f0f5b8af1f0faee44c9cfa1ac2a4fd5ba0cd6f Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 14 Dec 2023 23:34:48 +0000 Subject: [PATCH 1069/1674] Fix a typo Signed-off-by: Dave Rodgman --- tests/suites/test_suite_psa_crypto_pake.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_pake.function b/tests/suites/test_suite_psa_crypto_pake.function index ecff8bc4a..fed2c412f 100644 --- a/tests/suites/test_suite_psa_crypto_pake.function +++ b/tests/suites/test_suite_psa_crypto_pake.function @@ -44,7 +44,7 @@ typedef enum { ERR_INJECT_EXTRA_INPUT, ERR_INJECT_EXTRA_OUTPUT_AT_END, ERR_INJECT_EXTRA_INPUT_AT_END, - /* erros issued from the .data file */ + /* errors issued from the .data file */ ERR_IN_SETUP, ERR_IN_SET_USER, ERR_IN_SET_PEER, From a2cf240fff6787239891ce21223ad7f8dcfdfbcc Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 15 Dec 2023 11:04:13 +0000 Subject: [PATCH 1070/1674] Add explanatory comment Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 553ba1d1c..460fb33df 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -5232,6 +5232,9 @@ component_build_psa_alt_headers () { component_test_m32_no_asm () { # Build without assembly, so as to use portable C code (in a 32-bit # build) and not the i386-specific inline assembly. + # + # Note that we require gcc, because clang Asan builds fail to link for + # this target (cannot find libclang_rt.lsan-i386.a - this is a known clang issue). msg "build: i386, make, gcc, no asm (ASan build)" # ~ 30s scripts/config.py full scripts/config.py unset MBEDTLS_HAVE_ASM From d5635e95e2e79a1c45a7a676db395cfabe304ac0 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 15 Dec 2023 11:04:34 +0000 Subject: [PATCH 1071/1674] Undo accidental change Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 460fb33df..b37e3ee82 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -5243,7 +5243,7 @@ component_test_m32_no_asm () { make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc, no asm (ASan build)" - #make test + make test } support_test_m32_no_asm () { case $(uname -m) in From c1c6e0d906664103438fe96e7fc09c4f7a5e6d70 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Fri, 15 Dec 2023 12:26:38 +0000 Subject: [PATCH 1072/1674] Justify linearization points Signed-off-by: Ryan Everett --- .../psa-thread-safety/psa-thread-safety.md | 27 +++++++++++++++---- 1 file changed, 22 insertions(+), 5 deletions(-) diff --git a/docs/architecture/psa-thread-safety/psa-thread-safety.md b/docs/architecture/psa-thread-safety/psa-thread-safety.md index 4b122c838..70b1341c2 100644 --- a/docs/architecture/psa-thread-safety/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety/psa-thread-safety.md @@ -283,8 +283,8 @@ Note that a thread must hold the global mutex when it reads or changes a slot's For concurrency purposes, a slot can be in one of four states: -* EMPTY: no thread is currently accessing the slot, and no information is stored in the slot. -* FILLING: one thread is currently loading or creating material to fill the slot, this thread is responsible for the next state transition. +* EMPTY: no thread is currently accessing the slot, and no information is stored in the slot. Any thread is able to change the slot's state to FILLING and begin loading data. +* FILLING: one thread is currently loading or creating material to fill the slot, this thread is responsible for the next state transition. Other threads cannot read the contents of a slot which is in FILLING. * FULL: the slot contains a key, and any thread is able to use the key after registering as a reader. * PENDING_DELETION: the key within the slot has been destroyed or marked for destruction, but at least one thread is still registered as a reader. No thread can register to read this slot. The slot must not be wiped until the last reader de-registers, wiping the slot by calling `psa_wipe_key_slot`. @@ -292,15 +292,32 @@ To change `slot` to state `new_state`, a function must call `psa_slot_state_tran A counter field within each slot keeps track of how many readers have registered. Library functions must call `psa_register_read` before reading the key data witin a slot, and `psa_unregister_read` after they have finished operating. -Any call to `psa_slot_state_transition`, `psa_register_read` or `psa_unregister_read` must be performed by a function which holds the global mutex. +Any call to `psa_slot_state_transition`, `psa_register_read` or `psa_unregister_read` must be performed by a thread which holds the global mutex. + +##### Linearizability of the system + +To satisfy the requirements in [Correctness out of the box](#correctness-out-of-the-box), we require our functions to be "linearizable" (under certain constraints). This means that any (constraint satisfying) set of concurrent calls are performed as if they were executed in some sequential order. + +The standard way of reasoning that this is the case is to identify a "linearization point" for each call, this is a single execution step where the function takes effect (this is usually a step in which the effects of the call become visible to other threads). If every call has a linearization point, the set of calls is equivalent to sequentially performing the calls in order of when their linearization point occured. + +We only access and modify a slot's state and reader count while we hold the global lock. This ensures the memory in which these fields are stored is correctly synchronized. It also ensures that the key data within the slot is synchronised where needed (the writer unlocks the mutex after filling the data, and any reader must lock the mutex before reading the data). + +To help justify that our system is linearizable, here is a list of key slot state changing functions and their linearization points (for the sake of brevity not all failure cases are covered, but those cases are not complex): +* `psa_wipe_key_slot, psa_register_read, psa_unregister_read, psa_slot_state_transition,` - These functions are all always performed under the global mutex, so they have no effects visible to other threads (this implies that they are linearizable). +* `psa_get_empty_key_slot, psa_get_and_lock_key_slot_in_memory, psa_load_X_key_into_slot, psa_fail_key_creation` - These functions hold the mutex for all non-setup/finalizing code, their linearization points are the release of the mutex. +* `psa_get_and_lock_key_slot` - If the key is already in a slot, the linearization point is the linearization point of the call to `psa_get_and_lock_key_slot_in_memory`. If the key is not in a slot and is loaded into one, the linearization point is the linearization point of the call to `psa_load_X_key_into_slot`. +* `psa_finish_key_creation` - On a successful load, we lock the mutex and set the state of the slot to FULL, the linearization point is then the following unlock. On an unsuccessful load, the linearization point is when we return - no action we have performed has been made visible to another thread as the slot is still in a FILLING state. +* `psa_destroy_key, psa_close_key, psa_purge_key` - As per the requirements, we need only argue for the case where the key is not in use here. The linearization point is the unlock after wiping the data and setting the slot state to EMPTY. Library functions which operate on a slot will return `PSA_ERROR_BAD_STATE` if the slot is in an inappropriate state for the function at the linearization point. +##### Key slot state transition diagram + ![](key-slot-state-transitions.png) -In the state transition diagram above, an arrow between two states `q1` and `q2` with label `f` indicates that if the state of a slot is `q1` immediately before `f`'s linearization point, it may be `q2` immediately after `f`'s linearization point. The linearization point of a state changing call to a function must be a call to `psa_slot_state_transition`. (A function which: locks the global mutex, performs some operation, calls `psa_slot_state_transition` and then unlocks the global mutex, cleans up and returns can satisfy this requirement). +In the state transition diagram above, an arrow between two states `q1` and `q2` with label `f` indicates that if the state of a slot is `q1` immediately before `f`'s linearization point, it may be `q2` immediately after `f`'s linearization point. -#### Generating the state transition diagram from source +##### Generating the key slot state transition diagram from source To generate the state transition diagram in https://app.diagrams.net/, open the following url: From abd8977cc15a460213afc72a02aeca778c3f2bfd Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Fri, 15 Dec 2023 12:28:38 +0000 Subject: [PATCH 1073/1674] Make check_files ignore png files in docs Signed-off-by: Ryan Everett --- tests/scripts/check_files.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py index a2a9dfa8d..a93b8256f 100755 --- a/tests/scripts/check_files.py +++ b/tests/scripts/check_files.py @@ -105,6 +105,7 @@ class FileIssueTracker: BINARY_FILE_PATH_RE_LIST = [ r'docs/.*\.pdf\Z', + r'docs/.*\.png\Z', r'programs/fuzz/corpuses/[^.]+\Z', r'tests/data_files/[^.]+\Z', r'tests/data_files/.*\.(crt|csr|db|der|key|pubkey)\Z', From 4ff405cf809cae9f58a8ff12ca95261a753dc8b9 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 15 Dec 2023 16:10:52 +0100 Subject: [PATCH 1074/1674] block_cipher: remove psa_key_type from mbedtls_block_cipher_context_t This information was redundant with the already existing mbedtls_block_cipher_id_t. Signed-off-by: Valerio Setti --- include/mbedtls/block_cipher.h | 1 - library/block_cipher.c | 37 +++++++++++++++++----------------- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/include/mbedtls/block_cipher.h b/include/mbedtls/block_cipher.h index 2286a5781..3f60f6f7d 100644 --- a/include/mbedtls/block_cipher.h +++ b/include/mbedtls/block_cipher.h @@ -53,7 +53,6 @@ typedef struct { mbedtls_block_cipher_id_t MBEDTLS_PRIVATE(id); #if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) mbedtls_block_cipher_engine_t MBEDTLS_PRIVATE(engine); - psa_key_type_t MBEDTLS_PRIVATE(psa_key_type); mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psa_key_id); #endif union { diff --git a/library/block_cipher.c b/library/block_cipher.c index 6f09d9476..bfb605ec4 100644 --- a/library/block_cipher.c +++ b/library/block_cipher.c @@ -22,19 +22,19 @@ #if defined(MBEDTLS_BLOCK_CIPHER_C) #if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) -static psa_key_type_t psa_key_type_from_cipher_id(mbedtls_cipher_id_t cipher_id) +static psa_key_type_t psa_key_type_from_block_cipher_id(mbedtls_block_cipher_id_t cipher_id) { switch (cipher_id) { #if defined(MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA) - case MBEDTLS_CIPHER_ID_AES: + case MBEDTLS_BLOCK_CIPHER_ID_AES: return PSA_KEY_TYPE_AES; #endif #if defined(MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA) - case MBEDTLS_CIPHER_ID_ARIA: + case MBEDTLS_BLOCK_CIPHER_ID_ARIA: return PSA_KEY_TYPE_ARIA; #endif #if defined(MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA) - case MBEDTLS_CIPHER_ID_CAMELLIA: + case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA: return PSA_KEY_TYPE_CAMELLIA; #endif default: @@ -82,37 +82,38 @@ void mbedtls_block_cipher_free(mbedtls_block_cipher_context_t *ctx) int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx, mbedtls_cipher_id_t cipher_id) { + ctx->id = (cipher_id == MBEDTLS_CIPHER_ID_AES) ? MBEDTLS_BLOCK_CIPHER_ID_AES : + (cipher_id == MBEDTLS_CIPHER_ID_ARIA) ? MBEDTLS_BLOCK_CIPHER_ID_ARIA : + (cipher_id == MBEDTLS_CIPHER_ID_CAMELLIA) ? MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA : + MBEDTLS_BLOCK_CIPHER_ID_NONE; + #if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) - if (psa_can_do_cipher(cipher_id)) { - ctx->psa_key_type = psa_key_type_from_cipher_id(cipher_id); - if (ctx->psa_key_type != PSA_KEY_TYPE_NONE) { - ctx->engine = MBEDTLS_BLOCK_CIPHER_ENGINE_PSA; - return 0; - } + if (psa_can_do_cipher(cipher_id) && + (psa_key_type_from_block_cipher_id(ctx->id) != PSA_KEY_TYPE_NONE)) { + ctx->engine = MBEDTLS_BLOCK_CIPHER_ENGINE_PSA; + return 0; } ctx->engine = MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY; #endif - switch (cipher_id) { + switch (ctx->id) { #if defined(MBEDTLS_AES_C) - case MBEDTLS_CIPHER_ID_AES: - ctx->id = MBEDTLS_BLOCK_CIPHER_ID_AES; + case MBEDTLS_BLOCK_CIPHER_ID_AES: mbedtls_aes_init(&ctx->ctx.aes); return 0; #endif #if defined(MBEDTLS_ARIA_C) - case MBEDTLS_CIPHER_ID_ARIA: - ctx->id = MBEDTLS_BLOCK_CIPHER_ID_ARIA; + case MBEDTLS_BLOCK_CIPHER_ID_ARIA: mbedtls_aria_init(&ctx->ctx.aria); return 0; #endif #if defined(MBEDTLS_CAMELLIA_C) - case MBEDTLS_CIPHER_ID_CAMELLIA: - ctx->id = MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA; + case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA: mbedtls_camellia_init(&ctx->ctx.camellia); return 0; #endif default: + ctx->id = MBEDTLS_BLOCK_CIPHER_ID_NONE; return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; } } @@ -126,7 +127,7 @@ int mbedtls_block_cipher_setkey(mbedtls_block_cipher_context_t *ctx, psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; psa_status_t status; - psa_set_key_type(&key_attr, ctx->psa_key_type); + psa_set_key_type(&key_attr, psa_key_type_from_block_cipher_id(ctx->id)); psa_set_key_bits(&key_attr, key_bitlen); psa_set_key_algorithm(&key_attr, PSA_ALG_ECB_NO_PADDING); psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_ENCRYPT); From 89dd5c0654f6ed0c44d893b807ca2df14bf42d00 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Fri, 15 Dec 2023 17:05:15 +0100 Subject: [PATCH 1075/1674] Document release components in all.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- tests/scripts/all.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 10a76ec18..e68ad2016 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -74,6 +74,7 @@ # * component_check_XXX: quick tests that aren't worth parallelizing. # * component_build_XXX: build things but don't run them. # * component_test_XXX: build and test. +# * component_release_XXX: tests that the CI should skip during PR testing. # * support_XXX: if support_XXX exists and returns false then # component_XXX is not run by default. # * post_XXX: things to do after running the tests. From 71c71eb91cb066c802c668a5b79297cd5af51d9e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Fri, 15 Dec 2023 19:20:31 +0100 Subject: [PATCH 1076/1674] all.sh: Parse arguments before checking if a test is supported MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Support for each test was checked before the command line had been parsed, causing the support_ functions to ignore arguments that set a tool's location. Signed-off-by: Bence Szépkúti --- tests/scripts/all.sh | 46 ++++++++++++++++++++------------------------ 1 file changed, 21 insertions(+), 25 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 10a76ec18..beeff05d2 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -205,15 +205,8 @@ pre_initialize_variables () { # defined in this script whose name starts with "component_". ALL_COMPONENTS=$(compgen -A function component_ | sed 's/component_//') - # Exclude components that are not supported on this platform. - SUPPORTED_COMPONENTS= - for component in $ALL_COMPONENTS; do - case $(type "support_$component" 2>&1) in - *' function'*) - if ! support_$component; then continue; fi;; - esac - SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component" - done + # Delay determinig SUPPORTED_COMPONENTS until the command line options have a chance to override + # the commands set by the environment } # Test whether the component $1 is included in the command line patterns. @@ -423,22 +416,11 @@ check_tools() done } -pre_parse_command_line_for_dirs () { - # Make an early pass through the options given, so we can set directories - # for Arm compilers, before SUPPORTED_COMPONENTS is determined. - while [ $# -gt 0 ]; do - case "$1" in - --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; - --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; - esac - shift - done -} - pre_parse_command_line () { COMMAND_LINE_COMPONENTS= all_except=0 error_test=0 + list_components=0 restore_first=0 no_armcc= @@ -451,8 +433,8 @@ pre_parse_command_line () { --arm-none-eabi-gcc-prefix) shift; ARM_NONE_EABI_GCC_PREFIX="$1";; --arm-linux-gnueabi-gcc-prefix) shift; ARM_LINUX_GNUEABI_GCC_PREFIX="$1";; --armcc) no_armcc=;; - --armc5-bin-dir) shift; ;; # assignment to ARMC5_BIN_DIR done in pre_parse_command_line_for_dirs - --armc6-bin-dir) shift; ;; # assignment to ARMC6_BIN_DIR done in pre_parse_command_line_for_dirs + --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; + --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; --clang-earliest) shift; CLANG_EARLIEST="$1";; --clang-latest) shift; CLANG_LATEST="$1";; --error-test) error_test=$((error_test + 1));; @@ -467,7 +449,7 @@ pre_parse_command_line () { --help|-h) usage; exit;; --keep-going|-k) KEEP_GOING=1;; --list-all-components) printf '%s\n' $ALL_COMPONENTS; exit;; - --list-components) printf '%s\n' $SUPPORTED_COMPONENTS; exit;; + --list-components) list_components=1;; --memory|-m) MEMORY=1;; --no-append-outcome) append_outcome=0;; --no-armcc) no_armcc=1;; @@ -494,6 +476,21 @@ pre_parse_command_line () { shift done + # Exclude components that are not supported on this platform. + SUPPORTED_COMPONENTS= + for component in $ALL_COMPONENTS; do + case $(type "support_$component" 2>&1) in + *' function'*) + if ! support_$component; then continue; fi;; + esac + SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component" + done + + if [ $list_components -eq 1 ]; then + printf '%s\n' $SUPPORTED_COMPONENTS + exit + fi + # With no list of components, run everything. if [ -z "$COMMAND_LINE_COMPONENTS" ] && [ $restore_first -eq 0 ]; then all_except=1 @@ -6157,7 +6154,6 @@ run_component () { # Preliminary setup pre_check_environment -pre_parse_command_line_for_dirs "$@" pre_initialize_variables pre_parse_command_line "$@" From bbb5af9eae7b35a8f10ef6e5d3db919de55374ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Fri, 15 Dec 2023 20:58:15 +0100 Subject: [PATCH 1077/1674] Set OpenSSL/GnuTLS variables in release components MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index e68ad2016..442bd7ae0 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -748,7 +748,7 @@ pre_check_tools () { # Require OpenSSL and GnuTLS if running any tests (as opposed to # only doing builds). Not all tests run OpenSSL and GnuTLS, but this # is a good enough approximation in practice. - *" test_"*) + *" test_"* | *" release_test_"*) # To avoid setting OpenSSL and GnuTLS for each call to compat.sh # and ssl-opt.sh, we just export the variables they require. export OPENSSL="$OPENSSL" From eb075c5de48e3c029e61e7509dad856cb311e34c Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 4 Oct 2023 18:38:14 +0100 Subject: [PATCH 1078/1674] Add cmake build type for tsan Building with clang ThreadSanitizer can now be done by setting the build type: cmake -D CMAKE_BUILD_TYPE:String=TSan . (ThreadSanitizer is available in clang 3.2 and gcc 4.8, README.md states that we test with clang 3.8 and gcc 5.4.) Signed-off-by: Janos Follath --- CMakeLists.txt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 36baa3b40..3badb5f72 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -117,7 +117,7 @@ endif() # If this is the root project add longer list of available CMAKE_BUILD_TYPE values if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR) set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE} - CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull" + CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull TSan" FORCE) endif() @@ -208,6 +208,7 @@ if(CMAKE_COMPILER_IS_GNU) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-overflow=2 -Wformat-truncation") endif() set(CMAKE_C_FLAGS_RELEASE "-O2") + set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -g3 -O2") set(CMAKE_C_FLAGS_DEBUG "-O0 -g3") set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") @@ -219,6 +220,7 @@ endif(CMAKE_COMPILER_IS_GNU) if(CMAKE_COMPILER_IS_CLANG) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral") set(CMAKE_C_FLAGS_RELEASE "-O2") + set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -g3 -O2") set(CMAKE_C_FLAGS_DEBUG "-O0 -g3") set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") From 9338cac0509a862e64135799472f0c24bf2efc79 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 4 Oct 2023 18:55:39 +0100 Subject: [PATCH 1079/1674] Add tsan to all.sh component_test_tsan now builds and tests the library with clang ThreadSanitizer enabled. There are no multi-threaded unit tests so far, the goal is that they are automatically tested with TSan when they are added. Signed-off-by: Janos Follath --- tests/scripts/all.sh | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 40a8fe0bf..05fc1a0d5 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2159,6 +2159,18 @@ component_release_test_valgrind_constant_flow_psa () { make memcheck } +component_test_tsan () { + msg "build: TSan (clang)" + scripts/config.py set MBEDTLS_THREADING_C + scripts/config.py set MBEDTLS_THREADING_PTHREAD + + CC=clang cmake -D CMAKE_BUILD_TYPE:String=TSan . + make + + msg "test: main suites (TSan)" + make test +} + component_test_default_no_deprecated () { # Test that removing the deprecated features from the default # configuration leaves something consistent. From a16ee6b7d4789c501baf5955e492cc27189b2706 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 4 Oct 2023 19:05:26 +0100 Subject: [PATCH 1080/1674] Add multi-threaded unit test The unit test we add is designed to fail. The goal is to test the tests and show that they catch the problem. A later commit will fix the unit test and will make it pass. Signed-off-by: Janos Follath --- tests/suites/test_suite_ctr_drbg.data | 6 +++ tests/suites/test_suite_ctr_drbg.function | 64 +++++++++++++++++++++++ 2 files changed, 70 insertions(+) diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data index a72d8afa0..70206e7d9 100644 --- a/tests/suites/test_suite_ctr_drbg.data +++ b/tests/suites/test_suite_ctr_drbg.data @@ -1096,5 +1096,11 @@ ctr_drbg_seed_file:"no_such_dir/file":MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR CTR_DRBG Special Behaviours ctr_drbg_special_behaviours: +CTR_DRBG Threads: no reseed +ctr_drbg_threads:"1fafa98bc83d95e10f2d5ed339a553e1":10000 + +CTR_DRBG Threads: reseed +ctr_drbg_threads:"0d2dda60286dc738ddcc2dd3520bb988":25 + CTR_DRBG self test ctr_drbg_selftest: diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 066e70b35..bdf3dca59 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -90,6 +90,19 @@ exit: mbedtls_ctr_drbg_free(&ctx); } +static const int thread_random_reps = 10; +void *thread_random_function( void* ctx ) +{ + unsigned char out[16]; + memset(out, 0, sizeof(out)); + + for(int i = 0; i < thread_random_reps; i++) { + TEST_EQUAL(mbedtls_ctr_drbg_random_with_add((mbedtls_ctr_drbg_context*) ctx, out, sizeof(out), NULL, 0), 0); + } + +exit: + return NULL; +} /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -325,6 +338,57 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_THREADING_PTHREAD */ +void ctr_drbg_threads(data_t *expected_result, int reseed_interval) +{ +#define THREAD_CNT 5 + pthread_t threads[THREAD_CNT]; + + unsigned char out[16]; + memset(out, 0, sizeof(out)); + + unsigned char entropy[1024]; + memset(entropy, 0, sizeof(entropy)); + + test_offset_idx = 0; + test_max_idx = sizeof(entropy); + + mbedtls_ctr_drbg_context ctx; + mbedtls_ctr_drbg_init(&ctx); + + mbedtls_ctr_drbg_set_reseed_interval(&ctx, reseed_interval); + + /* There are too many calls in this test to conveniently provide enough + * entropy for this to be on. Test cases can trigger reseeding by setting + * \p reseed_interval appropriately. */ + mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_OFF); + + TEST_EQUAL( + mbedtls_ctr_drbg_seed(&ctx, mbedtls_test_entropy_func, entropy, NULL, 0), + 0); + + for (size_t i = 0; i < THREAD_CNT; i++) { + TEST_EQUAL( + pthread_create(&threads[i], NULL, + thread_random_function, (void*) &ctx), + 0); + } + + for (size_t i = 0; i < THREAD_CNT; i++) { + TEST_EQUAL(pthread_join(threads[i], NULL), 0); + } + + /* Take a last output for comparing and thus verifying the DRBG state */ + TEST_EQUAL(mbedtls_ctr_drbg_random(&ctx, out, sizeof(out)), 0); + + TEST_MEMORY_COMPARE(out, sizeof(out), expected_result->x, expected_result->len); + +exit: + mbedtls_ctr_drbg_free(&ctx); +} +#undef THREAD_CNT +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ void ctr_drbg_seed_file(char *path, int ret) { From 178bf3ee8acdb40a10dbd149ee301cd87679b056 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 4 Oct 2023 19:08:23 +0100 Subject: [PATCH 1081/1674] Fix failing multi-threaded unit test Signed-off-by: Janos Follath --- tests/suites/test_suite_ctr_drbg.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index bdf3dca59..0f1237c7e 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -97,7 +97,7 @@ void *thread_random_function( void* ctx ) memset(out, 0, sizeof(out)); for(int i = 0; i < thread_random_reps; i++) { - TEST_EQUAL(mbedtls_ctr_drbg_random_with_add((mbedtls_ctr_drbg_context*) ctx, out, sizeof(out), NULL, 0), 0); + TEST_EQUAL(mbedtls_ctr_drbg_random((mbedtls_ctr_drbg_context*) ctx, out, sizeof(out)), 0); } exit: From 20b2efa2930e801c61ef1e9390cea1e11aad0e84 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 21 Nov 2023 14:46:51 +0000 Subject: [PATCH 1082/1674] Fix missing include Signed-off-by: Paul Elliott --- tests/suites/test_suite_ctr_drbg.function | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 0f1237c7e..7123d146c 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -3,6 +3,10 @@ #include "mbedtls/ctr_drbg.h" #include "string.h" +#if defined(MBEDTLS_THREADING_PTHREAD) +#include "mbedtls/threading.h" +#endif + /* Modes for ctr_drbg_validate */ enum reseed_mode { RESEED_NEVER, /* never reseed */ From bda25dd29c64d91b2df7a223f424b0bd3624e8af Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 21 Nov 2023 17:07:40 +0000 Subject: [PATCH 1083/1674] Add re-seeding option to test Signed-off-by: Paul Elliott --- tests/suites/test_suite_ctr_drbg.data | 4 +-- tests/suites/test_suite_ctr_drbg.function | 33 ++++++++++++++--------- 2 files changed, 23 insertions(+), 14 deletions(-) diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data index 70206e7d9..827d74a4a 100644 --- a/tests/suites/test_suite_ctr_drbg.data +++ b/tests/suites/test_suite_ctr_drbg.data @@ -1097,10 +1097,10 @@ CTR_DRBG Special Behaviours ctr_drbg_special_behaviours: CTR_DRBG Threads: no reseed -ctr_drbg_threads:"1fafa98bc83d95e10f2d5ed339a553e1":10000 +ctr_drbg_threads:"1fafa98bc83d95e10f2d5ed339a553e1":0 CTR_DRBG Threads: reseed -ctr_drbg_threads:"0d2dda60286dc738ddcc2dd3520bb988":25 +ctr_drbg_threads:"B10A961F2EA39927B4C48AEDDD299026":1 CTR_DRBG self test ctr_drbg_selftest: diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 7123d146c..72cbf7bc9 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -343,29 +343,37 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_THREADING_PTHREAD */ -void ctr_drbg_threads(data_t *expected_result, int reseed_interval) +void ctr_drbg_threads(data_t *expected_result, int reseed) { #define THREAD_CNT 5 pthread_t threads[THREAD_CNT]; unsigned char out[16]; + unsigned char *entropy = NULL; + + const size_t n_random_calls = THREAD_CNT * thread_random_reps + 1; + memset(out, 0, sizeof(out)); - unsigned char entropy[1024]; - memset(entropy, 0, sizeof(entropy)); - - test_offset_idx = 0; - test_max_idx = sizeof(entropy); - mbedtls_ctr_drbg_context ctx; mbedtls_ctr_drbg_init(&ctx); - mbedtls_ctr_drbg_set_reseed_interval(&ctx, reseed_interval); + test_offset_idx = 0; - /* There are too many calls in this test to conveniently provide enough - * entropy for this to be on. Test cases can trigger reseeding by setting - * \p reseed_interval appropriately. */ - mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_OFF); + if (reseed == 0) { + mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_OFF); + mbedtls_ctr_drbg_set_reseed_interval(&ctx, n_random_calls + 1); + + TEST_CALLOC(entropy, MBEDTLS_CTR_DRBG_ENTROPY_LEN); + test_max_idx = MBEDTLS_CTR_DRBG_ENTROPY_LEN; + } else { + const size_t entropy_size = (n_random_calls + 1) * MBEDTLS_CTR_DRBG_ENTROPY_LEN; + + mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_ON); + + TEST_CALLOC(entropy, entropy_size); + test_max_idx = entropy_size; + } TEST_EQUAL( mbedtls_ctr_drbg_seed(&ctx, mbedtls_test_entropy_func, entropy, NULL, 0), @@ -389,6 +397,7 @@ void ctr_drbg_threads(data_t *expected_result, int reseed_interval) exit: mbedtls_ctr_drbg_free(&ctx); + mbedtls_free(entropy); } #undef THREAD_CNT /* END_CASE */ From bbdfc8ad2c8a8479c161d0601f67a41c23c9256b Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 23 Nov 2023 14:07:43 +0000 Subject: [PATCH 1084/1674] Add TsanDbg, standardise Tsan with other sanitisers Signed-off-by: Paul Elliott --- CMakeLists.txt | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 3badb5f72..ad056466a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -117,7 +117,7 @@ endif() # If this is the root project add longer list of available CMAKE_BUILD_TYPE values if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR) set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE} - CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull TSan" + CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull TSan TSanDbg" FORCE) endif() @@ -208,11 +208,12 @@ if(CMAKE_COMPILER_IS_GNU) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-overflow=2 -Wformat-truncation") endif() set(CMAKE_C_FLAGS_RELEASE "-O2") - set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -g3 -O2") set(CMAKE_C_FLAGS_DEBUG "-O0 -g3") set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") + set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -O3") + set(CMAKE_C_FLAGS_TSANDBG "-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") set(CMAKE_C_FLAGS_CHECK "-Os") set(CMAKE_C_FLAGS_CHECKFULL "${CMAKE_C_FLAGS_CHECK} -Wcast-qual") endif(CMAKE_COMPILER_IS_GNU) @@ -220,13 +221,14 @@ endif(CMAKE_COMPILER_IS_GNU) if(CMAKE_COMPILER_IS_CLANG) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral") set(CMAKE_C_FLAGS_RELEASE "-O2") - set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -g3 -O2") set(CMAKE_C_FLAGS_DEBUG "-O0 -g3") set(CMAKE_C_FLAGS_COVERAGE "-O0 -g3 --coverage") set(CMAKE_C_FLAGS_ASAN "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O3") set(CMAKE_C_FLAGS_ASANDBG "-fsanitize=address -fno-common -fsanitize=undefined -fno-sanitize-recover=all -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") set(CMAKE_C_FLAGS_MEMSAN "-fsanitize=memory -O3") set(CMAKE_C_FLAGS_MEMSANDBG "-fsanitize=memory -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2") + set(CMAKE_C_FLAGS_TSAN "-fsanitize=thread -O3") + set(CMAKE_C_FLAGS_TSANDBG "-fsanitize=thread -O1 -g3 -fno-omit-frame-pointer -fno-optimize-sibling-calls") set(CMAKE_C_FLAGS_CHECK "-Os") endif(CMAKE_COMPILER_IS_CLANG) From 8860021abcc77872d6e016d3a27b014b4fe775d3 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 23 Nov 2023 14:24:30 +0000 Subject: [PATCH 1085/1674] Fix false claim of variables used unitialised GCC with TSan + O3 causes an error where it claims key_len and iv_len may be used uninitialised. This is, as far as I can tell incorrect (the only way it could not be set is in the error case, and then it is not used), however the simplest option seemed to be just to fix it. Signed-off-by: Paul Elliott --- library/ssl_tls13_keys.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index a6a2915d8..9b775ec95 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -1140,8 +1140,8 @@ static int ssl_tls13_generate_early_key(mbedtls_ssl_context *ssl, size_t hash_len; unsigned char transcript[MBEDTLS_TLS1_3_MD_MAX_SIZE]; size_t transcript_len; - size_t key_len; - size_t iv_len; + size_t key_len = 0; + size_t iv_len = 0; mbedtls_ssl_tls13_early_secrets tls13_early_secrets; mbedtls_ssl_handshake_params *handshake = ssl->handshake; @@ -1341,8 +1341,8 @@ static int ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl, size_t hash_len; unsigned char transcript[MBEDTLS_TLS1_3_MD_MAX_SIZE]; size_t transcript_len; - size_t key_len; - size_t iv_len; + size_t key_len = 0; + size_t iv_len = 0; mbedtls_ssl_handshake_params *handshake = ssl->handshake; const mbedtls_ssl_ciphersuite_t *ciphersuite_info = @@ -1592,7 +1592,7 @@ static int ssl_tls13_generate_application_keys( size_t hash_len; /* Variables relating to the cipher for the chosen ciphersuite. */ - size_t key_len, iv_len; + size_t key_len = 0, iv_len = 0; MBEDTLS_SSL_DEBUG_MSG(2, ("=> derive application traffic keys")); From 2667eda785009e075a12e4d291bff7e6fd08f54d Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 29 Nov 2023 15:53:00 +0000 Subject: [PATCH 1086/1674] Explicitly link tests with pthreads Required to use pthreads within tests. Signed-off-by: Paul Elliott --- tests/CMakeLists.txt | 3 +++ tests/Makefile | 1 + 2 files changed, 4 insertions(+) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 0869aaa01..68bc57f5a 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -1,5 +1,8 @@ +find_package(Threads) + set(libs ${mbedtls_target} + ${CMAKE_THREAD_LIBS_INIT} ) # Set the project root directory if it's not already defined, as may happen if diff --git a/tests/Makefile b/tests/Makefile index 2249a55df..bcc3b9307 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -57,6 +57,7 @@ else DLEXT ?= so EXEXT= SHARED_SUFFIX= +LOCAL_LDFLAGS += -lpthread endif ifdef WINDOWS From 6a997c9994694b7c338a8ad8ebc22489872239c3 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 30 Nov 2023 14:47:17 +0000 Subject: [PATCH 1087/1674] Fix code style Signed-off-by: Paul Elliott --- tests/suites/test_suite_ctr_drbg.function | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 72cbf7bc9..5a77c1d43 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -95,13 +95,13 @@ exit: } static const int thread_random_reps = 10; -void *thread_random_function( void* ctx ) +void *thread_random_function(void *ctx) { unsigned char out[16]; memset(out, 0, sizeof(out)); - for(int i = 0; i < thread_random_reps; i++) { - TEST_EQUAL(mbedtls_ctr_drbg_random((mbedtls_ctr_drbg_context*) ctx, out, sizeof(out)), 0); + for (int i = 0; i < thread_random_reps; i++) { + TEST_EQUAL(mbedtls_ctr_drbg_random((mbedtls_ctr_drbg_context *) ctx, out, sizeof(out)), 0); } exit: @@ -382,7 +382,7 @@ void ctr_drbg_threads(data_t *expected_result, int reseed) for (size_t i = 0; i < THREAD_CNT; i++) { TEST_EQUAL( pthread_create(&threads[i], NULL, - thread_random_function, (void*) &ctx), + thread_random_function, (void *) &ctx), 0); } From 811c600d88108b6df02e86168666e9a931e643ba Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 30 Nov 2023 19:04:28 +0000 Subject: [PATCH 1088/1674] Guard tests correctly All guarded options change output, thus failing the test. Signed-off-by: Paul Elliott --- tests/suites/test_suite_ctr_drbg.data | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data index 827d74a4a..1cc51e302 100644 --- a/tests/suites/test_suite_ctr_drbg.data +++ b/tests/suites/test_suite_ctr_drbg.data @@ -1097,9 +1097,11 @@ CTR_DRBG Special Behaviours ctr_drbg_special_behaviours: CTR_DRBG Threads: no reseed +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_ENTROPY_FORCE_SHA256:MBEDTLS_SHA512_C ctr_drbg_threads:"1fafa98bc83d95e10f2d5ed339a553e1":0 CTR_DRBG Threads: reseed +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_ENTROPY_FORCE_SHA256:MBEDTLS_SHA512_C ctr_drbg_threads:"B10A961F2EA39927B4C48AEDDD299026":1 CTR_DRBG self test From fed410f58e4370cbd6025d959ac6084fe5864d73 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 30 Nov 2023 20:40:55 +0000 Subject: [PATCH 1089/1674] Increase entropy buffer sizes Signed-off-by: Paul Elliott --- tests/suites/test_suite_ctr_drbg.function | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 5a77c1d43..329c222cf 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -364,10 +364,11 @@ void ctr_drbg_threads(data_t *expected_result, int reseed) mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_OFF); mbedtls_ctr_drbg_set_reseed_interval(&ctx, n_random_calls + 1); - TEST_CALLOC(entropy, MBEDTLS_CTR_DRBG_ENTROPY_LEN); - test_max_idx = MBEDTLS_CTR_DRBG_ENTROPY_LEN; + TEST_CALLOC(entropy, MBEDTLS_CTR_DRBG_ENTROPY_LEN + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN); + test_max_idx = MBEDTLS_CTR_DRBG_ENTROPY_LEN + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN; } else { - const size_t entropy_size = (n_random_calls + 1) * MBEDTLS_CTR_DRBG_ENTROPY_LEN; + const size_t entropy_size = ((n_random_calls + 1) * MBEDTLS_CTR_DRBG_ENTROPY_LEN) + + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN; mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_ON); From bb0e48f94f456e099ae58848537c22c87438ea9f Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Fri, 1 Dec 2023 18:05:19 +0000 Subject: [PATCH 1090/1674] Make number of threads a test argument Remove hard coded number of threads. Signed-off-by: Paul Elliott --- tests/suites/test_suite_ctr_drbg.data | 4 ++-- tests/suites/test_suite_ctr_drbg.function | 15 ++++++++------- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data index 1cc51e302..b519da895 100644 --- a/tests/suites/test_suite_ctr_drbg.data +++ b/tests/suites/test_suite_ctr_drbg.data @@ -1098,11 +1098,11 @@ ctr_drbg_special_behaviours: CTR_DRBG Threads: no reseed depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_ENTROPY_FORCE_SHA256:MBEDTLS_SHA512_C -ctr_drbg_threads:"1fafa98bc83d95e10f2d5ed339a553e1":0 +ctr_drbg_threads:"1fafa98bc83d95e10f2d5ed339a553e1":0:5 CTR_DRBG Threads: reseed depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_ENTROPY_FORCE_SHA256:MBEDTLS_SHA512_C -ctr_drbg_threads:"B10A961F2EA39927B4C48AEDDD299026":1 +ctr_drbg_threads:"B10A961F2EA39927B4C48AEDDD299026":1:5 CTR_DRBG self test ctr_drbg_selftest: diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 329c222cf..a5a85a0eb 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -343,16 +343,17 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_THREADING_PTHREAD */ -void ctr_drbg_threads(data_t *expected_result, int reseed) +void ctr_drbg_threads(data_t *expected_result, int reseed, int arg_thread_count) { -#define THREAD_CNT 5 - pthread_t threads[THREAD_CNT]; + size_t thread_count = (size_t) arg_thread_count; + pthread_t *threads = NULL; unsigned char out[16]; unsigned char *entropy = NULL; - const size_t n_random_calls = THREAD_CNT * thread_random_reps + 1; + const size_t n_random_calls = thread_count * thread_random_reps + 1; + TEST_CALLOC(threads, sizeof(pthread_t) * thread_count); memset(out, 0, sizeof(out)); mbedtls_ctr_drbg_context ctx; @@ -380,14 +381,14 @@ void ctr_drbg_threads(data_t *expected_result, int reseed) mbedtls_ctr_drbg_seed(&ctx, mbedtls_test_entropy_func, entropy, NULL, 0), 0); - for (size_t i = 0; i < THREAD_CNT; i++) { + for (size_t i = 0; i < thread_count; i++) { TEST_EQUAL( pthread_create(&threads[i], NULL, thread_random_function, (void *) &ctx), 0); } - for (size_t i = 0; i < THREAD_CNT; i++) { + for (size_t i = 0; i < thread_count; i++) { TEST_EQUAL(pthread_join(threads[i], NULL), 0); } @@ -399,8 +400,8 @@ void ctr_drbg_threads(data_t *expected_result, int reseed) exit: mbedtls_ctr_drbg_free(&ctx); mbedtls_free(entropy); + mbedtls_free(threads); } -#undef THREAD_CNT /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_FS_IO */ From 356597f077c32d7206e252ecd93780a4c61e931e Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Fri, 1 Dec 2023 18:09:41 +0000 Subject: [PATCH 1091/1674] Make TSan test run operate on full config Signed-off-by: Paul Elliott --- tests/scripts/all.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 05fc1a0d5..315c6e5cd 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2161,6 +2161,7 @@ component_release_test_valgrind_constant_flow_psa () { component_test_tsan () { msg "build: TSan (clang)" + scripts/config.py full scripts/config.py set MBEDTLS_THREADING_C scripts/config.py set MBEDTLS_THREADING_PTHREAD From 80fa88e2fab1850e2b5eb38eb8bc2759a7606269 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Fri, 24 Nov 2023 17:12:24 +0000 Subject: [PATCH 1092/1674] Remove warning with GCC 12 and TSan Compiler is unhappy that the return from mbedtls_cipher_get_name() could be NULL as this is used in a printf statement. Signed-off-by: Paul Elliott --- programs/aes/crypt_and_hash.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index 226718bc6..f15b85e2c 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -103,7 +103,14 @@ int main(int argc, char *argv[]) list = mbedtls_cipher_list(); while (*list) { cipher_info = mbedtls_cipher_info_from_type(*list); - mbedtls_printf(" %s\n", mbedtls_cipher_info_get_name(cipher_info)); + if (cipher_info) { + const char *name = mbedtls_cipher_info_get_name(cipher_info); + + if (name) { + mbedtls_printf(" %s\n", mbedtls_cipher_info_get_name(cipher_info)); + } + } + list++; } From be978a8c4fc52965b486125f2993251025b1a399 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 7 Dec 2023 11:46:04 +0000 Subject: [PATCH 1093/1674] Add option to pass make variables to depends.py Signed-off-by: Paul Elliott --- tests/scripts/depends.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index 38c184a6a..5fe26f158 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -381,7 +381,7 @@ class DomainData: def __init__(self, options, conf): """Gather data about the library and establish a list of domains to test.""" - build_command = [options.make_command, 'CFLAGS=-Werror'] + build_command = [options.make_command] + options.make_vars.split(' ') + ['CFLAGS=-Werror'] build_and_test = [build_command, [options.make_command, 'test']] self.all_config_symbols = set(conf.settings.keys()) # Find hash modules by name. @@ -526,6 +526,9 @@ def main(): parser.add_argument('--make-command', metavar='CMD', help='Command to run instead of make (e.g. gmake)', action='store', default='make') + parser.add_argument('--make-vars', + help='optional variable/value pairs to pass to make', + action='store', default='') parser.add_argument('--unset-use-psa', help='Unset MBEDTLS_USE_PSA_CRYPTO before any test', action='store_true', dest='unset_use_psa') From 6587959a32f978aeb02766c27cf30b04d8a245e1 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Thu, 7 Dec 2023 20:08:10 +0000 Subject: [PATCH 1094/1674] Add ability to pass make variables to psa_collect_statuses.py Signed-off-by: Paul Elliott --- tests/scripts/psa_collect_statuses.py | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/tests/scripts/psa_collect_statuses.py b/tests/scripts/psa_collect_statuses.py index 11bbebcc1..6291d7898 100755 --- a/tests/scripts/psa_collect_statuses.py +++ b/tests/scripts/psa_collect_statuses.py @@ -82,10 +82,15 @@ def collect_status_logs(options): cwd='tests', stdout=sys.stderr) with open(os.devnull, 'w') as devnull: - make_q_ret = subprocess.call(['make', '-q', 'lib', 'tests'], - stdout=devnull, stderr=devnull) + build_command = ['make', '-q'] + options.make_vars.split(' ') + \ + ['lib', 'tests'] + make_q_ret = subprocess.call(build_command, stdout=devnull, + stderr=devnull) + print("blagh") if make_q_ret != 0: - subprocess.check_call(['make', 'RECORD_PSA_STATUS_COVERAGE_LOG=1'], + build_command = ['make'] + options.make_vars.split(' ') + \ + ['RECORD_PSA_STATUS_COVERAGE_LOG=1'] + subprocess.check_call(build_command, stdout=sys.stderr) rebuilt = True subprocess.check_call(['make', 'test'], @@ -112,6 +117,9 @@ def main(): help='Log file location (default: {})'.format( DEFAULT_STATUS_LOG_FILE )) + parser.add_argument('--make-vars', + help='optional variable/value pairs to pass to make', + action='store', default='') parser.add_argument('--psa-constant-names', metavar='PROGRAM', default=DEFAULT_PSA_CONSTANT_NAMES, help='Path to psa_constant_names (default: {})'.format( From 20a95bc09a540918da70d4e96d8a615cea934692 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Wed, 6 Dec 2023 19:24:49 +0000 Subject: [PATCH 1095/1674] Remove explicit linking of PThread in make This would break platforms that do not have pthread. Put the linking instead behind a define and add this define where required to all.sh. Signed-off-by: Paul Elliott --- tests/Makefile | 3 + tests/scripts/all.sh | 169 ++++++++++++++++++++++--------------------- 2 files changed, 89 insertions(+), 83 deletions(-) diff --git a/tests/Makefile b/tests/Makefile index bcc3b9307..72429a642 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -57,8 +57,11 @@ else DLEXT ?= so EXEXT= SHARED_SUFFIX= + +ifdef PTHREAD LOCAL_LDFLAGS += -lpthread endif +endif ifdef WINDOWS PYTHON ?= python diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 315c6e5cd..65203e877 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -216,6 +216,9 @@ pre_initialize_variables () { esac SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component" done + + # Option to enable linking with pthreads under make + MAKE_THREADING_FLAGS="PTHREAD=1" } # Test whether the component $1 is included in the command line patterns. @@ -930,7 +933,7 @@ helper_get_psa_key_type_list() { # Here "things" are PSA_WANT_ symbols but with PSA_WANT_ removed. helper_libtestdriver1_make_drivers() { loc_accel_flags=$( echo "$1 ${2-}" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) - make CC=$ASAN_CC -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # Build the main libraries, programs and tests, @@ -948,7 +951,7 @@ helper_libtestdriver1_make_main() { # we need flags both with and without the LIBTESTDRIVER1_ prefix loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" "$@" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" $MAKE_THREADING_FLAGS "$@" } ################################################################ @@ -1443,7 +1446,7 @@ component_test_psa_external_rng_no_drbg_classic () { # When MBEDTLS_USE_PSA_CRYPTO is disabled and there is no DRBG, # the SSL test programs don't have an RNG and can't work. Explicitly # make them use the PSA RNG with -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG. - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto - main suites" make test @@ -1462,7 +1465,7 @@ component_test_psa_external_rng_no_drbg_use_psa () { scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py unset MBEDTLS_HMAC_DRBG_C scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - main suites" make test @@ -1477,7 +1480,7 @@ component_test_psa_external_rng_use_psa_crypto () { scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG scripts/config.py set MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_CTR_DRBG_C - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" make test @@ -1495,7 +1498,7 @@ component_test_psa_inject_entropy () { scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_READ scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_WRITE - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS msg "test: full + MBEDTLS_PSA_INJECT_ENTROPY" make test @@ -1529,14 +1532,14 @@ component_test_crypto_full_md_light_only () { # Note: MD-light is auto-enabled in build_info.h by modules that need it, # which we haven't disabled, so no need to explicitly enable it. - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS # Make sure we don't have the HMAC functions, but the hashing functions not grep mbedtls_md_hmac library/md.o grep mbedtls_md library/md.o msg "test: crypto_full with only the light subset of MD" - make test + make $MAKE_THREADING_FLAGS test } component_test_full_no_cipher () { @@ -1562,7 +1565,7 @@ component_test_full_no_cipher () { scripts/config.py unset MBEDTLS_LMS_PRIVATE msg "test: full no CIPHER no PSA_CRYPTO_C" - make test + make $MAKE_THREADING_FLAGS test } # This is a common configurator and test function that is used in: @@ -1611,7 +1614,7 @@ common_test_full_no_cipher_with_psa_crypto () { scripts/config.py unset MBEDTLS_PKCS12_C scripts/config.py unset MBEDTLS_PKCS5_C - make + make $MAKE_THREADING_FLAGS # Ensure that CIPHER_C was not re-enabled not grep mbedtls_cipher_init library/cipher.o @@ -1644,7 +1647,7 @@ component_test_full_no_ccm() { # PSA_WANT_ALG_CCM to be re-enabled. scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CCM - make + make $MAKE_THREADING_FLAGS msg "test: full no PSA_WANT_ALG_CCM" make test @@ -1672,7 +1675,7 @@ component_test_full_no_ccm_star_no_tag() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7 - make + make $MAKE_THREADING_FLAGS # Ensure MBEDTLS_PSA_BUILTIN_CIPHER was not enabled not grep mbedtls_psa_cipher library/psa_crypto_cipher.o @@ -1729,7 +1732,7 @@ component_test_full_no_bignum () { scripts/config.py unset MBEDTLS_SSL_ASYNC_PRIVATE scripts/config.py unset MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK - make + make $MAKE_THREADING_FLAGS msg "test: full minus bignum" make test @@ -2007,7 +2010,7 @@ component_test_small_mbedtls_ssl_dtls_max_buffering () { component_test_psa_collect_statuses () { msg "build+test: psa_collect_statuses" # ~30s scripts/config.py full - tests/scripts/psa_collect_statuses.py + tests/scripts/psa_collect_statuses.py --make-vars="$MAKE_THREADING_FLAGS" # Check that psa_crypto_init() succeeded at least once grep -q '^0:psa_crypto_init:' tests/statuses.log rm -f tests/statuses.log @@ -2186,7 +2189,7 @@ component_test_default_no_deprecated () { component_test_full_no_deprecated () { msg "build: make, full_no_deprecated config" # ~ 30s scripts/config.py full_no_deprecated - make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' + make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' $MAKE_THREADING_FLAGS msg "test: make, full_no_deprecated config" # ~ 5s make test @@ -2203,7 +2206,7 @@ component_test_full_no_deprecated_deprecated_warning () { scripts/config.py full_no_deprecated scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED scripts/config.py set MBEDTLS_DEPRECATED_WARNING - make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' + make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' $MAKE_THREADING_FLAGS msg "test: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s make test @@ -2223,7 +2226,7 @@ component_test_full_deprecated_warning () { # By default those are disabled when MBEDTLS_DEPRECATED_WARNING is set. # Expect warnings from '#warning' directives in check_config.h and # from the use of deprecated functions in test suites. - make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests + make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' $MAKE_THREADING_FLAGS tests msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s make test @@ -2248,7 +2251,7 @@ component_build_crypto_default () { component_build_crypto_full () { msg "build: make, crypto only, full config" scripts/config.py crypto_full - make CFLAGS='-O1 -Werror' + make CFLAGS='-O1 -Werror' $MAKE_THREADING_FLAGS are_empty_libraries library/libmbedx509.* library/libmbedtls.* } @@ -2308,73 +2311,73 @@ support_build_baremetal () { # depends.py family of tests component_test_depends_py_cipher_id () { msg "test/build: depends.py cipher_id (gcc)" - tests/scripts/depends.py cipher_id --unset-use-psa + tests/scripts/depends.py cipher_id --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS" } component_test_depends_py_cipher_chaining () { msg "test/build: depends.py cipher_chaining (gcc)" - tests/scripts/depends.py cipher_chaining --unset-use-psa + tests/scripts/depends.py cipher_chaining --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS" } component_test_depends_py_cipher_padding () { msg "test/build: depends.py cipher_padding (gcc)" - tests/scripts/depends.py cipher_padding --unset-use-psa + tests/scripts/depends.py cipher_padding --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS" } component_test_depends_py_curves () { msg "test/build: depends.py curves (gcc)" - tests/scripts/depends.py curves --unset-use-psa + tests/scripts/depends.py curves --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS" } component_test_depends_py_hashes () { msg "test/build: depends.py hashes (gcc)" - tests/scripts/depends.py hashes --unset-use-psa + tests/scripts/depends.py hashes --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS" } component_test_depends_py_kex () { msg "test/build: depends.py kex (gcc)" - tests/scripts/depends.py kex --unset-use-psa + tests/scripts/depends.py kex --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS" } component_test_depends_py_pkalgs () { msg "test/build: depends.py pkalgs (gcc)" - tests/scripts/depends.py pkalgs --unset-use-psa + tests/scripts/depends.py pkalgs --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS" } # PSA equivalents of the depends.py tests component_test_depends_py_cipher_id_psa () { msg "test/build: depends.py cipher_id (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" - tests/scripts/depends.py cipher_id + tests/scripts/depends.py cipher_id --make-vars="$MAKE_THREADING_FLAGS" } component_test_depends_py_cipher_chaining_psa () { msg "test/build: depends.py cipher_chaining (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" - tests/scripts/depends.py cipher_chaining + tests/scripts/depends.py cipher_chaining --make-vars="$MAKE_THREADING_FLAGS" } component_test_depends_py_cipher_padding_psa () { msg "test/build: depends.py cipher_padding (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" - tests/scripts/depends.py cipher_padding + tests/scripts/depends.py cipher_padding --make-vars="$MAKE_THREADING_FLAGS" } component_test_depends_py_curves_psa () { msg "test/build: depends.py curves (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" - tests/scripts/depends.py curves + tests/scripts/depends.py curves --make-vars="$MAKE_THREADING_FLAGS" } component_test_depends_py_hashes_psa () { msg "test/build: depends.py hashes (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" - tests/scripts/depends.py hashes + tests/scripts/depends.py hashes --make-vars="$MAKE_THREADING_FLAGS" } component_test_depends_py_kex_psa () { msg "test/build: depends.py kex (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" - tests/scripts/depends.py kex + tests/scripts/depends.py kex --make-vars="$MAKE_THREADING_FLAGS" } component_test_depends_py_pkalgs_psa () { msg "test/build: depends.py pkalgs (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" - tests/scripts/depends.py pkalgs + tests/scripts/depends.py pkalgs --make-vars="$MAKE_THREADING_FLAGS" } component_build_no_pk_rsa_alt_support () { @@ -2386,7 +2389,7 @@ component_build_no_pk_rsa_alt_support () { scripts/config.py set MBEDTLS_X509_CRT_WRITE_C # Only compile - this is primarily to test for compile issues - make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' + make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' $MAKE_THREADING_FLAGS } component_build_module_alt () { @@ -2600,7 +2603,7 @@ component_test_psa_crypto_config_reference_ffdh () { # Disable things that are not supported scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - make + make $MAKE_THREADING_FLAGS msg "test suites: full with non-accelerated FFDH alg" make test @@ -2639,7 +2642,7 @@ component_test_psa_crypto_config_accel_pake() { # ------------- msg "test: full with accelerated PAKE" - make test + make $MAKE_THREADING_FLAGS test } component_test_psa_crypto_config_accel_ecc_some_key_types () { @@ -2699,7 +2702,7 @@ component_test_psa_crypto_config_accel_ecc_some_key_types () { # ------------- msg "test suites: full with accelerated EC algs and some key types" - make test + make $MAKE_THREADING_FLAGS test } # Run tests with only (non-)Weierstrass accelerated @@ -2898,7 +2901,7 @@ component_test_psa_crypto_config_accel_ecc_ecp_light_only () { # ------------- msg "test suites: full with accelerated EC algs" - make test + make $MAKE_THREADING_FLAGS test msg "ssl-opt: full with accelerated EC algs" tests/ssl-opt.sh @@ -2910,7 +2913,7 @@ component_test_psa_crypto_config_reference_ecc_ecp_light_only () { config_psa_crypto_config_ecp_light_only 0 - make + make $MAKE_THREADING_FLAGS msg "test suites: full with non-accelerated EC algs" make test @@ -3003,7 +3006,7 @@ component_test_psa_crypto_config_accel_ecc_no_ecp_at_all () { # ------------- msg "test: full + accelerated EC algs - ECP" - make test + make $MAKE_THREADING_FLAGS test msg "ssl-opt: full + accelerated EC algs - ECP" tests/ssl-opt.sh @@ -3017,7 +3020,7 @@ component_test_psa_crypto_config_reference_ecc_no_ecp_at_all () { config_psa_crypto_no_ecp_at_all 0 - make + make $MAKE_THREADING_FLAGS msg "test: full + non accelerated EC algs" make test @@ -3180,7 +3183,7 @@ common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () { msg "test suites: full + accelerated $accel_text algs + USE_PSA - $removed_text - DHM - BIGNUM" - make test + make $MAKE_THREADING_FLAGS test msg "ssl-opt: full + accelerated $accel_text algs + USE_PSA - $removed_text - BIGNUM" tests/ssl-opt.sh @@ -3211,7 +3214,7 @@ common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum () { config_psa_crypto_config_accel_ecc_ffdh_no_bignum 0 "$test_target" - make + make $MAKE_THREADING_FLAGS msg "test suites: full + non accelerated EC algs + USE_PSA" make test @@ -3330,7 +3333,7 @@ build_full_minus_something_and_test_tls () { scripts/config.py unset $sym done - make + make $MAKE_THREADING_FLAGS msg "test: full minus something, test TLS" ( cd tests; ./test_suite_ssl ) @@ -3369,7 +3372,7 @@ build_and_test_psa_want_key_pair_partial() { # crypto_config.h so we just disable the one we don't want. scripts/config.py -f "$CRYPTO_CONFIG_H" unset "$disabled_psa_want" - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS msg "test: full - MBEDTLS_USE_PSA_CRYPTO - ${disabled_psa_want}" make test @@ -3435,7 +3438,7 @@ component_test_psa_crypto_config_accel_rsa_crypto () { # ------------- msg "test: crypto_full with accelerated RSA" - make test + make $MAKE_THREADING_FLAGS test } component_test_psa_crypto_config_reference_rsa_crypto () { @@ -3447,7 +3450,7 @@ component_test_psa_crypto_config_reference_rsa_crypto () { # Build # ----- - make + make $MAKE_THREADING_FLAGS # Run the tests # ------------- @@ -3649,7 +3652,7 @@ component_test_psa_crypto_config_reference_hash_use_psa() { config_psa_crypto_hash_use_psa 0 - make + make $MAKE_THREADING_FLAGS msg "test: full without accelerated hashes" make test @@ -3814,7 +3817,7 @@ component_test_psa_crypto_config_accel_cipher_aead () { # ------------- msg "test: full config with accelerated cipher and AEAD" - make test + make $MAKE_THREADING_FLAGS test msg "ssl-opt: full config with accelerated cipher and AEAD" tests/ssl-opt.sh @@ -3827,7 +3830,7 @@ component_test_psa_crypto_config_reference_cipher_aead () { msg "build: full config with non-accelerated cipher and AEAD" common_psa_crypto_config_accel_cipher_aead - make + make $MAKE_THREADING_FLAGS msg "test: full config with non-accelerated cipher and AEAD" make test @@ -3844,7 +3847,7 @@ component_test_aead_chachapoly_disabled() { scripts/config.py full scripts/config.py unset MBEDTLS_CHACHAPOLY_C scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305 - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS msg "test: full minus CHACHAPOLY" make test @@ -3857,7 +3860,7 @@ component_test_aead_only_ccm() { scripts/config.py unset MBEDTLS_GCM_C scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_GCM - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS msg "test: full minus CHACHAPOLY and GCM" make test @@ -3888,7 +3891,7 @@ component_build_psa_accel_alg_ecdh() { scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator HMAC code is in place and ready to test. @@ -3898,7 +3901,7 @@ component_build_psa_accel_alg_hmac() { scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator HKDF code is in place and ready to test. @@ -3911,7 +3914,7 @@ component_build_psa_accel_alg_hkdf() { # Make sure to unset TLS1_3 since it requires HKDF_C and will not build properly without it. scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test. @@ -3930,7 +3933,7 @@ component_build_psa_accel_alg_md5() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator RIPEMD160 code is in place and ready to test. @@ -3949,7 +3952,7 @@ component_build_psa_accel_alg_ripemd160() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator SHA1 code is in place and ready to test. @@ -3968,7 +3971,7 @@ component_build_psa_accel_alg_sha1() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator SHA224 code is in place and ready to test. @@ -3984,7 +3987,7 @@ component_build_psa_accel_alg_sha224() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator SHA256 code is in place and ready to test. @@ -4000,7 +4003,7 @@ component_build_psa_accel_alg_sha256() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator SHA384 code is in place and ready to test. @@ -4018,7 +4021,7 @@ component_build_psa_accel_alg_sha384() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator SHA512 code is in place and ready to test. @@ -4037,7 +4040,7 @@ component_build_psa_accel_alg_sha512() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4051,7 +4054,7 @@ component_build_psa_accel_alg_rsa_pkcs1v15_crypt() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4065,7 +4068,7 @@ component_build_psa_accel_alg_rsa_pkcs1v15_sign() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4079,7 +4082,7 @@ component_build_psa_accel_alg_rsa_oaep() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4093,7 +4096,7 @@ component_build_psa_accel_alg_rsa_pss() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4108,7 +4111,7 @@ component_build_psa_accel_key_type_rsa_key_pair() { scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4120,7 +4123,7 @@ component_build_psa_accel_key_type_rsa_public_key() { scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS } @@ -4289,7 +4292,7 @@ component_test_no_platform () { # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19, # to re-enable platform integration features otherwise disabled in C99 builds make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -Os -D_DEFAULT_SOURCE' lib programs - make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' test + make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' $MAKE_THREADING_FLAGS test } component_build_no_std_function () { @@ -4307,14 +4310,14 @@ component_build_no_ssl_srv () { msg "build: full config except SSL server, make, gcc" # ~ 30s scripts/config.py full scripts/config.py unset MBEDTLS_SSL_SRV_C - make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' + make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' $MAKE_THREADING_FLAGS } component_build_no_ssl_cli () { msg "build: full config except SSL client, make, gcc" # ~ 30s scripts/config.py full scripts/config.py unset MBEDTLS_SSL_CLI_C - make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' + make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' $MAKE_THREADING_FLAGS } component_build_no_sockets () { @@ -4489,7 +4492,7 @@ component_test_platform_calloc_macro () { component_test_malloc_0_null () { msg "build: malloc(0) returns NULL (ASan+UBSan build)" scripts/config.py full - make CC=$ASAN_CC CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS msg "test: malloc(0) returns NULL (ASan+UBSan build)" make test @@ -5101,7 +5104,7 @@ component_test_psa_crypto_drivers () { loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" loc_cflags="${loc_cflags} -I../tests/include -O2" - make CC=$ASAN_CC CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS msg "test: full + test drivers dispatching to builtins" make test @@ -5128,7 +5131,7 @@ test_build_opt () { $cc --version for opt in "$@"; do msg "build/test: $cc $opt, $info" # ~ 30s - make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror" + make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror" $MAKE_THREADING_FLAGS # We're confident enough in compilers to not run _all_ the tests, # but at least run the unit tests. In particular, runs with # optimizations use inline assembly whereas runs with -O0 @@ -5183,7 +5186,7 @@ component_build_mbedtls_config_file () { msg "build: make with MBEDTLS_CONFIG_FILE" # ~40s scripts/config.py -w full_config.h full echo '#error "MBEDTLS_CONFIG_FILE is not working"' >"$CONFIG_H" - make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'" + make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'" $MAKE_THREADING_FLAGS # Make sure this feature is enabled. We'll disable it in the next phase. programs/test/query_compile_time_config MBEDTLS_NIST_KW_C make clean @@ -5192,7 +5195,7 @@ component_build_mbedtls_config_file () { # In the user config, disable one feature (for simplicity, pick a feature # that nothing else depends on). echo '#undef MBEDTLS_NIST_KW_C' >user_config.h - make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"' -DMBEDTLS_USER_CONFIG_FILE='\"user_config.h\"'" + make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"' -DMBEDTLS_USER_CONFIG_FILE='\"user_config.h\"'" $MAKE_THREADING_FLAGS not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C rm -f user_config.h full_config.h @@ -5251,7 +5254,7 @@ component_test_m32_no_asm () { scripts/config.py unset MBEDTLS_HAVE_ASM scripts/config.py unset MBEDTLS_PADLOCK_C scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" $MAKE_THREADING_FLAGS msg "test: i386, make, gcc, no asm (ASan build)" make test @@ -5269,7 +5272,7 @@ component_test_m32_o2 () { msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s scripts/config.py full scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" $MAKE_THREADING_FLAGS msg "test: i386, make, gcc -O2 (ASan build)" make test @@ -5304,7 +5307,7 @@ support_test_m32_everest () { component_test_mx32 () { msg "build: 64-bit ILP32, make, gcc" # ~ 30s scripts/config.py full - make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32' LDFLAGS='-mx32' + make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32' LDFLAGS='-mx32' $MAKE_THREADING_FLAGS msg "test: 64-bit ILP32, make, gcc" make test @@ -5368,7 +5371,7 @@ component_test_no_udbl_division () { msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s scripts/config.py full scripts/config.py set MBEDTLS_NO_UDBL_DIVISION - make CFLAGS='-Werror -O1' + make CFLAGS='-Werror -O1' $MAKE_THREADING_FLAGS msg "test: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s make test @@ -5378,7 +5381,7 @@ component_test_no_64bit_multiplication () { msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s scripts/config.py full scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION - make CFLAGS='-Werror -O1' + make CFLAGS='-Werror -O1' $MAKE_THREADING_FLAGS msg "test: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s make test @@ -5392,7 +5395,7 @@ component_test_no_strings () { scripts/config.py unset MBEDTLS_ERROR_C scripts/config.py set MBEDTLS_ERROR_STRERROR_DUMMY scripts/config.py unset MBEDTLS_VERSION_FEATURES - make CFLAGS='-Werror -Os' + make CFLAGS='-Werror -Os' $MAKE_THREADING_FLAGS msg "test: no strings" # ~ 10s make test @@ -5403,7 +5406,7 @@ component_test_no_x509_info () { scripts/config.pl full scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests scripts/config.pl set MBEDTLS_X509_REMOVE_INFO - make CFLAGS='-Werror -O2' + make CFLAGS='-Werror -O2' $MAKE_THREADING_FLAGS msg "test: full + MBEDTLS_X509_REMOVE_INFO" # ~ 10s make test @@ -6006,7 +6009,7 @@ component_build_zeroize_checks () { scripts/config.py full # Only compile - we're looking for sizeof-pointer-memaccess warnings - make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess" + make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess" $MAKE_THREADING_FLAGS } From 40f0ec246ea68195e74ffe20c3d8f4c700f732d2 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Mon, 11 Dec 2023 17:40:54 +0000 Subject: [PATCH 1096/1674] Remove requirement for SHA512 from ctr_drbg test Set the entropy len prior to doing the test to ensure the outcome is the same regardless of whether SHA512 or SHA256 is used. Signed-off-by: Paul Elliott --- tests/suites/test_suite_ctr_drbg.data | 4 ++-- tests/suites/test_suite_ctr_drbg.function | 13 ++++++++++--- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data index b519da895..f314ac603 100644 --- a/tests/suites/test_suite_ctr_drbg.data +++ b/tests/suites/test_suite_ctr_drbg.data @@ -1097,11 +1097,11 @@ CTR_DRBG Special Behaviours ctr_drbg_special_behaviours: CTR_DRBG Threads: no reseed -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_ENTROPY_FORCE_SHA256:MBEDTLS_SHA512_C +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_threads:"1fafa98bc83d95e10f2d5ed339a553e1":0:5 CTR_DRBG Threads: reseed -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH:!MBEDTLS_ENTROPY_FORCE_SHA256:MBEDTLS_SHA512_C +depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_threads:"B10A961F2EA39927B4C48AEDDD299026":1:5 CTR_DRBG self test diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index a5a85a0eb..504f28a6e 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -353,6 +353,9 @@ void ctr_drbg_threads(data_t *expected_result, int reseed, int arg_thread_count) const size_t n_random_calls = thread_count * thread_random_reps + 1; + /* Based on the size of MBEDTLS_CTR_DRBG_ENTROPY_LEN for SHA512. */ + const size_t entropy_len = 48; + TEST_CALLOC(threads, sizeof(pthread_t) * thread_count); memset(out, 0, sizeof(out)); @@ -361,14 +364,18 @@ void ctr_drbg_threads(data_t *expected_result, int reseed, int arg_thread_count) test_offset_idx = 0; + /* Need to do this, otherwise if we are forced into using SHA256 for + * whaever reason, output will differ. */ + mbedtls_ctr_drbg_set_entropy_len(&ctx, entropy_len); + if (reseed == 0) { mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_OFF); mbedtls_ctr_drbg_set_reseed_interval(&ctx, n_random_calls + 1); - TEST_CALLOC(entropy, MBEDTLS_CTR_DRBG_ENTROPY_LEN + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN); - test_max_idx = MBEDTLS_CTR_DRBG_ENTROPY_LEN + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN; + TEST_CALLOC(entropy, entropy_len + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN); + test_max_idx = entropy_len + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN; } else { - const size_t entropy_size = ((n_random_calls + 1) * MBEDTLS_CTR_DRBG_ENTROPY_LEN) + const size_t entropy_size = ((n_random_calls + 1) * entropy_len) + MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN; mbedtls_ctr_drbg_set_prediction_resistance(&ctx, MBEDTLS_CTR_DRBG_PR_ON); From 79dc6dad81a897caca0fe24cfce5be81925e48dc Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Mon, 11 Dec 2023 17:52:03 +0000 Subject: [PATCH 1097/1674] Improve make pthread linking mechanism Signed-off-by: Paul Elliott --- programs/Makefile | 2 +- tests/Makefile | 2 +- tests/scripts/all.sh | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/programs/Makefile b/programs/Makefile index a3fa81679..ebdadc056 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -139,7 +139,7 @@ APPS = \ x509/req_app \ # End of APPS -ifdef PTHREAD +ifeq ($(THREADING),pthread) APPS += ssl/ssl_pthread_server endif diff --git a/tests/Makefile b/tests/Makefile index 72429a642..29197b7c7 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -58,7 +58,7 @@ DLEXT ?= so EXEXT= SHARED_SUFFIX= -ifdef PTHREAD +ifeq ($(THREADING),pthread) LOCAL_LDFLAGS += -lpthread endif endif diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 65203e877..933c563d3 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -218,7 +218,7 @@ pre_initialize_variables () { done # Option to enable linking with pthreads under make - MAKE_THREADING_FLAGS="PTHREAD=1" + MAKE_THREADING_FLAGS="THREADING=pthread" } # Test whether the component $1 is included in the command line patterns. From e4b3f75298321d14fc20817ad2817d040788bb3f Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Mon, 11 Dec 2023 17:57:16 +0000 Subject: [PATCH 1098/1674] Remove unnecessary check Signed-off-by: Paul Elliott --- programs/aes/crypt_and_hash.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c index f15b85e2c..b2cd70471 100644 --- a/programs/aes/crypt_and_hash.c +++ b/programs/aes/crypt_and_hash.c @@ -103,14 +103,11 @@ int main(int argc, char *argv[]) list = mbedtls_cipher_list(); while (*list) { cipher_info = mbedtls_cipher_info_from_type(*list); - if (cipher_info) { - const char *name = mbedtls_cipher_info_get_name(cipher_info); + const char *name = mbedtls_cipher_info_get_name(cipher_info); - if (name) { - mbedtls_printf(" %s\n", mbedtls_cipher_info_get_name(cipher_info)); - } + if (name) { + mbedtls_printf(" %s\n", mbedtls_cipher_info_get_name(cipher_info)); } - list++; } From 445af3c25ad86c3ea6dc1a68a1eb5663a7e17a8a Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Mon, 11 Dec 2023 18:05:32 +0000 Subject: [PATCH 1099/1674] Move test dependancies to function file Dependancies are determined by code in this case. Signed-off-by: Paul Elliott --- tests/suites/test_suite_ctr_drbg.data | 1 - tests/suites/test_suite_ctr_drbg.function | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data index f314ac603..028a07f80 100644 --- a/tests/suites/test_suite_ctr_drbg.data +++ b/tests/suites/test_suite_ctr_drbg.data @@ -1097,7 +1097,6 @@ CTR_DRBG Special Behaviours ctr_drbg_special_behaviours: CTR_DRBG Threads: no reseed -depends_on:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH ctr_drbg_threads:"1fafa98bc83d95e10f2d5ed339a553e1":0:5 CTR_DRBG Threads: reseed diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 504f28a6e..c60f8cd65 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -342,7 +342,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_THREADING_PTHREAD */ +/* BEGIN_CASE depends_on:MBEDTLS_THREADING_PTHREAD:!MBEDTLS_CTR_DRBG_USE_128_BIT_KEY:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ void ctr_drbg_threads(data_t *expected_result, int reseed, int arg_thread_count) { size_t thread_count = (size_t) arg_thread_count; From 7e11dd6ec622b3fbb453de927598e24f48fe09f0 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 18 Dec 2023 15:52:44 +0100 Subject: [PATCH 1100/1674] driver-only-builds: add section for accelerated ciphers/AEADs Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 134 +++++++++++++++++++++++++++++-------- 1 file changed, 105 insertions(+), 29 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 2dcfe6797..c2d8f69d1 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -55,7 +55,12 @@ For now, only the following (families of) mechanisms are supported: - hashes: SHA-3, SHA-2, SHA-1, MD5, etc. - elliptic-curve cryptography (ECC): ECDH, ECDSA, EC J-PAKE, ECC key types. - finite-field Diffie-Hellman: FFDH algorithm, DH key types. -- AEADs: GCM, CCM and ChachaPoly +- AEADs: + - GCM and CCM with AES, ARIA and Camellia key types + - ChachaPoly with ChaCha20 Key type +- Ciphers: + - key types: AES, ARIA, Camellia, DES + - modes: ECB, CBC, CTR, CFB, OFB, XTS Supported means that when those are provided only by drivers, everything (including PK, X.509 and TLS if `MBEDTLS_USE_PSA_CRYPTO` is enabled) should @@ -63,9 +68,6 @@ work in the same way as if the mechanisms where built-in, except as documented in the "Limitations" sub-sections of the sections dedicated to each family below. -In the near future (end of 2023), we are planning to also add support for -ciphers (AES, ARIA, Camellia). - Currently (mid-2023) we don't have plans to extend this to RSA. If you're interested in driver-only support for RSA, please let us know. @@ -242,33 +244,107 @@ removing builtin support (i.e. `MBEDTLS_DHM_C`). Support for deterministic derivation of a DH keypair (i.e. `PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE`) is not supported. -AEADs ------ +Ciphers and AEADs +----------------- -[This section might contain incomplete data and it is going to be updated in -#8358, i.e. the wrap-up task for accelerated ciphers and AEADs.] +It is possible to have all ciphers and AEADs operations provided only by a +driver. More precisely, for each desired combination of key type and +algorithm/mode you can: +- enable desired PSA key type(s): + - `PSA_WANT_KEY_TYPE_AES`, + - `PSA_WANT_KEY_TYPE_ARIA`, + - `PSA_WANT_KEY_TYPE_CAMELLIA`, + - `PSA_WANT_KEY_TYPE_CHACHA20`, + - `PSA_WANT_KEY_TYPE_DES`; +- enable desired PSA algorithm(s): + - unauthenticated ciphers modes: + - `PSA_WANT_ALG_CBC_NO_PADDING`, + - `PSA_WANT_ALG_CBC_PKCS7`, + - `PSA_WANT_ALG_CCM_STAR_NO_TAG`, + - `PSA_WANT_ALG_CFB`, + - `PSA_WANT_ALG_CTR`, + - `PSA_WANT_ALG_ECB_NO_PADDING`, + - `PSA_WANT_ALG_OFB`, + - `PSA_WANT_ALG_STREAM_CIPHER`; + - AEADs: + - `PSA_WANT_ALG_CCM`, + - `PSA_WANT_ALG_GCM`, + - `PSA_WANT_ALG_CHACHA20_POLY1305`; +- enable `MBEDTLS_PSA_ACCEL_[KEY_TYPE_xxx|ALG_yyy]` symbol(s) which correspond + to the PSA_WANT_KEY_TYPE_xxx` and `PSA_WANT_ALG_yyy` of the previous steps; +- disable builtin support of key types: + - `MBEDTLS_AES_C`, + - `MBEDTLS_ARIA_C`, + - `MBEDTLS_CAMELLIA_C`, + - `MBEDTLS_DES_C`, + - `MBEDTLS_CHACHA20_C`; + and algorithms/modes: + - `MBEDTLS_CBC_C` + - `MBEDTLS_CFB_C` + - `MBEDTLS_CTR_C` + - `MBEDTLS_OFB_C` + - `MBEDTLS_XTS_C` + - `MBEDTLS_CCM_C` + - `MBEDTLS_GCM_C` + - `MBEDTLS_CHACHAPOLY_C` + - `MBEDTLS_NULL_CIPHER` -It is possible to have all AEADs operations provided only by a driver. +Once a key type and related algorithm are accelerated, all cipher and AEADs +operations of that type requested through the PSA Crypto API are performed by +the driver. Only functions belonging to legacy modules which are disabled won't +be available in this configuration. -More precisely you can: -- enable desired PSA algorithm(s) and key type(s): - - `PSA_WANT_ALG_[CCM|GCM]` with `PSA_WANT_KEY_TYPE_[AES|ARIA|CAMELLIA]` - - `PSA_WANT_ALG_CHACHA20_POLY1305` with `PSA_WANT_KEY_TYPE_CHACHA20`; -- enable `MBEDTLS_PSA_ACCEL_xxx` symbol(s) which correspond to the - `PSA_WANT_xxx` of the previous step (both for algorithms and key types); -- disable builtin support of `MBEDTLS_[CCM|GCM|CHACHAPOLY|POLY1305]_C` - algorithms and key types `MBEDTLS_[AES|ARIA|CAMELLIA|CHACHA20]_C` for AEADs - which are accelerated. +### Legacy <-> PSA matching + +It should be noticed that the matching between legacy (i.e. `MBEDTLS_xxx_C`) +and PSA (i.e. `PSA_WANT_xxx`) symbols is not always 1:1. For example: +- ECB mode is always enabled in legacy configuration for each key type that + allows it (AES, ARIA, Camellia, DES), whereas it must be explicitly enabled + in PSA with `PSA_WANT_ALG_ECB`; +- similarly for stream ciphers, it is automatically enabled for key types that + support it (`CHACHA20_C` and `NULL_CIPHER`) whereas it must be explicitly + enabled in PSA with `PSA_WANT_ALG_STREAM_CIPHER`; +- legacy symbol `MBEDTLS_CCM_C` adds support for both cipher and AEAD, whereas + in PSA there are 2 different symbols: `PSA_WANT_ALG_CCM_STAR_NO_TAG` and + `PSA_WANT_ALG_CCM`, respectively. + +### Partial acceleration for CCM/GCM + +[This section depends on #8598 so it might updated while that PR progresses.] + +In case legacy CCM/GCM algorithms are enabled it is still possible to benefit +from PSA acceleration by enabling support for ECB mode +(`PSA_WANT_ALG_ECB_NO_PADDING`) together with desired key type(s) +(`PSA_WANT_KEY_TYPE_[AES|ARIA|CAMELLIA]`). In such configuration it is possible +to: +- still benefit from legacy functions belonging to CCM/GCM modules + (`mbedtls_[ccm|gcm]_xxx()`), +- disable legacy key types (`MBEDTLS_[AES|ARIA|CAMELLIA]_C`) if there is no + other dependency requiring them, of course. + +ChaChaPoly has not such feature, so it requires full acceleration (key type + +algorithm) in order to work with a driver. + +### CTR-DRBG + +Legacy CTR-DRBG module (enabled by `MBEDTLS_CTR_DRBG_C`) can also benefit from +PSA acceleration when: +- legacy AES module is not enabled (`MBEDTLS_AES_C`) and +- AES is supported on PSA side together with ECB mode, i.e. + `PSA_WANT_KEY_TYPE_AES` + `PSA_WANT_ALG_ECB_NO_PADDING`. + +### Disabling CIPHER_C + +This is possible when: + +- all ciphers and AEADs are accelerated; +- no legacy module, either cipher or AEAD, is enabled. The only exception being + CCM/GCM when key types are accelerated, as described in section + [Partial acceleration for CCM/GCM](#partial-acceleration-for-CCM/GCM). + +It should be noticed that disabling `MBEDTLS_CIPHER_C` helps in reducing code's +footprint, but unfortunately it makes the following modules unavailable: +- `MBEDTLS_PKCS[5|12]_C`, +- `MBEDTLS_NIST_KW_C`. -In a build in which all AEADs algorithms and related key types are accelerated -all AEADs operations requested through the PSA Crypto API (including those in -TLS and X.509) will be performed by the driver. -Moreover if no unauthenticated cipher is required, it is also possible to -disable all built-in block cipher's key types -(i.e. `MBEDTLS_[AES|ARIA|CAMELLIA|CHACHA20]_C`) and `MBEDTLS_CIPHER_C`. This -helps in further reducing code's footprint, but unfortunately it makes the -following modules unavailable: -- `MBEDTLS_PKCS[5|12]_C` -- `MBEDTLS_CTR_DRBG_C` -- `MBEDTLS_NIST_KW_C` From 22dbaf05b6ce1189d1af58bbd144406d827fc813 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Mon, 18 Dec 2023 18:18:04 +0000 Subject: [PATCH 1101/1674] Add AES_PSA_INIT() to thread test case Tests were failing when PSA was being used in ctr_drbg_seed() as PSA was not initialised. Signed-off-by: Paul Elliott --- tests/suites/test_suite_ctr_drbg.function | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index c60f8cd65..1f0a072c7 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -356,6 +356,8 @@ void ctr_drbg_threads(data_t *expected_result, int reseed, int arg_thread_count) /* Based on the size of MBEDTLS_CTR_DRBG_ENTROPY_LEN for SHA512. */ const size_t entropy_len = 48; + AES_PSA_INIT(); + TEST_CALLOC(threads, sizeof(pthread_t) * thread_count); memset(out, 0, sizeof(out)); @@ -408,6 +410,8 @@ exit: mbedtls_ctr_drbg_free(&ctx); mbedtls_free(entropy); mbedtls_free(threads); + + AES_PSA_DONE(); } /* END_CASE */ From 66cbc838444b583d3128fdccccf4815656c8a88a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 18 Dec 2023 18:34:50 +0000 Subject: [PATCH 1102/1674] Use clang by default Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 40a8fe0bf..1b9040b5f 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -189,6 +189,10 @@ pre_initialize_variables () { if [ -z "${MAKEFLAGS+set}" ]; then export MAKEFLAGS="-j$(all_sh_nproc)" fi + # if CC is not set, use clang by default to improve build times + if [ -z "${CC+set}" ]; then + export CC="clang" + fi # Include more verbose output for failing tests run by CMake or make export CTEST_OUTPUT_ON_FAILURE=1 From 0c5bfe816f807d40a1bc12cecf4befadebb2d85b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 18 Dec 2023 19:53:25 +0000 Subject: [PATCH 1103/1674] Ensure clang is present Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1b9040b5f..fe3f59466 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -189,9 +189,9 @@ pre_initialize_variables () { if [ -z "${MAKEFLAGS+set}" ]; then export MAKEFLAGS="-j$(all_sh_nproc)" fi - # if CC is not set, use clang by default to improve build times - if [ -z "${CC+set}" ]; then - export CC="clang" + # if CC is not set, use clang by default (if present) to improve build times + if [ -z "${CC+set}" ] && (type clang > /dev/null 2>&1); then + export CC=$(type -p clang) fi # Include more verbose output for failing tests run by CMake or make From 9deb54900eb5d9f21724f9f016bba1b87e7f143c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 18 Dec 2023 21:01:18 +0100 Subject: [PATCH 1104/1674] Document the domain_parameters_size==SIZE_MAX hack It was introduced in https://github.com/Mbed-TLS/mbedtls/pull/8616 but not documented. Signed-off-by: Gilles Peskine --- include/psa/crypto_struct.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 5639ad05d..1eb2463ce 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -254,6 +254,18 @@ struct psa_key_attributes_s { #if defined(MBEDTLS_PSA_CRYPTO_SE_C) psa_key_slot_number_t MBEDTLS_PRIVATE(slot_number); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + /* Unlike normal buffers, there are three cases for domain_parameters + * and domain_parameters_size: + * - domain_parameters_size == SIZE_MAX && domain_parameters == NULL: + * Access to domain parameters is not supported for this key. + * This is a hack which should not exist, intended for keys managed + * by a driver that doesn't support domain parameters. + * - domain_parameters_size == 0 && domain_parameters == NULL: + * The domain parameters are empty. + * - domain_parameters_size > 0 && + * domain_parameters == valid pointer to domain_parameters_size bytes: + * The domain parameters are non-empty. + */ void *MBEDTLS_PRIVATE(domain_parameters); size_t MBEDTLS_PRIVATE(domain_parameters_size); }; From 932ce859d5853c499f92487dc89ffd08708d7243 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 18 Dec 2023 19:55:40 +0000 Subject: [PATCH 1105/1674] Ensure test_psa_compliance uses gcc Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index fe3f59466..d0c59ffae 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -6030,8 +6030,9 @@ component_test_zeroize () { } component_test_psa_compliance () { + # The arch tests build with gcc, so require use of gcc here to link properly msg "build: make, default config (out-of-box), libmbedcrypto.a only" - make -C library libmbedcrypto.a + CC=gcc make -C library libmbedcrypto.a msg "unit test: test_psa_compliance.py" ./tests/scripts/test_psa_compliance.py From d0a594d4446ac8436249b42ebde20a2aec910b1d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 18 Dec 2023 22:29:56 +0000 Subject: [PATCH 1106/1674] Use gcc in test_psa_compliance Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index d0c59ffae..67b205679 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -6035,7 +6035,7 @@ component_test_psa_compliance () { CC=gcc make -C library libmbedcrypto.a msg "unit test: test_psa_compliance.py" - ./tests/scripts/test_psa_compliance.py + CC=gcc ./tests/scripts/test_psa_compliance.py } support_test_psa_compliance () { From 4bb5740a7d0a5518de23635484847928e09600a7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 4 Dec 2023 16:11:59 +0100 Subject: [PATCH 1107/1674] Revert "pem: auto add newlines to header/footer in mbedtls_pem_write_buffer()" This reverts commit 180915018dd04f6ad66faa3e9fc66813a221643d. Signed-off-by: Valerio Setti --- include/mbedtls/pem.h | 3 --- library/pem.c | 7 +------ library/x509write_crt.c | 4 ++-- library/x509write_csr.c | 4 ++-- tests/suites/test_suite_pem.data | 12 ++++++------ tests/suites/test_suite_pem.function | 6 +++--- 6 files changed, 14 insertions(+), 22 deletions(-) diff --git a/include/mbedtls/pem.h b/include/mbedtls/pem.h index 2fe19d026..cc617a9bc 100644 --- a/include/mbedtls/pem.h +++ b/include/mbedtls/pem.h @@ -135,9 +135,6 @@ void mbedtls_pem_free(mbedtls_pem_context *ctx); * \param olen The address at which to store the total length written * or required (if \p buf_len is not enough). * - * \note Newlines are automatically appended to both header and - * footer. - * * \note You may pass \c NULL for \p buf and \c 0 for \p buf_len * to request the length of the resulting PEM buffer in * `*olen`. diff --git a/library/pem.c b/library/pem.c index 7c0c447ee..9500ffcf7 100644 --- a/library/pem.c +++ b/library/pem.c @@ -473,10 +473,7 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer, size_t len = 0, use_len, add_len = 0; mbedtls_base64_encode(NULL, 0, &use_len, der_data, der_len); - /* Newlines are appended to the end of both header and footer, so we - * account for an extra +2. */ - add_len = strlen(header) + strlen(footer) + 2 + \ - (((use_len > 2) ? (use_len - 2) : 0) / 64) + 1; + add_len = strlen(header) + strlen(footer) + (((use_len > 2) ? (use_len - 2) : 0) / 64) + 1; if (use_len + add_len > buf_len) { *olen = use_len + add_len; @@ -496,7 +493,6 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer, memcpy(p, header, strlen(header)); p += strlen(header); - *p++ = '\n'; c = encode_buf; while (use_len) { @@ -510,7 +506,6 @@ int mbedtls_pem_write_buffer(const char *header, const char *footer, memcpy(p, footer, strlen(footer)); p += strlen(footer); - *p++ = '\n'; *p++ = '\0'; *olen = p - buf; diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 8d920f267..4c019eee4 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -651,8 +651,8 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx, return (int) len; } -#define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----" -#define PEM_END_CRT "-----END CERTIFICATE-----" +#define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n" +#define PEM_END_CRT "-----END CERTIFICATE-----\n" #if defined(MBEDTLS_PEM_WRITE_C) int mbedtls_x509write_crt_pem(mbedtls_x509write_cert *crt, diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 5ee683ff1..4e397553a 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -302,8 +302,8 @@ int mbedtls_x509write_csr_der(mbedtls_x509write_csr *ctx, unsigned char *buf, return ret; } -#define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----" -#define PEM_END_CSR "-----END CERTIFICATE REQUEST-----" +#define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n" +#define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n" #if defined(MBEDTLS_PEM_WRITE_C) int mbedtls_x509write_csr_pem(mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, diff --git a/tests/suites/test_suite_pem.data b/tests/suites/test_suite_pem.data index 238a0bc04..a4dff45f0 100644 --- a/tests/suites/test_suite_pem.data +++ b/tests/suites/test_suite_pem.data @@ -1,20 +1,20 @@ Standard PEM write -mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n" PEM write (zero data) -mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"":"-----START TEST-----\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"":"-----START TEST-----\n-----END TEST-----\n" PEM write (one byte) -mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"00":"-----START TEST-----\nAA==\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"00":"-----START TEST-----\nAA==\n-----END TEST-----\n" PEM write (more than line size) -mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8=\n-----END TEST-----\n" PEM write (exactly two lines) -mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\n-----END TEST-----\n" PEM write (exactly two lines + 1) -mbedtls_pem_write_buffer:"-----START TEST-----":"-----END TEST-----":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n" +mbedtls_pem_write_buffer:"-----START TEST-----\n":"-----END TEST-----\n":"000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F00":"-----START TEST-----\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAAECAwQFBgcICQoLDA0ODwABAgMEBQYHCAkKCwwNDg8AAQIDBAUGBwgJCgsMDQ4P\nAA==\n-----END TEST-----\n" PEM write length reporting mbedtls_pem_write_buffer_lengths diff --git a/tests/suites/test_suite_pem.function b/tests/suites/test_suite_pem.function index cb652d458..413dc551c 100644 --- a/tests/suites/test_suite_pem.function +++ b/tests/suites/test_suite_pem.function @@ -40,17 +40,17 @@ void mbedtls_pem_write_buffer_lengths() size_t olen_needed, olen; int ret; for (size_t l = 0; l <= sizeof(data); l++) { - ret = mbedtls_pem_write_buffer("", "", data, l, NULL, 0, &olen_needed); + ret = mbedtls_pem_write_buffer("\n", "\n", data, l, NULL, 0, &olen_needed); TEST_EQUAL(ret, MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL); /* Test that a bigger buffer still only requires `olen_needed` */ - ret = mbedtls_pem_write_buffer("", "", data, l, buf, sizeof(buf), &olen); + ret = mbedtls_pem_write_buffer("\n", "\n", data, l, buf, sizeof(buf), &olen); TEST_EQUAL(ret, 0); TEST_EQUAL(olen_needed, olen); /* Test that a buffer of exactly `olen_needed` works */ memset(buf, 1, sizeof(buf)); - ret = mbedtls_pem_write_buffer("", "", data, l, buf, olen_needed, &olen); + ret = mbedtls_pem_write_buffer("\n", "\n", data, l, buf, olen_needed, &olen); TEST_EQUAL(ret, 0); TEST_EQUAL(olen_needed, olen); /* Test the function didn't overflow the given buffer */ From 7f062a58fb3a3aa4803d922576c0f1da17adc0ea Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 4 Dec 2023 16:29:56 +0100 Subject: [PATCH 1108/1674] pkwrite: add newlines when calling mbedtls_pem_write_buffer() New defines, which are shared with the pkparse module, lack the new line so we manually add it when invoking mbedtls_pem_write_buffer(). Signed-off-by: Valerio Setti --- library/pkwrite.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index bd592f4f6..1f0d3990e 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -683,7 +683,7 @@ int mbedtls_pk_write_pubkey_pem(const mbedtls_pk_context *key, unsigned char *bu goto cleanup; } - if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY, + if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_PUBLIC_KEY "\n", PEM_END_PUBLIC_KEY "\n", output_buf + PUB_DER_MAX_BYTES - ret, ret, buf, size, &olen)) != 0) { goto cleanup; @@ -712,18 +712,18 @@ int mbedtls_pk_write_key_pem(const mbedtls_pk_context *key, unsigned char *buf, #if defined(MBEDTLS_RSA_C) if (pk_get_type_ext(key) == MBEDTLS_PK_RSA) { - begin = PEM_BEGIN_PRIVATE_KEY_RSA; - end = PEM_END_PRIVATE_KEY_RSA; + begin = PEM_BEGIN_PRIVATE_KEY_RSA "\n"; + end = PEM_END_PRIVATE_KEY_RSA "\n"; } else #endif #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) if (pk_get_type_ext(key) == MBEDTLS_PK_ECKEY) { if (mbedtls_pk_is_rfc8410(key)) { - begin = PEM_BEGIN_PRIVATE_KEY_PKCS8; - end = PEM_END_PRIVATE_KEY_PKCS8; + begin = PEM_BEGIN_PRIVATE_KEY_PKCS8 "\n"; + end = PEM_END_PRIVATE_KEY_PKCS8 "\n"; } else { - begin = PEM_BEGIN_PRIVATE_KEY_EC; - end = PEM_END_PRIVATE_KEY_EC; + begin = PEM_BEGIN_PRIVATE_KEY_EC "\n"; + end = PEM_END_PRIVATE_KEY_EC "\n"; } } else #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ From 70f05bedd6b77d99b1ac6b5c510f061c1299adec Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 18 Dec 2023 16:15:44 +0100 Subject: [PATCH 1109/1674] changelog: add changelog for accelerated ciphers and AEADs Signed-off-by: Valerio Setti --- ChangeLog.d/8358.txt | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 ChangeLog.d/8358.txt diff --git a/ChangeLog.d/8358.txt b/ChangeLog.d/8358.txt new file mode 100644 index 000000000..d4c847c82 --- /dev/null +++ b/ChangeLog.d/8358.txt @@ -0,0 +1,9 @@ +Features + * It is now possible to accelerate all ciphers and AEADs through a driver, + while completely removing legacy support and MBEDTLS_CIPHER_C, and still + get full functionality. Only unsupported features that still depend on + MBEDTLS_CIPHER_C are: MBEDTLS_PKCS[5|12]_C and MBEDTLS_NIST_KW_C. + * CTR-DRBG module can now take advantage of PSA driver. Legacy + MBEDTLS_AES_C is still the preferred solution, but when it's not available + it can rely on PSA if PSA_WANT_KEY_TYPE_AES and PSA_WANT_ALG_ECB_NO_PADDING + are defined. From 9da01a7f5358229fbe8bacb0731439ab03a66407 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 18 Dec 2023 17:38:18 +0100 Subject: [PATCH 1110/1674] all.sh: rename test_psa_crypto_config_accel_cipher to accel_des Renaming this test component in order to better explain what it really does. Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 10a76ec18..bdf46a3ed 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3643,13 +3643,20 @@ component_test_psa_crypto_config_reference_hash_use_psa() { tests/ssl-opt.sh } -component_test_psa_crypto_config_accel_cipher () { +component_test_psa_crypto_config_accel_des () { msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher" + # Albeit this components aims at accelerating DES which should only support + # CBC and ECB modes, we need to accelerate more than that otherwise DES_C + # would automatically be re-enabled by "config_adjust_legacy_from_psa.c" loc_accel_list="ALG_ECB_NO_PADDING ALG_CBC_NO_PADDING ALG_CBC_PKCS7 \ ALG_CTR ALG_CFB ALG_OFB ALG_XTS ALG_CMAC \ KEY_TYPE_DES" + # Note: we cannot accelerate all ciphers' key types otherwise we would also + # have to either disable CCM/GCM or accelerate them, but that's out of scope + # of this component. This limitation will be addressed by #8598. + # Configure # --------- From 5ad95393636cf06627eecef9effd397f9e39e376 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Dec 2023 12:22:46 +0100 Subject: [PATCH 1111/1674] Remove DSA and DH domain parameters from the documentation Mbed TLS doesn't support DSA at all, and doesn't support domain parameters for FFDH (only predefined groups). Signed-off-by: Gilles Peskine --- include/psa/crypto_extra.h | 27 +-------------------------- 1 file changed, 1 insertion(+), 26 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index f7207a1be..f39d1eb0b 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -428,6 +428,7 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * of psa_set_key_type() when you need to specify domain parameters. * * The format for the required domain parameters varies based on the key type. + * Mbed TLS supports the following key type with domain parameters: * * - For RSA keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY or #PSA_KEY_TYPE_RSA_KEY_PAIR), * the domain parameter data consists of the public exponent, @@ -437,32 +438,6 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * key data and the exponent recorded in the attribute structure is ignored. * As an exception, the public exponent 65537 is represented by an empty * byte string. - * - For DSA keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY or #PSA_KEY_TYPE_DSA_KEY_PAIR), - * the `Dss-Params` format as defined by RFC 3279 §2.3.2. - * ``` - * Dss-Params ::= SEQUENCE { - * p INTEGER, - * q INTEGER, - * g INTEGER - * } - * ``` - * - For Diffie-Hellman key exchange keys - * (#PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_FAMILY_CUSTOM) or - * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_FAMILY_CUSTOM)), the - * `DomainParameters` format as defined by RFC 3279 §2.3.3. - * ``` - * DomainParameters ::= SEQUENCE { - * p INTEGER, -- odd prime, p=jq +1 - * g INTEGER, -- generator, g - * q INTEGER, -- factor of p-1 - * j INTEGER OPTIONAL, -- subgroup factor - * validationParams ValidationParams OPTIONAL - * } - * ValidationParams ::= SEQUENCE { - * seed BIT STRING, - * pgenCounter INTEGER - * } - * ``` * * \note This function may allocate memory or other resources. * Once you have called this function on an attribute structure, From 1a9e05bf080e9ce770fd56ba88c25c52b4c38498 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 19 Dec 2023 12:23:22 +0100 Subject: [PATCH 1112/1674] Note that domain parameters are not supported with drivers Signed-off-by: Gilles Peskine --- include/psa/crypto_extra.h | 8 ++++++++ include/psa/crypto_struct.h | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index f39d1eb0b..f132f7ed9 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -446,6 +446,9 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * \note This is an experimental extension to the interface. It may change * in future versions of the library. * + * \note Due to an implementation limitation, domain parameters are ignored + * for keys that are managed by a driver. + * * \param[in,out] attributes Attribute structure where the specified domain * parameters will be stored. * If this function fails, the content of @@ -476,6 +479,9 @@ psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, * \note This is an experimental extension to the interface. It may change * in future versions of the library. * + * \note Due to an implementation limitation, domain parameters are not + * supported with keys that are managed by a driver. + * * \param[in] attributes The key attribute structure to query. * \param[out] data On success, the key domain parameters. * \param data_size Size of the \p data buffer in bytes. @@ -488,6 +494,8 @@ psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes, * * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_BUFFER_TOO_SMALL \emptydescription + * \retval #PSA_ERROR_NOT_SUPPORTED + * The key is managed by a driver. */ psa_status_t psa_get_key_domain_parameters( const psa_key_attributes_t *attributes, diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 1eb2463ce..5e52ffde0 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -259,7 +259,7 @@ struct psa_key_attributes_s { * - domain_parameters_size == SIZE_MAX && domain_parameters == NULL: * Access to domain parameters is not supported for this key. * This is a hack which should not exist, intended for keys managed - * by a driver that doesn't support domain parameters. + * by a driver, because drivers don't support domain parameters. * - domain_parameters_size == 0 && domain_parameters == NULL: * The domain parameters are empty. * - domain_parameters_size > 0 && From 590519f5356d0ceaa4e4504c0c65848eb12cdbcc Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 19 Dec 2023 11:33:55 +0000 Subject: [PATCH 1113/1674] Enable -O2 in depends.py Signed-off-by: Dave Rodgman --- tests/scripts/depends.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index 38c184a6a..1a8453103 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -381,7 +381,7 @@ class DomainData: def __init__(self, options, conf): """Gather data about the library and establish a list of domains to test.""" - build_command = [options.make_command, 'CFLAGS=-Werror'] + build_command = [options.make_command, 'CFLAGS=-Werror -O2'] build_and_test = [build_command, [options.make_command, 'test']] self.all_config_symbols = set(conf.settings.keys()) # Find hash modules by name. From dfe5ce81ee18e34e3ec5f42296305c301ebd4f14 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 19 Dec 2023 11:47:18 +0000 Subject: [PATCH 1114/1674] Use clang -O2 in common_block_cipher_no_decrypt Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 67b205679..b9c45261c 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4922,7 +4922,7 @@ helper_block_cipher_no_decrypt_build_test () { msg "build: default config + BLOCK_CIPHER_NO_DECRYPT${set_opts:+ + $set_opts}${unset_opts:+ - $unset_opts} with $cflags${ldflags:+, $ldflags}" make clean - make CC=gcc CFLAGS="$cflags" LDFLAGS="$ldflags" + make CFLAGS="-O2 $cflags" LDFLAGS="$ldflags" # Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA not grep mbedtls_aes_setkey_dec library/aes.o From ea03ef9a77bfd645d79909f7f1c17a4d77d7dd77 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 19 Dec 2023 12:19:59 +0000 Subject: [PATCH 1115/1674] Don't specify gcc unless the test requires it Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b9c45261c..242df5288 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2168,7 +2168,7 @@ component_test_default_no_deprecated () { # configuration leaves something consistent. msg "build: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 30s scripts/config.py set MBEDTLS_DEPRECATED_REMOVED - make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' + make CFLAGS='-O -Werror -Wall -Wextra' msg "test: make, default + MBEDTLS_DEPRECATED_REMOVED" # ~ 5s make test @@ -2177,7 +2177,7 @@ component_test_default_no_deprecated () { component_test_full_no_deprecated () { msg "build: make, full_no_deprecated config" # ~ 30s scripts/config.py full_no_deprecated - make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' + make CFLAGS='-O -Werror -Wall -Wextra' msg "test: make, full_no_deprecated config" # ~ 5s make test @@ -2194,7 +2194,7 @@ component_test_full_no_deprecated_deprecated_warning () { scripts/config.py full_no_deprecated scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED scripts/config.py set MBEDTLS_DEPRECATED_WARNING - make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' + make CFLAGS='-O -Werror -Wall -Wextra' msg "test: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s make test @@ -2207,14 +2207,14 @@ component_test_full_deprecated_warning () { scripts/config.py full scripts/config.py set MBEDTLS_DEPRECATED_WARNING # Expect warnings from '#warning' directives in check_config.h. - make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=cpp' lib programs + make CFLAGS='-O -Werror -Wall -Wextra -Wno-error=cpp' lib programs msg "build: make tests, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s # Set MBEDTLS_TEST_DEPRECATED to enable tests for deprecated features. # By default those are disabled when MBEDTLS_DEPRECATED_WARNING is set. # Expect warnings from '#warning' directives in check_config.h and # from the use of deprecated functions in test suites. - make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests + make CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s make test @@ -2377,7 +2377,7 @@ component_build_no_pk_rsa_alt_support () { scripts/config.py set MBEDTLS_X509_CRT_WRITE_C # Only compile - this is primarily to test for compile issues - make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' + make CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' } component_build_module_alt () { @@ -2410,7 +2410,7 @@ component_build_module_alt () { # We can only compile, not link, since we don't have any implementations # suitable for testing with the dummy alt headers. - make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib + make CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib } component_build_dhm_alt () { @@ -2421,7 +2421,7 @@ component_build_dhm_alt () { scripts/config.py unset MBEDTLS_DEBUG_C # We can only compile, not link, since we don't have any implementations # suitable for testing with the dummy alt headers. - make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib + make CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib } component_test_no_use_psa_crypto_full_cmake_asan() { @@ -3860,7 +3860,7 @@ component_test_ccm_aes_sha256() { cp "$CONFIG_TEST_DRIVER_H" "$CONFIG_H" cp configs/crypto-config-ccm-aes-sha256.h "$CRYPTO_CONFIG_H" - make CC=gcc + make msg "test: CCM + AES + SHA256 configuration" make test @@ -4324,7 +4324,7 @@ component_test_memory_buffer_allocator_backtrace () { scripts/config.py set MBEDTLS_PLATFORM_MEMORY scripts/config.py set MBEDTLS_MEMORY_BACKTRACE scripts/config.py set MBEDTLS_MEMORY_DEBUG - CC=gcc cmake -DCMAKE_BUILD_TYPE:String=Release . + cmake -DCMAKE_BUILD_TYPE:String=Release . make msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE" @@ -4335,7 +4335,7 @@ component_test_memory_buffer_allocator () { msg "build: default config with memory buffer allocator" scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C scripts/config.py set MBEDTLS_PLATFORM_MEMORY - CC=gcc cmake -DCMAKE_BUILD_TYPE:String=Release . + cmake -DCMAKE_BUILD_TYPE:String=Release . make msg "test: MBEDTLS_MEMORY_BUFFER_ALLOC_C" @@ -4431,7 +4431,7 @@ component_test_ssl_alloc_buffer_and_mfl () { scripts/config.py set MBEDTLS_MEMORY_DEBUG scripts/config.py set MBEDTLS_SSL_MAX_FRAGMENT_LENGTH scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH - CC=gcc cmake -DCMAKE_BUILD_TYPE:String=Release . + cmake -DCMAKE_BUILD_TYPE:String=Release . make msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH, MBEDTLS_MEMORY_BUFFER_ALLOC_C, MBEDTLS_MEMORY_DEBUG and MBEDTLS_SSL_MAX_FRAGMENT_LENGTH" @@ -4458,7 +4458,7 @@ component_test_when_no_ciphersuites_have_mac () { component_test_no_date_time () { msg "build: default config without MBEDTLS_HAVE_TIME_DATE" scripts/config.py unset MBEDTLS_HAVE_TIME_DATE - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Check . + cmake -D CMAKE_BUILD_TYPE:String=Check . make msg "test: !MBEDTLS_HAVE_TIME_DATE - main suites" @@ -4824,7 +4824,7 @@ component_test_aes_only_128_bit_keys () { scripts/config.py set MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH scripts/config.py unset MBEDTLS_PADLOCK_C - make CC=gcc CFLAGS='-Werror -Wall -Wextra' + make CFLAGS='-Werror -Wall -Wextra' msg "test: default config + AES_ONLY_128_BIT_KEY_LENGTH" make test @@ -4849,7 +4849,7 @@ component_test_aes_only_128_bit_keys_have_builtins () { scripts/config.py unset MBEDTLS_AESNI_C scripts/config.py unset MBEDTLS_AESCE_C - make CC=gcc CFLAGS='-Werror -Wall -Wextra' + make CFLAGS='-Werror -Wall -Wextra' msg "test: default config + AES_ONLY_128_BIT_KEY_LENGTH - AESNI_C - AESCE_C" make test @@ -4861,7 +4861,7 @@ component_test_aes_only_128_bit_keys_have_builtins () { component_test_aes_fewer_tables () { msg "build: default config with AES_FEWER_TABLES enabled" scripts/config.py set MBEDTLS_AES_FEWER_TABLES - make CC=gcc CFLAGS='-Werror -Wall -Wextra' + make CFLAGS='-Werror -Wall -Wextra' msg "test: AES_FEWER_TABLES" make test @@ -4870,7 +4870,7 @@ component_test_aes_fewer_tables () { component_test_aes_rom_tables () { msg "build: default config with AES_ROM_TABLES enabled" scripts/config.py set MBEDTLS_AES_ROM_TABLES - make CC=gcc CFLAGS='-Werror -Wall -Wextra' + make CFLAGS='-Werror -Wall -Wextra' msg "test: AES_ROM_TABLES" make test @@ -4880,7 +4880,7 @@ component_test_aes_fewer_tables_and_rom_tables () { msg "build: default config with AES_ROM_TABLES and AES_FEWER_TABLES enabled" scripts/config.py set MBEDTLS_AES_FEWER_TABLES scripts/config.py set MBEDTLS_AES_ROM_TABLES - make CC=gcc CFLAGS='-Werror -Wall -Wextra' + make CFLAGS='-Werror -Wall -Wextra' msg "test: AES_FEWER_TABLES + AES_ROM_TABLES" make test @@ -5997,7 +5997,7 @@ component_build_zeroize_checks () { scripts/config.py full # Only compile - we're looking for sizeof-pointer-memaccess warnings - make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess" + make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess" } From d8d6451a6e372a29b3d7900fe5668efbe9e3c2de Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 19 Dec 2023 12:20:21 +0000 Subject: [PATCH 1116/1674] Add -O2 to some CFLAGS which were not setting it Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 242df5288..f6a0f1033 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4824,7 +4824,7 @@ component_test_aes_only_128_bit_keys () { scripts/config.py set MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH scripts/config.py unset MBEDTLS_PADLOCK_C - make CFLAGS='-Werror -Wall -Wextra' + make CFLAGS='-O2 -Werror -Wall -Wextra' msg "test: default config + AES_ONLY_128_BIT_KEY_LENGTH" make test @@ -4849,7 +4849,7 @@ component_test_aes_only_128_bit_keys_have_builtins () { scripts/config.py unset MBEDTLS_AESNI_C scripts/config.py unset MBEDTLS_AESCE_C - make CFLAGS='-Werror -Wall -Wextra' + make CFLAGS='-O2 -Werror -Wall -Wextra' msg "test: default config + AES_ONLY_128_BIT_KEY_LENGTH - AESNI_C - AESCE_C" make test @@ -4861,7 +4861,7 @@ component_test_aes_only_128_bit_keys_have_builtins () { component_test_aes_fewer_tables () { msg "build: default config with AES_FEWER_TABLES enabled" scripts/config.py set MBEDTLS_AES_FEWER_TABLES - make CFLAGS='-Werror -Wall -Wextra' + make CFLAGS='-O2 -Werror -Wall -Wextra' msg "test: AES_FEWER_TABLES" make test @@ -4870,7 +4870,7 @@ component_test_aes_fewer_tables () { component_test_aes_rom_tables () { msg "build: default config with AES_ROM_TABLES enabled" scripts/config.py set MBEDTLS_AES_ROM_TABLES - make CFLAGS='-Werror -Wall -Wextra' + make CFLAGS='-O2 -Werror -Wall -Wextra' msg "test: AES_ROM_TABLES" make test @@ -4880,7 +4880,7 @@ component_test_aes_fewer_tables_and_rom_tables () { msg "build: default config with AES_ROM_TABLES and AES_FEWER_TABLES enabled" scripts/config.py set MBEDTLS_AES_FEWER_TABLES scripts/config.py set MBEDTLS_AES_ROM_TABLES - make CFLAGS='-Werror -Wall -Wextra' + make CFLAGS='-O2 -Werror -Wall -Wextra' msg "test: AES_FEWER_TABLES + AES_ROM_TABLES" make test @@ -5295,7 +5295,7 @@ support_test_m32_everest () { component_test_mx32 () { msg "build: 64-bit ILP32, make, gcc" # ~ 30s scripts/config.py full - make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32' LDFLAGS='-mx32' + make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -mx32' LDFLAGS='-mx32' msg "test: 64-bit ILP32, make, gcc" make test @@ -5323,7 +5323,7 @@ component_test_have_int32 () { scripts/config.py unset MBEDTLS_AESNI_C scripts/config.py unset MBEDTLS_PADLOCK_C scripts/config.py unset MBEDTLS_AESCE_C - make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32' + make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -DMBEDTLS_HAVE_INT32' msg "test: gcc, force 32-bit bignum limbs" make test @@ -5335,7 +5335,7 @@ component_test_have_int64 () { scripts/config.py unset MBEDTLS_AESNI_C scripts/config.py unset MBEDTLS_PADLOCK_C scripts/config.py unset MBEDTLS_AESCE_C - make CC=gcc CFLAGS='-Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64' + make CC=gcc CFLAGS='-O2 -Werror -Wall -Wextra -DMBEDTLS_HAVE_INT64' msg "test: gcc, force 64-bit bignum limbs" make test From d47186d6e3b9ce9d774d032d9a2db125a335525e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 19 Dec 2023 13:11:08 +0000 Subject: [PATCH 1117/1674] Disable automatic setting of clang target flags on old clang Old versions of clang don't support this pragma, so we have to assume that the user will have set the flags. Signed-off-by: Dave Rodgman --- library/aesni.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/aesni.c b/library/aesni.c index 9da9f1b9a..8e5bd55ab 100644 --- a/library/aesni.c +++ b/library/aesni.c @@ -36,7 +36,7 @@ #pragma GCC push_options #pragma GCC target ("pclmul,sse2,aes") #define MBEDTLS_POP_TARGET_PRAGMA -#elif defined(__clang__) +#elif defined(__clang__) && (__clang_major__ >= 5) #pragma clang attribute push (__attribute__((target("pclmul,sse2,aes"))), apply_to=function) #define MBEDTLS_POP_TARGET_PRAGMA #endif From bc8e61d962b5a8cca65d6c29359ac4fadd8d07c1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 19 Dec 2023 14:07:15 +0000 Subject: [PATCH 1118/1674] Use gcc in test_full_deprecated_warning Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f6a0f1033..5fbb7a355 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2207,14 +2207,16 @@ component_test_full_deprecated_warning () { scripts/config.py full scripts/config.py set MBEDTLS_DEPRECATED_WARNING # Expect warnings from '#warning' directives in check_config.h. - make CFLAGS='-O -Werror -Wall -Wextra -Wno-error=cpp' lib programs + # Note that gcc is required to allow the use of -Wno-error=cpp, which allows us to + # display #warning messages without them being treated as errors. + make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=cpp' lib programs msg "build: make tests, full config + MBEDTLS_DEPRECATED_WARNING, expect warnings" # ~ 30s # Set MBEDTLS_TEST_DEPRECATED to enable tests for deprecated features. # By default those are disabled when MBEDTLS_DEPRECATED_WARNING is set. # Expect warnings from '#warning' directives in check_config.h and # from the use of deprecated functions in test suites. - make CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests + make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s make test From fc5b9553b2f8c7445d2467237024b4fe91ee5d1b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 19 Dec 2023 16:08:19 +0000 Subject: [PATCH 1119/1674] Don't use full path for setting CC Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 5fbb7a355..6ce8e93c0 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -191,7 +191,7 @@ pre_initialize_variables () { fi # if CC is not set, use clang by default (if present) to improve build times if [ -z "${CC+set}" ] && (type clang > /dev/null 2>&1); then - export CC=$(type -p clang) + export CC="clang" fi # Include more verbose output for failing tests run by CMake or make From c393222643a7dd7b9c138a5d2e61b8a133ad6b8e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 19 Dec 2023 17:51:51 +0000 Subject: [PATCH 1120/1674] Work around clang 3.8 bug Signed-off-by: Dave Rodgman --- tests/scripts/all.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 6ce8e93c0..06ef19cc6 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4994,11 +4994,15 @@ config_block_cipher_no_decrypt () { } component_test_block_cipher_no_decrypt_aesni () { + # This consistently causes an llvm crash on clang 3.8, so use gcc + export CC=gcc config_block_cipher_no_decrypt 0 common_block_cipher_no_decrypt } component_test_block_cipher_no_decrypt_aesni_use_psa () { + # This consistently causes an llvm crash on clang 3.8, so use gcc + export CC=gcc config_block_cipher_no_decrypt 1 common_block_cipher_no_decrypt } From 4a8ef7cd9b70463fcf6751278c2286e139d3597f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 19 Dec 2023 11:16:27 +0100 Subject: [PATCH 1121/1674] all.sh: disable legacy AES/ARIA/CAMELLIA in test_full_block_cipher_psa_dispatch This commit also: - rename the reference component as component_test_full_block_cipher_legacy_dispatch() - add a common configuration function, named common_block_cipher_dispatch() that is used from both accelerated and reference components Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 79 +++++++++++++++++++++++++------ tests/scripts/analyze_outcomes.py | 4 +- 2 files changed, 67 insertions(+), 16 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a8c11003a..4a3f72146 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1159,19 +1159,6 @@ component_test_default_cmake_gcc_asan_new_bignum () { tests/context-info.sh } -# This is a common component testing the full config. Its purpose is to be used -# as the "reference" for driver's acceleration tests below when possible (this -# not always the case because some reference test require extra configuration -# in addition to the default one) -component_test_full_common_reference () { - msg "build: full config (common reference)" - helper_libtestdriver1_adjust_config "full" - make - - msg "test: full config (common reference)" - make test -} - component_test_full_cmake_gcc_asan () { msg "build: full config, cmake, gcc, ASan" scripts/config.py full @@ -3837,6 +3824,46 @@ component_test_psa_crypto_config_reference_cipher_aead () { tests/compat.sh -V NO -p mbedTLS } +common_block_cipher_dispatch() { + TEST_WITH_DRIVER="$1" + + # Start from the full config + helper_libtestdriver1_adjust_config "full" + + if [ "$TEST_WITH_DRIVER" -eq 1 ]; then + # Disable key types that are accelerated (there is no legacy equivalent + # symbol for ECB) + scripts/config.py unset MBEDTLS_AES_C + scripts/config.py unset MBEDTLS_ARIA_C + scripts/config.py unset MBEDTLS_CAMELLIA_C + fi + + # Disable cipher's modes and AEADs that, when not accelerated, cause + # legacy key types to be re-enabled in "config_adjust_legacy_from_psa.h". + # Keep this also in the reference component in order to avoid re-enabling + # (in "config_adjust_legacy_from_psa.h") legacy cipher modes that were + # disabled in that component. + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CTR + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CFB + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_OFB + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CMAC + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CCM_STAR_NO_TAG + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CCM + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_GCM + + # Disable direct dependency on AES_C + scripts/config.py unset MBEDTLS_NIST_KW_C + + # Prevent the cipher module from using deprecated PSA path. The reason is + # that otherwise there will be tests relying on "aes_info" (defined in + # "cipher_wrap.c") whose functions are not available when AES_C is + # not defined. ARIA and Camellia are not a problem in this case because + # the PSA path is not tested for these key types. + scripts/config.py set MBEDTLS_DEPRECATED_REMOVED +} + component_test_full_block_cipher_psa_dispatch () { msg "build: full + PSA dispatch in block_cipher" @@ -3846,8 +3873,7 @@ component_test_full_block_cipher_psa_dispatch () { # Configure # --------- - # Start from the full config - helper_libtestdriver1_adjust_config "full" + common_block_cipher_dispatch 1 # Build # ----- @@ -3856,6 +3882,12 @@ component_test_full_block_cipher_psa_dispatch () { helper_libtestdriver1_make_main "$loc_accel_list" + # Make sure disabled components were not re-enabled by accident (additive + # config) + not grep mbedtls_aes_ library/aes.o + not grep mbedtls_aria_ library/aria.o + not grep mbedtls_camellia_ library/camellia.o + # Run the tests # ------------- @@ -3863,6 +3895,23 @@ component_test_full_block_cipher_psa_dispatch () { make test } +# This is the reference component of component_test_full_block_cipher_psa_dispatch +component_test_full_block_cipher_legacy_dispatch () { + msg "build: full + legacy dispatch in block_cipher" + + common_block_cipher_dispatch 0 + + # Disable cipher modes other than ECB as in the accelerated component. ECB + # does not have a configuration symbol and it's automatically enabled as + # long as underlying key types are. + scripts/config.py unset-all MBEDTLS_CIPHER_MODE + + make + + msg "test: full + legacy dispatch in block_cipher" + make test +} + component_test_aead_chachapoly_disabled() { msg "build: full minus CHACHAPOLY" scripts/config.py full diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index cb0f3655f..085ba7a51 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -537,9 +537,11 @@ KNOWN_TASKS = { 'analyze_block_cipher_dispatch': { 'test_function': do_analyze_driver_vs_reference, 'args': { - 'component_ref': 'test_full_common_reference', + 'component_ref': 'test_full_block_cipher_legacy_dispatch', 'component_driver': 'test_full_block_cipher_psa_dispatch', 'ignored_suites': [ + # Skipped in the accelerated component + 'aes', 'aria', 'camellia', ], 'ignored_tests': { 'test_suite_platform': [ From 50333977c613c9190307050bbede116555935ea9 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 19 Dec 2023 11:17:14 +0100 Subject: [PATCH 1122/1674] cipher_wrap: fix guards for alloc/free functions of CCM/GCM Signed-off-by: Valerio Setti --- library/cipher_wrap.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index c173899cb..5be9799fc 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -114,7 +114,9 @@ enum mbedtls_cipher_base_index { MBEDTLS_CIPHER_BASE_PREVENT_EMPTY_ENUM }; -#if defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_GCM_C) && \ + (defined(MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA) || \ + defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C)) /* shared by all GCM ciphers */ static void *gcm_ctx_alloc(void) { @@ -134,7 +136,9 @@ static void gcm_ctx_free(void *ctx) } #endif /* MBEDTLS_GCM_C */ -#if defined(MBEDTLS_CCM_C) +#if defined(MBEDTLS_CCM_C) && \ + (defined(MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA) || \ + defined(MBEDTLS_ARIA_C) || defined(MBEDTLS_CAMELLIA_C)) /* shared by all CCM ciphers */ static void *ccm_ctx_alloc(void) { From bfa675fe480e2e75bada7c67f058c87567d2bf40 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 20 Dec 2023 09:52:08 +0100 Subject: [PATCH 1123/1674] adjust_legacy_crypto: add macros for CCM/GCM capabilities with key types Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_crypto.h | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index a926550be..e64a4b14d 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -224,6 +224,22 @@ #define MBEDTLS_BLOCK_CIPHER_C #endif +/* Helpers for GCM/CCM capabilities */ +#if (defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_AES_C)) || \ + (defined(MBEDTLS_BLOCK_CIPHER_C) && defined(MBEDTLS_BLOCK_CIPHER_CAN_AES)) +#define MBEDTLS_CCM_GCM_CAN_AES +#endif + +#if (defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_ARIA_C)) || \ + (defined(MBEDTLS_BLOCK_CIPHER_C) && defined(MBEDTLS_BLOCK_CIPHER_CAN_ARIA)) +#define MBEDTLS_CCM_GCM_CAN_ARIA +#endif + +#if (defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_CAMELLIA_C)) || \ + (defined(MBEDTLS_BLOCK_CIPHER_C) && defined(MBEDTLS_BLOCK_CIPHER_CAN_CAMELLIA)) +#define MBEDTLS_CCM_GCM_CAN_CAMELLIA +#endif + /* MBEDTLS_ECP_LIGHT is auto-enabled by the following symbols: * - MBEDTLS_ECP_C because now it consists of MBEDTLS_ECP_LIGHT plus functions * for curve arithmetic. As a consequence if MBEDTLS_ECP_C is required for From 689c0f71cb83abd22aef5a911145ed667015df88 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 20 Dec 2023 09:53:39 +0100 Subject: [PATCH 1124/1674] tests: use new CCM/GCM capability macros in tests Signed-off-by: Valerio Setti --- include/mbedtls/ccm.h | 2 +- library/ccm.c | 2 +- library/gcm.c | 2 +- tests/suites/test_suite_ccm.data | 860 ++++++++++----------- tests/suites/test_suite_ccm.function | 4 +- tests/suites/test_suite_gcm.aes128_de.data | 368 ++++----- tests/suites/test_suite_gcm.aes128_en.data | 368 ++++----- tests/suites/test_suite_gcm.aes192_de.data | 340 ++++---- tests/suites/test_suite_gcm.aes192_en.data | 340 ++++---- tests/suites/test_suite_gcm.aes256_de.data | 340 ++++---- tests/suites/test_suite_gcm.aes256_en.data | 340 ++++---- tests/suites/test_suite_gcm.camellia.data | 108 +-- tests/suites/test_suite_gcm.function | 2 +- 13 files changed, 1538 insertions(+), 1538 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index 018db64b6..1da57c921 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -509,7 +509,7 @@ int mbedtls_ccm_update(mbedtls_ccm_context *ctx, int mbedtls_ccm_finish(mbedtls_ccm_context *ctx, unsigned char *tag, size_t tag_len); -#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_CCM_GCM_CAN_AES) /** * \brief The CCM checkup routine. * diff --git a/library/ccm.c b/library/ccm.c index 392ceb84b..953c41930 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -628,7 +628,7 @@ int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, } #endif /* !MBEDTLS_CCM_ALT */ -#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_CCM_GCM_CAN_AES) /* * Examples 1 to 3 from SP800-38C Appendix C */ diff --git a/library/gcm.c b/library/gcm.c index ac6b94530..20d55c0a8 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -659,7 +659,7 @@ void mbedtls_gcm_free(mbedtls_gcm_context *ctx) #endif /* !MBEDTLS_GCM_ALT */ -#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_CCM_GCM_CAN_AES) /* * AES-GCM test vectors from: * diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data index caf9a742d..22150f7a7 100644 --- a/tests/suites/test_suite_ccm.data +++ b/tests/suites/test_suite_ccm.data @@ -2,15 +2,15 @@ CCM self test mbedtls_ccm_self_test: CCM init #1 AES-128: OK -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_AES:128:0 CCM init #2 CAMELLIA-256: OK -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_CAMELLIA:256:0 CCM init #3 AES-224: bad key size -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_AES:224:MBEDTLS_ERR_CCM_BAD_INPUT CCM init #4 DES: bad block size @@ -55,1709 +55,1709 @@ CCM* fixed tag lengths #2 all OK - tag length 0 ccm_star_lengths:5:10:5:0:0 CCM* encrypt and tag #1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_star_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"":"ACDE480000000001":"00000005":2:"08D0842143010000000048DEAC020500000055CF000051525354":"223BC1EC841AB553":0 CCM* encrypt and tag #2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_star_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"61626364":"ACDE480000000001":"00000005":4:"69DC842143020000000048DEAC010000000048DEAC0405000000":"D43E022B":0 CCM* encrypt and tag #3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_star_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"CE":"ACDE480000000001":"00000005":6:"2BDC842143020000000048DEACFFFF010000000048DEAC060500000001":"D84FDE529061F9C6F1":0 CCM* auth decrypt tag #1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_star_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"223BC1EC841AB553":"ACDE480000000001":"00000005":2:"08D0842143010000000048DEAC020500000055CF000051525354":"":0 CCM* auth decrypt tag #2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_star_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"D43E022B":"ACDE480000000001":"00000005":4:"69DC842143020000000048DEAC010000000048DEAC0405000000":"61626364":0 CCM* auth decrypt tag #3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_star_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"D84FDE529061F9C6F1":"ACDE480000000001":"00000005":6:"2BDC842143020000000048DEACFFFF010000000048DEAC060500000001":"CE":0 CCM encrypt and tag RFC 3610 #1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":"00000003020100A0A1A2A3A4A5":"0001020304050607":"588C979A61C663D2F066D0C2C0F989806D5F6B61DAC38417E8D12CFDF926E0" CCM encrypt and tag RFC 3610 #2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"00000004030201A0A1A2A3A4A5":"0001020304050607":"72C91A36E135F8CF291CA894085C87E3CC15C439C9E43A3BA091D56E10400916" CCM encrypt and tag RFC 3610 #3 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20":"00000005040302A0A1A2A3A4A5":"0001020304050607":"51B1E5F44A197D1DA46B0F8E2D282AE871E838BB64DA8596574ADAA76FBD9FB0C5" CCM encrypt and tag RFC 3610 #4 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E":"00000006050403A0A1A2A3A4A5":"000102030405060708090A0B":"A28C6865939A9A79FAAA5C4C2A9D4A91CDAC8C96C861B9C9E61EF1" CCM encrypt and tag RFC 3610 #5 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F":"00000007060504A0A1A2A3A4A5":"000102030405060708090A0B":"DCF1FB7B5D9E23FB9D4E131253658AD86EBDCA3E51E83F077D9C2D93" CCM encrypt and tag RFC 3610 #6 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F20":"00000008070605A0A1A2A3A4A5":"000102030405060708090A0B":"6FC1B011F006568B5171A42D953D469B2570A4BD87405A0443AC91CB94" CCM encrypt and tag RFC 3610 #7 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":"00000009080706A0A1A2A3A4A5":"0001020304050607":"0135D1B2C95F41D5D1D4FEC185D166B8094E999DFED96C048C56602C97ACBB7490" CCM encrypt and tag RFC 3610 #8 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"0000000A090807A0A1A2A3A4A5":"0001020304050607":"7B75399AC0831DD2F0BBD75879A2FD8F6CAE6B6CD9B7DB24C17B4433F434963F34B4" CCM encrypt and tag RFC 3610 #9 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20":"0000000B0A0908A0A1A2A3A4A5":"0001020304050607":"82531A60CC24945A4B8279181AB5C84DF21CE7F9B73F42E197EA9C07E56B5EB17E5F4E" CCM encrypt and tag RFC 3610 #10 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E":"0000000C0B0A09A0A1A2A3A4A5":"000102030405060708090A0B":"07342594157785152B074098330ABB141B947B566AA9406B4D999988DD" CCM encrypt and tag RFC 3610 #11 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F":"0000000D0C0B0AA0A1A2A3A4A5":"000102030405060708090A0B":"676BB20380B0E301E8AB79590A396DA78B834934F53AA2E9107A8B6C022C" CCM encrypt and tag RFC 3610 #12 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F20":"0000000E0D0C0BA0A1A2A3A4A5":"000102030405060708090A0B":"C0FFA0D6F05BDB67F24D43A4338D2AA4BED7B20E43CD1AA31662E7AD65D6DB" CCM encrypt and tag RFC 3610 #13 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8E78CF7CB0CDDD7B3" CCM encrypt and tag RFC 3610 #14 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"9020EA6F91BDD85AFA0039BA4BAFF9BFB79C7028949CD0EC":"0033568EF7B2633C9696766CFA":"63018F76DC8A1BCB":"4CCB1E7CA981BEFAA0726C55D378061298C85C92814ABC33C52EE81D7D77C08A" CCM encrypt and tag RFC 3610 #15 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"B916E0EACC1C00D7DCEC68EC0B3BBB1A02DE8A2D1AA346132E":"00103FE41336713C9696766CFA":"AA6CFA36CAE86B40":"B1D23A2220DDC0AC900D9AA03C61FCF4A559A4417767089708A776796EDB723506" CCM encrypt and tag RFC 3610 #16 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"12DAAC5630EFA5396F770CE1A66B21F7B2101C":"00764C63B8058E3C9696766CFA":"D0D0735C531E1BECF049C244":"14D253C3967B70609B7CBB7C499160283245269A6F49975BCADEAF" CCM encrypt and tag RFC 3610 #17 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"E88B6A46C78D63E52EB8C546EFB5DE6F75E9CC0D":"00F8B678094E3B3C9696766CFA":"77B60F011C03E1525899BCAE":"5545FF1A085EE2EFBF52B2E04BEE1E2336C73E3F762C0C7744FE7E3C" CCM encrypt and tag RFC 3610 #18 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"6435ACBAFB11A82E2F071D7CA4A5EBD93A803BA87F":"00D560912D3F703C9696766CFA":"CD9044D2B71FDB8120EA60C0":"009769ECABDF48625594C59251E6035722675E04C847099E5AE0704551" CCM encrypt and tag RFC 3610 #19 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"8A19B950BCF71A018E5E6701C91787659809D67DBEDD18":"0042FFF8F1951C3C9696766CFA":"D85BC7E69F944FB8":"BC218DAA947427B6DB386A99AC1AEF23ADE0B52939CB6A637CF9BEC2408897C6BA" CCM encrypt and tag RFC 3610 #20 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"1761433C37C5A35FC1F39F406302EB907C6163BE38C98437":"00920F40E56CDC3C9696766CFA":"74A0EBC9069F5B37":"5810E6FD25874022E80361A478E3E9CF484AB04F447EFFF6F0A477CC2FC9BF548944" CCM encrypt and tag RFC 3610 #21 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"A434A8E58500C6E41530538862D686EA9E81301B5AE4226BFA":"0027CA0C7120BC3C9696766CFA":"44A3AA3AAE6475CA":"F2BEED7BC5098E83FEB5B31608F8E29C38819A89C8E776F1544D4151A4ED3A8B87B9CE" CCM encrypt and tag RFC 3610 #22 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"B96B49E21D621741632875DB7F6C9243D2D7C2":"005B8CCBCD9AF83C9696766CFA":"EC46BB63B02520C33C49FD70":"31D750A09DA3ED7FDDD49A2032AABF17EC8EBF7D22C8088C666BE5C197" CCM encrypt and tag RFC 3610 #23 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"E2FCFBB880442C731BF95167C8FFD7895E337076":"003EBE94044B9A3C9696766CFA":"47A65AC78B3D594227E85E71":"E882F1DBD38CE3EDA7C23F04DD65071EB41342ACDF7E00DCCEC7AE52987D" CCM encrypt and tag RFC 3610 #24 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"D7828D13B2B0BDC325A76236DF93CC6B":"ABF21C0B02FEB88F856DF4A37381BCE3CC128517D4":"008D493B30AE8B3C9696766CFA":"6E37A6EF546D955D34AB6059":"F32905B88A641B04B9C9FFB58CC390900F3DA12AB16DCE9E82EFA16DA62059" CCM encrypt and tag AES-128 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" CCM encrypt and tag NIST VTT AES-128 #1 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"43b1a6bc8d0d22d6d1ca95c18593cca5":"a2b381c7d1545c408fe29817a21dc435a154c87256346b05":"9882578e750b9682c6ca7f8f86":"2084f3861c9ad0ccee7c63a7e05aece5db8b34bd8724cc06b4ca99a7f9c4914f":"cc69ed76985e0ed4c8365a72775e5a19bfccc71aeb116c85a8c74677" CCM encrypt and tag NIST VTT AES-128 #2 (P=24, N=13, A=32, T=6) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"44e89189b815b4649c4e9b38c4275a5a":"8db6ae1eb959963931d1c5224f29ef50019d2b0db7f5f76f":"374c83e94384061ac01963f88d":"cd149d17dba7ec50000b8c5390d114697fafb61025301f4e3eaa9f4535718a08":"df952dce0f843374d33da94c969eff07b7bc2418ca9ee01e32bc2ffa8600" CCM encrypt and tag NIST VTT AES-128 #3 (P=24, N=13, A=32, T=8) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"368f35a1f80eaaacd6bb136609389727":"1cccd55825316a94c5979e049310d1d717cdfb7624289dac":"842a8445847502ea77363a16b6":"34396dfcfa6f742aea7040976bd596497a7a6fa4fb85ee8e4ca394d02095b7bf":"1a58094f0e8c6035a5584bfa8d1009c5f78fd2ca487ff222f6d1d897d6051618" CCM encrypt and tag NIST VTT AES-128 #4 (P=24, N=13, A=32, T=10) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"996a09a652fa6c82eae8be7886d7e75e":"84cdd7380f47524b86168ed95386faa402831f22045183d0":"a8b3eb68f205a46d8f632c3367":"c71620d0477c8137b77ec5c72ced4df3a1e987fd9af6b5b10853f0526d876cd5":"a7fbf9dd1b099ed3acf6bcbd0b6f7cae57bee99f9d084f826d86e69c07f053d1a607" CCM encrypt and tag NIST VTT AES-128 #5 (P=24, N=13, A=32, T=12) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3ee186594f110fb788a8bf8aa8be5d4a":"d71864877f2578db092daba2d6a1f9f4698a9c356c7830a1":"44f705d52acf27b7f17196aa9b":"2c16724296ff85e079627be3053ea95adf35722c21886baba343bd6c79b5cb57":"b4dd74e7a0cc51aea45dfb401a41d5822c96901a83247ea0d6965f5aa6e31302a9cc2b36" CCM encrypt and tag NIST VTT AES-128 #6 (P=24, N=13, A=32, T=14) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7b2d52a5186d912cf6b83ace7740ceda":"ea384b081f60bb450808e0c20dc2914ae14a320612c3e1e8":"f47be3a2b019d1beededf5b80c":"76cf3522aff97a44b4edd0eef3b81e3ab3cd1ccc93a767a133afd508315f05ed":"79070f33114a980dfd48215051e224dfd01471ac293242afddb36e37da1ee8a88a77d7f12cc6" CCM encrypt and tag NIST VTT AES-128 #7 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4189351b5caea375a0299e81c621bf43":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9" CCM encrypt and tag NIST VTT AES-192 #1 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"11fd45743d946e6d37341fec49947e8c70482494a8f07fcc":"ee7e6075ba52846de5d6254959a18affc4faf59c8ef63489":"c6aeebcb146cfafaae66f78aab":"7dc8c52144a7cb65b3e5a846e8fd7eae37bf6996c299b56e49144ebf43a1770f":"137d9da59baf5cbfd46620c5f298fc766de10ac68e774edf1f2c5bad" CCM encrypt and tag NIST VTT AES-192 #2 (P=24, N=13, A=32, T=6) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"146a163bbf10746e7c1201546ba46de769be23f9d7cc2c80":"473b6600559aefb67f7976f0a5cc744fb456efd86f615648":"f5827e51707d8d64bb522985bb":"599b12ebd3347a5ad098772c44c49eed954ec27c3ba6206d899ddaabca23a762":"26d2be30e171439d54a0fec291c6024d1de09d61b44f53258ba1360406f9" CCM encrypt and tag NIST VTT AES-192 #3 (P=24, N=13, A=32, T=8) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bdf277af2226f03ec1a0ba7a8532ade6aea9b3d519fe2d38":"0ff89eff92a530b66684cd75a39481e7e069a7d05e89b692":"cc3c596be884e7caed503315c0":"4d6546167b3ed55f01c62bd384e02e1039c0d67ef7abe33291fecb136272f73b":"6ef66a52c866bd5df20ec5096de92167ad83cab0e095ad0c778a299f1224f10c" CCM encrypt and tag NIST VTT AES-192 #4 (P=24, N=13, A=32, T=10) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"62f8eba1c2c5f66215493a6fa6ae007aae5be92f7880336a":"f5522e3405d9b77cbf3257db2b9675e618e8744a0ee03f0f":"15769753f503aa324f4b0e8ee0":"1bc05440ee3e34d0f25e90ca1ecbb555d0fb92b311621d171be6f2b719923d23":"b9103942dbbb93e15086751c9bb0a3d33112b55f95b7d4f32ff0bb90a8879812683f" CCM encrypt and tag NIST VTT AES-192 #5 (P=24, N=13, A=32, T=12) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5a5667197f46b8027980d0a3166c0a419713d4df0629a860":"d0e4024d6e33daafc011fe463545ed20f172872f6f33cefa":"6236b01079d180fce156fbaab4":"29bdf65b29394d363d5243d4249bad087520f8d733a763daa1356be458d487e5":"479f3d408bfa00d1cd1c8bf11a167ce7ae4bcdb011f04e38733013b8ebe5e92b1917640c" CCM encrypt and tag NIST VTT AES-192 #6 (P=24, N=13, A=32, T=14) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d2d4482ea8e98c1cf309671895a16610152ce283434bca38":"78168e5cc3cddf4b90d5bc11613465030903e0196f1fe443":"6ee177d48f59bd37045ec03731":"9ef2d0d556d05cf9d1ee9dab9b322a389c75cd4e9dee2c0d08eea961efce8690":"e2324a6d5643dfc8aea8c08cbbc245494a3dcbcb800c797c3abcdb0563978785bf7fd71c6c1f" CCM encrypt and tag NIST VTT AES-192 #7 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a7177fd129674c6c91c1c89f4408139afe187026b8114893":"2cea0f7304860a4f40a28c8b890db60f3891b9982478495e":"31bb28f0e1e63c36ca3959dd18":"2529a834668187213f5342a1f3deea0dc2765478c7d71c9c21b9eb1351a5f6cb":"5bb7aa6ab9c02a5712d62343fbe61f774e598d6b87545612380ea23dcffc9574f672bca92e306411" CCM encrypt and tag NIST VTT AES-256 #1 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9074b1ae4ca3342fe5bf6f14bcf2f27904f0b15179d95a654f61e699692e6f71":"239029f150bccbd67edbb67f8ae456b4ea066a4beee065f9":"2e1e0132468500d4bd47862563":"3c5f5404370abdcb1edde99de60d0682c600b034e063b7d3237723da70ab7552":"9c8d5dd227fd9f81237601830afee4f0115636c8e5d5fd743cb9afed" CCM encrypt and tag NIST VTT AES-256 #2 (P=24, N=13, A=32, T=6) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8596a69890b0e47d43aeeca54b52029331da06fae63aa3249faaca94e2605feb":"f0b065da6ecb9ddcab855152d3b4155037adfa758ba96070":"20442e1c3f3c88919c39978b78":"4e0d3aa502bd03fe1761b167c4e0df1d228301d3ebaa4a0281becd813266e255":"d6a0f377f7c1b14dcdba729cae5271b027e71cc7850173ec265867a29eb3" CCM encrypt and tag NIST VTT AES-256 #3 (P=24, N=13, A=32, T=8) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bae73483de27b581a7c13f178a6d7bda168c1b4a1cb9180512a13e3ab914eb61":"28ef408d57930086011b167ac04b866e5b58fe6690a0b9c3":"daf54faef6e4fc7867624b76f2":"7022eaa52c9da821da72d2edd98f6b91dfe474999b75b34699aeb38465f70c1c":"356367c6cee4453658418d9517f7c6faddcd7c65aef460138cf050f48c505151" CCM encrypt and tag NIST VTT AES-256 #4 (P=24, N=13, A=32, T=10) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d5b321b0ac2fedce0933d57d12195c7b9941f4caa95529125ed21c41fac43374":"6aa6ea668df60b0db85592d0a819c9df9e1099916272aafb":"b35fb2262edfa14938a0fba03e":"ba762bbda601d711e2dfc9dbe3003d39df1043ca845612b8e9dc9ff5c5d06ec4":"97027de5effd82c58f8dbfb909d7696fbe2d54916262912001a4d765bc1c95c90a95" CCM encrypt and tag NIST VTT AES-256 #5 (P=24, N=13, A=32, T=12) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7f4af6765cad1d511db07e33aaafd57646ec279db629048aa6770af24849aa0d":"7ebef26bf4ecf6f0ebb2eb860edbf900f27b75b4a6340fdb":"dde2a362ce81b2b6913abc3095":"404f5df97ece7431987bc098cce994fc3c063b519ffa47b0365226a0015ef695":"353022db9c568bd7183a13c40b1ba30fcc768c54264aa2cd2927a053c9244d3217a7ad05" CCM encrypt and tag NIST VTT AES-256 #6 (P=24, N=13, A=32, T=14) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5c8b59d3e7986c277d5ad51e4a2233251076809ebf59463f47cd10b4aa951f8c":"138ee53b1914d3322c2dd0a4e02faab2236555131d5eea08":"21ff892b743d661189e205c7f3":"f1e0af185180d2eb63e50e37ba692647cac2c6a149d70c81dbd34685ed78feaa":"5b2f3026f30fdd50accc40ddd093b7997f23d7c6d3c8bc425f82c828413643b8794494cb5236" CCM encrypt and tag NIST VTT AES-256 #7 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"60823b64e0b2da3a7eb772bd5941c534e6ff94ea96b564e2b38f82c78bb54522":"a8be794613835c4366e75817d228438f011a2ec8a86f9797":"48526f1bffc97dd65e42906983":"fab62b3e5deda7a9c1128663cc81c44b74ab1bfe70bc1c9dec7c7fd08173b80a":"cc3efe04d84a4ec5cb6a6c28dc2c2d386a359d9550dbdec963ddd56464aed6d0613159d1aa181dcb" CCM encrypt and tag NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ebf60f0969013a54a3dedb19d20f6c8":"":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880" CCM encrypt and tag NIST VPT AES-128 #2 (P=1, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6ae7a8e907b8720f4b0d5507c1d0dc41":"0e":"7f18ad442e536a0159e7aa8c0f":"9c9b0f11e020c6512a63dfa1a5ec8df8bd8e2ad83cf87b80b38635621c5dc0d7":"4c201784bdab19e255787fecd02000c49d" CCM encrypt and tag NIST VPT AES-128 #3 (P=2, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3d746ae6cac5cefd01f021c0bbf4bc3c":"4360":"597b3614ff9cd567afd1aad4e5":"90446190e1ff5e48e8a09d692b217de3ad0ab4a670e7f1b437f9c07a902cad60":"e38fdb77c1f8bbac2903a2ec7bc0f9c5654d" CCM encrypt and tag NIST VPT AES-128 #4 (P=3, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3e4fa1c6f8b00f1296956735ee86e310":"3a6734":"c6a170936568651020edfe15df":"00d57896da2435a4271afb9c98f61a650e63a4955357c47d073c5165dd4ea318":"384be657bfc5f385b179be7333eb3f57df546b" CCM encrypt and tag NIST VPT AES-128 #5 (P=4, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7ccbb8557f6e08f436d0957d4bbe7fdf":"4cabeb02":"bb8e2ef2ed9484f9021cda7073":"fba1d18a74a3bb38671ab2842ffaa434cd572a0b45320e4145930b3008d8d350":"32501f4235c4dd96e83d5ab4c3c31c523453c317" CCM encrypt and tag NIST VPT AES-128 #6 (P=5, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3725c7905bfaca415908c617b78f8dee":"f5499a7082":"c98ec4473e051a4d4ac56fd082":"11bc87f1c2d2076ba47c5cb530dd6c2a224f7a0f7f554e23d7d29077c7787680":"e378b776242066751af249d521c6eaebdff40b2642" CCM encrypt and tag NIST VPT AES-128 #7 (P=6, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"80bead98a05d1bb173cd4fca463b8fa3":"e479990bf082":"8a14a6d255aa4032ebff37a3d7":"bb4e706e73d21df66f64173859d47e247527cd9832e20dccff8548ed5f554108":"89c9246238878427f36b1f6c633e4542f32b50ca8edb" CCM encrypt and tag NIST VPT AES-128 #8 (P=7, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dc8ec91184ba18eae31ac2d3b252673f":"2a5775986551c8":"0da4c988f521f5648259f2bec2":"6d5573c9279897d7d1602d8a95c04bb5ca3fad2dbe89a024b3651eb227e73bb5":"4f259f2a718faea852a7c4358dfa9f5467357638acac90" CCM encrypt and tag NIST VPT AES-128 #9 (P=8, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"19f97ef5318b8005fc7133fa31dd1236":"6d972a673fbe1ca1":"01ce9814c6329dbee1d02b1321":"85853f120981f33cf1d50fde6b8bc865fe988a9f12579acdb336f9f992b08b89":"2f12a7e7acecae5d2563309efc19368cdee8266538ca89d3" CCM encrypt and tag NIST VPT AES-128 #10 (P=9, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c17944bfaeeb808eed66ae7242ab545f":"7caae2640e734539d3":"910b3db64df3728ca98219e01b":"edf64f98b3ab593cbcf68ab37a8c9472e49cb849d4a744deae925a5a43faf262":"0dae8b3ccf0b439f6ff8ee4a233dfb7753f6bfe321b3e26959" CCM encrypt and tag NIST VPT AES-128 #11 (P=10, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0fb9df6f638847f5de371f003dd938f4":"e10cc36bc1c5d3c646ab":"c9ddf61c052f3502ad6b229819":"4f9938d5bc3dcbe47f6b256d5e99723d0891e50c6175aba41b011e4686113c49":"7f797367de50be6dc04e4cf0d8c24189affd35060cb7ca3dd136" CCM encrypt and tag NIST VPT AES-128 #12 (P=11, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"006ff7d3153caf906ec7929f5aef9276":"31be1b241cae79c54c2446":"57db1541a185bd9cdc34d62025":"7d9681cac38e778fba11f4464f69ed9ebfea31b7ffcaf2925b3381c65d975974":"9dd8a4244fbdb30b624578a625c43233476bbb959acd9edebe2883" CCM encrypt and tag NIST VPT AES-128 #13 (P=12, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"026331e98aba9e8c23a9e8a91d0b0c97":"a82200ef3a08c390dec5cbf9":"bccfe69bba168b81cbdf7d018a":"26e011143a686a7224ddb8c5b1e5d31713fa22c386785e2c34f498ae56d07ed5":"adf4fc6f9be113066c09248fcb56a9c1a1c3bb16fbb9fbaedacdb12b" CCM encrypt and tag NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa":"89f15b1cb665a8851da03b874ca6f73242f2f227350c0277e4e72cdaa6" CCM encrypt and tag NIST VPT AES-128 #15 (P=14, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7301c907b9d2aaac355c5416ff25c59b":"484300aa3a506afcd313b49ead8d":"7304b65b6dab466273862c88b9":"2c5d114eff62c527cc2e03c33c595a80fe609bfc0fe13ce3380efe05d85cceac":"928ca58b0d373dc50c52afac787ce8eeb5d5b493661259a9d91ea31a5f7e" CCM encrypt and tag NIST VPT AES-128 #16 (P=15, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"38be46d271bf868c198052391f8a2147":"61bd1385be92097e866550a55278f0":"6758f67db9bfea5f0e0972e08b":"c6de3be97f11d0e2ab85c9353b783f25b37366a78a2012cecf5b7a87138b3c86":"7c9fa8d99b38f825315ece6a2613f55e902f296dcce870263ae50cda4fadae" CCM encrypt and tag NIST VPT AES-128 #17 (P=16, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"70010ed90e6186ecad41f0d3c7c42ff8":"be322f58efa7f8c68a635e0b9cce77f2":"a5f4f4986e98472965f5abcc4b":"3fec0e5cc24d67139437cbc8112414fc8daccd1a94b49a4c76e2d39303547317":"8e4425ae573974f0f0693a188b525812eef08e3fb15f4227e0d989a4d587a8cf" CCM encrypt and tag NIST VPT AES-128 #18 (P=17, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"79eae5baddc5887bdf3031fd1d65085b":"001343e6191f5f1738e7d19d4eec2b9592":"9da59614535d1fad35f2ece00f":"46603500af9e4e7a2f9545411a58b21a6efd21f2b5f315d02d964c09270145b3":"2162e27bfbf1d00f2404754a254665fd9270f0edb415993588b2535e2e0e4fd086" CCM encrypt and tag NIST VPT AES-128 #19 (P=18, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c14eda0f958465246fe6ab541e5dfd75":"617868ae91f705c6b583b5fd7e1e4086a1bb":"32b63ca7e269223f80a56baaaa":"733f8e7670de3446016916510dfe722ce671570121d91331a64feb3d03f210e6":"b2dc1e548b3d3f225a34082f4391980a0788b4cc36852fd64a423fb8e872252b248e" CCM encrypt and tag NIST VPT AES-128 #20 (P=19, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c5e7147f56ba4530b8799ababeb82772":"2f3bf0b566440912a1e47a0c07f1cfd39cb440":"bdd38e173fb20b981659c597d6":"3a069a2bfda44abbb0a82a97e5e9047258c803da2c66190d77149e0f010b3af9":"bd6265dcba9e14c59e515e395dc60bd053345fa6d7568c738e3a7fdf142d8f2d1562c0" CCM encrypt and tag NIST VPT AES-128 #21 (P=20, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"78c46e3249ca28e1ef0531d80fd37c12":"4802422c9b3b4459ba26e7863ad87b0c172cfe4b":"5de41a86ce3f3fb1b685b3ca4d":"e98a77f2a941b36232589486b05f4278275588665a06d98aec98915cc5607e06":"daea2234ea433533bf0716abe1aa3844b6d3c51e9d5ca3d8ec5065630d2de0717cdeb7d5" CCM encrypt and tag NIST VPT AES-128 #22 (P=21, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8883002bf13b3a94b2467225970df938":"d516bbff452e7706c91c7ace3e9baa76d65ff7050f":"818a702d5c8ee973b34e9acda1":"545aeac737c0ca2a3d5e1fd966840c3a0d71e0301abbe99c7af18d24cc7e9633":"b85242fdc06344f2bd9a97b408902ebcd22aece3d42f2da4dd4d817c9fa2d44bc02163a0a9" CCM encrypt and tag NIST VPT AES-128 #23 (P=22, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5cea00ee44cfb9cfbb598d3812e380ef":"33bfd0713f30fcac8f7f95920ac6d9b803ddd5480dd8":"948788a9c8188cb988430a7ebd":"50422c5e6a0fb8231b3bb6e2f89607019be6ad92a4dae8e0fe3f9e486476004b":"b168747dea3ae0fbede4402af9a3dc3185d6d162f859d828101682de32923788c70262b84814" CCM encrypt and tag NIST VPT AES-128 #24 (P=23, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cb83f77751e72711401cbbf4f61aa0ed":"eede01b08f9a303cdf14c99d7a45732972c6eff2a1db06":"c0b461b2e15b8b116ef9281704":"2bd112231f903fa0dff085db48a2e2a96ec0199249b005d5ab4c2eab753f9ad0":"feb114b7bd3b43497b62454a675a632c3546d2802462c6af57647efda119c59862cd5dd3904efc" CCM encrypt and tag NIST VPT AES-128 #25 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"43c1142877d9f450e12d7b6db47a85ba":"b506a6ba900c1147c806775324b36eb376aa01d4c3eef6f5":"76becd9d27ca8a026215f32712":"6a59aacadd416e465264c15e1a1e9bfa084687492710f9bda832e2571e468224":"14b14fe5b317411392861638ec383ae40ba95fefe34255dc2ec067887114bc370281de6f00836ce4" CCM encrypt and tag NIST VPT AES-192 #1 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"086e2967cde99e90faaea8a94e168bf0e066c503a849a9f3":"":"929542cd690f1babcf1696cb03":"58f70bab24e0a6137e5cd3eb18656f2b5ccddc3f538a0000c65190e4a3668e71":"3bf9d93af6ffac9ac84cd3202d4e0cc8" CCM encrypt and tag NIST VPT AES-192 #2 (P=1, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"992d38768b11a236945bd4b327c3728fac24c091238b6553":"1c":"b248a90b84b0122a5ad8e12760":"27cabc40da0e1eda0ea5f8abbb7c179e30776250a7b30d711b0e106c5ee9d84a":"1a96f58c3f38c44d1a345f3e2da6679f20" CCM encrypt and tag NIST VPT AES-192 #3 (P=2, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5012db40ff6ae23c1e1ce43768c5936c4400b0e79ae77f30":"0c6c":"b67e500b35d60ad7264240027c":"40affd355416200191ba64edec8d7d27ead235a7b2e01a12662273deb36379b8":"c996ef3d6ef9f981557506ecc8797bbaaaa7" CCM encrypt and tag NIST VPT AES-192 #4 (P=3, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fa15cc7f0de294d7341b1fd79326c8be78e67822343c1992":"bcb898":"e5257aed2bda0495aa44591db4":"31a0338c3839931fa1dd5131cb796c4c6cfde9fb336d8a80ac35dec463be7a94":"68f08298d9a2147776dca9c1a42382bce323b2" CCM encrypt and tag NIST VPT AES-192 #5 (P=4, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5330a8447d74a7987fb718cfae246b5c7e057991064eeaf":"b46b343e":"2ef29d62b40d8643848797cde8":"1225b036e6044df52314016760e92750de0936120395de750a2c54a7fa0cea82":"c2c39d6f9344e2de064f269d065a2a6108605916" CCM encrypt and tag NIST VPT AES-192 #6 (P=5, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30419145ae966591b408c29e5fd14d9112542909be5363f7":"8ceaeb89fd":"27e6b2a482bbc6f13702005708":"e04e81e860daf9696098c723085d8023c240ebe7a643131e35359ab04bd650fe":"ec9d5ed36243ddf77b33d8cf2963ba76fd4e19f3c5" CCM encrypt and tag NIST VPT AES-192 #7 (P=6, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"748ad503388a34041a7bdae6361d57894357c333bacf02ca":"24d6880aed7e":"518b79d194579b19f2d8845b70":"691dd98f61fd213b0840ec5a6f06ef9a1420be0d59bde5e43546347a2a865a94":"270120f9634ec15536e21d961c675070ec4cff9037bc" CCM encrypt and tag NIST VPT AES-192 #8 (P=7, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b930cca30a3fd230c237c8f3cc6792d0c4084dff5c18d775":"2a755e362373ef":"7574802fd82fe96c05431acd40":"1cf83928b6a9e525fe578c5c0f40c322be71b3092239bff954dd6883738d6d71":"f06238b0450fd1f4b6cab1383adb420c4724aa7bdfefb7" CCM encrypt and tag NIST VPT AES-192 #9 (P=8, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"314c136999e41d137bd7ba17201a9fa406025868334e39b3":"4d54d8b06b204445":"65f7a0f4c0f5bba9d26f7e0ddb":"5c7ce4819b30b975ae6ce58dcc1bfa29a8b6dda8f4b76c7e23516487745e829c":"2baf90c490b11f9607482362ab3f157c42d0e9c6c5cffcf0" CCM encrypt and tag NIST VPT AES-192 #10 (P=9, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a19f6be062ec0aaf33046bd52734f3336c85d8368bef86ab":"13511ae5ff6c6860a1":"7f2d07f8169c5672b4df7f6cac":"d68d5f763db6111c5d6324d694cb0236beab877daae8115ecb75d60530777b58":"b3859b757802ebd048467fd8e139eb9ee8fcdca45ed87dc1c8" CCM encrypt and tag NIST VPT AES-192 #11 (P=10, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"de1c8263345081d2dfa9afdf37675971135e178df554a4d8":"f777aba1fa70f94e6de9":"a301bb82f91a582db01355c388":"9ad52c041390d0d4aaf65a4667c3239c95e7eae6178acc23fb4e70a852d483c6":"9d8bff6d2dcde77104ac6aba025abc01416a7ca9f096ab2529cb" CCM encrypt and tag NIST VPT AES-192 #12 (P=11, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"248d36bd15f58e47fcf1c948272355821f8492e6e69f3661":"33709d9c7906e2f82dd9e2":"9e8d492c304cf6ad59102bca0e":"9ec08c7ed6b70823d819e9ab019e9929249f966fdb2069311a0ddc680ac468f5":"9114d36b79b1918b2720f40cddce66df9b4802f737bea4bd8f5378" CCM encrypt and tag NIST VPT AES-192 #13 (P=12, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"77a67fb504b961028633321111aac2c30eb6d71a8cf72056":"10554c062d269ff6dcd98493":"acadc0330194906f8c75ac287f":"8c18486d52571f70f2ba6a747aaa3d4b3ebc2e481ee1b70907dddb94bdfa0ca6":"7f8b0cad79b545e5addf0b04ff4b0f2b2a5067283210aba8630d0306" CCM encrypt and tag NIST VPT AES-192 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0d423519e4110c06063061323f8c7c95387776b6ee4e4b6e":"4021ff104ff1dbd91e46db249f":"39abe53826d9b8e300fe747533":"cdd9bf1b4f865e922c678ec4947ea0cb02e78bd5c1538f33aeb818ad3f47e519":"7953d3cd66d093785d123f65ba37f16761dd6aedbfc789ad96edf1490d" CCM encrypt and tag NIST VPT AES-192 #15 (P=14, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a60cf7ceb62bf3118532bc61daa25ce946991047f951b536":"d64f9426febce6a84c954dd5ded5":"7499494faa44a7576f9ed5580d":"baa482c64eefd09118549a8968f44cfea7a436913a428e30aa4ab44802a4ba35":"f7580f17266d68237747bf57c7ed8242ac1a1979c5a9e7bc67d7698c7efa" CCM encrypt and tag NIST VPT AES-192 #16 (P=15, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"82d4bc9aac298b09112073277205e1bf42176d1e6339b76c":"25a53fd3e476dc0860eeeea25fcb0c":"70325ef19e581b743095cd5eb1":"6d14bb2635c5d0ae83687f1824279cf141173527e1b32d1baf8a27f7fe34a542":"4a1cfd0023557a184b929965b0a445cb3993ca35acf354cb2b4254ff672e7f" CCM encrypt and tag NIST VPT AES-192 #17 (P=16, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6873f1c6c30975aff6f08470264321130a6e5984ade324e9":"5051a0b0b6766cd6ea29a672769d40fe":"7c4d2f7cec04361f187f0726d5":"77743b5d83a00d2c8d5f7e10781531b496e09f3bc9295d7ae9799e64668ef8c5":"0ce5ac8d6b256fb7580bf6acc76426af40bce58fd4cd6548df90a0337c842004" CCM encrypt and tag NIST VPT AES-192 #18 (P=17, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3cf8da27d5be1af024158985f725fd7a6242cbe0041f2c17":"f6dd2c64bf597e63263ccae1c54e0805fe":"07f77f114d7264a122a7e9db4f":"30457e99616f0247f1339b101974ea231904d0ef7bd0d5ee9b57c6c16761a282":"ce3031c3a70600e9340b2ddfe56aa72cffdc5e53e68c51ee55b276eb3f85d2cf63" CCM encrypt and tag NIST VPT AES-192 #19 (P=18, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b46a3a24c66eb846ca6413c001153dc6998970c12e7acd5a":"56d18d3e2e496440d0a5c9e1bcb464faf5bc":"b79c33c96a0a90030694163e2a":"ea9405d6a46cac9783a7b48ac2e25cc9a3a519c4658b2a8770a37240d41587fb":"01baba2e0d5b49d600d03a7ed84ee878926c0ca478f40a6fbde01f584d938a1c91bf" CCM encrypt and tag NIST VPT AES-192 #20 (P=19, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7b71045ccef735bd0c5bea3cf3b7e16e58d9c62061a204e0":"890d05420d57e3b3d8dbef117fe60c3fa6a095":"2b9ecfd179242c295fe6c6fa55":"b89166f97deb9cc7fdeb63639eeafb145895b307749ec1a293b27115f3aa8232":"f842ff6662684de8785af275fa2d82d587de0687ebe35e883cbd53b82f2a4624c03894" CCM encrypt and tag NIST VPT AES-192 #21 (P=20, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dc7c67715f2709e150cceff020aaacf88a1e7568191acbcf":"f383bd3e6270876b74abbb5d35e7d4f11d83412c":"da56ea046990c70fa216e5e6c4":"f799818d91be7bab555a2e39f1f45810a94d07179f94fe1151d95ab963c47611":"377b5df263c5c74f63603692cbb61ea37b6d686c743f71e15490ca41d245768988719ede" CCM encrypt and tag NIST VPT AES-192 #22 (P=21, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f41e369a1599627e76983e9a4fc2e963dab4960b09ebe390":"81ad3f386bedcbf656ff535c63580d1f87e3c72326":"68ef8285b90f28bcd3cb1bacea":"dbe3e82e49624d968f5463ceb8af189fb3ad8b3b4122142b110d848a286dae71":"9f6028153e06d14d30b862a99a35413413c04a49dc6f68a03a11cf00d58f062a7b36465d13" CCM encrypt and tag NIST VPT AES-192 #23 (P=22, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3289e59e3a7b29bf4a309afc253030bba4b9bdd64f0722f9":"53911a67b65738f87fc7c20d6db8044bde1af95838d1":"30259ce106e9bd7a8bacbaf212":"2870bd9a26c510e9a256920899bbc77a4eb9b53f927045a943d5ed6b13638cf3":"70cf37d4b6f7e707376b1574ce17c040b5143da47abb2fe9afafc2fccd98ccf63b0fdec30eac" CCM encrypt and tag NIST VPT AES-192 #24 (P=23, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"40f1aff2e44d05f12126097a0f07ac0359ba1a609356a4e6":"8d98c580fb366f330dbfda20f91d99a0878b47efd14c6d":"0df3fc6396f851785fca9aa5ff":"e9699b20b0574fce8b5cbc4ef792eb96e2c1cce36b1b1f06ea2a95fe300633cc":"579cdf9da62a2df471e03450516adb4ce99ae0f70b1776a39c3b429a1f922fac0b59e29a122e43" CCM encrypt and tag NIST VPT AES-192 #25 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"91f9d636a071c3aad1743137e0644a73de9e47bd76acd919":"4eaf9384cad976f65f98042d561d760b5a787330dc658f6c":"1bf491ac320d660eb2dd45c6c3":"3bdfd7f18d2b6d0804d779f0679aaa2d7d32978c2df8015ae4b758d337be81dd":"635530cab14e3d0a135bb6eebb5829412676e6dd4995f99cb7e17f235bd660e7e17b2c65320e9fd4" CCM encrypt and tag NIST VPT AES-256 #1 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c6c14c655e52c8a4c7e8d54e974d698e1f21ee3ba717a0adfa6136d02668c476":"":"291e91b19de518cd7806de44f6":"b4f8326944a45d95f91887c2a6ac36b60eea5edef84c1c358146a666b6878335":"ca482c674b599046cc7d7ee0d00eec1e" CCM encrypt and tag NIST VPT AES-256 #2 (P=1, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cc49d4a397887cb57bc92c8a8c26a7aac205c653ef4011c1f48390ad35f5df14":"1a":"6df8c5c28d1728975a0b766cd7":"080f82469505118842e5fa70df5323de175a37609904ee5e76288f94ca84b3c5":"a5f24e87a11a95374d4c190945bf08ef2f" CCM encrypt and tag NIST VPT AES-256 #3 (P=2, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"36b0175379e7ae19c277fe656a2252a82796309be0f0d4e1c07fdde88aca4510":"be80":"021bd8b551947be4c18cf1a455":"b5c6e8313b9c68e6bb84bffd65fa4108d243f580eab99bb80563ed1050c8266b":"ecacc3152e43d9efea26e16c1d1793e2a8c4" CCM encrypt and tag NIST VPT AES-256 #4 (P=3, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ddb739acda6c56ec9aefc4f4cbc258587f443da4e76ddfa85dbe0813a8784944":"db457c":"0bddf342121b82f906368b0d7b":"887486fff7922768186363ef17eb78e5cf2fab8f47a4eb327de8b16d63b02acb":"54473c3f65d6be431e79700378049ac06f2599" CCM encrypt and tag NIST VPT AES-256 #5 (P=4, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"62b82637e567ad27c3066d533ed76e314522ac5c53851a8c958ce6c64b82ffd0":"87294078":"5bc2896d8b81999546f88232ab":"fffb40b0d18cb23018aac109bf62d849adca42629d8a9ad1299b83fe274f9a63":"2bc22735ab21dfdcfe95bd83592fb6b4168d9a23" CCM encrypt and tag NIST VPT AES-256 #6 (P=5, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bc29a16e19cfbe32bf4948e8e4484159bc819b7eec504e4441a1a98ca210e576":"3e8c6d1b12":"4f18bcc8ee0bbb80de30a9e086":"574931ae4b24bdf7e9217eca6ce2a07287999e529f6e106e3721c42dacf00f5d":"45f3795fcf9c66e1a43103d9a18f5fba5fab83f994" CCM encrypt and tag NIST VPT AES-256 #7 (P=6, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5f4b4f97b6aa48adb3336c451aac377fde4adf47897fd9ccdf139f33be76b18c":"1b62ad19dcac":"7a76eac44486afdb112fc4aab9":"a66c980f6621e03ff93b55d5a148615c4ad36d6cbdd0b22b173b4b1479fb8ff7":"4ad1fcf57c12b14e0e659a6305b4aeffae82f8a66c94" CCM encrypt and tag NIST VPT AES-256 #8 (P=7, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f7aaeff3a1dc0cc5ecf220c67ad9f6dda060b4f1be3cc609cb4f18b2342a88a2":"d48daa2919348d":"d0d6871b9adc8623ac63faf00f":"e97175c23c5b47da8ce67811c6d60a7499b3b7e1347ad860519285b67201fe38":"eb32ab153a8e092fa325bafc176a07c31e6cc0a852d288" CCM encrypt and tag NIST VPT AES-256 #9 (P=8, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"493e14623cd250058a7fc66a3fee0c24b6e363b966c2314aff53b276b6c2ea7b":"e5653e512d8b0b70":"fe2d8ae8da94a6df563f89ce00":"579a637e37a0974cd2fc3b735d9ed088e8e488ffe210f043e0f9d2079a015ad6":"75d31f8d47bee5c4e2ba537355ae8ab25cc9ed3511ff5053" CCM encrypt and tag NIST VPT AES-256 #10 (P=9, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b23255372455c69244a0210e6a9e13b155a5ec9d6d0900e54a8f4d9f7a255e3a":"615d724ae94a5daf8d":"274846196d78f0af2df5860231":"69adcae8a1e9a3f2fe9e62591f7b4c5b19d3b50e769521f67e7ea8d7b58d9fc8":"f019ae51063239287d896e7127f17d13f98013b420219eb877" CCM encrypt and tag NIST VPT AES-256 #11 (P=10, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dbf06366f766e2811ecd5d4384d6d08336adc37e0824d620cf0d9e7fd1e7afa9":"2e3cf0af8c96c7b22719":"b3503ed4e277ed9769b20c10c0":"9ae5a04baa9d02c8854e609899c6240851cbc83f81f752bc04c71affa4eed385":"e317df43ab46eb31be7e76f2730d771d56099a0c8d2703d7a24e" CCM encrypt and tag NIST VPT AES-256 #12 (P=11, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4dd555bd3a5253a90b68b5d4d46bd050340ee07ddad3a72048c657b5d76bb207":"8015c0f07a7acd4b1cbdd2":"bdb1b82ba864893c2ee8f7426c":"9bcc5848e928ba0068f7a867e79e83a6f93593354a8bfcfc306aeeb9821c1da1":"8e9f80c726980b3d42e43a6512a0481255b729a10f9edb5f07c60c" CCM encrypt and tag NIST VPT AES-256 #13 (P=12, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3ad8cda9a0d91a205c4c05665728bb255d50a83403c9ab9243fcbbe95ae7906":"a203aeb635e195bc33fd42fa":"0b5f69697eb1af24e8e6fcb605":"ea26ea68facdac3c75ba0cdf7b1ad703c9474af83b3fbfc58e548d776b2529b9":"62666297a809c982b50722bd56bc555899345e0404b2938edf33168e" CCM encrypt and tag NIST VPT AES-256 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e300fc7a5b96806382c35af5b2c2e8e26382751b59010d4b1cfc90a4a9cb06df":"8714eb9ecf8bdb13e919de40f9":"55b59eb434dd1ba3723ee0dc72":"9b1d85384cb6f47c0b13514a303d4e1d95af4c6442691f314a401135f07829ec":"ba6063824d314aa3cbab14b8c54c6520dac0f073856d9b9010b7857736" CCM encrypt and tag NIST VPT AES-256 #15 (P=14, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3ae5be5904bae62609ac525e2d1cad90133447573d7b608975a6a2b16cb2efc0":"959403e0771c21a416bd03f38983":"61bf06b9fa5a450d094f3ddcb5":"0245484bcd987787fe97fda6c8ffb6e7058d7b8f7064f27514afaac4048767fd":"37a346bc4909965c5497838251826385a52c68914e9d1f63fd297ee6e7ed" CCM encrypt and tag NIST VPT AES-256 #16 (P=15, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fab62b3e5deda7a9c1128663cc81c44b74ab1bfe70bc1c9dec7c7fd08173b80a":"54be71705e453177b53c92bbf2ab13":"a5c1b146c82c34b2e6ebeceb58":"5e60b02b26e2d5f752eb55ea5f50bb354a6f01b800cea5c815ff0030b8c7d475":"788db949697b8cd9abbc74ed9aa40cd6852dc829469368491149d6bb140071" CCM encrypt and tag NIST VPT AES-256 #17 (P=16, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ee8ce187169779d13e443d6428e38b38b55dfb90f0228a8a4e62f8f535806e62":"d15f98f2c6d670f55c78a06648332bc9":"121642c4218b391c98e6269c8a":"718d13e47522ac4cdf3f828063980b6d452fcdcd6e1a1904bf87f548a5fd5a05":"cc17bf8794c843457d899391898ed22a6f9d28fcb64234e1cd793c4144f1da50" CCM encrypt and tag NIST VPT AES-256 #18 (P=17, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7da6ef35ad594a09cb74daf27e50a6b30d6b4160cf0de41ee32bbf2a208b911d":"b0053d1f490809794250d856062d0aaa92":"98a32d7fe606583e2906420297":"217d130408a738e6a833931e69f8696960c817407301560bbe5fbd92361488b4":"a6341ee3d60eb34a8a8bc2806d50dd57a3f628ee49a8c2005c7d07d354bf80994d" CCM encrypt and tag NIST VPT AES-256 #19 (P=18, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0786706f680c27b792d054faa63f499a8e6b5ddb90502946235bf74c022d772c":"6a26677836d65bd0d35a027d278b2534e7df":"f61ef1c8c10a863efeb4a1de86":"67874c808600a27fcab34d6f69cc5c730831ad4589075dd82479823cb9b41dc3":"d1c1f3c60603359c7d6a707f05ecb2296f8e52f2210b7a798ad5c778ee7cfd7fe6e0" CCM encrypt and tag NIST VPT AES-256 #20 (P=19, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bac55f9847d93325bf5071c220c0a3dfeb38f214292d47b4acb7b0a597fe056f":"c1a994dc198f5676ea85801cd27cc8f47267ec":"05b50c458adbba16c55fcc454d":"89ad6ae1e550975eaa916a62615e6b6a66366a17a7e06380a95ea5cdcc1d3302":"7c9b138177590edaafec4728c4663e77458ffbe3243faec177de4a2e4a293952073e43" CCM encrypt and tag NIST VPT AES-256 #21 (P=20, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8beedeb85d42c2a7fa6f7237b05acb197dd8e1672471ac878064fe5319eab876":"7b125c3b9612a8b554913d0384f4795c90cd387c":"8479bdfad28ebe781e9c01a3f6":"7aebdfd955d6e8a19a701d387447a4bdd59a9382156ab0c0dcd37b89419d6eff":"6cc611d816b18c6847b348e46a4119465104254a04e2dfeeeac9c3255f6227704848d5b2" CCM encrypt and tag NIST VPT AES-256 #22 (P=21, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c3a0c126cad581012151c25cf85a44472c23f83b6095b6004f4f32cd60ec2db2":"73b09d18554471309141aa33b687f9248b50fe3154":"94ab51ce75db8b046d6ab92830":"2a243246bfe5b5ab05f51bf5f401af52d5bbaa2549cf57a18e197597fe15dd8c":"b7e8264ca70fd2a4fb76f20a8ad5da3c37f5893fb12abeeaef1187f815ca481ed8ddd3dd37" CCM encrypt and tag NIST VPT AES-256 #23 (P=22, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9cdebaeee8690b68751070691f49593668a6de12d3a948b38ddbd3f75218b2d4":"3cbb08f133270e4454bcaaa0f20f6d63c38b6572e766":"af1a97d43151f5ea9c48ad36a3":"f5353fb6bfc8f09d556158132d6cbb97d9045eacdc71f782bcef62d258b1950a":"3966930a2ae8fdd8f40e7007f3fde0bd6eb48a46e6d26eef83da9f6384b1a2bda10790dadb3f" CCM encrypt and tag NIST VPT AES-256 #24 (P=23, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d34264a12c35cdd67ac105e2826b071e46f8131d1e325f8e0ae80a6447375135":"79ac1a6a9eca5e07ce635bfd666ef72b16f3f2e140d56c":"3891e308b9f44c5b5a8b59004a":"0cda000ed754456a844c9ed61843deea9dadf5e723ea1448057712996d660f8c":"1abcc9b1649deaa0bfa7dcd23508282d9c50ca7fee72486950608d7bcb39dcf03a2cab01587f61" CCM encrypt and tag NIST VPT AES-256 #25 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4ad98dbef0fb2a188b6c49a859c920967214b998435a00b93d931b5acecaf976":"9cea3b061e5c402d48497ea4948d75b8af7746d4e570c848":"00d772b07788536b688ff2b84a":"5f8b1400920891e8057639618183c9c847821c1aae79f2a90d75f114db21e975":"f28ec535c2d834963c85814ec4173c0b8983dff8dc4a2d4e0f73bfb28ad42aa8f75f549a93594dd4" CCM encrypt and tag NIST VNT AES-128 #1 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c0425ed20cd28fda67a2bcc0ab342a49":"4f065a23eeca6b18d118e1de4d7e5ca1a7c0e556d786d407":"37667f334dce90":"0b3e8d9785c74c8f41ea257d4d87495ffbbb335542b12e0d62bb177ec7a164d9":"768fccdf4898bca099e33c3d40565497dec22dd6e33dcf4384d71be8565c21a455db45816da8158c" CCM encrypt and tag NIST VNT AES-128 #2 (P=24, N=8, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0b6256bd328a4cda2510d527c0f73ed4":"78a292662b8e05abc2d44fbefd0840795e7493028015d9f2":"21fd9011d6d9484a":"66ff35c4f86ad7755b149e14e299034763023e7384f4af8c35277d2c7e1a7de2":"5a0be834c57b59d47a4590d8d19a1206d3c06e937a9b57f74034d9fdb43c3f48932aa72177b23bf6" CCM encrypt and tag NIST VNT AES-128 #3 (P=24, N=9, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"afdccc84f257cb768b7ad735edbd1990":"56d0942490e546798f30d3c60ad4e3e110fc04f5b1c1fa83":"b7776aa998f4d1189b":"9f9ac464de508b98e789243fdb32db458538f8a291ed93ddf8aeaacfbfc371aa":"96f124c74fd737819008ddef440320f4a3733d0062c83c893e259aecf12ba08f2a2e966a3341d6d4" CCM encrypt and tag NIST VNT AES-128 #4 (P=24, N=10, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6ccb68d3838d4ddf660b9cd904cad40f":"5ea35c082e2b190e9d98e6b2daad8672f587b4f2968072fc":"c4fb7519a19f13d9d1fc":"092e64fef08b5655a86cdb8de63ffaa7772e8730844e9016141af8bad2216246":"cda5fe3d15d00150b99120c7f206b88a4c2c4a39ca9143425603ab284a73a38cc916f8b653c92ab4" CCM encrypt and tag NIST VNT AES-128 #5 (P=24, N=11, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e6ab9e70a4fb51b01c2e262233e64c0d":"ba15916733550d7aa82b2f6b117cd3f54c83ddc16cd0288a":"74e689eb5af9441dd690a6":"42f6518ee0fbe42f28e13b4bb2eb60517b37c9744394d9143393a879c3e107c7":"dcc151443288f35d39ed8fae6f0ce1d1eb656f4f7fd65c0b16f322ce85d7c54e71ac560fd4da9651" CCM encrypt and tag NIST VNT AES-128 #6 (P=24, N=12, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"005e8f4d8e0cbf4e1ceeb5d87a275848":"b6f345204526439daf84998f380dcfb4b4167c959c04ff65":"0ec3ac452b547b9062aac8fa":"2f1821aa57e5278ffd33c17d46615b77363149dbc98470413f6543a6b749f2ca":"9575e16f35da3c88a19c26a7b762044f4d7bbbafeff05d754829e2a7752fa3a14890972884b511d8" CCM encrypt and tag NIST VNT AES-128 #7 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ac87fef3b76e725d66d905625a387e82":"959403e0771c21a416bd03f3898390e90d0a0899f69f9552":"61bf06b9fa5a450d094f3ddcb5":"0245484bcd987787fe97fda6c8ffb6e7058d7b8f7064f27514afaac4048767fd":"cabf8aa613d5357aa3e70173d43f1f202b628a61d18e8b572eb66bb8213a515aa61e5f0945cd57f4" CCM encrypt and tag NIST VNT AES-192 #1 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ceb009aea4454451feadf0e6b36f45555dd04723baa448e8":"c8d275f919e17d7fe69c2a1f58939dfe4d403791b5df1310":"764043c49460b7":"6e80dd7f1badf3a1c9ab25c75f10bde78c23fa0eb8f9aaa53adefbf4cbf78fe4":"8a0f3d8229e48e7487fd95a28ad392c80b3681d4fbc7bbfd2dd6ef1c45d4ccb723dc074414db506d" CCM encrypt and tag NIST VNT AES-192 #2 (P=24, N=8, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1dd56442fa09a42890b1b4274b950770ea8beea2e048193d":"bd92d6744cde446fc8621625658fc4bc00dcb97f06195ad7":"ad749d596d88a4b4":"c67219909828adef64422286008e1e306867a1c0b3da95444507a68b45c953e4":"076cffd0ca978fe2bad411ced45a090abafb22a99896f6a75a1969276aa2b0cdb37ccaf2845dbf6e" CCM encrypt and tag NIST VNT AES-192 #3 (P=24, N=9, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8cc622645065c72d0d2aca75802cf1bbbd81096721627c08":"597b3614ff9cd567afd1aad4e5f52cc3fa4ca32b9b213c55":"cd84acbe9abb6a990a":"447b6f36acdad2d1cfd6e9a92f4055ad90142e61f4a19927caea9dbe634d3208":"2d7fb83e6621eed9073e0386d032c6941bef37b2cf36a4c6c5e36222d17c6fb0631c3f560a3ce4a4" CCM encrypt and tag NIST VNT AES-192 #4 (P=24, N=10, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ab72eef2aba30205c986e2052d6e2c67881d24ae5fceaa8f":"2a794b84fc9e4a7e6d70a82b5141fd132177a86b4e8fc13a":"d7a46e726ed43f1580eb":"baa86f14271b2be7dbb37ddc7c95ce4857e57aa94624d594d7bd6ceeaada8d5f":"2d7f76464417613bb61d3657481346b74fc9d6abc6a3babd39365dce86859cd82395d11bfc8cf188" CCM encrypt and tag NIST VNT AES-192 #5 (P=24, N=11, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"af84c6f302c59aeee6d5728ed5da2e3c64a5a781c52c4d1b":"6db41aeb5f7c24df8929dbc30483b3c7934b3bd1cdce5bb9":"df990c42a268950677c433":"a6ab5d78427f297a4b7e21f1091ff3a5b20caa3fe1cbcb09459d9df596a6c8e1":"8c9328258bf71970d33e23a3ff81cc1c9cbe196a1294264bfd6a7255e4801963bb30a63de3fc5b82" CCM encrypt and tag NIST VNT AES-192 #6 (P=24, N=12, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d49b255aed8be1c02eb6d8ae2bac6dcd7901f1f61df3bbf5":"062eafb0cd09d26e65108c0f56fcc7a305f31c34e0f3a24c":"1af29e721c98e81fb6286370":"64f8a0eee5487a4958a489ed35f1327e2096542c1bdb2134fb942ca91804c274":"721344e2fd05d2ee50713531052d75e4071103ab0436f65f0af2a663da51bac626c9f4128ba5ec0b" CCM encrypt and tag NIST VNT AES-192 #7 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"36ad1e3fb630d1b1fbccfd685f44edd8984427b78deae7a9":"8b9db1c8f9b4892a5654c85467bcffa2e15e28392c938952":"3af625df8be9d7685a842f260e":"308443033ecd4a814475672b814b7c6d813d0ec2a0caeecbcaba18a2840cdb6c":"6bc6890fee299c712fb8d9df9c141f24ee1572b8f15112c2f8c99ccf2d82788cf613a61d60dae458" CCM encrypt and tag NIST VNT AES-256 #1 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"553521a765ab0c3fd203654e9916330e189bdf951feee9b44b10da208fee7acf":"644eb34b9a126e437b5e015eea141ca1a88020f2d5d6cc2c":"aaa23f101647d8":"a355d4c611812e5f9258d7188b3df8851477094ffc2af2cf0c8670db903fbbe0":"27ed90668174ebf8241a3c74b35e1246b6617e4123578f153bdb67062a13ef4e986f5bb3d0bb4307" CCM encrypt and tag NIST VNT AES-256 #2 (P=24, N=8, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"472bf7946bce1d3c6f168f4475e5bb3a67d5df2fa01e64bce8bb6e43a6c8b177":"59eb45bbbeb054b0b97334d53580ce03f699ac2a7e490143":"790134a8db83f2da":"a7a86a4407b7ecebc89434baa65ef173e88bd2dad9899b717ca578867c2d916f":"db4961070f528ccd1a5a0681ee4d0ce3515fb890bccedc2dbc00b1d8b2bc393a8d09e87af7811f55" CCM encrypt and tag NIST VNT AES-256 #3 (P=24, N=9, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"58ae7965a508e8dd2eda69b5d888a28a1cb3783bad55d59d5b0da87137b72e93":"e61bad17640ecff926d0b0238271ee4c9f8e801dd7243e9e":"caa3d928d2bf2b7f2c":"304678b3ffd3200e33a8912bcb556b3cfec53ca17f70ecba00d359f9f51d3e3b":"7bb1137c14cb4d324a4a8f1115c619ebf74927f0bed60a8d5a9140ff50dc4da375c7d2de80de097f" CCM encrypt and tag NIST VNT AES-256 #4 (P=24, N=10, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aecc5e18088bf9fd7b17f089bdd5607b69903b04b726361f8a81e221b1c91891":"d4291c99901345afe29f58912a414a7498f37b44362bdf3c":"c527d309ab29ee91c5fc":"8f9a73e7bc1c11e2919020ba3a404cbddf861e9e78477218e3be2cd4337b278d":"392784a9e0b14bcd37639ec5409d6ead3e75f855e5a92c33ffc040ef3977e0035ce6ea6d157c18d3" CCM encrypt and tag NIST VNT AES-256 #5 (P=24, N=11, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"97bc7482a87ba005475dfa3448f59d4b3f9c4c969d08b39b1b21ef965c0f5125":"b99bf4dc781795fc4d3a8467b06e1665d4e543657f23129f":"0bcf78103ec52d6df28887":"049c10f0cb37ae08eae2d0766563b7c5a8454f841c2061a4f71a0a2158ae6ce5":"0d3891fa0caac1f7ebe41b480920ffd34d4155064c24f3b17a483163dd8f228d1f20cd4f86cf38fd" CCM encrypt and tag NIST VNT AES-256 #6 (P=24, N=12, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d6ff67379a2ead2ca87aa4f29536258f9fb9fc2e91b0ed18e7b9f5df332dd1dc":"98626ffc6c44f13c964e7fcb7d16e988990d6d063d012d33":"2f1d0717a822e20c7cd28f0a":"d50741d34c8564d92f396b97be782923ff3c855ea9757bde419f632c83997630":"50e22db70ac2bab6d6af7059c90d00fbf0fb52eee5eb650e08aca7dec636170f481dcb9fefb85c05" CCM encrypt and tag NIST VNT AES-256 #7 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4a75ff2f66dae2935403cce27e829ad8be98185c73f8bc61d3ce950a83007e11":"205f2a664a8512e18321a91c13ec13b9e6b633228c57cc1e":"46eb390b175e75da6193d7edb6":"282f05f734f249c0535ee396282218b7c4913c39b59ad2a03ffaf5b0e9b0f780":"58f1584f761983bef4d0060746b5d5ee610ecfda31101a7f5460e9b7856d60a5ad9803c0762f8176" CCM encrypt and tag NIST VADT AES-128 #1 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab1123301219c70599b7c373ad4b3ad67b" CCM encrypt and tag NIST VADT AES-128 #2 (P=24, N=13, A=1, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"08b0da255d2083808a1b4d367090bacc":"1b156d7e2bf7c9a25ad91cff7b0b02161cb78ff9162286b0":"777828b13679a9e2ca89568233":"dd":"e8b80af4960d5417c15726406e345c5c46831192b03432eed16b6282283e16602331bcca9d51ce76" CCM encrypt and tag NIST VADT AES-128 #3 (P=24, N=13, A=2, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1538cc03b60880bf3e7d388e29f27739":"e7b819a853ffe79baaa72097ff0d04f02640ae62bcfd3da5":"9e734de325026b5d7128193973":"c93c":"1d8f42f9730424fa27240bd6277f4882604f440324b11b003ca01d874439b4e1f79a26d8c6dc433a" CCM encrypt and tag NIST VADT AES-128 #4 (P=24, N=13, A=3, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f149e41d848f59276cfddd743bafa9a9":"9759e6f21f5a588010f57e6d6eae178d8b20ab59cda66f42":"14b756d66fc51134e203d1c6f9":"f5827e":"f634bf00f1f9f1f93f41049d7f3797b05e805f0b14850f4e78e2a23411147a6187da6818506232ee" CCM encrypt and tag NIST VADT AES-128 #5 (P=24, N=13, A=4, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9a57a22c7f26feff8ca6cceff214e4c2":"035c516776c706a7dd5f181fa6aa891b04dd423042ea0667":"88f30fd2b04fb8ddbce8fc26e6":"a95bdff6":"b92f7ec2ebecebdbd2977b3874e61bf496a382153b2529fc9b6443a35f329b2068916fb6ab8227eb" CCM encrypt and tag NIST VADT AES-128 #6 (P=24, N=13, A=5, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"54caf96ef6d448734700aadab50faf7a":"c69f7c5a50f3e72123371bbfd6bdf532b99ef78500508dfe":"a3803e752ae849c910d8da36af":"5f476348dd":"20c43ad83610880249f1632dd418ec9a5ed333b50e996d1a4e5a32fbe7961b832b722bc07a18595b" CCM encrypt and tag NIST VADT AES-128 #7 (P=24, N=13, A=6, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cc0c084d7de011e2f031616a302e7a31":"15b369889699b6de1fa3ee73e5fe19814e46f129074c965b":"f0b4522847f6f8336fe534a4e7":"da853a27aee2":"f39755d160a64611368a8eccf6fcbc45ef7f1f56240eb19a2e3ca4ec3c776ab58843f617d605fd72" CCM encrypt and tag NIST VADT AES-128 #8 (P=24, N=13, A=7, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d7572ed0e37261efa02f8c83e695efdc":"1edef80c57d17f969f8bde10ab38a1a8811a124de72c526e":"f4f96d7b4384a3930b3d830f82":"922340ec94861f":"de14558cc686e1836f1f121ea1b941a9ebd4f0fb916dc870fd541b988a801cb5751c7faaf5b0c164" CCM encrypt and tag NIST VADT AES-128 #9 (P=24, N=13, A=8, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"98a42d7a0c5917deaf3b4de3f0cbe0a1":"9aa9c8358117564371366beeec923051ef433252197aaad5":"03d33ab0c2df7bfce88b5ee4c4":"2d5438b728b950d9":"9ff942baa60f440c17a78e9581216b9a947a67f04d54911feecfff971fdfaa856310b014aa59c978" CCM encrypt and tag NIST VADT AES-128 #10 (P=24, N=13, A=9, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2a68e3fe746f593c1b97cb637079c3e5":"13b4a874888db0e5d8fd814b5e7e04f7fdfbc1601ccc02bc":"cd62d0f27b7f4864dc7c343acd":"abe4f1d3812bfe3ccf":"032835a3dbf688d09cf2a32a92b101959d33ff47500f92f4fd49840440f866d1a22b0854996111d8" CCM encrypt and tag NIST VADT AES-128 #11 (P=24, N=13, A=10, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"46b067cf9b1a28cf187002e90b14e130":"cc0915194218d4536e467433cd6d79ff1d9eb9ff160ab684":"bad8c03292bf01cfd8d34f860c":"8d65880eddb9fd96d276":"bd56edc015692c6ab9bec493a9893863598414a3d11a6a0f27ecdcb257d0d30491e5bf1aa8f90958" CCM encrypt and tag NIST VADT AES-128 #12 (P=24, N=13, A=11, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e94dac9c90984790a7c0c867536615ff":"4d64461c55eb16bf7b9120f22be349598f2f394da8460dc6":"c19f06f91e645d4199365f18c0":"537038b5357e358a930bd6":"e9fc5004c2359724e1e4411ae6f834ef6bea046d549753c88790c1648f461a31c84e62ea8592a074" CCM encrypt and tag NIST VADT AES-128 #13 (P=24, N=13, A=12, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f6bb5d59b0fa9de0828b115303bf94aa":"011fc50329bfd63a85ebd4f7693363602f1a4147371270b7":"05358f33e1fc6a53ab5a5c98ce":"040b25771239cc2a39446e3c":"4432d7eb42980734d34f19c50cf8abf71ac1b19ed75a727854e5d050a405f755047d09cb0f49546a" CCM encrypt and tag NIST VADT AES-128 #14 (P=24, N=13, A=13, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d1da2e961e78063af8de41865b226873":"8e5fa1a6662a8378cda15697e926841594f2f394fa5a34ab":"03739f5474857006340cce554d":"e3afd091d2b588465872a6300f":"ca0d95e3ff186ad6b88d45fc4079e6b7b4a615e7e8dd5f4742d522cc9dc19c47a4fa0b1528069cf8" CCM encrypt and tag NIST VADT AES-128 #15 (P=24, N=13, A=14, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1eee667267ef10b03624cf9c341e3f75":"798e31cce0a83702a95171fb1162a17b9ce00ec3592ce262":"0630a3eae27e505c61c56e6560":"d24651ef0561282d3e20e834960c":"f3c3e52f1a1ff528a8d3783ee4e75f114e3e6416334815d2d9236d5c5c9319092078411b72c51ba8" CCM encrypt and tag NIST VADT AES-128 #16 (P=24, N=13, A=15, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dbbd26f5d9e970e4e384b2273961be5a":"553714e17a208a2eceb847a4a2d95088388b1ac8d8ca43e0":"0b1eabe504ef4822542e397fec":"477937301c83ba02d50760b603e0ea":"1c80213268bad5402c4dc9b5d836ab7499810d0d8a974716df9a0e986ab2890736423bb3772cec3e" CCM encrypt and tag NIST VADT AES-128 #17 (P=24, N=13, A=16, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"10a7720f2e18f739c26924925af6b670":"e59782a9aea45f467b90e51a0fdf166baba05663def2d8b6":"8c4e7813ab9bce9dafee01c628":"a209941fab710fda38d11c68b13d930f":"e357b1ccdaca6f3506dc45279c2e4c59f5307a5fd6a99cd72341ea8c0785569973f90ee9ee645acc" CCM encrypt and tag NIST VADT AES-128 #18 (P=24, N=13, A=17, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6bffab1f4f4c1ff66b4a669b515b2f8d":"d91b12e8655dd92b1332fc1d71c391c96a17111562d90ba3":"ddb34d5e0140fb96d690e1a2b7":"5cbba9ea778e01af00afb2a934f28c7211":"d302e5b2d5d90433186b804cd7717e2db2f22cdc34fb2942ab30780a2c4f12af8f35350d65284c59" CCM encrypt and tag NIST VADT AES-128 #19 (P=24, N=13, A=18, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ae6136df9ab43631ef143515dacedbe7":"6a493c5ef3769ccc4101dbb2eb36e1e5bbc577a057ce0731":"c5c445792208a50c8e93d64aa3":"e04006b68c83a5dd4ceac3cde238e48895ae":"c7584c0203c2535c5702c6ae93b7cbfb066f4a055c627a180d6d676d11fce907b5c93fa1ed7bff2b" CCM encrypt and tag NIST VADT AES-128 #20 (P=24, N=13, A=19, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f1908328edf2996ebfc9655472ca5ad0":"eede01b08f9a303cdf14c99d7a45732972c6eff2a1db06eb":"4c693364546930b6c5250e2699":"4a3634e5028df97fbe00eb016e8ea4f1918faa":"90c850790b0b380f5aeb2488fdf43c9d5ef1759861e86f6e52570e769629dcc2e568737ba53a1195" CCM encrypt and tag NIST VADT AES-128 #21 (P=24, N=13, A=20, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"61cb8eb792e95d099a1455fb789d8d16":"6ad541695a37c32d73ff6d5f870abd5b0f362a8968c4fce0":"1f37b3e59137f2a60dc09d16ac":"09db3efac9473f713da630ae92c2c8604c61c51e":"e65fcc975865c1499b088b58ba163283085d8ca68dc3b235d89756e5d78753ef22c012ae34b39a20" CCM encrypt and tag NIST VADT AES-128 #22 (P=24, N=13, A=21, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"be1ed49e2cb0caf6b6a0940c58453b93":"a9eec383f63892521e4616fcbadc5485942ffaf4669c43a7":"b78ad129457681fa7346435b97":"161d92c7df1ebb0924719e066e08b95eb4914a5eda":"949be340720c4fdc4adc05cb777dd81a2549628d33fba07e62d2b338a7b34ebd9d85c244c952d681" CCM encrypt and tag NIST VADT AES-128 #23 (P=24, N=13, A=22, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"34ab6fd7f54a2e0276fcb7cf1e203aba":"8d164f598ea141082b1069776fccd87baf6a2563cbdbc9d1":"6091afb62c1a8eed4da5624dd7":"1ab5cc3d7b01dc74e6cf838bb565fea3187d33d552a2":"0d30ab07153b5153637969e6bd3539448c541e42b3d432fd7ef14622a9b621d1721b944c60f7fd67" CCM encrypt and tag NIST VADT AES-128 #24 (P=24, N=13, A=23, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ea96f90fbae12a857f5c97e0cba57943":"49db80f22bc267a70e5636dfbc8a21c83d9691fe4b9c3051":"21cc46d9ced1539b0ad946e600":"105258d2f25f62675aee975cfdb668aff833f05b61eb2a":"d2fcc8b7809b5fc07e44083e437d8180157f1782a9ce9f65c7fa9ee2e7cdc1b755258f2212a8a8f4" CCM encrypt and tag NIST VADT AES-128 #25 (P=24, N=13, A=24, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"35b403a15212097085d6e2b77ec3d4f2":"7dd7396db6613eb80909a3b8c0029b624912aabedda0659b":"daa423bf9256c3fcc347a293aa":"d3c0ed74e5f25e4c1e479e1a51182bb018698ec267269149":"5b00cf8a66baa7fe22502ed6f4861af71fa64b550d643f95eee82c19ecba34280604b58d92dacd3f" CCM encrypt and tag NIST VADT AES-128 #26 (P=24, N=13, A=25, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7a459aadb48f1a528edae71fcf698b84":"0b3d947de8632dc8ff752f619ba7c84716fac7a23e101641":"fa4616b715ea898772b0e89dd4":"0c0b4a45df5c3919c1e1669c5af5d398d9545e44307d95c481":"7db9f3f7dc26fc2adf58d4525d26d5601e977de5a7c33911a1138cff7b624f9908b5b4d7e90a824a" CCM encrypt and tag NIST VADT AES-128 #27 (P=24, N=13, A=26, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ca748225057f735f712ecc64791367f0":"e92cd0cb97afe4fb00c4f12e9b9abe1d08db98f49a27f461":"1341a6998eb1f50d4b710a13ac":"5fb96b045f494808c02014f06074bd45b8a8ad12b4cb448ec162":"82b666694232e86e82295beae66ae67d56aceb5d6b1484ceb4a6843ec16078038c10afedc41f5362" CCM encrypt and tag NIST VADT AES-128 #28 (P=24, N=13, A=27, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fdf2b2c7fcb3789b4e90abe607dca2af":"d7aa4efa5d75195a400018bd38f7d8cd53fdffe88df1837f":"a69ddc66e63a3415f21009d53a":"c76846da496ed87b9c0f65c6266c9a822224acde9775efb186a4a5":"150d9a8b78d9c04239d66207a1f95021bbb1b7c70d7c354825d05e5a2e76a90f6fe489fd74cab2a3" CCM encrypt and tag NIST VADT AES-128 #29 (P=24, N=13, A=28, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7d870d7e52d3053c65eefad47764cfeb":"109317556c21c969eda65a94176d7a11462c9ae18a865b6d":"37d888f4aa452d7bf217f5a529":"9610949f6d23d5b1f3989b2f4e524fab4f297a5bec8ddad4f16cb616":"4e6b967b1571c6d7b9e118b112b7ac949a4a175650316a242dd579cb0d201d22c86bbc7fbe47bd0d" CCM encrypt and tag NIST VADT AES-128 #30 (P=24, N=13, A=29, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8fcac40527c0e7ca8eaff265ca12c053":"78d1e96af8cebdcc7e7e2a4ddcfa34f6cf9a24fb85672ad7":"ae9f012fd9af60a400e20b1690":"9ce65598cd1f86afc9aaaf172809570cc306333c25523f863c6d0e0154":"9adb9a95a9379ad795d8d3ffd4e37a045160d6d727f974a6cb3b5151f327e65447e52c7525562c91" CCM encrypt and tag NIST VADT AES-128 #31 (P=24, N=13, A=30, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ddf9f150cc3f1c15e8e773663c5b061c":"79d8841ab83279724ce35e1a8abd4e158168dcf388ab4c3d":"98c5036b7d54da9a1177105600":"20c5ab290e6d97f53c74121951f39ba865b3acc465fa3f0fb8a591622277":"d00d29396ffa9e691290d746527777bf96a851f306d4da0b1816df1e0e82bb7bc8105930ad6a2232" CCM encrypt and tag NIST VADT AES-128 #32 (P=24, N=13, A=31, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b1dc81d116d94f5eced526b37c004b95":"54390715b6e7c7bd51a234db059a51ba030cf22ee00b7277":"97c8f69fb91b17299461fd8d63":"f8b08aa83bed09ca342249b2cf9e2b45a89dcfb8711a120395e455921af481":"cb629994c3418a662a8cde1b5f4d99aa7df66e24c53dc6df11297930fd44c63675b7cca70671ef4d" CCM encrypt and tag NIST VADT AES-128 #33 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5a33980e71e7d67fd6cf171454dc96e5":"a34dfa24847c365291ce1b54bcf8d9a75d861e5133cc3a74":"33ae68ebb8010c6b3da6b9cb29":"eca622a37570df619e10ebb18bebadb2f2b49c4d2b2ff715873bb672e30fc0ff":"7a60fa7ee8859e283cce378fb6b95522ab8b70efcdb0265f7c4b4fa597666b86dd1353e400f28864" CCM encrypt and tag NIST VADT AES-192 #1 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"39f08a2af1d8da6212550639b91fb2573e39a8eb5d801de8":"15b369889699b6de1fa3ee73e5":"":"6342b8700edec97a960eb16e7cb1eb4412fb4e263ddd2206b090155d34a76c8324e5550c3ef426ed" CCM encrypt and tag NIST VADT AES-192 #2 (P=24, N=13, A=1, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9748798c0f3cc766795c8ce0e4c979c1930dfe7faefea84a":"100fa71462277d76ca81f2cfdb3d39d3894b0ca28074a0f0":"cdf4ba655acfe8e2134fa0542f":"67":"36e2415b4f888a6072f260d7e786d803be16f8b9cbee112d7ff74e3b05b7d7c13284573bd3e7e481" CCM encrypt and tag NIST VADT AES-192 #3 (P=24, N=13, A=2, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"393dcac5a28d77297946d7ab471ae03bd303ba3499e2ce26":"262f4ac988812500cb437f52f0c182148e85a0bec67a2736":"fe7329f343f6e726a90b11ae37":"1c8b":"e6d43f822ad168aa9c2e29c07f4592d7bbeb0203f418f3020ecdbc200be353112faf20e2be711908" CCM encrypt and tag NIST VADT AES-192 #4 (P=24, N=13, A=3, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a74abc4347e4be0acb0a73bb8f7d25c35bae13b77f80233a":"6372824bf416cd072a7ad0ae5f9f596c6127520c1b688ab4":"6a850e94940da8781159ba97ef":"a4490e":"b14a07bdc119d87611342c4c6935c5786ff1f9ae2eb49e6191c88a3cb4fbafcb8a4a157d587d7e39" CCM encrypt and tag NIST VADT AES-192 #5 (P=24, N=13, A=4, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"df052e95aea3769a433ce4e4e800b8418649bbe8c6297eb0":"e8c1a89228d8212f75c136bab7923a89f9fea18e781cb836":"ba356d392c3f700f4f2706a4ca":"8ffc0e3d":"66b5d782323925e1bd0a8413a9a5a881356453d5df2cbeb199b2e1e803550dcdde55fd66ecb45edd" CCM encrypt and tag NIST VADT AES-192 #6 (P=24, N=13, A=5, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"16d345606a315ad2406abbcb43cd8cabe948107ba6d17a72":"d3bef460223c81e4579c9d1d463ac5e0881685de1420a411":"d4ef3e9e04f1b7f20ffc5a022e":"a468f08d07":"abb85db49a9b1c8724ecbc734cc8373bd20083cfa4007b1cfe4d3a3bb25f89f692884be230c6035c" CCM encrypt and tag NIST VADT AES-192 #7 (P=24, N=13, A=6, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1c476cfd7dd300d961fd3f24a6fe0e80742b00851676ca63":"6f3938932b5c1280311e892280d8a822a828a0be7fdb1bcd":"e300fc7a5b96806382c35af5b2":"28130f938c45":"df48662fe134e75a85abc2cece2c3b6236c88a70fa792e9beadc9601adf9fbdf4e3e94b395b0a332" CCM encrypt and tag NIST VADT AES-192 #8 (P=24, N=13, A=7, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"79d1e38a70df1cf239be168833dcd0570bc8f37b3aa26c37":"83c24f3a77b83b4ef45277ba90225f3ba1722312f52b1a07":"8229d6d7e9e21fdc789bff5dcf":"076887d2abe900":"19d880f1d959a68f162de243d4a45747ace704613359b27218d1531a066de60a95d2924a6910e990" CCM encrypt and tag NIST VADT AES-192 #9 (P=24, N=13, A=8, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"72e6cebdaf88205c4e74428664bc0d7eb4687a272217b7ca":"54bc7e3c227df4e83252a5848fea12dfdb2d14b9e67c1629":"3820db475c7cb04a0f74d8e449":"f427c47e10c45bb3":"91e7baff2b42af63e26c87ce6991af22422c1f82906858b1721961de5c768f4d19bd3034f44f08d2" CCM encrypt and tag NIST VADT AES-192 #10 (P=24, N=13, A=9, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"39c03a0c8634047b1635348f284d3dc1e752ab40548eb337":"0662e63c88e963d3e0cf2c4653515ae4474a2c78ab0394c0":"9e2ea8eb7f56087ee506925648":"28d157f09a71da80dd":"01dcd4dd3b8c1369518136ce45e8bb9df565b0ad231a887b02ada34addf0aa2f4744ed2e07995491" CCM encrypt and tag NIST VADT AES-192 #11 (P=24, N=13, A=10, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e2a92ffbb0b5eb68cb82687f12449fae5167d375131b0b10":"048c9ba4597c3bb595bfd5048e5e9a1296f30e5c0118b177":"441ad5e1382e083a95224f395d":"2352648299b0413cb2ce":"25247a258e4ac0a988d8def60cc174a9d4578cd5346fb5150c96e8ab8774baa421f39c64a386c418" CCM encrypt and tag NIST VADT AES-192 #12 (P=24, N=13, A=11, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ef1ad3eb0bde7d4728389da2255d1f8a66ecb72e6f2f1ac4":"9f580cc6c62a05ce125c6bec109a48ca527ee26a64b14b68":"8e7d8a44244daa7df2b340993e":"521583c25eb4a3b2e46120":"ff0ff95bcb0bccd5e4aadd77ac6770f5013654eb3c6386fded2c87135861b43a99f258b6938f66e3" CCM encrypt and tag NIST VADT AES-192 #13 (P=24, N=13, A=12, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"44cba20b7204ed85327c9c71c6fea00b47ce7bdde9dea490":"6333bde218b784ccd8370492f7c8c722f8ef143af66d71d7":"f3329154d8908f4e4a5b079992":"f1e0af185180d2eb63e50e37":"b9401a4927b34dc15e9193db00212f85f0c319781ec90e3b4484d93cb422cb564acc63d3d18e169c" CCM encrypt and tag NIST VADT AES-192 #14 (P=24, N=13, A=13, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5f43f3ae38a6165f0f990abe9ee50cd9ad7e847a0a51731":"3726c1aaf85ee8099a7ebd3268700e07d4b3f292c65bba34":"13501aebda19a9bf1b5ffaa42a":"ead4c45ff9db54f9902a6de181":"fd80e88f07dad09eed5569a4f9bb65c42ef426dda40450119503d811701642143013f28ce384d912" CCM encrypt and tag NIST VADT AES-192 #15 (P=24, N=13, A=14, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"13f179aa2a23bc90a85660306394940e9bb226ce3885ec01":"d3b36c6289ad6ae7c5d885fe83d62a76270689ce05fa3b48":"aaa52c63ca1f74a203d08c2078":"5cc924222692979a8e28ab1e0018":"bc4fcef401c2e1d1c335734ff23ea52c3474d2e6f31648a7f58649400ac9e825b038d67f0c2a6f1c" CCM encrypt and tag NIST VADT AES-192 #16 (P=24, N=13, A=15, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c1dfc48273d406a3a7b9176f80b2dc4e9a7f68134bab66d2":"67d9728a88f1fac3af43ed6d634ba902896bd226858697d9":"1ac53ba965cdaeeef7326a37e4":"39ba54a410a58a5d11615a2163cc3b":"360f0fc714994e3b59448b50cdd61d511b4f09e0e5fb5ac826a51fe5b9b598a17eb3da10f936813b" CCM encrypt and tag NIST VADT AES-192 #17 (P=24, N=13, A=16, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d8a662ab8449bd037da0346a24565683a3bbbbd1800e3c1c":"61fdd10938557080191d13dd6c3002dd445d9af988029199":"166fb8d0e110124c09013e0568":"1c1c082eeb5b8548283d50cc2ace1c35":"23c05927502a4ee6e61e4e10552d49b020643eab476eeacc867601fe79a122a7817819655183283e" CCM encrypt and tag NIST VADT AES-192 #18 (P=24, N=13, A=17, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"116f4855121d6aa53e8b8b43a2e23d468c8568c744f49de5":"1bd3b5db392402790be16e8d0a715453928f17f3384c13a7":"924322a3ef0c64412f460a91b2":"03c2d22a3bb08bbb96b2811ce4b1110a83":"ad736402626df0f9393fe4491eb812725ad39d6facf20b5b2f9340b0d48a17ae1cc71d7515e61ee9" CCM encrypt and tag NIST VADT AES-192 #19 (P=24, N=13, A=18, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e67f3ba11282d61fe36e38cab7b559c2fd9cbe8bf7eb5863":"d7a954dae563b93385c02c82e0143b6c17ce3067d8b54120":"a727ed373886dd872859b92ccd":"68d199e8fced02b7aeba31aa94068a25d27a":"c6cfaa1f54d041089bd81f89197e57a53b2880cefc3f9d877e30b2bcc3f1ea9ec2b8f28bf0af4ecf" CCM encrypt and tag NIST VADT AES-192 #20 (P=24, N=13, A=19, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e0a29a2c7840cf9b41de49780b9ee92d646a4bfc5b9da74a":"344dc8b6bd66a1fbbe330a95af5dd2a8783dc264d6a9267d":"fc9fd876b1edded09f70b18824":"36e15baafa0002efbb4bb26503b7e3b79f6c68":"43b3b96aa5a54378f3bb573ffda3e154aa7f425fc3008175b60a77b9d38740356b544b1c0f259086" CCM encrypt and tag NIST VADT AES-192 #21 (P=24, N=13, A=20, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26d0a3a8509d97f81379d21981fe1a02c579121ab7356ca0":"37ab2a0b7b69942278e21032fc83eba6cdc34f5285a8b711":"8015c0f07a7acd4b1cbdd21b54":"093ed26ada5628cfb8cfc1391526b3bcc4af97d9":"a3a60b422eb070b499cf6da0a404b13a05cedda549c6b93e6ca0e07e04674f21a46df2659a5905fb" CCM encrypt and tag NIST VADT AES-192 #22 (P=24, N=13, A=21, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aac60835c309d837aacc635931af95702a4784c214283ebb":"e8610756528f75607b83926597ef515f4b32a8386437e6d4":"0e20602d4dc38baa1ebf94ded5":"796e55fbe7bed46d025599c258964a99574c523f6a":"e0a3d5f43e688ce104f4ae1a4fcd85500aa6b8fdbcd1b8d3003c0c3b7369e79339433e1754c0937f" CCM encrypt and tag NIST VADT AES-192 #23 (P=24, N=13, A=22, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"671544bf2988056f7f9ccd526861391a27233793a23f811f":"576b069ae2713f53d2924c1fd68f786cb2eec68892f9e1be":"0a259148a1d081e0df381ecd0c":"61dafc237cb52f83ab773ba8a885462b6f77d4924611":"ce06b3d09b02921f290544032a081a7766612940048867281bb089af0245792c16e6320cf5ffa19e" CCM encrypt and tag NIST VADT AES-192 #24 (P=24, N=13, A=23, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"90e2c63b6e5394b1aeec03f95a9d13a01a7d4e9d58610786":"44dd098b1f869d670a8a841900c4bef023a1946a0c278354":"dada5465eb9b7229807a39e557":"f5629ca0eea589f6cf963d875a7d2efb656983f2dd2231":"6b38ca85450e05e7b9362ed7e6e291a130ff233b5a561cdef7ec84dd992fdf98514f845dac8f656e" CCM encrypt and tag NIST VADT AES-192 #25 (P=24, N=13, A=24, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"13cdaaa4f5721c6d7e709cc048063cfb8b9d92e6425903e6":"d7c837971b973f5f651102bf8d032e7dcd10e306739a0d6c":"f97b532259babac5322e9d9a79":"ad6622279832502839a82348486d42e9b38626e8f06317c4":"4709600418f2839841e6d126359f6982bdb53acc7ff209635623d15b24184481eadc63bb8c878fc4" CCM encrypt and tag NIST VADT AES-192 #26 (P=24, N=13, A=25, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"90851933d4d3257137984cdb9cba2ca737322dac4dbd64bc":"ba1785a149cb8b69a4e011c11a3ff06f6d7218f525ac81b5":"be02df3a840322df8d448c600c":"69a9dd9ac8be489c3a3f7f070bdaca10699171f66ab3da9351":"89ab2efefa8406336d9e2245199fbc9454f0ef650b9ed0f446c7246bd3130803bf8d703ef5bdf15c" CCM encrypt and tag NIST VADT AES-192 #27 (P=24, N=13, A=26, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5c5d02c93faa74a848e5046fc52f236049e28cd8096dcac6":"b4da43ebfe9396b68f4689fba8837c68d0064841c6ddd4a7":"54cbf2889437673b8875a0f567":"09fc21ac4a1f43de29621cacf3ad84e055c6b220721af7ce33bb":"d40725397229021a18f3481e3a85f70445557bb2a85e4ae8101a34c777e918e16186fda05a386572" CCM encrypt and tag NIST VADT AES-192 #28 (P=24, N=13, A=27, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0234dae5bd7ae66c67ff0c1a3f1a191a0d7bceb451bc2b7d":"0f960a89a7e806f8709047cb7a2e7c4211ad724692c88a05":"16d345606a315ad2406abbcb43":"c37fdf7449fd7e943595d75e977089c623be0a3926e63fdbbfdf4a":"3907880d25f910eab12dd14e704d1b33ea7c453634d54da2a461f44dac1112ae3f9c65671a931d3e" CCM encrypt and tag NIST VADT AES-192 #29 (P=24, N=13, A=28, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6351a67fd6daabd2fd49ee944dd41dd37301f958dd17fcc3":"0c0663dd69ccbffbbd0c8c2e9473d0354451ae7a20fa3695":"b8d517b033754058128d13d11a":"511c6924fa96db716f6b053b7a48aebdc1504145a56cd02d6be2590d":"19f2745df5007619c79c84d174e4521b942776478a0601d982c560fede4741e2fd3b54b3a48f3e38" CCM encrypt and tag NIST VADT AES-192 #30 (P=24, N=13, A=29, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9a5a9560baed3b8e0e90b92655d4e5f33889e5d7253d9f6c":"5bbe9c1fb2563e3e82999fe097b28da4dc6ff2e020f3b4f3":"c0049382cdd8646756d4e6bff5":"c95a86d52088a8b0107cc5b437a8938b2c9e74e46e2e03bb9bceecdbe3":"6d5401db42b5c48b79203b6ad82806d7460ac4c82ad0809b811020480e834f6fe55900a162a4e61a" CCM encrypt and tag NIST VADT AES-192 #31 (P=24, N=13, A=30, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3e61094c80df0053e86d43fccf4e1d3ee2cdb862d3237b0a":"1fada8f4c7daea0d1c370184c169485b80a278708ed41451":"63f00b2488809fdc49ca5f05d5":"a08763ca936abdeece06467bef8c3c47c3a473636a039d4db540c867d3e3":"680dd22f16a1290bde42c9792dfa997aed24d5bd2265b6e095aa6b99d3f894d3790c2aa2dae1ba2c" CCM encrypt and tag NIST VADT AES-192 #32 (P=24, N=13, A=31, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5664dd6ed435df006052f6ded74bb7ce9482ca9229886f7":"0b6de49b530703affc94010c2b793ddc6de0c44d48037ff2":"7a1649896f3e030c18f0205599":"c5f1a26351e53e6509c8bbbed03c42c23ad81c65fccec7ffa1cb494c7f1fc4":"56b02fea595cc24e798691ae905be3d466ca68ca744005dba260b5ea3b047020b73b5bafa17e5084" CCM encrypt and tag NIST VADT AES-192 #33 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"50925853a84a33ff392154e4e737efc18dcfc98f4d5235a9":"718f061e8b972a3adcf465d66c5b28e8661f080127f6722f":"809343e986f6ff47f54d4cac22":"d70aef3532bdc5293a3ebb11589ac1f801c9f93ea0d656e1d04068facf9f768b":"bad3b0e6772e9c4c9c631c095e259d99692292932efb72b8966e91a19617bb748f3495aa433585bb" CCM encrypt and tag NIST VADT AES-256 #1 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886df3ba3e6da3a1389":"30d56ff2a25b83fee791110fcaea48e41db7c7f098a81000":"72a60f345a1978fb40f28a2fa4":"":"55f068c0bbba8b598013dd1841fd740fda2902322148ab5e935753e601b79db4ae730b6ae3500731" CCM encrypt and tag NIST VADT AES-256 #2 (P=24, N=13, A=1, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a4490ed6ab51dbfccd6f3702a857575dad44da3a27eaf31178abc97da60d1e4b":"1b5cc6b1651dec4bbbf5130343852e971c7ff1774100d9be":"26ceaf6e3b28190a17c4f0c378":"9e":"789bce069a725a96c484e64a9e54dcb7a7c268c85df47815a462ff2dd8ba44a381e1f6edab12b5a9" CCM encrypt and tag NIST VADT AES-256 #3 (P=24, N=13, A=2, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"df594db94ef8eca56a417afe946085eaed444c7cc648d07d58132e6cb5bc2bc3":"f4d7978fad36223623ccb5bb18a7373cba8a6e3b1c921259":"c1ad812bf2bbb2cdaee4636ee7":"c0c3":"bea778540a90033b2c0d087e3cc447711ea25f7eea96855506ec97f23bd6ea97834f92f7263c3195" CCM encrypt and tag NIST VADT AES-256 #4 (P=24, N=13, A=3, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d98193ab2a465e3fcd85651aaeca18b8e91489b73b7c7e93b518c4b5b81fc6ac":"edba7d6312144e90ec9eaace7576045a46e553dcb8ee5a98":"2247dc7e2674e9e0a63fe70613":"4dc2f4":"44b9ea727c847336fd739ad11f4b906b292edb810462f06ef59626ad5cdac2e4d4cb07b538a1fd8f" CCM encrypt and tag NIST VADT AES-256 #5 (P=24, N=13, A=4, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"45c8afd7373cb0f6b092af3a633d9fd97c4ca378e19d75f9b74d089429726c29":"0b92adbb251dc29a67f0bb97f8e7160862b6c4e843d07fd9":"fdb1fa230ae0b172ff98fc7496":"270981af":"274e2faea3271ea6fa0494c1951f115b5491a893056c3ee4c76fc350e585277e373e9119bf9595cb" CCM encrypt and tag NIST VADT AES-256 #6 (P=24, N=13, A=5, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a2e6bf39efd1ceddc92b4333ed92d65efeea6c031ca345adb93a7770a8039bcd":"d822f84b023f12ea9e3ce16b904278e4aaab5e11c2c23f3f":"693cbb46bc8366086ec7cd7776":"3ba11282d6":"9f91fd2f6472e33b02b1eabb9d6655729d44c44dad6b3883fe0667bcc5806b225224b04ade8b21c1" CCM encrypt and tag NIST VADT AES-256 #7 (P=24, N=13, A=6, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c5a850167a5bfdf56636ce9e56e2952855504e35cc4f5d24ee5e168853be82d8":"e758796d7db73bccb1697c42df691ac57974b40ca9186a43":"c45b165477e8bfa9ca3a1cd3ca":"4759557e9bab":"93ad58bd5f4f77ac4f92b0ae16c62489e4074c7f152e2ed8a88179e0d32f4928eff13b4ce2873338" CCM encrypt and tag NIST VADT AES-256 #8 (P=24, N=13, A=7, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ae8f93c3efe38e2af07e256961dd33028faa0716e5320a7ab319a10d2f4c5548":"bc9ca92a9c9919e39095d3e53fb148694620ae61227e0069":"6333bde218b784ccd8370492f7":"0b1fabdf2a4107":"45811b0c8f754bf03950e520cd4afc81c2e3eb8a11f4fd386d5a6e4b1fbee15d35939c721004502e" CCM encrypt and tag NIST VADT AES-256 #9 (P=24, N=13, A=8, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"548c2d1eb7d91e003633d4d9ff199e4a8447180edd89ac7867d25a1db288b5ce":"49fd5cbe4aff89dc3b8718f9ce545d612cbbebb289ecbf42":"23b205bd6ff8ed0bab0c98999c":"a6601111cd92c943":"3cfc6211e359ae322802fc9566f377b0dfe17d1dfe0878ebf2a9047e37cc0be1fab0006af8db8dc4" CCM encrypt and tag NIST VADT AES-256 #10 (P=24, N=13, A=9, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aab793e377a12484dbdd74c9b3a85c74c286e1cc498663fbd7c718b5633bb91a":"7c0889854658d3408c5d8043aad2f4ae4a89449a36f8a3b8":"10022cddb323e88b3c08f95a0f":"82b8c736037ce2f2e8":"1044250f58857c69f72b5d3454d43949e5c02b3822970b280de1a3f7fc5d06cc30f06075f5504ed7" CCM encrypt and tag NIST VADT AES-256 #11 (P=24, N=13, A=10, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"06ac39896073a44283611a66ccab067e2dd2faa8da82ff9a45bb29e54d2e6e77":"3216dce3b8b1ce0e79e40fffcac728ab191aaaf319d971d3":"6c7942c9819cf69b817bfcdb0a":"215e2a6c24325340fdec":"c5b3b50ed8a7b7b96b02ba9464b6a2ff80e90548605699a63d70e6dffb31a376a1eb7f94526dca48" CCM encrypt and tag NIST VADT AES-256 #12 (P=24, N=13, A=11, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"50412c6444bcf9829506ab019e98234af1541061557412740bc120b456052763":"6cdbd63f6d591f59776f828533b28e2453a214d1d0dd8a39":"85684f94c3702c5d870310166d":"f706a3e09df95d3e21d2e0":"8c8b4ae854a5d5c265b25e3b54bded9444cc454b3e0e6a24d6c05eaf406a5ebd578e19edd5227380" CCM encrypt and tag NIST VADT AES-256 #13 (P=24, N=13, A=12, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8a56588fe5e125237b6cdc30f940b8d88b2863ec501a0cb00b1abade1b5ce0ed":"c825952293e434ea866db558aaf486ef09a92bf366988f71":"d80210b9f9776ea36dc0e0a787":"e4296d1c8cf4ffc4b2635135":"b8b3b15fdf6a4a0b5abc313afc769e4e8413bd887552583ede3ed995d1b70561c8e28a7b1a7e3dc8" CCM encrypt and tag NIST VADT AES-256 #14 (P=24, N=13, A=13, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a4cc7e1c90f8684e6a5f95e6898ab4e3c194cb46e196d8228062b9f3fa744930":"10d4cff95ef490923c9e0906880729d4d05412e7675cce76":"cdc2712e51c7f333d6bad78eee":"569c56b27268d3db54e728aac0":"be3ce3e9dc72499839a98ae52abb17415e8547687e8a3c7b8aaaac20d4c9276f2851cbba2b04d185" CCM encrypt and tag NIST VADT AES-256 #15 (P=24, N=13, A=14, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"347e12eec56e95aafcc7d25bf10fc756b4e42bc2e43da7f97df24331f27f1f5c":"ca88dddfc876a12f45f19562bc9ca250f43267ab251a7f34":"b8d517b033754058128d13d11a":"511c6924fa96db716f6b053b7a48":"eeedcfa8f5b5b48c1d7e277526eecb7294213b9f5785167ae949b93003dfe63c95c1d49edfb4de3f" CCM encrypt and tag NIST VADT AES-256 #16 (P=24, N=13, A=15, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"520902aa27c16dee112812b2e685aa203aeb8b8633bd1bfc99728a482d96c1fe":"533fee7d2c7740db55770e48cb1b541d990ea3f8f08ed1a6":"ddf50502f414c1bf24888f1328":"22b4f8f1aac02a9b2ef785d0ff6f93":"fc867b319e0e4ab45ec518a1b5dcec4f29982173f3abfd4d8a8f8d14d2bdac84c3737cfbd75b7c0b" CCM encrypt and tag NIST VADT AES-256 #17 (P=24, N=13, A=16, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"57da1c2704219ed59abfdf04743a9a93c87a63d471818de0f1564b2db6421562":"ddc3c1aa73fb6de92bb4db138e26f3c2e0543ab4f5924871":"4b60a47b7e90f622fa0bf803e1":"0ae8c012ff39753510df3ee80707e4e2":"daa8256d4753fdf9cfef876295badaba89b45cc497f54d220ec2c6fb687753bca4580adc6aa2f296" CCM encrypt and tag NIST VADT AES-256 #18 (P=24, N=13, A=17, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9267ebc99ccf648b146cba3c251187e24a9947d806ceb0ced6894211641a1e0d":"967daf12f16f166b7b5038f83a1cf0b980f5abf4c7746f2a":"9b7298950280e8762ecdc9bbe4":"5824689453bc406bf891b85e4576e38fe8":"7cfe2a7a54306eb8d8a63d3d1ae86794f9a2c22198b2cb4f10ca926f1a430c08c12e23db3d913e93" CCM encrypt and tag NIST VADT AES-256 #19 (P=24, N=13, A=18, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7a855e1690ee638de01db43b37401dcd569c1ae03dc73dd0a917d0cadb5abc29":"33ae68ebb8010c6b3da6b9cb29fe9f8bd09b59ec39f4ce4b":"8f160a873a1166c8b32bccbba7":"72674aca7eba2fc0eeafbd143c2c4d8aa6c8":"b22afdf4f12c43ec23e01ac1215a3f5286059211207e957057e9a9203da74387a9468f8af5e27547" CCM encrypt and tag NIST VADT AES-256 #20 (P=24, N=13, A=19, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0ebdc6ddb4c502725dd6ee8da95d56a0d1044b4694d6ba8475a4434f23a8474f":"c7360282c85484a5a33ab1c68dd70873ab4e74ffd4a62cd5":"fb717a8c82114477253acc14f6":"41e9d65632f74f449a6842d5e6c4a86ef83791":"2e961b3a2fa1609a4e6fd04bff6ac5e306ae2638706f997b42be2e2ba05c54b619850db5c9d684fe" CCM encrypt and tag NIST VADT AES-256 #21 (P=24, N=13, A=20, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ff64bbec197a63315c2f328dcb4837d0cdc21a5d6f89ff1d97cb51195330cd8":"4a17522da707b4b2587a0ae367a2cd2831bb593a18ef442a":"a235f8ee3de9896b71910ac02c":"2b411bea57b51d10a4d2fb17ef0f204aa53cf112":"1bf122798bd8ee8e73391d589bd046a294d1615794e69cb9e6f3ba30143acbc3a1c1c6ec74333107" CCM encrypt and tag NIST VADT AES-256 #22 (P=24, N=13, A=21, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"24e9f08a9a007f9976919e10dc432002e2e078a339677f00105c72ed35633a3f":"d3416a81b4246eb0bf8119a72a886bbc0ac9449c69f71d2f":"15977424eeec0ec7f647e6c798":"2d838eb51a4bc69a001a18adf2084a680f02a3c5fc":"e001a8fae390dc5d672cdd18f86a1f728158ec83a002050def9af5679edbcbb7db20ab6af30698db" CCM encrypt and tag NIST VADT AES-256 #23 (P=24, N=13, A=22, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0ec1b22b8df05dc92135d2dfbefed8ea81458f5ea1b801e8a218faf6cbdf1a79":"2f59d94d4ab8eeb84c2a6fefb7fb0a3ac059c1e1a65ae34a":"97ebcb8575bb58260208d5c227":"a2f6337f86dd00d1a58448851e95d8c9bace4a5c8710":"7ca0b1dbe34b0391e524b868b0af08b3e096917664d6aa2cabc1f9d0132394149c9062b74b82f04b" CCM encrypt and tag NIST VADT AES-256 #24 (P=24, N=13, A=23, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0875020959ed969cfb38636d1d5aabce9658b00171a7614ea9e5395331c7659c":"065ef9eeafbe077c1c7049f43eb0d8999708e8609f214d5c":"451101250ec6f26652249d59dc":"7cc9c51b69f98a06391ab32742fb6365e15106c811fe8a":"990065322a438e136860f7b019807e9feff52a642bf3d44a9163fa7a867f04cab6f52dc250070f31" CCM encrypt and tag NIST VADT AES-256 #25 (P=24, N=13, A=24, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ef4c1d2314e671f666cc6667660f1438a293208c7cc29b412d81277f0a635c91":"c99c3e79125b6fd95e737326a842424eb6c6ecea4c0475c4":"50b23b052922366c25dd40e348":"cd0522ebe1fed82465277d1c10ae9316a98b4469be63b180":"76df4be4ec8373864399acda11294b220b9f7c3a7d2b3660b25764e40ac6a171e7e6bab4fdee4288" CCM encrypt and tag NIST VADT AES-256 #26 (P=24, N=13, A=25, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8544808e8fbf8c3a5e1d4ca751d4b603af9fe119eabc6923205815e0e748b7e7":"617d54fc6a23601c79e3984f93bfc2d151fde420863206b3":"b44a58724596b4d8dea827c1a0":"f5b2c88f5232c37273b1e66aa31cfa7201e33c21d60054d025":"57b3414db48982c6567265e1e0173bf38fdfaffe4461fbebc1411af83237c0f9eb0bfe8ed914da66" CCM encrypt and tag NIST VADT AES-256 #27 (P=24, N=13, A=26, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e19eaddd9f1574447e7e6525f7fd67e3b42807e44fbb60e75d8c3e98abc18361":"b3b0de10b7c0996662f1b064e04e528b7d85ca1166985d33":"a8c459ce0223358826fb1ec0f0":"ef88f4393d6c1e7b7be55a12144209ee051bb779e440432721ef":"d63e6082c95c6c5ff2bc0771321a4f883ef61cff7b99e0ea8a20a1abe7c842ebc08c8c81a2743c81" CCM encrypt and tag NIST VADT AES-256 #28 (P=24, N=13, A=27, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9498f02e50487cfbda1ce6459e241233bd4c4cb10281dcb51915dbc7fb6545c0":"0d16cc69caa9f19b88b05e151b3d26accd018ca4a5786a80":"e3bd4bc3a60cddd26c20aa8636":"70cfcb828d483216b46c3cd22e2f9ee879e9e3059b566179b6e16c":"f1c4bedb8d6f91676881daa37656a7e6402f472735b04a0f1f8332f4236437737438e7aa1b5100c7" CCM encrypt and tag NIST VADT AES-256 #29 (P=24, N=13, A=28, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3ac7d5bc4698c021e49a685cd71057e09821633957d1d59c3c30cbc3f2d1dbf8":"89198d3acc39b950f0d411119c478c60b2422ffe7e26e00b":"54c8ff5459702aac058bb3be04":"ecbd7091732e49c0f4bda2e63235ea43bbf8c8730f955f9c049dd1ec":"7717b8e4447afcea1eeebf3e39ffdab2f52828e7931ef27e475acd27900478f09fec1f479ab3a7c8" CCM encrypt and tag NIST VADT AES-256 #30 (P=24, N=13, A=29, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"948882c3667caa81c9b900996e3d591e6fcb3d08333eeb29911e9c6338710c17":"8b9130b0c3c15366831bbb19f377e3209a8dbf7619cd09bd":"43b0aca2f0a9030f90559fa6d3":"a516ca8405e5c8854e667921b5c5e1968bdd052915b55ac9984b7eefb3":"4646b2acdeb11174171da23999cd54e297daa32bbc13d30512e57c576b315f48c11877178389aaa0" CCM encrypt and tag NIST VADT AES-256 #31 (P=24, N=13, A=30, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3bf52cc5ee86b9a0190f390a5c0366a560b557000dbe5115fd9ee11630a62769":"094b538110495e938b08cf748a6bcf3e0c80ff9c66570237":"f9fbd02f28ecc929d369182752":"ebf0b3e3199a5c3773c761c725c7600add5f9d8321c9f8e5e5fd1c7a5d2f":"4d8b53016fc8bc9677184c0fa15bbd3d671b9366d82ecb67f8562eadcdcbcdbad1299bea1523f5d2" CCM encrypt and tag NIST VADT AES-256 #32 (P=24, N=13, A=31, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e45bb1730d0d539aab3805350ac986540de9f0f6c239ee70395c291397b70309":"bc8b3bc48c7a88c9fafde258b6ccaa9d4f0d018703d63871":"d5c7824af715bb7822b6b340fe":"860f4a09ad8b3d345c2aa18ffb803f0bc3b734a4d047a1437701a5e3d95288":"95f083ad6bbaee6ab540fe023858f8baf25e333fd3e89c00e678a392d228b210dc5c991905dacf3f" CCM encrypt and tag NIST VADT AES-256 #33 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e6e34070caf1b8820ed39edfa83459abe1c15a1827f1c39f7ac316c4c27910f":"771a7baa9cf83aa253349f6475d5e74dba4525307b022ba7":"c49ccef869bb86d21932cb443b":"d37e35d7cdccd9824a1ae4c787819735e4af798a3beb49d4705336d6496853ad":"eebac2475004970071dfa2cfb855c4e78b1add8dcbccfc0bd6b14027324b657a56263df148665393" CCM auth decrypt tag NIST DVPT AES-128 #1 (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4ae701103c63deca5b5a3939d7d05992":"02209f55":"5a8aa485c316e9":"":4:0:"" CCM auth decrypt tag NIST DVPT AES-128 #2 (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4ae701103c63deca5b5a3939d7d05992":"9a04c241":"3796cf51b87266":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #3 (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"75d582db43ce9b13ab4b6f7f14341330":"5a8aa485c316e9":"":16:0:"" CCM auth decrypt tag NIST DVPT AES-128 #4 (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3a65e03af37b81d05acc7ec1bc39deb0":"3796cf51b87266":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #5 (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"90156f3f":"5a8aa485c316e9403aff859fbb":"":4:0:"" CCM auth decrypt tag NIST DVPT AES-128 #6 (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3":"88909016":"a16a2e741f1cd9717285b6d882":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #7 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"fb04dc5a44c6bb000f2440f5154364b4":"5a8aa485c316e9403aff859fbb":"":16:0:"" CCM auth decrypt tag NIST DVPT AES-128 #8 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"5447075bf42a59b91f08064738b015ab":"a16a2e741f1cd9717285b6d882":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #9 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb703e1fa6b":"5a8aa485c316e9":"":4:0:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22" CCM auth decrypt tag NIST DVPT AES-128 #10 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f23e5d81c":"31f8fa25827d48":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #11 (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f2d9a3fbc210595b7b8b1b41523111a8e":"5a8aa485c316e9":"":16:0:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22" CCM auth decrypt tag NIST DVPT AES-128 #12 (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd2463af747cc88a001fa94e060290f209c4":"31f8fa25827d48":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #13 (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134a3e138b9":"5a8aa485c316e9403aff859fbb":"":4:0:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697" CCM auth decrypt tag NIST DVPT AES-128 #14 (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d5243":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654091a5ae9":"49004912fdd7269279b1f06a89":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #15 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb6a9a970b9beb2ac1bd4fd62168f8378a":"5a8aa485c316e9403aff859fbb":"":16:0:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697" CCM auth decrypt tag NIST DVPT AES-128 #16 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065a65666144994bad0c8195bcb4ade1337":"49004912fdd7269279b1f06a89":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #17 (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"782e4318":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:0:"" CCM auth decrypt tag NIST DVPT AES-128 #18 (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe4829":"a04f270a":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #19 (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"41b476013f45e4a781f253a6f3b1e530":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:0:"" CCM auth decrypt tag NIST DVPT AES-128 #20 (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"f9f018fcd125822616083fffebc4c8e6":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #21 (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"9f69f24f":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:0:"" CCM auth decrypt tag NIST DVPT AES-128 #22 (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b":"e17afaa4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #23 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"1859ac36a40a6b28b34266253627797a":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:0:"" CCM auth decrypt tag NIST DVPT AES-128 #24 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"edf8b46eb69ac0044116019dec183072":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #25 (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b338f125fa":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:0:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768" CCM auth decrypt tag NIST DVPT AES-128 #26 (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c7571":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c728a66b69":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #27 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b512cf3a20b7fd7c49e6e79bef475c2906f":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:0:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768" CCM auth decrypt tag NIST DVPT AES-128 #28 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a3081d18ca149d6766bfaccec88f194eb5b":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #29 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"934f893824e880f743d196b22d1f340a52608155087bd28ac25e5329":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:0:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5" CCM auth decrypt tag NIST DVPT AES-128 #30 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728c":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a6559b3b3ee":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-128 #31 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0e":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375c0a458bfcafa3b2609afe0f825cbf503":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:0:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5" CCM auth decrypt tag NIST DVPT AES-128 #32 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0e":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c390042ba8bb5f6798dab01c5afad7306":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #1 (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"9d4b7f3b":"5a8aa485c316e9":"":4:0:"" CCM auth decrypt tag NIST DVPT AES-192 #2 (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"80745de9":"3796cf51b87266":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #3 (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"17223038fa99d53681ca1beabe78d1b4":"5a8aa485c316e9":"":16:0:"" CCM auth decrypt tag NIST DVPT AES-192 #4 (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"d0e1eeef4d2a264536bb1c2c1bde7c35":"3796cf51b87266":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #5 (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"fe69ed84":"5a8aa485c316e9403aff859fbb":"":4:0:"" CCM auth decrypt tag NIST DVPT AES-192 #6 (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"db7ffc82":"a16a2e741f1cd9717285b6d882":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #7 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"5a8aa485c316e9403aff859fbb":"":16:0:"" CCM auth decrypt tag NIST DVPT AES-192 #8 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"38757b3a61a4dc97ca3ab88bf1240695":"a16a2e741f1cd9717285b6d882":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #9 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138cddc93a54":"5a8aa485c316e9":"":4:0:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22" CCM auth decrypt tag NIST DVPT AES-192 #10 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"32b649ab56162e55d4148a1292d6a225a988eb1308298273b6889036":"31f8fa25827d48":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #11 (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8c5a5ebecf7ac8607fe412189e83d9d20":"5a8aa485c316e9":"":16:0:"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22" CCM auth decrypt tag NIST DVPT AES-192 #12 (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6e699f15f14d34dcaf9ba8ed4b877c97d":"31f8fa25827d48":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #13 (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a34fad277":"5a8aa485c316e9403aff859fbb":"":4:0:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697" CCM auth decrypt tag NIST DVPT AES-192 #14 (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5a35df775":"49004912fdd7269279b1f06a89":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #15 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671ea7ade30a07d185692ab0ebdf4c78cf7a":"5a8aa485c316e9403aff859fbb":"":16:0:"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697" CCM auth decrypt tag NIST DVPT AES-192 #16 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312ef042c86363cc05afb98c66e16be8a445":"49004912fdd7269279b1f06a89":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #17 (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"1d089a5f":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:0:"" CCM auth decrypt tag NIST DVPT AES-192 #18 (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"2f46022a":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #19 (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5280a2137fee3deefcfe9b63a1199fb3":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:0:"" CCM auth decrypt tag NIST DVPT AES-192 #20 (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"d40a7318c5f2d82f838c0beeefe0d598":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #21 (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5e0eaebd":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:0:"" CCM auth decrypt tag NIST DVPT AES-192 #22 (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"71b7fc33":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #23 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"d07ccf9fdc3d33aa94cda3d230da707c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:0:"" CCM auth decrypt tag NIST DVPT AES-192 #24 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"65fe32b649dc328c9f531584897e85b3":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #25 (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"9f6ca4af9b159148c889a6584d1183ea26e2614874b0504575dea8d1":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":4:0:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768" CCM auth decrypt tag NIST DVPT AES-192 #26 (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1ebd7965825":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #27 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd14d1d980d6fe0fb44b421992662b97975":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":16:0:"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768" CCM auth decrypt tag NIST DVPT AES-192 #28 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa206603c51d36c826f01384100886198a7f6a3":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #29 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854cccc25e9fce":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":4:0:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5" CCM auth decrypt tag NIST DVPT AES-192 #30 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae98ecedb3e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-192 #31 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f3178464a6f7fa2b76744e8e8d95691cecb8":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":16:0:"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5" CCM auth decrypt tag NIST DVPT AES-192 #32 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c06bd6dc2e6bcc3436cffb969ae900388":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #1 (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"469c90bb":"a544218dadd3c1":"":4:0:"" CCM auth decrypt tag NIST DVPT AES-256 #2 (P=0, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"46a908ed":"d3d5424e20fbec":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #3 (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"8207eb14d33855a52acceed17dbcbf6e":"a544218dadd3c1":"":16:0:"" CCM auth decrypt tag NIST DVPT AES-256 #4 (P=0, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"60f8e127cb4d30db6df0622158cd931d":"d3d5424e20fbec":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #5 (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"8a19a133":"a544218dadd3c10583db49cf39":"":4:0:"" CCM auth decrypt tag NIST DVPT AES-256 #6 (P=0, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"2e317f1b":"3c0e2815d37d844f7ac240ba9d":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #7 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"97e1a8dd4259ccd2e431e057b0397fcf":"a544218dadd3c10583db49cf39":"":16:0:"" CCM auth decrypt tag NIST DVPT AES-256 #8 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"5a9596c511ea6a8671adefc4f2157d8b":"3c0e2815d37d844f7ac240ba9d":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #9 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b722aa8d59":"a544218dadd3c1":"":4:0:"d3d5424e20fbec43ae495353ed830271515ab104f8860c98" CCM auth decrypt tag NIST DVPT AES-256 #10 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a20277d00a75":"bfcda8b5a2d0d2":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #11 (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd374f3bb6db8377ebfc79674858c4f305":"a544218dadd3c1":"":16:0:"d3d5424e20fbec43ae495353ed830271515ab104f8860c98" CCM auth decrypt tag NIST DVPT AES-256 #12 (P=24, N=7, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"afa1fa8e8a70e26b02161150556d604101fdf423f332c3363275f2a4907d51b734fe7238cebbd48f":"bfcda8b5a2d0d2":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #13 (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f4123d14fb3f":"a544218dadd3c10583db49cf39":"":4:0:"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e" CCM auth decrypt tag NIST DVPT AES-256 #14 (P=24, N=13, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d8d0c0099":"894dcaa61008eb8fb052c60d41":"":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #15 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c423a578d179902f912f9ea1afbce1120b3":"a544218dadd3c10583db49cf39":"":16:0:"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e" CCM auth decrypt tag NIST DVPT AES-256 #16 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae769084607b83bd06e6442eac8dacf583cc":"894dcaa61008eb8fb052c60d41":"":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #17 (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"92d00fbe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":4:0:"" CCM auth decrypt tag NIST DVPT AES-256 #18 (P=0, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"9143e5c4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #19 (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"93af11a08379eb37a16aa2837f09d69d":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":16:0:"" CCM auth decrypt tag NIST DVPT AES-256 #20 (P=0, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"d19b0c14ec686a7961ca7c386d125a65":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #21 (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"866d4227":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":4:0:"" CCM auth decrypt tag NIST DVPT AES-256 #22 (P=0, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"94cb1127":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"867b0d87cf6e0f718200a97b4f6d5ad5":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":16:0:"" CCM auth decrypt tag NIST DVPT AES-256 #24 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"677a040d46ee3f2b7838273bdad14f16":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #25 (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc56083ebc7720":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":4:0:"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3" CCM auth decrypt tag NIST DVPT AES-256 #26 (P=24, N=7, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81c44db2c9":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #27 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce1ac68bd42f5ec7fa7e068cc0ecd79c2a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":16:0:"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3" CCM auth decrypt tag NIST DVPT AES-256 #28 (P=24, N=7, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"d543acda712b898cbb27b8f598b2e4438ce587a836e2785147c3338a2400809e739b63ba8227d2f9":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #29 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69ef891339":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":4:0:"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3" CCM auth decrypt tag NIST DVPT AES-256 #30 (P=24, N=13, A=32, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f63d488623":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":4:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM auth decrypt tag NIST DVPT AES-256 #31 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781367f30f2eaad8c063ca50795acd90203":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":16:0:"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3" CCM auth decrypt tag NIST DVPT AES-256 #32 (P=24, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_auth_decrypt:MBEDTLS_CIPHER_ID_AES:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc4b41096dfdbe9cc1ab610f8f3e038d16":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":16:MBEDTLS_ERR_CCM_AUTH_FAILED:"" CCM-Camellia encrypt and tag RFC 5528 #1 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":"00000003020100A0A1A2A3A4A5":"0001020304050607":"BA737185E719310492F38A5F1251DA55FAFBC949848A0DFCAECE746B3DB9AD" CCM-Camellia encrypt and tag RFC 5528 #2 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"00000004030201A0A1A2A3A4A5":"0001020304050607":"5D2564BF8EAFE1D99526EC016D1BF0424CFBD2CD62848F3360B2295DF24283E8" CCM-Camellia encrypt and tag RFC 5528 #3 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20":"00000005040302A0A1A2A3A4A5":"0001020304050607":"81F663D6C7787817F9203608B982AD15DC2BBD87D756F79204F551D6682F23AA46" CCM-Camellia encrypt and tag RFC 5528 #4 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E":"00000006050403A0A1A2A3A4A5":"000102030405060708090A0B":"CAEF1E827211B08F7BD90F08C77288C070A4A08B3A933A63E497A0" CCM-Camellia encrypt and tag RFC 5528 #5 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F":"00000007060504A0A1A2A3A4A5":"000102030405060708090A0B":"2AD3BAD94FC52E92BE438E827C1023B96A8A77258FA17BA7F331DB09" CCM-Camellia encrypt and tag RFC 5528 #6 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F20":"00000008070605A0A1A2A3A4A5":"000102030405060708090A0B":"FEA5480BA53FA8D3C34422AACE4DE67FFA3BB73BABAB36A1EE4FE0FE28" CCM-Camellia encrypt and tag RFC 5528 #7 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":"00000009080706A0A1A2A3A4A5":"0001020304050607":"54532026E54C119A8D36D9EC6E1ED97416C8708C4B5C2CACAFA3BCCF7A4EBF9573" CCM-Camellia encrypt and tag RFC 5528 #8 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"0000000A090807A0A1A2A3A4A5":"0001020304050607":"8AD19B001A87D148F4D92BEF34525CCCE3A63C6512A6F5757388E4913EF14701F441" CCM-Camellia encrypt and tag RFC 5528 #9 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20":"0000000B0A0908A0A1A2A3A4A5":"0001020304050607":"5DB08D62407E6E31D60F9CA2C60474219AC0BE50C0D4A5778794D6E230CD25C9FEBF87" CCM-Camellia encrypt and tag RFC 5528 #10 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E":"0000000C0B0A09A0A1A2A3A4A5":"000102030405060708090A0B":"DB118CCEC1B8761C877CD8963A67D6F3BBBC5CD09299EB11F312F23237" CCM-Camellia encrypt and tag RFC 5528 #11 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F":"0000000D0C0B0AA0A1A2A3A4A5":"000102030405060708090A0B":"7CC83D8DC49103525B483DC5CA7EA9AB812B7056079DAFFADA16CCCF2C4E" CCM-Camellia encrypt and tag RFC 5528 #12 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0C0D0E0F101112131415161718191A1B1C1D1E1F20":"0000000E0D0C0BA0A1A2A3A4A5":"000102030405060708090A0B":"2CD35B8820D23E7AA351B0E92FC79367238B2CC748CBB94C2947793D64AF75" CCM-Camellia encrypt and tag RFC 5528 #13 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"C6B5F3E6CA2311AEF7472B203E735EA561ADB17D56C5A3":"00A970110E1927B160B6A31C1C":"6B7F464507FAE496":"A435D727348DDD22907F7EB8F5FDBB4D939DA6524DB4F64558C02D25B127EE" CCM-Camellia encrypt and tag RFC 5528 #14 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"01F6CE6764C574483BB02E6BBF1E0ABD26A22572B4D80EE7":"0083CD8CE0CB42B160B6A31C1C":"986605B43DF15DE7":"8AE052508FBECA932E346F05E0DC0DFBCF939EAFFA3E587C867D6E1C48703806" CCM-Camellia encrypt and tag RFC 5528 #15 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"CDF1D8406FC2E9014953897005FBFB8BA57276F92404608E08":"005F54950B18F2B160B6A31C1C":"48F2E7E1A7671A51":"08B67EE21C8BF26E473E408599E9C0836D6AF0BB18DF55466CA80878A790476DE5" CCM-Camellia encrypt and tag RFC 5528 #16 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"B005DCFA0B59181426A961685A993D8C43185B":"00EC600863319AB160B6A31C1C":"DE97DF3B8CBD6D8E5030DA4C":"63B78B4967B19EDBB733CD1114F64EB226089368C354828D950CC5" CCM-Camellia encrypt and tag RFC 5528 #17 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"2E20211298105F129D5ED95B93F72D30B2FACCD7":"0060CFF1A31EA1B160B6A31C1C":"A5EE93E457DF05466E782DCF":"0BC6BBE2A8B909F4629EE6DC148DA44410E18AF43147383276F66A9F" CCM-Camellia encrypt and tag RFC 5528 #18 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"2645941E75632D3491AF0FC0C9876C3BE4AA7468C9":"000F85CD995C97B160B6A31C1C":"24AA1BF9A5CD876182A25074":"222AD632FA31D6AF970C345F7E77CA3BD0DC25B340A1A3D31F8D4B44B7" CCM-Camellia encrypt and tag RFC 5528 #19 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"070135A6437C9DB120CD61D8F6C39C3EA125FD95A0D23D":"00C29B2CAAC4CDB160B6A31C1C":"691946B9CA07BE87":"05B8E1B9C49CFD56CF130AA6251DC2ECC06CCC508FE697A0066D57C84BEC182768" CCM-Camellia encrypt and tag RFC 5528 #20 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"C8C0880E6C636E20093DD6594217D2E18877DB264E71A5CC":"002C6B7595EE62B160B6A31C1C":"D0C54ECB84627DC4":"54CEB968DEE23611575EC003DFAA1CD48849BDF5AE2EDB6B7FA775B150ED4383C5A9" CCM-Camellia encrypt and tag RFC 5528 #21 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"F75DAA0710C4E64297794DC2B7D2A20757B1AA4E448002FFAB":"00C53CD4C2AA24B160B6A31C1C":"E285E0E4808CDA3D":"B1404546BF667210CA28E309B39BD6CA7E9FC8285FE698D43CD20A02E0BDCAED2010D3" CCM-Camellia encrypt and tag RFC 5528 #22 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"C238822FAC5F98FF929405B0AD127A4E41854E":"00BEE9267FBADCB160B6A31C1C":"6CAEF9941141570D7C813405":"94C8959C11569A297831A721005857AB61B87A2DEA0936B6EB5F625F5D" CCM-Camellia encrypt and tag RFC 5528 #23 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"4DBF3E774AD245E5D5891F9D1C32A0AE022C85D7":"00DFA8B1245007B160B6A31C1C":"36A52CF16B19A2037AB7011E":"5869E3AAD2447C74E0FC05F9A4EA74577F4DE8CA8924764296AD04119CE7" CCM-Camellia encrypt and tag RFC 5528 #24 -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA mbedtls_ccm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"D75C2778078CA93D971F96FDE720F4CD":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966945F1FCEA7E11BEE6A2F" CCM encrypt, skip ad AES-128 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" CCM* encrypt, skip ad AES-128 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" CCM decrypt, skip ad AES-128 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" CCM* decrypt, skip ad AES-128 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" CCM encrypt, skip ad NIST VADT AES-128 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab":"1123301219c70599b7c373ad4b3ad67b" CCM* encrypt, skip ad NIST VADT AES-128 (P=24, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d24a3d3dde8c84830280cb87abad0bb3":"7c86135ed9c2a515aaae0e9a208133897269220f30870006":"f1100035bb24a8d26004e0e24b":"1faeb0ee2ca2cd52f0aa3966578344f24e69b742c4ab37ab":"1123301219c70599b7c373ad4b3ad67b" CCM decrypt, skip ad NIST DVPT AES-192 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54" CCM* decrypt, skip ad NIST DVPT AES-192 (P=24, N=7, A=0, T=4) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_skip_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":"ddc93a54" CCM encrypt, skip update AES-128 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" CCM decrypt, skip update AES-128 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" CCM* encrypt, skip update AES-128 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" CCM* decrypt, skip update AES-128 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af":"":"eba8347baa6d61f87b67c2dd7c6d2053" CCM encrypt, skip update NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"2ebf60f0969013a54a3dedb19d20f6c8":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880" CCM* encrypt, skip update NIST VPT AES-128 #1 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"2ebf60f0969013a54a3dedb19d20f6c8":"1de8c5e21f9db33123ff870add":"e1de6c6119d7db471136285d10b47a450221b16978569190ef6a22b055295603":"0ead29ef205fbb86d11abe5ed704b880" CCM decrypt, skip update NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5" CCM* decrypt, skip update NIST DVPT AES-256 #23 (P=0, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_skip_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"867b0d87cf6e0f718200a97b4f6d5ad5" CCM encrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM encrypt, incomplete ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM encrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM encrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM encrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM encrypt, incomplete update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM encrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM encrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM decrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM decrypt, incomplete ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM decrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM decrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM decrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM decrypt, incomplete update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16)) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM decrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM decrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM* encrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM* encrypt, incomplete ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM* encrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM* encrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM* encrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM* encrypt, incomplete update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM* encrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM* encrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM* decrypt, overflow ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_overflow_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM* decrypt, incomplete ad NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_ad:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM* decrypt, full ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_full_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM* decrypt, incomplete ad and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_ad_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"a6f73242f2f227350c0277e4e72cdaa6" CCM* decrypt, overflow update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_overflow_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM* decrypt, incomplete update NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_update:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM* decrypt, full update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_full_update_and_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM* decrypt, incomplete update and overflow NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_incomplete_update_overflow:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM encrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98" CCM decrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98" CCM* encrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98" CCM* decrypt, instant finish NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98" CCM encrypt, instant finish AES-128 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af" CCM decrypt, instant finish AES-128 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af" CCM* encrypt, instant finish AES-128 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af" CCM* decrypt, instant finish AES-128 (P=0, N=13, A=0, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_instant_finish:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"54caf96ef6d448734700aadab50faf7a":"a3803e752ae849c910d8da36af" CCM pass unexpected auth data, NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_unexpected_ad::MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM encrypt, unexpected ciphertext/plaintext data, NIST VPT AES-128 #14 (P=13, N=13, A=32, T=16) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_unexpected_text:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_ENCRYPT:"d32088d50df9aba14d9022c870a0cb85":"4b10788c1a03bca656f04f1f98":"e16c69861efc206e85aab1255e":"0eff7d7bcceb873c3203a8df74f4e91b04bd607ec11202f96cfeb99f5bcdb7aa" CCM* encrypt, no auth NIST VADT AES-256 #1 (P=24, N=13) -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_ccm_star_no_tag:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_ENCRYPT:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886df3ba3e6da3a1389":"30d56ff2a25b83fee791110fcaea48e41db7c7f098a81000":"72a60f345a1978fb40f28a2fa4":"55f068c0bbba8b598013dd1841fd740fda2902322148ab5e" CCM* decrypt, no auth NIST DVPT AES-128 #15 (P=24, N=13) -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES mbedtls_ccm_star_no_tag:MBEDTLS_CIPHER_ID_AES:MBEDTLS_CCM_STAR_DECRYPT:"90929a4b0ac65b350ad1591611fe4829":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697" diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 0685e5bd1..9831666c3 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -66,7 +66,7 @@ exit: * END_DEPENDENCIES */ -/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */ +/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_CCM_GCM_CAN_AES */ void mbedtls_ccm_self_test() { BLOCK_CIPHER_PSA_INIT(); @@ -95,7 +95,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_AES_C */ +/* BEGIN_CASE depends_on:MBEDTLS_CCM_GCM_CAN_AES */ void ccm_lengths(int msg_len, int iv_len, int add_len, int tag_len, int res) { mbedtls_ccm_context ctx; diff --git a/tests/suites/test_suite_gcm.aes128_de.data b/tests/suites/test_suite_gcm.aes128_de.data index ede6f243c..a6d5e57bd 100644 --- a/tests/suites/test_suite_gcm.aes128_de.data +++ b/tests/suites/test_suite_gcm.aes128_de.data @@ -1,735 +1,735 @@ AES-GCM NIST Validation (AES-128,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d785dafea3e966731ef6fc6202262584":"":"d91a46205ee94058b3b8403997592dd2":"":128:"3b92a17c1b9c3578a68cffea5a5b6245":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aec963833b9098de1ababc853ab74d96":"":"4e0ffd93beffd732c6f7d6ad606a2d24":"":128:"e9fcedc176dfe587dc61b2011010cdf1":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c4fb9e3393681da9cec5ec96f87c5c31":"":"845e910bc055d895879f62101d08b4c7":"":128:"99fb783c497416e4b6e2a5de7c782057":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2a930f2e09beceacd9919cb76f2ac8d3":"":"340d9af44f6370eff534c653033a785a":"":120:"0c1e5e9c8fe5edfd11f114f3503d63":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe71177e02073b1c407b5724e2263a5e":"":"83c23d20d2a9d4b8f92da96587c96b18":"":120:"43b2ca795420f35f6cb39f5dfa47a2":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b02392fd7f228888c281e59d1eaa15fb":"":"2726344ba8912c737e195424e1e6679e":"":120:"a10b601ca8053536a2af2cc255d2b6":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"21895cbafc16b7b8bf5867e88e0853d4":"":"f987ce1005d9bbd31d2452fb80957753":"":112:"952a7e265830d58a6778d68b9450":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bb9742bf47f68caf64963d7c10a97b0":"":"34a85669de64e1cd44731905fddbcbc5":"":112:"e9b6be928aa77b2de28b480ae74c":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"":"1c53a9fdd23919b036d99560619a9939":"":112:"6611b50d6fbca83047f9f5fe1768":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"82fede79db25f00be96eb050a22cea87":"":"e9c50b517ab26c89b83c1f0cac50162c":"":104:"d0c0ce9db60b77b0e31d05e048":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1d98566fca5201abb12914311a8bd532":"":"590aef4b46a9023405d075edab7e6849":"":104:"a1cfd1a27b341f49eda2ca8305":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3038771820c2e1319f02a74b8a7a0c08":"":"e556d9f07fb69d7e9a644261c80fac92":"":104:"4d2f005d662b6a8787f231c5e1":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0fb7eef50de598d7d8b508d019a30d5a":"":"a2a2617040116c2c7e4236d2d8278213":"":96:"68413c58df7bb5f067197ca0":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8cc58b609204215c8ab4908286e56e5c":"":"fb83ea637279332677b5f68081173e99":"":96:"a2a9160d82739a55d8cd419f":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81a5fd184742a478432963f6477e8f92":"":"da297cbb53b11d7c379e0566299b4d5a":"":96:"200bee49466fdda2f21f0062":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f604ac66d626959e595cbb7b4128e096":"":"269d2a49d533c6bb38008711f38e0b39":"":64:"468200fa4683e8be":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2e308ba7903e925f768c1d00ff3eb623":"":"335acd2aa48a47a37cfe21e491f1b141":"":64:"4872bfd5e2ff55f6":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1304e2a5a3520454a5109df61a67da7a":"":"dbe8b452acf4fa1444c3668e9ee72d26":"":64:"83a0d3440200ca95":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"":"ddf0b695aef5df2b594fcaae72b7e41c":"":32:"2819aedf":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9ab5c8ca905b5fe50461f4a68941144b":"":"96dd3927a96e16123f2e9d6b367d303f":"":32:"6e0c53ef":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5fc7af605721a9cfe61c1ee6a4b3e22":"":"6b757d4055823d1035d01077666037d6":"":32:"e8c09ddd":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"03c0b4a6e508a8490db0d086a82c9db7":"":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":128:"756292d8b4653887edef51679b161812":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b228d3d15219ea9ad5651fce02c8374d":"":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":128:"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"776afcbabedd5577fe660a60f920b536":"":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":128:"a5347d41d93b587240651bcd5230264f":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":120:"2a67ad1471a520fe09a304f0975f31":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2bc73fba942ff105823b5dccf6befb1c":"":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":120:"ebdd7c8e87fe733138a433543542d1":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"356a4c245868243d61756cabe86da887":"":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":120:"ed26080dcb670590613d97d7c47cf4":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dfa7e93aff73600fc552324253066e2c":"":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":112:"6ba5e4dace9a54b50b901d9b73ad":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2ecea80b48d2ecd194a7699aa7d8ccfc":"":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":112:"246a9d37553088b6411ebb62aa16":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d38fee3fd3d6d08224c3c83529a25d08":"":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":112:"803a08700ec86fdeb88f7a388921":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1899b0cbae41d705c6eed3226afb5bc0":"":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":104:"c5d58870fee9ce157f5ec1fa8f":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8b95323d86d02754f4c2874b42ec6eb0":"":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":104:"c4724ff1d2c57295eb733e9cad":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30da555559eb11cf7e0eff9d99e9607d":"":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":104:"3c82272130e17c4a0a007a908e":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ed2ac74af896c5190c271cfa6af02fd2":"":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":96:"db8af7a0d548fc54d9457c73":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0225b73fe5fbbe52f838d873173959d8":"":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":96:"e2c2ce4022c49a95c9ac9026":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"89ca3771a0ef3287568b4ac036120198":"":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":96:"06b2bf62591dc7ec1b814705":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a41a297bd96e224942998fe2192934a1":"":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":64:"49a4917eef61f78e":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a9372c058f42e0a1d019bdb528313919":"":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":64:"b82cd11cd3575c8d":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6302b7338f8fa84195ad9abbacd89b4e":"":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":64:"5222d092e9e8bd6c":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78b5c28d62e4b2097873a1180bd5a3a5":"":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":32:"eae48137":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d84130578070e036c9e3df5b5509473":"":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":32:"79987692":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08428605ab4742a3e8a55354d4764620":"":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":32:"3eb3e3a2":"":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dd358bc3f992f26e81e3a2f3aa2d517":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"d8c750bb443ee1a169dfe97cfe4d855b":"":128:"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"43b5f18227e5c74288dbeff03801acd6":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"08ee12246cf7edb81da3d610f3ebd167":"":128:"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a433c612d7e1bdff881e4d63ba8b141":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8b670cf31f470f79a6c0b79e73863ca1":"":128:"8526fd25daf890e79946a205b698f287":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8e9d75c781d63b29f1816859f7a0e0a0":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"748a3b486b62a164cedcf1bab9325add":"":120:"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe6b8553002c69396d9976bb48d30779":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"595b17d0d76b83780235f5e0c92bd21f":"":120:"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"14898c56009b459172fef9c17993b54f":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"0862f8f87289988711a877d3231d44eb":"":120:"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe5253d4b071793b081ebc122cc2a5f8":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"49e82d86804e196421ec19ddc8541066":"":112:"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b3502d6f0d172246e16503cdf5793296":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"6ce994689ff72f9df62f386a187c1a13":"":112:"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5fb33dd73db309b9dfd3aee605cd94bf":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"3f6486f9e9e645292e0e425bac232268":"":112:"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a958fe3b520081b638d9e4c7d5da7ac7":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"c396109e96afde6f685d3c38aa3c2fae":"":104:"06ca91004be43cf46ed4599e23":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec319fb143eac8215b51541daec268f2":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"8a4684f42a1775b03806574f401cff78":"":104:"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"14a3e69f351ac39b4297749a90c1365c":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"eb1c6c04437aa5a32bcc208bb3c01724":"":104:"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c34827771fc3918d1cee09ba9401b832":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"2379bbd39a1c22bc93b9b9cc45f3840b":"":96:"26e1f6cf0d9e0f36dfd669eb":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b1f9bd2006ec550b7b9913d383200b5d":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"ca28fa6b64bb3b32ef7d211f1c8be759":"":96:"c87aac7ad0e85dbb103c0733":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8b2cef1a92aa0af2b00fb2a99855d5bc":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"08d87b7acee87d884667f6b1e32e34d0":"":96:"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"175c306f8644b0c4b894ae3d0971505e":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"9860268ca2e10974f3726a0e5b9b310f":"":64:"f809105e5fc5b13c":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08c0edcfe342a676ccdc04bdf854b4b0":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"4a7b70753930fe659f8cc38e5833f0c7":"":64:"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"241067a0301edf0f825d793e03383ea1":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"a30994261f48a66bb6c1fc3d69659228":"":64:"36c3b4a732ba75ae":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"03cccb5357bd2848332d1696f2ff90cb":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"e0754022dfb1f813ccaf321558790806":"":32:"c75f0246":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4e5e53c84a05d5a5348bac7b2611cf62":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"47e40543b7d16bc9122c40b106d31d43":"":32:"81eec75d":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c94008bf377f90b7a1c0d2ea38f730c":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"abfe92931a8411a39986b74560a38211":"":32:"47d42e78":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"69eedf3777e594c30e94e9c5e2bce467":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":128:"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"45cc35311eedf0ba093bf901931a7036":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":128:"266a895fc21da5176b44b446d7d1921d":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9edb5231ca4a136b4df4ae22b8588f9f":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":128:"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d5fdcb8f5225090e63fae9b68f92c7cb":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":120:"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"036198cd3a3ab9319684d0f811cf2992":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":120:"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c9fbbff8f25f951ba874dfc5ff38584e":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":120:"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a314ec178da96311e42334a616fb38b":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":112:"1e774647b1ca406e0ed7141a8e1e":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e818372a63b7e2c23b524e29ba752bdb":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":112:"3744262bc76f283964c1c15dc069":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a04f16882ff45816739d1b6697ce8b7":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":112:"fbb37084396394fecd9581741f3c":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"38cf029a4b20607030586cd2d82146e6":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":104:"7b021de5cda915ba58f90ceef4":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cf4d81fc5997c744a572bed71f4ae609":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":104:"0a86142a0af81c8df64ba689f4":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d88ad40b42ead744f1b7a36685658be1":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":104:"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3ce86a212a30e724b4c624057db4e79":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":96:"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a0155360b84420b5bf4fb410ea02f31e":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":96:"ac5addcc10cae6c1345520f1":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"694f621f594d96b16c32254ff06f3f9c":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":96:"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78826a5215a1d5e1b39cad5a06861f8f":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":64:"a724bbb295a02883":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d450f5253251121606e56687952bf2f1":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":64:"6446398aff73ed23":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90a59f6b0abf932311f0b65623c17740":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":64:"dc77c1d7e0902d48":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6be4ef629f0b38194c74f7b66418922d":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":32:"3d8fc6fb":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c50e37244931e8debc12b3d561c83ba2":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":32:"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8531ddb03977383405baf2ee9ca7d64b":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":32:"2fc9de46":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"862dd5b362cfa556ca37e73cff7f4a0e":"":"81530a243655a60d22d9ab40d2520447":"":128:"3b9b2af54e610ed0b3dda96961dd8783":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3452b7bc100c334292e08343f139b9d0":"":"8f92739a30fe4ba24079f5d42753d6ac":"":128:"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"31a0cbaf21b943f8badc939e94eac7eb":"":"d5bb2c4eaec47088230972ae34fcda9c":"":128:"580e728512c8e44fbb3fe2c498e05323":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9e8fca537746e7cbff97f1dcd40a3392":"":"43e9f2bf186b2af8cc022e7c7412d641":"":120:"4465a3f9d9751789bcef5c7c58cbc5":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"35b5854ca83792ad691dbda1a66790fb":"":"cff61cf9b32ea30cf7e3692aa6e74bed":"":120:"726793199df533dd9055b0ac7c939d":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"07259267c1c6a015437a5d8cfa92f9e6":"":"18b9cf2ad7ace6ec1c8366b72878cf20":"":120:"4340f6263f0ba2d82c2eb79cb0cc7e":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa1df8955aa3ef191900b06e7c1b7d46":"":"6928c138c98a4350c318fbdccd3f44ba":"":112:"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c04200ce41ce77d772babb206315ec7d":"":"a885d58f0f38f9ff26d906fa1bfb12f4":"":112:"9ee0d025421f2bf18caf563953fb":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"650df049461be341c3099bd1613dcead":"":"8a4ff6327b49d297248ce2d5bd38afa8":"":112:"13f067ef0d7b448d56e70d282fed":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ee61b5bf5060fcc637dc833926898508":"":"b2dcf21f9ffa4a883044d29f087f9b85":"":104:"9ab1d66666d4dea3cbb5982238":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"01cc56ca7e64db7fbef66236a5c49493":"":"8ea5b63004189792cc040ef18b37e550":"":104:"d685aeb54aa129a21bed17766e":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"134dd72ac8e28ab46720c2f42284a303":"":"c6368e4c0ba0ec90fa7488af9997a4c7":"":104:"4ad9cdf19ff7d7fd7e273efced":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"180c04b2bde6901edcda66085f73ecd9":"":"9193b206beade4cb036f01a9db187cb8":"":96:"530f5e9ed0879ccef3a7b360":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aaac85742a55ffa07e98106d6d6b1004":"":"630cd8ab849253c4da95ac80324ecc28":"":96:"37911820c810e3700c3a9321":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"":"86e6100669929e329a1d258cd3552dc9":"":96:"958d6141f7fb2b2dc7d851a6":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dd756d49fd25380c4026ea03cafc2da":"":"6a6f7e39b0d730ea1670e13d16c12c28":"":64:"872ef05a28da5ea1":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bd8a834b288bdc7578b6c6ab36f5d068":"":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":64:"c5c094e83755f2b6":"":"":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"020d280dbd06939bbb5e6edc6f6d39c6":"":"09aea6f0e57598452719d6f63b6fe5a0":"":64:"05d6c56ba601e85b":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e47f41a27a2722df293c1431badc0f90":"":"227c036fca03171a890806b9fa0c250d":"":32:"86c22189":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9d3e112114b94e26e93d3855d4be26bd":"":"99b98525160c4bb2029da5553ff82b59":"":32:"33bee715":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5b4b7688588125349fbb66004a30d5d4":"":"b4ae363edb529d8b927c051cf21a2d9d":"":32:"6a920617":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":128:"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":128:"c53d01e53ee4a6ea106ea4a66538265e":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0c88b191ce6e8e4a3941f7960b7eae5":"":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":128:"92604d37407aff33f8b677326cbb94fc":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c818dfa0885a09f65ef78712f5ce6609":"":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":120:"20e9a3a98d71d460743e1efaab13c6":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2354c6b6afaa883e7ce91faca4981f8b":"":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":120:"3588c9aa769897dfa328549fbbd10a":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0af48e6aebbb6ff5b7c92bd140b085f":"":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":120:"e6222f068a1e18f09ba6c771eabd86":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a05fe482fe164b2eca7f6c3e377b39d8":"":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":112:"3900bde9fa9ae2cbeee54d04f224":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dacbadf819eb16a63f6f091d13ed04d4":"":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":112:"8988fca83c8cfb1f8feefac46f04":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"969244c7444f3f3bf193b28f8e8e96dc":"":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":112:"a291c7527385f037f62e60fd8a96":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"525abe490c8434802b69439c590a5290":"":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":104:"038c7e95f790e6ca5ce73f9551":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51644e025659de983f5c8156516b812e":"":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":104:"77e3deba2c7f9386f85bc4a801":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"08566ca7310302dfb84d76ea0525ba20":"":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":104:"873f037fc05252a44dc76f8155":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dfb54db96383fa911bf5b4fa1218ef9a":"":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":96:"dada7fc7fed58db462854ef6":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"389cf888474e9403e5f4d0e22ffec439":"":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":96:"92726d90ad26130e65f2beb4":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e55abb2ca36c822bf2a030ac703cb8b4":"":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":96:"65025250343ed8c09b3fceed":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"586114f3b1dc087e1b2739b28c592dfe":"":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":64:"467a815610faeb82":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cbfe806bddb7f06b3826b097550c68f5":"":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":64:"0697ac372a9acafd":"":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"96ce3a095a91effdd91d616f1f02ddcd":"":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":64:"55a0f61032e048f3":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"24ece168c2971cf2b404ea206dc9e29d":"":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":32:"d2b15a23":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d3c3cf993f6740a019e61ce13c29955c":"":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":32:"f2d3a6ff":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5f1e5bd45ee8bb207ebbd730510ff218":"":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":32:"0d6c15da":"":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3997050377cfbb802cc438d973661688":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"c95c84c263bdfd5f1de66e7e616cf3fb":"":128:"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"cee448b48d3506ff3ecc227a87987846":"":128:"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0bc2bde877e881aea512068105694968":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"05f0c34ab2e8e8026b0a23719344b71f":"":128:"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e14f45ba5d1eb52e0412240da5d7b5f9":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":120:"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a64579f3601b0022d357b601cd876ab":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"515efc6d036f95db7df56b1bbec0aff2":"":120:"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1bda4acfd10ab635f357935bb0ab7020":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"48b77c587616ffaa449533a91230b449":"":120:"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d21cf24bc5bd176b4b0fd4c8477bb70d":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"208cb9dced20b18edddb91596e902124":"":112:"7edfb9daf8ca2babcc02537463e9":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d02e2b02170986944487cba8448f998":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"6336077bb83eff1c9ea715de99b372cd":"":112:"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd1ad1de0521d41645d13c97a18f4a20":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"413873a0b063ad039da5513896233286":"":112:"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cb120e9cd718b5119b4a58af0644eff":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"5a7087989bfe2f6eddcb56fde4d72529":"":104:"95d8bd12af8a5ab677309df0fb":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"315b206778c28ed0bfdd6e66088a5c39":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":104:"930750c53effc7b84aa10b2276":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e886de1c907c97e7db8ec80a79df90f8":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"612cacbf33266353d0a29a24532f3c0c":"":104:"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3b936e09a6477f3bd52030a29df5001d":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"f93105be83fa5e315d73acfdcf578de7":"":96:"91b55bb5e3f3f1abcf335db5":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dc9e2095de7b1b48481b56bf6a3604cd":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"9e5268db19a1b51c0496a160ca76f8f7":"":96:"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3f93901fd7cc88db3ba76a158d658c7b":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"7e98de461e6d96c0ce6c8d8b3854cf49":"":96:"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"42289f3d3cd5838e250ef54b128e60d1":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"e557389a216ad724aafdab0180e1892e":"":64:"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d772eabb7f19475665ca2a7e693bcfc":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"0747cbb486a013453fde1ca6abb11dbe":"":64:"8e761ffaea68f967":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fb7fd753ee6eaaf283a42a121dab4e43":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"8164929fb54485377ecccc9b9621af5e":"":64:"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30d757fd73a0fd5fa49159ad0653296d":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"b35b8df0aebd0608517f2830e0e70cd0":"":32:"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d9d3cfd5900de5d5e2109e7721cfeef6":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":32:"2b81e8ce":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"68dc138f19354d73eaa1cf0e79231d74":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"e7147749560f491420a2d893c075bb76":"":32:"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7362c86344e0aefb0cf0d04768f9c05d":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":128:"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"58748bb204ccb7bdafdbf739b6c19a3e":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":128:"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6cc13cbd62428bb8658dd3954fe9181f":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":128:"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"286d3f5080cfe88538571188fbeb2dd5":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":120:"d90d34094d740214dd3de685010ce3":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"726ae113a096769b657f973ea6d2d5dd":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":120:"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"73a9eeda721c6f292e6b399e2647f8a6":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":120:"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90dbda7397d8fc46215a1218a6ffd0d8":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":112:"776d871944159c51b2f5ec1980a6":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0c85174d428fc1c7c89ca5d1b8aaba25":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":112:"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d89f06eb07744d43d44734faf9751d07":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":112:"fcad48076eb03ebe85c6d64f6357":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6150f14dc53f391e815acfabed9f9e20":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":104:"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e8216072ed6fcde0fe0f636b27ed718":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":104:"531a65cc5dfeca671cc64078d1":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1af434b73a1210b08595ffa686079832":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":104:"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"04036d2f5273c6ff5b8364aa595359c9":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":96:"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"59fe44c6e28d025b2ad05e6e867051ab":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":96:"296c4cdaeb94beb2847dc53d":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c314264cee0e6db30ebe9b2f6d4991b2":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":96:"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"26072018bd0bda524b5beb66a622c63e":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":64:"edffe55c60235556":"FAIL":"":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"201751d3da98bd39ff4e5990a56cfea7":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":64:"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bc0dcb5261a641a08e6cb00d23e4deb":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":64:"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"239c15492d6deec979e79236baca4635":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":32:"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"db68a96e216b0dd9945f14b878487e03":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":32:"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"659b9e729d12f68b73fdc2f7260ab114":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":32:"8e5a6a79":"FAIL":"":0 AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 128 bytes, ciphertext updates: 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":0 AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 128 bytes, ciphertext updates: 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":1 AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 128 bytes, ciphertext updates: 2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":2 AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 90 bytes, ciphertext updates: 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"42c6e06f7f07c793864f6033f9022a41":"bd1258f14570dc663f81c31916bcb45490a7df15c95d827fd9e36aaf12f8fc51b8c0bc823faf1cccf9e6d6d3b132e874993325a1a2b1b61f9dacbb4a458de8d25dbf0ba4282d64a06686ddd0f099300b98e91362ffbeb44ebd22ad3c92ee06b230e234f85363642f57d0154aee09ff08d0e560b5728a5db8a18b26438177c45f":"ef675d5e33198af58e72d7f379dd35bd7234aa7a52ae28531ee2e77d6bf30f05c507b8cc72361f11e70017b30c0e374dd283d29c324c67d43d92868485b0ac2cc4e0dfef362df74c927f935d630611fa26c5be9bea49291d3875":"6640b62190bb4a11d4c7b37039bba6fb":0 AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 90 bytes, ciphertext updates: 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"42c6e06f7f07c793864f6033f9022a41":"bd1258f14570dc663f81c31916bcb45490a7df15c95d827fd9e36aaf12f8fc51b8c0bc823faf1cccf9e6d6d3b132e874993325a1a2b1b61f9dacbb4a458de8d25dbf0ba4282d64a06686ddd0f099300b98e91362ffbeb44ebd22ad3c92ee06b230e234f85363642f57d0154aee09ff08d0e560b5728a5db8a18b26438177c45f":"ef675d5e33198af58e72d7f379dd35bd7234aa7a52ae28531ee2e77d6bf30f05c507b8cc72361f11e70017b30c0e374dd283d29c324c67d43d92868485b0ac2cc4e0dfef362df74c927f935d630611fa26c5be9bea49291d3875":"6640b62190bb4a11d4c7b37039bba6fb":1 AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 90 bytes, ciphertext updates: 2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"42c6e06f7f07c793864f6033f9022a41":"bd1258f14570dc663f81c31916bcb45490a7df15c95d827fd9e36aaf12f8fc51b8c0bc823faf1cccf9e6d6d3b132e874993325a1a2b1b61f9dacbb4a458de8d25dbf0ba4282d64a06686ddd0f099300b98e91362ffbeb44ebd22ad3c92ee06b230e234f85363642f57d0154aee09ff08d0e560b5728a5db8a18b26438177c45f":"ef675d5e33198af58e72d7f379dd35bd7234aa7a52ae28531ee2e77d6bf30f05c507b8cc72361f11e70017b30c0e374dd283d29c324c67d43d92868485b0ac2cc4e0dfef362df74c927f935d630611fa26c5be9bea49291d3875":"6640b62190bb4a11d4c7b37039bba6fb":2 AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 128 bytes, AD updates: 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0 AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 128 bytes, AD updates: 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":1 AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 128 bytes, AD updates: 2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":2 AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 51 bytes, AD updates: 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"24168b48b45759c8d4f9b061f0cbc16a":"b8e5ede75254cc4542191c7e7b0319ad81651451b639caf81c81c98301a4a0af70e291a4e35b448917be1e400fc64a22edf32913162558c2591ee3e80f397d73dfbc68b82da49bda9bcbb6aaf26919e21c1773cf51f6c5b71784f47978cc0d593b4be0259ab22b0b48de733a884c50a8c148c495973a8f5f84f2e93755666bf5":"be19c7e3d3e63f73d833c967d8d62f388ab9617a2adebe5abd99b5ec64599c46bc28bc62770e08995b0bbf27089e3e17b80424":"4aec633d4daed9ce76d697c11f66f34e":"cb7f10bda7da8a2569ed1f3b667127a1e0fb197283aa16ab8cddd43186bd126b118e671cab3e325877fe0e79f1863f89122c8f":0 AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 51 bytes, AD updates: 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"24168b48b45759c8d4f9b061f0cbc16a":"b8e5ede75254cc4542191c7e7b0319ad81651451b639caf81c81c98301a4a0af70e291a4e35b448917be1e400fc64a22edf32913162558c2591ee3e80f397d73dfbc68b82da49bda9bcbb6aaf26919e21c1773cf51f6c5b71784f47978cc0d593b4be0259ab22b0b48de733a884c50a8c148c495973a8f5f84f2e93755666bf5":"be19c7e3d3e63f73d833c967d8d62f388ab9617a2adebe5abd99b5ec64599c46bc28bc62770e08995b0bbf27089e3e17b80424":"4aec633d4daed9ce76d697c11f66f34e":"cb7f10bda7da8a2569ed1f3b667127a1e0fb197283aa16ab8cddd43186bd126b118e671cab3e325877fe0e79f1863f89122c8f":1 AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 51 bytes, AD updates: 2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"24168b48b45759c8d4f9b061f0cbc16a":"b8e5ede75254cc4542191c7e7b0319ad81651451b639caf81c81c98301a4a0af70e291a4e35b448917be1e400fc64a22edf32913162558c2591ee3e80f397d73dfbc68b82da49bda9bcbb6aaf26919e21c1773cf51f6c5b71784f47978cc0d593b4be0259ab22b0b48de733a884c50a8c148c495973a8f5f84f2e93755666bf5":"be19c7e3d3e63f73d833c967d8d62f388ab9617a2adebe5abd99b5ec64599c46bc28bc62770e08995b0bbf27089e3e17b80424":"4aec633d4daed9ce76d697c11f66f34e":"cb7f10bda7da8a2569ed1f3b667127a1e0fb197283aa16ab8cddd43186bd126b118e671cab3e325877fe0e79f1863f89122c8f":2 AES-GCM NIST - empty AD, empty ciphertext -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_decrypt_and_verify_no_ad_no_cipher:MBEDTLS_CIPHER_ID_AES:"cf063a34d4a9a76c2c86787d3f96db71":"113b9785971864c83b01c787":"72ac8493e3a5228b5d130a69d2510e42" AES-GCM Bad IV (AES-128,128,0,0,32) #0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT AES-GCM, output buffer too small, NIST Validation (AES-128,128,1024,0,128) #0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_update_output_buffer_too_small:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"0dd358bc3f992f26e81e3a2f3aa2d517":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"d8c750bb443ee1a169dfe97cfe4d855b" AES-GCM Selftest -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_selftest: diff --git a/tests/suites/test_suite_gcm.aes128_en.data b/tests/suites/test_suite_gcm.aes128_en.data index a87fb180e..be3b067b3 100644 --- a/tests/suites/test_suite_gcm.aes128_en.data +++ b/tests/suites/test_suite_gcm.aes128_en.data @@ -1,735 +1,735 @@ AES-GCM NIST Validation (AES-128,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1014f74310d1718d1cc8f65f033aaf83":"":"6bb54c9fd83c12f5ba76cc83f7650d2c":"":"":128:"0b6b57db309eff920c8133b8691e0cac":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d874a25f2269e352ccdd83cc2d4e45b7":"":"9717abb9ed114f2760a067279c3821e3":"":"":128:"0e09e53e5fe8d818c5397c51173eda97":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7dab77e23b901c926454f29677eb62d4":"":"8aaec11c4a0f053d7f40badd31a63e27":"":"":128:"cec2e3230d8b762acee527e184e4c0db":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2397f163a0cb50b0e8c85f909b96adc1":"":"97a631f5f6fc928ffce32ee2c92f5e50":"":"":120:"3b74cca7bcdc07c8f8d4818de714f2":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a7adc0d3aacef42397bbca79dd65dbdf":"":"c6d3114c1429e37314683081d484c87c":"":"":120:"d88141d27fe1748919845cfa5934bc":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"10171805d7f7a6d87b64bda57474d7fc":"":"fad65b50c1007c4b0c83c7a6720cacb8":"":"":120:"c3d3f240d3f3da317eae42a238bcc1":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8aaa0c85d214c6c9e9e260e62f695827":"":"84e25c916f38dd6fdb732c0d6d8f86bb":"":"":112:"a774815a2a8432ca891ef4003125":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"def8b6a58b8e582e57700bab4f2a4109":"":"3615439e9fb777439eb814256c894fb2":"":"":112:"537be9c88d3a46845e6cf5f91e11":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5894231d743f79638687c070b60beee1":"":"e34cd13b897d1c9b8011a0e63950c099":"":"":112:"d582c4bc083a8cf1af4d5c2c9b11":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6b25f9cbdc3bcd27fd245a1c411594bc":"":"a6526f8c803b69dd5f59feca1cff78e2":"":"":104:"c7e19e08a09a9c1fa698202890":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b3235422897b6459798a97ddd709db3d":"":"96679e9362f919217d5e64068969d958":"":"":104:"44ed41bda0eb0958d407b7b787":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f65bc795434efba3c5399ed3c99ff045":"":"2e727c19a89cba6f9c04d990245fceed":"":"":104:"64830ed7f772e898800fc9ae2a":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c6c66d50f2f76c4e911b3b17fcdcba1d":"":"77b42158a4ef5dc33039d33631bb0161":"":"":96:"1bce3ba33f73e750ab284d78":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"13558db9b7441c585d381ffc16b32517":"":"addf5dbe0975c5ad321e14dd4bdc2ad2":"":"":96:"f413c3bf125ce5317cd1c6bd":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"74638628b1361c2954ce0ac5456a1155":"":"c5861507c879e6864d7cb1f77cc55cc6":"":"":96:"8a514fdc7835711e4f458199":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7815d22c5c081df9ac2114aaa2c0cbf9":"":"822f83cd9f249dfc204b5957f0b0deab":"":"":64:"aa1f69f5d3bb79e5":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1a847a47823cb9c298e4107c6aaff95c":"":"39348f80c6bc489f9315be7a6fcbb96f":"":"":64:"c3b3f31e56cf4895":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"16e67ea248ea6db08af1d810cb10574e":"":"50386e2075eb15ca3f3e6db6bff01969":"":"":64:"3d4f3b8526a376ae":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26a8301636ba93e7f56309143f184241":"":"c7e32b1d312971bdc344aefaf45461bc":"":"":32:"25f1b41c":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"130a07c467067148da2790f90d73ff32":"":"800b81c9d2ff3a8e15690ffb4117e211":"":"":32:"abcc8d71":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ccfaae59c3196b8c403716424ea601f5":"":"f9b059de0efa4e3f364763d63d098410":"":"":32:"8933444f":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5beefbdd23360f2dd1e6e3c1ddbfebf":"":"81a8494f85be635d71e5663789162494":"f9ebf242b616a42e2057ede3b56b4c27349fed148817a710654de75d1cfc5f6304709b46ef1e2ccb42f877c50f484f8a8c6b0a25cff61d9537c3fd0c69bbc6ef21cbec8986cbc9b6e87963b8d9db91b7134afe69d3d9dec3a76b6c645f9c5528968f27396cc9e989d589369c90bbfefb249e3fa416451bc3d6592cc5feefbd76":"":128:"159a642185e0756d46f1db57af975fa3":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c465aa8fe5d534c912e654f5aaed5857":"":"5c155f7194b0d0a17b9a0c234d609443":"a3f8d705b233b574399f72350b256cb4893e130688913ce3def8e44687688c0352ff987aea35dc53bc95cdb9cdcc6e6eb280265d9a1af38d526392ab63c9b043c1b1b43e18321e84eb7e08884f2463c32b55eb5859fb10918595a724a61cfdf935e4f96d0721612720d46a946487b525779f6ce0abf04fc5608351119b7427d2":"":128:"9595a6d879cd7a949fa08e95d2b76c69":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"744b9e1692d8974d7dec349ebd7fe1e8":"":"62ad4b09fd554e0d6b3937839e693e5b":"6f9978f7078f0030c45caf49128ff72943a208a2398d08d132239f3ab5c184708e4222ec9ccde69dc86d1700c2fe0af939454bbb3962327158557860b6fa492ab8201df262a6209705c7e3129419bce8b827320893c1579ca05b32c81b3963b849428f71fe7528e710557a272117199163a35ebfbaba78f7676f7e566b16311a":"":128:"634f6fe9625be8b1af9f46bcc0fa3162":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"097c059535037c6b358dbb5a68b5f2b1":"":"00caedfa078c27e3d9551e3fb8d98d77":"6c4bde11129a959fcd6a482cb19f5f1c582c042b314f7997b0450242f9e669dc1cbb0a3b7a185bf8b035267e6f03206268008e2b97864d44d6a9c6b1b4b067d623c4b4e9c608042ea9120aed3bee80886352683891496d8980e40b8480c98c2fe08f945aa1ef6007c65220319dd8678184ab54e81083b746ec6441e87a568e0c":"":120:"5075ef45c6326726264703f72badde":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d25db5eca46c16490294423ca0c35660":"":"6f37f15d6c7ea816278ab977c29fa45e":"bd76fd431cea72a288e5d7289c651c93b5f429a54f85249021d6b595eb9ce26e18914a381a6b0299acc3725431b352670f206b731be718a598ec123dce0a2c5ac0aa4641b092e704da9f967b909ca55c2722298365a50dcb5b5ec03a1d0cbb67b8de1e8b06e724af91137e0d98e7dc1e8253887da453cdcbd2eca03deacaabb8":"":120:"00510851e9682213d4124d5517ebaf":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b3c6258a726aff94a7bcc41646c68157":"":"7f5b3315afe5167a7e9061ab8b005588":"0ef3384862c7e00c2912e7fde91345dc3134b5448e6838f41135ba9199c03a7f208887e467563b39a6c1316540c1401e8ff148386c50fcf15724a65d3210b17832d63cdce76bd2b458348332b0b542122a57e381475a59440f280db6e1f4b8d0babfd47e3db11a9ef89cba5f334f0e8e72be30afb2b1ef2df8eb7f8d3da033c4":"":120:"180489039ccf4a86c5f6349fc2235b":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"73cd0a1e2b6e12fbaa7cbace77d5119c":"":"d897681764bcc3b62c26b4aaf407cefa":"8c773e14a906c7deae362d1bf3d7e54c6be4c74c691b7f2d248693b2619219fba6eb5bc45f77af1cf7c05d3dd463158f884fe82290d145135889fd851b86ee282aa20bbdf6af78c7f9db6128b8b99e7f9b270fd222efa18f7aca6932a1024efb72113e812b3f9d2d4ccc7c85f5898ddacccbf1b441cd74097740dd922b57bade":"":112:"d8811a8990191f1e5bd15be84995":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c1dfddafe076d0ceebb0f37bb25bc0b1":"":"29c56db10cea802c19fb6230227ab2bf":"287b73cdc62ce058cdceff8e9af7afc321716f69da9eef60c2de93630ba7d0ed0a9d303cd15521a2647159b8478593f3dd3f5b7c52081e5154e55ccbff371d7e5dfc2d05e14d666a01ec2cc6028aacadfd78dfc73bf639fc4dfa0a0c46415902bbda2443620fa5e0ce4fccf1b8591e3a548f95755102a8438300753ea5f61b9f":"":112:"309fedad1f3b81e51d69e4162e6f":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2c4087ccd28ceda147d2fcfc18579b1e":"":"9cbdd67c79ab46bcbcfa96fa2c3d7e87":"35088d18dff0a9d3929ce087668aae1d364b37a97102f3f43e11950e6ec8296d0c99b00cd1c5dff53d3a38475e7da7b9ee4ce0c6388a95d3f8b036414e4b79cd02b5468cbb277f930e7c92432a609db1effe65f60f1174b58f713e199491f9e0c29ba1f2e43306775d18c1136274af61488a2f932e95eceadfe3fe4b854fe899":"":112:"b7e83207eb313b3ceb2360bc8d4f":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bb66584c8b18f44c11f3bd7180b9b11d":"":"39c82aee03ce0862ff99f8812cdbdcf0":"45ec858e0a5c6d81144ba893e0002818a70e9a19002a5471993077241b3fcfb4fd984f2450803293882d1c7ecb654e611578fe7d258f9a2ca3b5f0c0f0d0ec4828bdeb9299914ff2ac4cc997cf54fa908afdb3eae9f91d67c4637e1f9eb1eae2b3f482ddd5467668bc368b96bbbfc33b9ae2658e4ca43fcf4b66ba2a079d65f1":"":104:"24332fd35a83b1dfb75969819b":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7b2a230c8978d4e38fa5096ddc19d6f5":"":"cd25e744a78af858e825e1fd070324ee":"628baac336862573cee158cd3935c34df3055dadc9c1695e9ea18724f6457f0d1833aab30b85a99e0793e56000de5d6d5cb2327a4cc8bec40cd198459e7b93617713e63bbd15381a066bc44a69c9ad3dfb1984f8b33a9429eda3068d3ac5fbbaaee2b952a486e58d674ffca641d9ec1d102600af11641fd5fff725204e6c34a8":"":104:"68d49d495ff092ca8e5a2c16cb":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"73aa576e1dfad2c993afcc088bd8d62b":"":"712e665a0a83e8ecad97e92afeb35706":"314e5fee776e9d5d2a1fb64ceb78e2c9a560a34724e30da860b5588fe63d50838cb480ff8ac61d7958b470b1bfd4c84799af6cb74c4a331b198204a251e731f7d785b966da595b745d01769623492c18b9dd8bd3c75249effd2032658c715906a71dbbed847027ea75d647f9803296a41906e0915250854597a163035a8d3f45":"":104:"a41f5c9c7de2694c75856460d4":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"83f7631c4d4c466c9246cbc48e2dde6f":"":"f5d6c8c252cb687a931c38f58f74943c":"1f35e94a35d0f424bf690a15038126a41502593612efe6333cf94ea0565ca6acdefae8d74dae62df95e9261c6596c3397220e044c5b08cf39cccb27315d9b795da321204910274a93436bc0573fdba04ae6bb14c6ca955cf8b9e193a12e05796d7f4b397507614dabc457f1cd3ce19e439b6e62703f2189372938b29b7a542b9":"":96:"bb85dbd858ab7b752da7e53c":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"784e023b2d4c978151d05ee71533c56c":"":"f16d041b9f0f454db9985c8558ef8a61":"91f6e108c294640c7bc65d102d3d25a7bfbbe114acec9b495636689afd65fff794837946602ef04de7d4304a81809e0f7ddc45c476c29fd5286fcf4dd1ba76ed3ce88abdb51cd21e7aaeecb13238ac031da87ab96b2a13157278bf669d0efae28852ec3585d520d54502881322f7977d03954e17e7c0c0d8f762e34f59ca141e":"":96:"59699c639d67be6a6d7c9789":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3a2ec66e4a72cb3540e87f4e67c7e58":"":"07a9cf9f44b07e3067d60e276322e9fb":"d7e722b82e8607a64fbfeefc7887009298f06a637fe937277e3a76e8addaeeb460ba0743912c07b500b4b51e9fec2b7eddf691d155baf689f75968160c19a8330e254220142ae843bf0687aabeb74ab607227b0a7539ec3cfea72a5c35f236623af78beffaee6e7b1adc2895732ffedb3f8520710f04eb9c2ce9b2cae215ed5c":"":96:"f29aec72368bfcfa9ae815fd":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"83f382a90146544ef4871bde891aed22":"":"c6f664f5ccfd1aaefb60f7fa3b642302":"656a2f221a1339d8f5c26393a08fa31859f626eec9a68afb6ee30e5b6859d1cbb5ed7dea6cbc4a5d537d70227d0608185df71a0252fa313be4d804567c162b743814f8b8306155931fdecf13822a524868b99a27fd2ff8f98c16edccd64520e2dce1ad645fd5255c7c436d9b876f592ef468397b00857ba948edf21215d63d99":"":64:"09df79dd8b476f69":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"64334f10a62c26fef79d9024d4ba7c5f":"":"7b85251554d4f0ff89980cf3568c5caa":"dab2892262a1832a473cd3481acbd3d1820f14361c275514ec693b40f2170ea5ff82c4f7e95a7c783ea52c43a0a399c37b31319a122fd1a722e6631efa33f8bfb6dc193986580f0344d28842a3a4a5ca6880552557f3915a65501f6ee0c1b68a4c9040f0fac381cbccb6a6e9bca23b99f2ef1abbca71c69aa27af2db176bf37d":"":64:"3e8406900a4c28bc":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1c98ca4971c3a6333c18b88addf13368":"":"7f617f08e826a3c61882c3e00c203d4b":"ab1531fce0f279d21091c3334bd20afa55c7155bfc275330ed45f91cfc953771cbde2582f4be279918ac8b9ae07cb3b2efd14292e094891d4841be329678ad58d714fc8ce4bffe51f539f4240c14ba883b95cdc32cf4a9fd6ba4ffeafa0d6718989c46483c96cfca3fe91000f9f923d7f96725e966de068b5da65546fe38f70e":"":64:"58cc756d3bf9b6f9":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"247d3abeb807bde959e68b40a3750045":"":"3f5390cd7921fcb42c59f0db05a8a62f":"81abf375da7157a1a56068d0918037fecb7296d9b1771c54ae6030abda4b9d76feff818de81747980b2c1b005e36b3be36afbf1092edef6fd875d2903d73612addf206a6ae65886421059c70990a6ee33197f92bed649901fed62fdd20c30d81baf6090f50d9f59290528e58a0b7412ace0a293369f2b4c8d72c2fb0e1c432f5":"":32:"37bb4857":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"622be8cd3c757de00fbb7ab4563ce14f":"":"16c53a843b1549716d7c06b141861862":"a15d101580d549f2401bf0f36be0f83724875205c9109d2d69d2609cbf67504b918f0859303192b4075f952454f3e7152f898f997b36afc0356712fc08db3343054b20e88ad1274e019bf8fcc3c921d3bc8f9c1d1d24adc61f6033a83ef46a84762304f1903553748b13b1647c96eb8702ebb41ccea4d9cfebcb177c453277f2":"":32:"35778596":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8a660aa0191f9816261387d5aeb262f6":"":"c720cb31e841480da5ba656e9b93f066":"d979affe395bd048db26d26908a1c2a435905299086cc55bb65ef782f5aed99c41743c3ae252ea087f5453bdc605abd784b337b60960946358da2218b076826659a1fafa59124a00a3424fce0d00c38eea85cfb3d1e01bcb09d9870d5b3fe728f394e0e512f5aa849d0550d45a7cc384f1e4c6b2e138efbc8f586b5b5ed09212":"":32:"cf7944b1":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"ad4c3627a494fc628316dc03faf81db8":"":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":128:"5f6a3620e59fe8977286f502d0da7517":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"81371acd5553fdadc6af96fdeee4c64d":"940806fd5ddcab9937b4ba875e46bb4b7e9688d616d17fd24646f1ef1457819f55887f53bd70039bb83b4d346aabe805288ab7a5756874bdc2b3d4894217d3a036da5e9e162fa2d9819ceb561ecf817efc9493b9a60796f6dc5e717ac99bc4ba298eee4f3cd56bbc07dde970d4f07bbfa1f5fe18c29a3927abe11369091df28f":"3262501ed230bc4f5a190ab050e1bcee":"":"ffeb1907bdbfea877890a6e972a533ae661a903a257b3b912c7c768cc988e05afd71a9e6117d90d1e1b54f55de9b10cbce7a109452567483cc8d6a68b9e56da10802630591fdd8d55f9e172f0f58a7e0c56a73a1ae3c3062f0997b364eb0885d48e039b2ba1bd14dbb9c74a41cbd4b52564e470d1a8038d15207a7650bd3f1d6":128:"227d422f8797b58aa6a189658b770da9":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ef5295e9ae74729e222df6dab251158d":"59372848432f86f5740500391d2e5d5fbe1f80ea876a0ecb9a5b298d9ea7cdc28620aeb2fda015345ae476f265351b2c6b6fcd66bc8aae4dc8a95c1350cda204da3d2d2fc5e6e142dc448296d5df0cc349d1eba2fa98d2f468662616274a147fbe07927440afa3967ac09a03a8de0b03f3036bde5e272e3c4c5ff169dd730238":"194d08fcc3c08ab96fa724c381274d3f":"":"fdceeffdc8390bde6b910544db61db2f345eba0664f78f65d94b90e3e2a5251be374b3c5d881460cfff3549a01f84eb9d54087306a20f5156cd555e46bd2173386c90ea47983320fcbf24e09a05f2ec4b2577287d05e050b55b3002b753de49abef895ee97015810c06d09212b0c09e4910c64ac3981795a1e360197740360fd":128:"e94603dbd8af99ab1e14c602a38a0328":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26db035f2ddd9f5672c6f6af156838d7":"92c315936847649756b0b1bb4a3453e6e6da866f8088d96da44412d9f47a22dda0cd817287ba42163be59a69f73963059139fb3ba44bc5ebfd95b6742546dfb4fe95608dca71911d1347be68179d99c9ebf7ee1d56b17195f8794f3a658d7cad2317ed1d4bc246cd4530e17147e9ecdf41091a411a98bb6047eee8b4f1e4a9ef":"3686d49bb8c7bd15546d453fdf30e1f3":"":"1ac98e9ccfe63a2f12a011e514f446c4c0e22dd93613b1b9b8f56d148be8a24e3682dfc1cde2b69e72d200b516a99e7466dae8cc678c6117dc14b2364cd2b952aed59722056d7dae4cfdb7d9c4f716aef2aa91a4f161d01c98d92d974247bb972de0557e175177ce34361be40c30ab9ac46240016e5ad350c3b7232c5920e051":120:"b744316880b0df3d4f90c3ffa44144":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d5c63757197a132cbb33351fd2d81a46":"e970b62ce5f06b15f8448aa2a095c2b3c8adf535e110e7f374411ed51fa19f9c4926045f796b7cd8a942b6a19811b7aae59fce37e50d6ca5a4a57bfb041a5b51c1ee82b54d03be22d9dc2bb9a2e708503b85e2479b0425a033ae825b4f232ca373e280e3cc97cf0d79397a81fb30d3b41cdaa3e788470cde86734e10a58b1e3a":"a669a4d2f841f9a0b9ede1fb61fee911":"":"522ba7220d0d4bea7ab9ca74ad8fa96ba337f7aa749cd26186499081ba325df6d6b90a81bd1c7adda0cd1ca065894f14a074ec13eff117b2a00042038aea55850056a63adf04f58fcd7269085f5ad1ef17ce7b6c40804127f14747a2ad93ec31fada83663af025a3b90c20a4ae415b1c960094e5fd57db0d93a81edcce64f72d":120:"7bfce3c8e513a89a5ee1480db9441f":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f380d3bf0d55a1cd56b7e78359eb6c66":"c0e977e91c1c50ee78d4a56c527b2d31a1a14f261aa77e52d910f8f230de4908b5cc6943e28b8c6e7ac61eebe270dcfde48d140ec13792371932e545b6ef4b52d1dfdf54c60ff892b74095a3f4a2b9000acd2cac04666a2305343b8c09f89dcc0c25bbe2a39b14624118df025962edec3dfc58d36fcac531b291ec45b5159e22":"ba3300f3a01e07dde1708343f01304d4":"":"752f09b518616a91a802cf181532c7ec65b54c59c1bab3860f0ad19971a9e5bc8843524c5ffac827067b462ebb328e2eff4dd931728de882055129997204e78717becd66e1f6c9e8a273c4251896343604ac289eb1880207a8ea012626e18e69ad7573ef73071b8e2fb22c75c7fc7bf22382d55a5d709c15e4e8ff14e2bf81e4":120:"fbf8818aee5c71ebfd19b0bcd96a7a":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"47c807cd1cf181040a4e3b1d94659db8":"c4a52c1f1f0d32c21fb85fba21d1b358b332efa066c7893c566b2e859efdde99fc67bb6167cdb0485a8ed53dd1068d90bc990f360b044039791be6048ba0ee4ce1090c9fce602af59d69069f5bff8b6219aaaed5a9b1bfc8c5b7250c5a6cfe86586fa8064124d551da38d429a17696eb1a7a0341c363f010eafd26683eecdf82":"9963a3fb156beacd6dd88c15e83929df":"":"e784ab006de8a52de1d04bc2c680d847c5decdd777cb2475ad4ab1dc529882d9e51cff5451b14ea5ff9a9bab5c5474e8a331d79564acdb2ac8159e0f46e9019bf80650c481fdaf1680cadcb8c5de9f924760b376ce5736cc4970cb8715b5999f577436283a4c21469306840af36d1e069616157d1b9ce75de3adb13d201cdf1b":112:"51e8ce23f415a39be5991a7a925b":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a0b033d14fe902aa0892b0e87f966c41":"1cc751d890cd102486d81c618c23fa335067ac324ef11f7eddc937853db6e16d0f73727725a5a5bd580705416ecd97e368464ed0aea923ffb71c23c37f9cf9c8bd81cdbdc3d0ac34a875db3167ec1d519004d4fa4bba041af67af1ed3d4e09c32b3e8e10abd91f46836cec74b1f9c5b06c05f3b18caa78e7ff185db212b52ce0":"ad4dee18e6c19433ad52021164f8afb7":"":"a30044582dacf57332b04402e993831df0a4c1364a83c9bce7353979fb444cd1b3fe747e2c933457ff21f39e943a38a85457bfe99dc09af886734d6e4218fc65138055ad8eb5d3044f4eed658e312b6165199e682ffa226558dc4b516f8d519f149bb5a40d2bb7d59ece9e5fd05358c89e635792ad20c73c174719f9b28c7358":112:"6a18a4f880ce9e6796e1086ed05b":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c4030ca84f132bfabaf660e036f56377":"a8fe98e2b4880d12c99c9d5193b3537b3fbc5165cc1327395174d989be5741f867332271cdc52ddb295ddbeba33698073054c6d2416fafaeb0a76aad870a6fb6097a29fba99f858d49418572c8e4dc0d074ca8af7727c773c8617495b1195d6b2687a2e37fad116dd721b60bcb5471d548c6dafe3ecdcf0c962e4659a61f4df3":"975df9c932a46d54d677af8a6c9c9cc3":"":"86b20fecebc4cf88a6a382d693117cd2a3c9eab747bf5df5f1d35e341d204d8fea6694b92552e347da676bc8d3353984e96472a509f5208ce100a2a9232478417947f85f10993c9d6939c8138bd6151aef8e2038536e8ba1ba84442e27586c1b642f9505455c738e9fd2c1b2527d1ecd3a2f6ed6e3869000ef68417ec99ff7a2":112:"3516909124c0c1f9c30453c90052":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6e210de363f170a7ccb1b9cec8d34737":"89853fa002985a45651f2a7db2b45b7e7a7d33ce6c438ec4533c7fa257e1a384130369a68184a807fd0d92a70d91d7ddc56e5c5172c872257230d7aeb9293d785b1b8835dcde753798caff4abcd8bbc5378cd505dcf904aa69902e4f38699be972099adffc8778bd844a9a03e6b58a721a73324d956f20f2ffd00d3491f72f42":"39fe20b051ba21319a745349d908c4bf":"":"ac9d74f8f405fd482287a4a7fa359caca095c0f1b46744f19c3c11e13b0c605b9857c8cc5a1754b95bcc658416f463bf8764f373205941885948259916eaabd964f2d6c2d784f928dc5eefe331f6c04b4862d4c8e966530de6bf533a10818de852de3af7f521b167cb4eb7141ba8ae8a17be1eb714fd26a474bbbbe870a659dc":104:"7a2dfc88ad34d889f5e344ee0e":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6bbfeda23ea644fb37666b05dc47f590":"a85ec4c2c160deda7e3de0ae449eea6ed1d24e2c8f3d5151f2ac0fd869f5a763981733b68f46c5197d76c26cce7ddc8afc6cdf4536d771cf3e9cef0098e270c5e1ff72cb0ad7f84abf44b726e0eae052d0c1553afc67c7289a43851a4d04c2856cc46b4039380436465a3b19deb56e41b859aecaf22b90578a23288d5f7d9b0e":"9d154f3cc2c5b0bdd77e86e351220960":"":"dbe575ea04b58429e68c733d99d7fb3a57e5604d6fc3baf17e0c6f981d78c070144702861316f892023515f20b697a8f3a40d821162dc9255d4775e7578285acf2cca67e902c060f80eaae29b9c011b6c110371409d914782e1e4115dc59439a2823507330852f10436b121538f22a3b619075610f1da87b6035138d78c75a79":104:"8698763c121bf3c2262ba87a40":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce1407f666f2aa142ed4ef50eb2a4f64":"585fc1e86809247826f87424741f6ce2ce7c7228fb960803be643acd28332b2036715e2b639fe3f8de7e43e88bd8e65a6e2259391360aaf534ae7566cbd2b3961c874d08636fca117d4123b3063931d7a161d00220014339ae9f447f31b8a2d7d5466fb1ff2508397b5fa71f9b4cd278c541442a052ae4367889deaed4095127":"1225a2662d6652e3d4e9c5556bc54af4":"":"8bc13cc1cb52fbd15390cb5663ce3111c3fb943f8ed3c4f07b7aeb723649fccb90895999ec5dbdb69712d8e34ae3f325fefa49ecc7c074de8bb2ea01fa0554d7adbf49498f2f6e78aa0cd24620bab0f11bf9b2c73ad0eff780eb6c03ee9c4538952af754c566aba7c717d1ee6ac2f5ffe21dab9afd649cd65313ee686596fef0":104:"9a1f1137f9ed217815551657bf":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5ecea1da76d6df90fd0d4077ef631b17":"d87e9a0c6a9796d60ed78924f7a8c408d5b9fab03fc76790e74029f13358fcae0035bd971a400845f508c2c2cdc3949be498193afcca6d75f8d21521ac673bd41a936a133fb5ed61098f3cb89df5234c5ca5ad3dbbe488243d282412844df0d816c430de3280ab0680a2a5629dce53f94e8eb60b790f438a70fafb8a3ed78a1b":"7d7ae2ed1cfc972f60122dec79ff06fc":"":"1eb19da71857854420c0b171f1f0714972fe7090db125d509aff6d92e5192353187f0906e3e8187f73709d1a60e074af01e83d1306d582a82edbdbebc797a733d72e2d4208675ef98ea4eaaddae2292e336fcd3fa85cdc577f4b8d3f324f0c5cf3919701208d6978f83466a02ae6cc368f57e18b9ee16e04cf6024b0c7fbad33":96:"f74b3635ec3d755dc6defbd2":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6d6de51c30692d7863482cbbaa5ccbc3":"9f242c230ae44ad91cb0f4fe259684883968f3ca4f57a3e0cc4b03ab063a4eacdf63f9e7900a98073e345d1b497b985887e1ffb5fe7d88cefa57dd41076f2da55ce7ab0899bdc5799b23773f8f7a4dfbf1861cf4de377281fae9763dd4ea8dc7c0d632b874c86ac8e4c90339ec3f14cc51bf9241660ab828605cc602984a0f10":"c6c0fa3da95255af5f15706274fa54ee":"":"55e75daa3df3b13a33f784d5adacb2ff6861cacb297d5eaa61693985b6a0f82e9e0b3a28d10648191c6e62d6260d8a8bb471e6b37aca00dafdb2fb17454660f90c2849a9ad1733d7bc227d962b3cd86ab32d5b031eb2e717e4551cb23d448e06bac7b2a4cadb0886fde472d45de39eca2df474ba79eb58504318207325c81813":96:"8eb9086a53c41c6a67bad490":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"76b7f2307e9cf9221c8f3ff7105327f9":"bc076bfd1ff7a9fb043a371e5af7112bb0c9c442be44ca648567937bcc091c127f02ab70b81ce51b2f7a38954dca3d94b3716c6114f0ba349d6f87f5efd84506ed289dfe8a1277a5d1821c56f9f297cb647cdf36d308e6ad41c55d68a5baaa520d11d18f5ddea061c4b1b1ec162b2d5bcf7c7716235dd31eda3dc3094cb15b26":"3cdaf7932a953999a6ce5c3cbd0df7e8":"":"88c70d3cf5817f9fa669aadf731c0eb03c3d8e552f2dc763001ac94837353ab75b0c6553bb8ba2f83ef0556f73dae78f76bc22de9a9167d7be8e31da6e68b0f0bdf5566059901726b6f2890ac8745ed14f8898a937e7d3e4454246185124f65cebd278f8c11fb0de22da7248f33ef6bb82cb1c08259970714de39ea4114f85af":96:"6006fe48f74f30bc467c7c50":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bac83044f9d8fefcd24766644317c533":"a72daba9de96bc03b5cd7449c2e97c858385475127b9614e37c197225d5789535b69f9123993c89a4815c1b4393bfe23754ddc6c01fc44cd2009b5f886988dc70a8cebb12664fa4a692db89acb91de6a9eda48542b04459149f59537e703e3e89f6d683ebb797fce3874c819d08676d926bf2da2f83a22449b89e204b5ece58a":"1307cd0e6f9ba5570e9781fca9a4f577":"":"479cdb5f65b9baff52a96c75790e3b7e239125f94525068cd1d73a1b8475080f33451ec83789d7189f5ad6a9130e7aa4df10d71ecabb5ccd980d84d0fbfb342506edcf7298ccb310c0e297dd443ded77cf1d96fc49055534439f1af583217a5de36e4df036a3b640d0212658399b629193080d38aff0d4e8aecd6c8d8f48b44f":64:"ca192f8153aa5fb7":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"627776b20ce9bb070a88f1a13d484550":"1da4a24fb12538a724f62b277410d50e918bd6224d4a61df6fb7734300643198debea71686e018bcd8455c2041265d11f7f5dcec08c31fc94784404423bcf1dc8e615227d2b0840be123a1efb8201aaa15254a14a2d76a6ddf536701cb3379d3c6b1b0d689e5896186c88d4a2c53a70bb422ecc8e0a5c3b9f3d89ce40676e4f9":"57f3f9388ea1e2c1c73f60b7d711f6ea":"":"f8a06eea528dad12b11ead51763aa68ca062f9f6c1c1f740fb910974f7ad9d2ac87c16fb74d07c3bd3b45f2e26af417e00416bdfee7ed0b69274ead70a52201c1fc05937438855f5564ec3e824daa0c59da1aa6f6cb8a44ab5f73d661b219766b80656cd3ff1e2d6909c6ce91fb14931af8580e859e9d7642678c1c35d9435d4":64:"05b432826dd9b044":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8954e2c0a7ea80fe3c8e75246f75bdbd":"d77e11a837eff95c77dd56e9cd97f0ffcee0adcca4a2203d23ce74c804a75cef1bdd69b16228472a2395118dfce636b8916372d6a24106f9a168055c6d4b44264674ce3905b3b30f5108ebf939f3fa8f55c12e001b457b73669acd23c1dcabea05aaba34e2d0f66a4d1c9162764228ebc4d3974fdb38b1a61a207788c5deb878":"2b5f9420b3c583403d92d76a2dd681c3":"":"35b8a04d6557426def9915eb798312a7572e040a65990ce15a8a6e5acd6b419c3fa26828b6efd2f1f50f91f672fed0feaa09a6ca6b4844fac5d3db571db8bbce250086b8c89aa6fa07bdca8dd0e1fe76e0f5a821145bafa11f3a9b0b003ad09de73ad71849ac58f7fd50851aa0fbbed17d222a0a5607f9f75dd3b0d3fa45a135":64:"96511adc097838e6":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7d0f9109dd846c47527a429b98d53301":"506efc29c0f02910cc9f5b2e677bb811e366b9e4910c00b36e48e5d5b42718f3b6d1a08a2de9c6d4ce44fce00fb7e10cf89396a88bdb38dcb0dba69449195e19b72ff989666b366f03166dd47cf4c7bf72dba3048fa34329ba86bbbf32934a0992d72c463fffee94653379d23b8bb4dff03fd86cfc971a2f7cdb90589bbbcb28":"f58a5bb77f4488ee60dd85ca66fad59a":"":"2e2760c649f17c1b4ba92b1fc9b78d149a9fc831f0d0fe4125cbfc70d52047f32a7f25c716533d199af77ed05e259cc31d551187dbc2e7d9e853d5f65ab8a48840f22391072cbe29e8529cd11740f27d11513c68ad41f4acc6fb363428930fe3d7c0e698387594156e6cc789d432817c788480f3b31326fa5f034e51d2af8c44":32:"6ced7aac":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"034c805b5e83b59ad9d6a65ade3940a9":"efbec09f8189404f3dbe569d3bab9b8bfabde419fc80abb3b21a07a5fe42326d23d022406981abd558e94f4debf38f2c34c3c315cb1ae1d5f2d48eae1335b50af9dd05b60aee724edb7d4e12703d5ec8873c55e3a3d6d8d5e4daddd5240fa3ec2d1f32442ce32cde66dfac77ed213207dc4838ca9782beb9a98d6dc52838831b":"b0c19448b9f2a818fd21ba6489c34fb0":"":"a45ba5836011fc65882ba8b1d6bf7b08b17f26b9cd971eece86fbb6aac5cdfd42790a7c7390099b10dee98cb8e4bd8b3ccb3ca5d0b9d02f759431de640ad7f5dffb919a8aaa74695f94df8eff4c7cb242d643c55d6f9c8323006f3be595aa8cdbfb0d9260ad2473b244ca65a5df53d2edd69f47df608e22a68b05623150b5665":32:"43e20e94":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f3bad89e79691ae72f53964b928a09f3":"01913e4ef10226d80c5026ba9243fa41edaf5f5c232d17c034db4c0c8369f48d89a1d58b3b2dda496506c30457365bdd76710173a97022d647276a4a8ac73f0e9e211cfd7d64849409ef61cce618675eaffe88b3f14496e5eb013c0f8a122dbf16f2c675edf7f813abe9c56101e570e208e651fd956e710dc09f13ebd22b81ab":"aabf77116a75046e7ecc51a468aa21fe":"":"f7453670604ff6287ebdaa35705cf7553410452fdb1129a7fcae92565a4217b0d2927da21f3d1b2bd5ae9b7d4dcc1698fb97fc8b6622ddc04299fdebaba7f7090917776b86b2af4031fe04fa1b62987fa9ec78fbbc2badc3a31449be3a858ac7f277d331b77c0e9b12240bd98488a131dbd275b6a0ce9830ff7301d51921ba85":32:"15852690":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"839664bb6c352e64714254e4d590fb28":"752c7e877663d10f90e5c96cce2686f4aa846a12272a0aba399e860f2838827c7c718365e704084fbe1e68adb27ad18e993c800da2e05bcaf44b651944bde766e7b3ac22f068b525dd0b80b490b3498d7b7199f60faf69fee338087f7a752fb52147034de8922a3ed73b512d9c741f7bac1206e9b0871a970271f50688038ab7":"5482db71d85039076a541aaba287e7f7":"4d75a10ff29414c74d945da046ed45dc02783da28c1ee58b59cbc6f953dd09788b6d513f7366be523e6c2d877c36795942690ce9543050f7ab6f6f647d262360994f7f892e9f59941a8d440619fda8aa20350be14c13d7924c0451c1489da9a0cafd759c3798776245170ad88dbceb3cacde6ba122b656601ccb726e99d54115":"c7ee1c32f8bc0181b53ce57f116e863481db6f21666ba3fa19bd99ce83eee2d573388a0459dfede92e701982a9cc93d697f313062dbea9866526f1d720a128ab97452a35f458637116f7d9294ffc76079539061dfeff9642a049db53d89f2480a6d74a05ff25d46d7048cc16d43f7888b5aff9957b5dc828973afccff63bd42a":128:"63c8aa731a60076725cd5f9973eeadb5":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5f2af1b14ca9598c341785189ac6e085":"790bc975865f44e3a1534e978e90b064530321a2280a9172dc7f3451773b01d4a56c1857ad0474350b945e4f34cd677c22ca89445a564b47a8526d31d18160c35d2be1e89428c3593b53877cea0d88d85b2a7ed0552e39a0e96e35ae0384a5d7868243045dcbfc245a3eb3ff99f4dd86c0a314f68d1971e773caf9c168b0aa0b":"bbf23307ad2718398b2791c16f69cc45":"26b160695de2ba40afca6bd93f1c2895f92ca9108847a8ab71ad35cac9f9c9f537ef196c5d41b10e3777c9a02ad3c73cd299a85f60e5d02794c3be2643c3e63f105b94d32cb4e3eb131d3f487fa5d1de1a4ad80cad742704ed5c19a7cf4e55531fa0f4e40a4e3808fb4875b4b5feaf576c46a03013625f04331806149e0f6057":"52c373a15e1bf86edfb4242049f186029b458e156da500ce7a8fc7a5fd8a526191ac33e6b4b79b36fda160570e2b67d0402a09b03f46c9b17317a04a4b9fbe2ddcfc128bd0e01b0be3fe23e51b69c28bcf8725b8e4208aefb1cf34fe91a2bb6d5bef7b936bec624a8f38c9cd4ac51a0187635138d55da1fb1791adfbf8459d3f":128:"db3bbdf556c9c1be9b750a208fe55c37":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02980dff205bfa5b18037486618e1fbd":"f037ae281e45c50c9fa875f0ec9eb43251d3ae1b6acde27cb5edda7a4e384f50301a68bb6f4caf426adb31457c5eeaa789edc84fd902cb82e00dccbebe272d90cf690ca82ee748885f02daf377970e985d55994fa668fc5e3e06763e6829059fe0c3eb67033b3f5223cd4bb654484c57370d2b856d7117e32ead3d179064315b":"27354e68a004b255a380d8480dc9b19e":"37eed8620136842938ee3c3c08311d1298d3fd3f0456c056e0851a75d844fe6c61aeb2191c024ffce38686c09ab456f0ec26bd76f935d747002af9b47648502713301d5632c2e0d599b95d5543ac1206170ee6c7b365729c4d04ea042f04363857f9b8ea34e54df89e98fef0df3e67eaf241ed7ebbc7d02931934c14bb7a71ad":"f8090d0a96fc99acb8f82bbbe58343fe227d3f43fceece5492036b51ac2fa6db4bf8c98bf28b40132b1ab46517d488b147e12ceb5e6b269bb476a648d8a1133d5e97d4f4fbdfa3866a04948851cfb664f3432de223f3333248a1affa671096708ce6e2c9b4f8e79d44c504ff3cd74e8dffd4ddff490bcba3abffbade0a4e209d":128:"b5762b41241cbee4557f4be6d14d55d4":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1fc9bcc5aee350f1ef160346b642cc20":"e0fb08cf7dc901bf698385a38e1a81acd4118f083e52aa52e1ded16ab1e840cc49fa1ead3292ce21096cc75c89dc3701102b0982fd3a6bfa55a7799e579aa7336edf365574a904bad924ec080b093a604994db4dcd8323d7d39c3c35750b0741b170481539d22551871d6a0e2ea17e4bebe8ce19ec3bc3bf4f6edae9cd7ab123":"910a81a5211ce0f542f1183c08ba96a7":"2dcf7492c4539d6abc3d259ba5970033ebc2e7ddfa1af8be11f81b459d7477f310be2171290bec2f2ae2cc51266f46e98c878dd2444afefdbdb73a417518f5fd4c116547bf442fa9a8cb2300c5ff563117b2641dcd65018081e62a7ce5c4d822563824e5eafea90cbceee788ed44e6c4f23fe8926603a15adfdb556f11a0be9a":"514d27f8413d7ed59d96c14e7e74b9f3d4518486876c469b369f8c5734145f4aa52506c8f832d4811e5f981caadedcf09875033c5b28a00f35605d773c7f9e1af7f0c795e3df1fa9b5a524f1f753836c1e2dc9edf1602d37ac120f3d8a5c093a5285dbe93957643a65f22995a2782bb455d23318f01bd18ae0d0813b01d233e5":120:"feb7a25a68b5f68000cf6245056a1f":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9cf329dc10bcebb484424c77eb785aa2":"92728a696b07704fb1deb648c5036a1c8602b4006fb2fd2d401c4b6692e252c7f66918078542cc0b1a97486964276d6e6c77bbb88a9fff0285aef70783d9f2be3b7b22f8a8c02771492150122fe022722bf64263f5d2406884108d8d608273bc02a9127fe4dbcb321ac44a7d2090cff7017d59d73ecf927b8b05968675a63ca0":"a430b979168f5df5ba21962d1bd6dd15":"4d94b7650297c66b43210c84e6e7b09385117ed8fb91adf643b2339f39a5d8dd0b0d75a793e2a669e42c5ddb0873714e01cb65da9eb73fd976a49ae9a4762bcbc06be5052f750d110a407764280b510da5fd0fdce969f86ea6bf52ad4fd9e2d81ec5cb84af0a1d406504a34c51c751daebb4421fe1994bf6db642e64bd471d9a":"c13dbfc60b34d75f8a84db1f6aa946dbfc19479d63900450389756cd1ada8f6d2d0776607f7053db6bfa6752c4b8456f0ace314ff3fd4890d6093a4a5d47dd8fbf902e3e3000f5e02ba93a00985f29ad651cb697cc061d8f3cc74e6d8d0743a1988947c9dc2305e2b7c5a78b29400d736acc238131700af38e72d8c98ba007eb":120:"82f1dd58425eb9821fcf67a6b35206":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cf43ff6a1ef35c37862ae3b87171a173":"a1e670b3fd62039cf29edb61b26555bcd0f9184be4593bf6b20ceab263bdc76cdef34992fe0ce4d43bd93bd979b78bb252c120fbaafe4947fc0ec05cce4358a5089a841c7476b0ebfca6476e690cb9ee0b73c6700aa82aa8f4050f2c98500052a2d3274b30b0be67549d756efd163c4369b6df0236d608bfbecd784467db2488":"6c56540b3a9595f3c43f5595ace926bc":"5c0bc6e44362299642f3756acf09878bb05549eb6cd6c4942d39fe586ceac228d2aa9c92f8393e5017e73ee41002e60aa8b993c48a7638ce2ae0ae0eaa536bd749b07a8672fc620a5110af61232b6a3d527b36c86637cc1fa92c84008465fd861920884d8a784e194ec52fcbb767a68ca6fabb64ab0a0d680963140d5cfd9421":"8ad36522e4ad47d4a54c5eae0a8b9ff4911aa5b9b13b88b00488a7b678f63cf85945b8d4998d1007e27529b56f50b9e3b373bb6fd861a990514743b9707d535b40d1bdbc3f58a63b8ca30dd7934ee98ec3325d80afaa37e38b4e82d8851166589027d91347727b314e02ed08a7846e29fcd0c764834d12429d9f568b312081f3":120:"f5bf21d5eadeebdef3104d39362b85":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a0ec7b0052541d9e9c091fb7fc481409":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c87281":112:"4365847fe0b7b7fbed325953df34":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f9ba053776afb01d15915e7f82a04f21":"fb59858421ffbf43d09415a77320cc9250df861e4414817e7b78cab918fa890ea0400d4237f7ebf522d97318ea79f9979a73970296827a1a9690a039e6c605a0a3efc0077156e1b15f14d88685833e09f6cd6f783d0f50579de7a30907b9d8efc4c650ec57dbf7b425ffaf9a900ec91087d470409da4d67cae7328c15a5db1fb":"df26b109244f5a808f3ea7137f2f49fa":"b21c8101ac96c41bad2925b9b6c863f54888f36e4995820ebd51f53e323e46f528d91f4318183be0282312ccde8da075fc2e82041cb41a79e9933012a4cb6e9f89717444bc734da3b7e40e903e58dd0f38bcb115684227ec533c09a93c89c2c2584bbac83a4648f82b4c9207f43b61e5ec470602076ed4731756c87d4e0e24af":"2c306fc60bff58308f2b9f08d52369e87119d7f6de2279fcdea0c46c901c8dc5b4f83578b17a00786014a17d3e380e1af4b9f32fa58b9ac763bdf86ff0c6084afe413a5dcb7617f94d76e59e370eae4829e69bcb70f10545b04ed5fd137e1159f3961b2c01089ebbe2f16a91c782d4f383fbd4d61b66138319b63d79ce9fdec3":112:"d6db5aa539a6e2e70885508d637d":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fbbc406a669b94374c7970f2ac10c91c":"a9f334d1ae7d2960f39da4f1df85830d27c0f13fa0bd23d607ace4cf58b359584120e7c90d3062b1b23b1a9e85a740c9063ff80423b5846257e4426c174e8cd77a3dbcfe12970ebddaaa00a8ffb554b2a80decc81f9917f5a1369e8bf7288ed868457993f480d8aff0b92b3db2fda233e32fabec1a4514715364d4f70f98d62c":"46152f5a68c03dbe2f28e69f5b52e2fc":"1052f8b2d3e11da53ba9efe02ce985098d171dff9b98cbc2f6755fd88214ddb8660225a63a1c8bcaf43ff3930e239824ae8e122068b89d7fe73c658ce030cb51dae9836aafb68fad77b1cb5bff8d7d9c920ec449181e10ea643cc73abb9620dbdfa32e06c29cfbd8c7cb8b1103763616ae6f9b19c4a6e1eed88c3971c4778c2b":"7b16424c508da3fed14bb53462d1805f0f9d09f803d4e166fdadbac76f9fc566665554317431642f6e527123ea6c1c0ddcf45005213b0f2747321fa112d7b893cdcf4c1a59e8bd1c48b7d77881c6d79de3d850bce449969305797196d187196d0d81dc3423295f552d3c27d6d70e42c9a1a744a039181e733450c9985c94ae94":112:"b51dca8e00988af0987860a663ad":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fe96eab10ff48c7942025422583d0377":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f":104:"6bac793bdc2190a195122c9854":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f2956384a65f9627dccf5126141c7bca":"89dfd185bc33adbea0c69b55d37087de3fa7fd69a9fa76aa1568ac363c5f212ae92d202b9338ef397266dd8bd1ef36cab6d1368feafec69a4e3e11e1bf1beba35d96e040d91e9d3a838966bae62a15b18d621f33efd9ec511de4bd287c722cd39b4ba43e7a6f8c8ab672d69eac6b21a8d3544ab1d64f9de31956b93b1104431e":"2f61f76bcf074a3d02f51816c0411052":"bde1508823be7984d5921db4cab1ed3017c0d73cb9bff9874f39a6f5bc449719c1c43d8fb4e76f6813b0985d4b124517f9e4e2d3c552b2f75876563c93a44c18fb6523ee732ea5b6d13417db45120653df3820a32ebdb42d544768461b1d0b55b46b09f688e47240880930fca7097ddfae35f854891e21891dbad13f661a2534":"023a9c3ab3ed0181ec8926e4bfbc0fa63e38ec8980eabd2ed75e29b681b3ec04cc8b27fad3a7ce6dc1efd680479a78f02de7ba92f45dc03de02852a2e67b35bb1dd154568df7acf59081dfc05aca02c0aa9f3f7b4fd4dbdb671b1b973a48af0c325a23467ba5cb59183540f6edf4c00376be39a3a672feb9e795d1bda96f0017":104:"613eeca3decbe09e977e0beeda":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e9bb30ea25f50b3e7711fac05f9d44a":"17a52f4faa608dc9853d4511feb3dd9d2fb92d7a3deb3f8a7a6df3fa2a909b7db30babef12d9da71aadfad16bfd2bcb5706ef2addc58eeb8d8d13f31326f7ab1d0aabfe5525014f05cd8fb80e1ecb0654e62078440157df66f618f078cdf2b322b0f8878bcd924609c33e42059aa69fe0ddca659aea42ab907b483aa55aacc63":"9668e8b1ce9623ad52468431dfbed632":"f776c6e892e373ec86ccf706704d47cd89fa45c2abdeb0f9f6f32cde88c22f001150cc66f0fd83e9b75b97bceb98913cf143cd8a68bf06e1125031e3e7f09dfefbcaef4f04d7bf28aca1992a7e4228fd4017a5b32fc48101c8f5a609eaee9489d02200e8a13efeda60b57df53ccf2fe26309a1c1e1d40db6eb8431dbfe8d43ea":"407171db1dfb7ff20d5c97407375574220534ef75ba18dc616400e5e967e72db23783a6eb9506b611d0c67a83f5c423380ceae66d5dcdffc31e31239357b91794018e9c4c36c286f7b17ee911136d9cacf564baf5f9b9831779375e63aaade8734a91bd4000e53e5e412b3f92f8b68e0b7ad3bf6f274744e2c5a635894bf918e":104:"2741ebc33a4d4c156c21385a23":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aa705ee70297e9212f70585d92f42aa4":"5e4b47d986d55f49708cb3e4d27072a7e850936b27b24723856acec7b2e03caccd98c2a002a2dd1d3f4dad8827a5910b42986cb00be7bff47eb401be5f324cd2cd3ea2fa41f4ef61f9771a4c0184d85d6023f37f3f54bb9d7cd621fe36ce11a82678a0754a33049106be597c53f287692ac5a42e59f09a2a117fad6c034a91b9":"89822c9db69229d1e4880afd19965908":"fdd655584a92e29a14a368f28a73f9dc608e5c2ffd308d4aeff7326bbef5ea58f84620c9ad43c0b598c271527ae60dae6db4ffd3f590e503ae7057d8c48e9b1bd8f8a8832629bbfc1391b954a4fcee77d40096eb5dcec5e0439375ed455378d716ee8f8b04ccde3291e580068dd7dbef4ba3685b51940471f24859f8e93b659b":"0f34bb4e2a4016ba41eb23e7688edd455f2d46a5097236d9a124ae0bd47349876319976aa4c3aa41680a63cea85f433e3a1b4376f79d004710d486a3fb5afbb7db2c41aca400e04f75ba91660bb68354029defeaae1853447f8fa0d470b25371da73c9e8ee841ba95fc273f88c2e4604ff29a131a7d73e60a00340e886df5359":96:"a247e88acbd4e354d7c8a80d":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ddeec78a0c23e8c5c32d3d4f9830f927":"134fd6be1a934053a539398aeaf5d3aceda3ef722a6b3568af6958a4b1207f7e9b9e835cfd46a7f3d4faed829ad23554fc7c0d1a9b32bad9477d9dd397a259cfb0bea30268aba7b8cf4a35dbf99a6b2ca968649847f717749bc5f41374e1574ad6c357f7b60b0cffcb822bd3924208d0472a973ae97550b921338792ca88fde6":"ae428ebb974ccfbbdbcf6203105724f1":"e3d5ce768c688e881e72f036341b2d91947e02b7327eb53240c85b0b93a40eb0f3346817e2c9e126209b31b57633c4384f7af46846d9bbe6fd0d6babc57b84d0f5be2a8a7b146b38914a4cea70273d5461126cfd7527ab397510176e790300a06066655907d499bded79f5bb39f6fdb03f85a415c2cc2ad1f25078f0da7df215":"865d6148c9820b67c08c17c9214de612ada6e24ed67933d13c3b3ec43637fa305673d8d52d15a195b27a6b2563682a9f98912908668e3335192b1daabf26e1e73d7d34764af006b0c14a0ffad3b6a0def59964b11eb52e829ad790069997931d09be88b8d60aef90e39dfcb0df4fd54b71597b8ac64670e703e7cb83efa3f2cb":96:"64b2458a6eaa6f12937a8643":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"829008339e983918b8d142091f84ee28":"6f30604d8c2fae216b1ed3d67485631eaada68fe89a7020d6e29f42b937e7640fc1f23c00ba48bf239740f6468289ed211ba81e809cda55fe067bdfa198bf0461daf86d4a7969de9a629513809b358630ce7eb50a783b8c98ec1bd5e56cb47032ee8fc64a939dfc4a870ea9419b16178109f1966ab964da34debcf00cc49f57e":"dc62cf12b6d0439578b457e516d8205e":"e700cd917923b16c968712b2fdbf08be1b5c3b5d9e42cc45465549898daa07c44b4cd321ba16a38aeb6720e217a58428e3a4cc125920cb3fc92f039b66716543bab71b64ebedbb1e5e3e8fbbecff3385ab0ab16b7f6554b7fbb3b4c92307c654361f984d5a6cb69b8708684d90bb1fdfabc0cb59f42c2b3707b3755a8c7abf34":"adf60c4affb2ac76cce20cf9f302b909bfda1bedc60be21b53f65d0b81bff08f7e90ecaaf12ee1f9d921926b75e244b7e8357c1cfc26013a6d1c874ed2e5cd0cce012bbfff0dff85b372d92c18dce887c1651b6467f173a67ac8cea194a6c41e77842675f60cacfbc9c81597a08959d19af632d3c191bf69505620e4290bb040":96:"6209c09dd1b7ea85d02eb9fb":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4aec55c7e4bb36c32cb543b57cfba3fc":"4cf1443a5448fd09e09e91b7cc5f8e00f53f0b75a6b17db5ab9a721167de5f7bc5de1fb711accdafb7f3f1bf6b98393e5f09e9091e26d1340122edc91f7e60f62caa218f1927c8f0032be0752520aa650f6f1ddf40412c96d49dcc2287ee17834504f1dda3f4a723e2fce064f0b8dae0789ec455922a14488623e3ac10b6e312":"6669c3022e0820634a95efa2b5578e93":"f6ae9b1aaba18acb741c9fc64cfba3841f5127b1cda5cbcd48af5987428daa5782d2676bc3e2ef23936ec29a80d6b5310282b39b77181dc680799ac9c8125fc48afd185cba2ca8900bd9a0039787b4f3a6846f3edf5f7b921dec2608fd3df67600ae0aba9378da0015bd57d66d2999bf751806d1b89214332bac50f721ca9474":"720c32b0d454f086af36a32cc7274e2f2fe08db9cf1cefecc14b42b3e5c573aefa7e9e1ee0042eee21104dc3e4d19b012099280c5a53e40a0bf662d8295dde743143a28be7305729767a37cbdf08fb3c87667939a8ffe44c96ad272e30b75aafada2963bb9636f189c37d976ed1c458295fe85ed19662c463d7c8155e9f04115":64:"4b3343b627095f60":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8629e8064b3ba2b95bc20dd075f8e931":"85896de4b6454acf8568ccf95ab68a632330ce71ca8b4e7bfe26ad8d7e2e6b63f2032e2cd365999ffd24ece0df16904d749d06e829a291f3d07fccee27d9c6f3ff3a139d9e33f0660803de8fe79dc6ad291fad47c93543522a1c38e40697426a9855255e3e0abcb84d474ead15341c6b235ccd755e58fe6e87898d216d65abac":"dc4bcefe284cfc606f39b057b7df411b":"abfd0cb6fee8588aa68606b7e487bb9c0d2bd11205611a6f30a78d9ccf28e827cef4e966fa245e4b7b39533a4bd00176ce3c97858b0c8abdff4c548c835bf1962a6115c4ce7c05b1ce5aa29b412e816abc925b8cb998eb4b69c43a7dda1b3cf0d728072d42cb5a489db521698c5daffc3013537bbf622ef76a2e96089b7d4b96":"b295ca0d7707892fb08537f42d28a844f5877177f136b4620f69b05c83f43bf2e61323e80076c88660f5385060228bdb91d866686e691cc7e96fdaff41f2ca5f5b5d93ecec7bba82515a6e0bd604c99ef93d3ea013d899464558bc822bd765eb1ca2b8b8a7d961a6a316bf135c22d2ee552e62d8bbc5b60ca31bb53cde82fb5f":64:"d26cba11f68a5e1a":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d901e59a491c86bf538f7b38247bb21":"4c370a9f316d25702195409d8e73bbfa40aa15c2b0ea55db9257a9ae4e8dccad14589718741a78e5a74c26a801857e388c9f141ef7df08bc01384b2b2338c38abce51d547056f4bbaf7484f9edc96df122e71f132b7bcb6484228c3ae2f741a2c8b9b208b6f49b07081334b93c501938808cdbd2e40cf95ae4f27a29e1121480":"39e2788c9697e82cae0e222a9e413d8f":"48d7d20e424df3c3efced29e860771647ae01312a96e68d33f982c540e74160a7fbdb623d4b19abb1871d74c6dadc56038954b154389b752bebc40cf4ee1505ec8d844e1a04dcae430befdb081cc84252e0840f5f5146ffe5b9594f856afc2edb33b3c6f9041c9631c5e3d812959c5504938635f72c6fe29a25bbf66a4ecd211":"262718671dd0e2c9a40b9d7297c7f6a26cd5fe4f301999a32059812719896d3a2f5350f6ec20d999fc80b8d7af5a421545b325de9180f14505f0c72250658a5014768fed63ab553de0fb01ab1368356043f6d1a6c9950c80e3d9d4637bbeea44c9d58a4148bb10974d507c62b67cc4e37eaebd7eb8e67077856cc5d1702f8e2d":64:"bd814b4584941681":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2f54229167862034ef6c5ff4a1246697":"af2c89d3600329779abfbcf5be8bb83c357d4d2435fc8f4c413b956b898d22a8a889db9e2ff5e7229d7495576989695a0b52d796f9a23e9570b7caec6b46059749c29a293d31a6224baaf73711bc0e4a587abe9d0379adec6de04ce444676dfd8672e6660cfc79d7ee2e7625ce57dd4681bad66aa29bea2baf936122c3db17e7":"8168ef8ef278c832fc0ec846bc9f62e9":"abb9ed24137915265bddbd4b63f1d02efa2a99c8c373f19077c7e1c389feae36a7af42c661b0adc5dc8e4b5520d334e8e0e112d42c2977fa23485c0a85aef83f1e52d6749bd29cbebe14aea6ee1c1098aa96c6360b0192894bb2001c7c0fed7f00bb84953c23bfdda00818d1568fb94c1bd971982d6c01c12a35ef7af34f947f":"cd6dede25433fd3da6137001219b57aa54bdf6039a5a8d66138171b006194fe3e13d484e5cf57a1acdaa8e76f001df7bf41cbed2c5561a37a32113fa116d0918167c29dd9e7d46f7c18d9db33d7f1bc33ac21d159ddec57a2e158f0c0993c16dbf50582371100a8d7c55cd47c03473c5770ad562240f754c99d95ec593dca284":32:"4ab63349":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b7b52fe74c5c3266edf731578d28a72e":"01a4b7da57c0f7d9aea51283004b23f899669dccd6dbaec9cd6e747c7adb52432c7c29d1411ec1df4e5e33311ad84218075dabe17f73c95511ce7950f08b618feff56bd452b33455a1a03caa8371dc7fb9aebedb3cb652d94e06bd00a98bb06d30b506d41cb516c759f6d7f793472e6d6dc9ae50cf3dc8b1ad3d0517c4f555a3":"a005750e9f8c68ae238668f0a8f015ba":"805cf3635f9d84c7608c242ee23a4837dd3f260de9afd6166b08164a0256200be9b52e5259a4a54186ec067ddfad90f5c4f92afd1c7e4f2d8443312ba3c4818b664439a02644e55467045071aa2cc7939a940e89cc52c8a53623bc6473bf843a4e0f00149b2ce1543a6540aa0d9c2c5b68ba2bd5791078deed1de3b5f48257c5":"d6124da0896d99fc7f2c3688fbca164f8fecd75b6260162c4dc2d2773ce75cf41a8c7a57998e0a7e49cc71e5ad6a04c7415f8d4fd11f1035d3a02ed744345d74ebc9c4f202f65bfa88d55c747fe777225e218f2149da22b53e6584823dbda42cc2dda56fc72b753f3923c443eb5c656515dd824d8c08cc78152226ed8c1808db":32:"60d86287":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7a3501d9fbb86ab80f5faeaf8876b7c1":"4f0dfbd2aeab70c80814a1f261a1fe442eacff5d267fd0c0f93757919810f6610113f1b442270afcc47f2fa01ab01797683ec9267691a0dec45033c57f5cbdfcafdf154fc99e6140176eea92503b3f6fee5dfa5aad05f802e08a08f10e49a8b32a50c028f2bc7aa451be3747d10b96b3a1105c67c5167eccdc18b4a9b0612d03":"6d59be1833e75ce7f54ddc91ad6f5187":"3e556b1b33c42f1ad6cca67dabc6ff79d6cb667527335858e26cb4f6a3d8503ec415968ba97d2d79a3f80c1a10d75174eb5294cce8b89224eba7dfb258fb17cb5c5db7a914ace06e94cd2f2cafe3febc8adc4c2264afa2db2c6356e4c3e8667393a77a0afc36be678d5c0a4b63ae82d9922bbbc60559f331ece9947b67469469":"615ea4535f1e579d7aa45c011018f272c2e234c3ea9e2d102cfaa4a437c41e64bdef7a211ea4d858bdb656215e600911435ef9c8da68e8239e4782ced7e7add063f33f5bc62b85d9ae44ed1b139580118c5fc054ead08257b0a97632e8c503c6219294af423f0deb36758e05857ebb05c6835972488306ebfedd2ca4ce3b2c48":32:"74c6bf0e":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"195ddad2b0da195ea54a9dad0f86c161":"":"265ab1995fac4fca7c2b26c84e4a2dbc":"":"":128:"930f719034b76c232619ef2792fe6e65":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"12be48e90c849063637b1c2ab0f2b467":"":"0020c3dff2f6f3acaaae982ce38f63c3":"":"":128:"c8891f32b8015024ca42536d633b1863":0 AES-GCM NIST Validation (AES-128,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8e792fc91675d5efd4d80d5a06378d24":"":"15ad63b969f8e313eac3c717ff9a994d":"":"":128:"de9a04b030954b0141dd78ffc67323d6":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a668cfd45b6ef8b766a4bb187d0824d1":"":"a111e94a6426ad9b4362132052eadf4a":"":"":120:"3a3331e6a41cada2cca8e856135549":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f36e07f2689832b914e0b817010c528c":"":"654104f9d16348231e6ba6fd30c1f02c":"":"":120:"be897583bae073f42138d64e622c35":0 AES-GCM NIST Validation (AES-128,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"25d839a709d98ef9c0c9e78ece961eba":"":"b64537609040790ff648d51406710b9a":"":"":120:"4d5854c69cc973be8de41d5584407c":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"957dd619f9f19445c374ceda9e9ac082":"":"34887be03b4d4ca8ea2261b600ab0b0e":"":"":112:"60e2d50adff707d8b279bdedb277":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a5c9a2dcaf576e67828e806082d8e780":"":"f93732aac9448c4a427e634089d7edcc":"":"":112:"f67ed1c98bd2c5f3a738e75f15ac":0 AES-GCM NIST Validation (AES-128,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0a30a816e8d4d85d40c8e4d7c93b777e":"":"bf1f332aa19682d05cf95f2b03d26af9":"":"":112:"acfb2f7884bc496f3089e50dbf42":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b45a16bba5fba362704149dc56ba8a13":"":"64cca850412091bf4e120ccd612df353":"":"":104:"7b1adc23af9be185e5ae0b0f0e":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0cbcbc1c72aa90e3ea7e2fe328d79723":"":"2fc5fd964b45082546636ae1e208a937":"":"":104:"fe091a768c731e54e2237bfdc4":0 AES-GCM NIST Validation (AES-128,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"94297a1ad3f0c333cd9b087b1efd43c0":"":"52ec9dc82131d7b1c69c01fed6aada10":"":"":104:"5c927dda855b76ab8fc077203b":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1e8cf32008bdf867f0ff76e7d7ec21bd":"":"3854b7412de72fefcc4b0c2155f6910e":"":"":96:"cc8e7eccc056b06cffc307e0":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ce1a9bd93fdde2adfd8c2c16a395b95":"":"64072313ed36eef8209f079fa622d7f0":"":"":96:"cd9e8ffc1423270015bf8e8b":0 AES-GCM NIST Validation (AES-128,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b15354ad3d874fe472719ebccd45f123":"":"1b2013153290edef60a6a438bd7517de":"":"":96:"f65a841ed510becf52b1eae7":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"14ef129784776647eb3fb8897915ab9e":"":"f7bbe9f699156549935f2b92c1dda163":"":"":64:"dd10fa64fd51231d":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5d4470053c46a577bba7000075e9bf2c":"":"854b768fdd7492c21618ca716bc8790d":"":"":64:"1f3c73722006023a":0 AES-GCM NIST Validation (AES-128,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ea87d675a0d406c57f78a2531bfc0c9a":"":"0907503fcb06ee384526f7206180a080":"":"":64:"65d5466392b63bf6":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3e8e27568e6e17ff807cc207e5d4eea":"":"18e51cdfb4a3a5ebc7b0d7b17727aa95":"":"":32:"a7e3f637":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"596a602164b1a0bb50ef91bce3a98796":"":"2025e72bd6a511980a8ddce34565d16a":"":"":32:"f84f92de":0 AES-GCM NIST Validation (AES-128,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"32ea8970a8cb70d6ffb3972a146c6984":"":"":32:"eef4b97a":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"869ce65e5e5e12c620076365f149784f":"":"317bf07e83c2e9717880b7d080957fe1":"ee185d738260de67f1792a7d548ea73267fbbb6543bc081fac43e00e6cca92d7d646f27054894664ffdcbe635e34cfa800912b59fdaa624b36c44c9ff4f193d3be2f97a7820a6d4ceabe967091ef672098baf82dd3b671cac4fd4f4b14e4ee388fbdaafb4dab2385df4fca23a78d31f11bca15eedd7cac778484258778106a07":"":128:"add6c89153c4c0eead03df44487742a0":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0a05baee927bf23dd2f4b57b90fb6434":"":"8147e99dc9e462efea9c1d7f30bdf45c":"6424ca7fbf24c6c3b0b5eb9d769b26a9792c96a8585dc596208ae6cfc0b265bd8d26af31027f278bb92a9e3b365beae8d964ec7a4096513f84fa73f8739fa7e11d54d678bed19546d2b71b3d0166b25b47ad7cfa69d74057d889258a796a65f2bf8d3bb151f4e721d398e74594a186e6182c16fe4c8813dfec67215b3c4a94c0":"":128:"05fac5520a99ad7fb407c48995a2c331":0 AES-GCM NIST Validation (AES-128,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"":128:"2ce6d74cda466354a736636bf18acfc0":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2b2bec16c7d326a35a8e4c0b8c2e3674":"":"4573eb54491ed91bfa2185b762115bc8":"7a4a6b3114dabc50b201472c5cb13a79430f78eedb2ba8492c01ce10a74d08565b9bf9874bb8fb72f694a23babdd08684cb68d7e09e65813728aaa5c41f9c2b10d921f8271e200e0c519c7c46f572bc9fe3f27e13d1e6d7bda4bd66c1c4b0fec8c68a1b0ed7b0659009dc894ad55e0712ddd0837315734f2bc3b757241af35ba":"":120:"5f5d4695795b8580b0bc414a81b002":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"886fb12554b075dd9663efd076acbe56":"":"7e7a73542868fc27a01865c3aa635ad5":"cb25c2f029c7a877a0aa565c7f7347b317ad534821edeeea838996dfc42b13787e5bb237525ac926ca8a6c5078210f4a27863e8114c728d09653fa93ae990e99f0c856bc8097c2cd33cdca1a407897e2f495d2e75356aabd891702f25ff20e6b6c8a785d74b78a734e311fd236f9e970202674004ee4151879d59340b20aa23b":"":120:"8255116ee1e3cf936633017c4dec3a":0 AES-GCM NIST Validation (AES-128,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"920fdf4b39c63947d57a07eabbf3f2f5":"":"77431ebaad53e42ca7eead0d45e5bd18":"11f82f9ef7c2161ba73cf7da82c5397da5e8278da180a976f43222402e983b057171f793641a8343d6366d6cc9260dfe8becb8396b5bcfa0f46908bd809bdab61126cbb8d63f601965fb9e4b3afd66c594dfd394d4cf06f79f361771a85dcead6f45dc7df10fa434736eb109a76fe6cda32c5773d4db6449494f2a3f6c884bfe":"":120:"1291cbea1a9f8b166c7306ff9eb281":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"114060534f526895f30dfb4007356ea7":"":"5ed7fb59618ec3d081e60d8259a3f184":"a56566a98d9d4fdcebc932adc405e0b8190d537f931983168283d0431e7589333d42f2a3d6e41f268e7b566cf48694cdcfe01fbb9198804ad39e7d387039575c5de787610a23ec265505a448c3a64ddac1b0d8c567eefe5c3c2dc1bb15af45b4bd8fc2e1506ddeb2e39e04f72fd24a64cbbbc929800e0687b53eb89b3049f271":"":112:"62f770b3985388ac37e14e8d4696":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"697ca4e9de580b525d7149e8b69e8093":"":"e844153734eaebd86983aa3bf50068df":"cedcd5ffeb7988837c38a0be4234ab1b03f14367a1a3854b6dc9f33eb9a87c411326e5cb7d12dc730cb6f363da2ba68affdfb651fe497942e0dd59668f56c23dae80b7bbf905d36b501ff037fcdffa472efa4bcc1c975b67e5d7f348db73e0ce648b44ecc5b5bbbdf3101bf32ea99e3c8e8991c94fa609c93d4b375a4389023b":"":112:"95becb04cd39c868c9dbd1d4e59b":0 AES-GCM NIST Validation (AES-128,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2fa92cc97ef469efeb2c25838193435a":"":"07e6492f2377c04a85045d24940fbe8f":"0f021fb787c6de2be054bdb2741aef82ce35d951de2986c86c3dac77ee0804dfbd010d33a5dcc109769d4b8ff1471eb98fe917c7b0b374e80539f2f4432f92aa55d8398a71510c2acf85c54975fb09ff5638b936283efa3c1d3b054865f97685d6bfa0dfcffde3a20525b5324573b69dde230ea87c685e4f6b5c3c4c55828a86":"":112:"397b2b0dad7f1926bfc25a3ba0ca":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a61f8a5777ec3da0c3e257d421286696":"":"14894cc4ff71e249f0053bbc1680331f":"9df46dde257054160854248e70625183bf957ecec36fa4f5a79a1650e04b500f7f2fab4bb873f0e813f0d6b17610bde0de95427a8e2d1293dcdde053f5b1a5a81af25d553289e89e77e4ad7d0a1190151724730149050bd021ec61a08ce2271390161c752df8b5f61c33ee39366de4c1db41d085ab9dd88e170e8c41c571e2cf":"":104:"e062ab7984221ed226be353731":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aa2d04f4f5258c6363b1210c91aff7d1":"":"6b24c03273dcfd508cead2df0c65ef2d":"81a1b326f8f22bfecdf1f386bf8fe678a427e3886801b823a37860b9a832356724b1d352d6250cf8e8f89d0bf2314fd11464c3b4871478f0bc290ee1096c8f6cb5484176d70762289b44309d6a88e4750185abf30901bcf8d952da9abaaf9807c0c0ee8be2b247dbbfd182b83f9bfa67ca3bf448c3f5a3de3c31b058c3f944a9":"":104:"80dee09fed5183d6405beeb268":0 AES-GCM NIST Validation (AES-128,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cf221e6cade9f6cf509afa6979cc1fb9":"":"d35433be41a259dfaf58aac1d82af462":"b31c477490e5624c4aac8e590725bfa8b3efca618e2369e9b980d6a463a014d55aa8317a9e70ce6de7c574cd15242cf4eb3eb078cd2f49fd82d1a56c6c4241342e62a2e9d94f0aaa024055cb441d650f0a6ecabfe9ef563d6bd87d4cb1bed348aee42487c13b73e52fb70f0ca6ed81924fd519806e04babfd08df1a00191caa1":"":104:"f1776b1ee7a3c49f99f34f582d":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c98eb634c7caf52d3f3d9f344e141988":"":"a0e58176826910a69c2d68ae1c6a05c0":"6e559278bc469cc670c4d9105c3c2f8fa308e11b4a60f75664a9bfaff4f0176175ddd3c6c17ff91a208dbbc7c49efff099fa873f60849ffaa3a3003419cadaa06b92a678b80bf6c952bbbe596dd0a2eed35507c55c48a9e6131bcbda0621cff87e02be5d082944f2c8e27211527717272839601b0e26cb5aa2301afd05ae1b35":"":96:"3d8617b2db536ba7d367013c":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c5018f4a8e2a850979b006d0498dd0fe":"":"75e4bebdd170159cff59f895ebdeb118":"25ed2831fef205690381c73e925ef7ba20d5f2e3a4b5d7beabd749fafa08a6941acb1385aed977ea824322d378649f646a812e6c87ded6ae437c68ffdd4fae937a8498ae825d7523746730af84d56380be8f575c60e7f836a862343916e98cc2aa5a27cd63cd92df63b8bb47c81fa6a53740a125bb9cbb247c916363e60f5f65":"":96:"0aa5aced93e0237bea9a0015":0 AES-GCM NIST Validation (AES-128,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cefd40aeac28fbea6e3343a125fe1c9a":"":"324b9722166edc3831bd19c1db5bfbf2":"72b7a4289bf7f5a752665839adde8f79644424839db059ce40de326414c09691d5c7071e43722104a94e430e263bc974b98f167c50b97490bcd4286b502f607ddcec5387695463154bd9598ce8ffb6104d1f7010bc196ea2dcbfbf452d6257b1da00271fe1e6fb56c43656d5570b965e0369502443536cc46d4c05b1e863ed8f":"":96:"0c6b28de22e02fe6a4595d5f":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"58cb7cb58518ff3fecea4b44ad9fdef1":"":"fe619efb1c9502c03cb8a70792f9e046":"1a7c444a84267f52c36f3c09f8c4a88b6ffe3309b8edaad93a08d3961af28b7c2baba5165f0a9efe13fa6a0ac595da156741dc7f728c11edbd8ab02f03e45716be504778a75374ee882af488bfbc6cdd58fd81d3ac5f369f85ba42c6fd7f9df4b25fdd2fd32607ea800047e06058388c4f71a5eb4d825e8578106041c84c25a1":"":64:"8243f32002d33cdd":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"15cc4cb979a343f4adfb821d6f6e9c66":"":"68464e7eb64360c7c0a8540ac3473513":"d69f4a9595a48a50ec33ac1848df3d994eff838b28ea7c8b2c42876dadd60a3f9769bd4f61d8007c9dd4fde55edcec8f5ac3bf23b1a958fa714dd88cd5261edb69b7b086ef0f442179943f0871a6253aae99d31fdca448bc3efef353b5cc55cfc576e4a7fb73a5ab6b5af58dbd381bf7f9d69a5c2bfc902901fd485967b23bd9":"":64:"c0f4302d8276c3d3":0 AES-GCM NIST Validation (AES-128,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6398de910ff8f3acdc2217811a1da2a1":"":"fc69b21ec18195901ffa62260fa20454":"021f225240cc9a68c4886824d373f3a70fa32b3a926c78164642450287d269d39dbd49c8c71ce7b914f83e8b53bc61c6773f98318557b45f0cc2ef2539939df7a1e6765117f75631dc5640291d20e6402d22cd2e231f9c2c67cb24ab5d8a69933c49b89c9fb2ea57136a6bf1bffe8e04d8d6c813040215f051c654d93224edfc":"":64:"314d1a332d3c590b":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"382d86868ccd08d417d94f3b73729e09":"":"069069c377958235171437b34e0fce76":"049af372e34ef7a92d0d49cf2dd03052dabacf2982eae6a817e6146ad799971be239ef5810ec3f6cc6990e9641a7b696392ad3faee38bb50746c1e93913c02dbbcbc6bf54f0d062f176779b7c0dd5d7ec7752601c9812fa80508a78bbd26922bed4f64b1ff2a8340ce1c01e317e3526cd8218ac24af87b07f8792849f6479b8e":"":32:"ffa59fa2":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"21052b2fc7bc7a662aa9dc4b6a04f25d":"":"d7e5432def6a24d486a608e5c5c919a8":"1970ed40003bccabf7f3c57bbe5ba27e4254c1511413ed421cef3a6ffb9f0192987de83ae965478c3e9979637f8b3fa5d10d69b916f03fdc92ace7736f171660156d880114aefdcc164adb6f8c03940d9b43ce8881441b41cafee3351a56fcb632aa4b09ea81adea26fb0d8c6e1ae380df922a429ae1f5b82b38d9bda4323c51":"":32:"ff342f4b":0 AES-GCM NIST Validation (AES-128,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b6c53aa91a115db64653016375bd747e":"":"8163a4fd9c2c7010bc85c86177b194ab":"93cddd318b999262c7cde2838cb5c4d78f3eb1e78d305e5f808fa5613526d724e84a0188ff42a2c34bdf3b5fff70e82b3c30346e179fb3faf378bc4e207e335a44da53a5ae33770104b95397fb5acb746e6418d0dfc7368b035af53b470fc66bd0c210b68ce1b276820b621e919f044e5cff5ced7e07dbb8825bca6b4ddd8ee2":"":32:"50b8acce":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2251815f5bdfe1111c7f9ca246662f93":"2247e781763edb1349db2cda53e5853b726c697b34497761373c3b6a1c44939207e570e14ea94bd5f9bf9b79de9cafedeabc9241e9147453648071f2240e10488c6e3d7077750a6f7ede235d44c5a96392778ec51f8aeb1a17fabe9b6c95fbc479fff954a676813ad3d2f71c76b9d096a0527f2e1b151aa8972147582c0fd2bf":"58973280c2a7122ddfcb25eb33e7270c":"":"b202eb243338849600e2feba7f25a05fe98323bd7cb721ac49d5a8136422564391462439fd92caad95fc8cdcaa9a797e1df3ef6ba7af6c761ceaf8922436dd5c8b1b257f801c40914c1331deb274c58eed102fd5fa63161c697e63dc9dfe60bd83cea885d241983a7e5f0d6a8fd02762084d52bf88ec35f156934e53dffc0395":128:"c3701ce3284d08145ad8c6d48e4ced8c":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3199b70e7115c74e3aa3745c18fce8d1":"4fa0b090652d5a8dcd9b5f2ceaaa2dc87a40b30e2d59bdff09e1f204d1b90371de70935c385cf5b4d7e0c4e88661f418705370b901b97bf199b366e669bc727882d4aedf8171a8c39431f11af830358cd0d9e110da1a0cc6ef70efb255efdac1dc61e722a2d8b7fb4cd752c6350d558ae1ccd1c89f8ba44ab697df96681ee301":"808a019f7fb761e9701c0c4f1a1690e4":"":"8d5ed4146fb491db9456e92f753aa4f688a9bc276e6aebb782a0cdf7fe578d74ca3946fa7b7893eff6345e64251cb1b146442acb64041324e2847481fd4388b17f83206948e67c1e66b894d5d40ecac0bbe4db0c6f58b65a1f19f29429a9e76f78ef5dba0c94d88dfc06e6222a506f004d24cdb3fe26d6eb6e08e4fdf6289651":128:"908806d668451d849ba0268523eb0e4a":0 AES-GCM NIST Validation (AES-128,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"63805cef84ca7fcf281b226c3ae37230":"543fd64d1454ef6c007ee96b3ff5d2e4b7f5d15c23e7548dfd1dfad4da7774b8795e817fab3be7fbf8e4d0d351a743ea793d9d01385a552f78ede054be079aebd1511013de2096456e9fc1b83457fa1240cd39c17440d4b55c4e390119a759055ac851a02ea481eb83e294922d35f687a56d801eed638d289350e141116ffba8":"1aa9e75d7854509a85d995ee482b8eca":"":"98db9e8e3ff23f09e585e5326f525e4f8350a1f233a0aebd60d5951583eaf5220f1690ee3607ba98cf8cc99a90efb7197835957f2bda918a32e528f55d548e3c83d65910b956634224cd5415ff0332c165d1241f7a93976649ebed2cc7e62addb76231bb738ee8a291b62365965392aeb72acc5f0fbd2f88f5613fcf44a1b074":128:"9b1baa0b318e1f6e953a9f90b21cd914":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ec9245e8f567e1cc8795bbf72f2999b":"f266d0060d290339def5f6d8dbf7d120a4c645aa90470e168b4f35342a00b8c7b7230003657d377d8568d252765df142e97a9dbfb9711d9ccf396f3d51bd91673f129d58efd80ab83a0678303e29a0dbeb1fa9fdb7fbde586a17ace65e894374ec8da1ccd3e21851ab998534de46cb43b38e241edc04b5c571dfc0aa0074d4fa":"413628d9ff3e4067d840b0abc2cda0eb":"":"145d83092a269c8afea604e9192b8bb550b9bea85f842fcc4997c2b00c6f3ca46100e814e82389f27a69a12d29340c5827e607657a00fc72c4de30079e23760769e800ee4ce46957f82d61935d07d1c70dca836c19969dfd0fe0ea740a52e2d09b1c9aa137b5e8527756fb2c2298f8400949ba24a8351c1093626723a68a79f5":120:"ad174d1edc713c187a5859a390fff8":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b08df4acd253f9dd4abc52c4be488015":"82f665910d853fd2b775bf66a1707935443574c90483fc33ba02d6479fafd99c5f816bc58a1393a44fb32711fbeb0d6936efeb3580f147c3019e9f2e2ef48b202bdd369c277791bce524f3b22ceb74c664143c4b1da819b229a5b480aa954be110ca006615d9cff5a158342a47cb6d04fbb817ae4ddff6d4f86b74205799c9c0":"e1c27d35520ea527f9a2cd9b0f717841":"":"f5b0fcd812061be999901595b3547e70f7144cc9e0b0098262be4c440e8637af782f536f571534a658ad1fb44360d9c454d1000d6957f261401e09c0f19f5146ee5433e378423f9c94a90af2185d38cbe2940a459d8409d987d04a1f3e686c2b91d4fae1f3e3bdc5a30569838201b7d30c7320d7cbd787bfd6cd40e7e2d071a1":120:"fa31e58fa32d1208dd8a67fed44033":0 AES-GCM NIST Validation (AES-128,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9c08d6efb167beb035f71554f64c12cd":"704f59d5202108b949170532ac1e78edb0e06fa323c1c69202d7d22dea4d7342199cebe949e980a21ff0fac282b868cc31ff4f6674c393c0f2cae2374664314afaf7791974b6bd6af26ade7fc266a6cd2de4f3c1f479f895ff597998cc8b929c1f05db13d9b9a4d98c9bc606eee32915bbdaeec6576e1fa6e8b22e0bb1098074":"608d56f6dea2fdf175eae189d42a85fb":"":"2c7d2618808adcf8edf5a54119471b930e07488d5fac3dcb53f4ade43674d162881bee1f27dea6d158b254d4b432e17f211515bf595a9874d89f8cf748ddaf2324078029c6463312ad32eb0aa5ebefc31c7fbfd04b37ba6b766375952c211d160b943e9d3c5e144b581157bff9071d31cfc082b55c4a0fced386ef2fc75e1a7b":120:"7a1ae03e2838294e286dca4fbbd9f1":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"192dbfdf86e48bf18710e706dc90e356":"1d7c45c8ef6f9f073c7f186e4c876c2b8fbf22feeecdc111a19071f276e838ab0572c9a68e9ad464fa88ba8d8a162e9f5ee1c4983395a890990357673467988c057eb8a0342c41867baab41456edc3932531d1c4aa0b42ce2b388d2be579dfe332f40a9b864c5e33e2b3cfd73b68d65c4db9ec46d3ba1587a56cb7887dcb3c5e":"1a511f85e0e138f4241882c20689f881":"":"3e50e821fbf83433155de7b4eb3c9a2c148b08d9d3998a3486f517fb5d0a1338faabbf95e85fa9186385bcb9e26aaa5e473d3cc7af869872e4fb36ad16c5468d994e9c71a09dd2868977f3f9064664f6ffcbac1bd313a7803c304273d69ad20369bad36adeb38480563bc6db9aa0d11a0e03d09731171c1229a756037b2c285c":112:"9393edf0934796eb97a8c513bbfc":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"daf9455bad8bee905c6cd464677b803f":"af04226cc6eb84f8167a68c2cfde33a1521dcbe781e7b97a3fae732bcd8c0616a588200328902faa5a65a27e769a720d7ea23333cc1c66c4d4e4c53facca5d6af06aea7fb49b12b04cd6ae38fe28d71cd66f769d640beeb07f508a0e3f856902cbfde6919077de378cf0486cf177f897cd0a56b69db3a31b448ebbf8fdf63736":"6cfe8490e892f5ddba8bbd1cd522ba0b":"":"e5622ca7360272a33e30f7fbeaa00956e8af0d871c433c070c8854d818eab9717293e845106770ec07da372c75266239a225ad74465e255520218c6736e51070477d70976aa7d449c32a5c85bbd6931c76e9e4355f9697bad2ea3bcc0be005da15c62db219b074b71fe4a5512157143df2c1f70bb17c6d3740d8d20eef88535f":112:"25fe6c9b2303b40ed31d1beea39a":0 AES-GCM NIST Validation (AES-128,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"82d166dddcbf4f7f66aa5ac6b12516bc":"7883f4f96c0ef7f6d9fd7c2eaad25995943078559eb24a3e6650126ddaa32301b04f737dc27b648d6115ce08feac862cb888073b22aa648c752934bb7f9c566209a97499236f782758d6f6f9a012a2fb6885ca91858f9779cc93950baa731f1874629351e6186935475a20593f66cddefff89be0fc0f9b57695b147d9acd8157":"540c2a07689bf314bc8ede71df3f4358":"":"44806e76a40bbbc2de860cd36e93d64c9f4c11994f754db6a279d6eaecfdf19966512de5223d8332a407381114d50fadb03e33e347a5f4d87c3fbf35f2d5967ba295003a2c6c12fba8394aa5b7a31365791c630734a6b2ef84eed0738cb4bc229e93c4e8529aaeadecff7ab93887b9fad5f05a88a5ba9fb449053ce4c6375d1f":112:"756d65c1b8a04485c3944e2a3cbc":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"81c1fca371968513a68ac09a7459042d":"182cb89c94171b685016bad76c445cc4561aff8e3170dd251f62efbd44910ddf8eba8a67dd1a237f2f7336f436edcfbdf9928e94c3488189110d672488c6c4e0dc4a1fb6e67dee9a1bfc3f49d2f934f305f139e98f0ba9c1ab56b5ce9ddce4ab54b6970bf6499e5e825abbb23f9e320ee05aaf0d712c09b0134839c5609e178a":"7c962a92b8daa294b4962cc3020dcd0b":"":"f91e36c79db6789a3acec9e82ec777efc1958e7e5634d30a60239eb7cae1b48f40557965e8a6f6993db3f4ae443ba167753c89f52f610ab69159ff60233310c1bb2baccb936433270f8839758bc85c53604e771e3ab0df6d6bb02e860d0eb27f425c7d30fb7566aff982d289228da5ce5a45842e10ffbe9016c9e926d7f69863":104:"0114c2de8f733fc18f203150a0":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"09ce73e733e880c6d7be92be3144db40":"a283e20adb6efedc5530f4efd71840d5fe61c902a7511cdaa939f5030880f3675959ee96e39abe082a66eba2a5a93214b22c249d7167b7a0fda360d02df855d508c7ebae7016137e54290904909b2d41a59942abec76612b17ea76ffd1ee715aa2b05b1314c0ab28631f3934d0e9efe2aef0c711e75a5c62701b3358a414958d":"f72a2fc910fdeeefe8743f57290e80af":"":"fe9a7f59abc3720706c33fa40e106663d26c0f8da0d25deb90ada8130b6f95aaec07f4a7db342b678d102b2c81464e4ca9458732783cdc3a9d504232f44e2878b0aaeec0f88efa5d7e5fb146911dcdb4569de7f114e1854ad7a95894561bd0fc4d9a5b58b5164872833283ed88fdb4900b2a596db4e8379eed4e3a5c08d5fadf":104:"9de97bfec1325936bd171c996a":0 AES-GCM NIST Validation (AES-128,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e61d415db78d9f2695344350e0a8291e":"730c3fa9e07eea73a734b17fcbc5a969dc2c04f448f44c7f6276e32ae3504e9b15fb664908f530e83a74e25a4525f74d315ab85d7b85005401370dc50fdb86e97baf3e7acb403e476193527a1a5d642ffad6cf2555d16d28cf4c4127189056389368b76aea806906b0a38b808cb02378eea48edc005cf2c21e6547502e31d2cb":"e09dee93466a3f35605b647d16b48452":"":"ae87e754c1af1175b474b0718e3560240f55194d946d101e7c0bc7af18d90a50fa41d68516e45dc2a4dba48d457ebff18a657a873e15620ed7cf6ed3a26195b9d354ea279b24ec7802e4e95d3f3765188a64d7b8d4b7c215e7d67385efc6288724a33a1a7994f21e0dc2970076af7cf31e9ad1098537543052a2b0f62e4e8a87":104:"5de3c5716735d7d1b859debb6e":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"19bf00b228ddb6e8f1fa4ba85f866475":"10742aeda590024bac2696af8402580d2ec6ba3f51cc6f79b6cfbb3057634ced6033fa43dbaec9af8ce7e9706ca699ede88d89caed89ea023d14761bec49da724538b4f9672163a5bb5dbf92f5278fc0014eafce402cb408a1eaad6bc17ec0e835d6b80f4701f946661757b9b2d54d1b137841519dd38d72835893ea6d52a27f":"760c5b929ac3d33bee4dae0088a894f9":"":"b03d27bc7f4c9d48d555a38091347f371d0522ad4c347b4a23194c234c7877cd3621ce5a7c2fc26b38c7e6f1c2bf228ccec491f5bc352556c08e4e19ddc4e4b2c036f45a42aa425a5ff9a2e9c9e5580b538ee56fa804a86d9b1b59b6fb0d00216a96936755462979dc14990935919026fb51cdfef05b8dad03320a8112b7ada5":96:"2f1cc79408c85a9867214061":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"65bd9e7d9009dd6110dca657ccfe603e":"c1b539324a001901c2461b9747f605a2f4043b9b0f54d1357049fd1819de06df6e29880d62ef7d91f9cdd1108f3cce323f6c32cec16f7bd434e539fd00ada476ef41efe7c6907ad1cb726717ab56d6e2d32042ee2df3f90d15e1515f0a15a5f06703e06e14229d18328116148b3cc39683918e42927f62aec49ee9bcc19be38d":"3fddf7e943326e431be540c49bb917c6":"":"2813d6eef070cbdee9d5d71caa8a88c631f0b71c41813c6219a765e4fb3e6eff9afe8f8f4394fbd5646fe80bab78806eddf7549d6ca3d0d16d47ef63db93cb5620e3814efd86be151b338ee6e2c681bd37be4039b2ea4a190feccd7d65cbd56ebda81f4b66ce12cc3e2cece731c37d4237a9dd0a2c1a7697bae42176a673d62a":96:"96200bd3e64d5eea746693ba":0 AES-GCM NIST Validation (AES-128,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b9b8ac9215289aa003cecd53a90e0407":"8a6fbd067144b6d50ea73a2a7abba3ee9677bbf00312c70d808fd124541ab936229d59842c8846569a063fecb8bd1945882abd987a936991d5cdbec087937f91c4f5513feffa1984a6b8d04a7b69eb4e93e90b6825778cd2ce9a0ce54d4a468c93884619f851d2294be0bbbeef5fc0c05d2384126289283d5ddaaccd89711d73":"27d367f3f0c60acf921f8d8b228a0b2f":"":"42d98ecfb4f707ec233c7f990b0cad8f39546b861b11d8cb9d939b29ff5ab315229d946ff55927dbde82c03aa73fd7857b2ad38fa55a827dda54d2726bcee66347ce42c9cfd13ba1507d209ff2388c0ea2474e17e31d8056593b722d3c2a302a716a288592b0a36547c7fd47f7595fee9d30f5bc09a9555d7f3169e26a924db1":96:"d66974c95917ae1bf79b6685":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ccbcc39512425bc32350587f0fc3e8fd":"57d6ccda317b7ea150b18d9558b39fd78d9cb52509aa5c095c5b46da89b79918c85d469ffac7226caddd670ac8f5add47fc382df1f32b4de9cc1b2ca7c2acfbdcaa08429b97e77eedea55c8ddc7814fe4c3cc1e21f95d94301ab77b4df7572d0b8778cb2befc0f4c4a5e93429ad52d6c2a75481f38d92edb1dac563154bf90b2":"0862ebfeb40ff24bfc65d3cc600f2897":"":"e6a77e90750cf0e4c276c50c3880b3f6fa357179cbd84e22f5b43cd10abcbe04b43f191ed3fabf83eaca886f4a7f48490fb1fd92ebdacb68c5158e9f81243f7cadc7a8ba39721df68dbf2406fcb5dab823202ceea7112e5d25952de1b922beda271e7677421fde25f8cde450c40667387e5abf8da42dfe891c52bdd9f5060dba":64:"927d13cb90ee5f44":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"396b53a694b28b717c104111c4752074":"bbc3b818f4ff10b6822ea41f63ca53c27578a8126f5163a5014c60e1bc8c1a9bba67a3808c8aeee09ba9e584a3584e9b86895a3f0db2e64e71bb18b843b12f4ebbfaa1dff3734196f70c5a6d970277ab5337e8b940ae7c957646f8e96c6b5d84e9e97b620a926e655850d09bc2d94678704aa45d1788e7c23ecf37e2904a0786":"0981a151c6f6867d3830c1f9ef99c433":"":"72a5587076a1050b2b514f047ccdf7176c118db9236c0f72091513da39d7416734ac50e0a35b2905420214be8426a36e86863c9957693292bfc5bfc2e93d234a09e80f517edb7cf8e5d21d5ae6c2362b779a9b62b4c66202894d369d219ef0e4b52a342b71f248c18ffc345dc7eb0b47b3bc83ffdef921eb42b6d51abd889ef4":64:"af99f8797495dd16":0 AES-GCM NIST Validation (AES-128,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"af090618cb454324a82a75a91944dd6f":"3ebca6ff138c527b851b27b9e3917bb9a07282197868351dd599b74b332610bd634422911393171305caa4fe3f6e89ab6c033ca759e118c2d8684b903966999125c748e04312ecd2c1ac3135c3be2df9c8c67be4d8303ac7aa6c21ca7b7c20b1108f5622d8e6079f41e4be4abda99f782ad35a085b7db83482dc71b8e5d8e71c":"3380a6f20875b7d561c4a137519cccd3":"":"6be8eebe7af78c062812513785e9803f302c771e8215e4c606fc5eddc3efd8b12c96e029b4287da55d8626583e58ce0e50c4ac5a39a1b0f309d5803386738397376c0ae155087f36fd86fdda4b5c8dd079011fa9a134ca8a76de570ef165b20d7d803544cd2f3a0ffede9b35ca1c982978bf95ac100af755553fdac38d988fe9":64:"3e869dcac087aa6c":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"041cae51d9e631ef70115be58f8818ef":"f6748f4a261d876e37fe44a419cfe965888aa5ee195ae12237322f6e7ac4bfaaf16e8e29be507e2978339a1855ab918485011fd52f834bf0876ba8d89dfc01927e0930d03c0ac7dc7ba1554a879a2051011bcb34a5e4c7cea4d4fb5ed53b41ec8d17bd52b2e1b9dd417a84ac5913ce3f9fb04daf4d14be65f49d0767b9431b47":"c32f227659e0566faa09eb72d99f89c2":"":"f30fe6c8765c8c0af579c95bc2d182ccc346e587a57aa226eafb692675377a85e9ee08339a047b9cb674dabf5a25301d2c8c264bc06573e36e55ceaee39239e367b8f1a3d781a2020e548001f9f98850994c3aa79b13dfc93c1d7291befd91e044b2f5d2583d1a9f868fab4afecd46fec7d315b0cbf8a7331ef8f588d75f97e2":32:"5629e1a4":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f0577d9a7dbf7b4ada5b9758eec4c847":"5b559738634825921b5cb620b5b9f637f8b7ce33998cce1ed1a23ff01f84e58255d852a02e59e4394752405ecc15248f7616a33e64936f726de6fc6d10c3fce9ac0b3fcffbd755f16bff8462b3be24f7cf342c8d0bf1ca79b1cb4ea88d690644998a8ac3cafc8c18c8cb737e38a681026d46966b89c7d6c7a4ce7a1e1faecdd5":"b432473ae67205bc7a99f5ab2a2721e6":"":"ddfe664e28c5face3761deda1ab2dac6e36cfed538e3faf9d79c54e3c85b4baea9eedcef7f8f28c2feedec72ab2cc6aaae101b99512ef18e759b7828364e4daf9a572f8c6ad88eb82f7304989345aa4985e498dfebc58cbc45aa31c18c0dda5b1991fd998901c65807c8cff6058b1d5dfd583297da8451cef13f246547ad11df":32:"ce55ac00":0 AES-GCM NIST Validation (AES-128,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6ca1d6ae9b5ddd6e3d68656c508df318":"d160740aed955e30c1f946088b5bc5bbaf5c84f282c32f65d099509993628ba5a51b411c6ebf57d58e9176b490ab90fa8db8a3cdc67a5f8322d06d719d91f00ca07aa2a3977dd0838487f2e9d4dd285067a1f72bb8a6c9dfca107acf1f404995bb68ed9d7e12423efe570f144e0533fa34b8d0b7156112b85c94a8fa33d7a6d9":"68a494c9002dadf4f0303dd0ebd600c0":"":"276e362cb73b405b10a98731333f6accf0d19cb96c21419d6d56b30dcf73f7208906b0e3eb103b721cdbb7eb1d4ff29ec3b7e9d433205bd9ec48c59d0075a1507ddf09275426c0ce9a58b973e06d6fceee7054ba92b1df771011ac73e39e451d9ac3375c595631090a2296d423e3ef806ac20770abf78ad04114f65661804fae":32:"8ff9a26e":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5a3e577743b4581519b84b7538fb32e7":"172a0a14820448e5ffd017c18ee02219906f721c915c4f0ff13b7b7889812c0edb89f28be0c22deff76bc975d1ef8ef3fc40b10cce0d78933aa22e6adf2d4b7ee4ed6ef487eaddb666afd8671427f7525eb99af54a55d98159fc5d651266c65ccd915cbba60fb6e2c408ef177d682253c0b5410d77d08be1d8f175ca360becd0":"1e155ada52e250cee145d69b4a307bc0":"b9be2145b842d2f5c3d15ac032010400bffe31856441cb484d5c93e6710194b13e14077e132cfe03985d4b936bda9383c22c392968c748f7265213a8eac584aaa11eea35589e3536e39b3e4418248927fa9fcc027c5516e402445068ef793d349eb778b77fb0b37f51bfcc3c21df9999ca9985cc5bec6502445b068c2d061f41":"b5bd224140d6b826062e55754299a43a87cbe861360334897e82b7a6023ab0041736479c9aaca7c73f27e239a63e7433e048a8d2c2d26f0b18476aca7ac20837affacdffb57c618ce5982ba61fe1792c8a3a856970c095b0c4695dce961a354135075e0a786192d5875d16793a3ad0e3572a81efa24099f5ed9c92df55c15dd1":128:"74df58fd4a2a68657ce35a3ef11a9c0b":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"deb0ab6e8b0f392af6b89d253e923f1a":"14a86c431bde5c0861e6bd2cb748a13b9bfb2a4a67a0bcf067960b3a9c7a75fc7ea321863c83693c70076462ec3179f4d82ed4a1155a4b5004842fb47482bd6a83804a05af2504f6f535eb9bdc95a9a2eb80c7dcd7dff54e3c00437e4da9c433c88f6d248e4754656acdf8ea7d68106b04ebb2f1cdb247fddb0bca1f8e9ed6a5":"c1bc587c3440f1f5dea5b0a4b5ee8dfd":"602cfb09e8bf250c3a2c248c4e91234629a4fe9a18c5f8b59df215e97dd873a7c1204bd0695796908daa28b77353e0e5b37877a7441d35633119c0aee9aa82c3c18a7f577d09293fafce1895dafea42f97222a33b001907b978f11471cc0adc46243e8f7fce94803d4d0595bc9fccb9b9396b52deb943280eac2c4eda54841bc":"a72d27136d0b4efc0aa2126a246ae4946e2c62cf5055f7bde263e7516ace2b7e12179980f8dcff18dc4fcd662f38d3b9dc7f8a057827ebf27e5dab85264d9325e0eea3b12f8e9e39ad686263df75b0758cc8af0be89882bb159c95b8de392b3e295c039a520d2e56b50a6370afa57adc967f7e4ff670dab471a57fb6c81401eb":128:"eb26cdf879e0cb1320d786a642c4dfc0":0 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"adf6006fb1cfea0f9641a4c35b864101":"d21777e1fab632bffd82a58cb732794f112cd88bdda5a7a8d19c68ace343fd786e5e512013887105c21299f2d6ae23cae4f03047c68f019d98e76d2aa1b3a204f13f4cba13f5a8957b9aa3ebb44b8024b26cb6139a3bca3ada0520a68b8571ae89501b212a1f8ede5753d557ad2f38d9465dbb09b555300b13194bf7817321f7":"a349d97fc677d8ba6f72e8cc7191ab78":"5717bee8b31640f3999efda463d4b604c1cef62fc0dcc856efb4c50a8c6b902019c663279e1bf66fb52d82f8570b9a314647f4b1ed86eb89f4be8981225f94d4285f5ca9167434a1569b520b071ee4448d08cb8623b4cda6d1f7ad28e51a2df980b5a999025e9ba646707075a6cb2464c2a0d5fc804c98a79946fae0b4fa61fd":"345af0d804490586c9ffbada0404176f4cb1331fc77705175619f27d107512d3e6068323b276743284feb938c5718a5b013305fb42282a89e270d24585236fa18265dc7e8ddd2b3efe93a2ea05ab359323c75211f2133aa97022c9a937a467af37c92a795c682a30f2ba1c4ab2dc45e63c56cd3b29b0efac2caa3150e6a72aa3":128:"ae7d2827c4f1422b728a9fd31d8d1918":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"97c83d4628b65d94341984bbc266dc7a":"e998cc0b7677fa2e504994e99cf7bbd84ba7e356d7da178f8ff40dddc046c70554ddec1d28aa23f9c4e6fcb9effeb8e28a883ad05bd0a6041b8a24d0fceff200a4e33996e279cbf029b11d58185adeb5e5e797a74d0d8b17adcf06dfbe3ee11d8e6bc3b6a8434de6e0ddfa0fd08c913f9fb911cefca72bc3f616b4ac9821f53c":"671dcc5001c2146bf8a4e522ad702bd8":"9eb12a42d2ca06a7da37fbc23d213f5e3f5e15580f01b0ea80eb4b6bd283e307dec965745ea3b3509d3269cf25808fc6a923e97d87d0c1a30b447a5a27a06d0c88a96cd90d990bf208f1abc4934f6a0ae34a694750a74ffb27f4bb66bc799d43570b01897b98b00e6a01b95b356b11d33e852b2010da5785a691246d0be2bcfb":"5a6d8930e473e292e67425748e8618569b7a478f1e183ba4e4a64385ac4b75d3d42b1afc34cc6daff341f10c1ad8f03d77179f52a7239ab3261f5fcd5a0b4282d26fa4d08bf0c8a5c96782c073ad63ad233dfe3aa0290a03d73de14d445b9ce4ea0e3b10a4aef71c5919969b7086353c942c479a1c052a749afde2325ef46f7f":120:"b81cb7bfd0aaf22b7233bcfe363b95":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2dcd5c974c5d78cde0d3a677d0b1acdc":"21b61035ca3c149d66608d77edd9770411e0ef73a97d4be9dcde95ed7997ba97117ae6c1979195a5d916ff7a1d43ddced5287004fb60a2c81c82b5f7c8a336a603c3eb7cb160bbf21b454f810681450d65deb64e7cd229333fc5e85dc29040d7da48511b6b2524f02eaeab422b5ca817796c47b9f2d7d498abc619b2ce2912bf":"7455fea1bbbfe9479830d403e33c9d1c":"d684d38f2b12111197ca512c54c8e29ef1c3b9b089a6923cdb327c763f0ac8c2ec0900c716e211e7cba1d7c13a60fe87f5d78e5d5215d92e57a0645d9b2eab4b11870b5f7bfa9f2c9e4b9fcf7596e7719b7d0c0e6cc16efe71d8bc92e16a83d4782f08e9b97dc85a18c435b51c940189a3c2608379a21a8c46633020b9b6cd10":"eb039d8cf0bf217e3f2aa529ba872c385f2770ede6ca4ed32fd22cd3fcbfddfb92d681f00df6fbf170a5dad71c9988d556cd74bc99e18a68683e0ea7b6ef90b21ff42cef8c4627e4051bff0da00054390e10036f430dbe217e5bd939295d9c9f64c2614d42ba62efe78763cc427027edbd0b7f72eceaa8b4776ba633f2c3d500":120:"18e7b50fcec11c98fe5438a40a4164":0 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e5b132bb7aca3e01105848f9b37ff516":"3b6d1a432b7fdb4022fc35d6b79ea03b6aa14d4ddf60a160e976909ca069242fb2e7d414d4e34ffdf9416823c4b3f4e018ac8ca689446647eda6a12029f886bcc9d18be150b451d78fa72b9c4dc13314077a5b04cffeb167005c7e8379940e6b998316bef9bf8b5a742e337663c0ed91d88d09d0c3ebec37aecaeb8277b13661":"24c1ba77d37f99253576f4963779fd59":"dedf78f05957bde906639bd35eacd8fba8582d288c9f14a25eb851a0a34c82fd91f2b78614ff46ca17fe7781d155cc30f3a62764b0614d57c89fddfdd46af4fa5fc540b9ee9076805d4d121aa0dad2449d228f1fc3c07d466c051c06db6846b9012e8d268c6e1e336121d272ca70d965389a5382fbfec0a439e979f16fab0283":"9976d2f3e16485b6b3699a541b6df386562b5ea4f6f9ff41d265b16e2d7d3c5f131bb5874cdffa87e704ae3cc24f1dccb62bababdcdedf8bac277a7277ca53a4d38fd31f9fc83f86a105663f045b70dabd553137b6d6222abb334b7be7689a4afa28103619f11b8b61aa92a63136ad5639f11bae64b25f09f1e2db701938fa5e":120:"29d1b8a68472f2da27aa84be714108":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"63628519a0f010620cbae37f8ad34570":"6db2919208b09a8abe5e95dcfe0f957dce1ae0e5b29f06bf321dc815ceca094f38c5c812f591aedbc9fc28cc0317bd1d89d4a3ba14f7b3e5fb2e03778990a6006e0ec2ceb47c923f3b17473f99521491a4cb2f9bd435e3133dc90e129ded9d15d78e75bfb3492458ce0964d5614508ef2a38ea02ec8664ba901891a7cc86a62b":"ce0ad75b94ab2d3918abf255c854ecf6":"c29384bd7cd013fa02487867595d739d99886a3bbed7fd5acd689f3a74f240f14c8fffd0bdea1f83bfef7b58ce512849e3a986f37afa54ddc11719169a49bd7e7138a745053417ff80cab1a32ae9be476ccb61ae055b319fdee5dcab629bb237aeb7d998ce36dd9c6908451c3bca9d3582f7fd60e69f6298d43a3b958341b611":"6205d37d720cbb628dbd5069f38ded8e566030eadb7fbdf2ed827d5f5a0117a21c75ade89782b3dc4e7307d9a7ae406ead0145aea1b6cce286103a55ce195999214b84bc25281bd7fe511868a69944d483e05ea6b39b11558ab46a33d227734eb3a386e30d58c3029ef0cb4046c0856078d57a6df194aa8c0e10f9b6ed8fb40b":112:"423fd542498825cc54501cb42b2c":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7c0e1c6bde79315f79f22ebc77107228":"9cd56b16aa4e130c3dbf30e701e8784ff39f866031e778e9ab72b858c3e333e9589b4b6cd89d6546e52a478d92bd59d0e4756d6b5037ab1873d88242ef31be643745d26395385b71034f6f0c0c84816f0c6755965fc8a7718f891d618f226684bcc77f87fe168e178b330d4b4c0eb4791028017fe6c42e68b0e195654a5d65e5":"9011dee57c3b8e112efa4d2b816cf189":"57bfcccc6f00c0abbc5f30589dbb47597838fdd50dd622eeedee33824e63ba78753c05d2543687f60dde501757b6fb74c17fe34b3e9c455eb38cf078c8c77eff68d3e3b8c244cde70ddf61703664d34159a11785cc6626eb1cad70ab94405616fff52c0f781ee6b43ef2a449924a76b762035ff479cd6006c21a62a56a14650f":"2c1ef998747163104e5a7d2a440a1a1cc2c20446a9d0cf5f138f85c1f5afd90fdc3fa4932845c150518f40bfd56569a5479126c49061ef350b4fae895170b4eb94dad7b456890a822e1bcb57f9bde5bea747d17be3d18ea201cd99bc46fee21132c6918ffb0117744f6ba3f25bc8a50f9719854314b934c3a3230f4757a49113":112:"4ef9aebb721dabe2d09101037a63":0 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"93f3fa85dbdb2784fb078a34b1116eb1":"e7a0fafda0b90cada671f5e2adfd2e2a5f14e4613ea76aad57e79e2cb532f655210614e2036d7ac005ed5e516814d8667ed71e0f29b9c7b470f4722327407cd6ce6dbd298cee37bff33c35e34cdfebbbf33934673469d6b98becd6d26868977e69e06deee99c118fd4da3530d367d20d15107c03efe0d7e7b38710231e0dcdf0":"f5a7b0b26d1e86f4fc69f81c9eeff2cd":"3d2a1dadccc597b5e7b6ce48760150dee01c8550b525c587abcce8c2c7fb6291683a58c2e42e7b7ba6a3c2a117ddb7e67ea058a78989d67946fd9551e30fcb52618dcb9fae079ca56b74572d7b6a7b6a5c60e906e9639eac5ee1a5a2db864721119da2c4c5110c2b8d487e792cf6929600f1587cb2d48efe6864019afc32af6e":"60da3f4b3a263bc0178379646bce391bf552f60d2833261962375d2960c629dedac681d86f7915ea3cffdad0f37e409668f923d7c860525b994b325396531994a2fbb2d4e909d0b1dce322e078b4b8cd99820a39ffd7b468bd3e73b418b9a2cd5757b7d45f0363574c925bc22d66645abd95a6b29ea6366d8c2252d1c5710d45":112:"833d2c55f5ee493060540d6b5349":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"163c05f69cdc4e518ff6445911d1ede0":"84d8a1855423293de37ebfd9715a9b46b175bc6d44e94ac8a3e7d409e8a227a57a6b85144a8ee23564fadc28742b69e89c0d4aadf0a786f9a5d5f9198923643ffc0bfd0f96e43b08f1435d4afc0e49c0e2241d938780975bc7a31cdf38f30380753bdd66be72b4dff260a35dc10b9ba35059ba61b0beab16e35068721bd950e3":"4b16188249096682b88aa5e4a13f62c1":"a238d1111efb7811f6838c3cb6f3bf3e0ecee6d8efb26845391f8adb51e497e840ea40318bf8e3cf0681c3b69951c4f03d5a4b5edf7119a150eafe6dc16b68f3d2b91e1454637135148f4fec132bfd96ca088169a35961d4c663535b9852f12a00ec4c08082553a09ea046379ce747c717036154d063d876a2b95cd7bdb42daa":"3bf751cf63bc1b433be6075303986ac1d0592dee400774d0bb7a9e72224417639e1e83e69f34226b873365f41fdac925628f32ed4b572b374310edfd892c5e0c3197e59efbc22ee11f0d4a66bd73a6f5b0de7c1cbb0612a63a262af51d418577a9bae0a8577e547382878f13047a92f51a867f8b7d283d2099c34c236918f718":104:"0d778299c4dc0415ca789dd5b2":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a2ff7cb9fe33b04a087d9ee6db58ec0e":"ed7c22218009ceb5b322045fecc1fd748f27655397a09c2c29813eba9a5cbeebe88d4a35dfd741ef0ac1d11c4adbc6bfae824af88e3ce09f68d8ca7671de91ec9e2bd5f790d1cb1748e34b3560c9b10726ea4b85b127731d8a7fdfd0ddbed11aaf181799f71a68e542b43ed9889237d2fffe370f41064b810c2e14d1ab661517":"6c58eb8f1f561b180f07ede0d3ae3358":"00cb63fa0cf526c6db37e33cf092f3f421fd258d28446c9a7c687b941c7eb5e1c5be267db992d0d93ede0b09030f979d451ecbdbbbb386cf1d74b23d55b74f5f4d520c000c9a41922f54567ca7dfcd84c68883a23c7acc3db3cd8d340217ee7c5ea39b41cf2c0e58c270a19ee9e146d2dbfdaf8ba3e24fda7f2c5e4ba6563ef4":"f0f119bddf5ddf147fe06da9d4510d97369d8e345519df2188b8d2dbaf8b7d3e01f3c26475141aae224e5ce1b131c8096f0e2a17c4c2df62f76f009cfc8aa20ddcd75a6a4281cfa2225485ca22aabcb60ff11265acb92a19ed66797fc2b418ae4b8c70fbecf0fd63f6c22ad62bfd6f40d8d0e2abeb620b7b4f5d8b3e041a53e6":104:"7885ca22c4afd7dc6cb440ea35":0 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e739a485b6293b43535379e3b309fe8":"699b9a5668042c48c63ffb323c0fab18446546417b2f33a69addce6178f9d5b7dfa891ff2004eb57a98ca012c2668e0614276d89b21b7bfa436b2aa1582daaa81a6a7722186e99dd16a5786fd0e8b09b194746232fd413984484524793a379112e297d733dce063408fe59367f5929c5086bc2191a8fdd60a346052c0d109d57":"c4deca3eeea80352624c93523f35e0ae":"704aa36a82d02c56f4992469bb7e8a3f7dda1326068bf6017e4a0c810352b476aea129c1ba1d4974bc0d0503dcf816b89c0dc8e6d066774ce97cea65b5fb5c7b5a7f93e5e2c7126dd3b241b958e47d8150b422bb91c4afc47d53cfc2d20176c2ea0c85b376dc46a86bbaa53c584aa561f6662d11de4e39e50f1a095b8555137b":"30b8fa2e52577a7e5cdc12a7c619615b134ad4b41893ba9120651cd35c6f2d48ec6b8b9fa99366c4d60e643a8ccb2cbb3568f7647f4ad1a12d14deb8aac00dc4ef780133ee8df8f494675deb7f678fed54e70d6bf43476854eb0286a49cd322cc18daa238d4580ee665fbc759295a3e12567beff3e823811093cf0f02d00820b":104:"ff89ee52fa4eaeb748c8676490":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6bbb12361c95953a8d757bcbb92568eb":"c3fccc5693abe53a13e5209f80611fad1e81e7ce19a4612666d954b4b6d2062bee764181716d5fe0fe1de485bb739d6e8625d5b6cedcaaf6e4e5ec350bc2168c24d7764e75b0cf079d7ad1b5fc24dbed14c5ae4714734f424b3611de0f70a0a8d752fb143e1b7e51ebc965a06021de3718af30b067dde270d804fb5b87ffb29f":"48ca821e5e43fd58668380491d58cdfb":"e97280fd78eb8bd695227fc79420971081de8f24bc95d9a1794ed2bebf5b68d8b43ae8288eb5ce72db0740334ff9bc9b4e660418d3cff8c344e50c7962c367c26247806d0b5c2ae0420a724203dcf4fdefd6513f8263d995afa4780a9c4e92c25496106fec370d0450d907225190ecccfae634f11f8f74f6422a652b2b9af9e5":"61cfc5a6ab6847bf0127b35ce0712cbfa9cd28dfb3f0b4cac2624c52cf55f311e55e9abff2d4514c6feff801ea8739f874ded2efce4a440f2acd95eba6c75e09bcd91b898c98563a26b3df415658c4d04a6aaf547a90b03d1789bdf7ab8f09f6d9f222f567461380372a976240b7b180c3fa7b4507e53815af3f6b4a46973806":96:"f86d5374d1ad269cc3f36756":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1a0a9b2dd1ae31b3e47b6df979dd2fbf":"353786f96620ae7dfa7aee163c7bb30384bb324b516cad13872f48e7251f6f4c5906748bf2a2f6167bc14453b2b2f513804308ba92d69639beac2f25274bd5477744281b7ef7d0661b3672cd45abd5bd30d98deac4ad0a565308c0224dff59e3190c86df6a5c52055f8e0f73fa024f99162219837c999a9c0a12c806f01227af":"b39c8615fa062412fd9b6ac3a7e626f6":"dea75b17cd13dd33b5016de549c44fa9c88baf424ac80c4835e868acb58082ffc4255c655878a1c627a44160d5e5054a0a04f65fdfb542cd342be2aa2e000117bf8cd67b02f3a3700755508f9af8379c226aded404117a5ca3fa70968495eab287064ee584b4ce596612f2c465d997518c6995518e3bb881967ab6b99d7f62d7":"8430b8735f0b002e098d513eec7b3a8431a3fdac2b7faf256a7bcf08f3dcd6fa549f029240acae4dbd4ad54752ba358c14893aaa67a003261c252020d14b521906b23c37dd80af703c2964ce13773dd72fa56c389768c6efbd485953900b56f6bbaa837f1668f478677621a297d4b5a2c1a86f689d8644caec51435b0dd66c77":96:"f000f2d398df18534428f382":0 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4da736fba2b7202ea2ba60793da3344d":"4f004852edd5dcde13507252ed8c2b20a093ac9081ce2a8133c48d2807e5f968c04a20dd52c070d6c43c704b8650da7f94e5450e0d34cfc2b2d2ba7cb5343e6b4281633c6c065dae27fab18ca71bea018eba94d20e78c5e3223c70f50cb77399c1a89436f1e7213673ae825d4fc5523645031696df10f9b5238c03f733b4dfcf":"8572af442c9af9652a192d893c18b8c3":"429915c3309fba2a42b8e89f42a9376a2f329805a4d6daae11e9a20c2f982671ef8a7539a9657777d03cbf755ef93be0d8e426ed00899a59e8b963fd44269d64692ed07b231cde93e85397cf125a75032ca3726ea1ff1b05d79f2040c1135012b90597186c1db2e16cd128d45a7b9d934ec01341d9030e9721c62f62003059b8":"ff4e46c4236304b8d52ba2d6db269f95d2cd5fe4318ce930d407051469c7e36e44bbcc909c4966276f5a2ec70021982fecbeae34df235a3e9e0370afa5a269ca8847a84b8477f7ddd6055d0f800ff4d413f63db517c96d15dbe78655748edd820f2ee79df5eca31711870022f1f5394b84f05bfef97f99cbd6205f8e522b3d5e":96:"624b0b5b6374c5153835b8e5":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5bcc874114b9d78c3eb748a783d1448c":"7d57418bcea007247f5e18c17a2e4601c3eb8c89f61ed365d5aebee7593cdd63871d964a25fc9d723f291d39e0c4f75012471faf8e06db60c4ad8a26cf434bd82a29a8b653fdda1b86a7e4800c1d70cb5d8b8a1d1af52894082bb282ffdde8f0128a4abb68aedcfcb59160f6b5aaf452812f4d00472d2862a8b22480e71231b3":"5f4fde440faa9537d62e62994ab20fb5":"b5dfe0d971f2920ba4c029d4c346a49788b499faacdb18b8f905f1457a8b9fa48709893516a7b48bc601710bfd73c12da094c29df5776d491c9978f8ab237f605785b0304488f1c20bf5a767ba6d5e1e2961957aa107bdba2358b81ef1e06576db985b3ef8194725b75d49de1de3a57f161dede508e37ad3356134fa0a1aa48e":"6bc0dec98bece6c4e245fe978f6db113deca75e1b475bc31f1da0c7457a85ee7aac8be5f2121c0610b99a2c64519fc2514b643c379b4f53c5432b9729aea9fcecb88a2e2d0a6e74be04859a66f55fb2af1598bcb039108ef7fcfd99d94e79287ec1f62bd1bf5ff9dd51ab12fae4f6e21b95ca50032f9a65bd85f9a1aa0524950":64:"354fb8bcd38f2a26":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"427c89146eb7d76578dc173bd9e15cda":"1d39249130404d60ed40241cf3354458e06f1474b3723569d88235f03098053fc99010f39435620acc710a4e386b2ecbf9b327a8dcfbeddc084353fff029d24787ce81e74a5e1ac1ef096e0a2ae882a669ca168275806bb7f462e66c941fffc6ed44b9628450e03a5032676c1ee4aedfcb1767150d56c7d73a8a47f6d19854fa":"0092e76cd8882e5f77f4c8514491705d":"0ac4631358bb9375e07756692bde59d27012e921f054fdfea0ddb242c43421f4c7241cb210cb5c172d053de2763efd565f1138fbe7f9cd998d825ab800df900843474ebf857b3371c555b89670e86354fe430f715ebbd0ecad974fea34e3bbae43d3ca3ca178f3361f0a11fd75f60e9140f44364b02a073dcce8339fa28cb5ad":"2b385e9df4ed41cdca53a4ac8cb3e0af75eddd518b6727380712950d96c34bc6a0a6ac02184c1987548932b116ec9ae7abf01157a50e422b3e6aa62deb0cb2d81bf7fe0c25041a355ccaaeb049abb0393acfe90d869e9edfdfb646971bbb1ba9e5983cd0e2739158fab31be26cfdf9286d347b58b00f75d9f48ece1353308a91":64:"905cdf228a68bebb":0 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e09660909a9aa0a50958016c3e07895":"d7b2ceb182d4a8ed57572c4237ba99bbdd589093db0f71732f9e67559d3054fa1af195aa4864fde413549d27468ffe7c5c23e242cab4ae4bb9e2657422dc3fc78fbdcde892ed202be1e47f095b09cfc53cfe86cb16e2e95444492ad5d0eef053178d6b0485731be7a5193563bf56f63cc0687fc01679254d74e9ed788645004c":"c4f865be8b5062e488b1725749a87945":"26f50acdefde4d585fc6de6c6234c9ead40684349a2bfd022df93d9774c9f5b8f50474032a417bdcc21a74da72c0297437a0cef8f527c9205797f77b4227c272e08ad0b120a2a31ef13e372cad2387ccc1bcefc88dd58899821d68f3be6a4b2cd08697d1897efcd6ed3a0d7849f6cbb50e46800627cfd26964e2cfe9f36624d9":"321f6d79a6658c7c2b67fe3c932237593a6ec7e6fd8198abc6b0b6ba5d4dac9e0695f0c64dde1c94c0383839ee37f8bbfcc516f24871fd79a9b9135ceef841e4c8ddf6b57962c0e8ad7aaf210e97a43489097270756404fddde637de461b8644fef244142820e1af12b90f16748b0915a6b773dfbbdf6b16f1beaccb4cd5edba":64:"b294db7ed69912dc":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5e45d57981f65a6b170efa758cf4553d":"bc8d4c418442743f2fdbaf95b8f87b7c15a3176085e34addf4cf0fb3c2df15587526691b07e6407ba16999b72382635a2aebb62d05c1547a7d074c857a23107c7577864e7f7bcdb5b6d1fb50136391f89c42d3f02754b0e4ed0fcb0c03576b986af5c12cf9bf5e0c585d6aaf49d0c6fb2ec30eae97b2b850a35474bfb9a2c069":"b43403b627fe9e0135192d1a048c6faa":"7a27ea26c7607e4e7e627f3161bdf15f21f3d62dc33df14951971712f960d3b2082d75395c5008e5ea00d282d350f86dac8c61f5c0f90e7797a5b61ee96f7e332ec5de51cb1377e47c641f326d1e58817c8c95feb5b2923758e33b279191d0a9ffd09b7619b0318a70775e36abf5f7ab59422ff68914e7b478c448a7b141c4bf":"90d8a6218da063c38e0f06d548a3d5685fd3e0fbaf609c77bdd573bb9c63f30590eaf8b181a2feb81c8b3f5f34a94dc94b905036a6c69b97263302b8674d9e09325065588e97c0b5b33116981f1f362a7c5bb1e996c126c31fbd63791772f4d594632f408fdf011b3f2cc750b060452c181e8e09697c8662c00c8d4f29d875a7":32:"611abef7":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"00d4bf20509a61bc76430ffa5f013589":"036a191a388cf3c57c9e6f0e2f5c8bc3d5c25ee8e2fedfadb7b7433155c7e79304f0905ab2a17e1f04f2f2dacd4a41521d6ce213961df9dc9101d41df4e44246488fbedb75a01256fbc7784769eb8f99d44d5eabf93cf667ebae2437ccedc79efa58c075183d46a5c20bf4c81e0f9754ad35af65f7c8aafe7daa3460c6892b1a":"25b1026a009470a5ca8caeeb67200792":"fd75acfd5aa25fb8bccb53672e5d6a8080081506cf03df2bab0746a353510996e0237d6354ee0210a41f20f88ec6569f2b200b28c6a31464a0533a6bc45afef3ae381425a3606de2866dba694124d96da9d0a2b061b787524ee6e5d3b1ef5c4bcf168810aa177660b7e1379ac8a480ce43d73dfcc696873cea2df419f372651e":"cab80615b666c47fcabf0d9805842ab2805150abad4de0ae8b12306bed504d4a7f91f52379df65cb9587577e59dafcd4203d2ed2743d35472285e9522db0ce3dd027a01c79ac64caee29ef3752a077254b0dca269f6f206f6cc575e8fedb0ba525dcf6252fa6f7b688556933f1dee84b2ad36a266695ce8672229cedd82f20a1":32:"3287478c":0 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fe481476fce76efcfc78ed144b0756f1":"246e1f2babab8da98b17cc928bd49504d7d87ea2cc174f9ffb7dbafe5969ff824a0bcb52f35441d22f3edcd10fab0ec04c0bde5abd3624ca25cbb4541b5d62a3deb52c00b75d68aaf0504d51f95b8dcbebdd8433f4966c584ac7f8c19407ca927a79fa4ead2688c4a7baafb4c31ef83c05e8848ec2b4f657aab84c109c91c277":"1a2c18c6bf13b3b2785610c71ccd98ca":"b0ab3cb5256575774b8242b89badfbe0dfdfd04f5dd75a8e5f218b28d3f6bc085a013defa5f5b15dfb46132db58ed7a9ddb812d28ee2f962796ad988561a381c02d1cf37dca5fd33e081d61cc7b3ab0b477947524a4ca4cb48c36f48b302c440be6f5777518a60585a8a16cea510dbfc5580b0daac49a2b1242ff55e91a8eae8":"5587620bbb77f70afdf3cdb7ae390edd0473286d86d3f862ad70902d90ff1d315947c959f016257a8fe1f52cc22a54f21de8cb60b74808ac7b22ea7a15945371e18b77c9571aad631aa080c60c1e472019fa85625fc80ed32a51d05e397a8987c8fece197a566689d24d05361b6f3a75616c89db6123bf5902960b21a18bc03a":32:"bd4265a8":0 AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 128 bytes, ciphertext updates: 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":0 AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 128 bytes, ciphertext updates: 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":1 AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 128 bytes, ciphertext updates: 2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":2 AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 90 bytes, ciphertext updates: 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"20b5b6b854e187b058a84d57bc1538b6":"94c1935afc061cbf254b936f":"ca418e71dbf810038174eaa3719b3fcb80531c7110ad9192d105eeaafa15b819ac005668752b344ed1b22faf77048baf03dbddb3b47d6b00e95c4f005e0cc9b7627ccafd3f21b3312aa8d91d3fa0893fe5bff7d44ca46f23afe0":"b37286ebaf4a54e0ffc2a1deafc9f6db":0 AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 90 bytes, ciphertext updates: 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"20b5b6b854e187b058a84d57bc1538b6":"94c1935afc061cbf254b936f":"ca418e71dbf810038174eaa3719b3fcb80531c7110ad9192d105eeaafa15b819ac005668752b344ed1b22faf77048baf03dbddb3b47d6b00e95c4f005e0cc9b7627ccafd3f21b3312aa8d91d3fa0893fe5bff7d44ca46f23afe0":"b37286ebaf4a54e0ffc2a1deafc9f6db":1 AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 90 bytes, ciphertext updates: 2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"20b5b6b854e187b058a84d57bc1538b6":"94c1935afc061cbf254b936f":"ca418e71dbf810038174eaa3719b3fcb80531c7110ad9192d105eeaafa15b819ac005668752b344ed1b22faf77048baf03dbddb3b47d6b00e95c4f005e0cc9b7627ccafd3f21b3312aa8d91d3fa0893fe5bff7d44ca46f23afe0":"b37286ebaf4a54e0ffc2a1deafc9f6db":2 AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 128 bytes, AD updates: 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":0 AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 128 bytes, AD updates: 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":1 AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 128 bytes, AD updates: 2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":2 AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 51 bytes, AD updates: 0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"594157ec4693202b030f33798b07176d":"49b12054082660803a1df3df":"3feef98a976a1bd634f364ac428bb59cd51fb159ec1789946918dbd50ea6c9d594a3a31a5269b0da6936c29d063a5fa2cc8a1c":"c1b7a46a335f23d65b8db4008a49796906e225474f4fe7d39e55bf2efd97fd82d4167de082ae30fa01e465a601235d8d68bc69":"ba92d3661ce8b04687e8788d55417dc2":0 AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 51 bytes, AD updates: 1 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"594157ec4693202b030f33798b07176d":"49b12054082660803a1df3df":"3feef98a976a1bd634f364ac428bb59cd51fb159ec1789946918dbd50ea6c9d594a3a31a5269b0da6936c29d063a5fa2cc8a1c":"c1b7a46a335f23d65b8db4008a49796906e225474f4fe7d39e55bf2efd97fd82d4167de082ae30fa01e465a601235d8d68bc69":"ba92d3661ce8b04687e8788d55417dc2":1 AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 51 bytes, AD updates: 2 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"594157ec4693202b030f33798b07176d":"49b12054082660803a1df3df":"3feef98a976a1bd634f364ac428bb59cd51fb159ec1789946918dbd50ea6c9d594a3a31a5269b0da6936c29d063a5fa2cc8a1c":"c1b7a46a335f23d65b8db4008a49796906e225474f4fe7d39e55bf2efd97fd82d4167de082ae30fa01e465a601235d8d68bc69":"ba92d3661ce8b04687e8788d55417dc2":2 AES-GCM NIST - empty AD, empty plaintext -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_encrypt_and_verify_no_ad_no_cipher:MBEDTLS_CIPHER_ID_AES:"11754cd72aec309bf52f7687212e8957":"3c819d9a9bed087615030b65":"250327c674aaf477aef2675748cf6971" AES-GCM Bad IV (AES-128,128,0,0,32) #0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_ENCRYPT:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT AES-GCM, output buffer too small, NIST Validation (AES-128,128,1024,0,128) #0 -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_update_output_buffer_too_small:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_ENCRYPT:"ce0f8cfe9d64c4f4c045d11b97c2d918":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"ad4c3627a494fc628316dc03faf81db8" AES-GCM Selftest -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_selftest: diff --git a/tests/suites/test_suite_gcm.aes192_de.data b/tests/suites/test_suite_gcm.aes192_de.data index 5cf4e3b9d..90f665ff1 100644 --- a/tests/suites/test_suite_gcm.aes192_de.data +++ b/tests/suites/test_suite_gcm.aes192_de.data @@ -1,679 +1,679 @@ AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"":"4f801c772395c4519ec830980c8ca5a4":"":128:"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"":"335ca01a07081fea4e605eb5f23a778e":"":128:"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"":"d9172c3344d37ff93d2dcb2170ea5d01":"":128:"017fef05260a496654896d4703db3888":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"":"f47e915163fa3df7f6c15b9d69f53907":"":120:"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"":"a35b397b34a14a8e24d05a37be4d1822":"":120:"e045ecba220d22c80826b77a21b013":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"":"169a449ccb3eb29805b15304d603b132":"":120:"3a807251f3d6242849a69972b14f6d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"":"538641f7d1cc5c68715971cee607da73":"":112:"07d68fffe417adc3397706d73b95":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"":"0d8eb78032d83c676820b2ef5ccc2cc8":"":112:"7da181563b26c7aefeb29e71cc69":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"":"646a91d83ae72b9b9e9fce64135cbf73":"":112:"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"":"55e10d5e9b438b02505d30f211b16fea":"":104:"95c0a4ea9e80f91a4acce500f7":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"":"e25ef162a4295d7d24de75a673172346":"":104:"89ea4d1f34edb716b322ea7f6f":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"":"08ea464baac54469b0498419d83820e6":"":104:"ab064a8d380fe2cda38e61f9e1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"":"766996fb67ace9e6a22d7f802455d4ef":"":96:"9a641be173dc3557ea015372":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"":"75cdb8b83017f3dc5ac8733016ab47c7":"":96:"81e3a5580234d8e0b2204bc3":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"":"cfbefe265583ab3a2285e8080141ba48":"":96:"355a43bcebbe7f72b6cd27ea":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":64:"34b8e037084b3f2d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"":"118d0283294d4084127cce4b0cd5b5fa":"":64:"507a361d8ac59882":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"":"b78d518b6c41a9e031a00b10fb178327":"":64:"f401d546c8b739ff":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"":"14eb280288740d464e3b8f296c642daa":"":32:"39e64d7a":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"":"f54bf4aac8fb631c8b6ff5e96465fae6":"":32:"1ec1c1a1":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"":"75532d15e582e6c477b411e727d4171e":"":32:"76a0e017":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":128:"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":128:"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":128:"d22407fd3ae1921d1b380461d2e60210":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":120:"fcbb932ddb0128df78a71971c52838":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":120:"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":120:"fd78b9956e4e4522605db410f97e84":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":112:"b11f5c0e8cb6fea1a170c9342437":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":112:"6cdf60e62c91a6a944fa80da1854":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cc9922299b47725952f06272168b728218d2443028d81597":"":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":112:"dd515e5a8b41ecc441443a749b31":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":104:"f33e8f42b58f45a0456f83a13e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":104:"380128ad7f35be87a17c9590fa":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":104:"e9e5beea7d39c9250347a2a33d":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":96:"24483a57c20826a709b7d10a":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":96:"23012503febbf26dc2d872dc":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":96:"e8e80bf6e5c4a55e7964f455":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":64:"74264163131d16ac":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":64:"8f4877806daff10e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":64:"4eff7227b42f9a7d":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":32:"ff355f10":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":32:"cb4d8c1d":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":32:"4a28ec97":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"eb16ed8de81efde2915a901f557fba95":"":128:"804056dca9f102c4a13a930c81d77eca":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":128:"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"70835abab9f945c84ef4e97cdcf2a694":"":128:"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"7f770140df5b8678bc9c4b962b8c9034":"":120:"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"151fd3ba32f5bde72adce6291bcf63ea":"":120:"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"743699d3759781e82a3d21c7cd7991c8":"":120:"1da347f9b6341049e63140395ad445":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"85b241d516b94759c9ef975f557bccea":"":112:"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"9769f71c76b5b6c60462a845d2c123ad":"":112:"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"4b12c6701534098e23e1b4659f684d6f":"":112:"729b31c65d8699c93d741caac8e3":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":104:"fe1e427bcb15ce026413a0da87":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"927ce8a596ed28c85d9cb8e688a829e6":"":104:"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"508c55f1726896f5b9f0a7024fe2fad0":"":104:"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"b2a7c0d52fc60bacc3d1a94f33087095":"":96:"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"1bd17f04d1dc2e447b41665952ad9031":"":96:"01b0a815dc6da3e32851e1fb":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"5ea9198b860679759357befdbb106b62":"":96:"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7474d9b07739001b25baf6867254994e06e54c578508232f":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"3ade6c92fe2dc575c136e3fbbba5c484":"":64:"67c25240b8e39b63":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"41b37c04ab8a80f5a8d9d82a3a444772":"":64:"4ee54d280829e6ef":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"9af53cf6891a749ab286f5c34238088a":"":64:"6f6f344dd43b0d20":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"623df5a0922d1e8c883debb2e0e5e0b1":"":32:"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"9265abe966cb83838d7fd9302938f49d":"":32:"6f6c38bc":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"9b3781165e7ff113ecd1d83d1df2366d":"":32:"62f32d4e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":128:"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":128:"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":128:"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":120:"0943abb85adee47741540900cc833f":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":120:"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":120:"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":112:"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":112:"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":112:"4da85b8ec861dd8be54787bb83f1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":104:"8781b045a509c4239b9f44624e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":104:"2ad4520ddc3b907414d934cc1d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4382507dddccf1385fc831da8924147563416d0656e168ec":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":104:"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":96:"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":96:"b124eea927e2a62a875494a1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":96:"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":64:"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":64:"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":64:"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":32:"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":32:"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":32:"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"":"f1a23ce6e2bc9088a62c887abecd30ae":"":128:"d4d5c22f993c8c610145fcbe4e021687":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"":"ef221a1c66fda17906190b7c99ab60b8":"":128:"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"":"7c29b3196d44df78fa514a1967fcd3a6":"":128:"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"":"783f9a3c36b6d0c9fd57c15105316535":"":120:"23e21a803cac5237777014686564f2":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"":"2acc2073089a34d4651eee39a262e8ae":"":120:"7ac742c859a02a543b50464c66dcf5":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"":"c937615675738f4b3227c799833d1e61":"":120:"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"":"1f939226feab012dabfc2193637d15b1":"":112:"eed5fcb7607c038b354746d91c5b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"":"e2076e1050070d468659885ea77e88d0":"":112:"b4586bdbd4b6b899648f2333eee0":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"":"2d07bb8616fc0bbb71755a1bd256e7fb":"":112:"6b60d645220cfde42d88296ac193":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"":"6c31194df99d08881fa5b1dd33b45a92":"":104:"69431593c376c9f8052bf10747":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"":"73599275f8237f14c4a52b283c07275d":"":104:"6f7249d25c9f273434c4720275":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"":"d0871bfc3693245be478e6a257c79efb":"":104:"5a99d59631d0e12f58b7b95ccd":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"":"c72bb300b624c27cded863eba56e7587":"":96:"ea2528e7439be2ed0a0d6b2a":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"":"28899601fa95f532b030f11bbeb87011":"":96:"35625638589bb7f6ccdb0222":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"":"375d4134e8649367f4db9bdb07aa8594":"":96:"70610bf329683e15ecf8c79f":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"":"9f502fb5ac90ff5f5616dd1fa837387d":"":64:"a4b5138122e1209d":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"":"2ee96384dd29f8a4c4a6102549a026ab":"":64:"3b33a10189338c3b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"":"8d97f354564d8185b57f7727626850a0":"":64:"813d2f98a760130c":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"":"daf13501a47ee73c0197d8b774eec399":"":32:"a6d108c0":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":32:"a47cdadd":"":"":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"":"817199254a912880405c9729d75ed391":"":32:"d81d9b41":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":128:"dd153cfd7aa946280660c445f586fa28":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":128:"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":128:"2c84bf7a8947ab93b10ae408243b4993":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":120:"e8aac14b53cdbc2028d330fc8d92a7":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":120:"dc034564d4be7de243ff059b5f9160":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":120:"942b52277e9dc0a30d737d00f5e597":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":112:"87737873b82586bb29b406946cae":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":112:"06f95ca69c222a8985887925b15e":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":112:"c68842cafc50070799f7c8acd62a":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":104:"ec9a79a88a164e1a6253d8312e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":104:"9779b7c3ece6c23d5813e243ec":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":104:"ca82448429106009094c21d70b":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":96:"9d1603799e2485a03e7b05a0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":96:"05ee6ce13711535864674a5b":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":96:"0c9c17388d0610f99d0a093f":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":64:"1c3bd1e0d4918e36":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":64:"dab612351f75e2cb":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":64:"f1d743b7e1b73af5":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":32:"4dc74971":"":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":32:"fb845ab7":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":32:"c840d994":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"cff291d2364fc06a3a89e867b0e67e56":"":128:"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"1c8f41424acaf009996ceaa815b24ad4":"":128:"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"a950ab0dd84115e3829ab0ad3bbb1193":"":128:"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"3a2acf69bba19f5d1d1947af2cfda781":"":120:"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"3cd95429c6de1d327b9eb3c45424a87c":"":120:"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"bd505fcba464e6e2c58fdf29f5695fb9":"":120:"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"776248381941e16908f52d19207881f5":"":112:"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"603977845d82faccb401817ecce6e2fe":"":112:"c955a3bc316841be07e406d289c8":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"4cd56de54e5140a587be7dfd02d3a39e":"":112:"1a29527a41330259f918d99d7509":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"afe986ead799727063958e2ce13ca846f76c51605439f839":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"f85a95ed10b69623162ab68d1098de94":"":104:"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"537a4ee307af3072e745570aaaadce34":"":104:"df01cffbd3978850e07328e6b8":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"5124b410c43d875eca6ce298c45994a7":"":104:"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"ff10234524433b871202c2cca6acb194":"":96:"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"49da91e926091a448d57d521cc90f3c0":"":96:"99198f55f9fa763651bba58e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"b5efb9feae3de41b5ce9aa75583b8d21":"":96:"9604d031fa43dcd0853e641c":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"aef257dd44d14d0bc75f9311ef24e85a":"":64:"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c15c9c0b0b70c7321df044bfde2b15fb":"":64:"c5c9851a6bf686d0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"0bd64d222532dae8ab63dc299355bf2a":"":64:"3477cad1fd4098b2":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"37e3a300542d9caf3975c6429cb8a2e8":"":32:"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"6cba4efc8d4840aa044a92d03d6b4d69":"":32:"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"4f4636d1b283bfa72c82809eb4f12519":"":32:"16c80a62":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"87b5372571fb244648053c99405999130f87a7c178052297":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":128:"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":128:"010195091d4e1684029e58439039d91e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":128:"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":120:"28a43253d8b37795433140641e9ffd":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":120:"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":120:"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":112:"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":112:"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":112:"3269922affb9d767f5abe041cc8e":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":104:"22c2efeddfd5d9cb528861c4eb":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":104:"673afea592b2ce16bd058469f1":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":104:"079e8db9c3e6eddb0335b1cf64":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":96:"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":96:"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":96:"974bd0c4a8cac1563a0e0ce0":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":64:"84f1efd34ff84e83":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":64:"15d456da7645abf2":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":64:"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":32:"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":32:"613ba486":"FAIL":"":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":32:"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":0 AES-GCM Bad IV (AES-192,128,0,0,32) #0 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT AES-GCM Selftest -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_selftest: diff --git a/tests/suites/test_suite_gcm.aes192_en.data b/tests/suites/test_suite_gcm.aes192_en.data index a3ebd1fd8..87bb6119e 100644 --- a/tests/suites/test_suite_gcm.aes192_en.data +++ b/tests/suites/test_suite_gcm.aes192_en.data @@ -1,679 +1,679 @@ AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f8022b8988383d5cfd7d9e0e208146e7868d3d714fe85744":"":"5fccd8cb551cfc9c20998da4cb981d49":"":"":128:"1b5c6c9a28f5edfa4cf99176b0f14077":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a7d4456b8e16b82283b677bd8c4b1f56dc7f153b5cfa746f":"":"081de4a3f71f5d6fdf7801ff6c667f7d":"":"":128:"90c2729c5ba04f8f5c73726c910640aa":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5779b60b536b096c9348cd8dafb3451280791e319b7198c2":"":"62f8e195bc79957ca8ce99a88ded1a02":"":"":128:"699d71bb63c668b533c357662f861513":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"966cfb078f695c8ad84ede2fb96fb89488fa271dd3b50346":"":"4a7b709d45745d94c5433b01fc9d57fb":"":"":120:"4a9bd213420629a5f6e471650060e0":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cc69ed684af2c2bd2b3e2d2f9faf98acf8071a686c31e8e3":"":"0bd4197e5ab294ab7ab1e6ec75db2ac0":"":"":120:"6632b618b4cab963dd671fd53d2075":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"99deafc5ec6155043b53a86d466c2b652d59b7274bb844ef":"":"09d18e85e5ed38f51e04a724faf33a0e":"":"":120:"90bfade2f07f38b2192e24689b61cb":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5c0c706a1fd48005e0fd0ed91b4d9f0028c500dccb28ca73":"":"595716e15498454577d3581e94f5c77e":"":"":112:"8b10eacb1f127f4c58cbb8c3516c":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ae8e125507ea16d5282fe8bac42d3cb4908b717f345e6a38":"":"0a7f64edb8cd8052fcd5b92e20c0bc2d":"":"":112:"467a2c0ba1d24c414f758200b8a4":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02176a5a5d8cb8f5ccee3f66a22181765ce730751c135198":"":"c19ed1f52f5ebbcf89ab1907b9ebc7f7":"":"":112:"6525beb5856d6f29105777e31457":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4434d6bce3a33551733d7afe8cd477a79be8eeac19bc0a05":"":"b0eafdf326886eaacb750dcf2c104abe":"":"":104:"ab9f7923a3b9228cb9ecd7f907":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"39994c2520a6196cc3f3e8c6e4833286ce37399e0379563b":"":"dbf9c40266d95191d70739e932cd8572":"":"":104:"b29acaf5addd6b379315535375":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1f27d054114a264b37ee1821a077773750cc79d28594f506":"":"6739d43092620f44b57e65035ce14565":"":"":104:"25e0434a3660704eee4bb82962":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0e97d15f4992a6354e43944fd346da65ac1f0f1229189442":"":"32a64e826b500d7e85f4c42a784f7c19":"":"":96:"da8f3e0a6f156ec260aa34fd":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"27504fc47a9e9a85eaded3782cb5b088359ea1c0abbf2730":"":"c55c8dc3d6d2970c81659f2f87bf849d":"":"":96:"113e637538de291e2463abcf":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d5fc67f73de736768e5c64c37459c5eec3d27f7e337c346c":"":"2691432d3935d4ea8cb8f7c17bef3558":"":"":96:"c0af76d6f62430106ca54928":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f28292ee2c54119511a67db0d2317433abaeccabfdd5d1f1":"":"cf9331a1bb3851b2fc3aeed2d1a33eb8":"":"":64:"8e14b869a95eb12e":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2042f9244079736291ba7fe1f030cba99672a97ce361dc14":"":"aadfa619bafb21b5c738b65d632bb8b2":"":"":64:"ad6f52f25aea1c55":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d9b4eb00ac03fabb5304ac38414f7782cb0186436a4b9036":"":"809939260117b759d8dac1a69c27c12a":"":"":64:"1f7d0b3104aae50b":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b5128f4cf91d53b3a50e9b76b0b27da33cbd4b9349d89413":"":"644909f5fbcd61d850e43fbef1fb454f":"":"":32:"2ddbf709":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3ac7ab2ade7a8e397d66be6dc7671f19cd39ad65490f1712":"":"d152359d765f41dd9cabf5c8f37cfd8a":"":"":32:"a6e4e30d":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f9c2de7e3c74b7e318413a32892d4fd070de9882158bbc82":"":"63410c83fa363a63fa78303b9994b6c6":"":"":32:"49c514ac":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"66ebdc2332276784a69b6bb137161210bac9f1d6a36d6a4c":"":"647f41b60c6a579086ba8854d043495c":"da26eebd04c27bbe7fa7b54b87d3b7227f056dd9c085fabfcb59ec665a257c6de68fd2c1c51aad5e6188e02a56f70aac49ba489802247ca327de57ea3cfa87e72cae7dd82b50341a2133b03cd0027216fcd94cf43ec8a48e1c04145b597924b37f7977db3ff23b8edc913357037d0fe02afe2bba6b91e27554edbfb77f51cc41":"":128:"420b320c2d616a0b11a7605a84f88e26":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"26b04d8427582b04318fefebac2a2298ec3ce61146f39a35":"":"99f3449c8538414e7ab595b92a7e6e10":"edfc2aa8ed91cfc0e117fc9e2d1bfe843c7cf365a2b6cabd4259686cd7aede9c7453623967a30ffbd52b30fc205208bb346ffc70584478f5f39a79d4971ed71cc3dd0200a89aef6aecda0a1f3a4bf2929b7b9e141be0ddd3671f727e5e793ef085f52ecb77a266b9a02a2c700b63d8c43da0b569510285e98b530abcdbf7739d":"":128:"091cfc38b248460eafb181ab58634a39":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"82c8197e6641d0832639e2b1d7691fbac79618b2f5db45bf":"":"69e1a3e5eed54bedc941646e3ad25a6c":"d0fcb4f4d764efc0fb52c8108e61b67a1386f1a13c1761941cc9a28c6ad15e78474cd2a65ae9475d70d9c845f14bf4d2bd2bc46c29e507a347391829e0f24495b026f681c387b3e6aec8acfa5ecaf4c3cfe796c22469478ee6744cf04a22e6aec82489f53109551f58cc6602933d1780b8b45b933f76a94ef652a8ce8bac2cc6":"":128:"8e74343ae8cf1cdda4969c1a94aab5cc":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1a349ba960b2c8f49b7e5314911ba8de358f2e74ceddf126":"":"f5998a62ec507c5fe5b280f9c57ac626":"78445eceecf2e6d2ecf2589fd24e854bed3aecc63aef934aec9aea93dca95d58629002a4ba91e9bf6d12e13f0a844977b3c2700645281db5de381adbccd34a84346a99f34889bd46c75b1956e21aa9f87684af55d7fd0de6da07e856d9b791c0a45e9e37881092f6040a9ae9d87757142d3c9c7fc6f25db0e5b5d377865ec4da":"":120:"4d7eab0a3719fa53e552b9e5a85bdd":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"019af03d23342f7916e329b6843161e566aa859402cb07ff":"":"c5fd96765fcf6d51e23ac6d206744af0":"f9808af3403051a52b6652df03b6b37d90a471bc242c436cab6ba699139eaad16847665093798731b9969709287199233c5e77351c5e42b15453b4171237a6d16aee63773c8c0d736b3a8bf38ccf922e561c456682fbc2c7161da3b89526d9de222351bbd04ecd4e8680f26d70fe57d577ea287b199be1bbb8b76328ddee3d33":"":120:"fd36fafe4f5571fafb6ece59b77381":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fab39ad2946b2a343d76b1ccc1939cce7ae3cd7b6ea187bc":"":"247bc71446489dd3495c4dee8a071c76":"cb2c06fa5aa54ad079741afc56dbed79061a02045b6c099d0ae2d7883b78c5fe09636cc8a5dbba0c0c76ebfdb81217526afbbe04fa4b2b78f3357025930b0f9488369bf3aa088a2107bfb6c4ba714f1c26d0380d647ada5852d2c539300a4779295412b202c3cb977a7b94c24c4dd2a891a2035f388257b84e5b31bdc895f062":"":120:"65e1aad214f49881a067d8b372ab6d":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"57b52697f72ae2df6354410a69dc3c5f28b31e6617bd78c1":"":"0d96720526491d196eca66457e3c9e71":"cbdfdb3cc73aed4297ff9aba76dd8ca4d8efe11b0f521fd7170f07461c7885252874b2ff8fd05a3943ecdc824ffcef0396980ebbddc0a53c6c99086c14fc806d90d35347d45e556e9a55ecc3a9fd74c8e5dbd19ed8b452eaeb673818ddc0695f56ddf3b139a3df378fcfe5b6ccfa358f5a5bcd1550f1d9d5f325f15f9dcd007f":"":112:"f0c49960e60fb63edbb50bfebd98":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7bf69ed06271107e11fdf016edc4aafb0e2d2ac05bdbc46f":"":"50e65aa338cfe856c80cbe1331b46abd":"a7cab4e1e56f4b9fccca08d3791560e4b6c7ceb40a10adec0536861c5c46fc3fd06c0a8eb32c9f18c40463b0f06cd0053e615dfd7caeb2b353b08ad6da1f8a23ebddf16524d2eaed70d4d7e565412dcc9598df7e107beb464b103cd8de9301cafe8b0420f0c156025d72b73d6e015ed2312535d35899aed73aa54374674d7f02":"":112:"d7fb9d78fede77981948eb013ea1":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"caa781bbed41d7a1c56d47673f74d4310a3bf8b1275031d6":"":"7795dc04261d9433367f51c3b87bf18d":"f44d77bd541e02a737c693ff3ea0adc091fff1966a593524e68954a2d7d66a48199366a5a600331cf392965b5ebedbf949203975fa9db53b72586615975e8a7b84e0633c6cf69caf482dd72b26b0a5687ec71667e7f6e5abea89c3d69d2dc42a242ef959e4039ba5b2d22a3e48424a431a77e816604769d13b7f892e2b33fcd2":"":112:"386930ced9a46097c0d1f6e65c62":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1b268de4ff644cfa4361f8014656d5d4decbcf9cede8605c":"":"4009bb00afad026cbad117c6047f4ed8":"140c5a93293598fab85b3948b53e0ba15438a0b948e91041a13104f0ad263c8a10613e20e87ef261999a54d469ba6f1abe56ec3979623df8520a0476801987c15410ec24f5a9be72acfca71e8c5904e2ea5f8b22b8cf404b9fd533aa37e33b3d4cf91599cbb3b85ecda4aebaa27ac0365df8312c399ba1767c47fe0923f2c53e":"":104:"af36bcee7561cd7d0861085d55":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c2843bd689ccbba60ce961b7dd50619a59234dad97567e39":"":"55a68cbaa5755d8c67bf26f03c5863c6":"d7980ab86ceb9b66ab265b68e078deddf7ba084b8967c3227839e8f31cdcfbbffa004953f3582ea9274dcf46e3ad7e7744a576dec37e0cb36fced2b2c2fcf4328f506302f5741e696ce25c49492e33c6a0c8aed5af03cdc1a266352623c6a52a555ce906f684bfd597b5e37f60b5175a981088b9d8b8b5493e4fc1bfeca64f95":"":104:"66cccb7d28d3fa70bce2900a84":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f451c5edf9849a390486dfecad437cb809c33d31f6898ba0":"":"9e2dd52c04651ceea88caf4adfb2e8ee":"87b804d4a81dc203d67a92b4fdeab959c2056dcedb28d29f216f9172817bcfb3d2256bc1c8aac23feb22b71f1fd02ea28cdf91785931750ba4865d672345b5001b1aade4f6acc7edb03758d2540e6472aff50ab3ea61a0b9ff37ff7a87b91013b14867c3e43cb097a923e6d8ddb1f52e4bd940b60d500a4e35bfa91935065f26":"":104:"e192a49f5f2b22fa39dcfa54c8":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bd02ff8cb540ba572af3431597bdf3f23e61665f96a19b4f":"":"7198af3f594a4f0597f45fb592edef50":"ef06de48bd34f362fdb425c6e35e37d0dfa1ea874df7d201b6a1c25b736c96e3cc8ed0915807fb7ed759482ca701d28c08cbf955be244bf887df37394d1ca4d2e7eace0dc61c807b714f3161f9d7f554c9f87ad674849c136108cfd8f777997656489d3e993aad4a51b68616083876832b3085a5f8f154b83ea44702c70f2980":"":96:"43298281cd27a36e5cbac4b9":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9ecab4a4a9dda43477c993d6388387443c66ac253071c504":"":"9523b2722b927dc3afcc5f7dab2bf033":"fb84e38a84225c8ebb307df88325d020a5853bb05ac7a75ee38552c40c302d263181081b05918775cf9cd6905b9982b2ae9ef7993f28fd8714e878c9a4a8101c08e9f13581dcf4f16dabfcb9d3c471c0056805f51e67e9b75572639c3d6ce62d2f8abd64e1e66ffb292360c20155e4d528374a5a22d845340d6f1ac68d33040e":"":96:"696bb674e43cdc7d69346555":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"733df8c42cc2e70ac195615d4911ffbecbe2712230c5c292":"":"f76135eab5d42e82aedff3090a1ba606":"0c8aea747cacf2f0fdfaf368cf32b12dc49f5da9a29bee380d2d64035b73efb56fef13aa20c0b612d9615cefb94f26978fa0b371a47dd20051a1605b9f5e133b52dc514577c53319c9e2bd4ac7cdf37d56a9e715e27860a09d86cc21d0b9f0f302f6acf06f2ff00cc6c878dacb8bde51082f701314de7efd36a246f80f8a8fb6":"":96:"82e6d0c076c7d8ac0839fe18":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ba33c24c41bf9836607b6dd05e66a3d16298c897dd1d70ae":"":"4b30423df6de76dd684274afbea089d8":"71f5f6ee7bbd774fa691a3d7e0f694a6c8dfe8aaf9cd720e163ef6d5cd949c798f9e9c993adb6d64e7220aa0f17331bfa9a43b659be101726a80e5529e827c3e4b05cfb4d78db9952e58eebe64dfbc0d1baf20e7e48902215277a49ee953108526a70ee150eda85e6a0e49955f8c6323766ae10e13ecfdbe4815f4bb4ba43786":"":64:"73e80018235ded70":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1711553980e3fc5c14c98611ddbdf426463f82c66df83a70":"":"3396bd96b83ba611ed22e12e8a5ec911":"9506f34c90611acd6ecea385a782a5739f88b4fd13b77570c4d7e0617283e7b21568e32c42ada1cf6aca1a2e2ba184d4101306ff21c9d03e0ffda4854773c26a88a5173d52960286c18753df17361bb7046d2884ee600f58775304f49cf4e782ac70cb00b3d9c345cfcb38e3880743034640bbcae83112543cd1622ebaedb221":"":64:"5d51a0868a2161a5":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5d69dbec7ebe80f2b5b8f61fdff1f4413f5f6624010fb795":"":"a2eb3ba50dd93fa375cf682db7b2bc7b":"a0f9c0de86b54d3c176ece3305463237e1f70be3c52e2ab1c773a9d27d6fc5dadf61ce7a3d10dba8730d12c306fca8952403983bf242fc1b6efaaa153ca446a07d16a70af4cb1aa4d4c0c93d646dc3a5630f5a610aa9e6eeb873f9a06d3234642bc86b03c596235ec03019e762458abe17d37409a18ca5b7e0e0088391dd3acb":"":64:"1a827855ee98d679":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7aa732879f290aa442217212156920c69457b8ec41eab153":"":"cb593221c59846dc82fc0d0cd04af3f0":"15d7ebf94985c34b72b6675d7346f0b05bdb8fd3a278555939d2999028e4179e69352d398a5dd0e5b370bdd9cbd24d576b89709c98b6142f71f5b1ba224222afb67599fc58fe043d1a91d7ea95b56dbd086db8e3a061b1bfc6e82dc9ac728174fd3669d65db62a06380a5f72c3d091b7a1b6998041d5501e9fba8bf91a7d278c":"":32:"55b86d22":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"961a3e78f6a75944455f9d9d0345e08f4669972f3d5c202c":"":"ce43a19ac648e62ddc49d243fb34e29f":"393736558133078a0367b8248bc18c8352f92a9212e90318a5b63ad3c422ccda7c181c565629acf4fc73b2de85bc9cf38310fe703a877b3e7d3b2d416aeb962f1027077232cfa39c5e5284a1b323264175546ddfb250ce693e2dc78a0479bd89a7ab44b63e504866d2ec6b5153cfd51f29a91cd4fa2b8e09878747ae53981875":"":32:"ac701373":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c4d492904becde4e46c2557ac833265c715bb57f18cd040d":"":"df41b22b92d43a96a7504514b92e644f":"c4dd46ce3e486d89903482de247c1e7df05809a247302db3ca8457b93d6886c0a3d1be40a90f6502ec58d0ddd715896cee37322d48ec3f0c3ad716f1bb679afdcc0e4c79e5e2e346702d349ec7b391ef7eafde618bbadce5d14d22123de611c065780a4d05e928e87d12b749888d6004224c3e457aca0190bf1a7fba2453680b":"":32:"7a259bda":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"316660f013ced78a16701b35479ffb1f7c8c4e964c1b52b8":"d262c15d08aea46f614c7f8f6a54631289e54ca97d698777388e137f431bb783601e7999e7af98775d7b87ce061d9ba56570ed8c58b6bbac5f12f751fc376ab0f14b36b40b2b5533727be3bbc9a51183405d5fd0121201ff592817d06613b504a3440b0e1a57e9ed1771766a9a5b789054f7032d20b23c5c37d77f293c677fd8":"919ceb172d2cb460bdb3b3e58debe889":"":"5f5128f7f948f0cc9fb248a24b07c54247e40080a992acddb2615d90ef9328a17bd5e9a698b00103855738aea55c4944cde4a9148bfa8db12233231861c455e52c9889119ca402eabc8f41b27000156dd29b901024336cb2b7088eb5fd534ba58f23caf140a8b2549486074e4edbfc262ed9c7c7ccaae24be8de873ad43cd13e":128:"ae22ec4c19e7616a5b877f168febd202":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1bdb707c328304809bf0608874c9db373df3c7104a5a7049":"ca243caa145124997f5e2e6bb25d021a38d58d0ab1bbf06d086c2416c08e3512aa887cc215fdb34d0f2d78f6a45885767f15fc00b68a4df1130587de777efb9cfd59cafa077477e97edabf2bf04c9a6ce029c230385ca5f9928bca7fe5503b18774849199d2a39a378a2d3144aef4416c1718319ff1bed8021dd77a07f61eaa6":"b7e7fc0d5adaed1632c5f7d1f56458f1":"":"91c7954bdd6a49360fdce11c1bc710512bf5a57bcef241fb63e5ceabcdc9699d0c0ddb025c75195ec25e631507f13e18799e6be9798e5639ad8401f6244c5b0ace3905ae0de08e2d0fcd19d193de83943fe449af4b503a454c248e677d2f51100fd9b8b7e5388d5091089369a7c2ff38bd353e9757ef873a87f15f30232bafb4":128:"72337bdb2bfdd1f1ebe0dba6f9b7b649":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a6dd0d7e9d6ad1ad7c7394d53e9e081c436d34c8158bbc95":"2d95d64ed3be857a5c79c7af20aee00f142557e10d780383fef2d45f16c7e2823ffee495b220c87971610e5650f7c3e8d296b3f03fc883c00351df48d97717427101aa0c08a23c408b24511621b640c210b316cf17e3dfd714f0c9aa9ddd974692d1c2ae27b9bb0fbb428e7a9da3b3cf9bd869e730ccaa3aa4bd08f01f84039a":"60b4b9c77d01232c5d3d4af81becb0dc":"":"4494460ee73d3513814e1f779bfe3a229b49348d7641e9ed4dd959b582960097ef08b91292bb9db87b4e728d01b92683f4cdc81151a69bed2096bf6fb2e45d0148404420ea16b631b421e6f4c6665fe33c2d11e7b22b6aa82b610b83214ae4d17e681972e3a1f77306d3c54d96c47d8be1fb2c8cae8300ac9db99013f25a65a1":128:"d40a246c18518ea9f8d733b42181123c":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e9ed78cb5c10df05ad00c6f1fb35b4d28e6ddfcc16456807":"e465e57cbac0dcd1e8ccda22042abecd9d89c4ac91b0e82a41fd51107a792099e63f7cf23a889d8c04edae2c2b3a9e51dbee6c3b71ace3de08ab354a295888bb99ae0fe428dd69bc013d49a70511ef60524282347787a542fe9501b6452b5faad2f129a9795c2c4cc0881ec4af8f0e0d2d4a7a628cb051055fe831b51e250608":"3a8ad989c621ae1e82b8d255a3c95028":"":"6855e4702f1ea593bfe30ee65b3fab832778d6b11a0ad902dd37361b8d85ab76d1f2ccf7927d695eb3129286c26737b9573e26bf64b31de26f97525f84345f73bda2888a1f53c9b405ad627bbe5dea123c9fb0a4b7f193cd8fbc8fa4a5e5f64e9c083f5c048d61fd1d347b49afdc69e0ca6a82e3b064c49d5bffa2800b5cfcdf":120:"9661f5c3b0d99d4f762bdcabd48df2":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"76a5bc9a8d7c6e2822456156cea7d493702d61e7d504e3c3":"0a7fbca875fd620c3d8de788e5c27534160f68d60d70fa4167adf0c18ea25fa1f2cc551fdf447aa16678d3f82193cf421a6fa953532a3765bcb54183bf0e96527ae5e695ed3bba5d9911f36c1aa73132cd43b2698996eb43ff84420e315a06d7db02aee815461892c7ab9026953c4bc25f47153d5cb7b966b71b24dad69fa565":"09b681de6683751300c2ada84a214d02":"":"dd66e08fc500426feb497c39c5853b26376272dfabb82ab5978167faa91adb025a6ca0e8fe3d04a0d97062eee8ca6530c3788bebe4436ecdd3d9eab96d38a0cf9b8cc6a584a0facaea33ec2f4a6e61f780c3dad524df902f421e3204cec7c9a4bb3f0860e017eddeb939cdfbe6f924e1eebfbbf8ec63c55b62137d9f8845f38f":120:"4acc40a4882d7733d8f526365f2560":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f5cb564cdd6974219e87f93a030fdcad35313d4adf9d7a97":"210a799d480b4933e16fcbed632579beb6b00aec74c205dbaf64e2cb152c12f9b6969122f296efcfe328f54202446514066594848f42a3031425020b56d065d6eaf2caf507d5f51df493c11514400b889f33d0b996e721eb613569396df0528aa14eaed117dbb7c01d9c3ac39507e42a158413dab80aa687772475105eabcbbf":"90f91da5239640a70eec60d849d9ae70":"":"69a3dcf5b94a507a53fa5e62cfca269453623ccd3a537d971130a21bee884cf271b9833dec19862ab0dfe7052e7dc07b20f34aac42bc39bf1d495360c1d701ea53a9bba64b02962b4ef64fb1c90a1a2f3a6f81a6ba781d5f28b786efc365ec6a35c826544aab94b53b96613fddb65660dd336acc34a217960f6c22b9fe60dde1":120:"b67495a863fffcc773021dc7865304":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dc2c5a020d3ea731362c29d559cb14aa4f8e3f6a554a5fee":"8cf098cb6ad79e0f0eb4ca888da004dfe6431b5982bf1490c5f2d1486c288b5d50ea0a5a63cf9d097a71348632391b4bf962bf464419c2c971e76c03eedd09d069a070c86837e16a2c39a2cb8de3e2d3f274e03998a874fa98de0933b0856e076e7f575f351d7ecd024753781f51ef600405b304e37f326846b84692448d3f2f":"bd4d45d970085e0b2bfc9477f5cd0244":"":"d44a4fd303e657670632da8dddb6a117f3e35d8afce245e7e6576711c663f36806b813ba6421ef9788681d9717a36d3eff4ae1789c242f686d8cf4ae81165191220e338bf204744c9fc70560683ec07c212846d257d924d5fc43a3d4297ac54428a32c8bb9d5137e0f4aaa42df8dec37793f3965ca658f22c866e259c80bcc59":112:"9c1d6c70e1457a8d67f81cb3dc8e":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"167cb184ab6ad15be36536f505ea5447fd996b1d9a092ef3":"0b6ec08685b5a9d32346a5fa25d208136433204f3b86182bd1d9578f0634dcbb5b59937fb87df0679334d7f41eb8bec60ae1b87994ed2cfddcb56e95a6fb4e3ab7845b0294e4afa5ad46eb5a431cbd7ad0eb0473c42c06f3f62de03d10ddda449d41137c8010af5c7c0eac7a5fde5a39b5437a2382639fe3388ce029a7d4465c":"b5cc89a1c10329bb417e6b519091cee4":"":"7ebe4a9547fb115b39b09880d6f36f8cd402bb798c6d9db036b1ebd8b87a8e9d56fc23b7ae4e8cac3500bf2f73952c37a068f1e472369b62319a8b1bc085a51fbe47e1c321dd1ba2a40692ecd68762a63467d5ecad66a3d720a8a81e02dac0ebe8df867e2f7afa367aa2688ca73565e55cf2b0072fa3681750d61e8e60275aad":112:"30454dae78f14b9616b57fdc81ba":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9bc7aad4f4bd73acf756311ff1b72b41631344b9b57cf447":"7cdf07e17f667227edc986827d55bb803c6e51f93e72d98a1cbd161b58155a1c14ca54d52254e5f88f2a08614df68cc37f6e9fac88895b53090f69544b18aee4cc03763d35e7dd94ed82d1435316e7e02367b1c43506b3ccd31e248dce81fe62fdaea3a0bfba03477d5c151b0f76f09799048d8b23699d000a9da11281efffc1":"ffa8e719f29139d12f741f0228e11dfe":"":"6ab304cb9d1ed675383ff95f7f61ffc2aa73ab1b9a691bb84777b14c7014e986ffb91da6847d3abc0349a7aa09ed1d86f2dabc09e0e25a05800bd5d616c1a665bdb119ef71bae065ed019aed20ad3b13262a902f24ccb4819dc71419994a8b4774a3b9f4f672d31aaec997cfe340d2abdc3958c41373d0315076d22189eb5065":112:"260cce7d5ed6a8666c9feaad7058":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5bd47bea08eab8694defc2b66e60da1be40fc1e398224f9b":"083ad3fe9273b8063e144a03f88fb179b18327aba37259d7f8532303306ac9d18cfcb746cab3f9385b5bb685fbc4a252dda268044642f5dbe33ea6e1634445311e440c5507fa6beaed343c83aeb0ffc4f1cba21b39f0ff6edfff961aed3ae1796f8bfeebcd3392d92e26dd26a19a7b7c2e5910f22557fad600f8cca8aba988d4":"e45a52c5e5ecc87b4320864b38683777":"":"8fa3cd91fb93a346e1f9595088c5503a840c7d7c33aa1be147e484e2aef2a8bda77275348ca59810abef6e179888f6781862990ba8e6d96af70febd2f671a3a8d6dce9be46c1cc6dbfaae35c35a7073205411cc8ab4ddd266b31b64edab4ffea076b29803149850cca41c857b05c10148182f8e7252e67069e7517da5fc08ee1":104:"9fa3372199a2484f82c330093f":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"850a811ca18044dee4487729e619cca71f05a5b164dd1250":"6ee76712d0b1fc00e43c2312743a881ed95a0b06276c5a4d93e3d56732af6b12c7c0d1aa6ffaec562229b6443e576caecffeadd9a65b91efa1bfe48ab1ecc63c381d00fe8dc7f11365f2b28945e844e7c6ca60972f733a96f29cc12e259c7cf29e2c7bbf8f572e158782a46093c5754656d0f2e1e1ea2a0b315b5fa02dadf408":"6f79e0f62236790c89156c14bd9540a9":"":"eb1ebd78d7ac88e6f927e09fecf7feb1aa64d7435aae76cc917edd9e0624a96e945df67648c187e397954da7b0888005f7a0d05d09de424c1a0648b56707b90da4021d5a36175500337e7341d1a474fbaa94e56d7ea52155829eb6bb9d95457c138875f0738034924d59681e7c2dfffb7dc0959697468ea2b65a884c897208ab":104:"91c74a30e5bff5b2585ac7699e":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"91469828dafd30de415067236d5f49ea14e813637f1ee0c3":"e3aac00bd05ce3c9b87720db82104364c8ef6ef25d6f3c8bcf5f73f1a26f8619e831bf7bb28c4dcbac7013dc6282d07cc225bd969c582a26accd7cfffe878a3159a5ad3cb6c8b89131aada61e2960cc5431f4ef94394634e4c8b2938409bcd2e7668986c7c5cd2ed5f2c525fa0212996960ab842a43869ed430d3291799a2a1e":"cb5409aad9d227a3cf0e2c5f1031873e":"":"4aa82b1c81a911cbe84231ce7afb95188f2177b539fb77de68f3d4801a2bd09f5ee2f7e59b5d9e79be5f7a23f0612ae39d59259dabc8b1bf7dbd4adc0db520bf7e71b988fa96d6b4dfc76afdc22ea31f64c64388dd93b27518b3263b0a19007405fc08645350a69e863a97dd952c8d886b5e0f444a6e77a9ef7c7de54f405a04":104:"2a6b14c78bcb6e2718d8a28e42":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7b6907853b7d4c4a19468111d96c5de048200b5441b9411d":"3622ba252c067ce7d6cae1d1f5068e457a0cf93be01fdce6dc8652a53135d5ed445388679e3f388ee6a81220b19356b275878fbcc2a6751bee7e2a50adb7c430e4c8cae03e88465f97bcaeb151d4f0007bee6bb9864b33020717adc42d6f8a283a20f6b62ec79fb8060e3e5ecc1e91a2eaef57e9dabd3b3634236f12d4bff475":"a66ee64c15094be079084c89cb1739c1":"":"2b8c1490e13881ab3bac875cbdb86baabe7fa30445bcb39315d057171e80d02aa8471355e80ba891b26d80b375508ba2756162cc688578be313a50096d7cd6253a8094970898fb99cd2967e78a57d12b8b3e3c10502634bead5bfe2c9dad332fcbda0c1bca16fd5cac78ebcbc7f15aad8b28abf3ed74a245a8e7a85cfaa712ab":96:"e52af33988855d1a31158c78":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fe63e247e8de838a197a9e937e34c0f5a0b282533d445015":"17c5d748b8596901e97df660ca94fc970f7ebb769aff88f60acc425f50ebfb6744c6d8778c226c5d63653d9388d3fa0d4d630f94d668f3478c89e2708501edb12307a9b2189576cbc79388d291354cb9a5d1eace4ca1d9f734fc78e55ecbf86338a31ebe583cace752e8bafd0a820384136963eb2d2f4eea7b2f69597737a1ca":"8e018305675c287f802f28fe56ae5c4b":"":"c3d34e2cf1c3ad629490d70a0fec1a63c88d025ffed46ff8f5d8c0879c166ad716b702682cd0a437bdaa03a9b2e69a32fb7259b0fa930ca7a344aea37886cc9850e44de0aa049b8bc300caee82e26b2a1e5ab45c4c7cc6a15f5f595199999a0cacaa59da1b2be2a204fe13005b92ce722a000228545ae8a61b2c667a386f431b":96:"d7a6a917a286d8edf1289183":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c739dae83a5e64bd98ffaf68b5bcbcd0155d8109e9ff2518":"56dafc06b354e84ce3ce31b7f88193124ca7e7049272beb93fbedcb3ede8e017bdb9ee5d314ec5168443fe01258d9abc4c4c27580f6299b20082b4ca87eb2589bedc459f132dfaefafffdd13f82e153a2165dcab9a9b6c10f1d0d13b127312a6f5f3d65a73b8fd057f1d88038c5137254111f7aedf21af07a35e34cf4d2166d9":"d80ac4dacb0f1441839e2068013dde3f":"":"9ae5107f4394c9050f8ca8ae6d1eb66099ccd0166f38e45c1cbc17b30e218fcf6015ac92dd7ab48bbb095a0523904c72710a86e50518d6aade269c82bc5ecdfa729802441e09aeb939abb43f5960542ad87961e2141f967d12f7190b07de99811b264dc62cb8f067872f84d21b661558ceeae4922900ffd76084e450650de79b":96:"6a180ed4f3a9d5739e559d00":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4c23ed64375d42c3a402fdadd143336d2f6babf4d4ebc176":"5541a219108ce3ce593cca8c6aa6504c84983a98851bf8610d71f79a38bdc21d5219266ad56e10ccba4898ea969815ed0d6df75312d657631e1e22e46f727a499696399a0955d94942a641383cadebc5328da2ac75bf0db709000ba3277581e1318cb5825ba112df3ea9c453ad04d03eb29d1715412cc03dbce6c8e380b36167":"daa6f68b3ce298310bcc2a7e0b2f9fec":"":"2a4e04101d4c822eba024dcea27d67eca7ba7f0ea6d5290ced9376049ae085ccae3ecb624c03eb5b2808982c88f0a5c4363a7271610b674317bbdf1538776f1fa2454c249a1b0d6c3e64bd4a356ac2aa2fd601a83d4fa76291f3ef1a9bfc858cc0aea10cff34ab9eb55411efec2a82a90af3fc80f3d8e2b56181630230890acc":64:"d408209fabf82a35":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"695dfde34f0af192faa50244ab95a6059e2e637e237eb60d":"33ca2c61a04467ad2bbd2ba8144573f0c2504a4e9945fbae250385406ed1757adb70534bd6ed854f227d93eee57c73a314f5955208e1ba5af8cc1e8b5bb07cb63030e3ae5f0ad287536f49b576418bb1d2dec40562f6bdda59c373d6668aaa9b791285716325fccbda2180e33955c8be19d05e389820ed69258c9b93e3c82e96":"a6a57792b5a738286fb575b84eea2aaa":"":"b2ce449fc806dfb93cd7c97c018c2ba7d702216ae29a530a8f22d07279c7570c6288fc01fa9915b42a6be7a7d9569f71b8fc2411dd9747b5c9c7b5c0a592bcd7e8f4530ebaee37e9c7d48d7a56be7e2df1d91cecfd11bec09bbca7ce7106942989594e791e00e23557c843acf5164f3863d90f606ad8328696f4ca51fd29346c":64:"050bd720de1b1350":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1a89a516204837bc780ad9b26717e51ccf42591bf58c75c1":"c72a1b8707522442b992cb21a7526dfd341e27a11e761f594abbfacc2ac26ea48523d0113e38adbfc06d4af8809cb606454467fd253ca442241e8921b906d6c007dd09e139e568194666d5da0b33c7ca67876856cf504e8dfab4a5b0a77cfb1883d532ef7c70b35b0838882f144991c25a2331863eaaaa2059401f61378750e5":"a9b1ef7744075cd6cc024f8c7b3b0b6e":"":"0ec50150590bb419df0d6c410edfc2f8805a602ff247e3b50881ad3efb598ed053d8dd1deff86460db0081c0eb3effe9ea94564f74000166f08db24da6cfcba91a9ee1e98b8671db99edbe8fde11d0e898bb130e1b27358fc42be03fb3348af7de9376af495c0ec71aed56d680632195539b2d1d5bf804328d0928a44c9731ce":64:"6c9f55e67533828c":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4107d51f7d6e24aa605959d5d46b4c7e1743b7d5e3ae07b6":"e5074ffbaf5e771e12f9e7cc8e7701b970aa7897928681383ea0f91bce8200ec6782dc9618e065e142c4ef2f7019791e74edfe2040b08bdf328d7d9658e7473beab65359d35ed168a2bb39f3c3f59890353405a82f48e16d388eb8f2145ed9bff016e725791cabca913813e7485f387223711c1ad098ffa0f72f74a048ec17ea":"94a88f6872995b26da39efb5e3f93334":"":"bf32a717c945e1e2fe91fd38f3c7084210a7966cb83235d28f701ebcae6b2042226e932e4601eb3ed4728ca32bf7065fcdc98017dabcac23f0f80c65e92518db6c78bf4cd91f817b69f3c3a8891786d433f6c3c1a025c1d37bd1c587ba6004085571245591d615906f5c18994f09a03f3eef180d7af34f00ecfe153d5ab73933":32:"8d43426d":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0fa6270a44c8d14937cc3ff4cc2d2c997254a42ca8a09eaf":"2252d1c4706cc46ad3e4f8c49a92cdc7d1af24deaf7b08ab7304ef804cfe261acc3a202bec0d8df42cc36a5a3ace9ed7a9465cdec3513d31de9ae7821f9444226439c8f98a9a7d99b36b91b1b00eac71080d7eb550209af5fb7b3f28d09f5060070da73a40456d60c0470773af95d16c0b33d0b5327d44188619b950590ea862":"b5f3fde841156bc408ec3de9ef3438fc":"":"4fcfc56fa722af32e804dee0f4b67f5fea542b381bc47c41451844c82e5427f6cd90c37e088dbaff722d8700a11d5dfb4282e565f32e055324e5069931c86b62feb2cdf82ca1f62aee02a70e4e274b2b957650a5cc772be86c1b1cfc41b01d20d9be8b05b9e3ff65413520789ca0f198fe00d83483a1d85aeb13094c9a827e7d":32:"1ae8f9c3":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"104c18bd2a0641fd46c2d7590d60d6d8eea74a2758ed0f4d":"4434cf5d12d07614227cfc12716a8adfc651ffe5c6476cf4489afaa698d9d19947016bdbcb5b625773252745dfeaf9b10021a5b38f742ea8a0fc5f926c80cef6568ab8639cddcf8fee9678d45ad4937d6e6b054b65512f929e897ed5f965cd14cad939732c53a847bb2758d818d5d131977649db5b59a0c5ebac37db961f9d69":"2902faec60f754f0fbb1981aeba277ff":"":"1789524845a1e36322c44dd1e938ee5d0fe6df244b751f3023d5d64d40a72598d352d9d2faba68be4e035c258b68782273925a94527fcdb977a41c1e0a96f53119b5909b23b0327c820e8f6da049a5d144a98019c4953aafd481190117573869109c265012a42f76bb4c3353f6613ccbc40a4af2f9e148bf0a0324bb43337fb7":32:"d36d2d06":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"263451f187b6dcab9d8dc4364217a483dd80c1d75f24fcea":"5e236c282eb4646fbd16a95eff2b27873f625a7e919237d75989a8a112ea80ce8db0b4aeaf5da59c3b22649dabb584284ab9673ba7edef59043eb8e99763643941a4788e7cf11bad63e13c9ef08644044b76beef68928dac22975481da4afc723b3ab3b498189542cbdffbc3f467d190cd02e9b36b6981122aa80cfa3aa3561f":"6c4552b3a03152aa464e88fd5b14356d":"435453a304fcd3c4bd6ab90d6ed8c54e6d21f75b9e56c9d48030499b04f6754cff628c4c9216f7d8a0abed5b8b7ca128c099a7deab74ecfe2c4a494b30d74833f837d254aa00d75aa963ce9c041f1916eb63d673a4af3f88817c65d4c86f5a3c28a67de2aaf75f08d1b628af333e518a7e99d980571db608407d3f447563f2df":"12dea5ea9b54957c689c7c9c6a711e2880645109a4057fafe3b32727a60ee1e24f8450310d6b8402c26b307bb0bf3cb7c6407270d95590efb938e6d77359666b11a7a3833a7122697e959645d8e9d835e0bd39bdc30397115b4c348ea825c850c1e54a60a2522a6321e4b99fa2ad9215205628c595b07c6ffed939c779d23ab2":128:"585677e0f37ae13d886c38202c3860b7":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dbcf735d7c8701f537090d3dcf914c741ed783c24bd8265b":"18eb70dff73341298ce33ff4049fa631f2c72c158fcdea55d1231c46c95ba4013012b713bc95ba25a2114d0380c297acd05c323696db466874083e18bf544dabffbc70be4649cfe7e8bf449aeb9789d6fa412a1adf57ce732702ab962561f9e1fa850733c97b8a4158786e8ccf32af0fc2b04907124e731ffaf3fa7eacaa64b2":"09ecced8460af635e46bc82450352be5":"cc5b8f82fce3797009fbd38dfad7055a5e2ac241363f6773191d0e534e2b4592a6805c191daad377245c414df8edc4d3d9ecd191a50cf9747dde65187484802e15797d7c7e1db49ea4e423e94d9ad3b99aea6bf2928ce6addfc00848550b4d2e466e85a282cc022c7c4469d2cb16151e81bf63df378e0c676036197d9470f42a":"8298f796428faffa6085e458f149675d6c6e2cdfbc7994ee6f19af40fe8926c28904fd5ac0b9bdbd2de3f1614500a3eab1f980f82ac23cae80f3e6ba71539d1723e9f3412df345536f7517d847aae79a83ee9ad5fe38d60c6618d870cb1f203a3e1847d14d8de5295209c0e05aa196fec0eab8389e4eb66bdf3dd49d0800ffad":128:"e53ca266dd93def5bee5daf70c953dd2":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5f8d84908a8b7f5e118482bb867102a244bcbf48b7229115":"9cd2a4e2acbeea6a73b5bffc1191d8045f63f3a14aa762eb776f35518f72bde4f9c8decd61a9319e3dfca82e682910a43de2719451e1a32839b29b27c3eb1c8f6118512d6a19cf189e2d04cf4e22459397936d60f7551244387294a7994320546f070e54f166cd7c243d13f3017b786f7df6a7fa4ece05a2fe49fc39e2225b92":"5ba986f5115d40c2cfe404007a1e2403":"06f98d4807efecfc863309f3bc64b0f04e4c16c32675ff97a3295d5657d4443f6c8b0a394d3f942705bdc19c22b8ff58e9b7c209b528b745fa0424d5898ef0e42e0909aa5ad0b01f8549e3674102ddaf4784f0ff8908cf9f9a25e7e4dd9af4da7bd13ae0cd87b6aaa6b132dc518f4a95af403e612edce63e1424dacf8e349372":"2f168fd1c819b159739a7cc783ecdb0ef9639b7965918e343e2a55f196daf584f7f14bb6e42d37b504bfc2cc08c218c5b841b2d2abce05bbf15315f471e56f04f7d54d6f1dc7b7a68b8bc7026a1441105015bcee2c39d83be35d25f0d514bd1ffe75411b32867ebf2d532a766f9bfce9e55ea3e0240d2a3713ddc2ba790bad21":128:"7f121ea36b36449e1db85e8a91ab16f3":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f6c3037a59e98a9a81094d65ca52752ad92f93bcfa671821":"26647f8f4092f80fc19f81f029c354c582b582516e8e27e97d50866e8ff755f50a8ae6422f4e996f0cf50826a68c007a5b16fd59002d368ed3285bbd04f8f9a5a524243cb8d5b3ffa184ba7384771bfc508f2e93abd2a1e7170d694d35cc0ff7f247e84ca8889efc820c3f6d9cd40afd56c5799972d7556c91cde50ac808652c":"43b4f15bbe525913a31a9adf23d1971e":"60826c97f0a99b88e7aeab774a3f2278f9d35b6c1a5fce49d9389a421543c99f68797224535dca4d7040313340da73982220040a063b045843a14f5d38763f95bdd26ef818f6e5171c8d5b47f183589afd6acd36e59b9946c1edf038ae285f500171e9850603cda36043c29860e75bfe03c21e0ef11a9aecc5d5c51bb2201d29":"e58df99cce5b2548cf39684df6a26b8f9b7969168ff21c410bc40b763842ab3b30cbb3c82e0b420c8100da61c9037a9f112db9563a3d069cdf2997e7f4dbb0b5d79b56f0e985cd8cb70355366f7afd211bd9909c48b142c6556326062d27f7f82d76b83c433f00f1716ebc95038cb57c550b5810b77788c8bf1e686a8a14b610":120:"ba6aa6d68a560642c266bf4469eaac":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8fd9b08232a1d3fbe319d0897c74098f75b3e801d10e183a":"a677a13ae26b7a05cecfd153aaaea02ccb50db601221a3df545164bb5fe638f6ed276d4bd172b9e740a82a690aec4f18f4f3a0afb80c9a32188958e1cb3651064f55ca1211647903f63013e46b46c7f4f95589012eb4ccd2451d8e8dacc3cd066281f1f0c71f69f1c49f3f94136a522fff0d02427e4bccab056e615ff6fde1d6":"304c759800b8e275dfcfd3e5e3c61a7e":"5d2dffb00a25788548ff1b2c94745e5bfcc05eeb11e63501007335d4bd06bfb3223d4682e7e83eca0e163d1a8f2a76096ab2839ad14b45eb59ea9b29feb76f40b0d8dac55247c65e5dbe6bb2d5155ddcf2b2f924c48e1c16c990b69ac48ef2350873c1ed524ce1b8ef6c92a11c8e461303f7c32b5d65b57154197e45f1c6b792":"0779e5050dd17837d40fe3427322e717f074312f160c1951e5560797c13e4fbe47f320dc8053a39d2def4d3cc20e215978647d917ddf93fdf9eee5e54a974060dbac2a478afe5f5acbf65af4dccbd3942d130dddfd90cfc969da0c7f4b4050e34ce2e049c3bb004782abf4744c9a3ca2713ebfc5dfa16d011bc0b33d0368c108":120:"54c8a1dddfaa1cafbcc1883587b4cd":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"19d38467c1024611433a0b2780980538d88f3e8907a86e42":"2623cd0eb46a7366877149ce0204d7dc08a5e64a1adb3b6759178c4eab26ca1806fc25fc0fc99dfc77d1811e61ac1e04ee82eb69ef7527962df1707734e4aca970b8a499eb70c2b0386942906945abcd9234b92e7bec33009e70786c39bd241da3905d961473e50367cb7726df8da2662fb32101d13b75032838f01ad7946670":"8d56a9e4bed67a7eb0f7b8c5e6bbf04e":"1c7d2744a56f5185b9cdf14eb9776ffd315214540daffc69c217dd64c7d0fb4a9f7b1ccc4c1e325fc046eec4feb8df35d32f492a28d35858ad1e9bfaf95211f111473c2ff799a124b308fba996b08f185103607605922bad319c6b7fd211f97c861565bea34948bfd751e4ce2591ae777ab1df8dc9e820cdad13066ed74303c6":"edfdfa35b41c5642e5b4dd1769b635811a48ecf21915cbef3c9e2f8230953f2ed4fda8903ec7634f10d55aa58c975a6c6133a173c2aeb83d6d7fc6534ea1781dfc62408e7a17d255a983bd1c33d2f423c364893db8128a599cd037b2db318f86f1fbd895a64a9fb209490b7e9a30db8cdf42e348cfcfa7984e15c17db810ec19":120:"17dff78f61d21de4c0744e57174f70":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d69bdc9d35589e33ea9c2b956780cd9618e0df79d1083e69":"d8a75de22fd3e2d50127c6fdeabc09fab1178875998319e1ea83c9745a1d5833c6ba9df08177c349dfa412e13e1927bbd4cdfb54a21c86c149be1feb4d9de99ffd590850875a3d9c8d9306971a9802ad4ca48f73d0517322525ac8463e3d59ae9895c9b363b6f0728d7585de78cbb49757bd1919ba2f2d6ba042d0781e7a79d7":"abd4b94362501b8f307fca076fccc60d":"1ad9aa99a4c8158ec08d21ebfb62604a043fc0c248fe08daa15a89f4a7855916af8aeb681ac6600c0268ade231f918fe508f48c9cfa998effc350fa117e2772f04839f8fa1a53bca00693ecd28db27c6507750404bd89af07451d66fb7dfa47065e9d3fe24a910eb27911591e4f4e4746b35359afada4356676b3c7331c610ab":"52e88b54b410dbfb4d88092df52688ba9502b906752b4802aca5428437d795de0d3539945bebdf2bab070df4a7e630469b92fe2dde0998d44094cae7f21f84ea7806637fa5c73b138e87d04005ef1206ddf30a21f46c0aa718665e809ffc0b42b5250143604b20225ec460defaf554a8bfb5f69ef4244e02e9563c374a44f0a9":112:"1024f8e9997f5fa4684930d17431":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6960be8fe82061e9cd783cd1c03f63a00d60ce9fc47ea496":"e0f574ddbb04831b5a86f40182f5f10d8667fe13c7065b471df157f67230c41b8c069c0218ceab93d63964be8ee853c567add2c3eab1670b03a51f9175e8e763be778ec43833cd716e1c8fe5cfb1d663149b21e06df772a3973fe1297d65188201cdb0c3533f5e9d40bb0664a97db60fc99d7e48eedebf264024006ca36361ac":"672f4378862c82738055273c72555b39":"e3a4dbce87edac519ce86349eed2dba0d371cef0d8f20b4dda3e1cd9f5799c9fd0b7494daec5bc995a6936c501212eb957ccc9ddd4c9b8a205cac122ba87b5c5a0eeba6b2af2cbc2326d953d61d089b6334ce03257203072f8e06b8c6f37692748a13e681082900fd32f0df6a3072f3a8b9bbeb3ea558e97a43d6656093d7c75":"2a3c4b79bbcfa4af04baa8413f6f1d18c9c579060ecd0cc359fcdcfc0566697ff834f7dffec84b2292e8583ecb59c9e5e5d87913a6ccaacebf371f1fff67f0be749d4ea5f5c6f4c959e9d932414a54a8e25bf2f485ecce9e70990bbc4e621ce2c8fcc3caa66b0730c6639de1bfa0124afe351912279bc3ca363f4e6013496cf1":112:"dbdd6af194f2578a0d0832d0cba1":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2b7d0115612c56a1f28c6b3cb3d51c2b4bbd4cd36ccf3dda":"3a88efa524a90b31873cba177a7e6e050dc59f42c934923db1e75fec924908370ad0c9c3b0b3c05adf12c6ef2627d8d16f832071c055aef5f581a39a8e7d9bed2629e26d5e3ecaed24048d744fba08d8d12132def62059f1a549044c1db121f47f10b3dc4a02849150aef53bd259d6814162761cbc9e1a8731d82101696e32d4":"317a60c3c29440b8ba04daf980994c46":"80d816bf4008ae51b9dd9a25c30cd7482f2289f5616c41d99881aa8f78b5efff84efe307a822174f3a5c08b381bc99b169b92057627f21dddc367723eaca2545ce3a4fba2b4633fd99459fb03e85d6d11ed041b63185f3b94f6004bdce556e2a0aaf811faf0153b3974d0bae3eabadccfc95474c940ecad5b4d5ea88f88b8c4a":"f193303bb781164e42b3d4d25569a446c86646bc0fbc93059603c0b46ec737ddfcd55df8c90e6d806bd9fef90f2b122a1758bef5c75fcdff95ce44217d9b6b0e75e77656cc7f8a8cc47729c74faf43cbf08202e9ad16c7ef8c832ce5f97f51153e178ccc3c168928f3c328cd5b4c341bb0482f6a292cfa2fa85e03d95bcd4cb1":112:"42308ffc76cb6ab3c770e06f78ba":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"75737e01a95c2ad9c860e72a57da646e01c2286a14dfec75":"fa749799afcf2242a6000c4fe1e0628db53933dde99d672e3c7b24b0cd6533b8002bb7aa8633322f4ee2e343db3a0067ad44edaa398cd90ebdb50c732e8bf95aceb4aaa4dfd1eaca617c30c30c1a18761a6d24c2de0790f54f73e0802eb82ffc0124517ddafe8336f4ec6197219346deef4ce930e8ae20117e6ebe49a2582346":"1060d78543be384e7a9dc32a06bcd524":"528a6c34c3cb3aba402b856dd7c9677d0d88821686edd86287e7484b72248f949bbdfb640df27e3d1d6b6dc1293ea6c84be72c85e5ff497f5da74d796a21f2513385a177f29f2154b2362d5ac83c3897f368d06513333f2995b701fb3e5aabac559f6018fffd02cd6b65eba9cdc629067f15d1ae431d6a22811508cd913009f8":"7e8774cb73468ad9647f6946aea30e9468fac3850b5ff173c7b346891ecda32a78b58df8d835328615f36a12c18370f3abcf021ed723830b08627767272f769a2105e4786451db0512027ce0e3f770fbb0ee0e1850a5fc479df4ad5ceff4fa3b2b9124c330c2e79d770e6f5e89acdc8d0ca9c758980dfefaaac41aaf6d472f8a":104:"6bc6632bb5b3296ede9e1c5fcd":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a326226b24222b3389d793b61b723e9ac7059495a1b597f5":"1cc26e453a54c94c1cf902fe12307cce2fba4d5f0fc3bb63cdbac0dd0b5ba31d08dae2b4f054c86f3a3ee920d8b9f7ad8ae8b4eca090c8783cf35db5de3b95889a84f09ff3f70263c61681f00a454b0813813f0fe3ec38a6d30cc3c6a93c91a422743e7a72340cb012718b8a4a3b66a75f13e0165aa51ee4b00046cba12e966d":"327972d0c2ebc20ed5bdedc8a3a7aee5":"2edb1455bf4573a54ab921d31b7fc9e534bce0870eb6e973afccc3b1f93dd2c1a476dd88e705919caeb5d4f4a8516a718cff8858eb443ca7785579036cc7273570e7bf2489ce71a52ad623bf7223ce31232d8c9b18e52a2dd4519bb08d87301f3ae69dcc36c6dcb3b03d8fc39b6621f6b4471092e941ef090c9821a05df8575a":"5a219a0d997e879ffeb548d43de8e4f32a9ad196dc425c83f766134735ad2c9ff5d9665bd54ac3efdc50bb4a7a04ba59825f31a0f3e530aef45bba00cd6479efaa19c85edb4734f91fdad6686e50f9cc531fcabce9e8397381b4d691da4a27b7c487e93de3e3a9e769e831c69b07697e4bab470ebff628e710efa17e4c184e0f":104:"2b9ac273c059865fab46f05ae3":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cf5f2d843042ab94fc4519d57d9229ea7e8172acf515fab7":"0e20f5a2afffa4a5f9219320716c8a26e35a19c525dddd528e5f5f06f0da082f43272361f07cfdf57423f67ad3cfdda9cf1747c602a93747cc571adfabcc9d1ec1a8128908df45fe0ede0e14ff40169dd1ecbff7f4062ee7be0a1afb370c9d5103132c1fbee9262309cb05ea150fa862d6303af71677d2de9cafdb4ecdab8d5b":"95b06c3ce1a3de73cf51e781b941097a":"765c3fae74b6fa4b6ed4ca7ab9b829d76a7759c50874a38d2ecfddaca2365f7a143c9584e255608be829950393e5f94131caf4caa04aeeeb9d595e39ef3f9830246d6066995b2d40438f7eb0944bd452ab493b422e93a3e0dc3c0fc2a4b83711ac6693f07f035fd9d031242b6ea45beb259dc0203f497a77106392e4da93c285":"f43628a227dc852e0ad931e23548fedfd57020a26638ceb95dc5601827a0691c44209d14113da56e6a1e44c72845e42ebbc7ffbbc1cf18c1d33ca459bf94b1393a4725682f911f933e3fb21f2f8cd1ac48bc5afb6cb853a09e109dadcb740a98e5e7ec875cea90be16bcdfec5f7de176eeeb07a3768b84b091c661f65e2b905e":104:"77964b5ce53209ee5307065d49":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"11cf18bbbc1d8778faf40391c30ca417739ff8e2a521926c":"a2e11ac093ab648118759183cd52ca7d5728ca87fe2f31eca28cfb13325e3e6e95974456857866dda78359023e2c998d2c93c6dfe8f72c6d4ac39ca0585a53fc074bf1124c3ada92e78462a445da23e650bf52e26b782ff50312ee2beb7410e93c8435f7b88dfb0ed63d9a3823992d796bf3ab147c33593c5e6193ef32f7a620":"bdd9a2b70e4ee0cc501feca2a5209c3b":"051c68fe0cd81b52fede137d0105e69c74771b770ea9b573ad92ecae86f420953f459755597f68c29f6fca39a27239faa940ce6c949ccd44c9f12a0160cf74a575753310f52ec5c5bb9c4474b85266494e63b6810ddf7a6abd1cf8244cebbf69d3198c4a09e8dccbc9429f81791f5c02628e9477b988e2bd10f9bd5d6731ad01":"ca899a00654730d68219ca2ed9b23058a5f40150c237143b24245de1e440329e513690f00c0c52bbd0de8074fe5d7a50fe420470249227f967340efeeb64c424881c7f3a20c405d58ea81f2309c7f74ae572b30313e2d4b419fbf5f2cf90c6706a1ae1a800a883e8b00fbbc9dc28bf5aa4a329246bbe94df5c2d4524f57370d9":96:"dd45503cc20493ec61f54f01":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"812481f8982b42b2fb86297c4b7c739652908dc498171c69":"32b27127582ceac21f968f5418e24ec8b84617f4daab0eb007f02d45812e81d486dc50909d79221c438def535b8a55946f50297963139a6b21e139e810d19bc1566b374d080a387a646bb582dc738c44156eb6c8dad613586662418edcbb18fe688d271108318de71734cb571d442e4d9537b0fcb2f5c763b3fbcac010f5c4e1":"0dad658c73c9c88dd927a502d7b14e8b":"af44f747d77a83ef0944f3bac8e835d752bb55772a7fbd3c6af27ca0eaadd122c9af1e2a9f37c2ba42779ed8cde2199125378fc88c7d6d58edc01c65491c5efc6bee58e7e8bf72f1a69d3dba47b38a50077130cbd71accd3dd4f193a53c6f2d1df694476767f79f8b71fd42745ee5bd41e90a7dd50a1597445251b32de303169":"003ae4798f6a0b97990d41373623e528618f9299cebdb0d23e3799f62bb063e5530eef7fc40c06af16965ff6895f675ffb81c004d826cbd36b5eec9bd3d90d785af03b64d12d311b6f90bcd75a40497d0fad5e54f829a097b25f7a9604f6fad475c9239a0f8d5589b8a76c6f7bc852a3b820734b426f59ee845ec3f09dd7d3d1":96:"b80bbc002cbebfb4ec5d48c0":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a6657a7a9ddc6b4595df94d7c6bee9d13ad231cdc46ae5b4":"36857eccb5b3c220265a40980e8949135e840ef270602940d3394f3f679aed55217c1de175f6b48a16f7b394ad7d288bc425762f971b752d1372b369fb1c3a64970c8d18ad6de2e1a9a561a749e3cf9a8524e239f3121e8643bebee471e55fb5d54a3453c51b1747defac98ead8b25854ed1cae7ac44fd28cf4b1ed8988875c1":"68621ea7c6aaf1e86a3b841df9c43aa8":"bc25c38d3a200fc17f620444e404f3b3999f51ed5b860c04186750f55cc53c6423c44d0eee02a83af27d16b9652a7cb3d34a5cb19694e5399a272dacd56c4b17872fd23fdca129a4299b9c87baf209dd1cd1f355088e3f938e6d5053a847b5913f0b9135d6f290e365508bed73c61160a11a2c23aaed7551b32882c79a807230":"de8bb8e69f9ff1322f0a6c30cba5a6fccd7d17a2173a86cff5478ac8ea4ad6f4e99ddd4149e6a9b24865cc8fd6394066e24a556f3f6d48c599592c56f06a946c6b3414e2fb47e14d1f128ef26b385912367f35082099c1f3d4ea86687f19f059c56dac21923e9a151567299416eb311f5bbf9a28968b080b0b200044668f0919":96:"065f6c2b86891c719ea76984":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"20cf8c2c47cd583286157b45b575d4d69c793b4250274fe4":"a64c2131c94fa827c3a510b23b20fb6d04579bc292d2ec33efc9eb31459115da143f73fba9bd8b03b67e591497d108f900a7279542b480bd3a13ea588a29efe66688b52c3fd58598c66d8595888e87b27734e6c5b2796cc60ab2aa3dd06a29c577de5bdbf0b6c69c7034f0181050f286b9300d214f549165a0b5b56ba8e40641":"ab58d2e18eb83c20df94cd6b569c65fe":"93ff6057eaaa9559d87e3276d4d900888cb1f56434ce2677ee1486a0aa8f4e8d02c47d06e6841f3fbe5bd72dd37fa9d81bbef807dca6961910844eb9611419936310d717e1843e7b278f48ae44a57c1f227a75fa8cbc7fd57c8cc3b101e036c8ef3043642c81f381561b61da7c9d79b6da9ec46f7cf093c29c1930b27c14f991":"a3f621261af17ec4756245414280017fd36133f2f9ff89eb8979d4417b8f93892bbf7b08bab785341bf0c7b5e3643f0e33f036633e5ebeae7a750ffdfcfbab690291731e92238ba6b45859b309629224fa7efc72298d3cf1ae3b6a9e94797552afc4e3a46205f9bab7eb64e4a41aee0e45289704a97221b7118d209e0b267a68":64:"ae53564271d5de5d":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8a311bf356cb1d1f58eab411b45b8d78b88052f3c8ab821d":"3e915e92f186fde05ad55a2597ceab81495abbaa0be107dbf6a375525d1157a322b1f65460dce0c3aa2bc08fa89f777dac4d2fc3e5f7f20a0d5e33373c7f1c3551369737124c702928726bd9db96a33bacb56f1d645fa02ca1d88629c547c0eaf9585ee23b530ea971bf439c67e3b752af882668ebe0c739b26c837887b9d2be":"0569d05f3825d16aaa89e86812f80628":"28494a12026eb89b46b6139573dcda0836a617e00e25e2daa92f9372d86c3c162cfec34d634ea48294c784825615f41e06e555cf916983931e3d6a7ccbb4448670139616e3bbf7109387a852703b0b9d12c1fbd966f72bf49a7e1461ca714872ccdc59dc775c24a85e9864461123710fd8dcc26815894ee8cf2ca48a4ec73b3b":"9ba776653e8d9d240d9c1ec355027a18731c500928925e7c50ef83c6f36957073a8386ecbfaf430634cd557b1da1bf122f37456fea3e9b58a6e99413d9d16a2f1b40dff843fe16a2fa0219ad5dd8ae4611de53d7aabbef7a87ce402e62276addc7f44e09ae9e62c5cce4ddce5695db987084385ae9a98884ec97e67b549ad440":64:"c669ca821b6ef584":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"82fc47638cfb361ecf7924c03925d6006cb99459ef5691e8":"d14a550d419b8e03762429a7abda3b17ad7a1305e5fc639e71538285cd70d78fa30e0c048e2c32d2a7fd7f82c874d63ae922db5a77111b46caefbfe4feef4df19786e5fec6a4df84f76df412b1f06bea149f1996b41b117d00d422bba5566d3af5289ca9377f325ca1e72f7d6a32df6607bde194cf4ac52c28e8aa1e8f1c9a67":"2a8e1cadd2f264f2ad7be9e7bdfa24a2":"8088358d7c3ca8951d7e8cd6cae15844edabccc8d0fcf8f169a48cf434d4814f1d7d9ae410e5581d414f952f52b852eb10fcf0f2a67bea826ea2e28331f0597152e624e148462d5952f10fa363666d57ebfe036695e1e68f79161b991e20c8ae6095232e63fde073c79603135849c62f8d98a1d80608fc081171114db41883f6":"e54cc95e845f4d1b28885e9b90d1d9d3cc51fd9d8fec9bce57de8781a28b4e5b7ab446074e84471d7a9a23748b689c354e402be77f9890a9c52a2eb9022a6a415e01285db1c6eb66d5e15f4216a4f3f45782677b6ccbf20ac7b35bd153f52a599712d09712ef1454ccf72ee48cca967f4917f1aeaeaa6eaaf8493ec7ff2dc1d4":64:"093343e49b70c938":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3180703e1ec93b20d1ac4d64e85d5461d75f783bcd2f4fa":"b7b350db6fc0796e9fd0cb239f561bf7e27b2aa26b8e3e76d8b737caa1c1c5ad624a32f5709e4b751f8c21172d4d0f4ba38ca4d1d0e2570c084cabdd0e8880b35140c84f775c3c301a9b260825e1fd75f9835777d6c0e23d359af1a5f7caef934b91bee521531582b639be2cca87c2991f5525f4a2f64c30a1453013d73c16cf":"916d72d515d3247ba48828d4113bda3b":"1002513035cb1d7e8b2710ff8c93cec55e2e2c2b56000d4c1182b5286736acd2d6f2fc9b82f71156dba6f77463805627e4bc38c96e091ecd945df7e996e7fc3bbfdae3d85ef1337fbce960fd1d60d06962a1669e9e8d20be151f6323cb38ef68ab5e838f02a0f379567f518f15d81b192cb25a42356807c1b9c02bef8309ff44":"d590f2afcd64c574ece12c675f509efdffc01e1404cbafbc923c4b44390eff66dd839e6d800df67bc06f49f76911df3cec36a3a1521762d6d4a8ee602ebefde0178863443f918668fcde8a531f3b5ee0e4c379ecf3e75e7c59f753e41f4e39811bd3e7dd3d6bbaa1e81fdbf8bd976384a6c4505f7e4270321c7329bba7f15506":32:"22e50ed0":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02bc0a8ab5468123009b2c69aaffd0a20a1fb082b55a7ecb":"8bf32af1632a7903f00e801ee6e5c690147c021be6886cf2462b2172786ab296e0feb96648e4a602ae6dc45e2aa60e6610356cde26b1dde3aa114c5449216a467fcde18332a6d482d24a1ee952379340d036a48b63efa092db4c30a95f402d57b9c837183e900b47805f170cfe9e69baea2b939799e983f7470bb1297f937bbf":"bcfc15308e891f32506a50c4ed41bff6":"01bff5e606a536e951213b23672db9074fa8bbf947e815d32cbfe30adc1e736517f86139840a4aa0a671b4e9bbd6a59d292db34cc87742c0dfd2d658ef157734c5fdebb3e5772d4990ad1b2675c23ddf1472e892dafe7bf140d614c50cf937923491662299ab957606f4ca5eed2facdc5c657784bac871fab04d6cd3ccb18332":"b8dff03141832970c925e7ff0038394a0df7f35add3046cc56f73e3eff59e18932aac697456107b6da7da3249049c3be5c098dd730cd4bf68cdf798c3a932b2c51f18d29e4386cbf1b7998a81b603372337784307b0beb59235eba4d3e4810899f6d71a994ba9742aea1875878ccef1bf674ee655a0720bd37e44b33cafe5742":32:"bd0be868":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7c07d5ccaadb9e3ba5b5ddf380a7a2a175522b98e31e1d34":"04d3e6bcd5ebf696fe84a702ffd5f76dcbe9679c909b36d41ce6362f229304aeb19896c6376cb3c25081f709af57d36f39f421ecdb70bed9f829558bec6e78823275fc11f9a2d5f773d27136d903ff08e5926338dfdcbc182825794e5f739efc1f0ecda8e53751edbe0d08963471fb5099f2ff31f76b479677bd6d186a409525":"e4db5c6403a03daa703516763052bce0":"b747d97f263d0ff6119df1b5332640d2e4568813adc12ed76175fdfffafd087456748abb267195688d2db41caef301117979dfd2db9714b352398594005bebb449ea20415fcfb2671253f69bf6467ce7f5bce350a834c4586eb03e766c1930e7e6ccf01283ea31b8c73d7967cde0f2a53cc46b1b50c48649044d6f753f1d54b5":"f5faf7bdd99c62ec87f93da2ca3ce31e694df0a0fd04d61914f9a7a4235de20e0a406e297ba1099fff8c14e8fd37a9d6cbe2c5c572c988cb1ff87ffe7825e1947ea3da73b8b3633721fb4e08deb3f8fcae2407d73bd4c07f32b4f9ad0b1364003b11f84037a28239e96c3996874ba8e4ec7270bf0441d648f52f3730d30e3536":32:"e0820c4d":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dd01d48789ef7f07f80a7385e4d1b1734903bc6ec768c9f2":"":"944ed7743be9ce370cba7b7c9b7dece2":"":"":128:"dfa0ab389c3a780f598af80200c84da8":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0383849ed0db3e52743aa82fe8cd9173b457755be8bbd46c":"":"c6b8518346ec52c001697b7bd38dc795":"":"":128:"48a1992549b627c8621e8fbaadacb16c":0 AES-GCM NIST Validation (AES-192,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"936388053ee0116b3f783ae34f000d5fe2c5d712842d46f9":"":"c5426b20c014e472c7b85be2ed0f64c8":"":"":128:"4cf0f6a45f3544e3d391375c8fe176b1":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"40dfcb3151a8dab1cb79a6a1e6a24fb55024d0e256bd4b07":"":"b8495cc54653e7ad74206153ea64c3cb":"":"":120:"1d3786412e0ceb383de3898ef2cffe":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"83ca41d8b33c6134a14d8b30b0c36d5b799574dd925f3b8b":"":"fb9aca5b4932035c65b571d170fdf524":"":"":120:"9787f7d68d2648963cb49fd7459121":0 AES-GCM NIST Validation (AES-192,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"886e646688d573c2dcc8ca229a11b394b3400408dd801503":"":"c0744685722cb87717c76fd09a721dac":"":"":120:"794fe4df0084c21ffeaf959e5b0382":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0b845dc2c4e9e5a94bd3e8969300b16b45d3ad5eadb2e80a":"":"0900b3fa3cc9833d702655d285f904ed":"":"":112:"dc670518e150d326921bd5f43e80":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ac9fac2e32ab44a0774949d53a62c1cda04b132a3b07a211":"":"8cf6a81bfa21633ad95ffc690c737511":"":"":112:"4cd7a6e4f3ec3d41d086e6abf14c":0 AES-GCM NIST Validation (AES-192,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9f9721ef784980d03140490f760313cc8a56424affb01672":"":"c104bd8482e3fe7359c85e0e94fd4070":"":"":112:"3f682fc71989804ba74bdad04a97":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f7c935f56970678ab89f6d97315a33efae76148263e95f1e":"":"1a91965c5458f4a1fde309cd42a3f277":"":"":104:"ce266c6f0447623a3ef1f6f57c":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30ecea6cac70a9de4f4f7f441d6b9b5608cca39d07c0ded5":"":"361e5cd21c670de39b5f0b2b89437f99":"":"":104:"48a9621522a98bc6c0acf03429":0 AES-GCM NIST Validation (AES-192,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4fb80c4fd026c3f68ab8fcb8e28e144fdb3ba00d70295ebf":"":"ee552fb94a527d18d285d6c195ca7b2f":"":"":104:"5ec97630ce593e9d560136774c":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c0261023ee9f682789ce9ae970fb7601f07551259ef91945":"":"bffe4af76db75bc4a3d42b57c73c51b6":"":"":96:"bf827b4526da77ab2e21908c":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4fb4ab2071bff4ec239ac05c04800806df2c256a4845b13a":"":"3ee0e2e72eea437e46a873bd659b1c4a":"":"":96:"572d3ec2650ad57eec84fe00":0 AES-GCM NIST Validation (AES-192,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"193d5ebeb466d3fe68754bba413c65112ae29c5ca5e450c4":"":"04e9d31b3b1205cae37c435d5a5579df":"":"":96:"71004356f266688374437aef":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9a455ea1d9a78425a41d43e293e88de40dd6ad9ab2a63ef0":"":"c108c56a1b3261042adc89046ad1ecf8":"":"":64:"213d77ed0534cc20":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d6fff8797db2f1884b7d71e3ef3e5983234a837dbd0c2cd6":"":"6be4417d7c00fe9c731e0932a7037a71":"":"":64:"68b6c28786a017e7":0 AES-GCM NIST Validation (AES-192,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"86e6c451ea0ecaec9e365bc4831e7a6c092b65ee9bcf1b86":"":"6258168da407ce43cc18d6931497c1f3":"":"":64:"cbf20172e75a6316":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9295cc6458d907da5e7c356a7de51eb8e8d3031f72a05fb7":"":"c7eaad3389fc24a4ef96a711ffbfff9e":"":"":32:"12508e37":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"308b6ee958f81a7fbf3bc386e167459206df9c1cb999d904":"":"2c61b991ce478d9aac818d7aa75ada36":"":"":32:"32ead170":0 AES-GCM NIST Validation (AES-192,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"873d033773218387690c2871448578d8440ef36553583928":"":"02072ec745c856c6e86873a0523d603a":"":"":32:"e6a5726b":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cfd9c1375dfd19e64b5e4b75022fabaa049627d5238cba3a":"":"0a745c6910b23c78b1b44c02f1ce11b2":"0cc6724b9f3675619fbc70117bfcfb5871e903b0f01382e404793c1dfaff5a5b4131a7fc3041014941dc2c53871bee3ff18c08e9abbb13a8ea220cb89cf65bea1581eb8ac43d148203532dad8854616210ed7f1f9467e6b22071ccc8bb7e3bd89a0ed02a7058401aa4f2b5d0ce050092b650591282e66ee789bbf032dc105503":"":128:"8ec41e9c76e96c031c18621b00c33a13":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6c9f16c5dff4bd8d1855995dcad1c4253759b6e2a833995b":"":"3f25e3210d6d9caa8725eb55c6813cef":"7c6a66d930c95ce1028310cfa3670b77ffeb5e9b627a667859665c1dee8e69930c287fb1f1a3706ed1a0d35eb6d1becb236352a226a5b686bc27e1e1dce4ac6d5974d88b9812b39ba289b2490821319b5fd677da23fab3adbae4fb3630e2571ac887ed951a49051b0cc551e7ebe924c0cbb1c516f71db60e24773430dc34f47b":"":128:"5e000478b55ecb080c1b685f24f255a9":0 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a8e393e00714cd94de0347351b924ebd555003f3a297493f":"":"9c7eaf730fa8074acd372fdc53b726c0":"ce4cb46e67d85c5e68afe61ddecb1a36da4de42774d45250d0d52b328834385ce1ceba96f703daab81d7a981cd80c469855e14d834df41e4c0c98873f3dbb777fc0562f284c466b701a530f27fc4e6838cecbd162db34b8e8a23131d60d1f9dac6c14d32a2141173f59f057f38af51a89a9c783afd3410de3f2bbd07b90a4eb2":"":128:"66bb46adf7b981f7c7e39cfffc53390f":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bd356a8acd12b06de9f63825e93664cab1beae7f4112cc70":"":"72eaf459b8af0f787e91d117931e3cdd":"9295b227be3e1faf4e969be6c7f20d507431cf5da9e2a577c9b31538058472683bd52f0ad3f2fa9f68159c1df88e7dde40d6612f8abb0f11a0078419b34b558d9144ea6596a09e5d5548b275620e5a3096dceb2768d2f77a0b79e0b963387d3016ecc2f155d9182e3209d97c76329b830bb62df195cb2be11223565f496e751a":"":120:"2ff4aecc90e2de9a7d3d15eb314cc8":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"80ecc9587bc2cec1ba87ab431c7ed03926169c01eba19729":"":"5a65f279f453572e169db33807d9b52d":"29520d9020efa1ecf514e39a286f398c7225b945608d4b57ec873ae8bfbdd40e4cbd75b9b535c9f171cd7913ed4b21e09d6bb030eaa27ca58b08131817113c852b6cbdf550d94dddfde8595e689470cf92f9c20960b936ac0692171158e54041155482f29e4acae41565d87f5641d1aac96b8cb763b7f1267ccdbce234d067d4":"":120:"83dec0fb36463b86270656681455a0":0 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"94345293fb7733fea9c8b94be2f4fc26f8c3655f583e2b0e":"":"8bad4f3f289b9f4063ba39622ba2b7ee":"7e2b6520d7a554e612d01f462606c0e6d0181bafece1daf54f4316d707483a5dcd4275a08caecc1c20f3e32872fe3e57fa62d598949f5e49ef0efd53e918617e0a140338c007025493f2e0f8dbe5fca4a57d1db6333551bbca79243a73ae8a68dafb3089998359159df916ee6ba4f928a6a173390f15f2ee6045d578dd757bb1":"":120:"da305181a12517420c6f0d71fd3ee1":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a3915523031c3caa58ce02c2b1e6ee2eb42cdaf31332432c":"":"d5416986beb3131afd6b7967836d243b":"ba4e883147c8f07afc08735e6e439798bec60e00ed3f5982f66d6b82a9af7580934112a9858f83abbd71193190298f0683453d3f8388c475fbbc8f9b6a3d2c77046b73986a54cc4559c57cbb86330267e04bcf5fd583c6d2968a7971da64c99d98623676154b0ee413ba531ebf12fce5e06b4ee0617e43bdaeb408b54d1b4445":"":112:"f273fe664e5190a506da28ea8307":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"799d3ff266644128f330ceb8c028297991b2a5593e4afa3b":"":"9d27061dd9d50817b3086f453f1f401a":"d3b5c420ac597daaac7503cd17f580e94ad779fae0d4199ada2c7da7c4a611228752375647a03241f29f810d3a6a74a140ef9651e4a6099259f7d41ec4e51a02917e8cc35edf7f60ffc473805f56f0ad51fcc767670157c050c3214d36f831a54bfeb7ab2039cb10f7919b89b0f623a572aaed313983b105fdff495d979b8a84":"":112:"e690c9afdecea2494b6cf5a576bd":0 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7480905cee8be7f42b9490936041a19b060331712882da55":"":"27500a09506e0133c88f65e77721b547":"52832d4118fddf182b21513db25d54a19220335f8676ea35c0941d2a38a3aa536b8c9cbf093de83c6b24da3372baba2826289bb3cac415795b9bd3ea62bb9b48450978e79b936cd70cd551e580a6de3418a2be0f4c1f062954aed6adc94d805e59ff703d239fc2318b80cee45c57f916977b319a9ce884d7e02726fdb71c3287":"":112:"52a5721e98ba1a553d8e550f137c":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"042db3f8af95ad68966bce9ca0297ed41b608683a37457f5":"":"32d3e97edd3f393da5abc3827cae1e67":"4d7c2ee6e024e95a6e684ded9898f5c7fae7da8658bdb40560dac6495e46a691e97c047e66046b55e8cf9b02d31d3caeebe3a9f8aeed756d6b0da1ac5d4ba2c5e7b54add22f681ab1d5a2ac1463e8447e08592e0c2f32605bd02f2f03c925a2159e5bdd880323f4ce18a826a00962ce418dbbd5c276e3ff30f1cbaa4795d1ce5":"":104:"e2afbb95a4944353ed21851f10":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7f5ea90f99fc76594f0f06448321bd4bb5e494a5e351e41b":"":"002a5da3c543ca56dd7e5b013b094f70":"b8150b50e36de85158a96d2096678f31f179c8765ae6ba5723ca655e890528eae96d438f9d9365575dadea3cebb4d7df3a9d5323f93696c40781a6661dd4849531e672f5cee7cdfc529416c9c3faa889d0f66ee4049c949c3c8459680f490bbb0a25e50af54de57d9e3241e0dff72604af55827b9c4d61b7d1a89f551cea2956":"":104:"db9fd90a0be35a29f805989410":0 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"da287d34379d56f542edb02ea673bac097150f87648a57b9":"":"6696034b1b362927b89ae1b7ab5297d7":"45818b7b69b05a121fe5c573c9903cb11477873b24a544ba919baec78d1565f4ad0766da58bfabfaa17ac3c628238a4d38b5c0b14b52e397bcac991408dd7b322ff614bd697ce2b5b94ca155a4442ddd9e502c4a5f81210c32dff33481f4211897db38f619b308f3708d554bdb6c7b8a4d2a80ccdfd5f70501c83502a312ca8a":"":104:"8e65d86edc071446454a1bef34":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1782ac334cbffc92769a170c3cd43915f735b4423ebb4dc3":"":"736f2f24cd04e26d38e69c55b38cca7a":"5827d391efec2f8f102e5f053ac496e2910248a0eb72e8a0b3bf377c6349df02ab0410a3d28bc27abc7cbe582a03000db57843565e4fb06c4078de75c3f1a21130d55befb7ecb919ad789a4de2816c3a42d4e9b32e38d980c06045987d03739cbe7710d839c42f04f5088072c1a1044c3b89809b780e74e54ec135fbe4129ee0":"":96:"c6dc3c4ae52f3948503d84a4":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"20529c374f21c97b0a8f96f7bd5bdeb3fcd2b12db30b3ee4":"":"e6e45b7c28f7fbcae658acb533614e48":"b41290031906709ec8048f450a940eff0422a6ebc7b44666c05f17aec9debc1bfecce62d896d5df4618517fb57ce7b04ef1579ebb2636da0eead063bc74ec184b0a69ca3eba675fc7107bb52a49f93783608677565205ada7bf5a731441e44cede781120a026cc93cfe06a06fb3104a521c6987f1070823e5a880cbb3a8ecc88":"":96:"e9ec5ad57892ce18babfde73":0 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5634789b29e373760ecb9952f4b94ca76f40dda57ba363dd":"":"7cd1d2d6beef44a6d6155181dfca3dc6":"0130a67935e2df082a95d0bc6dab17093fb08746a809cc82da7893c97c5efc0065388bb85c9c2986a481cc4bbdeb6e0f62d6cd22b7785a1662c70ca92a796341e90a538fe6e072976d41f2f59787d5a23c24d95a4ca73ce92a1048f0b1c79e454fb446d16587737f7cc335124b0a8fb32205e66b93bc135ad310b35eea0f670e":"":96:"4006685e2d317a1c74ef5024":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f0072110572321ad9804efb5bcbc2ae7b271b1cbb0f4897b":"":"604ed8056666b17fd27b111afd419375":"97f68c00513b2247bc88a331a3ffa1208038736d6761b3b080884a8dd46e0596f2c00c1a93bceeeee814210e57d7f1cbdb4e0c2ea6a0834baf716945af9aa98e2826ae0eb5717b241ede2b9e873f94c1db9eb5e1b25f75827c25849a2c7b92098b54845ed81f52871a2b0d12d317846cec34defaaafc3bd3cc53a6ab812bd250":"":64:"64881eaf78aeaa7d":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e91e8c2d6928bbaf870e141ee34d3a56d00dacc8c7e50514":"":"6f3d661a3e321844d1fc12d5ec2becf6":"fc8e5b45ad1647f9dbdbb6b437abecf0a8ac66065d0e250aa2ae75525455ee13adce8c59d643b96de9002d780db64f1eb9d823c6b9a4238171db26bf5d05153d1e3c839b93495084363b845fed75671ace0c009800454596674217b19832751252f051f3995776a89209c1636b4f4b28a364bccdedb78ad36876745c1a438406":"":64:"1f4f495adfed6c1e":0 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"138ff9c8c556ffe7637f7602cae428d7e20dff882d44ddc3":"":"38d7005fadee55b5a0434d924d971491":"3facceb047e486998c945839ee5eddd67054bbb28308365b2909dabaed29fd5b7b34644043fa443165e07b20214710cd652fecd816d9273c700d6828d216db8f3ceaa9eed0e251585f4ee5ba4beb3c0582b8128a3ecc01f4b29cab099ba2a8931e56120802fdf6004a6c02e6dd00257a83adc95b3acb270e8000fd2126b8eb83":"":64:"fa8aed1987868388":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1187a34ccb75fc06dafeca0235186c64ba929adac6cf6e49":"":"9dd515d3481f21efbe43198f623b34f7":"8a1b00ea5d1f4e451cea71b3d2fc9bb03b9790a8ae8ae262b3e97ebf34911f9d865c8810b9fe779fff701c72f3639654e60898d1f57eb93381749f0e2cecb4ee342f5f34473215d5c46818338ff688637217fdfa8b7ee552db01973fdb6084c3c20b530863eeb1ce798046890994f5625df2a56042d62742097cc10d512a543a":"":32:"83f45529":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4c1052610d05fb77543b6b517eb64b487ed902f9969a420f":"":"90f4c93301371158271a8f46df1c86c9":"83d009a1238f8aa40e36cbddf08a5f3d96403a03f7d079359cd6d3d0c719bf79c908654882919dbc6c27db34007b6732cb344a0f4babd26b1209ce6b134a8d2318f9a38af034b265562097b63794d7efee306e97c6ac0a991b3764ecd936c87000fa58e6689e302f12c2851b1ffc950dad7a553c8c67e01a2270e1e5e9caf30a":"":32:"30b3fd85":0 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3dc62e54957bdd1968be71b7d205fedaa291349d69f2854f":"":"b8bce0f9263688ca41c4cefb26e79453":"22b6d92d8908bbdbcd0ff35299eddaf0cfb039befa2d2d83c896f373b92091d145f1771c58d60f94d3548d0cbbeabeb796d7632b5da3c66ef75cb41a35e7d1b032ccfbddbb9423e0ee054bd56b6288bdf1b616492c85393e4134ff9c066b23f3f626eac63a5fe191ce61810379c698de62922d3bdbe30697a3e3e78190756c3d":"":32:"67887aeb":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f170a6a761090355592968d67fb3514b8bfdb41cbf121341":"a050f858c87d56dfcba3ac1ccf5ba60628b3ab1b89845682a95b7f291c80f6eb1cbced4fa21e3584e21528746231e7311ec319a0fcecc329e1a7aaed0a8548e613e51db78c86c8d0cefa15e30b745b952809f87d8a4a7bbefc76a8eb824827d4334201bda7743dc497ef5fffa2812e67f2a04e5c10bf464179c6178db932ecd3":"e02ef73aee414041b137dd3cae8f2765":"":"c08c9bccf298c8a352cd72e9174f57dc9bf64d65191a9e97b43ce70afacfe76feb5b2695d72ea4635fa94144de02a54333a77c7d4adcde17c166b303f1d664e6edb081a85433a7496f91ce640f113935cdd4e7ad14c95247506ddc6620913b5c67422f599ca00b95d62a9371e44c5af5295bf96743d0f1228c96e95af3b4d366":128:"d64d9ac91548dc1bad618509633e0c25":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ce5a40618b8bb2d9fc1d87a3333a9cd4945cfa838c8e0c6":"4ad4d103da3fb2ef8adcd1e0e823f4a857f1d6fa6273bb66574033c18ba2f760951ee0fdbe06c5cd3a0a30bd11142450f2d7e71af2fa7b9556b663fc30766508aa24e1fb2219f30ec23a6cd48b58944541d1f3e3fbf596e2ef263bddf789e7a666a68638081f0ec1a6cb3cb7feb0fddbe323b307675324ebceb25cba6d9002d4":"0c4b6c940d091efee98bf27fad79b04e":"":"ad611dd6ebaeb5a634d4bfba9f965948ea79d16294b976b7c8bb57240c5d13e10a9fe7a5b5d39143000b4f24fc331cc4988685c8d6401593a420c12e6cbd7cded06504d6a1034f70153f7b5019084a66ce818761841cab52d5bcb2a579a4acd9df50caf582bc6da2b94d4b3b78922850993ccec560795417016e55cfab651473":128:"317596eefdc011081f1dda6dae748a53":0 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f71d789a63213bbe17aa14f2956e9da2496a1efd1a63f6a5":"f5bf20dc6a11ce5142ff34d6c4771dbee4e74790c4ccd3cb5af408a5c7bd706bac550d7ed56805f550efc7648ab501fbbc63a1070402626c5788f076ae40e6bef2b9aab9a4bd8550fe38f7cdb0fcca2657ca26f1f729074326f45ae932182905d849b1534d3effe20dbfc3fc26dc6453d6544d481e58891405dbf876d0f254e8":"17327996f18c7096fc5b8e375ed86f47":"":"fed961a497502b2e49043ff29b9426a1e864a7fe0a88281a1572fbe62203f071710ea1d77873906369b195919a7bd5b44cbabab6eee23c3692cb8b9e4db7ee595b8d4b063d209b11d64150c45545b7eda984144e1d336a3bd3f187834bbc6950b3e7cd84895a3a5e27f8394a9aa9b657fba77181c9040b741c12fc40e849ba4b":128:"9dba8faf9d12905970ba0e29bc7e9dc4":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"83182ba753ac16554e873281599113b7620bdb042704bce8":"6915d46189fcb0f9ab9b838da2124ce06398d638fec9c1c53f07a43fa0ea09feb2bf868fd1dd521f301f9f38e2e76716038f34cc0d18ab9bf27ac282dc349002427ca774e211027baacb9f6bfad6fd7885a665e508f654bb018f0323215153cd3a5b3e7b83482c08cf07ee5ef91d64a671b3ef22801ff21cfae95d6843ccdc16":"805c6b736d62f69a4c2cd4aa3745a615":"":"76dcefca6305ded697be4488513cc3fd3d9f08f06a7c1a9133b9b3fb0f44badf5c7544881b5babcb873cab912cc8a00337fc36100e6a5ad998eac5d8568795b41166377c5114757044b9b73206d19fc34b6378a06d55b5d5e9498c7693e818dd962af9b9da2345f4ebf152f33fe85f3398a65ad7dec823a1b1155c38cf67df84":120:"746c9972aa8481253d0d54db77398a":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b176e7a68da4c74aeb91760448c0257b1e17101299e1405c":"691c436811f82e747468571f80fa8502ef5f25936fca58a8fb6b619a7a95f4938da558a3b26a2f09c8fc1f5bd347c7724d9fa377d0a52094bfaac88f3fa9b3dacc2f56d880e825809533da5980a63e01d6199fbea07f3d070e29c5d50e1013224f0ea86e7c008e3a2e63df394ef6ad93ea97d73fd4429feee495b144ef3a0d6c":"42e2e70b0096ebd489bfcf4d6ac0f2a4":"":"81f9c34c5b0668fd58ec8822c6ba75bd7eb0d1741260fad6ad5e637903aa29d5f5facaccb4b885f62e10b7371f9b6b43e3aeb69bc5093bcccd49f3ee744e49f87cd2a2c36c808c47e4687194cbfd4faec4da66b99e3d4ced9cb8ac6ffb94d7fef3ae2b92b9f613f2bda3ca6c8efa9c6df8bec998e455f6eb48519e8f8ce4e526":120:"26d0921dbb7987ef4eb428c04a583d":0 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8bab5bf1cd8f259129ce358cc56ace2bbbbaefa79727f66e":"57385955b9909a0856bf54ad25d00779cd7d3dea78e1ae8965c4b7a568934d15ba1a7b2ab899f69fb1b864bd4d529319b51bf85a9b63de9cd51997ee4b2f015307cc42be9257e1b0a84e1c9e55a370476bff0a5325b21850f5b686a3bd4f1599f36d0772c406047b8ef29245c42ade862cb9d25b1e108db4f33a42dccf45c985":"ca5beea7dac2d9d24d548463977d5956":"":"67deff1accc4f279ec2eb4c2a515c17886371bc4847bdaff4aa70e170775b64855a6fb0d347baf39bb53d7239b7a63ce451effc69e8d8c3e544b77c75170a68cbc45dc96ad238aabeb5ebec159f38089b08dfbbe94e1d3934a95bd70f0b799fd84a8f563d629a5bfbb4eb3d4886b04e7dba5137d9255268dac36cbb5b5c8d35a":120:"f212eaad0e2616a02c1ec475c039e0":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bd0e0d0c7907bdb4b4e60510f73d8ab2a30700349206ce22":"e6835a650047033a4940f72029857fae6fff2773f2aa0e4f7cb0a4abe86b6e8cb0c3e468637057f7eb20d1d30723e3c3107d0f579e31a4c3e6fa8133e1b1b51fd21a8aa80ec657c4f674c032bc4a2d3e1389cb877883317c4451ab90692337bd8aa6e9312388a0acddb508fa477cc30eb33a886e8fbced97492c9d3733cf3fc2":"1f183eea676c7ed2ead9a31928f4df5c":"":"9f1a3017d16024dbfea4ba9df5154a6a2c794f00da070043c17f0204f06f637c8fffc760424187dce4fef044faccadefa1b1bd818522915e389d307caa481af0f1f767c38216fa048f621d46880afca5c8fc582853dec95d19d19cc943e9a1861597c99041c59e8bf8e7245f9e30b1f6607843a978d0ae7a4e0f716dabc9d9f6":112:"4ceea20bf9616eb73cac15fe7e2f":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d59c476dcef60a45be253d5cfbb24742de9e3879bdfe6949":"144696d85126c682f8446fcc2724fabe4b8840d46f3de6ae2ceacb2f06a1a80fed430e3a0242f4f7c308611c802c8b8e9c992b78a5cf401fe7a4671bf081f97520919f02b66e8bffd4fe3f4a69cf3d16667e7724890cc4b66c6ae487d2d987bfacec424fdc9865af4474b04cce03fffc828b2df66d99087e63f35eca52abe864":"9bca808f02295477f2aa7f6ac1a7bfe5":"":"9d23989edd8dd9911a3f5a80de051ec7812c6ce018e683751380ff990a079f3502ec0fabfcdacf6c1fb2503094124c39ec531b5d29ee8e4e46c324fc10dbe0f31e9aa56522bcc7085ccf768425227cbab6db4127671a4cab7bc65dc1d3d9d81469493329e29a9a1cb7e5e088e84eb243493cdf1a49b16fc8d4ea2f142aa9ad23":112:"d8b20d72d95a44dfb899bc6aea25":0 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2f1594e840375405a682dbc1836344be8c6b3f3199ee7fd6":"9bc6b715c65347a383f77000b3efb33b16019d01605159e09c116ded52d20721bcdde3796b6f4dc33cb29ce1c48438e95d4db6102465440cecaa50ca33ebce470d8986663652e069079f9d92ff167b3f7ae568218fc62ff5a7be50b3b987dab4fc7979e5967bb0574de4bc51e774ba05f9780a49ac7b3ea46fdf35804e740812":"7f1f4a80210bcc243877fccd3e7cd42e":"":"773d6901ea64d6840ded9a05a7351c0c74737ad27e7c3dbd38dedcdede94722ae67e88851ee471aefc1f80b29a7312fa2a6f178ef2c9dde729717977e85783e2e49a1fa2e847d830fac181e95fe30077b338b9ac5d2cfa22ff9348a0771054322bc717343b9a686dafda02d6354cf9b53c932da1712b9bb352b2380de3208530":112:"fc3e0ca7de8fb79eb6851b7bca16":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"88a6d441c1b7472aecf92c294f56f3c1da1702d174eff431":"eecc12fbd00c636a7ff897c244593239d2dbca9d1f370660c9bf9759cc41dc6e95075516f8d7fc06fa91ff68701777725171c2dc0767a1953fac13008d77065cce8ee329283d3f64adb8a298aa100c42e75d62e47fbf5134a21b826fcc89ebb18707c0f4d54f6e93220484706a23a737341c601b56f6a28cc8659da56b6b51b1":"058a37eaee052daf7d1cd0e618f69a6c":"":"0f5e889deff370810ed2911f349481dfb34e8a9623abd657a9a2dc14df43dc8917451ddeee5f967af832296b148d6a5d267be4443e54cef2e21c06da74f9a614cf29ead3ca4f267068716a9fd208aefa6a9f4a8a40deee8c9fa7da76a70fcb4e6db8abc566ccdf97688aaad1a889ac505792b5ede95c57422dfec785c5e471b0":104:"5fa75148886e255a4833850d7f":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"abb4c4f8d3c44f07d5a57acba6ccf7852030daa84d09e13a":"24d82903e5074beb9a769f24a99b18c7b53c160a3c3ae4065335bec1c4170aa4c656bd7c87a8a13c0ffc6653c045445bf8a135d25a13b2d44a32c219adc6ea2695fb9e8c65f3c454dc0e2772f4a4ce51ff62ad34064b31b0f664f635de0c46530c966b54e8a081042309afb8cf1f337625fa27c0cc9e628c4ae402cbf57b813a":"c9489a51152eec2f8f1699f733dc98f5":"":"3e5528ab16aed5be8d016fe07f2ff7ac4d393439c4fe0d55437a68967d685815e359fdb8f77d68241940ce7b1947c5a98f515216254ac29977cc2a591fc8e580241442d08facbdbee9a9ff7cfbde7004346772b4607dafb91c8f66f712abee557d3da675bb3130e978a1e692fa75236676b9205341ead5277cc306f05e4eaea0":104:"fecca951ba45f5a7829be8421e":0 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cbce5e6d0fdcd3ab08ccd86115149b5569584dfadf40256d":"3974339a1b90b19fd3857d812a0e59dcf43f9b0f360839940b99834ddedead79785396ab8fd0fc0e523c06f0555371fd5bc857a95c3ead26536e6deb1faabdc776ac7cfec4b60d9c24b0856ecf381efd98f941d5b2a38108922d9cf1113d1e484354b55f9c0f09d95a77fd30ec9cc04d19199931e187c56fd231f96fce5e1eb4":"ae3a25be73876b6e9dc88573d617653a":"":"4f57be0de00ca2c7c52c54b931c235fecb4ee1e5a30e29bf68f57248bafad87e484cc68465d9f64bbf502cefd2c84e5596c3c8e58a9fb51a8c8b132579a94bc32e92f7c7247dc5f69fda98727c423de5430f01b37d77e3ae6bcd06eaf5625e5c7c9c228b9dca5aad8f571369fe0964731bf1f143f2f709c7ed51641ecfc88ebc":104:"33375e21fd8df9f0196198b4b1":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"96779eaa8699469e2a3bfae8a03fd4bff7abc62d427ff985":"a343fd32fc513e0e9772acbf99feafe9de4b54e404807999b02e921e0914b2d64d0d402ef06f31e1db852899fb6db231ad4465af015b0c16407fa3666ef5c2a6d52d5b4f60b0f7fbcb13574b2aa5183393f3a91b455a85b3ed99d619bc9c5c2dbcc4f0a61a7b03e5ab98a99cee086be408ce394203f02d6d23a1e75df44a4a20":"cd7dca2969872581d51b24af40f22c6f":"":"74422abbde6e4ab674025735874d95d9fe3015620a8f748dbed63ef0e2271063b6c0d65e00d41bcf4ea86ac8b922b4d475f904c0724f0adebc2eef4a3abd0f9efd75408cc054cbd400436e0545e09e6b0bc83a9c7d1c1717589d180c7b1d4fe4ca18bde4d9b6bc98481b7971c7eb81c391ac4dd79cdefeabb5bbc210d914d30c":96:"b0e425435fd2c8a911808ba5":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"39bfb4cf533d71c02932e1cd7b800dca9ce9bca843886962":"de76f63ecf9c8d4643599f4dc3f9ed837924915ce4216759013cdb46daa0a508e06bcdb77437b0a58c40a0bd30a05ca41433218c6869f1ecd26318aff27999a2ebbb651de8e03061b8ffe3e14060720eb35a8e4dfd8c870aa4562291e3758cc1ea6c4b0fafcf210e10b31f8521bb0f6b29e8450b0cd6f8c8196ca2f7acb807a3":"d2b937bb5d2ea7d54d2b96826433f297":"":"0b0b4c92f06b17103ed581fb32d46e874fea2a2171d32aac331daa4d6c863f844fbbad72e455cd5a3ef941d8cf667fed5855da6df0ccd0c61d99b2e40a0d697368138be510a2bf2e08a7648850d2410e4a179a6d0193e49a135524092ab1f842ed4057611daaeb93e7aa46e5618b354a1091a9e77fb92a8c3c0e8e017f72deb3":96:"a188107e506c91484e632229":0 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"41b7d80ae487ac35aa498e5939a0f27baeedf48a494c8e91":"c26d4b918a0c967141fb5712a28698d16640d200b2934187b81ec58486b706ea1caaeb654e5fbbc0d078215aceed7d66939e0fb54d6131d8948cf58ec9571646ca75a051c2b5c98fe16f7733d42e5897b0263272015042f3134143ea3b08bc65292d8d31f30f2ed9830ccbfca2d33d290c28f4dad07c7137a4ca05f432a457c2":"626e1d936b38cf9c4c3a44ee669936ed":"":"8998e799985890d0f7e8b0fc12a8a9c63171e456ef5cb211f836a2dc7c9e3f4d1cd6280f9b0c469b703c55876b57cd1d8cef70dc745e3af8438d878cb2fe9fb1c5b2d9a2d90edf3bc5702ef3630d316574c07b5629f0db1510460af8e537dcf28d9c5b5cec6996eaa3dcde3354e39f60d5d896d8bb92718a758adb5cb9cc17d5":96:"69901cbafe637de5963e7331":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2ecce8fb50a28a085af744b44bc0ea59d6bc2c8ff1f2ff8e":"54300bfd55b227b4758cf64d8a3f56cb49b436adb4b927afa8c4b70d2584a6cba425af4fbc3840dd6f2e313f793cbc7aca8219f171c809cf1eb9b4ae8a9d0cf1a7aa203d38d67cf7719ce2248d751e8605548118e5bb9ce364349944a2205e1b77137270b83555d5d804edba2f74400f26d2d0d28eb29d7beb91e80ad66b60be":"b7e43d859697efe6681e8d0c66096d50":"":"45dac078c05e6a2c480543d406c23f3dda63f2b616007d08fbfb075a90eefab8dfbc26d334266f5d72fbc52800cf457f2bbc8062a895f75e86df7b8d87112386c9bad85573431ccfcef6a5e96d717fc37b08673bf4a5eecedf1a8215a8538e1ddb11d31a24cb1497c7b5ba380576acb9d641d71412a675f29d7abd750d84dfd1":64:"2dfe162c577dc410":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6773e627f6c49a1687a3a75d2ee6754ebfc2628bdfceba28":"eb0a64ad510968c68a816550d9fe2eccab3bd8409ab5a685a8638f81b4b50a9a96318bff4e86f7f6e9076960be8eef60e72cee4ea81f3ba269d8ab4c9581a54638421520a6411a83e9dc83b6981a9dcdd9e4a367d57f156d131cf385c01a736b327218e6b6468d317ff78a01f1588c359a3a9b188bbe5d3ffad6b57483a976d0":"ad85becb03a05caa4533b88940ca141a":"":"959658fdff5fd802fca5c5a79d59536ba8ef1359ac7bfff81264c7827bd31b8f02ecb54f309b442a54a5a57c588ace4b49463f030b325880e7e334b43ab6a2fce469907055e548caffa2fe4679edbe291377c16c7096a48aef5659ad37702aed774188cb4426c3b727878755d683ed8c163a98a05f069a0a3c22085600759170":64:"4c0f4621b04b5667":0 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1c086f7404c14160f33d6efde231eda610f92fa55ac147b4":"fc8e5cd81755e489de7e3ddd2b587149ee013bffa2ce198c514641b0e1659261edd60bdbfd873e30e399869748bfe56ba543ceb9bf5fd0e7ba2b4dc175c52f28a8a02b4816f2056648e90faf654368c64f54fd50b41ea7ca199d766728980e2ebd11246c28cfc9a0a1e11cf0df7765819af23c70f920c3efb5e2663949aaa301":"71f154f1dc19bae34b58f3d160bb432a":"":"6d60da2fd060d2aec35faf989d8df33f2413ba14842b0406e38a6a847e191eac9f4570cea647c3988faaa5505ea20f99132df2a8799cf0543e204962da1fd4f60523d7149e0dee77c16590d7e114ac5d8f88fa371dcdd254eccaa8316ee922ba23a0a07b289739413ddffc2c709c391afee9289252ddf3ddb62a4532a5515e35":64:"f47bae6488f038fe":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"bae1b3eef91ba79032117c60fb847d46f18175565d0ed10c":"9b71eeccdc91cb5f7a567a9189774f4c30d96477b88ac553df66b78a56e5c9e0986a17d80c811116d31985acfbf9d7a9bed291aa2fb6329457a836b3f8f11c16416f0a3b86dd9c717c8a050c6ceb5c27d8e2ee0dbe63f3e1e4f0aff4809e1f6f6ed64d31d494b7399cfa0dd9446321bd4256a49d0793a10a670e3f086408428e":"cec8b66a657e4bdf693f48ac52e60770":"":"015a318acb6198189ce908ab1af28578a37a48beeed772c6ed4dceb0a3bcb092df85f653234c56a25c075c8e028d4a8d90d974fb0477834ae2de8d5df53d0d03a979450b6e7a66fdc9b11f879ea9072699837f2de7192156f8e5d9411fd83d97d31fe63ece4e4326ff50a24fc75004a5ba2bd4845b29e0794696943dff1e5d6e":32:"9cf6f90a":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7c1582240ad301f831902c66334546dd681c12308add0870":"d4b716b49858a23aad478581cbb6dfd015ae550d76497229b5b1776e83f2ded8542675c63ca6a007a204b497ed2ef71ca125d91f386be9b4213cd352a797a5d78a1373f00916bb993de14e1a0af67524acfcc9fd71daa32e5def9a3f2dab5b3bba4d2f9f2cfc5f52768b41157fe79d95229d0611944e8308ec76425a966b21ec":"b6f4f3959914df413b849d559dd43055":"":"79964f8775c78009bca1b218c03056b659e5382e25e43759c8adfa78aec48d70b32ffd56b230fc1ce8c21636a80a8c150e5dbb2bd3f51607d97ed097617963dc6e7653126fe40cb36a7f71051d77e4f3b768a85ee707c45d33cc67473f94c31da3e8b4c21859002331b5f7350e3e8f9806209255ceac7089176e9d6b70abd484":32:"79e5a00b":0 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fd55a356943824d20630b1539627ad1a9dcd8ee2cb4dbf49":"b8d8d6dd0631f9183ca858033a31dd583d3ee3b9510fcc69d8cd412016bf854b9edcf65c2831e63d72f4cb61a99f6f4e6dab0c2ce9c5a8cdbc179ae93aaca2c8a5b848a15309be9b34e5226aa9a5908f543fdda983fec02e4073edcc3985da5222b53f8c84b9c54c78dd8b2712b59209463595c7552e28f2a45f51cb882c0354":"aa89a122c68e997d0326984fa5bef805":"":"107a9ed561e6c45c375d31dea321c7b4a4b7641024d2c9eef6a103a750ba15e1acacbcae121510b4f56f19d29e6fb3e6fc06950b1daa521528f42284130a40e5a6c1b58b3b28003673511abcf59a4b9df1548a00f769d8681978b632f75e5da2cf21b499a24fbdd4f7efe053d4a1b20b240856d3ae27948e35098aa617def5bd":32:"7f9c886a":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4cddc8f525640fc0a0875c65b788ea75c673f84f4aacaed4":"55e3ccb855c1fd6d33e28d308485fd85abbd8ade1299936996851d44dde063ddc37962f9f67e95df02eaf3d877516240771c469be2abf2ef6c8dcbb79eb1976f825b109f752079957a7c981faa2fcea599cc52e262b84f4c2031821619f0be6fa3c38d660e9eb3e0d5de2da6b83de9866eb3efbc6a2dff27e52587c6f79e1c26":"1b883a89413f62dd6d507cd70c048855":"eeaf21bc317660b0e2afb9cd5bd450ff0bfa6cfa7e49edad600f71b971347e93b9712a6e895540c665a1d8338f61b51da9e0a4a9122409824287ba4bc06bdbba10290a40b31b5eae9dfeb6471f4a0a0c15c52a2c677c4d472630d4078ecf36dc6008faa0235a688ebbe2662e46a49b1dd58cbee82f285f3cdebda1dc54673195":"18d11513661296035f6f42d264e0b4cc7ec47f43b758c6dac95e5e3b3834362eb64447d923e107a60cd66ac359cf3a203f9070eab9fe61ae64a86606c9b50a97a19e12f731de28719fe178c9713edbb4525b221f656a340c867405c41bed3bbcb9c6da5cc6a4d37acd7a55f251a50fa15ea8f9b8955606eaa645c759ef2481e8":128:"dec3edc19fd39f29e67c9e78211c71ce":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3b8c31830b1139a60425f6a34387f5ca2be6f5a5074adf13":"95f4ea90729de0f0b890fdf697948053f656bddf57e3d461e7ee1770161904bb2cbc8c2f801481bb54145af760e91c8b30cb22faa87efcc6f01e3f798af0bd460475754726514d53f419af2f2c373c76f05bf57d3fc1b763f72ba0fd2682d9d1d76f6ce8d55b56fc7ba883fad94f59d502244804bb87bd06f1217a4a6c5055b5":"ab5bf317ad1d6bec9cac8bc520a37b1d":"5a47d7474be6c48fa4bdbb090f4b6da494f153a4c9c8561cae4fe883000b81769b46cd65f4ce34abc3e5c6880a21d12c186974b0c933a16ba33d511e79b5f994c38e383b93eea1259d38f9fb955480792206461dd29d6d3b8ff239ea6788c8e09c15be99f094d2d5980c6c1a8efe0f97f58f7725a972111daeb87d862a90a7d0":"1d0211d7d7bc891e4fba1ba7d47ac5a4f3b7ba49df69fcfde64bf8689b0eab379d2f5567fcff691836601b96c0a3b0ec14c03bc00e9682ef0043071507988cf1453603d2aa3dc9fa490cdb0dd263b12733adb4d68a098e1ccd27c92fe1bb82fa4a94f8a1cc045a975ac368e3224ba8f57800455cc4047901bba6bf67d6e41f94":128:"23681228c722295c480397fc04c848a1":0 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9c2386b948f59ce651888451021772287f14a92d807d88a8":"44f00c8a7c84e8207ec15a7be0b79c88fa347e2c3d5e8d07234536d86513bc39bebfff02efb9ff27280eb37f7e8a60a426538bc1e3830bca0e76faa33b30719fab51578d15df77893bce8740f50c491b8b9f1739a695c78406b5ee4d56f80d8d564b586b0f22ffa86eca46a9d8134a9507c5b9ad82757ec51b18741abc61f23b":"7a1f7d0be4c7f8869432cb8b13527670":"f76ea9d6e976616689709700a9638204e616f4c1c3a54a27fb0dc852990d81dfd6787aa5a83b9be5087d3f7dfcd522044911fa4186511de1957b80338025c6c4aa72058aa3160047cf42166aa0089e2ec1ac8ea6d9f5f2c057f9f838a72319dbd7bb4948da3bc87fc2036a0e7b5e8cee7f045463152ff80a1711ef1096e75463":"666c4d6d3f1bec49ba936eea90d864e8ecbe0ccc7b23872a4ad7596afaec628a8165a70397289a10c67d62942e1c158f1489a9de44443ac4181e74ebf2562995c9182b57bc960f4b5d3e33fb7cf7a0c32a59c716de23639de9bc430712524d74a087647e27ff1af87a2aa0cf0b58978ad8ed616b566225d3aef2ef460be7393d":128:"53d926af7bbf7fba9798f895d182b09e":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5852b4bbfa623e5e2f83b888f5eb6cbe06b57299e29a518c":"8cc85e520b45a85c69cd80072642ef1500b1e0a409c435d685544a6b96d3224cc40e5fe8a21c4959b2891d4a53bbff03db9939c655e6e92222c6b44c95204827bd800c74666db64907894bc4e3043fab318aa55a011ab9397592ced73f07a06282c22d9a57dd7a37eadb02f59b879b030d0a5005226c461281ce3061bf26de56":"b96f4bda25857c28fdfa42bfe598f11a":"0bfdc1b16eeae85d550a97a20211216a66b496c8c19030a263f896958e4d1decc310b955523e314647edcbe3f69970cda8e07f8b81f9074434fd86b8ec5b3fa8b155377ad28050b50523d3d185e5869bc9651d97c56ec6b8047c20d671f6dc657f4cdf73fd7d3caf4b872f3fb6376eda11b80d99cf0e85c4957607a767642da6":"b148312074ecfc8f118e3800dbd17226d55fc2c91bcbceeae2a7ca3b376f6d568dd7fcb5c0d09ce424868f1544097a0f966d354455e129096ec803a9435bbbf8f16432d30991384b88d14bcad1191b82273157d646f7a98507dc0c95c33d22e0b721c046f1c13545f4ed2df631fd2b8fc4940e10e3e66c0a4af089941a8ad94a":120:"e3f548e24a189dbbfd6ae6b9ee44c2":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2bd897e969ccee405ba9becf24787a1e1be17a571442c6da":"50b8ade5e6547c350c3f43a35a3cb641459c5ef902afc706ce2fb980b275fda62e8974d1577ef65ce9fd854d88caa10295d1045ed7563e9391d60700b5d2a4a7ba5f3de7a7d1541780b95a08eb3f0996d96aac7ee838b67ee869447617684c08566647a4991e31829907ebe4b32cfa46c0433a64f864b8b9316cb0ec2578ccee":"fef6a08d92b5b9bdae4c368fcd0cf9e8":"fb3144ec6d93704d625aa9e95be96351c6e25bccf1eaaaf9a1d405e679efe0f2da07510ab07533295a52cdc1f5a15ef5bec9e72b199625730e1baf5c1482f362f485d74233fbf764d0b6363075cebd676920a0b315d680e899733d6da05d78765db159c4f942a31d115d53f1d89cd948bc99c03adad1eee8adcef7543f9dea39":"e65ed5b6d0f51f8876f483f3d8ab8fed78ab6c2e1cf50693c8511e1cc9823e1030740ac33f05a5aa0d88205bb3071a087655f28eee7d0a07945d25e3dc00221a1dade4170cab9084c47b82376d5d439bed99150811843b176543f7944b1dd9684fa9a52117c2335dda750d9de0d9b3ef718123b6534cb012080f6ef8eda8d4d6":120:"468546d4199b9d923a607a78fa4b40":0 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"12141d5834b8ca48b57e0892b6027c997669dac12fe60411":"cf475b50672fd8cc4ba84d17ab1b733fee2073a584d5427155f144ddd945d4901d5a9d76e3d6ae55ab3f9514861c83bca7d53868f35bdc8606a167ac83591be30ddb954ee173ee172e8d7742a71c0fee04ccd16fb5d54a45820640405209e20f8494f08d791a2a15f5cb848df689296a04e4b01e2c19bd8d9ca8b4525853549a":"b6dcb39939a31df176dcec87eb8db90f":"daf4e0cd0b29343defb65562594b2b6fd3f005e6255500330f77a0550c1cfbade5f5973e836ce7046bc2b2ab8bb7983830ce6ce148d0998116183d1aed320d28adef9ffab48e0f6d6451c98eb83fafc75fb054991d123965dbddcf74a2c01c746bbbc8276b77f6732cf364d8a4a5dbf5aedbbe16793e8c406ba609c90f0e7669":"4c2d979b9c2dc9cbbd6d4ed04094285a44df92e7ebcdee7feccf04c66c45137a7df12110b8af805f5cae9b4a225c3f8dcfd8f401e05c6ce937cbfc5620acdf3a4917c5b857bff76f3d728cf6a82a5b356fb95d144125d53e568b313cef11c11585d310ca0f7f1234090b1b62536885e9e39b969060ad3893e476e88941fe2cdd":120:"99cec94a68d3e2d21e30cb25d03cd2":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"14b9197b7980d95b71ce1a1de6577ce769d6af4cb45f7c8f":"03b37942f12435f1c19dbcff496738207dc92edf1ab6935b564e693da1865da67fb51e8a838559ae1640da441f22ee79787f1e909cf3c32187b41a48fbc595df1c097fb37881b329fd7b30dd1e05d6052fe81edf2e10786acc8aeeb4fac636aac9432c3be3dafb55c76ec85cc13881735609773350b95eedbdb695b2de071a03":"cad0cfa7924e1e5cff90d749cfadf9f8":"283c8a38c7fc9dce071d4ff9ed79002a6862f9718678b435534e43657a94178353b9ec7e5bb877db5e4f62a2ca6bd557562989363c6fdedbd7f0f3eeec5445c41a2a8bc98117a1443ad4d5dd63a07806622cca8ea6f9f6019bd511634db28651b916e2399bbd84b03f8ec696ed5846f30320adef22ae6d164aed09edcfa25027":"83940097301e9867623c107d4447b250bf6db7d06f9e07b8d8bc6b72b079b725ea1f4b5f79bb80c518bc69a2bd73cf3aa7b88162773ac5b27a2dcccecce66e158ec0875937910e0b6f396cc7d7cac5d53b0fddf3cd70b570a647245a5264927be1b2d9c46fbc6a630b21fead46c4f35af1d163268e49a16083590893e6df4671":112:"3e3f677e68208208e5315b681b73":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"80e2eaa70362203b7561b135db581cf32e9cd816464f0b2e":"62cc2db32584a8d90f348be32224bfdcefd1fd25c5cb05c7e74becb4b40ea09d6495f73adc1fd23d148c11849bd825efdf15e144587f785770d2aef2788b748c338373a0ea43882141bc9f7c693a291c512cdcdea6d5defb2efa2324736df7fc4b434d7f4d423fb1b8853ec3fdf2c1c2881610a8d81da5de5e761f814ed38e35":"3d7e99ddea0baa45e2f9f2289d2182a3":"71663fab717ec4d9da34d4851437f4504dbd71b65b0d04eccc513282c351925c23892958b4c9dc023c5a34944ef507e0b40857d8b508ab7104d13c2fbfce2d086d466291aaa449ad36977837216a496ff375959afe4dd50dc2620a062c926b939ffdb144a656bc04bcca8d1d4fa0a9cb0a5d713721accef2d2c9688a77bb42bc":"1c56b492f50fc362c5bf70622f817e1814ae0b69db7e3055fc9e690d2adb940f9a78cfd7e08044671913baec663d9f9af6dede42fe16d200e8421d22066009535704b05b3775ac41359d7c2697e2f4bec40df69b242392eb30e2d8a664d84cf95ec21797f1ccddb72926cfdff22848d14e373f5e6c3dd349196464c98dc38365":112:"e0c1b140cd7bc4ded916aab8780e":0 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b7aa649cb1488a658b4387451bf59852e845ec7d2273c69":"245251595d10d719d8d00610d391735fad377b60d7430c7db488488c1ec25c12ee0dee3aac3d7dc19aa602924a1f27a2cfa8f6354315db93b5e4d2b6e8402c4254921e683ca681dfb3c7f433a97f119e01f2acb20988dced8494e086395351f2af356b11832472cbcb109c13ff92f10a4c8fe69bd264c8933cded19a980bdbd2":"07b50b1aacdadeb03e7488458db03aaf":"2a7970ee97d612b63d2a0c29e5045ddfc6621c237bc270b3147fc0191de199b6923947e3bd3750de5155e1df29caf96ac702f948c38619e218138945595156cc5f1dcfde0d1d6a5aec48ff37c9ff2b2209a904c59593779820ea68ad95898c7ca0d0d81583c44feb0fec30665cc56620a8c9408e4275e60f5284ed7c0e58285d":"6bd53e4415765f387239c6664f837371b39f6d7ff22453211e91de5dd14272784fffb4f6b2c0bb8c6b7d1cafc55133aa0d54d410ae383008fdd87645655062322fbaa06df0a2d7ccf4cc170d1f98ec6a7ad524a3e5b07761f8ae53c9c8297faa5b5621c3854643e0085410daf5bf6c7e1f92bbbfc3691eeff1c5241d2307bbc2":112:"78d37215234f9a32571d0d8b1e51":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"512bbb490d062fe5ecc8e5ad95920a9e9b78bec6a7694dc2":"862f2724ad82a53e0574c0a2a0515bd86c5ed0b5ae92278a78ea1a90c03059d08a91d1a46678aef862b56d0320e970b7f941b784841b4d8a38d056f2bd352d48c0028086a36426bbc1436da9e021dcac705b6e03649b426cebd7a235f6d060ab6302d777fc9316db4a85e8c1387648a8f5ce2398a247413cb9374124449e498d":"2d14fb3e058f97b7c9e9edd1d97cac7e":"290078e63c81abfe99010b8344ff1a03dac095e2473d7a31888102e838768892e8216439dc3355aedd073892f4449d9d4d3ea6c25a9152c329d24cc73eaa0004832691740e60f17581201c8f7f4023d8e55faa3942ad725d21dade4c03c790b5370d4cad3923527c20ca925a2ce534a652ed7e032cb1c7906aebbdc24e6b39a4":"44e78cf3a2ce4a5e498315cb8d5e841f926408921f3665d533caebe0a7fa6c164b3d2c0b21ff3a608a7194e3194fda165ada8d5fc2e924316aa4ce201531b857877c5519f875eb49e5908d8d81b69472d03d08c785ee374c5fe91b16aee173761af7ff244571fd40aadabb360f38d301463e9da8cf8dc44d20848688ab3be47b":104:"6037cb18f8478630bc9d8090e2":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3964ee03ec5e500f2f8c05313b78615420183fe2950be32":"b9424e4a79a08a7937da1da15061c1eb9a873748691ec9c1fc76aaa164bd34873d07437d203c92c0e89c0c5befedfbb17f721f576473253617547206fb2b340945536cd7a049864d099419cf3f7a9154c0ac8d676b0e9ec02947caa4057560af347ddb46002703f3531f27b2197790ba135e3d3c0709c86f4781890deb50f3ba":"d3d4e5fdf6e36ac75b4d51c47ce5b8f9":"6146a97a2a1c709458bef5049088fdf339e4fe29cbdf519c93d525b71c9fb501c4b58bef49d43cc7699b18fc89cee1a4a45834f517214a77fb3b91d741977308e1585c474245802118d0e2c7003057c4a19752a143195ec2a57102cb2a127d2dbefe1168492e072e74c5f6ee102a0c371b1fe2ddfd8ecbc04c6f42befecd7d46":"a2ae334bac969072e754c0e37765ca6253744941a35587bb4feda54233a7a59f037e971d254c67948b16e4c35f306c0984f00465399405ce701ba554419a736cdff5a1b4ae5ab05e625c91651f74aa64c96ab628243d31021ad56f535eae33a885b45730268f900b6df0aff18a433e2823ddb0628a7026b86b3835160e5121b0":104:"817be7dcf7adef064161b6c42d":0 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7a8049f521fe9a00f7bf566369e540a48ab59d83305e2829":"67243a336a10b82a0a8638b35dc147c14ac63b20977922a13de459ae2cfbdb262a79004c3a656dfbc073ec8878595e24998dc44b9435439af117c9635c479676f6edb8f522cf01571be5aa5b5bc7d1cc3264436566f8d3c684973d1e88d46282b53836a1ab5a698560e5bf7629ec12cb141867f684b369546a1d8bf48315b6c7":"e4d81f71e1de8cf4689bfe66a4647f15":"4cf6733482c218af832e99970d0717ac942ebace0fed4ce4dfa1f710b9e131a21cc03dd3ced25b78bccd1991a30bb53b463c1440b6543b19af91e31c18866c2acebb78c2a340b930518e61a63ff8d6a6e8e7960523de40a178614dad4ce5ab253e1090a097f8ec00dfeecb46aa0e8f772f01c4e706de7e824386a13944600542":"cfa8ba247ada9e6b3e5ab7dd0a7108574cc811c2986cad951168559ff697b77684880ec266f0b7d87a2ff559e368a85846becee312bb2991692d928a7c191cfdb7f1468f8b84be4bb592ea640743443bd4941a8b856c57be21eb22fcb3f6c0a80728ddc9dc5fab1c77dfceb91699009054c5a4eb0714a10b74cf0e09fa630299":104:"1dcee251cda10b2ea8f2bfe6a0":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"657567a56e585c84e4033268f08f712aa280015b77cd657f":"96d889651c4f3f5120bee233f6395fa0bbba1f6548b109be568ff96f11d24e34d67beb6c20268feba89240674b0b4552d0a6455d43e8edf943da3d8d785a5221df8ddb3a98d2fc611ac7362aef71f8f004eb455a16d1dcac488ee83d4f11c4a00c29d9990c5a2a97b897d67e51faa40999b1e510ac62fa4859123cdb37d202ae":"94dc757b6bdbfe925b762923cd0a08ed":"a2c54e8da7dca49c73550bd1f5e68449295f062d5dfe5aa4201bdf353a2a1ac9c3c61f2b5482184cef481fa378a1ea990ce203c2c7d76993c62b415ece06b9b7caacec0c4147c0cbf292e528d97c1a176fcb1ca6147cfa4bcce92cbdfe617738a92273282c7a65fcb997bceb867ce01ec74541582d3961dddf3a2af21cad3ce6":"55a5d07a77fc37090c4206f19483aa3cc03815194ded71c2b2806ad9563edfebfcf962806ba829373947e3e93f4f39794514ad7b6dbc626e29fbc35f90f573da33ab6afb5c94383fd0fdd1ee074d650d192f6d08fbd1e24a6966a81a2ffd83fab644ee914952de77e9427262314ac47c11a44bf7d2890f9b9980499bb6a1f692":96:"41c72043f6116ee6f7c11986":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"61159242d48c2ca0c30377ec2ad701135adb62d113c9f9ba":"8ae40603f6cdae4b63ac7b18b4bcbb83c65867c2ae270102efb6f00aa8af5d0400dc95085910a50a16cbcf71f06c3f3eab71345d59c6054aaac02971111c7146add8c072158e0b374d481bb540036a136ccb91523f96f24ea237940ab011ad38f2a3095c0785df91604be1fe7734cc4119b27aa784875d0a251c678900334a0b":"4fda7236bd6ebe0b316feeea31cb5ebc":"ed28e9954634ec2c9e2df493062abf3ea3e199299053a15ce8d6fe051d1076287e4e7c0b2bab0a599b763a29d0aab680626f280c4f5ad94b7792d9af532681f6e4eb2672781f2342304daff902d03b396853eaf585af4d3bf5078d064e9eea6e94e667722f15c004f4cf52253a5c65b75319b07ba539558d8a2b552390a21577":"dba251e35422f60f902f594bb58dce37131e8ae06b5f40ad23c4a70a5e25fe24c76982c9bc11a7f4e3cc62d8c1326170432633eba1634972a9bcd093b08e1c63ece07c4be79cadc888b0408e40c09636e1cf1e5e9a6f2ea44eea5409a2ffe9c3ac9a18ad7aa9041f08eb109c01ed90732a8afe0694319ef98a0269685b4d16b1":96:"b0feebfc8324fd1e9e40f7f0":0 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5b4c37150f8bf0e14e0bfd37ac14e606dd273577007f24b4":"48c6486b2691b86f5f107e8fe0122a821248206d2dd3ce898a2bb3772202ffe97292852bc61513529ad95faf6383b5f6c5a7c16c4cbe33cb02e5e50f32db95ee2962aae1c9c0f5470b3baa216cc19be5ab86b53316beef14397effb8afba5b5159074e26bf5dd3b700f4ea5abd43e93ca18494e1779b8c48fcd51f46664dd262":"664f553a14dcd4dcba42f06e10b186aa":"4386e28ebd16d8276c6e84e1d7a3d9f1283e12cb177478ab46acb256b71df5a2da868134ed72ef43f73e8226df1f34e350b7f936bd43caff84a317b1e5b2e9a2b92ccab1e3e817f93222dd1e2cf870d45a8458e57948a649360c6e2439bbcc682383b50bcd3d8b000592c3ca599e598a03b9953af485f1ecc22501dcacb7110e":"05fdbb5ad403d64011e15d27cd6f5a2247e018e479e58ad3fee1e0e8ddd9e114c0e82f2c947ff9af525ce752f4aea959463899542b85c9b413d065ea175103c3b3c35f56eea52af2c54ec08a1d5b7cd5ee4f59de8be86512b770e42ab176b6b70ccbcd264d6d5cfdd2e52e618dc24251ac339ea38cdc446c778d2db3c7c3e93d":96:"77f32401db21adb775e7f1d0":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"531a380b109098eafd997bd25bfde4868d2a1ca781795e9a":"466237db78d4c770a658b9693420a2e087c978fcc434c9ac82f3e2447b2fa08be32d2ce6da25846555ffe5764234b07b35dd1d1bcb710e8a49f918f2c873681f32765b092a836e9418faba61dc59a254c923159be16f585e526616fedd3acfe2748ce19ee03868ea9836bee2c6acb1b821e231eb2d30d300387c93390d51e3a5":"ad079d0b958f09732aaa2158f6215573":"09e002c2c48beaf1122411e8624522a9e90cc3f2a040c52ffcb91136519277c39fd6a79292b8835e0fbcaef2279218106aaf75036590f8a46f6b6912053a3b391849f7e204f096288d6141d5f80c7f91dd2f2b6ebc1ced6af8216e0a594814b56bd592df800299b29e26ed7461ba3f6f3cf151b9c10ad634a01d9c5e578aa372":"d1f49f94e6fbef7e21abad23e16c06fcdfa75a8c342be67baea8e0e57dbcd2971276e993faa124ac81e6be18f68af303518efd926513cee9dbcc5ef6cf5e9c068a1210e53fdd56776148d51597e359dbaa0570b4fe15476ccc9aa79f7c765755b6f694af4269b9e18fc62a0d47708bca67dcf080e200718c22bac256f641e7a2":64:"01ec395c99a17db6":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fbd7a92120ff973ec69b6a8189c6ea827ca20743a8781518":"1583c1578a8c8d272a970f05d875f199e497c55f03f10f7bc934fee21c30379dad3c580b3f99304a5747b61fd43428506439ede2c57f5229e13da9cb7cd6174cccbb397e98fb90455ccf3ea3b1304f432a070a2eb5205ed863326b3b86d4eb7f54ee2ffcd50ed6ef01b3ee216c53f4f2659a88fb6343396b2ded0b389c6266c5":"57658c71b2c45f6ae2d1b6775a9731cf":"45ca8a168ecca7a42847b779ef152766b902192db621d2770b56c7d592207afaf52d19a6059feb76e96b90628995bd6517af3f114e97af8d602a493b77405e93095fee6761877dc292fab696a4303102dece60951cca20cacb171abdcfd0ef6da6c90b44edba63b9b6087d876b3fff24dea909899ebd0d0371c424f51a9a84b8":"58a290cf0e774293d1b55f5ef8a305f68605c0c81668b8a1ba95fceeaa65229404e18fa54dd811a6af085c98b8854d0f956adc2aaad742cafa9ed53d7cb445451ee7a4dc1e8399ec7e5b4d004ecd22496565bf444b2e3d82ddf6a6d5e6256c5095a699d7ff3f8cf2addec73e21013ee6f3dfc0a3abf316ea5ee1d6943bc394e1":64:"af737ec3512da2b4":0 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"54bfc8379e0a8180b931c5188c95ab3ed3461d6e9004d182":"93327664eb576bbb64e4ff061874346b4e80a779cdeb1fbe630bf5e4307d4f2c5d5ecc94aa8bdea755c1af165fc8925bfcdf128c1ee6571e9f8344b22dfc90ed893316031661a9438b305396f3a80452c9b11924163b7fc4422b00dc58ee0e674710239975a2cf3253bf2601cd155e09547a5f3be1adda84a4b29631a8e13161":"9d15df8de4150f44d342f2031de3611c":"63331936d2972abd44c1c9f62e42bfa932dff8cc75d9f555f5a7847d08558e76f5393e08909760edbef8d2922a7ca8e1c0c505ca627c02af73253791bb35ff080b4db7dddf4c8b304999ff645227cd79f13ac87f9c963b93a79a0e946e5781cdbf1b4b1967a75314f19c7219e3b69dc2c24ba09fbbdf7184278f82818bdd0958":"18ff87dccbc24c396190c7b37c4a77f86e609db7fb2b326802714d0f196b00b84af887f1b3bd30ee0b0b192d0801ac4e59ac40e5c652b3da32aa024da3acf648da0253674c391d260c0674853c7821861059772c9a7f2775a7ef77d1d31a6ec1c51c5f3089bb516f8cf52d5a15724281086abd92a74d255b7cc84b5051be4e5b":64:"bf0f7f8084e79da5":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"21b775ef8c40a5387d6c8eda4e90d0a00c795681a2887dfc":"6346f84301d6d83e1c5bad44fa7e0821f35723713ee8d4a9e2bf15abf953425b09bd77b2360f4e62e82bf9e14e2b56be51d032aa8a96e894f19f3e84630f9eae831b329f7638b09de7210cd29778059ef1d0bc039c1e10405f3ae5e4ca33216adcfc21869d9f825344d62b50bab03f7aa7b92fdb94951a68acd01f1dee75e428":"9763e6187d4b96b1801d1f6efe7e80a5":"3bd523c16a0022b780ae8318a28f001502120bb26e2f65f4fe94019686f9d1df330e70cef1b2ba4b6ce1f7ef37750f47e602843cbc5f13ff2ceadc5091eb3601604b70bd4acad3d61950b9dd2cbfd83a391223c8e09fddd4020c0f8a8a7057139fd92f3bbe034f03cc48afdde064c8b13ea942ec0d621db959ec9d5fa95afe45":"f25408848bc27ab087b3ea053762837a534c3702dd8be01d79f075f61d76ac1d6557d392e1fab475cc7d13a5f6be6f0718bad71c3c85b5996bd3c0159e264930988e3ed506bcc94fabecfb58caaf56e2e4315bb50817cba765636d1faa91147b3880815eeb90d0934180e49132833abfa6279247d9dd4048dff851e9a551ee1c":32:"d1fb9aed":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8a7d8197d9ceebd8e3f6b3bfb74877ccf649ac91d7057af5":"37b01df357561f5aa43b5b4b0081148213f7b74babc80f4b3c6dd78ad17687f11443cd4a57f8d7a74ca3080e2a229f78d8e6db276c1142d5f4ee764eaf09cfd70c596d7a2cad5360c2de20d5e17ec6e06a9b049bb10f8742a30a94270cc6d7709b2f09f3cb8347e41117b7ddb99e4a939f3094c016330a8f170ccccb9d3651fb":"db5144951a9f1721397b7321713a723e":"ad72fa5a05adc40fb38245da019cbf50958ccfe26abf67dfdd49f4c4af6bda8bfc99d557913b2634c5c65d33ca909360adf598b703db1dbcc29481b17ca42fce3315ea1454693b5843e751fafd78158fc040c1cbe607063ba9c0ac02ae4b88989e3cc63adda8427032c70560349e1a8ec847906a9a7b0422a694a1f9eb2b3b72":"6985ec525cfe869e1709751eb6f1ff0aabcb39ae3aa708adc452ce1a8cad8ab4f1739f660b2841566f1f5c9e15e846de7f86ca1dc085188fcaa4a3f839ab2a5f0cfd36e36965ae519fe14f98899ccb07a3ca15ec705e3160df6dbc37ab89c882012eefe51e4da8d6d6b84b3144ca87a90864ff5390abfb92992e44c46807b3c8":32:"c51604f5":0 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"713358e746dd84ab27b8adb3b17ea59cd75fa6cb0c13d1a8":"35b8b655efdf2d09f5ed0233c9eeb0b6f85e513834848cd594dba3c6e64f78e7af4a7a6d53bba7b43764334d6373360ae3b73b1e765978dffa7dbd805fda7825b8e317e8d3f1314aa97f877be815439c5da845028d1686283735aefac79cdb9e02ec3590091cb507089b9174cd9a6111f446feead91f19b80fd222fc6299fd1c":"26ed909f5851961dd57fa950b437e17c":"c9469ad408764cb7d417f800d3d84f03080cee9bbd53f652763accde5fba13a53a12d990094d587345da2cdc99357b9afd63945ca07b760a2c2d4948dbadb1312670ccde87655a6a68edb5982d2fcf733bb4101d38cdb1a4942a5d410f4c45f5ddf00889bc1fe5ec69b40ae8aaee60ee97bea096eeef0ea71736efdb0d8a5ec9":"cc3f9983e1d673ec2c86ae4c1e1b04e30f9f395f67c36838e15ce825b05d37e9cd40041470224da345aa2da5dfb3e0c561dd05ba7984a1332541d58e8f9160e7e8457e717bab203de3161a72b7aedfa53616b16ca77fd28d566fbf7431be559caa1a129b2f29b9c5bbf3eaba594d6650c62907eb28e176f27c3be7a3aa24cef6":32:"5be7611b":0 AES-GCM Bad IV (AES-192,128,0,0,32) #0 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_ENCRYPT:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT AES-GCM Selftest -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_selftest: diff --git a/tests/suites/test_suite_gcm.aes256_de.data b/tests/suites/test_suite_gcm.aes256_de.data index 2777a2708..8361c6008 100644 --- a/tests/suites/test_suite_gcm.aes256_de.data +++ b/tests/suites/test_suite_gcm.aes256_de.data @@ -1,679 +1,679 @@ AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"":"3a0324d63a70400490c92e7604a3ba97":"":128:"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"":"7156358b203a44ef173706fdc81900f8":"":128:"9687fb231c4742a74d6bf78c62b8ac53":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"":"4fe6ace582c4e26ce71ee7f756fb7a88":"":128:"d5bdf8ec2896acafb7022708d74646c7":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"":"404efd26b665c97ea75437892cf676b6":"":120:"e491075851eec28c723159cc1b2c76":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"":"4037eadb11249884b6b38b5525ba2df4":"":120:"360c6ef41cbd9cd4a4e649712d2930":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"":"cebbce06a88852d3bb2978dbe2b5995a":"":120:"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"":"008d040fbd7342464209f330cf56722c":"":112:"c87107585751e666bedae2b1b7e8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"":"947c5f0432723f2d7b560eca90842df1":"":112:"7d331fedcea0fd1e9e6a84385467":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"":"51f639467083377795111d44f7d16592":"":112:"02d31f29e15f60ae3bee1ad7ea65":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"":"aea6f8690f865bca9f77a5ff843d2365":"":104:"7f2280776d6cd6802b3c85083c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":104:"ea01723a22838ed65ceb80b1cf":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"":"ae07f8c7ac82c4f4c086e04a20db12bc":"":104:"1132e4fff06db51ff135ed9ced":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"":"929b006eb30d69b49a7f52392d7d3f11":"":96:"33940d330f7c019a57b74f2d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"":"e34b19381f05693f7606ce043626664d":"":96:"2adc2c45947bfa7faa5c464a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"":"a56f27709e670b85e5917d5c1d5b0cc2":"":96:"177b9a5e6d9731419dd33c5c":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":64:"fe82300adffd8c17":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"":"1bd9ea6186450f9cd253ccfed2812b1c":"":64:"35214bbc510430e3":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"":"728cb9608b67a489a382aa677b1f4f5b":"":64:"e2ef5d9cc5791c01":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":32:"0fe57572":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"":"7b722fdd43cff20832812f9baf2d6791":"":32:"72dea6cc":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"":"729baa4c0ef75ed8aae746376b39fe3c":"":32:"2a0d607c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":128:"c595b9d99414891228c9fa5edb5fcce3":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":128:"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":128:"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":120:"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":120:"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":120:"e3645db0c600dba52044efcecfc331":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":112:"c25fc157c3f2474885e2eea48aea":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":112:"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":112:"3bcb5c2a4261d75bfa106fb25ee1":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":104:"0e463806ff34e206f703dd96b3":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":104:"3f0ccc134091e0c0425887b1b9":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":104:"888b836c9111073924a9b43069":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":96:"b6044c4d7f59491f68b2c61e":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":96:"5c5683e587baf2bd32de3df5":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":96:"52e10495105799ead991547b":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":64:"6ff8fd87e5a31eb6":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":64:"49aaa806cb2eeadd":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":64:"a5b71ecf845b25d0":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":32:"e9cdbc52":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":32:"e35dbac8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":32:"e7a37f15":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"2fc1afc1395d8409919248709f468496":"":128:"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"c571ce0e911de5d883dc4a0787483235":"":128:"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"275393276745bc43bae4af1e5d43a31e":"":128:"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"47f5264f7a5b65b671892a05fa556f63":"":120:"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":120:"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"4e022d8d86efbd347e8cbab7e979771f":"":120:"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"7c0f49fb54f5e68c84e81add009284e6":"":112:"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"5cea906737518c2cb901016e30206276":"":112:"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"387ee8c1e7f047e94d06d0322eec02fc":"":112:"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"d2b277f78e98f1fa16f977ce72ee22a7":"":104:"4c81c044101f458fdfac9ca3b9":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"94886a1845aebba5ed6b86f580be47f9":"":104:"4be34ff42085ef4443c8b6042d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"e5ca84b907ac761a5e68a9080da0a88a":"":104:"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"fa549b33b5a43d85f012929a4816297a":"":96:"afa61e843cee615c97de42a7":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"2f8512bb7e214db774a217a4615139e1":"":96:"f1da1cebe00d80eb4e025feb":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"3da9af3567d70553ca3a9636f0b26470":"":96:"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"b957f05921d21f2192f587768dc12b4f":"":64:"322374fbb192abbc":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"31bd7c971a6d330b566567ab19590545":"":64:"efc5a1acf433aaa3":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"2f9c0647a4af7f61ced45f28d45c43f1":"":64:"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"69d81c73008a6827a692fa636fbab8bb":"":32:"be2dda5c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"e119e166471ecf44bc3a070639619931":"":32:"b2f54b3a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"cf296aa43cb7b328e09c8975e067404e":"":32:"56015c1e":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":128:"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":128:"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":128:"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":120:"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":120:"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":120:"ba61edeb7b8966188854fc7926aad2":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":112:"993fc8e7176557ee9eb8dd944691":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":112:"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":112:"92282b022e393924ab9c65b258c2":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":104:"6154c6799ad7cdc2d89801943a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":104:"1d6cd4ab3914e109f22668867f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":104:"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":96:"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":96:"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":96:"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":64:"d8bd7d8773893519":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":64:"74110471ccd75912":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":64:"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":32:"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":32:"30298885":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":32:"1997daa9":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"":"7f8368254955e1b6d55b5c64458f3e66":"":128:"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"":"274367f31ec16601fe87a8e35b7a22dd":"":128:"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"":"796efaff4f172bef78453d36a237cd36":"":128:"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"":"45e6b23f8b3feefd4b0ea06880b2c324":"":120:"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"":"548c9c8fcc16416a9d2b35c29f0dacb3":"":120:"3aa21f221266e7773eeba4440d1d01":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"":"a5129e2530f47bcad42fc5774ee09fe7":"":120:"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":112:"55952a01eee29d8a1734bbdf3f8f":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"":"6404b111c6289eefa0d88ed6117bb730":"":112:"637f82e592831531a8e877adfc2c":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"":"3b87b08337a82272b192bd067e3245ec":"":112:"1f2dda372f20ffddd9dd4810e05f":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"":"58e70095c6f3a0cda2cdc7775e2f383d":"":104:"1763573f7dab8b46bc177e6147":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"":"d565c9cdfb5d0a25c4083b51729626bd":"":104:"78738d3e9f5e00b49635ac9a2d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":104:"ea7b52490943380ccc902ca5ae":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"":"c993c1802df0f075ce92963eb9bff9bd":"":96:"edfab013213591beb53e6419":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"":"8f7e1621c2227839da4ea60548290ffa":"":96:"f9da62f59c080160ec30b43d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"":"05d363b2452beff4b47afb052ac3c973":"":96:"6b4a16d1ea1c21b22bdcb235":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"":"774f4e70a7577b5101c0c3d019655d3e":"":64:"98ff89a8e28c03fd":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"":"99f25cebd6cfa7f41390b42df6a65f48":"":64:"8e14a0a4853a156a":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"":"c1beff1ff6cdd62339aa21149c4da1e6":"":64:"f998d7c08d609b3a":"":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"":"88126c350dfc079c569210ee44a0e31a":"":32:"f2ebe5e4":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"":"af29fdb96f726c76f76c473c873b9e08":"":32:"13fd6dfd":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"":"1552604763453b48a57cea1aed8113f4":"":32:"660c5175":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":128:"6b4b1a84f49befe3897d59ce85598a9f":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":128:"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":128:"2211ca91a809adb8cf55f001745c0563":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":120:"2e080ba16011e22a779da1922345c2":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":120:"83de3f521fcfdaff902386f359e683":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":120:"cd4542b26094a1c8e058648874f06f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":112:"96ca402b16b0f2cd0cdff77935d3":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":112:"8233588fca3ad1698d07b25fa3c4":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":112:"477b0a884d788d1905646bd66084":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":104:"0cb67cec1820339fa0552702dd":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":104:"08d7cc52d1637db2a43c399310":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":104:"fbb477dd4b9898a9abc5a45c63":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":96:"99230019630647aedebbb24b":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":96:"9553b583d4f9a1a8946fe053":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":96:"44b95a37fab232c2efb11231":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":64:"072d4118e70cd5ab":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":64:"1bcea0ac2c1a0c73":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":64:"faa5c13d899f17ea":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":32:"a3958500":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":32:"50fd1798":"":"":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":32:"07764143":"":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"5714732145470da1c42452e10cd274b5":"":128:"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"a714e51e43aecfe2fda8f824ea1dc4b7":"":128:"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"91d55cfdcdcd7d735d48100ff82227c3":"":128:"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"19788b2e0bd757947596676436e22df1":"":120:"f26a20bea561004267a0bfbf01674e":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"c6b26117d9dbd80c1c242ad41abe2acc":"":120:"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"0db3ade15cb0dea98a47d1377e034d63":"":120:"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"83f98eec51ee4cae4cb7fe28b64d1355":"":112:"df47eef69ba2faab887aa8f48e4b":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"2bc0847d46f3d1064bbf8fe8567f54a2":"":112:"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"b9194a4d42b139f04c29178467955f1d":"":112:"05949d591793ca52e679bfdf64f3":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"6a5335901284dd3b64dc4a7f810bab96":"":104:"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"fcb962c39e4850efc8ffd43d9cd960a6":"":104:"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"b4d9248bb500e40de99ca2a13e743f1c":"":104:"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"160c50c0621c03fd1572df6ba49f0d1e":"":96:"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"04885a5846f5f75a760193de7f07853c":"":96:"0c13506ed9f082dd08434342":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"0a93b883cbd42998ae2e39aab342cb28":"":96:"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"e20957a49a27e247d00379850f934d6c":"":64:"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"d533c2170c5dc203512c81c34eff4077":"":64:"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"2e2b31214d61276a54daf2ccb98baa36":"":64:"5266e9c67c252164":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"a8339ba505a14786ad05edfe8cebb8d0":"":32:"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"4f23f04904de76d6decd4bd380ff56b1":"":32:"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"531248afdaaf1b86cf34d2394900afd9":"":32:"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":128:"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":128:"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":128:"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":120:"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":120:"7b334d7af54b916821f6136e977a1f":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":120:"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":112:"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":112:"e3ede170386e76321a575c095966":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":112:"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":104:"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":104:"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":104:"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":96:"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":96:"bea660e963b08fc657741bc8":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":96:"7859f047f32b51833333accf":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":64:"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":64:"2111d55d96a4d84d":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":64:"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":32:"b1ece9fb":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":32:"cb3f5338":"FAIL":"":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":32:"3105dddb":"FAIL":"":0 AES-GCM Bad IV (AES-256,128,0,0,32) #0 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT AES-GCM Selftest -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_selftest: diff --git a/tests/suites/test_suite_gcm.aes256_en.data b/tests/suites/test_suite_gcm.aes256_en.data index e2d34ab64..c0f33cbe1 100644 --- a/tests/suites/test_suite_gcm.aes256_en.data +++ b/tests/suites/test_suite_gcm.aes256_en.data @@ -1,679 +1,679 @@ AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fb8094dd2eddb3d8004bb79134023ca2be4de9b668a9e4608abdf2130e8becb8":"":"491a14e13b591cf2f39da96b6882b5e5":"":"":128:"80883f2c925434a5edfcefd5b123d520":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"725313f4cb3f6a0d29cefc174b7e4f43cef11b761ef75e1995cb64c1306795f1":"":"27d1ed08aba23d79fc49ad8d92a2a0ea":"":"":128:"d5d6637ba35ef2ad88e9725f938d3d2d":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4e766584ce0e885e1bba1327e5335796de0831a40f74a5cec178081dd15bfd10":"":"cece0dea024ff47851af0500d146cbfe":"":"":128:"1abe16eeab56bd0fb1ab909b8d528771":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce7f2207f83a952451e714ba3807ddb3ed67c2739a628980411aa68366b1f2f5":"":"652fd951ace288db397020687135a5d1":"":"":120:"985227b14de16722987a3d34976442":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"855f8fa4ec6a1206173509d504d0b29dfbfbfa9aa528254b189cd72e6ebc1c1f":"":"1ad1507e6463e4e2e1a63155ac0e638f":"":"":120:"693146a8b833f324c1d4cbeeb8c146":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ef8dd1294a85dd39e366f65e1076d53e046188c06c96b2c9e84ebc81f5c9f550":"":"9698a07447552d1a4ecd2b4c47858f06":"":"":120:"b00590cac6e398eeb3dcb98abe1912":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"25896e587570ff1823639e1e51e9c89192d551b573dd747e7c0c1c10916ece4c":"":"f0516457c09c372c358064eb6b470146":"":"":112:"5a7cadec600a180e696d946425b0":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"02fc9cfffbe72e7954182993088e09d24ea8cad91a8ca9a336d9f1fe4156486d":"":"0e189e162e097eb2060b30c46d9afa70":"":"":112:"7d3d5cc55e6182ec5413ef622d4f":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f24e3d631d8961d3d4b9912d4fa7a317db837a7b81cd52f90c703a4835c632e2":"":"510740bfa2562ce99ca3839229145a46":"":"":112:"1402ddc1854e5adb33664be85ad1":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"720ab5aceb80ff1f864379add9b0d63607227f7c3f58425dd6ec3d4cea3fe2ea":"":"58f2317afb64d894243c192ef5191300":"":"":104:"e8e772402cc6bfd96a140b24c1":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f57dd16fa92a8f8c09d8f13cb5b6633a43b8762e90c670232f55949cdfdf700c":"":"3b7c14ee357b3c6b0dc09e3209ab69f2":"":"":104:"43e609664e48ad1f5478087f24":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"87c17ab919a4bc0d50343c0bb282a969283c2ada25f9a96d2858c7f89bc5139a":"":"02813d3faf30d3e186d119e89fe36574":"":"":104:"d1a1f82a8462c783b15c92b57e":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dd8d5b6c5c938c905c17eab9f5ab7cd68d27f3f09d75177119010d070b91e646":"":"1df1c3ad363c973bffe29975574ffdf6":"":"":96:"749ac7ffda825fc973475b83":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d60a14cb789099c77b8991e7b0b40f787d3458f448501e8108e4d76110f94ef":"":"ca6b3485eb5dcd9dbfa7cffcdb22daa5":"":"":96:"3f868b6510d64098adc1d640":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"405b690717de993ad945d80159c2800848060de0b7d2b277efd0350a99ba609a":"":"63730acb957869f0c091f22d964cc6a3":"":"":96:"739688362337d61dab2591f0":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ab5563a387e72d7d10468c99df590e1de25ec10363aa90d1448a9ffcd1de6867":"":"c511406701bad20a2fa29b1e76924d2f":"":"":64:"390291ed142ba760":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"abef7c24daaa21f308a5af03df936ba3f70aa525190af0d959d6e50d836f4624":"":"e9f15950130b9524e2b09f77be39109a":"":"":64:"db2fb2b004bc8dc4":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6ca630b0b6779a8de7a19e5279eac94bf29f76f8b0cf8ecf8f11c4f8eb04aa0d":"":"7373befc2c8007f42eef47be1086842f":"":"":64:"e2b8620bcc7472a8":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"acea7818a71df2c9840aef1c10ecbe2bac7e92216388416a2f36119a0745d883":"":"6d46aa39fb5a6117e9adf7ee72bc50ff":"":"":32:"fd5ff17b":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b301036d4b2b28b8a4502925986861eba2b67c24cb0c79c63fd62195d9b67506":"":"bb6f398e5aed51590e3df02f5419e44d":"":"":32:"47f3a906":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"89576d2aac554c8982c7df0053be9ab19f4bd80ba9f3dd433c1c054d68e68795":"":"aedbd482a401a7c12d4755077c8dd26e":"":"":32:"506fa18d":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"43c9e209da3c1971d986a45b92f2fa0d2d155183730d21d71ed8e2284ec308e3":"":"78bef655dfd8990b04d2a25678d7086d":"9d8c6734546797c581b9b1d0d4f05b27fe0539bd01655d2d1a8a1489cdf804228753d77272bf6ded19d47a6abd6281ea9591d4bcc1be222305fdf689c5faa4c11331cffbf42215469b81f61b40415d81cc37161e5c0258a67642b9b8ac627d6e39f43e485e1ff522ac742a07defa3569aeb59990cb44c4f3d952f8119ff1111d":"":128:"f15ddf938bbf52c2977adabaf4120de8":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fbe2d52b7f50bf23a16ff8cd864215034fdfbf4d1506ca3c1ffb015653efe33a":"":"b155f8ab1a8c0327789cfb8310051f19":"ed8d14adf1c362bbaf0d569c8083278e8225f883d75d237a4abcd775a49780603e50c00a1b5b5946c085e57a749b4946f6aca96eda04ac9944a7d3d47adc88326ed30a34d879dd02fb88182f9e2deefaeee1c306b897539fa9075bda03ba07b4ffff71ce732ef3c4befac0f18c85a0652d34524ccb1a4747ab8f72ed1c24d8fc":"":128:"c5fe27ca90e5c8b321cc391ee7f1f796":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8e888721514fd01fb67513cb56bfd29af67a9ce525e3e697af47450f02053161":"":"9f6bd4a93e4f3f2f5f4a7c2c5b4790bf":"867d50923967535ce6f00395930083523c22f373cfb6c8817764f5623cd60b555572404e54f2fe7083ef32b9a4593a1f70a736d6e8fe61b77def51f3b1d8f679d3a8d50d0aad49e51ec1eb4d4a25f13d14f3e5253555c73eac759e484c6131cc868b46c18b26acd040c3e1cb27afecba7b7fc3f5ff4883f4eafc26c7f3084751":"":128:"ea269094330b6926627889fcdb06aab4":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d8f82b07e7319ca607c9aa0352070ca883dd7b32af370a774f63b0270f44835a":"":"e89e4484497cb728f86585d8918b7fae":"42340d96e1852de3ed5e30eb4a05e1fb222480b450e2bf4e2cf0fb2a525eb6602ef43a896adc5c52ea5381c642b2175691c014e7a6dae91fa6ff5b95c18a2dd2e8838d3abd46ace0b305f3f22d30a0bd82a81bbf6753362b54b0624c76c0d753e30eb636365f0df7e1bf8bf130cf36062ec23f58a3f7ed0ae7bfbbd68460cd76":"":120:"b234b28917372374e7f304f1462b49":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b49b04a54a08d28b077ea54c18bfa53e916723e91453b47f88e399046b9b4dcc":"":"6276c577c530f91b434ce5719e1c59de":"6b73f996c49e368fc4d21816153aefb081509f9dc0916dbe4fdf77f39867a2bd617b8a75f39f515b1bc1454009d5247efcd90ba0d4a6743c6f12a929b666584f3b55254c32e2bab2321f94fa843dc5124c341dd509788a158191ee141eb0bc4e1b96f6987bafe664a0f9ac6d85c59cee9564a27bcc37dffae80c57fbf7e748ce":"":120:"69dd5bdeb15fdbc3a70c44b150f70e":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"398bb37bb991898c7dad7bf5930dbad20d121f68d5ec6c56ffe66f23c0c37f8e":"":"0c3bd55b54c1221b0cf25d88ea4dfe24":"4c48b929f31180e697ea6199cd96c47cecc95c9ed4c442d6a23ca3a23d4b4833601ac4bbcdbc333cd1b3a0cd90338e1c88ef8561fed7ad0f4f54120b76281958995c95e4c9daabff75d71e2d5770420211c341c6b062b6c8b31b8fe8990588fbad1e651a49b0badd9a8d8042206337a1f2aa980b3ba3b5ee8e3396a2b9150a34":"":120:"8528950bd5371681a78176ae1ea5dc":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8e8f7c317b22dea8eabe7eaa87413a98ff56570720985b6743a5f9af56387cca":"":"3a9a5a839045723afdfb2d5df968bfcb":"a87d95f8f47e45a1c7c5c58d16055b52b3256c52713fd092bcd6cbc44e2c84669f23ca2a19e34163ee297f592f6054dbc88863a896c2217e93a660d55a6cd9588a7275d05649940d96815c7ddfa5fc4394c75349f05f1bcaff804095783726c0eceb79833a48cefd346b223f4e5401789684e5caeda187a323962a1f32f63f02":"":112:"faad6a9731430e148ace27214e68":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"67c95e57197f0e0bbaaa866d337fcc37f3a10dc55a059f5ea498de204d2fff61":"":"5f171d203c653a316cac43df99f4033a":"84f281b388ca18bc97323657a723a56260731234720b02b6dde00ea134bd84a1893bec38af80214c4da01b93958ab00f3b648c975371e565d5b6bf2a8f63c0f3cfcd557c9f63574390b6ae533085aca51fa9d46cd2478b7648b6dcbbac7e61197a425778debe351ac2110ba510a17e2c351ba75d5a755ef547cf9acc54650222":"":112:"9ea9c716e06a274d15a3595a0c41":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9143f00e31c72bd9fced31585d047f67f1004e6244c3d9c10c8ae005feeabc84":"":"e49cd6af9a2f0da2a7198317da92ab2f":"ab9193a155140d265aabfe2dd5efca7d3fa6129498532bccd77f09fa1a480702620b3ab53df91b01262122f1a6fc387b5fc55dadfcdb99ada83d4a5b0666c8526de309f41eb54d69b52595c43550a6bf7b4b8f0e0c48311b521762eaa567744c4c4704dd977f84068b59db98a67e33cc65302ba59360d600a22138c5ad3317f3":"":112:"8293e361fe0308a067f89aea393f":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d0ba180075c373116bb037907b512add00ba9a4693a8ecc14ca0d79adada90e3":"":"5c1501b19cce5404dccc9217ac8253b7":"3a161605ec0055c479dd48cdaeed5981b8b60fb7b7781cc4e580218c7014c3060a9f706e6e16cf4021e4d38deb512534b484ff23b701975bdf901146ccaece9c3ffbbeeb172cfb64a915ae0dbe7a082b9077776a387b58559a881b9b79b90aa28ad1ac0f2bece314169a2f79ea4c08389f7f7dd10ee2d9a844fee79e7bf38bcf":"":104:"0541262fddfd5d01ff0f3c2fb4":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c975c7e59133c231d1b84c696761c413ba20aff7fb7d854c6947e65db3cc57b4":"":"d8fedda4cccaf6b0818edcfa7b1f03fa":"cb4cc9171367d6422abfaf2b4452da267eb9ccf1c4c97d21a0a125de486997832d16c7e412cb109eb9ac90c81dfe1a1dd9f79af7a14e91669b47f94e07d4e9bd645d9daa703b493179ca05ddd45433def98cf499ff11849cc88b58befbdd388728632469d8b28df4451fc671f4a3d69526a80c2e53e4fdee6300d27d97baf5f4":"":104:"77ac205d959ec10ae8cee13eed":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a86ec688222c50c07274ed2d2c8ae6f883e25f8f95d404a7538fd83224199327":"":"99c73fdb8f97f225f7a17cf79c011112":"cf5f707de0357262c0997fa3ebfe6e07192df8db5f029e418989e85e6b71e186b00c612ecedbfe3c847e58081847f39697337ae7c815d2cd0263986d06bf3a5d2db4e986dbe69071fd4b80a580f5a2cf734fc56c6d70202ea3494f67539797252d87cd7646296932959c99797a0446532f264d3089dd5f4bcceaaa7289a54380":"":104:"c2093ad4705e613b09eee74057":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d3981f0aa1ed8cb369d9b0d7b0e529ec6089ff2d226c542885b1bff55276e891":"":"7331f91bd1a67c21c9dd336a2a922839":"406d9cf45fc8618d564154241dc9c006ecdcd847406e5a6e7127ac96e7bb93f4c339ff612c514b6f66df95a0845035d7535212a2aaeeb0ee512d1f4375c9a527e4e499389c2d7f7f7439c913ea91580e7303767b989c4d619df7888baf789efd489b08eda223f27da5e177cd704c638f5fc8bf1fecfcd1cab4f4adfbc9d1d8ba":"":96:"dbb7ec852c692c9a0e1a5acd":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8436967f97c59ca73b760b73c6e088d1da4e76b712188ab4781d8d849505ae47":"":"9401dd0998914645668d06d518bfe7d7":"a5f40906177417097c19a0a21dbb457a694e173141837f695b09c8eb58ac2ce28aace4e59275b6266da9369a9905b389e968aefc64d78c7e1d2f034ef413d3458edcb955f5cd7971c28cd67dc9901ef3a2abc6121704bb5ecd87a6568d0506abbc87a2f10205dc8eb0cd1b5109158d0e743c2c3a342d60b8d55bbcb8d8507ed1":"":96:"dd6d988d352decc4e70375d8":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce6b846bcedc6ae747e66e72cd9f7664e6cad9627ba5f1f1923f3d3a6ed590d1":"":"ac865ff8a6255e501b347a6650510d05":"1658b9f8469af1dfa60458cf8107db1edd1e4bba70a0bd23e13e1bba0d397abf51af8348f983fcdfcc8315ef1ffc9a26371377c62ddba08363bd2bf0ff7d0c3b603fad10be24ecee97b36d2255a8b2efc63f037123cef4bb4fe384aa0c58548b2f317c36ef3ef204b24769de6ba3e9d89e159e2bf1f9d79aeb3eb80c42eb255e":"":96:"7ee87acd138c558455fff063":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0038ecf1407bbf0d73afa5e010769b71e8649c4249345dcf923ef9da0254c6af":"":"74c6b98fc6ced3a59bd9c42d31d71095":"467f483c71c3404fe7f09d6f6b6b64c3b7613a0dd32470cf24bc590d3994a48f3e8cd5dc19ea8ca7d5366ad7c5ad31cc9612dafedaea109dde2aedfe5fc2a0db2c903dd1dc1a13949720a10babf37fba5a0ed7cb5f3dc9eb5a4d8331f218e98763e7794b3e63705d414ef332160b0b1799f1ff5cbe129a75e5c4e0a4ed35e382":"":64:"62fe088d9129450b":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"19fc4c22151ee8515036c38bc5926c0e0bbd93db5d0fc522b2a6bf6298fed391":"":"9547f056c6fb9ef72b908f527cb500c1":"511b15c25b2a324159e71c3b8e47f52d3e71e5bc35e774c39067250f4494c9c4eb184ecbe8638de9418672d9ae2c6a0e7f54c017879ffb2a371de1639693d654a43cb86e94a7350508490191790d1265b99e7b3253838b302aae33590949a8761a3bb2aeb1ba798cddeb00a53daad05a33389d4a19269d65116a84f12dba5830":"":64:"04623912bb70810e":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3b5d3b1920b5a105b148153ae1f1027c6d48bc99640ea853f5955fed4eb3d625":"":"9a4091c2eb7e88759bd9169fee303485":"aa680d07143ba49a9099d555105fc3cfcb898cec11ade96776dc9778cc50fe972e1e83c52c837b71e27f81d1577f9bd09afe2260dfd9a5d9dfbd3b8b09a346a2ab48647f5dd2ff43700aecce7fa6f4aeea6ea01b2463c4e82ec116e4d92b309c5879fb4e2ca820d0183a2057ae4ad96f38a7d50643a835511aedd0442b290be3":"":64:"033bfee6b228d59b":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f6c4ad8e27764157789252f4bc4a04145cb9721955330a2f6a2a3b65cacf22bc":"":"3de136cbd75061c888226efab136849d":"0f6951c127d6bc8970e2ad2799e26c7fb9ca31d223155f88374984b5660626c83276ffa6c160f75e0e1bcfa96616188f3945b15fc1b82a4e0ee44000a684b3c3840465aebe051208379ef3afe9f569ee94973d15f0a40c6f564fa4ba11d6e33cf8ae17854a9e12360a2b8495e2cceec463f5e3705c74069ba37ba6d725f458c0":"":32:"f658c689":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30cd99fed9706c409e366d47fefc191f79bcc47a28be78f9890fd90d4864eb85":"":"8c7ce34691503bf14c776f8809f24e61":"4b6b10c2e2905ab356769b6453dd160a08e8623b0878fcc1c1d64822f0aea1f4f5b4698ded5d23ebafa11bc1e4ce9e5cd7d7c7b13de02d11a945ba8361b102ba49cdcfd6a416e3db774cd7bda024fccd1ad3087560dc15bbfe9b1a5c6c71fae17a329f104f6c2cba7eb6a7459535ca328146d0ccc0a9bd28a3d1c961947a3876":"":32:"7777c224":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9472f2452933dcfac4bb22831ce83c6a1ddf25ef8d2d3ba59d72b0d173a986e8":"":"18fb2c34b0955d712960009617d300ef":"d283dd75cd4689c266c8e0b4b6586278aa2583c7c41bf12bd1cfdef21d349acbbabc0a2204dc4130f922949206c4fbdce3786ab8614e32908838a13b6990453abf14b84f5812e6093644accdd35f7ad611ea15aefae28b3cf1fc5da410bcea4f0a50d377fdcceffe488805bc5a71fab019b12fa8725d6e7c91e6faf12fbaf493":"":32:"c53b16a1":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e06d5319210f4107ea7267fa2e8183fcbf74fd3b0579b856577177d9cb307d42":"2b9179d21cb884581b0e4f462455167f1f7899717245d4aed3d8db5983daccccebfc2130a20c284563bea5997cc0438c83d8fa7bb9e3588efed285a0fcc31456dc9a3122b97bb22f7edc36973475925828c323565e417ec95190db63b21881016b5332f2e400bb4724c86a8ee0247149370ee5412f743dc6bf7ca5bcc31afa0f":"f2b0564705430bc672964b049115e122":"":"3fa342a76cb5d501e6a6fade14aab54a76620e4ea2287147d4ca2b9d62d2a643591e5df570ef474ee88ad22401c1059e3130a904e9bf359c4a6151ff2f3e4f78ef27a67d527da8e448b0ef5cdcfec85f3525e35f8d024540387e4cdcb1018c281a1af7d4a3688a0fec4d9f473c816f7d4c4c369f70d7dfe8f1b7fa4f581098a1":128:"18f186ed1ee1f4f8b29db495587d0ab0":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0dfa834e98b6c51ee925dd9edc9be72c209ddcd9099ded57b533f2236895a229":"7f4e4f11091bf51976c0fc71ecbcd0985cdad2135549c818c09567801d8a9a42c719aab7dc2cb58a10b5067d14c52cabe6bb9b939e7b9cd395eaf10ba6a53fd2e6446e1e501440134e04e662ef7ebb1c9c78bbd3fd7cb9de8b985418be1b43ebb5d7902ccb4c299c325c8a7cc1de9174f544bc60828c1eebad49287caa4108a0":"a101b13b238cfac6964fd6a43daea5a7":"":"bc60d2047fd8712144e95cb8de1ffd9f13de7fda995f845b1a4246a4403f61ca896bd635a1570d2eb5b8740d365225c3310bf8cea3f5597826c65876b0cbcfa0e2181575be8e4dd222d236d8a8064a10a56262056906c1ac3c4e7100a92f3f00dab5a9ba139c72519b136d387da71fefe2564d9f1aa85b206a205267b4cfa538":128:"c4cc1dbd1b7ff2e36f9f9f64e2385b9e":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce59144b114ac5587a7a8079dc0e26f1b203338bb3e4b1d1d987bddc24150a82":"bc7aa1b735a5f465cffeccd8dd4b0a33a571e9f006dc63b2a6f4df272a673bb2cc00e603248ab6be5627eebc10934fe4d1dc5cd120a475936eefa2c7bddea9f36c6c794d2c6bd2594094e56cac12d8f03e38f222a7ee4fc6c2adffe71c9c13003e301c31ff3a0405dde89bb213044d41782c4bb4eb3c262595d1c0e00522047c":"fdc5a40677110737febae4465b1a76cc":"":"084c31c8aef8c089867f6e0ce6e0aadafa3016c33c00ca520f28d45aac8f4d02a519b8ebafd13b9606ab9db4f2572f396091bc5a1d9910119ca662d476c2d875a4ab62d31ff5f875678f25a4775fa7fc85b1a3d442fb2c5047a3d349d56d85f85f172965e6477439045849a0b58014d9d442e2cae74709ed8594f0ec119d1d39":128:"4c39e0d17030a5f06ecd5f4c26e79b31":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e7a6b459a5370ceec4d429bba9472a49db07697dc66dbc2f294d3e62ffc8aac1":"cb959e5611a636317feb5265d33b315c2f5af64159029f0032e338babbdb0a525ba6b92cb3be7db9f0077561e6cffe1247bad32dea8918f562dc3cd83225cdbcaed652b87c62fea8eff153638a3a14ef9f9a88bcc8c9a6b65fa9dcc53f63d1b14fb9bb0baf17e7bfb95690c25cca2c3097497e41f7e2299a8518d5d1c5f6264e":"92468d42ad377affa7e808d95d8c673a":"":"599dbc47e2f2e3b06b641c510b238417b01869f0e7d08619752f6d9f4b08585731deaeb439ff26e02d7e51b45ca5e3d4a779fe4cfc9572d1d6407f98de69a8fca60bf01d1a769130bb38a67933a2be3aa3ea1470d8f32a34dc863dc800feb7ef71588edd9489bd59a23685ff5358f9b562fc0bbad9e11db7a6fedbd79225539d":120:"e853262ed43e4d40fea6f3835d4381":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9818904a99e3d80c95dc71a16483ade1b9b8e7df638ce6a4c1d709a24416cbe9":"2c073cdc11a8d58fb55e1dadbbc0372dde86c387fa99c9249bd04cb2f2d239de01bec8c8771a9fb33664ee06ea81c37a824525664054173b63a2894d8d7ffc60b9e93052802478a189be5835d979a28ce7025b219add0622f97c9bcf3ecf629b56408ed002a141061320400409345e94a7a7e3906611305f96f2abc9d62cc435":"96a301ab6bc0309be9735bd21cc9e10d":"":"4876e449b0cac09a37bb7e4b8da238f4c699af9714ec4fcf21a07c5aee8783311a13149d837a949c594a472dda01e8b6c064755b6328e3ef8d6063f8d8f19cfda3147b563b0f5fb8556ace49cb0f872822a63b06f261b6970f7c18be19372a852beadf02288c0b4079587c0f8eab1858eeec11c6ba8d64448282068fddd8a63d":120:"e1e8b62ce427e5192348b1f09183c9":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9b34f137e3f37addad8a6573b8b6dac9a29e97db53c0a7610f37c72a0efaebfa":"c1e09c432c68a2c119aeb3b19c21180e3c8e428e12033f416a92862036f5e8a39a8893b10fe5476e388d079143ee0b79b183a3400db779cfbf1467d69887306b124a8578c173cd5308d4448eefcf1d57f117eb12bc28bd1d0ff5c3702139655197d7305bda70181c85376e1a90fb2c5b036d9ea5d318d3219132ea6c5edf7b7d":"50dddb2ebe4f8763509a63d07322277e":"":"793e1b06e1593b8c0ba13a38ff23afaa6007482262bc2d0de9fb910f349eff88d3dd05d56eb9a089eed801eae851676b7a401991b72bf45ac005c89e906a37ed7231df4aeeeb1fcf206ca1311117e7e7348faf1d58acc69c5702f802287083d3ed9e16cf87adcdfa1bb0c21c40c2102fd0def91985f92285e6ea1cdd550e7f50":120:"b3c6ae17274faaca657dcb172dc1fb":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"66b40e2e671bdf244b45644d1a5adc63011b32156ba9f5e03dffacc1a9165061":"985546ee12ba89d95988ad8a4153c4f9d3c91c0e3633a95b4f9b588bba0032006c93210514357c91d574b436da13dc9f68194a981e7b65eb79e56be9cf1dabfdf531407727c034a3c7743bb22aa02b26f159c2eff3c7ed52027de2e8b8b2fefb72c04fbf20a1ffe10d6dda790a9812cdbe9f2ed6706d7a2639e851a42870efb8":"4e090871e889b4be36db5e1df1ea283d":"":"f93eebffeddfd16b4618b893d57b459b704b894b38a5eaf6cce54026c80090be8328e12261e1b10e81c73ac8261c2982bb25603c12f5ffff5c70b2199515c17200db2d950a3f2064d7b362607adbf3686f27420ec15e18467e86faa1efa946a73c8888b8fdc825742b8fbec6e48cdabbb45f3cd2b6b6e536b6fbf3429aebe934":112:"ed88c856c41cac49f4767909ac79":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"18c5105a9651144ce965b4270398b982120b885850114571ef8e2cbc5d2f5e04":"00c5ea3d91248bfe30c5a6d26dbdf0609f977afcfa842b603c1061b2a473c9a79b421b2509550309e4be9c5015c51c6def9ee68c242f6e206b3027ce8e58b7ab96aaa50ced1d78c2dfcbc2589575bec2ce3b6a5066276fe7dca4f1118808d1e5cac062667053c15350289da03cd073377c2d66c01e3098ed01b75788c7e1f9e7":"a3a5f82748acc887e33328fd7f4ce1fd":"":"d91ed6886a269dc1eb0745dc4b97fc54cbea5e6857d10a303a3caf828b4e0e20bb742bca17021b7852d09a6d7d3a56ad82298c15a2082fed0e0e326bb16dd677ee262ead93a24147de3c07eb8a95b108abf17357155f1de79171689407b6545c9fdf8ab4486576490430c0e043e21e7c40ce88e752cb006cb3c59479a7e56cf7":112:"add4e086d612a119c6aae46ba9e5":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4667cabeb3a644e371cbbe9195413daab025cc6efc12298bfaea0dd9bc028f9f":"9772ec47f3cd26f091bf117e085f2394db258c2c460dc3b1402edcb60a8f70517f82aa669607b78c2ad79c662c3b376cee1b9f34c4ec5d15319c33de78a440e7f2a4108c3c9da51604adde2025ff1dc336c49279c13a7153931df675df0e78f17a4d72973311af74fe755c85c7869baf3896bb738925942dc67f1b6e690c9d48":"7e8927c69951d901494539ab95ac5906":"":"5d62fa69cfbfdec30193408dad15cf983ad707ee921068b817676eca9f70f9ca4623a8c113df5fba86131415f4ec546c7f1a94ff9d02cb8ddcf421c7cc85ed87ce712fcd8d5f45460749ced0d900fe0368c59b1c082bd5811c1a648a51768d5e4bfbc23cada3791f289d8b61fd494398be1ad9ee9ff471abb547000ac2c1a5d1":112:"0ae6bd5e8c25d1585e4d4c266048":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3d58cd514de36ca7848aad1bf4d314b3b3415cae1ce9a169021ae84a67d4ab69":"e1c2e79e3f64c5c64f853ac9ba1a853fbf1bfd3001d48f7e73e0e97aa1b8ed1f1a7066178e75df688c5edb1c42e270ea38ab0e246c6a47fde4c3141436fe4b34beb9033ba7eebfc53cf1f6c8ae1794e9bb536152d196e1b96803316a05f1dcb9016c8b35bf4da06cd18da6243acc3a3dc641d3a1332b1915932ca89937cb0327":"4a1c2e7a3f9788c3c2fdd0dcc0cfe84b":"":"50d63c660a2b4f8e87276c5f58556cdf15d0fbb2c8ea5e3266d28c515643109aa7fc950d6d48f504dad52457e16576b581d37574574cd8b7ac12b7d59b819992c941a27e23ef9f257ed0c4ea4eda6c1f3b28b44decb63a92fae84c3556dcb9d6458e729dad6a7db9f7411690fce971b3b240f8f9979ed992f87d76e227fd7384":104:"ac842579bdd1ac77c84dffac2d":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b7e4cd80f03a7ed092c776b243dfad7776d9caf3e679939038e33ac94d8931de":"102e2d2c0d01dbc69733d2451d1ac1817d60418685d4ae8aa44e1ede1c1e08d2f71f0aef41a72bd9f052ea4a9a057330c95d964f8c3679b80fc9c0952b46f38e2ef055cb33703d686757400210fa5a39bc7e3bb9b8b9cc20c95d5607e2f10bb5501507680ef3aaad96553333b1d27bf2f7ac102c983eede2262a5c6237c1d754":"af160a983d674b7d19294f89c3c9307d":"":"6bdfae299d796ef36850327b091ba7bb02e29b643ca4c8bc199eb91ecbaf88426412cfd5570e0042cab735cc46ec648b0877955b3f9a5707d56c478aa77ae5510749beb1e44dbbb37791f18477123436a985e5e9f79fda0a057504847e4ecae841f24e1b53076d3efc6bdea2ebb336ee0e4b5e6ea973e3e50a27b5c2e6fee3e2":104:"fdf21e2ac356e507745a07fc96":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3a0c46eacfe85cbc0c5f527b87cd075bdeb386d0ca6de816a87cfddcb8a87ae8":"6d1203dc8395e35a35e234203625ea9d37d1c009db2ac8b1d5b29021997b5421f1d172f4c9a7eb7dbb67f0002720fc412f5b1550c739a2d7ba4387a1f978bd548fe6169d9473893782b10fab99198cb8b4553dfe27583c017136fd8c95070d8d7f9a602d15248d38d728157a0b26404e662f9a5554d3e1582bc0e12f0054792f":"b1cde63ad2ad4b8a7bfb36ab78385c3d":"":"9de3a45c976d32ed2af5074ef13b1f86f35b1689b1c698b2e427d5dd62556eb14439f77cd8fcbe686a9a08a922e3f54a78e86fd284de493a740586360b63da09bc1d001777582969c679db54a0ddb8d7dfdb46750edc882804a1c00e417912b72b4cad54dffa1897eba6188b3e61ebf0c3dfab292c2686dcb9db3012e0788c7f":104:"641896daab917ea3c82524c194":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d540e0ba27103667eb4511ce9d243592bccb8515ab59896c9922cb5f1b47a02":"d79f9b1c74e3141f188704c8d5bdaaf6083642be50d00f20c97b56646863895250d131e00db0ecf4f035d42f08cfe20f401c2d3062a38daa0b9e7c19fa7c5d344680aff48d506daa181451f6b34ed9099b9a5b39c0166e93ac4463c9ad51f48e3063b1c16793615336f55d516d079f6c510c2891b97aaa95e5f621e3b5202620":"a2ed37daa797522a39b01dd206d06514":"":"6a891bd289ec05990424a2775287f4725aecefe1ab21fa0ca643f37829cae9fcbbf805b883f807102ff12f1a85964df818057daedd41c7349ef32b24642186c45d2858c3260d5b90594969e26b691963ac7fbd2eb4eef466ae690ca274d9194dfc4df1c3baec02abc38fbfc0e2c7c4fcafed227d4f6607329f57ee439435c714":96:"9074ecf66bbd582318495158":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"151d7e4db9e21c87bef65c2ac6aab5b6b045b7dadaf6424644a91e04ba810585":"0984c5d3f68beba1db4e6ade429cb8954cccaba9fcf4d852897ef69f8483428932c8f18a891f54b68f7d49a03c57f7144d802eb996d233cec930d5eb19f43d0faf9c94a2d7aaca40c8066a2882481f521bb5f6ba15b213810da373817eab3d52b5dd143a1521239482fbf4a07fe68c3d35c90c6ce27b55e40abcf432a261dc58":"49e0e0d089e3574fa5a33c963b403ccd":"":"6938d8a7625d1291f249ef1e086bb030ccdc844a9271fee16db60e7acfe4aedd720de76345109d5e6849fd1576c0fe0c34e73dca4011f8565cffccef427198c927f19f63b821f43844d008ceee0566f0d8062d7860e92ebdf21dcde80039a04504cd8ee94874b2eeb038962a74ac9902d9d7ce09afdac7aa706bf3892de19531":96:"48d3a8116213f92bfbe86bfe":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3e9615515ca45109316cc02bbf3a23406eeeab2092dc6614db76e4e047a3b023":"46c4c6bad0f21172094ae07a47fd76477b69ca75cc08970e8dbf7b8644d4bcdce96f9d15dd3fba5fba3f851af145652ad004ee525d180d2f3e03bc0ec1c0e8ffebc1474c342732b7247f657ba87ffcef9333857123f29c4976b048c89c24107529dc5dd69004fd176eb0ca6ddae1df7be7d28b3b9da976413588f20c1fff488a":"c1facf73da64e16e4acee3fdc3cc6b10":"":"4415dc96d3daf703d392ba1318254143a58870e691570ca6b1be6074dd9c1feae12c72f9314fc3d19b6affb59b642ade6c4e64b7c99f850bff781de193cc0a321a29356addcb0918a282e53801541b5b01383fa7624c36d1f67423f02d2b54f58deca582b7031d192a4d32bc154ae1149cb3c5b48538c803a8d01fa7cfc1683f":96:"322d8d1b475a7fd3d0c45609":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"52c1a14b4ed57cbfa317fe0db87528f4c5551deb9ffc88932589e3255b1d3477":"eb9081e19b63c94b5f3a696c5fc2c0b7f434e1574394d0b41dd67dfac28a73d4ba26c86b3728b2802fb9d0930c89586b09602900d33eddc5a00a4e98881b5acd5597aae9b80b1569ede74042948f2cd66c3eeae227ae10241df001c85dfe8a5fda0aa21142ecade76290dfdd4a27b6ff3a932dacc0b5f461501239ae8d6d5f41":"36d02604b5b24f49b08bb01053a23425":"":"12fbea9e2830ba28551b681c3c0b04ac242dbbde318f79e1cb52dba6bdde58f28f75f2fb378b89f53cef2534a72870a1f526b41619c4b9f811333e8ee639be1250a5c7e47ecbee215b6927ecffaf7d714327b2c4e8b362b1a4f018ff96f67557ca25799adfac04dd980e8e33f993051f975f14e05be8b7342578d0c9d45b237a":64:"01e6af272386cf1a":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4d08a07b3e94025523a4a6415029c8f9e11fbbfd72564964c53b8f56f865af0d":"4ac7c27b07a4aebe5caf1de0538d13a56e8c11bc73713bf78c7abbad3b9f6d690e00487267da108e2f2ae67c24b4657e77bb83e2d5e4b244cf34e924cf7bdb443f87ac8cdb374147449f8d06eb517a25dc86f03a389f34190aed5a7faace03ebf646fec2b173b2c15fd5cbe7c5affb6c3ee6d1cace8b00dd8f668a2336da5bfc":"98b745c7f231ba3515eddf68f7dc80f4":"":"337693c5c746d8fcdf7cd44d8f76a4db899402b891176e85b4c549c366ad709322874e986d6b939a350d2a0e3b77924d6d15454d882d1d3c94469d749a20d8f0116504cb31888a1e81d3abf25dbb7a7f9e7def26b9151ee649c059da1955f1716423c734dcd26a548844abb6b64c44383ec698e59361b6582c6883b77c338342":64:"7a9266c4e5ae48f1":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b9d9fc42b58deafe9bc9734f4129dcad34a2e55ee5ad8abcc3f7bc42dd2c0e05":"11dbcd6cd53d2af766a1b6e4af2bc8bac2811ef818da2d1f81c140ab6e0298e958fef033736bc6e0dccd660b9a3e4222bdf3f89a95b206785d22852201e6dd00b44232ef3c03393893813dccf1960410b50cf50602ead8bd246fad88e66c88b50821578004779b6c45c13d8211df1cfc0fb2d7a342f58e4f2f3623fd31b12c30":"67931493096f4550633c322622bc1376":"":"66ab6e7a547705d8ae8ac3cb9bc5fbbc18cd220f89aec7dfbf4f72e7bc59b483c50c9471523c3772efc5deee3a9c34c96b098842cc42f9b7d7c0d2530f45900eeb9502e4dd15363b0543c91765121fd82fcc9db88fe6a531b718c1fe94b96a27856d07707fced3021cca9cf4740833d47091797cc87f57f5388b48e2296ff352":64:"0de60d4126733404":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"97e736a63870546ec9c2325a8e367c8ea17a7ffa71f6cadd6909a5bb9eb12814":"608280a9dcbd6dd66100a9fdd00e6dac2183e32c945b2b4d255c048243bfea15aad1a10ff3eec0ba79c531239b489a5dc155dc2775519f8d3d2ed82fa7ac653fb7c77e0dfad1c175b6c69963f5c12ff9840f18e0202502e9d1e3b170965cd86ae411af20e6d69a608c99ca8dae3cb3bcce666841132a99429bcde490d9f0b6b5":"d35192b4d233507b70c6d32f8e224577":"":"568a0d584fc66c876b7beb9ef8709954a2c426fb8c1936b9024181ca2cd3a7684c412715c11eab80a181be0238e32a2b689e9db36a2ac87db651058080531e7b1110938dcb09615e385d7b224b11222469145f6fb5f4c0e87b08bb3006bc5b6d2ce0a15be7fc29b27c10c645afd9d8253c094fc0f775086bdf2adac265b474d7":32:"af18c065":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6d05193cc0885f7b74057ead3a0738b74eb3118b1a7e74c5c941ce0011197122":"c58f51bad815a43a5705c311de4a846ea2a70cbdd2c30d709a2ae0ddf82b7c889dc599fb6e0328fad21555a99530be6deeeb5b1beb333322c2b747288e52fad008513f8040a4735cab3c8cf32c4e18bd57339c85cf5dd71e382067bee7e9ccaf68e767d77fb005a3b73a51acf942fc3b2c5c9eec6189d01a26c6ffb070165874":"5160b65bf7a2ccf77fa2e3e0b3866f26":"":"64dc5834a63be414c3714f1b34feddbacd568c6466cbd06f665aa269187a160db79306a53b629fedc1247bd892998fe3208b3105f6273676bbdbff6e254de332d02bc8842ef98d6b79994792eeb5be3a807452b14ae5b5027db81421cc22936ccaa7ae1b77a145462634e424ccf2dfaf001ed4477b804e204120a1416b449b8c":32:"364ef0b5":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6e8006983712ddfedfebf95e6cc3b0aadc23077055e500ae49fae7705787f2e3":"e3ba14c4e39ebad925997649872b8331f1700c8f98f80e58d92c85a84f2a427094d9d771b276a0d35b17c0c030734399070a57345d4dcf082b96c7eb580618f7af8bdf036296e20379e74e29f905b52a0c46fe7d46201a075e7de7e1a523a0492c1f228102fdb89f019bcd4571e041c5d37159dc487ec139fa37d33142fc8082":"e36e39d787394f1401fc4b173e247db0":"":"4d5db4b65a1ca31f3d980cc30037b5d79d28280a31cc5d0274be77dad70dcd37f652f2ca999c9aecf08fd2a02d382457a277002a1a286ab66f9e437adee00c3bab04f831dd52147005a989606171b6017d28970c8986899fb58900e23d1bc6a9ac0bd4d8b5d6e3fcaebc9903923e68adae7d61cf929388e0e357c7223523d1ff":32:"d21637c0":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cd8ec237009eab590dbd9b31e76513dfa3501701b1a706982944441d996e1839":"9eef7c9a0fa3e9a7fcc4b2f9d210a97d6653ded7913f2fb2de825a0dfd78ae1cca68c040f2328009fffe62937d630ee9d6e0e67bc12c38c0b3d035697d4c2311371aacf41cce0d523016ee436a47d93af0df77011131856d072c718c310f0995b71530d70a3da881481f46f21dda62e3e4c898bb9f819b22f816b7c4e2fb6729":"a3cae7aa59edb5f91ee21231002db8e2":"45fa52a0e8321d82caea95bd9506f7331923e2aa95e9238908f3ff30e17a96389dfea75e225e34e1605354eaaf999a950f469c6e2e8722da5ad9daded6722baca00e5d1b8e63266ad1b42cae161b9c089f4ffdfbbaa2f1fb0245d1a4c306d46e215e8c6c6ae37652a8f6016f92adb7695d40bde8c202ab9c2d70a96220b4b01b":"833d58f0bbd735c6164ecaa295e95ad1143c564d24817d5f6dded5d2d9b2bed2dc05da4a8a16e20fdf90f839370832f9ddc94e4e564db3ae647068537669b168cc418ea7d0e55b2bb8fd861f9f893a3fdba6aace498bc6afe400fea6b2a8c58924c71ce5db98cfce835161a5cf6187870aa32f522d406c52f91c30543ea6aa16":128:"c1df4ee60b10f79173032e9baaf04d3f":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5f0b24f054f7455f5821fdc6e9ca728d680e8004fe59b131bb9c7cddb0effa51":"d406138587fbcb498e8ec37f0f3d7f6b2faa02e6880424e74cdba67ae3468b6823d37fd917a7fede6b34a2f0fc47c520e4088766ba82a989f0d8051a3a80cc8b1e3e1e2b1c6620b90e99b27e65951aeb3936263fc2f76c1c8effa742f53987f8a38c731a411fa53b9f6c81340e0d7ce395c4190b364d9188dc5923f3126546c3":"f52f7a2051047f45ec6183b7c66e8b98":"756cf485b6a8e672d90d930a653c69fdbf260d3ea18cd3d0c02175d3966a88b70ab8235d998b745a0eb6a5c92899f41e8c0b7aa4ec132c8cbb1bac97a45766a03923c9b93c2a055abd0127a83f81e6df603a375ca8cc1a2ee0a8b7fd226226b0b19bd2e81f73c34dfafa4fcea08dd93dd4ab7e4b437408af91bff566068a5f34":"e58a03f664003d0ef5bdb28931afd16e7747cff62dcc85bf4eed6e573ea973cf615e4ebee40f35d44e18e391b391e98dca5669a5b0abbfa67834836b122d1909b53acd50e053d5ca836894414bb865b1fb811d8af68b88b4a302fdedf27fdd27456e9aaf34a8d53c9c8587e75843e09776392dbb0501ef41359c01e8980e5221":128:"258492b9f549d1b90555eafbe5292806":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6f50efb3946f6a6dfe63f12780f764bb6ebcf2127d3804610e11f0bd9b68ce0f":"bfc89d5049a5b4015c9eb64fdaf9fe9f4be7229e67c713a7b368f0550b3a5e12ba3a4399c64f60b7157e1b289b154a494deadecff0d0686ab44fae2a34ae4cb120a7f00268ab551f41c16a05f8999157be1103464127a8a9bccf736c32db045124178c90472e664d8e67a2ade0efe9a3b048c453d2fb5292dd8d29e62d52c5b5":"63c1192ab7fc75c17e7812fd960f296e":"335cc5c8fb5920b09e0263133eb481fd97f8d9f29db8689fb63034bc40959a176ccdca6725e1f94f822e4d871138fc39776fbe062f07bf80e5c8891c2e1007efeb77c158ced8d6c002b04442ed35c40a2187a59c02339c05762942208e3be964736a431017f472dfd5fdaf8fb8c645cdb684f9632057b9eb755253b4b75e3688":"ca974942ae0f4955ca0736218e4e356145c1ef42135b1142b55ccb3fc5caeec630eb50e69b5a6f97c11d4b604189b27496623bb0365ae69f4150e201e72bad8e7b883185588d0a31c44273bae87194b1610114a83ec47ba68a02e29891de43204977fcd0d551778335fc77fcfdf3fd63e9e5e0c02930a0321ffb093c521cd0ed":128:"2f11a01cb0ef8dcefad9233bec44d6f0":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ec566324ad9d4cd015821e2cd4ed4d3d507bdb3c65bd50acc85f690ef06740fa":"348d35768d7192415cbb92c5625f10edd79f24c56d4b821aaf80d7dc83e901ede6be94d1efe11a3acd16ac00aea8d0d4875c47522332fed11cdf0816b26978de431c89d2fe6d122b2d4980f1d53a97edc15e490a44e73cba9394ca4bbb871675c729c39de80d6678c71b1bd220e4647bfd20a7ddbefe2b7eec7276b87c92ba77":"95c8a544c4b94e9fbfd76e66f40bb975":"fa6f38f8e562a54bb2281dc9a7cbe0b981292fb00dc0053185550a300661852179d0f2beb4e7759b81316fbfead5c858e6fce73f3cd2c2462925dbb199a4e6c121d051b1b5ebf60e16d1e30f6973b19cf31830da30588fdfff6115a4a1f6d977a72583379a56055724581be5232b0d1b0ae88bab5d4a031b058bc8d03078dcd5":"8b4da79f3ae1ea35a80af2f52fc640055e6a3b92617ddfa79fe5d8a49f28ddf36a82a17ca0b3cdf1726700f7ffc09ae5b412d064fd52a90a76bacc74a0b89e38dc474e880a2b768ffa91fef34c47759a7b8fd7faa32a4fcb258349495e4438c7b2055a8f462729fa4e7223aa9b47087695e3aabf43afb32e272d536b257b748a":120:"b1faec277697add8f756391dd9c7f4":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dd6aa4ff63efad53772e07e0fa7d6eda5e73be167620fd7c9f3997cf46cd25a9":"592b3a6f09841483770b767bed73498c286896d2ad3d8bd91f83f92f489b1e83b0456a54e067a79e1bf59eefc1d3bd35cecfba940811d06a06e9b8f774bfeff557bd7e3f0864cb6bd3f867efbe3f040d2384ae8e1a0e20ed38caa668159d3e33c4669478d00963a1152305aa2037a5e06cac52d84021234a7f5d46ab060bd03a":"6386e03bcb6ac98140ee0706b54c8492":"0ccdaa4f54cfea1026a4d26338b1e6d50a70b00c46147fe906c95f0a2fb5d92456ca3aa28a257c079eceb852b819e46646997df87b873bc567f69a2fae471df03b0e5b94511189eaeedd238a991b326963c46d53080f420ec9fd1a74145a0b155cbcc0b5e47fa69450c7eb447080e34868d640f923923b91a9e13a05c73550ca":"c1be540448f1e3f432a10b3cc1a913cc4046595f5a57bf57c9d856cdf381832e914088d3388199018ff26327e3001678ab363da9457ba2084f5aa81320f1a0343491e0b44424018765861c5db917ce14e91a77f7e805d7a97a17a288ee66567c5c01ee61dc46a9aa8b281438ed377b792e9539e311676f81c567339cf92b8e1e":120:"ce7e361713630ecaff81866c20fce6":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ad3990cd57ce4e95342cdca4f07d7e35d575eb19f224a7c821b1f5a8c54d4bc3":"732809c29b5eeda974039b122b875aec2823e082ef637294658cc54f9bca88eb7eea87a366234f89919975d0e7dd2f8ea83198d5a6e349149a016a4b177ba43df2f3ca28e27b8566591d225ac25dfd9ea431cf1fb3ea530d65dac93aad47764a6aef8ec6903b6d145ea9a2663034d2a320690b92afd8032084b754be97604382":"fd4ed75d861da2cc14fd1054976c8566":"ab44689839fdf47e887b70fc1b0422dbbe5c1b50f4e704f9a435967ba8b70cf1e144a025d37292f628f9f7dd9d05557b65340090503201e8cf2cea2d6a73ea4850bd0931b90fd4a4306ba84b8aec99fed47ca1b16daee6c95c97e4ba0dd1fb130cd13f5ef77c5af96f61fa05305a3aca3775e927f72f08fc34bc994e69abaad8":"f48721b08101b35cde1c4ce08a8ba0049185b9dd48b66ab9971fd67dee24f89b456e9ca19ac8a9b5b3b088cbd53898a8c2ac1129752fb7fc55a0c3e2e7266ff40f7a9d63ebc4ab65f47422fc17cbe07fcfda582fd1b8f50e840ae89837e84add8be17d4cac3d2be26bef4aa8438daec9d2b139e442f99c32f2789378c8029ad9":120:"da6da2af0fc14b591a86359b552e20":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"30823396ac90db573b6587676564d09fa680906bd6eaa6b8597e2e7549c9d848":"c55be5a0b8559e02de4667ba5656f7e46f5627af13fd34d327f6fbfc4f3a9273036fce2fb21232f8e2ed115b39b0ecb9a119c8fc17070bbe4e34d3544d7117ffda5e1ef05e063b5a8fceb23158d7824d6a1eb4d90a1d0360c6bd78fb24fdd4cfa35924beb4e090891d06f53fc52cdcaa6b8bba6772d549eb95b64ebf3756ae45":"496ac734afadcd54f1a4372ceb5645fc":"2d582131f7071e80cde1b11106b7d79bb208743de759d40b897efdab018f4eff1f91d2fe67e27af25a13f201bbe4446f20ac6b942ff7b32cf10ad1cea36945b67ac08b114fc616175a87437ee05f3a8b6566e9edfbc1beec0ed8696b5d5c41a25ac43bf3ce2920dd262233ab3405d46f523894dcbfb6c90b6e911ceb93bb7fa6":"c9da3df66111dcbabf731c6891eb698ac3283780f526e81383e201244efe4eca7a1c84a3bfa9ba5616afb15c1f1af0f3af2e071df6c1d34a343c3e3440f1a3e1b6620243d9e7d9a4dbda5981c3e876fd07f392d44bf3e0a4edbd884462ec2f71d36bde4a1b5792629da09a1fb01bfdbd532fbac71887a05a7077fc119a4638d4":112:"cec973a27c42e31b779a6a91aa34":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"815f2b2f0b1621aa198eef2761380f10ac9872a5adbdf6286bdf3386e56aae4e":"d16930c570414bb620e0eaa2e9b5d96e4424127e16461aaa5885c616a02ae974fb2890e73bade9ffa5066eb88a46ac7fcf258d55733d315951b1b71c5e3c13d78d60344ce921966297a0f6361cfeab03b346a7fa4f83a7a0eaf37576fa33a496102446f9f31b06ed91b51672c879cb18d4e38fa86e156d5b1dbff27925922470":"0843984bbaa565ca24f148e57a7d9c57":"1514b99c0ad3493c36fe1216d1a887a69ea0340101aebb03f60d7ed26893119e81e8b8c3f0bb4af5e10a3bf4edcf257473be9dcebb44a9d912f04d97a556ecf020c0bed7ccef2bfd5580f1fc74b706fea45f8c63d8de6f8deccc47a02dc86d3f0624e52f6f1dcd09de8000f2d98a4cc0896da6a564b92263673adf390ed909fa":"7506175acd64224b39f890e498ee5013bb46fc571dc2b125ed5891b8ce8bcf42342f015fd2df5f4b9cc220aab52386bf2247d4163951e86467633f96c28bdda166d778855a7f60465dd2983232c9e53d5f89432407807b0402a10f155f80055c339451a106ac54438ae4a945e60d5320eab0adad9a1e66d59b9d3cc53887811d":112:"28d9d780052b36dbe80a25d41d5b":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d1325ecedb8fc0fe449de558fbc11ddebef660e47aabb84edfe69837a6a9066c":"f9a4f7029feae5cf5bdb8385d6ad7d7da6a243c5026818e5a794c6cffb8dad3227964501c5a049b5a94a7ea2e24434e086800094118444c5a971bbe575324fb6b51c5939f81e78bb11d85d324742b462ce8d13584b3882617d0c94776f328a554f9d532b6515ade9fbbd2de1c12ab53671b7f7edaa7e20223f4c371c1f229568":"8aff702c40a8c974cf24bf3c645169a5":"9ec2e851dee3834d4843aafa740f3aac4cfb1e4d3a7e3e77349113f5200768c3e9dc37481d6292ebeebd2372db02ef8ac7180830c7187995c815d1d1520c3e2f8cf2a94993b18c828b53485073c8a845066772615b26d7a3d7d3e7d81ad1725797153f7ba5e313bdec582c5482adf76b31c871cd42a313018f40d7e23f1a7f33":"3a93663aab93c6cd236cba4db2c03942d9ebc669633936370c2834357e76f6555c34d40dfaab1e78a105da9092acdba8be89e2dbf72e89518d55e09eb2fa1ea7da505484ad4531dba3eb853d1ae1a477355ea9448067b0adbc782d64ec342c7cb781d9dd8dc2b14dc1c9ab5542b679782b8bb9b45ff6a4e36c513df169c8eddc":112:"7e682b0ddbe6c55091838616c352":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b92242268e598ddcf3a5a0de26d74356693c4dbca354e44be401f3d6804ea1e":"72dc75bc4c8f5bbbd9c639fbdb34afbb84706404c9e67eaee1959aa4b51eac0db4f975cb3ed8d8ca27f72f61c8562ec953a7b8745826121a7016e60e877dcdb046f236af3826c1ddf5b929c5bd9a92b0d5c23cf8983bf2459ced6595882b3dd0cd25da7eba981bba122623dae22dbdce05cf4e5d82d2cc54eb4f68e9e8eff02b":"3c292bbcc16c94b0a263f4d22f328915":"167dfab08aac8350574693b31210138f6b99cfb61ba7ade2e2abffe2255837a913c9afe332e8fc4b2463310df46492e7d982dcb70fdda2a8b03911e6be9a5c5621d0ae8ecd1cb390910b6702aad33394c25d1160b86687e25bb6cdc4811e3158bb85ba75548329dacc19287d9c004a0473029b77ca290fc47c1f96d9583bcd67":"c2dd42ab9bf3fda78032f73cbf7d28dd8e32c582a3b7ee79795551f133234d62ea6571a466b8e1af0b3d354b71a6582c9c8013d5f8a2c34eb3e848360adac1d5005cede58eae7784f32a31c40eec5a3f03cc1e7263d8515b36225b3515ebcf8dca2a77172c797d347ed3921ca0bc73e8ae56347134a6a2a06ae084f1ebb7b0fe":104:"02fb002d8e4a1d11bb0f0b64d7":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c5c50059a61692a8f1ffae1c616158c67d276dcd4a029ce197ed48567e5ff889":"ab7e13923e66d0f600accd2462af74192c3de6c718a27052ef7c1302239c7fb2413df7c662657ca18228575ed138bc54f31663df548618e98d64402feab529d5bf6a678431c714df1fe24ea80017f455a8312bb5b710df8dd3571970404a806ec493dcb1f3f1ac980663f0b9c9823e0d0304ed90689f70d4a24da7d8504c5b0b":"920d82c6b97a7bea121f64f83b75dc65":"a9bd57db2bbe83177287e5f614dab977071abfe0b538067f7d0c5acd59bfba95dfb725b8e1af4573ff10ce135148a3bab044552348378d5ff0c4f8be1aef7ed60bb9a374a6c7b8097d7c1804fdf078f212e63e9f11d7404ad0d1a9cb28d5ba199aec3a6c41b9e523b541ad38cea763159836ede6371357ab1aeaedaaf4481c29":"8f7e87e3ff4f7ccd1cedc1df125199cfb588339119a5ea5f9bdb918f89ca35f9dc16c6465fb25ea250eaaa8e7f00aca2199f92a2c244642bd15cbc9b62caa58115ef01d0b4a9e02527e035744b20892f79b07aa47b6c6db1332f82434764c43124b27148f2f611766781df8e4cc0b5ba99b858c13c233646dcb2b8749a194f08":104:"65da88676d2ab3f9c6d590eb80":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4c7cc3588436ad9e877de72578d30026d32746817ca7a8fb7df9870650aa48d8":"00c2845fc495b89f870bce714f8604a7e7a96ede92c4b9bdcf044c9a176f66a28761089c083d5e2d613c746711238477c0efdf475e18af99e88cf76d04d4e40495ea16c462801443cd7f69c5d36ac9f337e828c308f1d1938b1fac732274459827cf9806c1661a247167948a93eb6e998a4cea76bb825baa27e4180e52633bb3":"5e82285a3b332c693e427f9410564489":"9971b8e234fc3e1e9644545e383eb065e1866e2faa6513278d3972add5ec0e71b1558329fe1ee038a27919e43bfdac8cf08141ab540528f74f9d5bc8c400bb6ee7867e4dbc2aa081d9126ac374dc62b10004d0e233dc93376b93c0da415e7d3e09851f2084a99feeb25939e21893056870cefe7cdfaf49f728a91ea0eef605af":"ab7bac4ddede796576e1fc265c3c598055827be74dc7ed8ef172d00a648da56727767d68fcbe6c44e7272dc8cb15f03a26dc439178849b0e9ad6c7410dd4cca3f9ef40ec7c280042bbc199155c7341e88d35e5e8d0b42856e618c6c30e43d49506ccc3518585c951a3898409315e8b3b4d0adccdb561ddcf1b9d3b2cf3de9750":104:"2474c830c6ebe9c6dcb393a32d":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9d73aec506e022c0692892f6dbc3b4d41e86b97fb377c1956ee27b9c9ab3b32a":"f02bf60f10ed876a803a96e75f3fe17b4e355246135a0cd5497baad2a40a523c27e27bf848f0cb5d0c6428d08bec9590b17fca5e697990d2a6f7d21080ab614f378a07461e7a6207229e0a087e285841ef2f119cac7d8a2d3abbb1e7272a0d7dd493c8c4f797e160c36e086227ceae4923658365b2d3a3fbea11aa2fab3499cb":"bbacc081a6107364dcdac83abceddbfb":"77e1da090e4d3a892baf1afbc12a56201a4362d8f09cda5e9bdb23411e6908915301d66403acb3524898c1c51d6970a71878accd0048cb6cfbd4bf941c174ee05eca2c4a29f1c24e936d3a63cb6cfa710617af1bbb41d755b2f79e135db914a7dd00c590cf741078eb72c3ab559787213202dcc0a4734bdd612b917e372f0e61":"d78fa4024b8d073899ac09b8151c29b10a37793b76f04921bdc7dd3d2ef530a831e53cf6a7ddeec0e033ceeabb525bf5ef57bf9b3661ffb57d3bd4024252fa11dd569102c787c2d8489a1ad1290dca2e8edf82fbe6b5f83bcc0e888045b895e20c8556ee80430cc8640fc070491d2bb81a1209428938cd8e7a27e0e858029421":96:"2235d00a47d57cfbd383b69d":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"73198dfd92d26283637e451af6e26ff56e3b7d355ed7ab8b2059c1022e0ea904":"2471b3c4cc1d6884d333d1c998c7c441808ca884cb88173a225569e1689ef39e266e9ad381926adeafc2daccbdd3c9457ea1bdc3bb05168ef1eead1504d1d44dde34f96e1a7f2a5d3fb33cf5292d52fa9412800419570db0eb24fb74d55de202f5df74073c5a2eb9eb726393996eaeb32072bebb00593de41b97ecbab2554186":"e36403ce1acc63bf50b47387250ef533":"cad023cfb73d08e5b082c3061f3a6502a1c1d53038cfb19074d0ec26c9b272db93094147ef0ab2bdce440a2b3233bb0429add47601f011df679698264c0f81444aba14576a1a565e5c169f967c7571bfb32a2a4d7fcae897863d78964c5b1a040cc845494c0ad8ff4353317b28ca3798e6252d5015b58e99354ce6dfbe8b7a95":"32afd6d6fdab2019ce40771b5298aaadf753d1c4cb221f01e4dfc8b1968f898188fa4d448d8364510a7e68c7393168efb4b4ead1db1c254c5cea568a84a997a76dbc925a6c19a9092002629f1d9c52737005232e5c7620b95ed64741598a65a9ec95f2c97b6b78bd85380811c11386074b1e1e63b9a7e99d1cb2807bfaa17f0e":96:"e22deb1276a73e05feb1c6a0":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1dcbd278480434135fb838ffcdc8e7716e95ea99a1cc36d544096dff9e9aeba0":"da3b8c9e4aa8443535b321c3e9bde3c6742cd9f228c971257430b27293ebeb635917d6cba976c81934c3077902911169e8c6197b2d56a046b7ff03b482c38172accac98aacc90076370df28bc8a2044c393c7541b7b69b0fb852746dcf3140ace4e76861975814d2b5966f7714fb6cfe3e4299d79182fc63a345067a0aa54d8b":"b737bcdee4ef83aa83f124cf7208a671":"49a544aae76b04e62211428a2cc3719e4451f3dbf9a23b6ac824fc472e95e38386d267415c1472a8b0707b0573b9eb2a39a5d5a13464947cc3a7a7dd3b7196f11e87ab5233944f7cea3f4d62b088febf8b82a44d4ca6148be1ba24905432b7ac2bb4ebaf22d3bce97ac2bd34158b6011fbac77ee1fa96ca0c9c9e0207044fbbd":"061b491b73f9250798a0fb1fdcd72a70eddc9cb48c1f10119387d45c50d5fbb8b85592a7977487e45342fddeb8d481eef3b99463972f66acb38fe04953c223c5f3e02611c8f33cb9ad7466860895fae585d40bc78ec14d1cf17b4c5b75e4d8c6341f1eaf80da4a78aaaa30d3bc8bff15f234aacbee4067a947e42275b12e0bdb":96:"b897da3061c77aab5eb54622":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2e00467f18536ea6b4d582b2480ebee883e4f56bd91af3ad7a47ceea3ece9acc":"d5334398318ade59e6bda5cfce8e11b25c9ccefa2f651eb16f66c03d84dcc900dc7c85e6d2b778b155ae4591af0698df7f3b8b9f64d4442ecc82035f7d8e71a5f61c515a963f2fba077f3cb8276e91b31b3f8aa193988a16a86ccaec4a688ad68b5146925ec21d55ded407709d34d140f37e1f87d955619453c3704e83918088":"aa6716e6b7107876a3321d807a810e11":"5606a0b77cc9020955c7efda33b7080e9c0e9fd374c4201b4324b3e6523b0407171141e8246d01292a34dc69331f7177d6b7238e16e0303e85741f9cea5698e42fc79217d9e141474068d6c192713c04b1ba3573e93480f69e4cbf72090d46d62d5b52e4a7613af8fcf0010d0024ea11c19cb04571c6d7045a1157cf81df18d1":"249119ace4e292ffdfebb433d5b57fa1518af3389eb832146c3adc2dc62fcc9121d7f6461a53ee107ce7edf362b365d8bc18e50cf9c328cb7c7aa7b4e8bfa07c34dc81c38fe0982bbc3b543485ea4b0ce5a76c988cdfcd241911cd66f5a5f9e0c97332bb0f3926117c0437470717c63957aeba1c55d96b1ff0f4d6045f908cd4":64:"70e986fced03ae67":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a18240f6135e7b6eac071546ee58bb52394bc34ad4e91ee678b72e4514fddcf7":"02f288eea5588e7a011f4d91eca232af70f60ae3d9302cae5a8a58798c1b4e973e3b1d07695934ae871201682554ef6a5b94976c6a1aa73d354f1d65e3f025bb2a3f1e93009e822a87590dbfd1965904223049c5ac0da8596955199ff767b92df10d1f9c05c40bd8204846c719c5594000cabd87342f0447e4e466c3788723f8":"149da8186ca73941582532ede16edf3d":"4d46e1e87322ca84d5bb92d58670f644083db06bdffd99fab0055a62b64a30b5a5673a108f0b9f114d379d3fe63a1f63407881c5b5cb03142109c158af42a00eb24d3b1873edd2284a94a06b79d672bc8f13358f324af2622e9aa0da2b11e33567927e81aea24f3605168e602b532fa2cf9bde5f8cc0b51329e0930cf22e3752":"36cddac99e2673588ba783d3c085b9935626687a2dbac9ad10deb4867c577d6f80453266b2400afd773e4edeb743c32562e85f7f8f43dfd87b10a2dd79eddf6e580aeb4cea92ac21cf49ca97398cc23c02b0ca59257643fb2bc6462b9cf04658352d53c2ee50d87cc5ca2ecb722d950f0daecfa0b7c33aaa2c91dd8b093916cb":64:"73cbe40df3927e80":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b64bded6c658090a85b5d889679c6a00579498aa82be1e3a628a1cd001e52a6":"182cd59dc1934199d2d2a2712157438c347e286f66b5a2b8b5149aa41ff7ba82adc3751be379741124dfcf05c531416a64f25f0d28abb6f7bf98c80762f0fa363da679437621dcf61bce43ef4d63178779d1a3ebffb82044d427ef522cbd2643cf1f5617a0f23103cd2a164a59f182b151f47b303c4eb7387ee5cb97cabdf985":"99aa6f359534da409a18540d82fb3026":"f55fd6255d8a188ce9a4a2727699ce16c8bc5c6adba88d94106038b74deb79c9d43bfaa47375148d843a5ce248d70193c8017196941b2d9e2dfd4375a3390c19d2f833b0b265dab30f26adee07ab0aeeb930dc3a9fbcf719a707fac724deb28dee2a6788b17fa3505290c2797c6dbf930b41eca1f6d54d75b820e62ec7023e93":"5a1211218174e60690334856483a3066e2e8d996fe8ab86d0f8fef09aba9ef0acff9d3e1e5cc27efb5464bc23bea9c778fc74206ae3a16e5fdbf99694ab7096f23c4b395d7a7b8d6675e56b5505ff62f52bf183bcc4433298296e41662d6519d9c1f0a5fb3140376c8890547eae72afe75c338ba97fad9f0184dd311bbdaf3cc":64:"8dbdc0746074b486":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"cadef353122cec1fdbc236c0ab195fc4d732655cef444c00b6cba5c61e01c614":"a3d5e55fa3110a268cf1414a483adab6d58ec8762a6e6be81269c0369e8840333503bc3688c7be001cdb84d163fa1dfb05f3b01ffff31151f1af780c796822e3d564f785964a546bcc2a320d81a2bc61058652a8594ae9b9b0917400e08d4a99fa161376ac53cba54c92889fd3497e233aff4e12cd85d57375c7c89e92cdf5f5":"d765b5954e5b486885dc78ce6801516e":"ba0405745971eaec5d337fd22e0ad287551e7084f1c9c38231d675719e3980356e183a99a3c760ecf7a8ede5e0dac8d2bc13e135570ff6e91a854ea3b457263b0e77896fdf7bdf0b53c8276cfd1ea3e8e22450ff2665eacd24e5fb2be89373349fc9e2967763d43cbd7adc9a376b1b4ab956ddf8b1a56d9385fb7e861bc34df7":"9b99f984ae26f9cad5b3c8058757a0a5caef0fb86b8ecef0c1bca6b99bc72b0d5345a00ae75e37d4e651008bb733105d2172edaaf5bda4ad950a49de55a514e882a470dca7c7bbfddde40d38fef4e1f3864fd7e212bbc0383d0bc29ab2303c8935d49c35d7d73df2fba0daeb5f37f9ab0d541766da71b33da1018a3f287ba312":32:"c374cd77":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0cfc42773fe2d16a59da52234af5015271332344448c214a2b4a0bb53b07a0a0":"dfbf9eaa46c368b28ef50227db97f29b5d9ed599760bb83f5d52f92ef5522815d6952ebb0d9b4efe8844216d37510746caf8c775d2c862bad8d67effe109a0cbcdd14ba8e31fa420a475e55ac6b02908346ad1b064d5b6b869503e08d057ae65e9dc2a2a26345917b18d1b715a2372e8e114a071eced0c29cc9966d7205ae010":"45afb3ba2db9287f06cf48405764a955":"16d3ad553cc0fde3f32112bdb478450c65c854927b198914649a2820a9e3d01131b693765d40bd2bb74a50eb4cd7bc8dd8dbac9c6a61acaf5e4cf81570814b30a6a11877a8f9c5df342f70008cbf0576bd27a50bfaf6e22a40bd77435da16b666a06d172aa981bdcae0d25b8ab002c6c1994a356d3c3b7e4dd7b99892b0784f6":"e29db2c4bccef2dda828ce652791d424a86cd5790e6ece67bc029ba9520bd8f35a214a73d8b86564df0eccdb60eafee4170da2694eb563e5a854b25d7ba0a4c53465fdc15c6e267be2e54263f97aa3edbe2358f3d9b8d28997388a57aa427a239a74534393593196253de1c2946b7a437a00480ecb2eb08dbe55ca2b3641c36f":32:"39e01fa0":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#1] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2a840df4be22c70786c873058d2a6e16dd9895cbfb55b9c9e98f958cfe62e65d":"313eddc53f3986927a261f498283b6dc4a39d26f98c7428127237d79a11c5e626e2e9cdb68f72aa3168ab23dfa2f5e03bc65a68d781f23fb9e295909cd9f0f3e5648cf82f3f6b3b509b0a333cb7d9f2b6e444c351a318f8f200a921ccb409def21b87bc55ec211a76a518350e6ee21d7379edd004b3bfd1ce9086b9c66d80ec1":"ebf155f7cf55e6aabdc1171c95c45293":"8abb8843de1766cfb8d6474496acda2f7a14e78a5e4c787ac89e6bc06cfd42173c35b3a75ddff644f4a58aa7502fedada38a7156457365b4c3c07bc12a8f9061331139b9a2b8d840829b876beb84f27d5a64093c270fe6c310ca3afe987bbc5ec4dc06358d5bf77c7b4e4fe4078c6d3ec28e9a281318da88949c478094c0065b":"769869a55754eb5d6d42e22a2b5271b38533fc0c79642e250347d34566eeca732e0565f80672054bd10cbd3067730dbc567039c730d8bc32a2bdaad09885651533a4f03174d4e6510547c1e1dd51be6070ab0ca0cceeaccf64a46d0ef87c0311bd09973f3b588a4dfb39c85086ea5d67dc531c287b83c161dcb25e07b671343f":32:"c364c089":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"461566cac74f9220df97c1ab2f8bb74189a634bc752f7f04526923d30506949c":"":"546d821e437371061cf3207f3d866c15":"":"":128:"44193072791c435d6e8ea7756a0bd7bf":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7736dbb38f1fe351a7fa101d91da62124c22ac02ee06b9413f56691067572f73":"":"5f01779e5e4471cd95a591f08445eb5b":"":"":128:"1a1f08c8f40b93e7b5a63008dff54777":0 AES-GCM NIST Validation (AES-256,128,0,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"eedcae924105c86190032650e2d66cf6927dd314de96a339db48e2081d19ad4a":"":"a39d400ee763a22d2a97c1983a8a06a6":"":"":128:"3b4294d34352743c4b48c40794047bea":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"714df4b69dc00067c4ab550f37ff72358b0a905dea2c01f00be28cec130313c2":"":"c46d63d6fead2cee03bd033fbc2e6478":"":"":120:"2a0271b0666889d2d0b34e82bf17d8":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"454021ece9a87a9543a1626820d39edd1eff3dca38a287d8fb68bd315a7a2677":"":"51de54b633a7c9f3b7b2c1e4b47d26a4":"":"":120:"114708102a434e3a30088b5944c272":0 AES-GCM NIST Validation (AES-256,128,0,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d7e90b539c99e8c2187ed72823258c1149890a69a9c0081ff8c66e1cdea9f2f6":"":"6dba3273560f30f118a2e0251f7b7d76":"":"":120:"5f45e00181cd2d7feb4723e0cdca24":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2948233eec9bf8adf7250b20d62df9219d30e314c5932383203805ff9f3dc5cf":"":"d6b8e723272e26922b78756d66e03432":"":"":112:"14c9a9a217a33d4c0b8e627641fe":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c73fb5e732ebc1dc7c91ac25de0d01d427de12baf05ff251c04d3290d77c34d1":"":"c31220835b11d61920ae2c91e335907e":"":"":112:"9eb18097d3e6b6b7d5e161ae4e96":0 AES-GCM NIST Validation (AES-256,128,0,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a46aff2121825814c603b258f71d47bd9c9d3db4c6fe0f900e0e99d36c8f8d66":"":"7cb5550a20d958490739be8a5c72440f":"":"":112:"8c76eebda0f1fd57f05a62c5f93d":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"61a612c76de551f794a146962d913f60fbd4431365b711217aaa4beaa115f726":"":"2d25462c90ad9a21073729e5efc99957":"":"":104:"e4d3b277dc9a107c0392ca1e5b":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4b233480239fabd2035a7c9207a8e1ab2da45a90a472b30848fe4b4757c628db":"":"50d45096afd0571e171e1ab1ffb3720f":"":"":104:"5393bc06b8c5ecef1264fd6084":0 AES-GCM NIST Validation (AES-256,128,0,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dc051ac63e6b051594158399291ed101a3efbb1701b98819c4835a4863734371":"":"1f304d4d7f84ab560366215649b0a064":"":"":104:"1081dda9e0a793916dc82f7848":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"75f76df772af8e3019a4c1588a7d59925f80ce0d5647030f29548374e7bcc9e8":"":"d407264e09fbc853b131c8a9f808f1de":"":"":96:"d515522db52bb872a4d3f9d1":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"608d7592c094322b31d4583a430986bdf6aa639cc4b4a0b3903e588b45c38d38":"":"6a631952e4990ae6bdd51052eb407168":"":"":96:"eb8851cfdd4fc841173c4985":0 AES-GCM NIST Validation (AES-256,128,0,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"86a90631e5341e67dfa55e68b07522507b437fbab7f3e2e26cfc6e89ef9d2410":"":"67763ee1890e4bb430ac3c0dbc2af997":"":"":96:"c6d11901b53cf6b13ac03cc5":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b8d12783ba2548b499ea56e77491d2794057e05fd7af7da597241d91d832b33a":"":"0365436099fe57b4c027c7e58182e0b9":"":"":64:"41fc42d8c9999d8c":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"eb17c1bbcd356070ca58fc3899bb3751eea5b9f3663c8e51d32c1fc3060b7ac2":"":"aca76b23575d4ec1a52a3d7214a4da2f":"":"":64:"fbcfd13a2126b2af":0 AES-GCM NIST Validation (AES-256,128,0,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"916aea7c3283aadb60908ec747bcf82364c1827ec29bedcbadacbb9b935221c1":"":"e4aefe6f81872729ff5a3acf164922aa":"":"":64:"2035a7ce818b1eb4":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"47b4b7feb91582a2f6121d12fd465967352e58d9f3d1bf27478da39514510055":"":"137bc31639a8a5d6b3c410151078c662":"":"":32:"822955ba":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8955cddce65978bd64ef5228308317a1ba6a9fbb5a80cf5905f3aed03058b797":"":"1370e72b56d97b9b9531ec02e2a5a937":"":"":32:"b2f779e8":0 AES-GCM NIST Validation (AES-256,128,0,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"7795d631f7e988bf53020d2b4607c04d1fab338a58b09484fe6659c500fd846b":"":"f3f5cc7c1ec0b7b113442269e478ed81":"":"":32:"e4e6dfcc":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f9aab5d2ea01b9dc35c728ae24e07c54e6d1452e49d9644776f65878199bc5e4":"":"96ec2252e51ebfb731b680729be73297":"983a102a67359f4eecac465b0d65908a487c98c593be89494a39b721728edc991726e1fba49607eed1f8ba75ae9ab82a1a95b65ebdf48d7ee3c4a2b56832f21a483d48c8400dea71537f4c459d1cfcf9d2cc97b32eb7c5146cbf44d7e5ac779e9be0ae758eafff2138d4c5370b8cb62d70ebb713dfd2fd7772fa250590609844":"":128:"766b6dcf491a5836ef90f47ac6ab91ec":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d713b33af57762f933d6abfecbac7fb0dc1e545dd7c01638b0e1510af719769a":"":"5da52833b6fc73c0e4b1403e1c3c10a2":"374dd4ebdfe74450abe26d9e53556092abe36f47bbb574e8184b4e0f64d16d99eaf0666fa3d9b0723c868cf6f77e641c47ac60f0ee13dd0c1046ef202e652b652f4b5de611989223b0acf1ead9b3537bba17ccf865a4a0fda1a20b00e3c828b9726bbd0b0e92fa8ed970eed50c885e6d69604278375af7b9ae47fbce4fed7d03":"":128:"6151956162348eb397e2b1077b61ee25":0 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"77a1e4ddfbe77a0ca3513fc654e7c41609cb974a306234add2fc77770a4a9e16":"":"30d6ec88433a6bdd7786dc4d3693bde8":"69beef4dbdcdf4e8eeb9bf8ae6caff8433949afc2ffef777e2b71a99fde974797dfed2254b959430ecc48db72cee16c7ef41fa4165ce4a0636ad4e40875d193a3c6c56a6bca5a55bce3a057a2d3ac223eba76e30e7415f00e6a7643fda9a1bf4d4b96ce597ffe30c3f780dd767cb5681bb7a3fd11668380e272bdd70e66f18b6":"":128:"d4a3c91e02a94fd183cb0c9de241c7d1":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"303930b8ba50f65a50c33eccd879990d5d87b569e46f1a59db54371fcbda7fd6":"":"2b2b28d8a5c94b6f7ee50e130268a078":"c2ff20441d96bae4d2d760dcbae636ca7e01d263c28db5faed201bdb39bcacc82ebdc943968aa0accd920d258709c270df65d46d3f09910d2ea701c018ec9a68af7fb3d76a9b360de266b2ac05e95c538417fec59cec1f07d47c03511751978baebd2e0e4f7483f7351b5e61c2a60138c97b751f6a8c8323970f6be05357aeb2":"":120:"b597491dfe599eaa414b71c54063ed":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1e3b94f5883239c45ed4df6930c453c9ffd70b1c6cee845bbcfe6f29a762713b":"":"61155f27c629dcb6cf49b192b0b505d6":"5b7482e9b638cb23dba327cc08309bdb40d38100a407c36091457971bad3ab263efa8f36d8d04fdc4dea38369efe7ae5e8b9c190dad2688bda857e48dfd400748a359cfe1b2a3f3d5be7ae0f64a3f44738a7c7cf840a2e6b90ec43f8c9322c60dd91e4f27fa12197fab7ed092990879e964ce014f6be2a1ef70bfefe880a75d5":"":120:"7003f04d6b6d9dc794be27b9c5d5e5":0 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9080effb27994ef831689da10600e7a219db93d690647457702c217b08057eb3":"":"f45514696ff5ee1e6e5797f7bcff05c0":"5251f800f7c7106c008c0122971f0070d6325b7343a82fc35f3853d25c878215e7a929bf63cc8996f0ffb817174a351b71d691f23021f58777f962fd1d45ff849e4612e3304ae3303ace7b8ca1a43f54e662071c183a1695873f5567397587283433d1e76cec1103ee76f8e0472814424b8981caea1f624131fb7353afcd2cd2":"":120:"cfb6d9bccf0378fabae08fd230edc1":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8c291f0ad78908377039f59591d0e305bdc915a3e5bfb0b4364e1af9946339c0":"":"a9830d5663418add5f3c0b1140967b06":"e43c04e1f7304c1d83235120e24429af8dc29dc94399474d06047fd09d61ddc682684776c81ef08d97f06db6e4cfb02daea728ec6ac637e1ecfdb5d48f0440d8d8ffee43146f58a396e5151701b0d61d5f713b2816d3f56d6ee19f038ccc36493d9ad1809a49aa5798e181679d82cba22b0b4e064f56af5ec05c012b132bda87":"":112:"275480889efe55c4b9a08cef720b":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"96c77c11a3336a41b61ffdc1724a80735bbe91dd4c741fdbcc36e21c53335852":"":"655502d70119326405d8cc0a2c7a572c":"c01034fc6b7708128fbf4d6ffa4b4b280a1493b9e1dd07079f509479b365f55ae9290689f1c4bdfa439344e3abb17f3fd3d5e2f8b317517747714a82f0a9ace04938591d3ade6d6095491a440322d347e8634008cc4fd8add7c1c4764afdb2b098b3f5604e449e8049a46b6192647d19cf88fa5ed1abab7f313b4285560cba44":"":112:"b4d581464c4bb23433699c418ddc":0 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"e2a3957393669278f052ff2df4e658e17f2fe32811e32b3f62a31a3938930764":"":"a6f5a1f1f1ac77a1cb010d2dd4325cbe":"ce9c268429ca9c35c958ca3e81935ec60166aea0be15975baf69103251efafd54cbcc0bed76a8b44a5b947199cd3c2dee6878dd14a5a491a4a3d45788405d0129354e59c047b5367f1158bcf4e066a276951d2586bafc3c11f8a982ca7c3ba4677a938498bd51171552ea032fe1bd85cfeaeb87e87168f7a28e979b08358f841":"":112:"cd5986df8e9761d52cb578e96b1b":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2b17652f7f04073afe9d9eb8b2615c7550968b9776b139fcc4f9b0300912cbdb":"":"9a8ac23ea74b292b7386138666a0fb60":"2732107241e6136f1dd28d233373079d75d6ac13828ae7afc751b6f9c57e77268c52ae91f4ab3016af2764597994573cd6b41f72e21b60ffbb3aafc9487ac19d0ffe8db2ae2c7505ae5963b032d1ee1bffb4c5bd88bb0c9a350ba26ee3eb8dc0a157955333e4f28c5ec7349c39229dff9f440da72909f2870aea873a76545ee8":"":104:"f7b94229439088142619a1a6bc":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"16fe502e20d6473ed9a27569b63a768ecd428738904cf0b337df510775804619":"":"431a8d78b91414737e7c6188328a6d37":"934bcacbac10ea4ff6ee94b17bd7379b88489fbf123bf496c78c9b6b02ee97dd62eedd05b8f44f4912764920129e711701628991a0009ebc7017a1a19b177ec9bc3b0f280eeefadfa310708dfe214428a184147b4523e66f2d62630d4a12fd3e366d27c3b7d1566553c9b434ed193db083160da1f241de190bcbd36f435e30f4":"":104:"1dd3e6d610f359cc4e98d36244":0 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ccc545fd330cf17e27d75582db28807ec972b897f812d6ed4726d2a18daac76a":"":"caf2f56584a59c42a51fdbfe4ad78f3c":"e85ae6b27778893f36f130694af0b40f62a05aa386b30fc415e292761cab36fdc39bf5687a513e25ed149414f059e706d8a719b7165044fcbd48c773eae546380b8e667b56824e23685173ad9015a9449bc1cd0b767981efe09da43a07bf1aeee08ba05d387b8a00199e18c874fb3a91f77ba448c3bff971593f94747fce9cbd":"":104:"5cf5c7ca6fbfee63854f3bcd15":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8340d604770c778ee83d0fdd5703b1fb304c3bffeb6f4c65e2dd0e12c19bddcc":"":"c0a580465b1b2e8344f795a6578a5151":"799f228962ef87865dfcfa0addde7366de2e4aa78029dbc8d57d7e50fa7c74343458df3465103556a3bfc5ce217fbbb5b2835c9f76b70240b40fd605bcfa6b790d5985a8ba54354e0625263c628e8746c451504fc58a179f90f77f2b293d8dbf5582b031082025c806e60143da9ebb6133ac8367376d0572b32569ee799540ae":"":96:"318f56bd0f3832d043ef700a":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"74de45262fe09e12c9ee7100030352112a6532d1874cc6792b4da6950677eb2a":"":"9f7fc7367f9afdb67fd1afffac058e2a":"289ac6f5beecbbcbde5cb3b0fdf4a27ba237fca33719f774ed33a5fd35d7e49f76d3e88c53fd35561655c35469f3eefb5b2f776ff2799aab346522d3f003154e53f4ef075f016aaa500c76870e6659a5f9af197c9a8f5b9e0416ed894e868463cc4386a7442bb0c089a9ab84981313c01fec4fc0ba35829b3cf49c6447f56a4b":"":96:"bc1b8b94ff478d9e197551cd":0 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"441ec8afce630805d0ce98b200e59f5656a5ce19e5ef58241e6ef16cac7646b9":"":"a1cbeffaf55708c375dcfeb496b21f4e":"5a6ba5d3f5a7a4b317c6c716564c648f0e6bc6b0f9a4c27affca6d5af04b7b13d989b7a2cb42ce8eedd710be70c04c0e40977ca1c2f536aa70677038e737064fb0e23d3dd48bc00ebdd7f988f57141e164e3c18db81e9565a62e28c73770666ff3bfd725eebd98946fed02f31d500b0b7ab4dafeb14e8cc85731a87f50d95fae":"":96:"aa4bb3d555dabaaeb4d81fcd":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"d643111c973ffb7f56bfbf394eedac54be2c556963b181cf661ba144f7893a62":"":"4575b00b9af2195a0cc75855d396e4e8":"b2c53efe59c84c651979bcc1bc76b0bbf5e52b5c3115849abdbc469a063e2b1699bd292e5fcb3476e849c9edbe6ea14c2ab948ed7d21a21f69406621d3d412b043eaf813be722d92739a33a361ed8081c0eb00400c3c7d4e329f5ba4f7b75d534500f42f178048cf2e95b768ffed79c350f2ff72cb355abdb30af0a1363c0b4a":"":64:"9d1d182630d7aeee":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"91301ee0ca694ae6971ee705f53c7ec467f4c88257d6466f6f8159a8970384b9":"":"345fb57e88124a414828730a85f57871":"c13623824a204385f352388098f5e2db23426f00a73c60c1bf1047ce2c7cdf7f7cc8475781fe7075d1226ad18871e12f0156f35e6ce7032efe3bade1c807f9eedc720fff7a27a2f4690f904be9c99b54a65509eab60e97c4283596eeefa2b2517e95de7620382e3f780efa1dbf5d3908373adfe784a4faf298681e171bade4b3":"":64:"325d08c5b96068c1":0 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b6ba5c11daed7f868da9bfd7754d555a147a1ffd98c940c1cd5d136680e05c10":"":"b0c92b79d78547496d770678e1ce1552":"5b1ac8ff687f6fd2429dc90a8913f5826d143a16a372cca787845cea86d9b4778708bc0aa538f98e1031850f7c1d97fb64fe29adce6e1d51ca7f5203fc0358fe0bc54347e777dddfe04e3d7a66a1d1e2bdb8b8929e2100daf073845db5dc0b243819754c4c08f4fc3631d1cbd79ac7604746d677ff035930fcd6bd652e7864db":"":64:"b1819b6f2d788616":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"5fcae1759209e784dae5a8278b267c414a03ce7c803df1db7815b2910d10ce19":"":"24c5c349b3effebfd076c88a591b8301":"ca2778e39fffce7fbe8f912e69d55931848dd5ab0d1bd32e7b94af453251a47f5408ebacd7b50ddd1103fab1c72acc0a02f404c5661d8450746d781e2c0861b6974ade9ee2515da88b470f16d5f06007f35ce97cfc17fd015e438af39ca6127db240babe9c42ed5717715f14e72f0ef6ff4ce512de95a179e60d6393e73f216a":"":32:"8e59f30b":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8d71a70fd58125b0da8dddf8d23ddbe0bc44743753bdf259448d58aae54775a6":"":"d15b02572dec98398ba9e68e1a463738":"81313be1eda9f27e01b30877ca90e825f55ef60b15548c45c786c44b024e7198f333be7ddd2c3f593a9b77b68e6a7ac4cfc015aeec66f4823d9be7152f02a533f375554309a4db0fea8e76255144458e488fd19106d9a9614e828ae306fe82af89e7981369b2259c49bae77f8ec2b1f169ef0449ad083d11907234b72ed2e464":"":32:"99df1b8d":0 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b52398c7c75e1b146cc9998eb203159925cf6fc0b1c993ba46528e2f8e8087f0":"":"afc9a60ab8448b77fb05e8410d0a26e8":"770b3782f0e3a19d7d6bb98fa3eb0b916928a2970701c0f4a372a0ecd63499444ae02fd269ddb7d92e11a9e11d0e0b8bc60096a4be79a1e063174b710c5d739d8d05ab5c8ba119ff40843cf8c5dc4e1bd6fcad8389de3b606284c902422108d85eb3589524776641b175946c9ade1465e0d1064c5ae073be90e3261878a9af98":"":32:"32d6b756":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"6793869513ac886ed66e5897bcfa263877d8465fc762b1ed929ba3d08615fdd5":"cda45e29f487f21b820e1af2c8e6d34a8bdf3f72d564a4625a6e06f9bae1c2eac3bbd5c5958fd75cf389a1a31391211745029dcd4cb2575f40ab04710a909b88c2d430cdee279f54cf7c0ff6638d1e0e631f526ee198cfd6e5cdf73d1a11b69de01d640f385fd829616cd2c0e78f09b5f64012e42dee9eb0245b72aba1404e0c":"a43de15dae25c606da1e7a4152f0df71":"":"385834c853772af70675b6be2d5087df84f88b6a303ea594a170e6dd0398ae270fcec61661ca373f4653d8dcc9e71767568c0fb03023b163bdc9ae8a08ea858cbb03b8182b4674147cb35ffda14a2f50ed9eb48d5351f00eb2fa433fdfed6f94833bcf656a7e350eb978a0aaf7a91674145f28f64693197a116b21328e273dca":128:"159ffdb05615941e11f0db46ac8f23de":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9f77c141b234907b38fb45f1b3602f3c29de1ed839bb7ba51f6192aa8baaa287":"96dcb74a78e99676a71673e3c9f94c34b34dad2748a6e42cc70ea50e41ef8b86b5992295d2cbc8d621fefce09e8948de7e696b9788377d598796afd002a82b628d9890db78359e1edc075cbc0d3f11d544bfdf5c8a838390cb856735942dff260189c00accfabf720e5fef1d9b7131a6b2b769f67374602d1a7ed9b899b2c398":"1b49005788148665cef20d8dcde41889":"":"b4ca59caaa94749317789b92257f2ef1dd3d9b1f4ee9540927a6ae7bf5bb0b348fcf25ba8ddda79a89d3174ac1713421291910c8926cfbb4ec1e59be7dd50e816ff586f165c605371ee6077ba4ac0ce10499f9a2a44866ce6319fce22652226164cc0a813c3147c4461dd0410e3701d4647d5a003090082e367cb9249cf1be47":128:"8048ae0c35a656fcaa2f4c1b6be250e2":0 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2419fd9dbe58655122ac1022956a023446b7f4756163769fc1b99eaf8fba1474":"93bc33dc647c7321152b12303f38937bd191ab3ce3b3a43a29f6853b33e415667d97192fcab2d1baa017042b301d03bae2f657505cc58e3aa4bd849d1ce85ede0e192a373a3894c41c54edbae29a209e16c87c81445d43968595297b50b55659f8b92d7282a2b3ca85e4b5d4ac4ff5062635103f2c7806fcc7378d5c2013be72":"94ef13dbfe9f362da35209f6d62b38a4":"":"3db23c161cf352ba267dab6a55f611eb5fff78a75288779a167cd0e4db6e75d21f11f4ff2928abcb1b46d82c2a0b1f647c60da61f9a72565f629b06a7b3fe96e4141a6886436859f610724bbe43fb99fac9b78b1e0138e2d57ce5fcfac1599bdba5701cb424535fad9ac482ab381eadca074e7376101b4b436f9c43ed760a0a6":128:"ecd4a7370096dc781c3eb3f7e5985ef1":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"08e11a8b4b24e63060c5002713725bb5b4a412f1d76eac13989738ce94e19642":"d5598f4e37274f3b617aa4f9cf6b8547b4eb1e0eac79f6eedd6cd5364f8891f66b8d0cb09f54777d461bbf92d6fd74b3fac412b77f2c48e1024cf09b83c1e71bb86f0a20f82d296883ffee62a4a192b184bc6d7ba0448c1519310c83b18c00e71153137afad14f096b43d454f205ba6b6c2ec162aa992cebf50735dd9bb37c7c":"c6f1e6a39cabda1089048b536e39cf67":"":"1fdaf0156456b6b2a68d66091bf2260792748acf3e7bbb7906af8e0df3b569a7c03ee3a48bdfdff7ccd52433d0bbe8c5fe30d93633bb9d591dfad7d81bf8efd4d4a3c5c0bf2ac9832f0a8687f16be640fcf9b19169c251f46b97167d95115acdee3d4443df416275f5597a52c17a4b8c4b723d4b35a7fd0b380fdebd44df8bd5":120:"cb9f4d4610c67acfe612af5508bb8c":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"da2dae0107c284ec2aaf6e7306959df1e92d3932b88954f119ab677c6b9dcdb5":"277675044caf1713109d4d3abf50c6fb67dc67f7fa584fb1a41c833feead03177cf4b42edac139807ede16eb1d9bed27db741f9542d437781405608de18418c9f7269ab3fd88f6a922a31eab5a3b8b2aa75ee4315fcea80c4954ea6613b1360b1c7c6b6da815e3f6e50f72b7e69c3b6cb3d154855e3f83cbd1947eb54018155a":"2005f79d55b12e6dfbab7fedecc50e2d":"":"c2aaab524d1738b5244af642bbd16b32ba954e69ae51acc804a6b0f89f6cb77ba2db2b0e109cda6036786f9cec5587b01e306ee8b3d588748c61ad7fce1266165729d0153ee189746b107ce15ced667279a484294725e120dc1803d2c751784436ab8ff1d5a537628ee35742d1917dc51f8cb46c2d6b983bdec502e99b85e5b5":120:"52b4d7f2cc44f0725ee903551f681d":0 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"637807b3e472e2287b09d5a3ee62f791a416419ba35e11c49b24dbadc209f0ba":"e91a0a7320329dabb0d0fd7f099a4d313724aeeebcffe6fcea5b00af27d258cf9774845d29aaf5dad634c6f087c3311b1c92775fda8df8820c91186da30dc79747be6ec6230f2c261063143f4fc89d94c7efc145e68bfdbd58fb14e856578ed57ee5b3cba2cc67dd6497f05d1570efa496b46f5bcbf82ff9c6a414f76fcf3f5c":"46909d8dba6c82b86c7a2aca3c9e71e0":"":"13b4ad9c51063a7f697f3fc68030144aee0aeef0b5a52c9d4920a7185b0452159cf13e64ca216ff16637d0946a75fb5da283fcd263dd7ef2c8f14cf75537742d1f0e48846fcdbf03bc343203f7c31cf61b36374033462a7b813f4dbe9386e57874591fde606fbc150d4916c339f1950b09b1911b1b9119c3ff4053e05910ffb2":120:"6a5c83f807401d1a9a3a2688289f61":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"33613dc6e029df0f3ab9ca66fa96cdeaa84c1261dd586723b1ce873545565f7a":"775862b39c2a509afd3470a56891fbb79bdb7dacfdb9ac72ba4730cb936d364e1aed3c92c01a018cfcd7953f751003934c15bdfdf2826e9947ea8e521f55fd2a04c75156e4910f38932c9732eb3e60423e849d34c55e3fd00b48d83028e3b4f35686016126ff16c942ec859d3c3aa2ee6d322a92dc9fa9b0247423416f5a4b47":"59484fbc27cdbd917bb55f815f9faab6":"":"069f80826dbee03e6a3437e7c6d16eb6022bd14827b8e45bd440d9b1a8ddae09999388ba0b1be0a6bafdb96f26dad523a3592fa610d5091f68380f4c1c3fa9ef7a0796ab183e8a82c2bf1f76300f98ce983eab7a93ddb18f1c10534fdb61ace83cae37e225930ab870a46285e733788e907255ca391945d409d2e53dd8a28390":112:"9f31f8f8459eb03dc3654caba5c2":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"75d8132f70ef3f2d8946d296c83014683eb2a4a58b555c0f48e4bfa5774d6672":"a5be88fd43dc761838f3a9c7d62923c38414fa61b3678313cbc8fa9c2e5effb6cad7d5be5f39a71a28ff327b68a69f7e6a6bcb90eccacaf3a8659aeb905dd3e38efe57f2bd0d19daacae238baa01a7051084da6598fc5a3783a18decefc8efc8d46c7b1887f87d6d70c909df49340bcc680832faac3dd23cab5bcd80553dd485":"5ff41f3e75c25cedda1b08a41b89c4b4":"":"959396b86913337f2b1fb19767b787c18f00661c5d601bc65e884e15ac8043081459e889453e906ee267cb5d04fbaf250144a56c820eca34469967c73daf50796184ecf74f3c054bfa63bdd0c32425a8e10546ac342bb8e38a186e42a403cb80110aefd5f2d0bcdd353daa4430b8e7ec2134925c454745e2f708cd0b90d9d672":112:"ca0889a0eb12995079cf9ba77019":0 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"8d44344d2ff9a02b1c75785bc84f16e4d23614bf43b2b9a87798b418e905c532":"e5689cef9f8258a748a615070fcbf40ed0b24c077e2f9a362cb536737ffbc5383bcafed278d4c5e0f3c83fdd5cde79483c2c178f6fef05ab50f2b8db680027a175bc6d702d249efcd6cbc425b736f1905307c9303a4bd8aca620b57e3bb4b68f2a515259b06cf5365b675edff3457e2e915d7da1e0802f7300b3d56c4644f4ad":"256a983cd6d6eb4e80b5c1d1cd2a9f21":"":"13eeadbecc4c9991e2aa0b1ca819572ef28517528320db970739a16994f82cd8b5bb53d889f298f65c63dcc07089dbf7e9d00612d2cc8220b5630ca0262a698836d906256896eea446f6de4506e558b4f20950528c8c397b6b5b04890204b77a163e46c80c96b3e268fd2754e0380e7330782d606c771d6085b34200a80335f0":112:"b33ab1e4029998e2566583dd550d":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3999a6a394943be3d6e5732af5faf26caf483a3fd42c13b7f4f02132e93a990d":"8907e8832553264d7e92afa1595842ac661ddfec3f4294567faa0af61b3d0fdf76a922a2f3affb36b3b3b97f18d5172aec0b8f6f01239bb750c0fdd5da1e1244473cdfade83797037ca46d83123e6105c5c54071971f190da0c59821b0bf87242502bd19d19c7f463145bab0e687a18ffb2216c4a2ad2caf9488801c33c78c03":"76e2a5141d094b3a77765ba328f33576":"":"995189a396486b451db0167cf6990557287074def46eef872e6cfe1a297e256bdff2b71668ff0184eedf00ff1a3ec91358874718f0af88acf2bdb191e97332dc544d940412363840d4c03c7b2231852393c62d625093011ef314e4f755b1d0ee37690b4dfb55194a1465714cc3cbcdf93af39e666be0407508b8764f7ee95d3c":104:"87c8f61f459fd4a09d9ee8b331":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4359a62d54c43770c3a0d51da25cc32fd985d9b41c282887299d2e348aa25a36":"f020c9cafba399009bd920c3ffc165d4db47a9ee15ca8c1f51c65e306ccccd3f1d694071a3c765b5255eba6ef6a280f6095f8c195ebdfbee6968b57366e62e16d05b1768825ab7fe66300941270aa121b4fc02ab970ca6e32170cdbccb46fc548620fa1777049343b1600bfb1bdecec6682f0aa7244a0852adbc7aacedfba446":"5fefa85c958417b6bc8a61b5496fea93":"":"3b8f829aa1cc1532a434bfbbd25f42480311657215946b9216846704fd5da5e886ca9d130df466c3b58f5259102ea6b9ad756e9f484a38dd0ed289fea083ab99fefbc2747100071744f10e362351d4ffac6c7c1f5a49ef3c78e2dc667f6b3bfd0fec454c4e3139443da71e514540d7a228db193a4c35d639ec13c1198ee7f81e":104:"591db861b9060869edb228a324":0 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"0d798a357de5a686d06c329e451d7384bfbd462063fb8ea7d77a13dfa1f2aac2":"d920785bd7d7b1a2c9c20139380a6ac5f27a11b614ae110da14203146c2615d81e97649e95edb0eda71a0fa1589244ed42fd9449962a92942e38001ac64b212c7e06c113129712a01556577ae02325a26eb92581c0a690a894225e83ff1e36776f22b600508d6d96a0d1c55316b518df8d09769df5e8340cbeabaa0bf7752870":"50a003c0cb50ae8a3183cd640ea4c6f6":"":"9af6a5341cde4b7e1b88346ec481024b40ad95a51533cdd8e09e4809a20684f18eaf243e1df56f02ace9667264cc1c6af6b0914f154b332234f6468cc471ecb2078a9f81c17f4ade83d326b670795458d110e4c4b4cd7fe7f9f5f4d4fb23a038969e4ff4f74839b1edc270fc81fcdc8a0b15b9c2f0561567c471b783b4322ebf":104:"6c2f01264f9dbf29962122daff":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"29b01b6d15f6e68fc2e7079429dde5363888a6410191d603941bed272daef7ed":"123b6da306978f745d1dd86d7df32d9421523a7f329dd29ad98d2c309145844010295ef443a18d37ffe093080682fb96ba9c2c92105d35d77897b589e2abc7269aba8752c2a48c843bebad2c0fa281015ba85f5f709f6aee9b1d49236d5695f7f7d01554b193c89adcd1a91749138952cb3f0ec8b5f046328b3113aaa0715ef4":"cb4ac8373bcbf1b14cf2a6a6a16a422a":"":"caf71e09395d596d5a7b091c9e87ba6d522e974451e41f33f3e7ded554f24daa9da719e87793424eca9a3eb3972983354041091ba4b16c5c8c14913e1f6cbda09779188e9b5512917a0adf4b4344f119736ba6328897726a317989cddc66f16bab64707564bb0064fe6ab7b2b5cce143e94d4b6d739f58c47b6d4850697f8101":96:"f635ff3d8bfbfb49694e05ec":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f96d8cdcc21884e050f762c049930d78360b56cef5b99ae232c9a8c6e8fa89f7":"9cf05e5065531d2539d92ae76a43da1fa3614ffa4b1c73ddc2358f8d71345c01260060239edf629efc3650e0d13174af4294b6da0f39cc7fbecfa324afff89dd7d203416bd144c5e03df60a287fd4a8d54ef9b4b44b3d6de1d9de07418b8a34ec5c28cec3c5b2fb861583178a68ea0af89f2dfbfbd86f7cf1e572e1c8d4b0675":"5a7eb964b6bc9e75450b721b4d1f8f92":"":"566abaa23b8d464d6f107699453740e9e189254145c5132fe46989a6654de297398913daacb4083b29f7b31832079616e9a43c9c2878df1df451e49f1e629c8b9de2fb0e4ae9df48e3e8880f3f1ff5ace8842d2695e702dd1b7bfa7c25b0539b8c80d31ac91856796beced082c213e8be56efd646dae932f5bf503af46f491d8":96:"c049cce29c401d3d198773b6":0 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"253234c3dc9cb3d50a80598c5cde0e37b6b13bf834f3595a9458dee698a6d19b":"686ad2740bdad507ebe97aa5bdbef25b8b030c4cdcaccb0d3b675ca91279db3ea75aa222c0ae98f86c24b10038cbb4fe9f897e1145b2f58cd3e9120f9a5620f38aa1e1f63906f557ff4a4c3223f5bb13dca34f8a1c6419e24ea57d114c62fec6fb9eee58a16b9e6a6bd930aa6fedcfc591311250e7167d43cca5916d5beead27":"9d156414acb63d11cb34870b937c837d":"":"96abd56d2f8aefe6c687f035df46c3f952a9933b8a51698e47d973b7d47c65ca3ba2474cb419c84a4c3cefb49e78cee1443a8fbbdaaecf73e9059ef34ac5a0df3fc152ecde2286da8840ad4617fd6ebc1e126314204bdc0a17b958430eb9f727498ff1db17aabbdaf43acca0945342d2ba9346da5373b2372b3081605e895c99":96:"3d998e5be9df433da001a686":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1054d48d52693d2797c80d3f10509d1c808f36a4d65e8fd968e5d56239f856bc":"a708e9d2d27ed4228e5b23d358561a77d684d855db9827be2bc102f2278f1961d3f056fb76f76204b2c96b916eb5e407f98e58edfed06de2388521832d97211d851d3e29658df738e3a15593b9db016d9e46fe9df98ce972d59f7058d484886ffaec7b9fd973c55644831241c1ce85bb478e83ccefd26b9718bfe910ac311ecc":"87611b936873b63abeaea990d6637a22":"":"94473e84659bc18eddcebe3112f55426f48ca4d670291fdedd42cc15a7415aa6795fb75b39434884eb266677e1fa7f530c6f3aaa733c0d9c06291bd7dff4c4e5857b2ee9e9f1f61a85571ad32dc9a3259017abe9eb5111e56df2913535669f3b2d722bd35fcdbd6541918885d9677cccaa902b9d3599cd4f0df1f35f4d11b8cf":64:"9bd7cfe1023448ac":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"a95dc5127b9cb1c82d558d5b24ae049e24447fd676a49350089951afe01dc797":"45f81fa4780a256c40a0efec9547310406904d8991bcf964aa35ec9af457e2a642c1343827839f1f4b42f2b226da351731f416a4b4151f07927c278b371404f027bb2058e1765b367f5433a43fa4153883351041db3f066ef284a3eabd584d1d0b1d594b4ce7b5bca1708fbc661d95a9ac0d77dc29547f022eedc582fc7158c3":"0b177d01993ec726fff082ec88c64a31":"":"16c77b7f541d2dc4e8d31da23e04f18f4254aa283e8cee5b776f3d9a27584f459d0747955efff8945f807209ddaa6421846647d4198534b244498fe13a9073d372171d1b2fc38af66204f3de04000c093ebe659173b8d78dcfb8ca9003d2cd44ed168e6aaf55a06f29e83ceb32b98bafb59f109599f88b5c0f0557bd2b28f03f":64:"19eb5f808d65989d":0 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"53d6393dd7ecc40f2d52460ecdb0607133ad843ef53f380cd3a2755bfa567abe":"72199c54dd5efb28c104e3b7210855506f6577d15c4eccdaa6a621a572e15f5845d648cf71b9fafef3411f6c1a664c7974fe71126a5cbab907e2caa342d8d7a05bc68a72c824896ec40e520e90b704dea441d22c5918f98803a88293384f64f92f11650c2cf4d3b062d30e14d149160742f59a473faf8fe00f4bdab9128c3281":"db7e93da21f0c9840c54c56e9c6ceba3":"":"5e83f559fa54926b731334f815783914530bbcc472d4bbd5e65908fb1c421442cb4c57329f2e4ba3d146a6499f34d8f1ec6d43e0cf98bdba923f404b914700edb235b08b0330097ea4162fd0baa1b7177ef0b29d5a6689bc56b8f975d6b6067ade4b8baf1d47a2eeb5b2ed28ebeded381d55d280cb2fb65ce4d82b69cce0594d":64:"4e65dde857a0f5c7":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aa4a53c7764a254b06e1d8003810300b70f5729306effba9fb6210f97648a499":"19f3a8c298478d6868bf3b31785eb62e844c37200672e6ef1ecc05c616d981e02c333dbc3f86dbb7ab9ba40e9e57e133e6d1d595fcc6d8e9886a84517212669d5d7ce0f1383cb58681b92dc180c06caa1a7ac1ec974dcd7f2bca7ad2ab2789c9a3a487d64c484319bffa56d854a6d40c62b02d0c7898f641f106ff50d22a12e7":"c32288f97af9b6e31aa7e40d9ef8d016":"":"1fa6aec7a28767c8961363dc4264e6ab97014264f6fe1dda7e9db8646ce9a5463f69e91aad2fce696f9b641d75635bfb0f97ed2d7beaca944cf8bd9dbfffe77b5ae9fd032575e5333c7ce27538c609922843de87b960ebca7c2a2ef9702dd0c32f787b4d7df248fdf526d594a90bad0d6a8dffe212246c36db71e2d348326624":32:"1699444e":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f420b6ef96d9bfe46dcf18246ee230790a6fc854e730f1dd2d1ffd0e8b5c4776":"658a954d6c61d0d6f0e81a3c1cc65684483fdc95f280b6d4c964358596c25ca41c389932d74a1a3a17d041e89b7110ea315fadb3128c2c469c350bf9b4723aa9c8abd9065ebbd12c317bfb7090f09633f8c1184f0c4fbe10f5486dbfb847536c886f7d144ed07272a7e62fb523a04111e5ea9e1ab415fd17e72143006db14e9e":"4982f502a37eea8bcf316ced466c9fb1":"":"8630aa78aabe35d9360a44bb2094209b6f70d46d71e3949803cf54e33dafd54c6e49eda9e26dc5c0c1e34908f5281c8cb2a1aeee81186cf45d3eb22f486320c7ee0fb7bf3c211b232a8426e7e82f3e05881bf7d9454cddec7f28e5358cd0e9ea2e9cff938be044c1b21911d50b2ae23ab1aef377511ea657adcb560c34209f8b":32:"3aa91b73":0 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"50f3b822dfc70382d8695811e6b0a2896ea2bcd4d5268778cd484053c8a19288":"15bfb3a562ced63c92561a78374af40c88a08ce02392419e03d7543365c5b6525951ef2dec5927474a0ef85f519e5ef795881db3eafa765ec38e6be7b565a878c13d90c02889dc50cbe87081d9225a515504c7be15bf97f5d72a4d81f218a148a46fbd42983ab002fce0a54719bfe301bb761753cb330dc25be517b87d0428d9":"980810c11abd3aff43408ec9a69abcb3":"":"12632296f27eb2439009f6032a3f648370303dcebaac311b684de2496f399b271347b19e045c1060802f3f742b6c780d20b9d589cc082d7d0d580dfb7231171cfb612227fcdee7feae4f8defd34c89fb0d68570e782192a7bdd9a5464f35dc6a4282cf9cc3fdfac988d129eddf8e0795ccc24a113f872ada88834c974df8bc69":32:"32c1c4c5":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"29072ab5bad2c1425ca8dd0ae56f27e93f8d26b320b08f77b8bd3fa9d03edc6c":"3c7afc5cfc5a1e141587e93fef8427d4f21d892b983b7c9b6e9de3ee168837a1533847c8a2e2ab0706ac1474e9aa54ab57e7860bca9ebb83bd6d3ae26ca5387abdb9a60c4a9928484742a91294b13ab8f51eb4f599a30e9cb1894aca32a62a4c2793ee6793df473f43234c9eafb44d585a7d92a50aebef80c73c86ef67f5b5a4":"0201edf80475d2f969a90848f639528c":"4c8ff3edeaa68e47bbc8724b37822216d42e2669ca127da14b7b488fde31a49c7d357fb9aecc1991b3c6f63a4ce43959a22de70545e6aee8674d812ecaaef93ad03b5d4c99bdef6d52f21fc7fdbeb1c5629a76df59620aaefda81a8e73cebe4c646beffd7f4a98a5283cc7bc5e78b2a70f43e0cab0b7772e03a5f048ec75081a":"f3755aae6813e4e4b84a089ca1496564676655ba3c94e59c5f682adbbfed21e76aed0db78390258cf5fbf15f06c6b6468414cb6493c8b9b953b4954ecaf07ecaf8586ae001710d4069da6d21810bcdcbb831f7041cdbb984b7c55878598a6658883178dcc0fa03394519b8b9c3bed0e5c073429f5dd071a9184b015cbbbc62e1":128:"0549dd9f2a123bd6d58e5cd16c0624a1":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aa9999af53720d0c1288fd3fe307a471160635287eebf41dd77c82d1f9cc9d61":"6ce6f2dc202750219e15a24e1ff0678ffdde55b27cdcab6da188bd5235a3bdc677f72f106579d02c2970d4542e4e2372886e1a6d74c596ce735f51f2ee6aff4d62bd24112ec7cd1adc7c660561f163170cdf047c241c53b8a5b2e03fde48c249a319bb90c2693c468c9dd136e94e05f067cd1d68244ce50be318ae0464b79acd":"6299d651a032bdf3a7e6b25ace660e30":"afab0a3d1960ac973ee2f4461dacd10d189412b37e572cad7888bb4d2453f1eefbd6725aadd5f982393dfa59c3cf1ee342dd91e1fbfab10a802e3a0eda226fde2686e7db1015405a3d33c921e5aa857bfda53ca3aed3ff0e18c289406740a7c5d9f86ce43db40c9032e98ab126c7c0364e2efc008312b7641d36503d183fa5a5":"a8059fe6ff711616afb591b5e5de497b3b7813f9de658c7b47cc3e7b07d0805c1ba05856d98341869b8394f3b5df2876ae19837edb3931eebeb0f26eb6c4a2ea78003d82a98111305208ccaceaf77e5d71996cca4f9a5eb712dd916b71455f741ec2dde51f56828667b7a2da015e1886fba71e496a542d94a38efbcb5353fb89":128:"2ff4d8d00400ad63a6ae7842eefb16eb":0 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"31721e5e3a748a7f7369f3dffc1cbb570ceac868ef9d1f29b944b7e86a26d273":"6afc1d22233a60c3e6851447de89152a0dbadcd87e35fc947ca4bc886f1f87549ea106b097e2655136833d06dfb879a85732298860c149c5e5ff03bb2a95d9cd3deeb8ffdf951ea5f97e32c1ed75271d2ea58d158ae6d568bf197d69130977e330ebfef33f222bfd5b56bc6b0382dc99c4f0e42b0aa7a117b43f96d43f6e02dd":"523247d56cc67c752b20eab7a28f85fe":"11eb41aeae3611f0de77bfa1221ef5b7d254faf893dbdaead926a61605f8a86f20f1fb84e0c5acd195143bc5a4f297bf729129f898a2013175b3db7004115a6120134d8e354afe36699a6c6618d739c805b5b91739df67de7667729f1d6eae1a0609897999d474be4d8b826df901c6f39d522570d38d2d1aa828382932a177b1":"39e7f32bb3e8436d97a1d86a22750768001fe3a805516d3f800352323afd221991105d12da69ce7430402fa7923958ad5ed85506b968c4dd89516d6e3d02e722db3954ce098ec3299ef4f2ed4a89f383408dceca9dabc6f8eefe5a1f80093961c29a94b222d1a04d2c1e453d2e02977f3dd77a4659e2bde2fdbba8e2829db4f1":128:"506883db674fa0417e0832efc040227c":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"100bd2bf9c8b24cc2e8d57697cd131c846b55ad6ff0b214c0de14104b465b58b":"81c3370da989f774c1962f60c57299747481bea0e6b91df846e6ef93cada977bc742ee33ce085ae33eb9f7393a0943b647205a7e1ffb2a6a803a1ce7a88902456d66612362962b97c7152b57f1d54de94a39f07c1a8098da4ea5e498d426b7036c642fbeebefda50b8c421a7a33b1a8499dc35011d80a51d34285824d6f01722":"363e8af6f38307ec126e466e7056cc45":"471f7e9a0b505b12996747ec9e32731f11911ee95d70795bbd1bba34cf782d4100ce30a85b23f9f817f30e8f314e1a23e101201c920ce12ce732cc3fe01c74a9ee8d3e1599aa22f2398c3265d4dbda626a8ff4262889009e087fbef6babe33d7300e5cfc4c0056f3562a913d2594fee8e44959cf728599a9d3e7ee4a9ecd6694":"9494d01966ac887b8295bde61f0e7d006ea7b5c984a29cf5d849194f35d7b0f6ddb3bbd9646d7b9b961c515179901d2b04cb7cf7b6c8736d1d472ae8bb9a6dc9194b03b3f5373551a5ae0c0f023967669c873f0acfb02c0ae3a384e70f7a7ca05861f257f36a2ad5fbb591473dfc3ae1264dca0e889e0ddbf93dadf75db2059b":120:"5c78d914cac78c514e275a244d0ea4":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"614dd1762deb5c726eadf0e6587f9f38fa63d16bca1926955404f1b9f83e241a":"1ae828a1693d3c24651ab8ba59fb1185d08e6cc4a964f30dac59cd81ff4bdfce8023ab1b6dffb594a4250d25f611763efb4152cd35b937ca11373d237f1f8b3c0e21b942beb1f4ffe5014198c9ff59896ddfbb55e69963e3ef6b03d3fa134977870cd6f3ac10bbf59bdcc9f103cc2d58f294ef5f007a9f903c7bada08cb454e6":"10d079a86894b0c17bfcc8ffc4ecf7bc":"c4035f80b6d2ea288afd4ddaec1eb232b78be5a86583fa85f791d546102c97ace9716c2702483d762c8e4eda12f3dd10a9a49a2d72cd4694fa794477b54b4367be6b548675aee4c351e3f66c7e113aecfbcc57b8bbab4a039f28488237c75313e62612847b915ef9b582e146b2bfabbfce576a984f5ce4be0e6bff5480584fc3":"bf5fb0445aab46aba504801d5356455f28c98f300670a731bdd0c901a1d5564aa31f5d467e5f80dadbfeca61d2bf72b570f3935ba04c45a2ff7994bac6cabf84db2a42cd5db2a4f160c97c76817cc5cb62d4006d895fcdb218c1464b5caaadbd1f61779938e9a84440615eae050cd6f1713cfbd695d78818b2af78157339e9d9":120:"6d815ee12813875ce74e3aed3c7b73":0 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"12e97fafff7d397ea34efc0a8528afcd51c1b2ccda680ae9049edc8359b78ec0":"9fbf0141cd50bd1b3ccaf137b808b698570642ab20c32120901622b34173d7ad119abca3c61bbf1e6dd5cb182a079f3e01b0e5263d984c6186f01792125dd6c47c30033008ca2e0377f990285094f652c55a348242dfaa59f76989fcf86033c8d9c0b2a526bf46cca207e055e1dbc7cf3d0b7a840c8fb5f85784c9e4563f71de":"8eb11abfe350c0d5a6b02477b44867e9":"0a830029d450e20aaef484d4abee9dadeabbd6feaf800b3a693b4746db059efb7d110405b45e45a9e5acf90957c154674dfb2c1cd787af371e01bafc4e8475d0268b969d25756a1121a519afa61f3d6ecded4e0640f0ddd471f5b8e82029fd2887df4e65af9580390b6924022e39acfede7530e5f0e54f0285ba565ff49af542":"067cd6ff8461ac80217ef70a91dcf6edb2fbdd31856815cf356fffa63ba3f5cb293d7f1ed32ae40248693617f27839a34e871fdde635c04d1e66743f730a06e2be25cafe1d67d804879fe38e009268ec50a0294da445c795742ff1e924170e4c2e0e9ef3bdc26c251f5537218d295d93d57baccc4dee6185c235d7ec5c9926a6":120:"931f44f10993c836e534a59c1aeb98":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c732da000262de558bd3ea65e66e20e11605170c90b67708bda43f40abed74fe":"7d6c981c30ef87a46f53aecb4c97124fb94b45057635d5bf1d4f3a3bdb534e9ab62b4a425de9dc52537575ed9ff406cfbf75403d3d9cdbd9fcd520d62065f81483427fa27964642cc1a07822da0f6234a689eb30e8425d7709abfd18666c76c963eecef20503ee77c96802c120abea1428cc64a08fc20860527854fecc571a6c":"523dd34ea263c31c2215053986626d02":"f170556ac5d38f0661bae33e0826356c8488218903eba1bfa49b16882537ef78283fd9351f37f44a7687049a608c3ddcc82817d4ba96a40d05807a38ee3f2d5cb8b1121db61318fe22bfd3afb319e84c4e2f94570a92433db29bd2193485449c719a2c6030696f53ac729df90678eb018783b25740d806d1ef6980e10d396595":"3470d4544f7bfa3ac0627a56e66c56fa062188440834b9238bd20e89dfc701fe6cfe0bf4ea2387014bd83c63ab7c912e1c0dce7c2d92eaea155f886b574bc94a8f4f275dffe2d84173a05b99d8029c36dd3c35c12709d33f55c3bcd96e9a815f77a4fe8e50639d8f195a526486f1209d7bf7e86ac3dfc4a1d2cbddb6d330e5db":112:"5924f3ceff0207fc8ba8179a9925":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"2684bccf2b845314a0c4b8b5a780f91aa7ed1177539122dc8717c14bb50e2dff":"1a4174d4e18ae0b6434f35dcd9c86cf158c42ce00ceb12f4356ec118d659820518c326a1b2ab92279d949f74c45219c660cb84fb6b10b14d56a501173fd3b129ac89db0de22874d92bec724e94751f91a817a42a28e8e15672172c0b0db4ead46b14d4bc21ad8f5ba1f9e7e0fcc867700681349b8102a208d76ae4ef7df5b56e":"8433b59b41fe0cdc5b30e4e87c5028ec":"280026eeebf05e26e84955e4a36352d4f97f3193dce0795d526d05645bf5d2eec4b92ee8dce54d78fd3fc3e36bc79d5bf9ee3b2699310a75dbc5007bdacb4dc88d06515995f8f5b1aa90cb8fc036b763a5e819db70c091802fb7f24b9c2a68ff194032fffc4ef798936aabccbb43f22a2bbd7e1ab9d0434d443dac4929b84193":"cc155e04472c0872d5ccf8910d34496f380954da7653a1e1d3c460fbbc791c9b82e35176e938b7e21eb4690ed9fca74ba45a03dac4abc4f625ffdfad02e1acccf18b5a1878f911fb6f6e09ce0d4c6a0bb87226e914879a1b3085c30e8328aa6e0d1c49c21b760b82e469981b40ea102f3998c81dd9799f484ab89b19396ab7e1":112:"5a80008e6da40c71b316b84ae284":0 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"484a33ba0b97c2887a86a1476f274e236eb37a72e05f9e74348248877ea99e98":"4d81cec14b398257a31ad1e3581c00d05e12b37b71260bdd95bc0b6981b614598ffbbb3ec4bb7deb5673a1020139877122f88504c9c53265706fe76623a9b488a3dfdd4cbc1b7b46c7fce9d7378e164964c0a377337a5c172e5e4de6206375164cd7beb0305d7a90f5c73e12f445326e1bc9ac5acd1bd4bcbe4662524891a2e9":"c3a5cc19aef6d64b656d66fad697b829":"30f276f96a50e17b452dcb5e1b4ab666dc7c4c72d0d9ab2abaf77eae2e3bab7dbe5ac005d7eac5480e1bae13646b59155528abdc148b3b71f06d017c4b12d64aa3990cc96941eaac14b60eb347e0be873de2b6fe2b86e2c2fc063b29511b70144ecd315b9491001b122701b9c8cc1d85427b6c60663ccd9d1fa84e1c2f609f36":"579fd8fb50d795b5b208c2d5b0a8b1804f754a30a1003025301655aebcda2d2ff30d29a16d0fb17a28401127750fc87c9e3aa08540817228b049c387253ea2359035b8063ab4bf54504ca5ad93b54b8ac5bd0c1ef3c6769fb1ed239bb76f3e0bc51d356aa91b494d22749c8e4cdb1629e93f7c6e46ff9145916c1275669ae5ba":112:"1c39aac1d5ffe7916a08ab2ce279":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"4a5f5321b515cfcde493148ee4c44c693b1979b3a3ba522a2a80e5d27c93fd1b":"962b8504feb57ae73e93c2e8962c9562f409c908e51f9904df1623eaa0c6b998db6ee8919d805b6ffcc37da51300c1ae16bca21f8f6f63af989a813ae8fe28c3fb012f003dab7e71b08d757799208806062d62b4ac937712409f9fafff3e3579a4d92d4437a6f0b263e1da7e4651e0a521be5f6f49ff5a0778f07bd5d3dac696":"c2cb0166046bad0cf0a107af83921d7a":"e48abfb657ab33f58eeda8c58a20e7e299bc3e7481f704c326529408580f9a5130cf6f7368502d20b03ba6c3b8f6f28c076a3ef7b8e987750dc972be953e712483e6f328da57e4b5c501fa7c720593eb89ff9644fbdc45478f80ee89f096694dcb44a9b3a6aca0904d4aa4e475b4b24771df9fd6ef9557f4f5c842ac241b212f":"11bd55d969603ff3d46355cb19c69557b99825a4c23eeafc8eed8422dab537c0fa9753191c49a6fd9e0d6760ed816a49e7f5704b5936a498544e2bbba7875c513c031f11527ca1b9b579960be6964fba9119dcece8205c174be07ebffada83375678de76fc012b0ee179787b4aa9fb6e2b459575260eb01f23786dc24d1d45ef":104:"36853a029b5163ca76c72d4fec":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"c8f7b7e6295fc8e33740bf2807caeaf4b90817cc3ef3d9f38f704d9f6164e41d":"4c26e489069b487ce9dc0e295d5e89760401185374041b0efca5bbf758e7d010ccbfe5999e2a817776aa8f49c1e5d43bcdade2989fe5be635dab54cb0e390a21b832b30f688857b9e09c346bcc5397e51cf71acbe1bfcaa1ecd7e87fe5dfde180d951922e60dd8203ff210c995eb54bb981f7e931f0b1f52dce0cf1b2eba503f":"903b2eeb9d0b3794acb7439d341cfe0d":"83e99497bfbe9393b065b0b18c13f99b67f1fdd724fd5d70cdccd2b8dd658499cb9f57e1a1fe39634ab0869182de085722a79eaabf057aac7b3f3230f51a2f9b48b49d592f02246dacbe915ff9d9a53f7e5332f7a9d89649050b075c07e5e74f281ca1a0dbe632c0aecf3b1911cd6ec4f8facc2777d0d14784bf5951a1c62c33":"63e2941bf4a13374627be66bdd4e57119149f81f4c1a8a321d27a4a79e7d61e2dcec9d7b13fcccf12f5b059cc209f8414ae81966462a266e92b4b3c25198ee240e0bc6f6197df1e24e8d4379fcae89e6240a7f9c7bab886e79990b846e98e4bacb8b3b17422249943e9973de42da5e38e4eb52830b1facce766b3389a5312476":104:"6e31c5db3146ae45ef5d50485e":0 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"dec062efc1bd2556b87a81143d025abbaa532c586d5ebb065859a2071f8f07e4":"02191bcb060e61827dbddac6c2961dbab8812cdc2ac77bf0275628e8e36bae18ad4deb77b2682ade0aef76afd4592173ba29dae4d0735963c803856eaa6f60a6c21785358e87f3c4a91e321c59e04c150297de873679194ba5ca857f7d91ffc358e73810d555ebd4dbd1fe4fbc4ffa4ff38e4b41db9af0a84fe9828708631469":"19abd0361443c3ac2a46f2606eeb1a69":"c3785e7c0095726fd1f3ca842057b0ea2baf9c3fe1119c2147609158a2039f26cedf8a44e046955ba7e7cad9f48cb49274fc53b109d7897e080af252e7dc64807c276bcf668d2cd505c9ce8e584609d293ebd2a4515bfbaf78c413d6e29dc90974db38b564ffe9a40d3955dba9f19b6f39bf942669cf80e4676d6c10df566ca1":"91a16c7fe029e3fddacf0809dde7d041c438977b89192e6fed7605d0133f3d9e810355d186432f6529bd2c4cb9dadb4fedf5128cb45e25a3a46bf74ed93f31349f64a69dbe86592d76e437947f1c1d7270d1cffe80afe10ae8523541961eacee1838c168a2ab76703ea4674a68a96b8a298a672ffc140e98e452d501fd57f000":104:"5b4071a4be0543aaa59b56de35":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9b7b700d978e33ae9311b206347f488e2832fad5ce7e6026ad5e24fb47104fcb":"37aef6e4200c6abc3d161daaf9dd6ede002ce8c63d9ed54e8ac56bdc8d36906bea663d2857d8d543166ba150827735ec78e37f92e682275e268d377b1880970df232162e55c9311882f889e7d183e5cf4972691c85f81c47e1224b9c97ee3963d75c6a032270ad6d713c999913f0b58a2d4f42b85a3b0b40541a31398cdfb4b0":"d0bbc284af767af9a31b863d66cb6138":"dfb87a65ab2d99d7d753042aa47448ad830e546d298d6ad52b85207bbb0cbe8cf3cdb12b3544f1fc228fdae04a241abf9e71de8ae14f2de2c261469c383c682e13582e07cddb1ed9bff1fd2aa0be7978096a914676dfbe7bec6edd927362f656ce1de86229bc511cfec4cda77a1e761e7ab8664e4df08cb820ebdb604c2cdbb0":"dcd5575d94fffc647d4c081e3ce03928651419a32ada2af02de2f58d68fa98eb1fd5ef671875719a9c65b9ecc69513408a79a0a5d57cabd04f8e651f5b8fc1ff42ce58d8a212ac2bcb83c5c53c542c282553a62b4e3d7d4f049ab13172739a0f46e0a2fd9aec54eb0c84141c6b341783754372df69d39e48cc24eb3d9ddb21a9":96:"4a7ac79db94b27469b92343a":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"ce15e61edd9320ceacbf3984d87c707159caa738e7e76285be00b5a95954b523":"8af4a7d92441ce931815fa4e24d69f66256fec7e62f79a029b684b5db304a46b2a3d3a7ee8d6b7ae38caa7de526d5c0f28dc65a0913a383b7ee1640cbe24997ba95b9b12fa1e9ce9f9100d883c16b6286dce17e381af15113f56197c97fe6b45be00a3df05045f476829d7b303211ac97cf989a18c16e27fbf23570d9d18f04b":"b1269c8495ea1469ff41d8154ae6765e":"0ad26a08a5cc2ec825347d7ffd5aac795eb68aa7e22970d991c863fa6d1fa720137aa5cde4e382625a0038e6ed72da3b5003c1b2a953c2b2138e0cf870cca4afb595c0451aa793fb0a2bc43834a0aca1e760590cca765ad672ead975993f82ae6765c5afbddc6062d7c4babebf650ab097db1a1d9a2a99e8fd2e0eb8a7b916f6":"ad0ab4e77257866e4a57cf44fa4049428e56a6e8b8fd47b4cd00bfce84fa8f5a43f1df2061b0a37311b4a1436bad0d61d52ced5e262ed41a7eb125d61cec2e3fbaa95e533b43f318048096ebc8466f0cd609bb5e7c3fc6e5701aace546618a170f88c0b7ed76b63759ca4e4b931a86ac379dd12ad2cba7d47a19a3ae7c242fb0":96:"fb1e988f9c97358a17e35e6f":0 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"aef24b8205d4085d978505f04724293c2819ef9f3f03a6c758078690fc4bf7c8":"db26453170db2f984312e0cf961d1a7df1154f0525c31f166be5c9f516736501f9f2dd8096a69b6441888ce27aaceacb0b365a38e4e01e2e34027c023206e814f22d46fd2fa69f87509ddced4b8852a76b2532b92f069b8c922ac13b2b7f19cb7c524657a4ee6e989cf2598bef674aa31576776853fb7f9a2704d6b3ee7fbcbb":"81456baa337c3dfd162d9c5f72a2e216":"484a5f4772643cf74ccdced0e5d80862f9300f26ae3139968649d3d7bb761b313f2ba63798b2040d397c3d1569285fee8498fd9254851c15b98af5bd351fa72e7d574c62ede0d728e1279e8b4e4784fd63ea7851e99d1d2356bcbf868528f8d0a90fc3b884ece631648d916ec97abadca1b0dd7670e6ad42245021570582ec7c":"da95c61cd2bb88fea78c059c254d2b949d4fc291c73ac178ace44c1e6a339f64931c857d3a7cb276a04993620adb6918dfd3f9083edad384a8e6c1d4799d526a1c969d8deb0e2667d6d06f559baf914b49fc463244528aa6522d19699065438d939521d7d7bb149835298f2054bcaae6d786f6dde133b640697a3d37c697579a":96:"bc1c1cbcad2e1a66ace079a2":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9685aea9aaebbd691e679779034729306d5887bee4c1f90f6ee3a397a0ff3ece":"ae3b2fa1e209f72c167eb16bc15b7669b87d4ab516e428157810b87a83e90d56e267bd4996522b5b22c2a349d3765ca27ea27057dd71f7c18ddd053033bd780b6cb689f48c383e9c717b9b265cb9e32c70c4a7d8fb933e986d996b5ad914cd645b74c47ac3a0de952ee3fc73ada83d896da7ca0b2a0b10e4f701fa13cba9ec50":"b1bc140531ae8c69e2ffc784e0988038":"294ff858fa6efc82ca3be4d05332bbb951a71a7ddfa4b78472e1582b445312eec11793d8d6e1e858d9cb078b5fc9083ac8a3e3bd82964cb07c08450567922299f68fd47663c7a77c29f2b5347f229301433d5a75263158a0d80095859e7e45476b99b23412046bfbe4eafff9f7820ba49919d2c987cf00c286c784e7669d8fe8":"6575128b576e68f7b3709e325b3d616783b42ff7f7631eb62b90cb0c8a86bd324756f43af53c33cbdaf9cf64ea94cf1b7fab5003f00c1d07f3fc8eb1931d759f9c43477ba22311a111488092c42b7786facf42b861a824cd1bcdc603a77d11253f15206a929a3e16e8737d080b8e5f0da8896226989a9964d72e491187250472":64:"f78c4dd37c06b197":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"3adf0da24394a98c7beae01d28f261a9cbd887aeeecc0c29e84540264d5a6bad":"8cf023d717b0f82f2b81750b53fb665c1c90f4740af4a3534b36b847df33ba5eec19eb24ead70a4b613a82572878216181d59b0c4c4df99be08d021cf182724d8ff5ec4e85884d0f69c16238fbbdbc5529ffcc4e418405e4e95139f79d3115a1ac56820cd39fc413ab72f7d447f947cb0541fc2be261f1246c0a786199013b22":"ad41288817577316df2d881ac93fcdef":"ad33ce922372fbe3531c0dece69f85f18eb1bbfb09a178403832308de0e54b1010db2636c4b7d9caa478138f61db5149c9fd7f3b45b7a1876729fe67622a37f0b322ef9cf6043b301a5d4c81e6f347d22bd3e40722059d3be945845c6b0629fbcfcaf885c7f393aa81f242c48c61a439574761ef6b671972cac664403250750e":"9d465e9c4228323946b1261892243d8455edb9eb8633d026d4033fa3965d20730979ba6952c0f6f2c5768f03c19256b64bc759d2e7b92424bbc668308504ba34384c2bb37baaf91a3a4f0952a050a3d69853141b49e86eda3bf0c4db4ebcd1c41e7f13eca20bf574a47ec45b8c98def17c0741805bf8f37923ba2b5221428578":64:"507618cec6d03964":0 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"9ef64b4132db54668568e2ae66ab61f62a820c7002a67a7e42006280a373feba":"4b96dce753273188c4cca3386a7415d5d9263757376e1f32797df47992e92e1bc0ab0833363b3acffde22602d4e47307bc8f252944414a15e1398693fd3b8bf4d8101cdcf70ce2c9de8cb7f5bb17cd83f09b1bc78ba07c34b9214e250c5940e9794199cb392309027d5ab4f32b51c533db6732024bd412f2cb0c5178d5296aa5":"07a86dbe2cce040eccdad79b3d211ecc":"af7a75748ee293015b600ca82ccc7718f4ecc20c3a2357ee02fb726330a0d79ca8bb97979bc0c89f4c60d7154f8bd29ba6ec5f2f4be286ea8a258cf6bd39b4f42d6db8e70c99ec3af26bb4d8003dc6fd0fdfbbc620d511d4d5f09ddf975a1663ac2979ae0978b0bc1e7bfcd660ae4ac7f1a8f6d8ee35752ed59a604f07dfda53":"e3e862146b6fb48b01ababc462dd560298eea7bfe5f3248e28a908d1de08c7e91fcf63922c394e7a51b64f4382225093e78598c050e588ff4ad38f3e83dc07b77ce569c6ab8f8a9cb0056b3155aa1503cebeb64c86d6d9cdbb178ea9a01a8ba33a1c48beb92ee4cf60e7dedf986019e19089cd186c98c229b0ff42c9e1aca571":64:"8614c216055c0660":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"f14ac79f35bc5a685433eea5bb7fd69fc959aabda24cbd8b7795fb2e41f90ab0":"8a20da14819079960b77ed5e548d0aa0bdcffb752817c1abe4195e612cfbb58c8e5a8af69f75bad10ee8afdf0b0d5c46c4dc11c32bff16d5e7e82e77fd80e475c6a5a0be36718af232697ab22314306b8ee32484b3461da657710c06170e80a6a8844f898c2be29366c8430f2392d100ffd419603cbce406dc7315577e6e9ee2":"353e1d08edce44c966430513cb7a0383":"cb1dde4ff5a6867038c170192fc2d292f5bb349d5b9a903cf3d88c09ce78fb1f4a776ff7588a25abb5e5f6a44791d7296afef3f32ed31db1def37dd25be0570a204955121f9c65b79a3ea88fc452dbcb82719243c11bc27e3408adf802b6e8b4e701ee4e9dfd140cb3277bf605bd5fb757d2325f7805fc6f0d1ea5a6207fac5f":"49b5e4ea0421034c074cde67dd39a0310c3f31e8138672ba2ecc0777be542f1c6529836d5206b79dac83d96aab56787a35c584b31228f007f11630328c3f40a57be37487689ee5babb576e7d14ff0f1f1ba6e4be11637352a4336327681058b99df2e44f9772de4e0e456d2e34dec5eeb335b238e862841d166e0612cc0f18f3":32:"88aed643":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"b55ac909e73989e310ae37d13c54bbd5a126f419a3b01a2ad8961d89bd247f81":"8a663e8b21a027c4a9545d145d42d9c67b4fcd5d0e39aa68822aedbd609e2c681f60e6315035321de739858b2b082bc05551fe9b8456c2e89c6151282c6068b915eae5762e4d6d765d667de58a315e061b3d60035ada50f59258eb6e2a1cd6b52eea7eb9d404fd96e71f19feff65b74a4b4f07061adf7c1b0e54e2ece7a2cd49":"9328abab0d3f63c75ddafd8559d96b4f":"cbae20aa1996abb62471aac91cd78080953fbe3b165d4c9435832ef1106e7e3424db8850f44a431c289ab4f2bbbea9e5c0c7aaf2e8de69c0ced176283662cadd280d8fda0c859551f0f90893ca57695c95803a1546826922ac78703d7ccae285b7ccd4bbab551756cccc6869dcf34b6af8d8b80c25c6fb1d2caa7f28161fb854":"457e13ff4eeaaae75d14bbf1bff91706c3168b9b146aed29dbe31b12ad90c1c158833be95701229ac6e4a13997e0a2d961d4a0021c4d8920ec54a9a935e5ea73b17e8fa60559df76bd07d966dfa7d86d1a77a313228b2ae7f66b5b696726c02af2c808bf75e0b9591a220e762f57c680ca68f20b2b5413b07731bbd49de039bf":32:"5de0434a":0 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2 [#2] -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"1477e189fb3546efac5cc144f25e132ffd0081be76e912e25cbce7ad63f1c2c4":"7bd3ea956f4b938ebe83ef9a75ddbda16717e924dd4e45202560bf5f0cffbffcdd23be3ae08ff30503d698ed08568ff6b3f6b9fdc9ea79c8e53a838cc8566a8b52ce7c21b2b067e778925a066c970a6c37b8a6cfc53145f24bf698c352078a7f0409b53196e00c619237454c190b970842bb6629c0def7f166d19565127cbce0":"c109f35893aff139db8ed51c85fee237":"8f7f9f71a4b2bb0aaf55fced4eb43c57415526162070919b5f8c08904942181820d5847dfd54d9ba707c5e893a888d5a38d0130f7f52c1f638b0119cf7bc5f2b68f51ff5168802e561dff2cf9c5310011c809eba002b2fa348718e8a5cb732056273cc7d01cce5f5837ab0b09b6c4c5321a7f30a3a3cd21f29da79fce3f3728b":"7841e3d78746f07e5614233df7175931e3c257e09ebd7b78545fae484d835ffe3db3825d3aa1e5cc1541fe6cac90769dc5aaeded0c148b5b4f397990eb34b39ee7881804e5a66ccc8d4afe907948780c4e646cc26479e1da874394cb3537a8f303e0aa13bd3cc36f6cc40438bcd41ef8b6a1cdee425175dcd17ee62611d09b02":32:"cb13ce59":0 AES-GCM Bad IV (AES-256,128,0,0,32) #0 -depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH +depends_on:MBEDTLS_CCM_GCM_CAN_AES:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT AES-GCM Selftest -depends_on:MBEDTLS_AES_C +depends_on:MBEDTLS_CCM_GCM_CAN_AES gcm_selftest: diff --git a/tests/suites/test_suite_gcm.camellia.data b/tests/suites/test_suite_gcm.camellia.data index 9b71d7c0b..029780627 100644 --- a/tests/suites/test_suite_gcm.camellia.data +++ b/tests/suites/test_suite_gcm.camellia.data @@ -1,215 +1,215 @@ Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #1 (128-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"":"000000000000000000000000":"":"":128:"f5574acc3148dfcb9015200631024df9":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #2 (128-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"00000000000000000000000000000000":"000000000000000000000000":"":"defe3e0b5c54c94b4f2a0f5a46f6210d":128:"f672b94d192266c7c8c8dbb427cc989a":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #3 (128-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":"cafebabefacedbaddecaf888":"":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f8260614bab815":128:"86e318012dd8329dc9dae6a170f61b24":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #4 (128-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f82606":128:"9f458869431576ea6a095456ec6b8101":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #5 (128-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"28fd7434d5cd424a5353818fc21a982460d20cf632eb1e6c4fbfca17d5abcf6a52111086162fe9570e7774c7a912aca3dfa10067ddaad40688645bdd":128:"e86f8f2e730c49d536f00fb5225d28b1":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #6 (128-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"2e582b8417c93f2ff4f6f7ee3c361e4496e710ee12433baa964987d02f42953e402e6f4af407fe08cd2f35123696014c34db19128df4056faebcd647":128:"ceae5569b2af8641572622731aed3e53":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #7 (192-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":"":128:"ba9ae89fddce4b51131e17c4d65ce587":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #8 (192-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"000000000000000000000000":"":"8f9c0aa2549714c88bb2665e8af86d41":128:"783cff5c5aca7197320658a74279ab37":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #9 (192-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":"cafebabefacedbaddecaf888":"":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6a60bb2e9":128:"8d645a0b0e48d3c3b60a014157cb49b4":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #10 (192-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6":128:"01b15bb5ab6fac0c422014e91eacbf2b":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #11 (192-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"678b3dcb270faa206dc5f6fbb5014996e86d6f3e35cdcdfeb03b37b9b06ff4ff2682248823bd3c84124dc76af7bde3dd440c228b5efbc795dd80dfb6":128:"f876143d933214a5035ff0bb96ff650b":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #12 (192-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"9733ea567c3bad2259ccd63ef7012f5de709e50b1fdc31f1a16db02ede1b66f11dcc4d953f2d4d4671587b65882afbf9545fdb6deab22413d091b703":128:"4b72e520b2521e63d240ed5c903216fa":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #13 (256-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":"":128:"9cdb269b5d293bc5db9c55b057d9b591":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #14 (256-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"000000000000000000000000":"":"3d4b2cde666761ba5dfb305178e667fb":128:"284b63bb143c40ce100fb4dea6bb617b":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #15 (256-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":"cafebabefacedbaddecaf888":"":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b776549e092":128:"c912686270a2b9966415fca3be75c468":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #16 (256-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b77":128:"4e4b178d8fe26fdc95e2e7246dd94bec":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #17 (256-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652":128:"e6472b8ebd331bfcc7c0fa63ce094461":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #18 (256-en) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"e0cddd7564d09c4dc522dd65949262bbf9dcdb07421cf67f3032becb7253c284a16e5bf0f556a308043f53fab9eebb526be7f7ad33d697ac77c67862":128:"5791883f822013f8bd136fc36fb9946b":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #1 (128-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"":"000000000000000000000000":"":128:"f5574acc3148dfcb9015200631024df9":"":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #2 (128-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"defe3e0b5c54c94b4f2a0f5a46f6210d":"000000000000000000000000":"":128:"f672b94d192266c7c8c8dbb427cc989a":"":"00000000000000000000000000000000":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #3 (128-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f8260614bab815":"cafebabefacedbaddecaf888":"":128:"86e318012dd8329dc9dae6a170f61b24":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #4 (128-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f82606":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"9f458869431576ea6a095456ec6b8101":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #5 (128-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"28fd7434d5cd424a5353818fc21a982460d20cf632eb1e6c4fbfca17d5abcf6a52111086162fe9570e7774c7a912aca3dfa10067ddaad40688645bdd":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"e86f8f2e730c49d536f00fb5225d28b1":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #6 (128-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"2e582b8417c93f2ff4f6f7ee3c361e4496e710ee12433baa964987d02f42953e402e6f4af407fe08cd2f35123696014c34db19128df4056faebcd647":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"ceae5569b2af8641572622731aed3e53":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #7 (192-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":128:"ba9ae89fddce4b51131e17c4d65ce587":"":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #8 (192-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"8f9c0aa2549714c88bb2665e8af86d41":"000000000000000000000000":"":128:"783cff5c5aca7197320658a74279ab37":"":"00000000000000000000000000000000":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #9 (192-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6a60bb2e9":"cafebabefacedbaddecaf888":"":128:"8d645a0b0e48d3c3b60a014157cb49b4":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #10 (192-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"01b15bb5ab6fac0c422014e91eacbf2b":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #11 (192-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"678b3dcb270faa206dc5f6fbb5014996e86d6f3e35cdcdfeb03b37b9b06ff4ff2682248823bd3c84124dc76af7bde3dd440c228b5efbc795dd80dfb6":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"f876143d933214a5035ff0bb96ff650b":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #12 (192-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"9733ea567c3bad2259ccd63ef7012f5de709e50b1fdc31f1a16db02ede1b66f11dcc4d953f2d4d4671587b65882afbf9545fdb6deab22413d091b703":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4b72e520b2521e63d240ed5c903216fa":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #13 (256-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":128:"9cdb269b5d293bc5db9c55b057d9b591":"":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #14 (256-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"3d4b2cde666761ba5dfb305178e667fb":"000000000000000000000000":"":128:"284b63bb143c40ce100fb4dea6bb617b":"":"00000000000000000000000000000000":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #15 (256-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b776549e092":"cafebabefacedbaddecaf888":"":128:"c912686270a2b9966415fca3be75c468":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #16 (256-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b77":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4e4b178d8fe26fdc95e2e7246dd94bec":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #17 (256-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"e6472b8ebd331bfcc7c0fa63ce094461":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #18 (256-de) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"e0cddd7564d09c4dc522dd65949262bbf9dcdb07421cf67f3032becb7253c284a16e5bf0f556a308043f53fab9eebb526be7f7ad33d697ac77c67862":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"5791883f822013f8bd136fc36fb9946b":"":"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #1 (128-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"":"000000000000000000000000":"":128:"f5574acc3148dfcb9015200631024df8":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #2 (128-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"00000000000000000000000000000000":"defe3e0b5c54c94b4f2a0f5a46f7210d":"000000000000000000000000":"":128:"f672b94d192266c7c8c8dbb427cc989a":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #3 (128-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f8260614bab815":"cafebabefacedbaddecaf889":"":128:"86e318012dd8329dc9dae6a170f61b24":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #4 (128-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"d0d94a13b632f337a0cc9955b94fa020c815f903aab12f1efaf2fe9d90f729a6cccbfa986ef2ff2c33de418d9a2529091cf18fe652c1cfde13f82606":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"9f458869431576ea6a095456ec6b8100":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #5 (128-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"28fd7434d5cd424a5353818fc21a982460d20cf632eb1e6c4fbfca17d5abcf6a52111086162fe9570e7774c7a912aca3dfa10067ddaad40688645bdd":"cafebabefacedbad":"feedfadedeadbeeffeedfacedeadbeefabaddad2":128:"e86f8f2e730c49d536f00fb5225d28b1":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #6 (128-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308":"2e582b8417c83f2ff4f6f7ee3c361e4496e710ee12433baa964987d02f42953e402e6f4af407fe08cd2f35123696014c34db19128df4056faebcd647":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"ceae5569b2af8641572622731aed3e53":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #7 (192-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"":"000000000000000000000000":"":128:"ba9ae89fddce4b51131e17c4d65ce586":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #8 (192-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"000000000000000000000000000000000000000000000000":"8f9c0aa2549714c88bb2665e8af86d42":"000000000000000000000000":"":128:"783cff5c5aca7197320658a74279ab37":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #9 (192-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"ffffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6a60bb2e9":"cafebabefacedbaddecaf888":"":128:"8d645a0b0e48d3c3b60a014157cb49b4":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #10 (192-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"0f009e88410d84ad93c90d55efbe20ffa855492f4dfd0fb485c4f02f536feffbb4d967729e5c67f1de0750255cc500716ba483eb3b0a2bf607af28f6":"cafebabefacedbaddecaf888":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"11b15bb5ab6fac0c422014e91eacbf2b":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #11 (192-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"678b3dcb270faa206dc5f6fbb5014996e86d6f3e35cdcdfeb03b37b9b06ff4ff2682248823bd3c84124dc76af7bde3dd440c228b5efbc795dd80dfb6":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad3":128:"f876143d933214a5035ff0bb96ff650b":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #12 (192-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c":"9733ea567c3bad2259ccd63ef7012f5de709e50b1fdc31f1a16db02ede1b66f11dcc4d953f2d4d4671587b65882afbf9545fdb6deab22413d091b703":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a328a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4b72e520b2521e63d240ed5c903216fa":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #13 (256-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000001":"":"000000000000000000000000":"":128:"9cdb269b5d293bc5db9c55b057d9b591":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #14 (256-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"0000000000000000000000000000000000000000000000000000000000000000":"3d4b2cde666761ba5dfb305178e667fb":"000000000000000000000001":"":128:"284b63bb143c40ce100fb4dea6bb617b":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #15 (256-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4949d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b776549e092":"cafebabefacedbaddecaf888":"":128:"c912686270a2b9966415fca3be75c468":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #16 (256-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"ad142c11579dd95e41f3c1f324dabc255864d920f1b65759d8f560d4948d447758dfdcf77aa9f62581c7ff572a037f810cb1a9c4b3ca6ed638179b77":"cafebabefacedbaddecaf888":"ffedfacedeadbeeffeedfacedeadbeefabaddad2":128:"4e4b178d8fe26fdc95e2e7246dd94bec":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #17 (256-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652":"cafebabefacedbad":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"e6472b8ebd331bfcc7c0fa63ce094462":"FAIL":"":0 Camellia-GCM test vect draft-kato-ipsec-camellia-gcm #18 (256-bad) -depends_on:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_CCM_GCM_CAN_CAMELLIA gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_CAMELLIA:"feffe9928665731c6d6a9f9467308308feffe9928665731c6d6a8f9467308308":"e0cddd7564d09c4dc522dd65949262bbf9dcdb07421cf67f3032becb7253c284a16e5bf0f556a308043f53fab9eebb526be7f7ad33d697ac77c67862":"9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b":"feedfacedeadbeeffeedfacedeadbeefabaddad2":128:"5791883f822013f8bd136fc36fb9946b":"FAIL":"":0 diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index 097e42408..599c9266e 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -478,7 +478,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_AES_C */ +/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_CCM_GCM_CAN_AES */ void gcm_selftest() { BLOCK_CIPHER_PSA_INIT(); From 45c84feacceb0e56df99171a78045b2c432ffe1f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 20 Dec 2023 09:54:39 +0100 Subject: [PATCH 1125/1674] test_suite_ccm: add missing BLOCK_CIPHER_PSA_[INIT/DONE]() Signed-off-by: Valerio Setti --- tests/suites/test_suite_ccm.function | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function index 9831666c3..dbb313b93 100644 --- a/tests/suites/test_suite_ccm.function +++ b/tests/suites/test_suite_ccm.function @@ -82,6 +82,7 @@ void mbedtls_ccm_setkey(int cipher_id, int key_size, int result) unsigned char key[32]; int ret; + BLOCK_CIPHER_PSA_INIT(); mbedtls_ccm_init(&ctx); memset(key, 0x2A, sizeof(key)); @@ -92,6 +93,7 @@ void mbedtls_ccm_setkey(int cipher_id, int key_size, int result) exit: mbedtls_ccm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -139,7 +141,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_AES_C */ +/* BEGIN_CASE depends_on:MBEDTLS_CCM_GCM_CAN_AES */ void ccm_star_lengths(int msg_len, int iv_len, int add_len, int tag_len, int res) { From 9afa329b80e2436bb154cd0bda52aae57f45a029 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 20 Dec 2023 09:55:28 +0100 Subject: [PATCH 1126/1674] analyze_outcomes: allow ignored test suites to have a dot in the name Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 085ba7a51..8db2ef778 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -150,7 +150,7 @@ def analyze_driver_vs_reference(results: Results, outcomes: Outcomes, # but issue an error if they're not (means we have a bad entry). ignored = False if full_test_suite in ignored_tests: - for str_or_re in ignored_tests[test_suite]: + for str_or_re in ignored_tests[full_test_suite]: if name_matches_pattern(test_string, str_or_re): ignored = True From 5f665c3a0d9766638e8fe2ebbaddeff4e444d579 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 20 Dec 2023 09:56:05 +0100 Subject: [PATCH 1127/1674] analyze_outcomes: add exceptions to disparities for block_cipher dispatch Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 8db2ef778..7dc6afe3c 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -542,8 +542,38 @@ KNOWN_TASKS = { 'ignored_suites': [ # Skipped in the accelerated component 'aes', 'aria', 'camellia', + # These require AES_C and CAMELLIA_C to be enabled in order for the cipher + # module (actually cipher_wrapper) to work properly. However these symbols + # are disabled in the accelerated component so we ignore them. + 'cipher.ccm', 'cipher.gcm', 'cmac', ], 'ignored_tests': { + 'test_suite_cipher.aes': [ + # CCM*-NO-TAG is disabled in the accelerated component but + # there is no way to get CCM without CCM*-NO-TAG with legacy symbols. + re.compile(r'AES-\d+[- ]CCM\*-NO-TAG .*'), + # Following test require AES_C to be enabled for CIPHER_C operations + re.compile(r'AES-\d+-ECB .* NIST KAT .*'), + # This test requires AES_C which is disabled in the accelerated component + 'Cipher Corner Case behaviours', + ], + 'test_suite_cipher.aria': [ + # Same as for test_suite_cipher.aes + re.compile(r'ARIA-\d+[- ]CCM\*-NO-TAG .*'), + ], + 'test_suite_cipher.camellia': [ + # Same as for test_suite_cipher.aes + re.compile(r'CAMELLIA-\d+[- ]CCM\*-NO-TAG .*'), + ], + 'test_suite_error': [ + # Following tests require AES_C which is disabled in the accelerated component + 'Single low error', + 'Low and high error', + ], + 'test_suite_version': [ + # Following tests require AES_C which is disabled in the accelerated component + 'Check for MBEDTLS_AES_C when already present', + ], 'test_suite_platform': [ # Incompatible with sanitizers (e.g. ASan). If the driver # component uses a sanitizer but the reference component From 5eb8de12cb7a44a4e0e67487420972dafab6aa4b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 20 Dec 2023 11:59:32 +0100 Subject: [PATCH 1128/1674] driver-only-build: remove paragraph about RSA/DH deterministic key generation This feature is not supported at all in MbedTLS, driver or not. Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index c2d8f69d1..373de2389 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -240,10 +240,6 @@ The same holds for the associated algorithm: `[PSA_WANT|MBEDTLS_PSA_ACCEL]_ALG_FFDH` allow builds accelerating FFDH and removing builtin support (i.e. `MBEDTLS_DHM_C`). -### Limitations -Support for deterministic derivation of a DH keypair -(i.e. `PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE`) is not supported. - Ciphers and AEADs ----------------- From a70b3c24f6e4cb44c049961ecd84196eed6491a4 Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> Date: Sun, 16 Jul 2023 12:06:13 +0300 Subject: [PATCH 1129/1674] rsa: minor comment/guard improvements This brings some improvements to comments/ function prototypes that relate to PKCS#1. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> --- include/mbedtls/mbedtls_config.h | 2 ++ include/mbedtls/rsa.h | 2 ++ 2 files changed, 4 insertions(+) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 758a51424..a3e3f8347 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2191,6 +2191,8 @@ * Enable parsing and verification of X.509 certificates, CRLs and CSRS * signed with RSASSA-PSS (aka PKCS#1 v2.1). * + * Requires: MBEDTLS_PKCS1_V21 + * * Comment this macro to disallow using RSASSA-PSS in certificates. */ #define MBEDTLS_X509_RSASSA_PSS_SUPPORT diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index df665240d..e5e172f9c 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -869,6 +869,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx, const unsigned char *hash, unsigned char *sig); +#if defined(MBEDTLS_PKCS1_V21) /** * \brief This function performs a PKCS#1 v2.1 PSS signature * operation (RSASSA-PSS-SIGN). @@ -969,6 +970,7 @@ int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, unsigned int hashlen, const unsigned char *hash, unsigned char *sig); +#endif /* MBEDTLS_PKCS1_V21 */ /** * \brief This function performs a public RSA operation and checks From 80ca4932847874c4ebe595e43cdcdb36fc4d5668 Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> Date: Sun, 16 Jul 2023 12:12:09 +0300 Subject: [PATCH 1130/1674] gitignore: add clangd index files https://clangd.llvm.org/design/indexing#backgroundindex Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> --- .gitignore | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 185bd7a1d..4f29d5be5 100644 --- a/.gitignore +++ b/.gitignore @@ -63,5 +63,7 @@ massif-* /cscope*.out /tags -# Clangd compilation database +# clangd compilation database compile_commands.json +# clangd index files +/.cache/clangd/index/ From 8174662b648d03c5503dfea15a57106ca7dd5312 Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> Date: Sun, 16 Jul 2023 13:06:06 +0300 Subject: [PATCH 1131/1674] pk: implement non-PSA mbedtls_pk_sign_ext() This makes the function always available with its its implementation depending on MBEDTLS_USE_PSA_CRYPTO. Related dependencies and tests are updated as well. Fixes #7583. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> --- ChangeLog.d/non-psa-pk-implementation.txt | 4 + include/mbedtls/config_adjust_legacy_crypto.h | 6 +- include/mbedtls/pk.h | 4 +- library/pk.c | 41 ++++++--- library/pk_wrap.c | 4 +- library/pk_wrap.h | 16 ++-- tests/suites/test_suite_pk.data | 48 +++++------ tests/suites/test_suite_pk.function | 83 +++++++++++-------- 8 files changed, 120 insertions(+), 86 deletions(-) create mode 100644 ChangeLog.d/non-psa-pk-implementation.txt diff --git a/ChangeLog.d/non-psa-pk-implementation.txt b/ChangeLog.d/non-psa-pk-implementation.txt new file mode 100644 index 000000000..88ed00654 --- /dev/null +++ b/ChangeLog.d/non-psa-pk-implementation.txt @@ -0,0 +1,4 @@ +Changes + * mbedtls_pk_sign_ext() is now available even without PSA + (MBEDTLS_PSA_CRYPTO_C). This improves uniformity in the PK module; + it now only depends on MBEDTLS_USE_PSA_CRYPTO for its use of PSA. diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index e66d67a1b..74d037df4 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -235,9 +235,9 @@ #define MBEDTLS_PSA_CRYPTO_CLIENT #endif /* MBEDTLS_PSA_CRYPTO_C */ -/* The PK wrappers need pk_write functions to format RSA key objects - * when they are dispatching to the PSA API. This happens under USE_PSA_CRYPTO, - * and also even without USE_PSA_CRYPTO for mbedtls_pk_sign_ext(). */ +/* The PK wrappers need pk_write/pk_parse functions to format RSA key objects + * when they are dispatching to the PSA API. This happens under MBEDTLS_USE_PSA_CRYPTO, + * and even under just MBEDTLS_PSA_CRYPTO_C in psa_crypto_rsa.c. */ #if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_RSA_C) #define MBEDTLS_PK_C #define MBEDTLS_PK_WRITE_C diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 24b11886b..355bf1034 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -28,7 +28,7 @@ #include "mbedtls/ecdsa.h" #endif -#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_PSA_CRYPTO_C) #include "psa/crypto.h" #endif @@ -615,7 +615,6 @@ int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); -#if defined(MBEDTLS_PSA_CRYPTO_C) /** * \brief Make signature given a signature type. * @@ -652,7 +651,6 @@ int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type, unsigned char *sig, size_t sig_size, size_t *sig_len, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); -#endif /* MBEDTLS_PSA_CRYPTO_C */ /** * \brief Restartable version of \c mbedtls_pk_sign() diff --git a/library/pk.c b/library/pk.c index 957f64ed1..344d29fd5 100644 --- a/library/pk.c +++ b/library/pk.c @@ -579,7 +579,7 @@ int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options, return PSA_PK_RSA_TO_MBEDTLS_ERR(status); } else -#endif +#endif /* MBEDTLS_USE_PSA_CRYPTO */ { if (sig_len < mbedtls_pk_get_len(ctx)) { return MBEDTLS_ERR_RSA_VERIFY_FAILED; @@ -672,7 +672,6 @@ int mbedtls_pk_sign(mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, f_rng, p_rng, NULL); } -#if defined(MBEDTLS_PSA_CRYPTO_C) /* * Make a signature given a signature type. */ @@ -684,11 +683,6 @@ int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng) { -#if defined(MBEDTLS_RSA_C) - psa_algorithm_t psa_md_alg; -#endif /* MBEDTLS_RSA_C */ - *sig_len = 0; - if (ctx->pk_info == NULL) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } @@ -702,8 +696,10 @@ int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type, sig, sig_size, sig_len, f_rng, p_rng); } -#if defined(MBEDTLS_RSA_C) - psa_md_alg = mbedtls_md_psa_alg_from_type(md_alg); +#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) + +#if defined(MBEDTLS_USE_PSA_CRYPTO) + const psa_algorithm_t psa_md_alg = mbedtls_md_psa_alg_from_type(md_alg); if (psa_md_alg == 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } @@ -720,12 +716,31 @@ int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type, return mbedtls_pk_psa_rsa_sign_ext(PSA_ALG_RSA_PSS(psa_md_alg), ctx->pk_ctx, hash, hash_len, sig, sig_size, sig_len); -#else /* MBEDTLS_RSA_C */ - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; -#endif /* !MBEDTLS_RSA_C */ +#else /* MBEDTLS_USE_PSA_CRYPTO */ + if (sig_size < mbedtls_pk_get_len(ctx)) { + return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; + } + + if (pk_hashlen_helper(md_alg, &hash_len) != 0) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + mbedtls_rsa_context *const rsa_ctx = mbedtls_pk_rsa(*ctx); + + const int ret = mbedtls_rsa_rsassa_pss_sign(rsa_ctx, f_rng, p_rng, md_alg, + (unsigned int) hash_len, hash, sig); + if (ret == 0) { + *sig_len = rsa_ctx->len; + } + return ret; + +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + +#else + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; +#endif /* MBEDTLS_RSA_C && MBEDTLS_PKCS1_V21 */ } -#endif /* MBEDTLS_PSA_CRYPTO_C */ /* * Decrypt message diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 0fb3c4217..b1fbd861d 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -281,7 +281,7 @@ static int rsa_verify_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, } #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t alg, mbedtls_rsa_context *rsa_ctx, const unsigned char *hash, size_t hash_len, @@ -344,7 +344,7 @@ cleanup: } return ret; } -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_USE_PSA_CRYPTO) static int rsa_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, diff --git a/library/pk_wrap.h b/library/pk_wrap.h index 28c815a77..a6237bf63 100644 --- a/library/pk_wrap.h +++ b/library/pk_wrap.h @@ -131,6 +131,14 @@ int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_ecdsa(psa_status_t status); #endif #endif +#if defined(MBEDTLS_RSA_C) +int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md, + mbedtls_rsa_context *rsa_ctx, + const unsigned char *hash, size_t hash_len, + unsigned char *sig, size_t sig_size, + size_t *sig_len); +#endif /* MBEDTLS_RSA_C */ + #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PSA_CRYPTO_C) @@ -143,14 +151,6 @@ int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_rsa(psa_status_t status); #endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ #endif /* !MBEDTLS_DEPRECATED_REMOVED */ -#if defined(MBEDTLS_RSA_C) -int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md, - mbedtls_rsa_context *rsa_ctx, - const unsigned char *hash, size_t hash_len, - unsigned char *sig, size_t sig_size, - size_t *sig_len); -#endif /* MBEDTLS_RSA_C */ - #endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_PK_WRAP_H */ diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index e69749140..af1e20c46 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -621,62 +621,62 @@ PSA wrapped sign: RSA PKCS1 v1.5 depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME:MBEDTLS_PK_WRITE_C pk_psa_sign:1024:PSA_KEY_TYPE_RSA_KEY_PAIR:1024 -PK Sign ext:RSA2048,PK_RSA,MD_SHA256 +PK sign ext: RSA2048, PK_RSA, MD_SHA256 depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 -pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256 +pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256 -PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA256 +PK sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA256 depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 -pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256 +pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256 -PK Sign ext:RSA2048,PK_RSA,MD_SHA384 +PK sign ext: RSA2048, PK_RSA, MD_SHA384 depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 -pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384 +pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384 -PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA384 +PK sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA384 depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 -pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384 +pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384 -PK Sign ext:RSA2048,PK_RSA,MD_SHA512 +PK sign ext: RSA2048, PK_RSA, MD_SHA512 depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 -pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512 +pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512 -PK Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA512 +PK sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA512 depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048 -pk_psa_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512 +pk_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512 -PK Sign ext:SECP256R1,PK_ECDSA,MD_SHA256 +PK sign ext: SECP256R1, PK_ECDSA, MD_SHA256 depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_MD_CAN_SHA256 -pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA256 +pk_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA256 -PK Sign ext:SECP384R1,PK_ECDSA,MD_SHA384 +PK sign ext: SECP384R1, PK_ECDSA, MD_SHA384 depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA384 -pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA384 +pk_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP384R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA384 -PK Sign ext:SECP521R1,PK_ECDSA,MD_SHA512 +PK sign ext: SECP521R1, PK_ECDSA, MD_SHA512 depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP521R1:MBEDTLS_MD_CAN_SHA512 -pk_psa_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA512 +pk_sign_ext:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP521R1:MBEDTLS_PK_ECDSA:MBEDTLS_MD_SHA512 -PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA256 +PSA wrapped sign ext: RSA2048, PK_RSA, MD_SHA256 depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA256 -PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA256 +PSA wrapped sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA256 depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256 -PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA384 +PSA wrapped sign ext: RSA2048, PK_RSA, MD_SHA384 depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA384 -PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA384 +PSA wrapped sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA384 depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA384:MBEDTLS_RSA_C pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA384 -PK wrapped Sign ext:RSA2048,PK_RSA,MD_SHA512 +PSA wrapped sign ext: RSA2048, PK_RSA, MD_SHA512 depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512 -PK wrapped Sign ext:RSA2048,PK_RSASSA_PSS,MD_SHA512 +PSA wrapped sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA512 depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512 diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index fa0b03b34..5255febb7 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -407,6 +407,16 @@ void pk_invalid_param() buf, buf_size, &buf_size, NULL, NULL, NULL)); + TEST_EQUAL(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign_ext(pk_type, &ctx, MBEDTLS_MD_NONE, + NULL, buf_size, + buf, buf_size, &buf_size, + NULL, NULL)); + TEST_EQUAL(MBEDTLS_ERR_PK_BAD_INPUT_DATA, + mbedtls_pk_sign_ext(pk_type, &ctx, MBEDTLS_MD_SHA256, + NULL, 0, + buf, buf_size, &buf_size, + NULL, NULL)); exit: mbedtls_pk_free(&ctx); USE_PSA_DONE(); @@ -435,14 +445,6 @@ void valid_parameters() TEST_ASSERT(mbedtls_pk_get_len(NULL) == 0); TEST_ASSERT(mbedtls_pk_can_do(NULL, MBEDTLS_PK_NONE) == 0); - TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, - MBEDTLS_MD_NONE, - NULL, 0, - buf, sizeof(buf), &len, - mbedtls_test_rnd_std_rand, NULL, - NULL) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, MBEDTLS_MD_NONE, NULL, 0, @@ -458,6 +460,13 @@ void valid_parameters() mbedtls_test_rnd_std_rand, NULL) == MBEDTLS_ERR_PK_BAD_INPUT_DATA); + TEST_ASSERT(mbedtls_pk_sign_ext(MBEDTLS_PK_NONE, &pk, + MBEDTLS_MD_NONE, + NULL, 0, + buf, sizeof(buf), &len, + mbedtls_test_rnd_std_rand, NULL) == + MBEDTLS_ERR_PK_BAD_INPUT_DATA); + TEST_ASSERT(mbedtls_pk_verify_restartable(&pk, MBEDTLS_MD_NONE, NULL, 0, @@ -1175,22 +1184,31 @@ void pk_rsa_overflow() memset(hash, 0x2a, sizeof(hash)); memset(sig, 0, sizeof(sig)); - TEST_ASSERT(mbedtls_pk_setup(&pk, - mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); + TEST_EQUAL(mbedtls_pk_setup(&pk, + mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)), 0); #if defined(MBEDTLS_PKCS1_V21) - TEST_ASSERT(mbedtls_pk_verify_ext(MBEDTLS_PK_RSASSA_PSS, NULL, &pk, - MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len) == - MBEDTLS_ERR_PK_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_pk_verify_ext(MBEDTLS_PK_RSASSA_PSS, NULL, &pk, + MBEDTLS_MD_NONE, hash, hash_len, sig, sig_len), + MBEDTLS_ERR_PK_BAD_INPUT_DATA); #endif /* MBEDTLS_PKCS1_V21 */ - TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, hash, hash_len, - sig, sig_len) == MBEDTLS_ERR_PK_BAD_INPUT_DATA); + TEST_EQUAL(mbedtls_pk_verify(&pk, MBEDTLS_MD_NONE, hash, hash_len, + sig, sig_len), + MBEDTLS_ERR_PK_BAD_INPUT_DATA); - TEST_ASSERT(mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, hash, hash_len, - sig, sizeof(sig), &sig_len, - mbedtls_test_rnd_std_rand, NULL) - == MBEDTLS_ERR_PK_BAD_INPUT_DATA); +#if defined(MBEDTLS_PKCS1_V21) + TEST_EQUAL(mbedtls_pk_sign_ext(MBEDTLS_PK_RSASSA_PSS, &pk, + MBEDTLS_MD_NONE, hash, hash_len, + sig, sizeof(sig), &sig_len, + mbedtls_test_rnd_std_rand, NULL), + MBEDTLS_ERR_PK_BAD_INPUT_DATA); +#endif /* MBEDTLS_PKCS1_V21 */ + + TEST_EQUAL(mbedtls_pk_sign(&pk, MBEDTLS_MD_NONE, hash, hash_len, + sig, sizeof(sig), &sig_len, + mbedtls_test_rnd_std_rand, NULL), + MBEDTLS_ERR_PK_BAD_INPUT_DATA); exit: mbedtls_pk_free(&pk); @@ -1440,14 +1458,14 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_GENPRIME */ -void pk_psa_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg) +/* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */ +void pk_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg) { /* See the description of pk_genkey() for the description of the `parameter` argument. */ mbedtls_pk_context pk; size_t sig_len; unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE]; - unsigned char hash[PSA_HASH_MAX_SIZE]; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; size_t hash_len = mbedtls_md_get_size_from_type(md_alg); void const *options = NULL; mbedtls_pk_rsassa_pss_options rsassa_pss_options; @@ -1455,16 +1473,15 @@ void pk_psa_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg) memset(sig, 0, sizeof(sig)); mbedtls_pk_init(&pk); - PSA_INIT(); + MD_OR_USE_PSA_INIT(); - TEST_ASSERT(mbedtls_pk_setup(&pk, - mbedtls_pk_info_from_type(pk_type)) == 0); + TEST_EQUAL(mbedtls_pk_setup(&pk, + mbedtls_pk_info_from_type(pk_type)), 0); + TEST_EQUAL(pk_genkey(&pk, parameter), 0); - TEST_ASSERT(pk_genkey(&pk, parameter) == 0); - - TEST_ASSERT(mbedtls_pk_sign_ext(key_pk_type, &pk, md_alg, hash, hash_len, - sig, sizeof(sig), &sig_len, - mbedtls_test_rnd_std_rand, NULL) == 0); + TEST_EQUAL(mbedtls_pk_sign_ext(key_pk_type, &pk, md_alg, hash, hash_len, + sig, sizeof(sig), &sig_len, + mbedtls_test_rnd_std_rand, NULL), 0); if (key_pk_type == MBEDTLS_PK_RSASSA_PSS) { rsassa_pss_options.mgf1_hash_id = md_alg; @@ -1472,11 +1489,11 @@ void pk_psa_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg) rsassa_pss_options.expected_salt_len = hash_len; options = (const void *) &rsassa_pss_options; } - TEST_ASSERT(mbedtls_pk_verify_ext(key_pk_type, options, &pk, md_alg, - hash, hash_len, sig, sig_len) == 0); + TEST_EQUAL(mbedtls_pk_verify_ext(key_pk_type, options, &pk, md_alg, + hash, hash_len, sig, sig_len), 0); exit: mbedtls_pk_free(&pk); - PSA_DONE(); + MD_OR_USE_PSA_DONE(); } /* END_CASE */ From 573dc23141211980d43f9746e54c4f776b733f49 Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> Date: Sun, 10 Dec 2023 14:57:51 +0200 Subject: [PATCH 1132/1674] rsa: introduce rsa_internal_rsassa_pss_sign_no_mode_check() And use it in the non-PSA version of mbedtls_pk_sign_ext() to bypass checks that didn't succeed when used by TLS 1.3. That is because in the failing scenarios the padding of the RSA context is not set to PKCS_V21. See the discussion on PR #7930 for more details. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> --- library/pk.c | 7 +++-- library/rsa.c | 65 +++++++++++++++++++++++++++++---------- library/rsa_alt_helpers.h | 6 ++-- library/rsa_internal.h | 42 +++++++++++++++++++++++++ 4 files changed, 97 insertions(+), 23 deletions(-) create mode 100644 library/rsa_internal.h diff --git a/library/pk.c b/library/pk.c index 344d29fd5..929af3c65 100644 --- a/library/pk.c +++ b/library/pk.c @@ -18,6 +18,9 @@ #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" +#if defined(MBEDTLS_PKCS1_V21) && !defined(MBEDTLS_USE_PSA_CRYPTO) +#include "rsa_internal.h" +#endif #endif #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) #include "mbedtls/ecp.h" @@ -728,8 +731,8 @@ int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type, mbedtls_rsa_context *const rsa_ctx = mbedtls_pk_rsa(*ctx); - const int ret = mbedtls_rsa_rsassa_pss_sign(rsa_ctx, f_rng, p_rng, md_alg, - (unsigned int) hash_len, hash, sig); + const int ret = mbedtls_rsa_rsassa_pss_sign_no_mode_check(rsa_ctx, f_rng, p_rng, md_alg, + (unsigned int) hash_len, hash, sig); if (ret == 0) { *sig_len = rsa_ctx->len; } diff --git a/library/rsa.c b/library/rsa.c index 1bf5d13ca..2b9f85b73 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -29,6 +29,7 @@ #include "mbedtls/rsa.h" #include "rsa_alt_helpers.h" +#include "rsa_internal.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" @@ -1712,14 +1713,14 @@ int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx, } #if defined(MBEDTLS_PKCS1_V21) -static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - mbedtls_md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - int saltlen, - unsigned char *sig) +static int rsa_rsassa_pss_sign_no_mode_check(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + int saltlen, + unsigned char *sig) { size_t olen; unsigned char *p = sig; @@ -1727,15 +1728,12 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, size_t slen, min_slen, hlen, offset = 0; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t msb; + mbedtls_md_type_t hash_id; if ((md_alg != MBEDTLS_MD_NONE || hashlen != 0) && hash == NULL) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - if (ctx->padding != MBEDTLS_RSA_PKCS_V21) { - return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; - } - if (f_rng == NULL) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } @@ -1754,7 +1752,11 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, } } - hlen = mbedtls_md_get_size_from_type((mbedtls_md_type_t) ctx->hash_id); + hash_id = (mbedtls_md_type_t) ctx->hash_id; + if (hash_id == MBEDTLS_MD_NONE) { + hash_id = md_alg; + } + hlen = mbedtls_md_get_size_from_type(hash_id); if (hlen == 0) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } @@ -1797,7 +1799,7 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, p += slen; /* Generate H = Hash( M' ) */ - ret = hash_mprime(hash, hashlen, salt, slen, p, (mbedtls_md_type_t) ctx->hash_id); + ret = hash_mprime(hash, hashlen, salt, slen, p, hash_id); if (ret != 0) { return ret; } @@ -1808,8 +1810,7 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, } /* maskedDB: Apply dbMask to DB */ - ret = mgf_mask(sig + offset, olen - hlen - 1 - offset, p, hlen, - (mbedtls_md_type_t) ctx->hash_id); + ret = mgf_mask(sig + offset, olen - hlen - 1 - offset, p, hlen, hash_id); if (ret != 0) { return ret; } @@ -1823,6 +1824,37 @@ static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, return mbedtls_rsa_private(ctx, f_rng, p_rng, sig, sig); } +static int rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + int saltlen, + unsigned char *sig) +{ + if (ctx->padding != MBEDTLS_RSA_PKCS_V21) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } + if (ctx->hash_id == MBEDTLS_MD_NONE) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } + return rsa_rsassa_pss_sign_no_mode_check(ctx, f_rng, p_rng, md_alg, hashlen, hash, saltlen, + sig); +} + +int mbedtls_rsa_rsassa_pss_sign_no_mode_check(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig) +{ + return rsa_rsassa_pss_sign_no_mode_check(ctx, f_rng, p_rng, md_alg, + hashlen, hash, MBEDTLS_RSA_SALT_LEN_ANY, sig); +} + /* * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function with * the option to pass in the salt length. @@ -1840,7 +1872,6 @@ int mbedtls_rsa_rsassa_pss_sign_ext(mbedtls_rsa_context *ctx, hashlen, hash, saltlen, sig); } - /* * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function */ diff --git a/library/rsa_alt_helpers.h b/library/rsa_alt_helpers.h index ca0840b2a..052b02491 100644 --- a/library/rsa_alt_helpers.h +++ b/library/rsa_alt_helpers.h @@ -37,11 +37,9 @@ /* * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - * */ - -#ifndef MBEDTLS_RSA_INTERNAL_H -#define MBEDTLS_RSA_INTERNAL_H +#ifndef MBEDTLS_RSA_ALT_HELPERS_H +#define MBEDTLS_RSA_ALT_HELPERS_H #include "mbedtls/build_info.h" diff --git a/library/rsa_internal.h b/library/rsa_internal.h new file mode 100644 index 000000000..4081ac639 --- /dev/null +++ b/library/rsa_internal.h @@ -0,0 +1,42 @@ +/** + * \file rsa_internal.h + * + * \brief Internal-only RSA public-key cryptosystem API. + * + * This file declares RSA-related functions that are to be used + * only from within the Mbed TLS library itself. + * + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ +#ifndef MBEDTLS_RSA_INTERNAL_H +#define MBEDTLS_RSA_INTERNAL_H + +#include "mbedtls/rsa.h" + +#if defined(MBEDTLS_PKCS1_V21) +/** + * \brief This function is analogue to \c mbedtls_rsa_rsassa_pss_sign(). + * The only difference between them is that this function is more flexible + * on the parameters of \p ctx that are set with \c mbedtls_rsa_set_padding(). + * + * \note Compared to its counterpart, this function: + * - does not check the padding setting of \p ctx. + * - allows the hash_id of \p ctx to be MBEDTLS_MD_NONE, + * in which case it uses \p md_alg as the hash_id. + * + * \note Refer to \c mbedtls_rsa_rsassa_pss_sign() for a description + * of the functioning and parameters of this function. + */ +int mbedtls_rsa_rsassa_pss_sign_no_mode_check(mbedtls_rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + mbedtls_md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig); +#endif /* MBEDTLS_PKCS1_V21 */ + +#endif /* rsa_internal.h */ From 9c69348c24a5770936069c3c18bd312a341c7845 Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> Date: Thu, 14 Dec 2023 21:40:54 +0200 Subject: [PATCH 1133/1674] pk test suite: rename the parameter named parameter Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> --- tests/suites/test_suite_pk.function | 73 ++++++++++++++--------------- 1 file changed, 34 insertions(+), 39 deletions(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 5255febb7..226598c72 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -84,25 +84,25 @@ exit: /** Generate a key of the desired type. * - * \param pk The PK object to fill. It must have been initialized - * with mbedtls_pk_setup(). - * \param parameter - For RSA keys, the key size in bits. - * - For EC keys, the curve (\c MBEDTLS_ECP_DP_xxx). + * \param pk The PK object to fill. It must have been initialized + * with mbedtls_pk_setup(). + * \param curve_or_keybits - For RSA keys, the key size in bits. + * - For EC keys, the curve (\c MBEDTLS_ECP_DP_xxx). * - * \return The status from the underlying type-specific key - * generation function. - * \return -1 if the key type is not recognized. + * \return The status from the underlying type-specific key + * generation function. + * \return -1 if the key type is not recognized. */ -static int pk_genkey(mbedtls_pk_context *pk, int parameter) +static int pk_genkey(mbedtls_pk_context *pk, int curve_or_keybits) { - ((void) pk); - (void) parameter; + (void) pk; + (void) curve_or_keybits; #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_RSA) { return mbedtls_rsa_gen_key(mbedtls_pk_rsa(*pk), mbedtls_test_rnd_std_rand, NULL, - parameter, 3); + curve_or_keybits, 3); } #endif #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) @@ -112,7 +112,7 @@ static int pk_genkey(mbedtls_pk_context *pk, int parameter) int ret; #if defined(MBEDTLS_ECP_C) - ret = mbedtls_ecp_group_load(&mbedtls_pk_ec_rw(*pk)->grp, parameter); + ret = mbedtls_ecp_group_load(&mbedtls_pk_ec_rw(*pk)->grp, curve_or_keybits); if (ret != 0) { return ret; } @@ -123,7 +123,7 @@ static int pk_genkey(mbedtls_pk_context *pk, int parameter) #endif /* MBEDTLS_ECP_C */ #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - ret = pk_genkey_ec(pk, parameter); + ret = pk_genkey_ec(pk, curve_or_keybits); if (ret != 0) { return ret; } @@ -319,7 +319,7 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */ void pk_can_do_ext(int opaque_key, int key_type, int key_usage, int key_alg, - int key_alg2, int parameter, int alg_check, int usage_check, + int key_alg2, int curve_or_keybits, int alg_check, int usage_check, int result) { mbedtls_pk_context pk; @@ -336,7 +336,7 @@ void pk_can_do_ext(int opaque_key, int key_type, int key_usage, int key_alg, psa_set_key_enrollment_algorithm(&attributes, key_alg2); } psa_set_key_type(&attributes, key_type); - psa_set_key_bits(&attributes, parameter); + psa_set_key_bits(&attributes, curve_or_keybits); PSA_ASSERT(psa_generate_key(&attributes, &key)); @@ -350,7 +350,7 @@ void pk_can_do_ext(int opaque_key, int key_type, int key_usage, int key_alg, } else { TEST_EQUAL(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(key_type)), 0); - TEST_EQUAL(pk_genkey(&pk, parameter), 0); + TEST_EQUAL(pk_genkey(&pk, curve_or_keybits), 0); TEST_EQUAL(mbedtls_pk_get_type(&pk), key_type); } @@ -545,7 +545,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void pk_utils(int type, int parameter, int bitlen, int len, char *name) +void pk_utils(int type, int curve_or_keybits, int bitlen, int len, char *name) { mbedtls_pk_context pk; @@ -553,7 +553,7 @@ void pk_utils(int type, int parameter, int bitlen, int len, char *name) USE_PSA_INIT(); TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); - TEST_ASSERT(pk_genkey(&pk, parameter) == 0); + TEST_ASSERT(pk_genkey(&pk, curve_or_keybits) == 0); TEST_ASSERT((int) mbedtls_pk_get_type(&pk) == type); TEST_ASSERT(mbedtls_pk_can_do(&pk, type)); @@ -857,7 +857,7 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256 */ -void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret) +void pk_sign_verify(int type, int curve_or_keybits, int sign_ret, int verify_ret) { mbedtls_pk_context pk; size_t sig_len; @@ -883,7 +883,7 @@ void pk_sign_verify(int type, int parameter, int sign_ret, int verify_ret) memset(sig, 0, sizeof(sig)); TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(type)) == 0); - TEST_ASSERT(pk_genkey(&pk, parameter) == 0); + TEST_ASSERT(pk_genkey(&pk, curve_or_keybits) == 0); TEST_ASSERT(mbedtls_pk_sign_restartable(&pk, MBEDTLS_MD_SHA256, hash, hash_len, @@ -1304,8 +1304,7 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_PK_PSA_SIGN */ -void pk_psa_sign(int parameter_arg, - int psa_type_arg, int expected_bits_arg) +void pk_psa_sign(int curve_or_keybits, int psa_type, int expected_bits) { mbedtls_pk_context pk; unsigned char hash[32]; @@ -1318,8 +1317,6 @@ void pk_psa_sign(int parameter_arg, int ret; mbedtls_svc_key_id_t key_id; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_type_t expected_type = psa_type_arg; - size_t expected_bits = expected_bits_arg; /* * This tests making signatures with a wrapped PSA key: @@ -1333,19 +1330,19 @@ void pk_psa_sign(int parameter_arg, USE_PSA_INIT(); #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME) - if (PSA_KEY_TYPE_IS_RSA(psa_type_arg)) { + if (PSA_KEY_TYPE_IS_RSA(psa_type)) { /* Create legacy RSA public/private key in PK context. */ TEST_ASSERT(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0); TEST_ASSERT(mbedtls_rsa_gen_key(mbedtls_pk_rsa(pk), mbedtls_test_rnd_std_rand, NULL, - parameter_arg, 3) == 0); + curve_or_keybits, 3) == 0); alg_psa = PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256); } else #endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */ #if defined(MBEDTLS_PK_CAN_ECDSA_SIGN) - if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type_arg)) { - mbedtls_ecp_group_id grpid = parameter_arg; + if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type)) { + mbedtls_ecp_group_id grpid = curve_or_keybits; /* Create legacy EC public/private key in PK context. */ TEST_ASSERT(mbedtls_pk_setup(&pk, @@ -1356,7 +1353,7 @@ void pk_psa_sign(int parameter_arg, } else #endif /* MBEDTLS_PK_CAN_ECDSA_SIGN */ { - (void) parameter_arg; + (void) curve_or_keybits; TEST_ASSUME(!"Opaque PK key not supported in this configuration"); } @@ -1384,8 +1381,8 @@ void pk_psa_sign(int parameter_arg, PSA_ALG_NONE) == 0); PSA_ASSERT(psa_get_key_attributes(key_id, &attributes)); - TEST_EQUAL(psa_get_key_type(&attributes), expected_type); - TEST_EQUAL(psa_get_key_bits(&attributes), expected_bits); + TEST_EQUAL(psa_get_key_type(&attributes), (psa_key_type_t) psa_type); + TEST_EQUAL(psa_get_key_bits(&attributes), (size_t) expected_bits); TEST_EQUAL(psa_get_key_lifetime(&attributes), PSA_KEY_LIFETIME_VOLATILE); @@ -1396,7 +1393,7 @@ void pk_psa_sign(int parameter_arg, hash, sizeof(hash), sig, sizeof(sig), &sig_len, NULL, NULL) == 0); /* Only opaque EC keys support verification. */ - if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type_arg)) { + if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(psa_type)) { TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256, hash, sizeof(hash), sig, sig_len) == 0); } @@ -1438,7 +1435,7 @@ void pk_psa_sign(int parameter_arg, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY)), 0); TEST_EQUAL(mbedtls_ecp_group_load( &(mbedtls_pk_ec_rw(pk)->grp), - (mbedtls_ecp_group_id) parameter_arg), 0); + (mbedtls_ecp_group_id) curve_or_keybits), 0); TEST_EQUAL(mbedtls_ecp_point_read_binary(&(mbedtls_pk_ec_ro(pk)->grp), &(mbedtls_pk_ec_rw(pk)->Q), pkey_legacy_start, klen_legacy), 0); @@ -1459,9 +1456,8 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_GENPRIME */ -void pk_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg) +void pk_sign_ext(int pk_type, int curve_or_keybits, int key_pk_type, int md_alg) { - /* See the description of pk_genkey() for the description of the `parameter` argument. */ mbedtls_pk_context pk; size_t sig_len; unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE]; @@ -1477,7 +1473,7 @@ void pk_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg) TEST_EQUAL(mbedtls_pk_setup(&pk, mbedtls_pk_info_from_type(pk_type)), 0); - TEST_EQUAL(pk_genkey(&pk, parameter), 0); + TEST_EQUAL(pk_genkey(&pk, curve_or_keybits), 0); TEST_EQUAL(mbedtls_pk_sign_ext(key_pk_type, &pk, md_alg, hash, hash_len, sig, sizeof(sig), &sig_len, @@ -1498,9 +1494,8 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_USE_PSA_CRYPTO */ -void pk_psa_wrap_sign_ext(int pk_type, int parameter, int key_pk_type, int md_alg) +void pk_psa_wrap_sign_ext(int pk_type, int key_bits, int key_pk_type, int md_alg) { - /* See the description of mbedtls_rsa_gen_key() for the description of the `parameter` argument. */ mbedtls_pk_context pk; size_t sig_len, pkey_len; mbedtls_svc_key_id_t key_id; @@ -1524,7 +1519,7 @@ void pk_psa_wrap_sign_ext(int pk_type, int parameter, int key_pk_type, int md_al mbedtls_pk_info_from_type(pk_type)), 0); TEST_EQUAL(mbedtls_rsa_gen_key(mbedtls_pk_rsa(pk), mbedtls_test_rnd_std_rand, NULL, - parameter, 3), 0); + key_bits, 3), 0); /* Export underlying public key for re-importing in a legacy context. */ ret = mbedtls_pk_write_pubkey_der(&pk, pkey, sizeof(pkey)); From 1941af087c3ab4e1ea1f796af959fe926e3a4a4d Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> Date: Thu, 14 Dec 2023 21:48:52 +0200 Subject: [PATCH 1134/1674] pk_wrap: remove last references to MBEDTLS_PSA_CRYPTO_C Deprecated functions are removed and #ifdefs are updated accordingly. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> --- library/pk_wrap.c | 122 +--------------------------------------------- library/pk_wrap.h | 22 +-------- 2 files changed, 3 insertions(+), 141 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index b1fbd861d..88572f815 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -30,11 +30,8 @@ #include "pkwrite.h" #endif -#if defined(MBEDTLS_PSA_CRYPTO_C) -#include "psa_util_internal.h" -#endif - #if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa_util_internal.h" #include "psa/crypto.h" #if defined(MBEDTLS_PK_CAN_ECDSA_SOME) @@ -49,123 +46,6 @@ #include #include -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(MBEDTLS_PSA_CRYPTO_C) -int mbedtls_pk_error_from_psa(psa_status_t status) -{ - switch (status) { - case PSA_SUCCESS: - return 0; - case PSA_ERROR_INVALID_HANDLE: - return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; - case PSA_ERROR_NOT_PERMITTED: - return MBEDTLS_ERR_ERROR_GENERIC_ERROR; - case PSA_ERROR_BUFFER_TOO_SMALL: - return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; - case PSA_ERROR_NOT_SUPPORTED: - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; - case PSA_ERROR_INVALID_ARGUMENT: - return MBEDTLS_ERR_PK_INVALID_ALG; - case PSA_ERROR_INSUFFICIENT_MEMORY: - return MBEDTLS_ERR_PK_ALLOC_FAILED; - case PSA_ERROR_BAD_STATE: - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - case PSA_ERROR_COMMUNICATION_FAILURE: - case PSA_ERROR_HARDWARE_FAILURE: - return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; - case PSA_ERROR_DATA_CORRUPT: - case PSA_ERROR_DATA_INVALID: - case PSA_ERROR_STORAGE_FAILURE: - return MBEDTLS_ERR_PK_FILE_IO_ERROR; - case PSA_ERROR_CORRUPTION_DETECTED: - return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - default: - return MBEDTLS_ERR_ERROR_GENERIC_ERROR; - } -} - -#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ - defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) -int mbedtls_pk_error_from_psa_rsa(psa_status_t status) -{ - switch (status) { - case PSA_ERROR_NOT_PERMITTED: - case PSA_ERROR_INVALID_ARGUMENT: - case PSA_ERROR_INVALID_HANDLE: - return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; - case PSA_ERROR_BUFFER_TOO_SMALL: - return MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE; - case PSA_ERROR_INSUFFICIENT_ENTROPY: - return MBEDTLS_ERR_RSA_RNG_FAILED; - case PSA_ERROR_INVALID_SIGNATURE: - return MBEDTLS_ERR_RSA_VERIFY_FAILED; - case PSA_ERROR_INVALID_PADDING: - return MBEDTLS_ERR_RSA_INVALID_PADDING; - case PSA_SUCCESS: - return 0; - case PSA_ERROR_NOT_SUPPORTED: - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; - case PSA_ERROR_INSUFFICIENT_MEMORY: - return MBEDTLS_ERR_PK_ALLOC_FAILED; - case PSA_ERROR_BAD_STATE: - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - case PSA_ERROR_COMMUNICATION_FAILURE: - case PSA_ERROR_HARDWARE_FAILURE: - return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; - case PSA_ERROR_DATA_CORRUPT: - case PSA_ERROR_DATA_INVALID: - case PSA_ERROR_STORAGE_FAILURE: - return MBEDTLS_ERR_PK_FILE_IO_ERROR; - case PSA_ERROR_CORRUPTION_DETECTED: - return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - default: - return MBEDTLS_ERR_ERROR_GENERIC_ERROR; - } -} -#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ -#endif /* MBEDTLS_PSA_CRYPTO_C */ - -#if defined(MBEDTLS_USE_PSA_CRYPTO) -#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) -int mbedtls_pk_error_from_psa_ecdsa(psa_status_t status) -{ - switch (status) { - case PSA_ERROR_NOT_PERMITTED: - case PSA_ERROR_INVALID_ARGUMENT: - return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; - case PSA_ERROR_INVALID_HANDLE: - return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE; - case PSA_ERROR_BUFFER_TOO_SMALL: - return MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL; - case PSA_ERROR_INSUFFICIENT_ENTROPY: - return MBEDTLS_ERR_ECP_RANDOM_FAILED; - case PSA_ERROR_INVALID_SIGNATURE: - return MBEDTLS_ERR_ECP_VERIFY_FAILED; - case PSA_SUCCESS: - return 0; - case PSA_ERROR_NOT_SUPPORTED: - return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; - case PSA_ERROR_INSUFFICIENT_MEMORY: - return MBEDTLS_ERR_PK_ALLOC_FAILED; - case PSA_ERROR_BAD_STATE: - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; - case PSA_ERROR_COMMUNICATION_FAILURE: - case PSA_ERROR_HARDWARE_FAILURE: - return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; - case PSA_ERROR_DATA_CORRUPT: - case PSA_ERROR_DATA_INVALID: - case PSA_ERROR_STORAGE_FAILURE: - return MBEDTLS_ERR_PK_FILE_IO_ERROR; - case PSA_ERROR_CORRUPTION_DETECTED: - return MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - default: - return MBEDTLS_ERR_ERROR_GENERIC_ERROR; - } -} -#endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ -#endif /* MBEDTLS_USE_PSA_CRYPTO */ -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - #if defined(MBEDTLS_RSA_C) static int rsa_can_do(mbedtls_pk_type_t type) { diff --git a/library/pk_wrap.h b/library/pk_wrap.h index a6237bf63..be096da53 100644 --- a/library/pk_wrap.h +++ b/library/pk_wrap.h @@ -15,9 +15,9 @@ #include "mbedtls/pk.h" -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif struct mbedtls_pk_info_t { /** Public key type */ @@ -125,12 +125,6 @@ extern const mbedtls_pk_info_t mbedtls_rsa_alt_info; extern const mbedtls_pk_info_t mbedtls_ecdsa_opaque_info; extern const mbedtls_pk_info_t mbedtls_rsa_opaque_info; -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) -int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_ecdsa(psa_status_t status); -#endif -#endif - #if defined(MBEDTLS_RSA_C) int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md, mbedtls_rsa_context *rsa_ctx, @@ -141,16 +135,4 @@ int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t psa_alg_md, #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#if defined(MBEDTLS_PSA_CRYPTO_C) -#if !defined(MBEDTLS_DEPRECATED_REMOVED) -int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa(psa_status_t status); - -#if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) || \ - defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC) -int MBEDTLS_DEPRECATED mbedtls_pk_error_from_psa_rsa(psa_status_t status); -#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY || PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ -#endif /* !MBEDTLS_DEPRECATED_REMOVED */ - -#endif /* MBEDTLS_PSA_CRYPTO_C */ - #endif /* MBEDTLS_PK_WRAP_H */ From bad170e159ad9505301b973a0e22c05e74af622a Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> Date: Thu, 14 Dec 2023 22:03:12 +0200 Subject: [PATCH 1135/1674] pk: remove last references to MBEDTLS_PSA_CRYPTO_C They are replaced by MBEDTLS_USE_PSA_CRYPTO. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> --- include/mbedtls/pk.h | 15 +++++---------- library/pk.c | 6 +++--- 2 files changed, 8 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 355bf1034..27768bd35 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -28,7 +28,7 @@ #include "mbedtls/ecdsa.h" #endif -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" #endif @@ -229,7 +229,7 @@ typedef struct mbedtls_pk_context { void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */ /* The following field is used to store the ID of a private key in the * following cases: - * - opaque key when MBEDTLS_PSA_CRYPTO_C is defined + * - opaque key when MBEDTLS_USE_PSA_CRYPTO is defined * - normal key when MBEDTLS_PK_USE_PSA_EC_DATA is defined. In this case: * - the pk_ctx above is not not used to store the private key anymore. * Actually that field not populated at all in this case because also @@ -239,15 +239,10 @@ typedef struct mbedtls_pk_context { * * Note: this private key storing solution only affects EC keys, not the * other ones. The latters still use the pk_ctx to store their own - * context. - * - * Note: this priv_id is guarded by MBEDTLS_PSA_CRYPTO_C and not by - * MBEDTLS_PK_USE_PSA_EC_DATA (as the public counterpart below) because, - * when working with opaque keys, it can be used also in - * mbedtls_pk_sign_ext for RSA keys. */ -#if defined(MBEDTLS_PSA_CRYPTO_C) + * context. */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_svc_key_id_t MBEDTLS_PRIVATE(priv_id); /**< Key ID for opaque keys */ -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif /* MBEDTLS_USE_PSA_CRYPTO */ /* The following fields are meant for storing the public key in raw format * which is handy for: * - easily importing it into the PSA context diff --git a/library/pk.c b/library/pk.c index 929af3c65..61ac0dfab 100644 --- a/library/pk.c +++ b/library/pk.c @@ -29,7 +29,7 @@ #include "mbedtls/ecdsa.h" #endif -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa_util_internal.h" #include "md_psa.h" #endif @@ -44,9 +44,9 @@ void mbedtls_pk_init(mbedtls_pk_context *ctx) { ctx->pk_info = NULL; ctx->pk_ctx = NULL; -#if defined(MBEDTLS_PSA_CRYPTO_C) +#if defined(MBEDTLS_USE_PSA_CRYPTO) ctx->priv_id = MBEDTLS_SVC_KEY_ID_INIT; -#endif /* MBEDTLS_PSA_CRYPTO_C */ +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) memset(ctx->pub_raw, 0, sizeof(ctx->pub_raw)); ctx->pub_raw_len = 0; From 5297e43eec42f590718814ab6c9b364d5145bc1d Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> Date: Thu, 14 Dec 2023 22:12:07 +0200 Subject: [PATCH 1136/1674] non-psa-pk-implementation: rephrase the changelog entry And remove the comment on the uniformity in the PK module with regards to PSA_CRYPTO_C not being referenced anymore; end users are probably not interested in that. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> --- ChangeLog.d/non-psa-pk-implementation.txt | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/non-psa-pk-implementation.txt b/ChangeLog.d/non-psa-pk-implementation.txt index 88ed00654..a7129a6da 100644 --- a/ChangeLog.d/non-psa-pk-implementation.txt +++ b/ChangeLog.d/non-psa-pk-implementation.txt @@ -1,4 +1,3 @@ Changes - * mbedtls_pk_sign_ext() is now available even without PSA - (MBEDTLS_PSA_CRYPTO_C). This improves uniformity in the PK module; - it now only depends on MBEDTLS_USE_PSA_CRYPTO for its use of PSA. + * mbedtls_pk_sign_ext() is now always available, not just when + PSA (MBEDTLS_PSA_CRYPTO_C) is enabled. \ No newline at end of file From 9f41770313af84b63d82f6ca768eb66457b36374 Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> Date: Sat, 16 Dec 2023 15:28:51 +0200 Subject: [PATCH 1137/1674] pk_*: remove remaining references to MBEDTLS_PSA_CRYPTO_C For real this time. Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com> --- library/pk_internal.h | 22 ++++++++++------------ library/pk_wrap.c | 8 ++++---- 2 files changed, 14 insertions(+), 16 deletions(-) diff --git a/library/pk_internal.h b/library/pk_internal.h index 81807f133..d4b140aef 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -19,7 +19,16 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" -#endif + +#include "psa_util_internal.h" +#define PSA_PK_TO_MBEDTLS_ERR(status) psa_pk_status_to_mbedtls(status) +#define PSA_PK_RSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \ + psa_to_pk_rsa_errors, \ + psa_pk_status_to_mbedtls) +#define PSA_PK_ECDSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \ + psa_to_pk_ecdsa_errors, \ + psa_pk_status_to_mbedtls) +#endif /* MBEDTLS_USE_PSA_CRYPTO */ /* Headers/footers for PEM files */ #define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----" @@ -35,17 +44,6 @@ #define PEM_BEGIN_ENCRYPTED_PRIVATE_KEY_PKCS8 "-----BEGIN ENCRYPTED PRIVATE KEY-----" #define PEM_END_ENCRYPTED_PRIVATE_KEY_PKCS8 "-----END ENCRYPTED PRIVATE KEY-----" -#if defined(MBEDTLS_PSA_CRYPTO_C) -#include "psa_util_internal.h" -#define PSA_PK_TO_MBEDTLS_ERR(status) psa_pk_status_to_mbedtls(status) -#define PSA_PK_RSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \ - psa_to_pk_rsa_errors, \ - psa_pk_status_to_mbedtls) -#define PSA_PK_ECDSA_TO_MBEDTLS_ERR(status) PSA_TO_MBEDTLS_ERR_LIST(status, \ - psa_to_pk_ecdsa_errors, \ - psa_pk_status_to_mbedtls) -#endif - #if !defined(MBEDTLS_PK_USE_PSA_EC_DATA) /** * Public function mbedtls_pk_ec() can be used to get direct access to the diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 88572f815..924794523 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -26,14 +26,14 @@ #include "mbedtls/ecdsa.h" #endif -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PSA_CRYPTO_C) -#include "pkwrite.h" -#endif - #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa_util_internal.h" #include "psa/crypto.h" +#if defined(MBEDTLS_RSA_C) +#include "pkwrite.h" +#endif + #if defined(MBEDTLS_PK_CAN_ECDSA_SOME) #include "mbedtls/asn1write.h" #include "mbedtls/asn1.h" From e6a664ed65a00478da7334f6bf3adf488205ec8c Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles Date: Mon, 18 Dec 2023 11:40:44 +0200 Subject: [PATCH 1138/1674] changelog: fix missing newline at end of file Signed-off-by: Tomi Fontanilles --- ChangeLog.d/non-psa-pk-implementation.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/non-psa-pk-implementation.txt b/ChangeLog.d/non-psa-pk-implementation.txt index a7129a6da..535bbf55e 100644 --- a/ChangeLog.d/non-psa-pk-implementation.txt +++ b/ChangeLog.d/non-psa-pk-implementation.txt @@ -1,3 +1,3 @@ Changes * mbedtls_pk_sign_ext() is now always available, not just when - PSA (MBEDTLS_PSA_CRYPTO_C) is enabled. \ No newline at end of file + PSA (MBEDTLS_PSA_CRYPTO_C) is enabled. From 851d8df58d2f1aa9e691e61321f29411bfaa843d Mon Sep 17 00:00:00 2001 From: Tomi Fontanilles Date: Tue, 19 Dec 2023 15:44:52 +0200 Subject: [PATCH 1139/1674] fix/work around dependency issues when !MBEDTLS_ECP_C Signed-off-by: Tomi Fontanilles --- include/mbedtls/debug.h | 2 +- library/pk_internal.h | 4 ++-- library/pkparse.c | 4 +--- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index 9a17488d2..922e5bec5 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -230,7 +230,7 @@ void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level, const char *text, const mbedtls_mpi *X); #endif -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_ECP_LIGHT) /** * \brief Print an ECP point to the debug output. This function is always * used through the MBEDTLS_SSL_DEBUG_ECP() macro, which supplies the diff --git a/library/pk_internal.h b/library/pk_internal.h index d4b140aef..025ee8b01 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -44,7 +44,7 @@ #define PEM_BEGIN_ENCRYPTED_PRIVATE_KEY_PKCS8 "-----BEGIN ENCRYPTED PRIVATE KEY-----" #define PEM_END_ENCRYPTED_PRIVATE_KEY_PKCS8 "-----END ENCRYPTED PRIVATE KEY-----" -#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA) +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) && !defined(MBEDTLS_PK_USE_PSA_EC_DATA) /** * Public function mbedtls_pk_ec() can be used to get direct access to the * wrapped ecp_keypair structure pointed to the pk_ctx. However this is not @@ -80,7 +80,7 @@ static inline mbedtls_ecp_keypair *mbedtls_pk_ec_rw(const mbedtls_pk_context pk) return NULL; } } -#endif /* !MBEDTLS_PK_USE_PSA_EC_DATA */ +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS && !MBEDTLS_PK_USE_PSA_EC_DATA */ #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) static inline mbedtls_ecp_group_id mbedtls_pk_get_ec_group_id(const mbedtls_pk_context *pk) diff --git a/library/pkparse.c b/library/pkparse.c index c33b74203..6ce7fcf1d 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -15,6 +15,7 @@ #include "mbedtls/platform_util.h" #include "mbedtls/platform.h" #include "mbedtls/error.h" +#include "mbedtls/ecp.h" #include "pk_internal.h" #include @@ -28,9 +29,6 @@ #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" #endif -#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) -#include "mbedtls/ecp.h" -#endif /* Extended formats */ #if defined(MBEDTLS_PEM_PARSE_C) From 3fab8a4deb3c62ae05cde3279f6857a2679ba192 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 20 Dec 2023 14:25:37 +0100 Subject: [PATCH 1140/1674] driver-only-builds: fix typos Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 373de2389..05bffa574 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -296,7 +296,7 @@ It should be noticed that the matching between legacy (i.e. `MBEDTLS_xxx_C`) and PSA (i.e. `PSA_WANT_xxx`) symbols is not always 1:1. For example: - ECB mode is always enabled in legacy configuration for each key type that allows it (AES, ARIA, Camellia, DES), whereas it must be explicitly enabled - in PSA with `PSA_WANT_ALG_ECB`; + in PSA with `PSA_WANT_ALG_ECB_NO_PADDING`; - similarly for stream ciphers, it is automatically enabled for key types that support it (`CHACHA20_C` and `NULL_CIPHER`) whereas it must be explicitly enabled in PSA with `PSA_WANT_ALG_STREAM_CIPHER`; @@ -333,7 +333,7 @@ PSA acceleration when: This is possible when: -- all ciphers and AEADs are accelerated; +- all ciphers and AEADs are accelerated, or - no legacy module, either cipher or AEAD, is enabled. The only exception being CCM/GCM when key types are accelerated, as described in section [Partial acceleration for CCM/GCM](#partial-acceleration-for-CCM/GCM). From af53132e443420649daeaec40d5c614aea56007a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 20 Dec 2023 15:56:09 +0100 Subject: [PATCH 1141/1674] driver-only-builds: enhancing section on removing CIPHER_C Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 05bffa574..7b4b480d3 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -331,12 +331,17 @@ PSA acceleration when: ### Disabling CIPHER_C -This is possible when: +This only depends on unauthenticated ciphers: they can be either completely +accelerated or disabled in order to remove the dependency on `MBEDTLS_CIPHER_C`. -- all ciphers and AEADs are accelerated, or -- no legacy module, either cipher or AEAD, is enabled. The only exception being - CCM/GCM when key types are accelerated, as described in section - [Partial acceleration for CCM/GCM](#partial-acceleration-for-CCM/GCM). +AEADs do not have such restriction. Of course they can be accelerated as well, +but they can also rely on the legacy modules (`MBEDTLS_[CCM|GCM|CHACHAPOLY]`) +with the following conditions on the underlying key types: +- CCM/GCM can either use legacy key type modules `MBEDTLS_[AES|ARIA|CAMELLIA]_C` + or their accelerated version, as described in section + ["Partial acceleration for CCM/GCM"](#partial-acceleration-for-CCM/GCM). +- ChaChaPoly instead can only rely on legacy key type module `MBEDTLS_CHACHA20_C` + and algorithm `MBEDTLS_POLY1305_C`. It should be noticed that disabling `MBEDTLS_CIPHER_C` helps in reducing code's footprint, but unfortunately it makes the following modules unavailable: From d834896c8b423359dee2e95c18a8198e349d13a0 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 20 Dec 2023 16:00:44 +0100 Subject: [PATCH 1142/1674] changelog: enhancing descriptions Signed-off-by: Valerio Setti --- ChangeLog.d/8358.txt | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/ChangeLog.d/8358.txt b/ChangeLog.d/8358.txt index d4c847c82..2b66d8d22 100644 --- a/ChangeLog.d/8358.txt +++ b/ChangeLog.d/8358.txt @@ -1,9 +1,9 @@ Features * It is now possible to accelerate all ciphers and AEADs through a driver, while completely removing legacy support and MBEDTLS_CIPHER_C, and still - get full functionality. Only unsupported features that still depend on - MBEDTLS_CIPHER_C are: MBEDTLS_PKCS[5|12]_C and MBEDTLS_NIST_KW_C. - * CTR-DRBG module can now take advantage of PSA driver. Legacy - MBEDTLS_AES_C is still the preferred solution, but when it's not available - it can rely on PSA if PSA_WANT_KEY_TYPE_AES and PSA_WANT_ALG_ECB_NO_PADDING - are defined. + get most things working, including TLS - see + docs/driver-only-builds.md for full details and current limitations. + * The CTR-DRBG module no longer depends on MBEDTLS_AES_C and can also use + AES from a PSA driver. This requires MBEDTLS_PSA_CRYPTO_C, + PSA_WANT_KEY_TYPE_AES and PSA_WANT_ALG_ECB_NO_PADDING to be enabled, and + MBEDTLS_AES_C to be disabled. From f5e135670b5e86e38e20b62beac9942cb982ac58 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 20 Dec 2023 15:24:47 +0000 Subject: [PATCH 1143/1674] Clarify key generation and memory-management correctness Signed-off-by: Ryan Everett --- .../psa-thread-safety/psa-thread-safety.md | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/docs/architecture/psa-thread-safety/psa-thread-safety.md b/docs/architecture/psa-thread-safety/psa-thread-safety.md index 70b1341c2..075c8c4e3 100644 --- a/docs/architecture/psa-thread-safety/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety/psa-thread-safety.md @@ -29,7 +29,7 @@ Tempting platform requirements that we cannot add to the default `MBEDTLS_THREAD If you build with `MBEDTLS_PSA_CRYPTO_C` and `MBEDTLS_THREADING_C`, the code must be functionally correct: no race conditions, deadlocks or livelocks. -The [PSA Crypto API specification](https://armmbed.github.io/mbed-crypto/html/overview/conventions.html#concurrent-calls) defines minimum expectations for concurrent calls. They must work as if they had been executed one at a time, except that the following cases have undefined behavior: +The [PSA Crypto API specification](https://armmbed.github.io/mbed-crypto/html/overview/conventions.html#concurrent-calls) defines minimum expectations for concurrent calls. They must work as if they had been executed one at a time (excluding resource-management errors), except that the following cases have undefined behavior: * Destroying a key while it's in use. * Concurrent calls using the same operation object. (An operation object may not be used by more than one thread at a time. But it can move from one thread to another between calls.) @@ -290,7 +290,7 @@ For concurrency purposes, a slot can be in one of four states: To change `slot` to state `new_state`, a function must call `psa_slot_state_transition(slot, new_state)`. -A counter field within each slot keeps track of how many readers have registered. Library functions must call `psa_register_read` before reading the key data witin a slot, and `psa_unregister_read` after they have finished operating. +A counter field within each slot keeps track of how many readers have registered. Library functions must call `psa_register_read` before reading the key data within a slot, and `psa_unregister_read` after they have finished operating. Any call to `psa_slot_state_transition`, `psa_register_read` or `psa_unregister_read` must be performed by a thread which holds the global mutex. @@ -298,7 +298,9 @@ Any call to `psa_slot_state_transition`, `psa_register_read` or `psa_unregister_ To satisfy the requirements in [Correctness out of the box](#correctness-out-of-the-box), we require our functions to be "linearizable" (under certain constraints). This means that any (constraint satisfying) set of concurrent calls are performed as if they were executed in some sequential order. -The standard way of reasoning that this is the case is to identify a "linearization point" for each call, this is a single execution step where the function takes effect (this is usually a step in which the effects of the call become visible to other threads). If every call has a linearization point, the set of calls is equivalent to sequentially performing the calls in order of when their linearization point occured. +The standard way of reasoning that this is the case is to identify a "linearization point" for each call, this is a single execution step where the function takes effect (this is usually a step in which the effects of the call become visible to other threads). If every call has a linearization point, the set of calls is equivalent to sequentially performing the calls in order of when their linearization point occurred. + +We only require linearizability to hold in the case where a resource-management error is not returned. In a set of concurrent calls, it is permitted for a call c to fail with a PSA_ERROR_INSUFFICIENT_MEMORY return code even if there does not exist a sequential ordering of the calls in which c returns this error. We only access and modify a slot's state and reader count while we hold the global lock. This ensures the memory in which these fields are stored is correctly synchronized. It also ensures that the key data within the slot is synchronised where needed (the writer unlocks the mutex after filling the data, and any reader must lock the mutex before reading the data). @@ -306,8 +308,11 @@ To help justify that our system is linearizable, here is a list of key slot stat * `psa_wipe_key_slot, psa_register_read, psa_unregister_read, psa_slot_state_transition,` - These functions are all always performed under the global mutex, so they have no effects visible to other threads (this implies that they are linearizable). * `psa_get_empty_key_slot, psa_get_and_lock_key_slot_in_memory, psa_load_X_key_into_slot, psa_fail_key_creation` - These functions hold the mutex for all non-setup/finalizing code, their linearization points are the release of the mutex. * `psa_get_and_lock_key_slot` - If the key is already in a slot, the linearization point is the linearization point of the call to `psa_get_and_lock_key_slot_in_memory`. If the key is not in a slot and is loaded into one, the linearization point is the linearization point of the call to `psa_load_X_key_into_slot`. +* `psa_start_key_creation` - From the perspective of other threads, the only effect of a successful call to this function is that the amount of usable resources decreases (a key slot which was usable is now unusable). Since we do not consider resource management as linearizable behaviour, when arguing for linearizability of the system we consider this function to have no visible effect to other threads. * `psa_finish_key_creation` - On a successful load, we lock the mutex and set the state of the slot to FULL, the linearization point is then the following unlock. On an unsuccessful load, the linearization point is when we return - no action we have performed has been made visible to another thread as the slot is still in a FILLING state. * `psa_destroy_key, psa_close_key, psa_purge_key` - As per the requirements, we need only argue for the case where the key is not in use here. The linearization point is the unlock after wiping the data and setting the slot state to EMPTY. +* `psa_import_key, psa_copy_key, psa_generate_key, mbedtls_psa_register_se_key` - These functions call both `psa_start_key_creation` and `psa_finish_key_creation`, the linearization point of a successful call is the linearization point of the call to `psa_finish_key_creation`. The linearization point of an unsuccessful call is the linearization point of the call to `psa_fail_key_creation`. +* `psa_key_derivation_output_key` - Same as above. If the operation object is in use by multiple threads, the behaviour need not be linearizable. Library functions which operate on a slot will return `PSA_ERROR_BAD_STATE` if the slot is in an inappropriate state for the function at the linearization point. From 66134661cd82c29f12e3559dcf8661b610804e0b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 20 Dec 2023 17:06:13 +0100 Subject: [PATCH 1144/1674] driver-only-builds: add Restrictions section Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 7b4b480d3..0fb437877 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -290,6 +290,15 @@ operations of that type requested through the PSA Crypto API are performed by the driver. Only functions belonging to legacy modules which are disabled won't be available in this configuration. +### Restrictions + +- If an algorithm other than GCM and CCM (see + ["Partial acceleration for CCM/GCM"](#partial-acceleration-for-ccmgcm) below) + is enabled but not accelerated, then all key types than can be used with it + will need to be built-in; +- if a key type is enabled but not accelerated, then all algorithms than can be + used with it will need to be built-in. + ### Legacy <-> PSA matching It should be noticed that the matching between legacy (i.e. `MBEDTLS_xxx_C`) @@ -339,7 +348,7 @@ but they can also rely on the legacy modules (`MBEDTLS_[CCM|GCM|CHACHAPOLY]`) with the following conditions on the underlying key types: - CCM/GCM can either use legacy key type modules `MBEDTLS_[AES|ARIA|CAMELLIA]_C` or their accelerated version, as described in section - ["Partial acceleration for CCM/GCM"](#partial-acceleration-for-CCM/GCM). + ["Partial acceleration for CCM/GCM"](#partial-acceleration-for-ccmgcm). - ChaChaPoly instead can only rely on legacy key type module `MBEDTLS_CHACHA20_C` and algorithm `MBEDTLS_POLY1305_C`. From 3dd6cde0d819a9eb45f3be694fbf72e70d54cceb Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 20 Dec 2023 16:45:31 +0000 Subject: [PATCH 1145/1674] Mention functional correctness explicitly Signed-off-by: Ryan Everett --- docs/architecture/psa-thread-safety/psa-thread-safety.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/psa-thread-safety/psa-thread-safety.md b/docs/architecture/psa-thread-safety/psa-thread-safety.md index 075c8c4e3..dc5d7e189 100644 --- a/docs/architecture/psa-thread-safety/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety/psa-thread-safety.md @@ -300,7 +300,7 @@ To satisfy the requirements in [Correctness out of the box](#correctness-out-of- The standard way of reasoning that this is the case is to identify a "linearization point" for each call, this is a single execution step where the function takes effect (this is usually a step in which the effects of the call become visible to other threads). If every call has a linearization point, the set of calls is equivalent to sequentially performing the calls in order of when their linearization point occurred. -We only require linearizability to hold in the case where a resource-management error is not returned. In a set of concurrent calls, it is permitted for a call c to fail with a PSA_ERROR_INSUFFICIENT_MEMORY return code even if there does not exist a sequential ordering of the calls in which c returns this error. +We only require linearizability to hold in the case where a resource-management error is not returned. In a set of concurrent calls, it is permitted for a call c to fail with a PSA_ERROR_INSUFFICIENT_MEMORY return code even if there does not exist a sequential ordering of the calls in which c returns this error. Even if such an error occurs, all calls are still required to be functionally correct. We only access and modify a slot's state and reader count while we hold the global lock. This ensures the memory in which these fields are stored is correctly synchronized. It also ensures that the key data within the slot is synchronised where needed (the writer unlocks the mutex after filling the data, and any reader must lock the mutex before reading the data). From 049cd302ed13a516eef412bffa9753f77edb763f Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Wed, 20 Dec 2023 17:28:31 +0000 Subject: [PATCH 1146/1674] Refactor record size limit extension handling Signed-off-by: Waleed Elmelegy --- include/mbedtls/ssl.h | 2 +- library/ssl_tls.c | 45 ++++++++++++++++++++++++++-- library/ssl_tls13_client.c | 13 ++++++++ library/ssl_tls13_generic.c | 37 ----------------------- tests/src/test_helpers/ssl_helpers.c | 4 +++ tests/suites/test_suite_ssl.function | 4 +++ 6 files changed, 65 insertions(+), 40 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 85ec7ab36..3192e2a82 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1188,7 +1188,7 @@ struct mbedtls_ssl_session { unsigned char MBEDTLS_PRIVATE(mfl_code); /*!< MaxFragmentLength negotiated by peer */ #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -/*!< RecordSizeLimit received by peer */ +/*!< RecordSizeLimit received from the peer */ #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) uint16_t MBEDTLS_PRIVATE(record_size_limit); #endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 7a8c759fa..914eec329 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2492,7 +2492,7 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session, needed += 4; /* max_early_data_size */ #endif #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) - needed += 2; /* record_size_limit */ + needed += 2; /* record_size_limit */ #endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ #if defined(MBEDTLS_HAVE_TIME) @@ -3420,6 +3420,31 @@ size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl) return max_len; } +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + +size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl) +{ + const size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; + size_t record_size_limit = max_len; + + if (ssl->session != NULL && + ssl->session->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN && + ssl->session->record_size_limit < max_len) { + record_size_limit = ssl->session->record_size_limit; + } + + // TODO: this is currently untested + /* During a handshake, use the value being negotiated */ + if (ssl->session_negotiate != NULL && + ssl->session_negotiate->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN && + ssl->session_negotiate->record_size_limit < max_len) { + record_size_limit = ssl->session_negotiate->record_size_limit; + } + + return record_size_limit; +} +#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ + size_t mbedtls_ssl_get_output_max_frag_len(const mbedtls_ssl_context *ssl) { size_t max_len; @@ -3491,6 +3516,21 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) if (max_len > record_size_limit) { max_len = record_size_limit; + if (ssl->transform_out != NULL && + ssl->transform_out->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { + /* RFC 8449, section 4: + * + * This value [record_size_limit] is the length of the plaintext + * of a protected record. + * The value includes the content type and padding added in TLS 1.3 + * (that is, the complete length of TLSInnerPlaintext). + * + * Thus, round down to a multiple of MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY + * and subtract 1 (for the content type that will be added later) + */ + max_len = ((max_len / MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) * + MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) - 1; + } } #endif @@ -3516,7 +3556,8 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) #endif /* MBEDTLS_SSL_PROTO_DTLS */ #if !defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) && \ - !defined(MBEDTLS_SSL_PROTO_DTLS) + !defined(MBEDTLS_SSL_PROTO_DTLS) && \ + !defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) ((void) ssl); #endif diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 1a246c4df..503db5862 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2131,6 +2131,19 @@ static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl, p += extension_data_len; } + if ((handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(RECORD_SIZE_LIMIT)) && + (handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(MAX_FRAGMENT_LENGTH))) { + mbedtls_debug_print_msg(ssl, + 3, + __FILE__, + __LINE__, + "Record size limit extension cannot be used with max fragment length extension"); + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, + MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + } + MBEDTLS_SSL_PRINT_EXTS(3, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, handshake->received_extensions); diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 7c7aac80e..326811a60 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1732,43 +1732,6 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl, return 0; } -static inline size_t ssl_compute_internal_record_size_limit(size_t record_size_limit) -{ - /* RFC 8449, section 4: - * - * This value [record_size_limit] is the length of the plaintext of a protected record. - * The value includes the content type and padding added in TLS 1.3 (that is, the complete - * length of TLSInnerPlaintext). - * - * Thus, round down to a multiple of MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY - * and subtract 1 (for the content type that will be added later) - */ - return ((record_size_limit / MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) * - MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) - 1; -} - -size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl) -{ - const size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; - size_t record_size_limit = max_len; - - if (ssl->session != NULL && - ssl->session->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN && - ssl->session->record_size_limit < max_len) { - record_size_limit = ssl_compute_internal_record_size_limit(ssl->session->record_size_limit); - } - - // TODO: this is currently untested - /* During a handshake, use the value being negotiated */ - if (ssl->session_negotiate != NULL && - ssl->session_negotiate->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN && - ssl->session_negotiate->record_size_limit < max_len) { - record_size_limit = ssl_compute_internal_record_size_limit( - ssl->session_negotiate->record_size_limit); - } - - return record_size_limit; -} #endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ #endif /* MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_PROTO_TLS1_3 */ diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index d02d30539..3d8937da6 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -1776,6 +1776,10 @@ int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, } #endif /* MBEDTLS_SSL_CLI_C */ +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + session->record_size_limit = 2048; +#endif + return 0; } #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 05571a1dc..8a03d1b97 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2096,6 +2096,10 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, } #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + TEST_ASSERT(original.record_size_limit == restored.record_size_limit); +#endif + exit: mbedtls_ssl_session_free(&original); mbedtls_ssl_session_free(&restored); From 65e3046e183a8df70d7806180d3f0d8b3f970ac3 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Wed, 20 Dec 2023 17:55:10 +0000 Subject: [PATCH 1147/1674] Fix code style in ssl_tls.c Signed-off-by: Waleed Elmelegy --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 914eec329..452970ebe 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3530,7 +3530,7 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) */ max_len = ((max_len / MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) * MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) - 1; - } + } } #endif From 8c1e6bbcdc808d72967868df81ba215d7bc50546 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 21 Dec 2023 15:02:48 +0100 Subject: [PATCH 1148/1674] driver-only-builds: fix typos Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 0fb437877..09c09d536 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -243,7 +243,7 @@ removing builtin support (i.e. `MBEDTLS_DHM_C`). Ciphers and AEADs ----------------- -It is possible to have all ciphers and AEADs operations provided only by a +It is possible to have all ciphers and AEAD operations provided only by a driver. More precisely, for each desired combination of key type and algorithm/mode you can: - enable desired PSA key type(s): @@ -251,7 +251,7 @@ algorithm/mode you can: - `PSA_WANT_KEY_TYPE_ARIA`, - `PSA_WANT_KEY_TYPE_CAMELLIA`, - `PSA_WANT_KEY_TYPE_CHACHA20`, - - `PSA_WANT_KEY_TYPE_DES`; + - `PSA_WANT_KEY_TYPE_DES`. - enable desired PSA algorithm(s): - unauthenticated ciphers modes: - `PSA_WANT_ALG_CBC_NO_PADDING`, @@ -261,13 +261,13 @@ algorithm/mode you can: - `PSA_WANT_ALG_CTR`, - `PSA_WANT_ALG_ECB_NO_PADDING`, - `PSA_WANT_ALG_OFB`, - - `PSA_WANT_ALG_STREAM_CIPHER`; + - `PSA_WANT_ALG_STREAM_CIPHER`. - AEADs: - `PSA_WANT_ALG_CCM`, - `PSA_WANT_ALG_GCM`, - - `PSA_WANT_ALG_CHACHA20_POLY1305`; + - `PSA_WANT_ALG_CHACHA20_POLY1305`. - enable `MBEDTLS_PSA_ACCEL_[KEY_TYPE_xxx|ALG_yyy]` symbol(s) which correspond - to the PSA_WANT_KEY_TYPE_xxx` and `PSA_WANT_ALG_yyy` of the previous steps; + to the PSA_WANT_KEY_TYPE_xxx` and `PSA_WANT_ALG_yyy` of the previous steps. - disable builtin support of key types: - `MBEDTLS_AES_C`, - `MBEDTLS_ARIA_C`, @@ -334,8 +334,8 @@ algorithm) in order to work with a driver. Legacy CTR-DRBG module (enabled by `MBEDTLS_CTR_DRBG_C`) can also benefit from PSA acceleration when: -- legacy AES module is not enabled (`MBEDTLS_AES_C`) and -- AES is supported on PSA side together with ECB mode, i.e. +- the legacy AES module is not enabled (`MBEDTLS_AES_C`) and +- AES is supported on the PSA side together with ECB mode, i.e. `PSA_WANT_KEY_TYPE_AES` + `PSA_WANT_ALG_ECB_NO_PADDING`. ### Disabling CIPHER_C @@ -343,17 +343,17 @@ PSA acceleration when: This only depends on unauthenticated ciphers: they can be either completely accelerated or disabled in order to remove the dependency on `MBEDTLS_CIPHER_C`. -AEADs do not have such restriction. Of course they can be accelerated as well, +AEADs do not have such a restriction. Of course they can be accelerated as well, but they can also rely on the legacy modules (`MBEDTLS_[CCM|GCM|CHACHAPOLY]`) with the following conditions on the underlying key types: - CCM/GCM can either use legacy key type modules `MBEDTLS_[AES|ARIA|CAMELLIA]_C` or their accelerated version, as described in section ["Partial acceleration for CCM/GCM"](#partial-acceleration-for-ccmgcm). -- ChaChaPoly instead can only rely on legacy key type module `MBEDTLS_CHACHA20_C` - and algorithm `MBEDTLS_POLY1305_C`. +- ChaChaPoly instead can only rely on the legacy key type module + `MBEDTLS_CHACHA20_C` and algorithm `MBEDTLS_POLY1305_C`. -It should be noticed that disabling `MBEDTLS_CIPHER_C` helps in reducing code's -footprint, but unfortunately it makes the following modules unavailable: +It should be noticed that disabling `MBEDTLS_CIPHER_C` helps to reduce the +code's footprint, but unfortunately it makes the following modules unavailable: - `MBEDTLS_PKCS[5|12]_C`, - `MBEDTLS_NIST_KW_C`. From a69e872001f8bb8209b68918e3c27122400eb45f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 21 Dec 2023 16:37:29 +0100 Subject: [PATCH 1149/1674] pkcs[5/12]: add CIPHER_C for [en/de]crypting functions This commit also updates corresponding test suites. Signed-off-by: Valerio Setti --- include/mbedtls/pkcs12.h | 4 ++-- include/mbedtls/pkcs5.h | 4 ++-- library/pkcs12.c | 6 ++++-- library/pkcs5.c | 6 ++++-- tests/suites/test_suite_pkcs12.function | 4 ++-- tests/suites/test_suite_pkcs5.function | 4 ++-- 6 files changed, 16 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h index 09f89a23a..87f7681f2 100644 --- a/include/mbedtls/pkcs12.h +++ b/include/mbedtls/pkcs12.h @@ -38,7 +38,7 @@ extern "C" { #endif -#if defined(MBEDTLS_ASN1_PARSE_C) +#if defined(MBEDTLS_ASN1_PARSE_C) && defined(MBEDTLS_CIPHER_C) #if !defined(MBEDTLS_DEPRECATED_REMOVED) /** @@ -145,7 +145,7 @@ int mbedtls_pkcs12_pbe_ext(mbedtls_asn1_buf *pbe_params, int mode, #endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ -#endif /* MBEDTLS_ASN1_PARSE_C */ +#endif /* MBEDTLS_ASN1_PARSE_C && MBEDTLS_CIPHER_C */ /** * \brief The PKCS#12 derivation function uses a password and a salt diff --git a/include/mbedtls/pkcs5.h b/include/mbedtls/pkcs5.h index 6cfe96769..9ba5689d4 100644 --- a/include/mbedtls/pkcs5.h +++ b/include/mbedtls/pkcs5.h @@ -38,7 +38,7 @@ extern "C" { #endif -#if defined(MBEDTLS_ASN1_PARSE_C) +#if defined(MBEDTLS_ASN1_PARSE_C) && defined(MBEDTLS_CIPHER_C) #if !defined(MBEDTLS_DEPRECATED_REMOVED) /** @@ -130,7 +130,7 @@ int mbedtls_pkcs5_pbes2_ext(const mbedtls_asn1_buf *pbe_params, int mode, #endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ -#endif /* MBEDTLS_ASN1_PARSE_C */ +#endif /* MBEDTLS_ASN1_PARSE_C && MBEDTLS_CIPHER_C*/ /** * \brief PKCS#5 PBKDF2 using HMAC without using the HMAC context diff --git a/library/pkcs12.c b/library/pkcs12.c index 160dc4768..a3467b982 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -17,7 +17,9 @@ #include "mbedtls/pkcs12.h" #include "mbedtls/asn1.h" +#if defined(MBEDTLS_CIPHER_C) #include "mbedtls/cipher.h" +#endif /* MBEDTLS_CIPHER_C */ #include "mbedtls/platform_util.h" #include "mbedtls/error.h" @@ -29,7 +31,7 @@ #include "psa_util_internal.h" -#if defined(MBEDTLS_ASN1_PARSE_C) +#if defined(MBEDTLS_ASN1_PARSE_C) && defined(MBEDTLS_CIPHER_C) static int pkcs12_parse_pbe_params(mbedtls_asn1_buf *params, mbedtls_asn1_buf *salt, int *iterations) @@ -238,7 +240,7 @@ exit: return ret; } -#endif /* MBEDTLS_ASN1_PARSE_C */ +#endif /* MBEDTLS_ASN1_PARSE_C && MBEDTLS_CIPHER_C */ static void pkcs12_fill_buffer(unsigned char *data, size_t data_len, const unsigned char *filler, size_t fill_len) diff --git a/library/pkcs5.c b/library/pkcs5.c index d6209bd11..c6c53054b 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -24,7 +24,9 @@ #if defined(MBEDTLS_ASN1_PARSE_C) #include "mbedtls/asn1.h" +#if defined(MBEDTLS_CIPHER_C) #include "mbedtls/cipher.h" +#endif /* MBEDTLS_CIPHER_C */ #include "mbedtls/oid.h" #endif /* MBEDTLS_ASN1_PARSE_C */ @@ -34,7 +36,7 @@ #include "psa_util_internal.h" -#if defined(MBEDTLS_ASN1_PARSE_C) +#if defined(MBEDTLS_ASN1_PARSE_C) && defined(MBEDTLS_CIPHER_C) static int pkcs5_parse_pbkdf2_params(const mbedtls_asn1_buf *params, mbedtls_asn1_buf *salt, int *iterations, int *keylen, mbedtls_md_type_t *md_type) @@ -261,7 +263,7 @@ exit: return ret; } -#endif /* MBEDTLS_ASN1_PARSE_C */ +#endif /* MBEDTLS_ASN1_PARSE_C && MBEDTLS_CIPHER_C */ static int pkcs5_pbkdf2_hmac(mbedtls_md_context_t *ctx, const unsigned char *password, diff --git a/tests/suites/test_suite_pkcs12.function b/tests/suites/test_suite_pkcs12.function index 1d0c287fd..2a5a5bae8 100644 --- a/tests/suites/test_suite_pkcs12.function +++ b/tests/suites/test_suite_pkcs12.function @@ -69,7 +69,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_CIPHER_C */ void pkcs12_pbe_encrypt(int params_tag, int cipher, int md, data_t *params_hex, data_t *pw, data_t *data, int outsize, int ref_ret, data_t *ref_out) { @@ -124,7 +124,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_CIPHER_C */ void pkcs12_pbe_decrypt(int params_tag, int cipher, int md, data_t *params_hex, data_t *pw, data_t *data, int outsize, int ref_ret, data_t *ref_out) { diff --git a/tests/suites/test_suite_pkcs5.function b/tests/suites/test_suite_pkcs5.function index 2b0b0c1e0..afe9f3807 100644 --- a/tests/suites/test_suite_pkcs5.function +++ b/tests/suites/test_suite_pkcs5.function @@ -27,7 +27,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_CIPHER_C */ void pbes2_encrypt(int params_tag, data_t *params_hex, data_t *pw, data_t *data, int outsize, int ref_ret, data_t *ref_out) @@ -75,7 +75,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C:MBEDTLS_CIPHER_C */ void pbes2_decrypt(int params_tag, data_t *params_hex, data_t *pw, data_t *data, int outsize, int ref_ret, data_t *ref_out) From 6d3a68162c5dbb16ba46926739e2deaa43a34d4d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 21 Dec 2023 16:40:03 +0100 Subject: [PATCH 1150/1674] check_config: remove CIPHER_C requirement for PKCS[5/12] Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 9 --------- 1 file changed, 9 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 34ddcb159..1f3c8525f 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -281,15 +281,6 @@ #error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_PKCS12_C) && !defined(MBEDTLS_CIPHER_C) -#error "MBEDTLS_PKCS12_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PKCS5_C) && \ - !defined(MBEDTLS_CIPHER_C) -#error "MBEDTLS_PKCS5_C defined, but not all prerequisites" -#endif - /* Helpers for hash dependencies, will be undefined at the end of the file */ /* Do SHA-256, 384, 512 to cover Entropy and TLS. */ #if defined(MBEDTLS_SHA256_C) || \ From a72a797ffdee272166fcdab72468833873d7b7a5 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 21 Dec 2023 16:40:40 +0100 Subject: [PATCH 1151/1674] all.sh: keep PKCS[5/12] enabled in accel_cipher_aead tests Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 6 ------ 1 file changed, 6 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index bdf46a3ed..224f09b2a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3736,12 +3736,6 @@ common_psa_crypto_config_accel_cipher_aead() { # Start from the full config helper_libtestdriver1_adjust_config "full" - # CIPHER_C is disabled in the accelerated test component so we disable - # all the features that depend on it both in the accelerated and in the - # reference components. - scripts/config.py unset MBEDTLS_PKCS5_C - scripts/config.py unset MBEDTLS_PKCS12_C - scripts/config.py unset MBEDTLS_NIST_KW_C } From 5c7e94487eec04bb16d4ac6533d7bc5029cf2d03 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 21 Dec 2023 15:42:22 +0000 Subject: [PATCH 1152/1674] fix line length Signed-off-by: Dave Rodgman --- tests/scripts/depends.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index a7d5672be..25a15c475 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -381,7 +381,8 @@ class DomainData: def __init__(self, options, conf): """Gather data about the library and establish a list of domains to test.""" - build_command = [options.make_command] + options.make_vars.split(' ') + ['CFLAGS=-Werror -O2'] + build_command = [options.make_command] + options.make_vars.split(' ') + \ + ['CFLAGS=-Werror -O2'] build_and_test = [build_command, [options.make_command, 'test']] self.all_config_symbols = set(conf.settings.keys()) # Find hash modules by name. From 49067d7d0ed103a479c42663421825726495a2d5 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 21 Dec 2023 17:07:10 +0100 Subject: [PATCH 1153/1674] driver-only-builds: update documentation Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 09c09d536..fba3779ad 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -285,10 +285,10 @@ algorithm/mode you can: - `MBEDTLS_CHACHAPOLY_C` - `MBEDTLS_NULL_CIPHER` -Once a key type and related algorithm are accelerated, all cipher and AEADs -operations of that type requested through the PSA Crypto API are performed by -the driver. Only functions belonging to legacy modules which are disabled won't -be available in this configuration. +Once a key type and related algorithm are accelerated, all the PSA Crypto APIs +will work, as well as X.509 and TLS (with MBEDTLS_USE_PSA_CRYPTO enabled) but +some non-PSA APIs will be absent or have reduced functionality, see +[Disabling CIPHER_C](#disabling-cipher_c) for details. ### Restrictions @@ -353,8 +353,11 @@ with the following conditions on the underlying key types: `MBEDTLS_CHACHA20_C` and algorithm `MBEDTLS_POLY1305_C`. It should be noticed that disabling `MBEDTLS_CIPHER_C` helps to reduce the -code's footprint, but unfortunately it makes the following modules unavailable: -- `MBEDTLS_PKCS[5|12]_C`, -- `MBEDTLS_NIST_KW_C`. +code's footprint, but unfortunately it makes the following features unavailable: +- encryption/decryption in PKCS5 and PKCS12 modules (key derivations will still + be available), +- encrypted PEM (write and unecrypted read work normally), +- parsing of encrypted keys (PKCS5 or PKCS12) in PK modules, +- NIST-KW (`MBEDTLS_NIST_KW_C`). From afccc1a6d5fb0fa7133928bca27f3e9faa302a5e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Dec 2023 09:35:34 +0100 Subject: [PATCH 1154/1674] Indent nested conditionals Signed-off-by: Gilles Peskine --- programs/Makefile | 21 +++++++++++---------- tests/Makefile | 27 ++++++++++++++------------- 2 files changed, 25 insertions(+), 23 deletions(-) diff --git a/programs/Makefile b/programs/Makefile index ebdadc056..c0856b0ac 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -43,16 +43,17 @@ WINDOWS_BUILD=1 endif ifdef WINDOWS_BUILD -DLEXT=dll -EXEXT=.exe -LOCAL_LDFLAGS += -lws2_32 -lbcrypt -ifdef SHARED -SHARED_SUFFIX=.$(DLEXT) -endif -else -DLEXT ?= so -EXEXT= -SHARED_SUFFIX= + DLEXT=dll + EXEXT=.exe + LOCAL_LDFLAGS += -lws2_32 -lbcrypt + ifdef SHARED + SHARED_SUFFIX=.$(DLEXT) + endif + +else # Not building for Windows + DLEXT ?= so + EXEXT= + SHARED_SUFFIX= endif ifdef WINDOWS diff --git a/tests/Makefile b/tests/Makefile index 29197b7c7..b044d2522 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -47,20 +47,21 @@ WINDOWS_BUILD=1 endif ifdef WINDOWS_BUILD -DLEXT=dll -EXEXT=.exe -LOCAL_LDFLAGS += -lws2_32 -lbcrypt -ifdef SHARED -SHARED_SUFFIX=.$(DLEXT) -endif -else -DLEXT ?= so -EXEXT= -SHARED_SUFFIX= + DLEXT=dll + EXEXT=.exe + LOCAL_LDFLAGS += -lws2_32 -lbcrypt + ifdef SHARED + SHARED_SUFFIX=.$(DLEXT) + endif -ifeq ($(THREADING),pthread) -LOCAL_LDFLAGS += -lpthread -endif +else # Not building for Windows + DLEXT ?= so + EXEXT= + SHARED_SUFFIX= + + ifeq ($(THREADING),pthread) + LOCAL_LDFLAGS += -lpthread + endif endif ifdef WINDOWS From 4ad5733836fcdcaf95e48b6578e017673378f247 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Dec 2023 11:30:30 +0100 Subject: [PATCH 1155/1674] Unify treatment of MBEDTLS_TEST_OBJS Unify the treatment of MBEDTLS_TEST_OBJS between programs/Makefile and tests/Makefile: include it via LOCAL_LD_FLAGS in both cases. Document why the definition of MBEDTLS_TEST_OBJS is different. Signed-off-by: Gilles Peskine --- programs/Makefile | 6 ++++-- tests/Makefile | 9 ++++++--- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/programs/Makefile b/programs/Makefile index c0856b0ac..dc6b7a3d6 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -6,8 +6,10 @@ WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral WARNING_CXXFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral LDFLAGS ?= -MBEDTLS_TEST_PATH:=../tests/src -MBEDTLS_TEST_OBJS:=$(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/*.c ${MBEDTLS_TEST_PATH}/drivers/*.c)) +MBEDTLS_TEST_PATH = ../tests +# Support code used by test programs and test builds, excluding TLS-specific +# code which is in the src/test_helpers subdirectory. +MBEDTLS_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/*.c ${MBEDTLS_TEST_PATH}/src/drivers/*.c)) LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../tests/include -I../include -D_FILE_OFFSET_BITS=64 LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -I../tests/include -D_FILE_OFFSET_BITS=64 diff --git a/tests/Makefile b/tests/Makefile index b044d2522..3caa88e2f 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -14,7 +14,8 @@ default: all # from ./include, and private header files (used by some invasive tests) # from ../library. LOCAL_CFLAGS = $(WARNING_CFLAGS) -I./include -I../include -I../library -D_FILE_OFFSET_BITS=64 -LOCAL_LDFLAGS = -L../library \ +LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \ + -L../library \ -lmbedtls$(SHARED_SUFFIX) \ -lmbedx509$(SHARED_SUFFIX) \ -lmbedcrypto$(SHARED_SUFFIX) @@ -175,7 +176,9 @@ all: $(BINARIES) $(MBEDLIBS): $(MAKE) -C ../library -MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c src/drivers/*.c src/test_helpers/*.c)) +MBEDTLS_TEST_PATH = . +MBEDTLS_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/*.c ${MBEDTLS_TEST_PATH}/src/drivers/*.c)) +MBEDTLS_TEST_OBJS += $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/test_helpers/*.c)) mbedtls_test: $(MBEDTLS_TEST_OBJS) @@ -231,7 +234,7 @@ c: $(C_FILES) $(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(TEST_OBJS_DEPS) $(MBEDTLS_TEST_OBJS) echo " CC $<" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(MBEDTLS_TEST_OBJS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ clean: ifndef WINDOWS From f5c5ce7789f23960b9e1aadef47d9c6aa9338d7c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Dec 2023 11:36:53 +0100 Subject: [PATCH 1156/1674] Partly unify LOCAL_CFLAGS Signed-off-by: Gilles Peskine --- programs/Makefile | 2 +- tests/Makefile | 7 +++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/programs/Makefile b/programs/Makefile index dc6b7a3d6..9ee9820b7 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -11,7 +11,7 @@ MBEDTLS_TEST_PATH = ../tests # code which is in the src/test_helpers subdirectory. MBEDTLS_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/*.c ${MBEDTLS_TEST_PATH}/src/drivers/*.c)) -LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../tests/include -I../include -D_FILE_OFFSET_BITS=64 +LOCAL_CFLAGS = $(WARNING_CFLAGS) -I$(MBEDTLS_TEST_PATH)/include -I../include -D_FILE_OFFSET_BITS=64 LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -I../tests/include -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \ -L../library \ diff --git a/tests/Makefile b/tests/Makefile index 3caa88e2f..f242b5157 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -10,10 +10,9 @@ TEST_FLAGS ?= $(if $(filter-out 0 OFF Off off NO No no FALSE False false N n,$(C default: all -# Include public header files from ../include, test-specific header files -# from ./include, and private header files (used by some invasive tests) -# from ../library. -LOCAL_CFLAGS = $(WARNING_CFLAGS) -I./include -I../include -I../library -D_FILE_OFFSET_BITS=64 +LOCAL_CFLAGS = $(WARNING_CFLAGS) -I$(MBEDTLS_TEST_PATH)/include -I../include -D_FILE_OFFSET_BITS=64 +# Also include library headers, for the sake of invasive tests. +LOCAL_CFLAGS += -I../library LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \ -L../library \ -lmbedtls$(SHARED_SUFFIX) \ From f3d1ae1f0502ecb1a3555bb3fb4ee408231dae54 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Dec 2023 11:40:58 +0100 Subject: [PATCH 1157/1674] Create common.make with LOCAL_CFLAGS and friends Create a common.make for definitions that are shared between tests/Makefile and programs/Makefile, to facilitate maintenance. Start populating it with CFLAGS/LDFLAGS variables. More to follow in subsequent commits. Keep library/Makefile independent, at least for the time being. Signed-off-by: Gilles Peskine --- programs/Makefile | 15 +-------------- scripts/common.make | 14 ++++++++++++++ tests/Makefile | 13 +------------ 3 files changed, 16 insertions(+), 26 deletions(-) create mode 100644 scripts/common.make diff --git a/programs/Makefile b/programs/Makefile index 9ee9820b7..b03e613b4 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -1,23 +1,10 @@ - -# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS - -CFLAGS ?= -O2 -WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral -WARNING_CXXFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral -LDFLAGS ?= - MBEDTLS_TEST_PATH = ../tests # Support code used by test programs and test builds, excluding TLS-specific # code which is in the src/test_helpers subdirectory. MBEDTLS_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/*.c ${MBEDTLS_TEST_PATH}/src/drivers/*.c)) LOCAL_CFLAGS = $(WARNING_CFLAGS) -I$(MBEDTLS_TEST_PATH)/include -I../include -D_FILE_OFFSET_BITS=64 -LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -I../tests/include -D_FILE_OFFSET_BITS=64 -LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \ - -L../library \ - -lmbedtls$(SHARED_SUFFIX) \ - -lmbedx509$(SHARED_SUFFIX) \ - -lmbedcrypto$(SHARED_SUFFIX) +include ../scripts/common.make ifeq ($(shell uname -s),Linux) DLOPEN_LDFLAGS ?= -ldl diff --git a/scripts/common.make b/scripts/common.make new file mode 100644 index 000000000..cee8bd245 --- /dev/null +++ b/scripts/common.make @@ -0,0 +1,14 @@ +# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS + +CFLAGS ?= -O2 +WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral +WARNING_CXXFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral +LDFLAGS ?= + +LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../tests/include -I../include -D_FILE_OFFSET_BITS=64 +LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -I../tests/include -D_FILE_OFFSET_BITS=64 +LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \ + -L../library \ + -lmbedtls$(SHARED_SUFFIX) \ + -lmbedx509$(SHARED_SUFFIX) \ + -lmbedcrypto$(SHARED_SUFFIX) diff --git a/tests/Makefile b/tests/Makefile index f242b5157..3a6fd593b 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -1,23 +1,12 @@ - -# To compile on SunOS: add "-lsocket -lnsl" to LDFLAGS - -CFLAGS ?= -O2 -WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral -LDFLAGS ?= +include ../scripts/common.make # Set this to -v to see the details of failing test cases TEST_FLAGS ?= $(if $(filter-out 0 OFF Off off NO No no FALSE False false N n,$(CTEST_OUTPUT_ON_FAILURE)),-v,) default: all -LOCAL_CFLAGS = $(WARNING_CFLAGS) -I$(MBEDTLS_TEST_PATH)/include -I../include -D_FILE_OFFSET_BITS=64 # Also include library headers, for the sake of invasive tests. LOCAL_CFLAGS += -I../library -LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \ - -L../library \ - -lmbedtls$(SHARED_SUFFIX) \ - -lmbedx509$(SHARED_SUFFIX) \ - -lmbedcrypto$(SHARED_SUFFIX) include ../3rdparty/Makefile.inc LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES) From 076fd2548038c18bb11a9518c125eb12ada152a3 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Dec 2023 11:45:53 +0100 Subject: [PATCH 1158/1674] Unify common variables of programs/Makefile and tests/Makefile Signed-off-by: Gilles Peskine --- programs/Makefile | 45 ---------------------------------------- scripts/common.make | 50 +++++++++++++++++++++++++++++++++++++++++++++ tests/Makefile | 50 --------------------------------------------- 3 files changed, 50 insertions(+), 95 deletions(-) diff --git a/programs/Makefile b/programs/Makefile index b03e613b4..590b54eba 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -12,45 +12,8 @@ else DLOPEN_LDFLAGS ?= endif -include ../3rdparty/Makefile.inc -LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES) - -ifndef SHARED -MBEDLIBS=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a -else -MBEDLIBS=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT) -endif DEP=${MBEDLIBS} ${MBEDTLS_TEST_OBJS} -ifdef DEBUG -LOCAL_CFLAGS += -g3 -endif - -# if we're running on Windows, build for Windows -ifdef WINDOWS -WINDOWS_BUILD=1 -endif - -ifdef WINDOWS_BUILD - DLEXT=dll - EXEXT=.exe - LOCAL_LDFLAGS += -lws2_32 -lbcrypt - ifdef SHARED - SHARED_SUFFIX=.$(DLEXT) - endif - -else # Not building for Windows - DLEXT ?= so - EXEXT= - SHARED_SUFFIX= -endif - -ifdef WINDOWS -PYTHON ?= python -else -PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi) -endif - # Only build the dlopen test in shared library builds, and not when building # for Windows. ifdef BUILD_DLOPEN @@ -168,14 +131,6 @@ ${MBEDTLS_TEST_OBJS}: GENERATED_FILES = psa/psa_constant_names_generated.c test/query_config.c generated_files: $(GENERATED_FILES) -# See root Makefile -GEN_FILES ?= yes -ifdef GEN_FILES -gen_file_dep = -else -gen_file_dep = | -endif - psa/psa_constant_names_generated.c: $(gen_file_dep) ../scripts/generate_psa_constants.py psa/psa_constant_names_generated.c: $(gen_file_dep) ../include/psa/crypto_values.h psa/psa_constant_names_generated.c: $(gen_file_dep) ../include/psa/crypto_extra.h diff --git a/scripts/common.make b/scripts/common.make index cee8bd245..12fd27fb4 100644 --- a/scripts/common.make +++ b/scripts/common.make @@ -12,3 +12,53 @@ LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \ -lmbedtls$(SHARED_SUFFIX) \ -lmbedx509$(SHARED_SUFFIX) \ -lmbedcrypto$(SHARED_SUFFIX) + +include ../3rdparty/Makefile.inc +LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES) + +ifndef SHARED +MBEDLIBS=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a +else +MBEDLIBS=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT) +endif + +ifdef DEBUG +LOCAL_CFLAGS += -g3 +endif + +# if we're running on Windows, build for Windows +ifdef WINDOWS +WINDOWS_BUILD=1 +endif + +ifdef WINDOWS_BUILD + DLEXT=dll + EXEXT=.exe + LOCAL_LDFLAGS += -lws2_32 -lbcrypt + ifdef SHARED + SHARED_SUFFIX=.$(DLEXT) + endif + +else # Not building for Windows + DLEXT ?= so + EXEXT= + SHARED_SUFFIX= + + ifeq ($(THREADING),pthread) + LOCAL_LDFLAGS += -lpthread + endif +endif + +ifdef WINDOWS +PYTHON ?= python +else +PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi) +endif + +# See root Makefile +GEN_FILES ?= yes +ifdef GEN_FILES +gen_file_dep = +else +gen_file_dep = | +endif diff --git a/tests/Makefile b/tests/Makefile index 3a6fd593b..8e4149b94 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -8,65 +8,15 @@ default: all # Also include library headers, for the sake of invasive tests. LOCAL_CFLAGS += -I../library -include ../3rdparty/Makefile.inc -LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES) - # Enable definition of various functions used throughout the testsuite # (gethostname, strdup, fileno...) even when compiling with -std=c99. Harmless # on non-POSIX platforms. LOCAL_CFLAGS += -D_POSIX_C_SOURCE=200809L -ifndef SHARED -MBEDLIBS=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a -else -MBEDLIBS=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT) -endif - -ifdef DEBUG -LOCAL_CFLAGS += -g3 -endif - ifdef RECORD_PSA_STATUS_COVERAGE_LOG LOCAL_CFLAGS += -Werror -DRECORD_PSA_STATUS_COVERAGE_LOG endif -# if we're running on Windows, build for Windows -ifdef WINDOWS -WINDOWS_BUILD=1 -endif - -ifdef WINDOWS_BUILD - DLEXT=dll - EXEXT=.exe - LOCAL_LDFLAGS += -lws2_32 -lbcrypt - ifdef SHARED - SHARED_SUFFIX=.$(DLEXT) - endif - -else # Not building for Windows - DLEXT ?= so - EXEXT= - SHARED_SUFFIX= - - ifeq ($(THREADING),pthread) - LOCAL_LDFLAGS += -lpthread - endif -endif - -ifdef WINDOWS -PYTHON ?= python -else -PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi) -endif - -# See root Makefile -GEN_FILES ?= yes -ifdef GEN_FILES -gen_file_dep = -else -gen_file_dep = | -endif - .PHONY: generated_files GENERATED_BIGNUM_DATA_FILES := $(patsubst tests/%,%,$(shell \ $(PYTHON) scripts/generate_bignum_tests.py --list || \ From 4392fc101ff3f5ef8d273359f73ad9a83f9923ed Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Dec 2023 11:49:35 +0100 Subject: [PATCH 1159/1674] Unify some common rules of programs/Makefile and tests/Makefile Signed-off-by: Gilles Peskine --- programs/Makefile | 10 ---------- scripts/common.make | 12 ++++++++++++ tests/Makefile | 12 ------------ 3 files changed, 12 insertions(+), 22 deletions(-) diff --git a/programs/Makefile b/programs/Makefile index 590b54eba..64f7cc1a3 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -121,9 +121,6 @@ endif fuzz: ${MBEDTLS_TEST_OBJS} $(MAKE) -C fuzz THIRDPARTY_INCLUDES=$(THIRDPARTY_INCLUDES) -$(MBEDLIBS): - $(MAKE) -C ../library - ${MBEDTLS_TEST_OBJS}: $(MAKE) -C ../tests mbedtls_test @@ -432,12 +429,5 @@ else endif $(MAKE) -C fuzz clean -neat: clean -ifndef WINDOWS - rm -f $(GENERATED_FILES) -else - for %f in ($(subst /,\,$(GENERATED_FILES))) if exist %f del /Q /F %f -endif - list: echo $(EXES) diff --git a/scripts/common.make b/scripts/common.make index 12fd27fb4..1350b12e3 100644 --- a/scripts/common.make +++ b/scripts/common.make @@ -62,3 +62,15 @@ gen_file_dep = else gen_file_dep = | endif + +default: all + +$(MBEDLIBS): + $(MAKE) -C ../library + +neat: clean +ifndef WINDOWS + rm -f $(GENERATED_FILES) +else + for %f in ($(subst /,\,$(GENERATED_FILES))) if exist %f del /Q /F %f +endif diff --git a/tests/Makefile b/tests/Makefile index 8e4149b94..7a10af271 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -3,8 +3,6 @@ include ../scripts/common.make # Set this to -v to see the details of failing test cases TEST_FLAGS ?= $(if $(filter-out 0 OFF Off off NO No no FALSE False false N n,$(CTEST_OUTPUT_ON_FAILURE)),-v,) -default: all - # Also include library headers, for the sake of invasive tests. LOCAL_CFLAGS += -I../library @@ -111,9 +109,6 @@ BINARIES := $(addsuffix $(EXEXT),$(APPS)) all: $(BINARIES) -$(MBEDLIBS): - $(MAKE) -C ../library - MBEDTLS_TEST_PATH = . MBEDTLS_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/*.c ${MBEDTLS_TEST_PATH}/src/drivers/*.c)) MBEDTLS_TEST_OBJS += $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/test_helpers/*.c)) @@ -193,13 +188,6 @@ else if exist include/test/instrument_record_status.h del /Q /F include/test/instrument_record_status.h endif -neat: clean -ifndef WINDOWS - rm -f $(GENERATED_FILES) -else - for %f in ($(subst /,\,$(GENERATED_FILES))) if exist %f del /Q /F %f -endif - # Test suites caught by SKIP_TEST_SUITES are built but not executed. check: $(BINARIES) perl scripts/run-test-suites.pl $(TEST_FLAGS) --skip=$(SKIP_TEST_SUITES) From 21570cf2327a804cca9bf60c6b5a7cd4fc5b2e7b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Dec 2023 11:49:50 +0100 Subject: [PATCH 1160/1674] Auto-detect the need to link with pthread on Unix-like platforms When building with Make on a Unix-like platform (shell and compiler), auto-detect configurations that may require linking with pthread. This removes the need for MAKE_THREADING_FLAGS in all.sh. Signed-off-by: Gilles Peskine --- scripts/common.make | 27 +++++++ tests/scripts/all.sh | 169 +++++++++++++++++++++---------------------- 2 files changed, 110 insertions(+), 86 deletions(-) diff --git a/scripts/common.make b/scripts/common.make index 1350b12e3..a2d1449fe 100644 --- a/scripts/common.make +++ b/scripts/common.make @@ -31,6 +31,27 @@ ifdef WINDOWS WINDOWS_BUILD=1 endif +## Usage: $(call remove_unset_options,PREPROCESSOR_INPUT) +## Remove the preprocessor symbols that are not set in the current configuration +## from PREPROCESSOR_INPUT. Also normalize whitespace. +## Example: +## $(call remove_unset_options,MBEDTLS_FOO MBEDTLS_BAR) +## This expands to an empty string "" if MBEDTLS_FOO and MBEDTLS_BAR are both +## disabled, to "MBEDTLS_FOO" if MBEDTLS_BAR is enabled but MBEDTLS_FOO is +## disabled, etc. +## +## This only works with a Unix-like shell environment (Bourne/POSIX-style shell +## and standard commands) and a Unix-like compiler (supporting -E). In +## other environments, the output is likely to be empty. +define remove_unset_options +$(strip $(shell + exec 2>/dev/null; + { echo '#include '; echo $(1); } | + $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -E - | + tail -n 1 +)) +endef + ifdef WINDOWS_BUILD DLEXT=dll EXEXT=.exe @@ -43,6 +64,12 @@ else # Not building for Windows DLEXT ?= so EXEXT= SHARED_SUFFIX= + ifndef THREADING + # Auto-detect configurations with pthread. + ifeq (control,$(call remove_unset_options,control MBEDTLS_THREADING_C MBEDTLS_THREADING_PTHREAD)) + THREADING := pthread + endif + endif ifeq ($(THREADING),pthread) LOCAL_LDFLAGS += -lpthread diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 933c563d3..315c6e5cd 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -216,9 +216,6 @@ pre_initialize_variables () { esac SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component" done - - # Option to enable linking with pthreads under make - MAKE_THREADING_FLAGS="THREADING=pthread" } # Test whether the component $1 is included in the command line patterns. @@ -933,7 +930,7 @@ helper_get_psa_key_type_list() { # Here "things" are PSA_WANT_ symbols but with PSA_WANT_ removed. helper_libtestdriver1_make_drivers() { loc_accel_flags=$( echo "$1 ${2-}" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) - make CC=$ASAN_CC -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" } # Build the main libraries, programs and tests, @@ -951,7 +948,7 @@ helper_libtestdriver1_make_main() { # we need flags both with and without the LIBTESTDRIVER1_ prefix loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" $MAKE_THREADING_FLAGS "$@" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" "$@" } ################################################################ @@ -1446,7 +1443,7 @@ component_test_psa_external_rng_no_drbg_classic () { # When MBEDTLS_USE_PSA_CRYPTO is disabled and there is no DRBG, # the SSL test programs don't have an RNG and can't work. Explicitly # make them use the PSA RNG with -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG. - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG" LDFLAGS="$ASAN_CFLAGS" msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, classic crypto - main suites" make test @@ -1465,7 +1462,7 @@ component_test_psa_external_rng_no_drbg_use_psa () { scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py unset MBEDTLS_HMAC_DRBG_C scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - main suites" make test @@ -1480,7 +1477,7 @@ component_test_psa_external_rng_use_psa_crypto () { scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG scripts/config.py set MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_CTR_DRBG_C - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: full + PSA_CRYPTO_EXTERNAL_RNG + USE_PSA_CRYPTO minus CTR_DRBG" make test @@ -1498,7 +1495,7 @@ component_test_psa_inject_entropy () { scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_READ scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_WRITE - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS" msg "test: full + MBEDTLS_PSA_INJECT_ENTROPY" make test @@ -1532,14 +1529,14 @@ component_test_crypto_full_md_light_only () { # Note: MD-light is auto-enabled in build_info.h by modules that need it, # which we haven't disabled, so no need to explicitly enable it. - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" # Make sure we don't have the HMAC functions, but the hashing functions not grep mbedtls_md_hmac library/md.o grep mbedtls_md library/md.o msg "test: crypto_full with only the light subset of MD" - make $MAKE_THREADING_FLAGS test + make test } component_test_full_no_cipher () { @@ -1565,7 +1562,7 @@ component_test_full_no_cipher () { scripts/config.py unset MBEDTLS_LMS_PRIVATE msg "test: full no CIPHER no PSA_CRYPTO_C" - make $MAKE_THREADING_FLAGS test + make test } # This is a common configurator and test function that is used in: @@ -1614,7 +1611,7 @@ common_test_full_no_cipher_with_psa_crypto () { scripts/config.py unset MBEDTLS_PKCS12_C scripts/config.py unset MBEDTLS_PKCS5_C - make $MAKE_THREADING_FLAGS + make # Ensure that CIPHER_C was not re-enabled not grep mbedtls_cipher_init library/cipher.o @@ -1647,7 +1644,7 @@ component_test_full_no_ccm() { # PSA_WANT_ALG_CCM to be re-enabled. scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CCM - make $MAKE_THREADING_FLAGS + make msg "test: full no PSA_WANT_ALG_CCM" make test @@ -1675,7 +1672,7 @@ component_test_full_no_ccm_star_no_tag() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_NO_PADDING scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7 - make $MAKE_THREADING_FLAGS + make # Ensure MBEDTLS_PSA_BUILTIN_CIPHER was not enabled not grep mbedtls_psa_cipher library/psa_crypto_cipher.o @@ -1732,7 +1729,7 @@ component_test_full_no_bignum () { scripts/config.py unset MBEDTLS_SSL_ASYNC_PRIVATE scripts/config.py unset MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK - make $MAKE_THREADING_FLAGS + make msg "test: full minus bignum" make test @@ -2010,7 +2007,7 @@ component_test_small_mbedtls_ssl_dtls_max_buffering () { component_test_psa_collect_statuses () { msg "build+test: psa_collect_statuses" # ~30s scripts/config.py full - tests/scripts/psa_collect_statuses.py --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/psa_collect_statuses.py # Check that psa_crypto_init() succeeded at least once grep -q '^0:psa_crypto_init:' tests/statuses.log rm -f tests/statuses.log @@ -2189,7 +2186,7 @@ component_test_default_no_deprecated () { component_test_full_no_deprecated () { msg "build: make, full_no_deprecated config" # ~ 30s scripts/config.py full_no_deprecated - make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' $MAKE_THREADING_FLAGS + make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' msg "test: make, full_no_deprecated config" # ~ 5s make test @@ -2206,7 +2203,7 @@ component_test_full_no_deprecated_deprecated_warning () { scripts/config.py full_no_deprecated scripts/config.py unset MBEDTLS_DEPRECATED_REMOVED scripts/config.py set MBEDTLS_DEPRECATED_WARNING - make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' $MAKE_THREADING_FLAGS + make CC=gcc CFLAGS='-O -Werror -Wall -Wextra' msg "test: make, full_no_deprecated config, MBEDTLS_DEPRECATED_WARNING" # ~ 5s make test @@ -2226,7 +2223,7 @@ component_test_full_deprecated_warning () { # By default those are disabled when MBEDTLS_DEPRECATED_WARNING is set. # Expect warnings from '#warning' directives in check_config.h and # from the use of deprecated functions in test suites. - make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' $MAKE_THREADING_FLAGS tests + make CC=gcc CFLAGS='-O -Werror -Wall -Wextra -Wno-error=deprecated-declarations -Wno-error=cpp -DMBEDTLS_TEST_DEPRECATED' tests msg "test: full config + MBEDTLS_TEST_DEPRECATED" # ~ 30s make test @@ -2251,7 +2248,7 @@ component_build_crypto_default () { component_build_crypto_full () { msg "build: make, crypto only, full config" scripts/config.py crypto_full - make CFLAGS='-O1 -Werror' $MAKE_THREADING_FLAGS + make CFLAGS='-O1 -Werror' are_empty_libraries library/libmbedx509.* library/libmbedtls.* } @@ -2311,73 +2308,73 @@ support_build_baremetal () { # depends.py family of tests component_test_depends_py_cipher_id () { msg "test/build: depends.py cipher_id (gcc)" - tests/scripts/depends.py cipher_id --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/depends.py cipher_id --unset-use-psa } component_test_depends_py_cipher_chaining () { msg "test/build: depends.py cipher_chaining (gcc)" - tests/scripts/depends.py cipher_chaining --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/depends.py cipher_chaining --unset-use-psa } component_test_depends_py_cipher_padding () { msg "test/build: depends.py cipher_padding (gcc)" - tests/scripts/depends.py cipher_padding --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/depends.py cipher_padding --unset-use-psa } component_test_depends_py_curves () { msg "test/build: depends.py curves (gcc)" - tests/scripts/depends.py curves --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/depends.py curves --unset-use-psa } component_test_depends_py_hashes () { msg "test/build: depends.py hashes (gcc)" - tests/scripts/depends.py hashes --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/depends.py hashes --unset-use-psa } component_test_depends_py_kex () { msg "test/build: depends.py kex (gcc)" - tests/scripts/depends.py kex --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/depends.py kex --unset-use-psa } component_test_depends_py_pkalgs () { msg "test/build: depends.py pkalgs (gcc)" - tests/scripts/depends.py pkalgs --unset-use-psa --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/depends.py pkalgs --unset-use-psa } # PSA equivalents of the depends.py tests component_test_depends_py_cipher_id_psa () { msg "test/build: depends.py cipher_id (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" - tests/scripts/depends.py cipher_id --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/depends.py cipher_id } component_test_depends_py_cipher_chaining_psa () { msg "test/build: depends.py cipher_chaining (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" - tests/scripts/depends.py cipher_chaining --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/depends.py cipher_chaining } component_test_depends_py_cipher_padding_psa () { msg "test/build: depends.py cipher_padding (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" - tests/scripts/depends.py cipher_padding --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/depends.py cipher_padding } component_test_depends_py_curves_psa () { msg "test/build: depends.py curves (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" - tests/scripts/depends.py curves --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/depends.py curves } component_test_depends_py_hashes_psa () { msg "test/build: depends.py hashes (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" - tests/scripts/depends.py hashes --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/depends.py hashes } component_test_depends_py_kex_psa () { msg "test/build: depends.py kex (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" - tests/scripts/depends.py kex --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/depends.py kex } component_test_depends_py_pkalgs_psa () { msg "test/build: depends.py pkalgs (gcc) with MBEDTLS_USE_PSA_CRYPTO defined" - tests/scripts/depends.py pkalgs --make-vars="$MAKE_THREADING_FLAGS" + tests/scripts/depends.py pkalgs } component_build_no_pk_rsa_alt_support () { @@ -2389,7 +2386,7 @@ component_build_no_pk_rsa_alt_support () { scripts/config.py set MBEDTLS_X509_CRT_WRITE_C # Only compile - this is primarily to test for compile issues - make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' $MAKE_THREADING_FLAGS + make CC=gcc CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' } component_build_module_alt () { @@ -2603,7 +2600,7 @@ component_test_psa_crypto_config_reference_ffdh () { # Disable things that are not supported scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED - make $MAKE_THREADING_FLAGS + make msg "test suites: full with non-accelerated FFDH alg" make test @@ -2642,7 +2639,7 @@ component_test_psa_crypto_config_accel_pake() { # ------------- msg "test: full with accelerated PAKE" - make $MAKE_THREADING_FLAGS test + make test } component_test_psa_crypto_config_accel_ecc_some_key_types () { @@ -2702,7 +2699,7 @@ component_test_psa_crypto_config_accel_ecc_some_key_types () { # ------------- msg "test suites: full with accelerated EC algs and some key types" - make $MAKE_THREADING_FLAGS test + make test } # Run tests with only (non-)Weierstrass accelerated @@ -2901,7 +2898,7 @@ component_test_psa_crypto_config_accel_ecc_ecp_light_only () { # ------------- msg "test suites: full with accelerated EC algs" - make $MAKE_THREADING_FLAGS test + make test msg "ssl-opt: full with accelerated EC algs" tests/ssl-opt.sh @@ -2913,7 +2910,7 @@ component_test_psa_crypto_config_reference_ecc_ecp_light_only () { config_psa_crypto_config_ecp_light_only 0 - make $MAKE_THREADING_FLAGS + make msg "test suites: full with non-accelerated EC algs" make test @@ -3006,7 +3003,7 @@ component_test_psa_crypto_config_accel_ecc_no_ecp_at_all () { # ------------- msg "test: full + accelerated EC algs - ECP" - make $MAKE_THREADING_FLAGS test + make test msg "ssl-opt: full + accelerated EC algs - ECP" tests/ssl-opt.sh @@ -3020,7 +3017,7 @@ component_test_psa_crypto_config_reference_ecc_no_ecp_at_all () { config_psa_crypto_no_ecp_at_all 0 - make $MAKE_THREADING_FLAGS + make msg "test: full + non accelerated EC algs" make test @@ -3183,7 +3180,7 @@ common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () { msg "test suites: full + accelerated $accel_text algs + USE_PSA - $removed_text - DHM - BIGNUM" - make $MAKE_THREADING_FLAGS test + make test msg "ssl-opt: full + accelerated $accel_text algs + USE_PSA - $removed_text - BIGNUM" tests/ssl-opt.sh @@ -3214,7 +3211,7 @@ common_test_psa_crypto_config_reference_ecc_ffdh_no_bignum () { config_psa_crypto_config_accel_ecc_ffdh_no_bignum 0 "$test_target" - make $MAKE_THREADING_FLAGS + make msg "test suites: full + non accelerated EC algs + USE_PSA" make test @@ -3333,7 +3330,7 @@ build_full_minus_something_and_test_tls () { scripts/config.py unset $sym done - make $MAKE_THREADING_FLAGS + make msg "test: full minus something, test TLS" ( cd tests; ./test_suite_ssl ) @@ -3372,7 +3369,7 @@ build_and_test_psa_want_key_pair_partial() { # crypto_config.h so we just disable the one we don't want. scripts/config.py -f "$CRYPTO_CONFIG_H" unset "$disabled_psa_want" - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: full - MBEDTLS_USE_PSA_CRYPTO - ${disabled_psa_want}" make test @@ -3438,7 +3435,7 @@ component_test_psa_crypto_config_accel_rsa_crypto () { # ------------- msg "test: crypto_full with accelerated RSA" - make $MAKE_THREADING_FLAGS test + make test } component_test_psa_crypto_config_reference_rsa_crypto () { @@ -3450,7 +3447,7 @@ component_test_psa_crypto_config_reference_rsa_crypto () { # Build # ----- - make $MAKE_THREADING_FLAGS + make # Run the tests # ------------- @@ -3652,7 +3649,7 @@ component_test_psa_crypto_config_reference_hash_use_psa() { config_psa_crypto_hash_use_psa 0 - make $MAKE_THREADING_FLAGS + make msg "test: full without accelerated hashes" make test @@ -3817,7 +3814,7 @@ component_test_psa_crypto_config_accel_cipher_aead () { # ------------- msg "test: full config with accelerated cipher and AEAD" - make $MAKE_THREADING_FLAGS test + make test msg "ssl-opt: full config with accelerated cipher and AEAD" tests/ssl-opt.sh @@ -3830,7 +3827,7 @@ component_test_psa_crypto_config_reference_cipher_aead () { msg "build: full config with non-accelerated cipher and AEAD" common_psa_crypto_config_accel_cipher_aead - make $MAKE_THREADING_FLAGS + make msg "test: full config with non-accelerated cipher and AEAD" make test @@ -3847,7 +3844,7 @@ component_test_aead_chachapoly_disabled() { scripts/config.py full scripts/config.py unset MBEDTLS_CHACHAPOLY_C scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305 - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: full minus CHACHAPOLY" make test @@ -3860,7 +3857,7 @@ component_test_aead_only_ccm() { scripts/config.py unset MBEDTLS_GCM_C scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CHACHA20_POLY1305 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_GCM - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: full minus CHACHAPOLY and GCM" make test @@ -3891,7 +3888,7 @@ component_build_psa_accel_alg_ecdh() { scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDH -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator HMAC code is in place and ready to test. @@ -3901,7 +3898,7 @@ component_build_psa_accel_alg_hmac() { scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator HKDF code is in place and ready to test. @@ -3914,7 +3911,7 @@ component_build_psa_accel_alg_hkdf() { # Make sure to unset TLS1_3 since it requires HKDF_C and will not build properly without it. scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test. @@ -3933,7 +3930,7 @@ component_build_psa_accel_alg_md5() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD5 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RIPEMD160 code is in place and ready to test. @@ -3952,7 +3949,7 @@ component_build_psa_accel_alg_ripemd160() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA1 code is in place and ready to test. @@ -3971,7 +3968,7 @@ component_build_psa_accel_alg_sha1() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_1 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA224 code is in place and ready to test. @@ -3987,7 +3984,7 @@ component_build_psa_accel_alg_sha224() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_224 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA256 code is in place and ready to test. @@ -4003,7 +4000,7 @@ component_build_psa_accel_alg_sha256() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_384 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_512 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_256 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA384 code is in place and ready to test. @@ -4021,7 +4018,7 @@ component_build_psa_accel_alg_sha384() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_384 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator SHA512 code is in place and ready to test. @@ -4040,7 +4037,7 @@ component_build_psa_accel_alg_sha512() { scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_SHA_512 -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4054,7 +4051,7 @@ component_build_psa_accel_alg_rsa_pkcs1v15_crypt() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4068,7 +4065,7 @@ component_build_psa_accel_alg_rsa_pkcs1v15_sign() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4082,7 +4079,7 @@ component_build_psa_accel_alg_rsa_oaep() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PSS # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_OAEP -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4096,7 +4093,7 @@ component_build_psa_accel_alg_rsa_pss() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_RSA_PSS -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4111,7 +4108,7 @@ component_build_psa_accel_key_type_rsa_key_pair() { scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE 1 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } # This should be renamed to test and updated once the accelerator RSA code is in place and ready to test. @@ -4123,7 +4120,7 @@ component_build_psa_accel_key_type_rsa_public_key() { scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 # Need to define the correct symbol and include the test driver header path in order to build with the test driver - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } @@ -4292,7 +4289,7 @@ component_test_no_platform () { # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19, # to re-enable platform integration features otherwise disabled in C99 builds make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -Os -D_DEFAULT_SOURCE' lib programs - make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' $MAKE_THREADING_FLAGS test + make CC=gcc CFLAGS='-Werror -Wall -Wextra -Os' test } component_build_no_std_function () { @@ -4310,14 +4307,14 @@ component_build_no_ssl_srv () { msg "build: full config except SSL server, make, gcc" # ~ 30s scripts/config.py full scripts/config.py unset MBEDTLS_SSL_SRV_C - make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' $MAKE_THREADING_FLAGS + make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' } component_build_no_ssl_cli () { msg "build: full config except SSL client, make, gcc" # ~ 30s scripts/config.py full scripts/config.py unset MBEDTLS_SSL_CLI_C - make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' $MAKE_THREADING_FLAGS + make CC=gcc CFLAGS='-Werror -Wall -Wextra -O1' } component_build_no_sockets () { @@ -4492,7 +4489,7 @@ component_test_platform_calloc_macro () { component_test_malloc_0_null () { msg "build: malloc(0) returns NULL (ASan+UBSan build)" scripts/config.py full - make CC=$ASAN_CC CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"$PWD/tests/configs/user-config-malloc-0-null.h\"' $ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" msg "test: malloc(0) returns NULL (ASan+UBSan build)" make test @@ -5104,7 +5101,7 @@ component_test_psa_crypto_drivers () { loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" loc_cflags="${loc_cflags} -I../tests/include -O2" - make CC=$ASAN_CC CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=$ASAN_CC CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS" msg "test: full + test drivers dispatching to builtins" make test @@ -5131,7 +5128,7 @@ test_build_opt () { $cc --version for opt in "$@"; do msg "build/test: $cc $opt, $info" # ~ 30s - make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror" $MAKE_THREADING_FLAGS + make CC="$cc" CFLAGS="$opt -std=c99 -pedantic -Wall -Wextra -Werror" # We're confident enough in compilers to not run _all_ the tests, # but at least run the unit tests. In particular, runs with # optimizations use inline assembly whereas runs with -O0 @@ -5186,7 +5183,7 @@ component_build_mbedtls_config_file () { msg "build: make with MBEDTLS_CONFIG_FILE" # ~40s scripts/config.py -w full_config.h full echo '#error "MBEDTLS_CONFIG_FILE is not working"' >"$CONFIG_H" - make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'" $MAKE_THREADING_FLAGS + make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"'" # Make sure this feature is enabled. We'll disable it in the next phase. programs/test/query_compile_time_config MBEDTLS_NIST_KW_C make clean @@ -5195,7 +5192,7 @@ component_build_mbedtls_config_file () { # In the user config, disable one feature (for simplicity, pick a feature # that nothing else depends on). echo '#undef MBEDTLS_NIST_KW_C' >user_config.h - make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"' -DMBEDTLS_USER_CONFIG_FILE='\"user_config.h\"'" $MAKE_THREADING_FLAGS + make CFLAGS="-I '$PWD' -DMBEDTLS_CONFIG_FILE='\"full_config.h\"' -DMBEDTLS_USER_CONFIG_FILE='\"user_config.h\"'" not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C rm -f user_config.h full_config.h @@ -5254,7 +5251,7 @@ component_test_m32_no_asm () { scripts/config.py unset MBEDTLS_HAVE_ASM scripts/config.py unset MBEDTLS_PADLOCK_C scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc, no asm (ASan build)" make test @@ -5272,7 +5269,7 @@ component_test_m32_o2 () { msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s scripts/config.py full scripts/config.py unset MBEDTLS_AESNI_C # AESNI for 32-bit is tested in test_aesni_m32 - make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" $MAKE_THREADING_FLAGS + make CC=gcc CFLAGS="$ASAN_CFLAGS -m32" LDFLAGS="-m32 $ASAN_CFLAGS" msg "test: i386, make, gcc -O2 (ASan build)" make test @@ -5307,7 +5304,7 @@ support_test_m32_everest () { component_test_mx32 () { msg "build: 64-bit ILP32, make, gcc" # ~ 30s scripts/config.py full - make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32' LDFLAGS='-mx32' $MAKE_THREADING_FLAGS + make CC=gcc CFLAGS='-Werror -Wall -Wextra -mx32' LDFLAGS='-mx32' msg "test: 64-bit ILP32, make, gcc" make test @@ -5371,7 +5368,7 @@ component_test_no_udbl_division () { msg "build: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s scripts/config.py full scripts/config.py set MBEDTLS_NO_UDBL_DIVISION - make CFLAGS='-Werror -O1' $MAKE_THREADING_FLAGS + make CFLAGS='-Werror -O1' msg "test: MBEDTLS_NO_UDBL_DIVISION native" # ~ 10s make test @@ -5381,7 +5378,7 @@ component_test_no_64bit_multiplication () { msg "build: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s scripts/config.py full scripts/config.py set MBEDTLS_NO_64BIT_MULTIPLICATION - make CFLAGS='-Werror -O1' $MAKE_THREADING_FLAGS + make CFLAGS='-Werror -O1' msg "test: MBEDTLS_NO_64BIT_MULTIPLICATION native" # ~ 10s make test @@ -5395,7 +5392,7 @@ component_test_no_strings () { scripts/config.py unset MBEDTLS_ERROR_C scripts/config.py set MBEDTLS_ERROR_STRERROR_DUMMY scripts/config.py unset MBEDTLS_VERSION_FEATURES - make CFLAGS='-Werror -Os' $MAKE_THREADING_FLAGS + make CFLAGS='-Werror -Os' msg "test: no strings" # ~ 10s make test @@ -5406,7 +5403,7 @@ component_test_no_x509_info () { scripts/config.pl full scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests scripts/config.pl set MBEDTLS_X509_REMOVE_INFO - make CFLAGS='-Werror -O2' $MAKE_THREADING_FLAGS + make CFLAGS='-Werror -O2' msg "test: full + MBEDTLS_X509_REMOVE_INFO" # ~ 10s make test @@ -6009,7 +6006,7 @@ component_build_zeroize_checks () { scripts/config.py full # Only compile - we're looking for sizeof-pointer-memaccess warnings - make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess" $MAKE_THREADING_FLAGS + make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess" } From 811daaa48c3003a563e4e06102743703e323ac1f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Dec 2023 13:16:59 +0100 Subject: [PATCH 1161/1674] Revert "Add ability to pass make variables to psa_collect_statuses.py" This reverts commit 6587959a32f978aeb02766c27cf30b04d8a245e1. The feature is no longer needed, and the script is broken if you don't pass --make-vars. Signed-off-by: Gilles Peskine --- tests/scripts/psa_collect_statuses.py | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/tests/scripts/psa_collect_statuses.py b/tests/scripts/psa_collect_statuses.py index 6291d7898..11bbebcc1 100755 --- a/tests/scripts/psa_collect_statuses.py +++ b/tests/scripts/psa_collect_statuses.py @@ -82,15 +82,10 @@ def collect_status_logs(options): cwd='tests', stdout=sys.stderr) with open(os.devnull, 'w') as devnull: - build_command = ['make', '-q'] + options.make_vars.split(' ') + \ - ['lib', 'tests'] - make_q_ret = subprocess.call(build_command, stdout=devnull, - stderr=devnull) - print("blagh") + make_q_ret = subprocess.call(['make', '-q', 'lib', 'tests'], + stdout=devnull, stderr=devnull) if make_q_ret != 0: - build_command = ['make'] + options.make_vars.split(' ') + \ - ['RECORD_PSA_STATUS_COVERAGE_LOG=1'] - subprocess.check_call(build_command, + subprocess.check_call(['make', 'RECORD_PSA_STATUS_COVERAGE_LOG=1'], stdout=sys.stderr) rebuilt = True subprocess.check_call(['make', 'test'], @@ -117,9 +112,6 @@ def main(): help='Log file location (default: {})'.format( DEFAULT_STATUS_LOG_FILE )) - parser.add_argument('--make-vars', - help='optional variable/value pairs to pass to make', - action='store', default='') parser.add_argument('--psa-constant-names', metavar='PROGRAM', default=DEFAULT_PSA_CONSTANT_NAMES, help='Path to psa_constant_names (default: {})'.format( From 259df9897267d95e97d6c2a813b4112f11c39637 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Dec 2023 13:17:33 +0100 Subject: [PATCH 1162/1674] Revert "Add option to pass make variables to depends.py" This reverts commit be978a8c4fc52965b486125f2993251025b1a399. The feature is no longer needed, and the script is broken if you don't pass --make-vars. Signed-off-by: Gilles Peskine --- tests/scripts/depends.py | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/tests/scripts/depends.py b/tests/scripts/depends.py index 5fe26f158..38c184a6a 100755 --- a/tests/scripts/depends.py +++ b/tests/scripts/depends.py @@ -381,7 +381,7 @@ class DomainData: def __init__(self, options, conf): """Gather data about the library and establish a list of domains to test.""" - build_command = [options.make_command] + options.make_vars.split(' ') + ['CFLAGS=-Werror'] + build_command = [options.make_command, 'CFLAGS=-Werror'] build_and_test = [build_command, [options.make_command, 'test']] self.all_config_symbols = set(conf.settings.keys()) # Find hash modules by name. @@ -526,9 +526,6 @@ def main(): parser.add_argument('--make-command', metavar='CMD', help='Command to run instead of make (e.g. gmake)', action='store', default='make') - parser.add_argument('--make-vars', - help='optional variable/value pairs to pass to make', - action='store', default='') parser.add_argument('--unset-use-psa', help='Unset MBEDTLS_USE_PSA_CRYPTO before any test', action='store_true', dest='unset_use_psa') From 2337a3b8864bdf4e700a9af020f665e9f4bec56d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Dec 2023 13:25:18 +0100 Subject: [PATCH 1163/1674] Explain the use of control Signed-off-by: Gilles Peskine --- scripts/common.make | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/common.make b/scripts/common.make index a2d1449fe..6d2fbc3e2 100644 --- a/scripts/common.make +++ b/scripts/common.make @@ -66,6 +66,10 @@ else # Not building for Windows SHARED_SUFFIX= ifndef THREADING # Auto-detect configurations with pthread. + # If the call to remove_unset_options returns "control", the symbols + # are confirmed set and we link with pthread. + # If the auto-detection fails, the result of the call is empty and + # we keep THREADING undefined. ifeq (control,$(call remove_unset_options,control MBEDTLS_THREADING_C MBEDTLS_THREADING_PTHREAD)) THREADING := pthread endif From 7602298a16d3e668d7168234c118f50f1664ac3a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Dec 2023 15:28:07 +0100 Subject: [PATCH 1164/1674] Allow *.make to contain tabs Signed-off-by: Gilles Peskine --- tests/scripts/check_files.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py index a93b8256f..f6f6d6c71 100755 --- a/tests/scripts/check_files.py +++ b/tests/scripts/check_files.py @@ -318,6 +318,7 @@ class TabIssueTracker(LineIssueTracker): heading = "Tabs present:" suffix_exemptions = frozenset([ + ".make", ".pem", # some openssl dumps have tabs ".sln", "/Makefile", From f3316f132bc73b59c24b31216a45561561ff5ba8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Dec 2023 18:30:37 +0100 Subject: [PATCH 1165/1674] Correct name and documentation of preprocessor symbol check function It's not remove_unset_options, it's remove_enabled_options (or keep_disabled_options). Signed-off-by: Gilles Peskine --- scripts/common.make | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/scripts/common.make b/scripts/common.make index 6d2fbc3e2..2f27d0ef5 100644 --- a/scripts/common.make +++ b/scripts/common.make @@ -31,19 +31,19 @@ ifdef WINDOWS WINDOWS_BUILD=1 endif -## Usage: $(call remove_unset_options,PREPROCESSOR_INPUT) -## Remove the preprocessor symbols that are not set in the current configuration +## Usage: $(call remove_enabled_options,PREPROCESSOR_INPUT) +## Remove the preprocessor symbols that are set in the current configuration ## from PREPROCESSOR_INPUT. Also normalize whitespace. ## Example: -## $(call remove_unset_options,MBEDTLS_FOO MBEDTLS_BAR) +## $(call remove_set_options,MBEDTLS_FOO MBEDTLS_BAR) ## This expands to an empty string "" if MBEDTLS_FOO and MBEDTLS_BAR are both -## disabled, to "MBEDTLS_FOO" if MBEDTLS_BAR is enabled but MBEDTLS_FOO is +## enabled, to "MBEDTLS_FOO" if MBEDTLS_BAR is enabled but MBEDTLS_FOO is ## disabled, etc. ## ## This only works with a Unix-like shell environment (Bourne/POSIX-style shell ## and standard commands) and a Unix-like compiler (supporting -E). In ## other environments, the output is likely to be empty. -define remove_unset_options +define remove_enabled_options $(strip $(shell exec 2>/dev/null; { echo '#include '; echo $(1); } | @@ -66,11 +66,11 @@ else # Not building for Windows SHARED_SUFFIX= ifndef THREADING # Auto-detect configurations with pthread. - # If the call to remove_unset_options returns "control", the symbols + # If the call to remove_enabled_options returns "control", the symbols # are confirmed set and we link with pthread. # If the auto-detection fails, the result of the call is empty and # we keep THREADING undefined. - ifeq (control,$(call remove_unset_options,control MBEDTLS_THREADING_C MBEDTLS_THREADING_PTHREAD)) + ifeq (control,$(call remove_enabled_options,control MBEDTLS_THREADING_C MBEDTLS_THREADING_PTHREAD)) THREADING := pthread endif endif From e6886102ef23ad38dd8e3ac8df1e26f34c22c75e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Jun 2023 18:22:06 +0200 Subject: [PATCH 1166/1674] New function mbedtls_ecp_keypair_get_group_id Add a simple function to get the group id from a key object. This information is available via mbedtls_ecp_export, but that function consumes a lot of memory, which is a waste if all you need is to identify the curve. Signed-off-by: Gilles Peskine --- include/mbedtls/ecp.h | 12 ++++++++++++ library/ecp.c | 6 ++++++ tests/suites/test_suite_ecp.function | 6 ++++++ 3 files changed, 24 insertions(+) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 7f5e88080..a29a6f7a6 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -1323,6 +1323,18 @@ int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); +/** \brief Query the group that a key pair belongs to. + * + * \param key The key pair to query. + * + * \return The group ID for the group registered in the key pair + * object. + * This is \c MBEDTLS_ECP_DP_NONE if no group has been set + * in the key pair object. + */ +mbedtls_ecp_group_id mbedtls_ecp_keypair_get_group_id( + const mbedtls_ecp_keypair *key); + /** * \brief This function exports generic key-pair parameters. * diff --git a/library/ecp.c b/library/ecp.c index ee86cbc6e..351e9e8fe 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3357,6 +3357,12 @@ cleanup: } #endif /* MBEDTLS_ECP_C */ +mbedtls_ecp_group_id mbedtls_ecp_keypair_get_group_id( + const mbedtls_ecp_keypair *key) +{ + return key->grp.id; +} + /* * Export generic key-pair parameters. */ diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 575162480..58d54ed08 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -1030,6 +1030,7 @@ void mbedtls_ecp_gen_key(int id) &mbedtls_test_rnd_pseudo_rand, &rnd_info) == 0); + TEST_EQUAL(mbedtls_ecp_keypair_get_group_id(&key), id); TEST_ASSERT(mbedtls_ecp_check_pubkey(&key.grp, &key.Q) == 0); TEST_ASSERT(mbedtls_ecp_check_privkey(&key.grp, &key.d) == 0); @@ -1052,6 +1053,7 @@ void mbedtls_ecp_read_key(int grp_id, data_t *in_key, int expected, int canonica TEST_ASSERT(ret == expected); if (expected == 0) { + TEST_EQUAL(mbedtls_ecp_keypair_get_group_id(&key), grp_id); ret = mbedtls_ecp_check_privkey(&key.grp, &key.d); TEST_ASSERT(ret == 0); @@ -1233,6 +1235,10 @@ void ecp_export(int id, char *Qx, char *Qy, char *d, int expected_ret, int inval TEST_EQUAL(mbedtls_ecp_point_cmp(&key.Q, &export_Q), 0); TEST_EQUAL(mbedtls_mpi_cmp_mpi(&key.d, &export_d), 0); TEST_EQUAL(mbedtls_ecp_group_cmp(&key.grp, &export_grp), 0); + + /* Check consistency with the group id */ + TEST_EQUAL(export_grp.id, + mbedtls_ecp_keypair_get_group_id(&key)); } exit: From ba5b5d67aa10e3c7dc5d2136efc226368df1b262 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Jun 2023 18:24:04 +0200 Subject: [PATCH 1167/1674] Support partial export from mbedtls_ecp_keypair Sometimes you don't need to have all the parts of a key pair object. Relax the behavior of mbedtls_ecp_keypair so that you can extract just the parts that you need. Signed-off-by: Gilles Peskine --- include/mbedtls/ecp.h | 9 ++++++--- library/ecp.c | 6 +++--- tests/suites/test_suite_ecp.function | 14 ++++++++++++++ 3 files changed, 23 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index a29a6f7a6..9effb725d 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -1338,13 +1338,16 @@ mbedtls_ecp_group_id mbedtls_ecp_keypair_get_group_id( /** * \brief This function exports generic key-pair parameters. * + * Each of the output parameters can be a null pointer + * if you do not need that parameter. + * * \param key The key pair to export from. * \param grp Slot for exported ECP group. - * It must point to an initialized ECP group. + * It must either be null or point to an initialized ECP group. * \param d Slot for the exported secret value. - * It must point to an initialized mpi. + * It must either be null or point to an initialized mpi. * \param Q Slot for the exported public value. - * It must point to an initialized ECP point. + * It must either be null or point to an initialized ECP point. * * \return \c 0 on success, * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. diff --git a/library/ecp.c b/library/ecp.c index 351e9e8fe..b4da3c50f 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3371,15 +3371,15 @@ int mbedtls_ecp_export(const mbedtls_ecp_keypair *key, mbedtls_ecp_group *grp, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if ((ret = mbedtls_ecp_group_copy(grp, &key->grp)) != 0) { + if (grp != NULL && (ret = mbedtls_ecp_group_copy(grp, &key->grp)) != 0) { return ret; } - if ((ret = mbedtls_mpi_copy(d, &key->d)) != 0) { + if (d != NULL && (ret = mbedtls_mpi_copy(d, &key->d)) != 0) { return ret; } - if ((ret = mbedtls_ecp_copy(Q, &key->Q)) != 0) { + if (Q != NULL && (ret = mbedtls_ecp_copy(Q, &key->Q)) != 0) { return ret; } diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 58d54ed08..a4c86e283 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -1239,6 +1239,20 @@ void ecp_export(int id, char *Qx, char *Qy, char *d, int expected_ret, int inval /* Check consistency with the group id */ TEST_EQUAL(export_grp.id, mbedtls_ecp_keypair_get_group_id(&key)); + + /* Test null arguments */ + mbedtls_ecp_group_free(&export_grp); + mbedtls_mpi_free(&export_d); + mbedtls_ecp_point_free(&export_Q); + mbedtls_ecp_group_init(&export_grp); + mbedtls_mpi_init(&export_d); + mbedtls_ecp_point_init(&export_Q); + TEST_EQUAL(mbedtls_ecp_export(&key, &export_grp, NULL, NULL), 0); + TEST_EQUAL(mbedtls_ecp_group_cmp(&key.grp, &export_grp), 0); + TEST_EQUAL(mbedtls_ecp_export(&key, NULL, &export_d, NULL), 0); + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&key.d, &export_d), 0); + TEST_EQUAL(mbedtls_ecp_export(&key, NULL, NULL, &export_Q), 0); + TEST_EQUAL(mbedtls_ecp_point_cmp(&key.Q, &export_Q), 0); } exit: From 091a85a7624aa452f46d3090718631907c04f215 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Jun 2023 19:51:28 +0200 Subject: [PATCH 1168/1674] Promise mbedtls_ecp_read_key doesn't overwrite the public key Signed-off-by: Gilles Peskine --- include/mbedtls/ecp.h | 10 ++++++++++ tests/suites/test_suite_ecp.function | 15 +++++++++++++-- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 9effb725d..f1690085a 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -1262,6 +1262,16 @@ int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, /** * \brief This function reads an elliptic curve private key. * + * \note This function does not set the public key in the + * key pair object. Without a public key, the key pair object + * cannot be used with operations that require the public key. + * + * \note If a public key has already been set in the key pair + * object, this function does not check that it is consistent + * with the private key. Call mbedtls_ecp_check_pub_priv() + * after setting both the public key and the private key + * to make that check. + * * \param grp_id The ECP group identifier. * \param key The destination key. * \param buf The buffer containing the binary representation of the diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index a4c86e283..aefb57a58 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -1044,11 +1044,16 @@ void mbedtls_ecp_read_key(int grp_id, data_t *in_key, int expected, int canonica { int ret = 0; mbedtls_ecp_keypair key; - mbedtls_ecp_keypair key2; - mbedtls_ecp_keypair_init(&key); + mbedtls_ecp_keypair key2; mbedtls_ecp_keypair_init(&key2); +#if defined(MBEDTLS_BIGNUM_C) + TEST_EQUAL(mbedtls_mpi_lset(&key.Q.X, 1), 0); + TEST_EQUAL(mbedtls_mpi_lset(&key.Q.Y, 2), 0); + TEST_EQUAL(mbedtls_mpi_lset(&key.Q.Z, 3), 0); +#endif + ret = mbedtls_ecp_read_key(grp_id, &key, in_key->x, in_key->len); TEST_ASSERT(ret == expected); @@ -1057,6 +1062,12 @@ void mbedtls_ecp_read_key(int grp_id, data_t *in_key, int expected, int canonica ret = mbedtls_ecp_check_privkey(&key.grp, &key.d); TEST_ASSERT(ret == 0); +#if defined(MBEDTLS_BIGNUM_C) + TEST_EQUAL(mbedtls_mpi_cmp_int(&key.Q.X, 1), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&key.Q.Y, 2), 0); + TEST_EQUAL(mbedtls_mpi_cmp_int(&key.Q.Z, 3), 0); +#endif + if (canonical) { unsigned char buf[MBEDTLS_ECP_MAX_BYTES]; From 28240323d3246908aff6379022bebf5678673c98 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Jun 2023 19:52:11 +0200 Subject: [PATCH 1169/1674] New function mbedtls_ecp_set_public_key Set the public key in a key pair. This complements mbedtls_ecp_read_key and the functions can be used in either order. Document the need to call check functions separately. Signed-off-by: Gilles Peskine --- include/mbedtls/ecp.h | 32 +++++++++ library/ecp.c | 19 +++++ tests/suites/test_suite_ecp.data | 42 +++++++++++ tests/suites/test_suite_ecp.function | 103 +++++++++++++++++++++++++++ 4 files changed, 196 insertions(+) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index f1690085a..96f030d1f 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -1259,6 +1259,38 @@ int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); +/** \brief Set the public key in a key pair object. + * + * \note This function does not check that the point actually + * belongs to the given group. Call mbedtls_ecp_check_pubkey() + * on \p Q before calling this function to check that. + * + * \note This function does not check that the public key matches + * the private key that is already in \p key, if any. + * To check the consistency of the resulting key pair object, + * call mbedtls_ecp_check_pub_priv() after setting both + * the public key and the private key. + * + * \param grp_id The ECP group identifier. + * \param key The key pair object. It must be initialized. + * If its group has already been set, it must match \p grp_id. + * If its group has not been set, it will be set to \p grp_id. + * If the public key has already been set, it is overwritten. + * \param Q The public key to copy. This must be a point on the + * curve indicated by \p grp_id. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p key does not + * match \p grp_id. + * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the operation for + * the group is not implemented. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED on memory-allocation failure. + * \return Another negative error code on other kinds of failure. + */ +int mbedtls_ecp_set_public_key(mbedtls_ecp_group_id grp_id, + mbedtls_ecp_keypair *key, + const mbedtls_ecp_point *Q); + /** * \brief This function reads an elliptic curve private key. * diff --git a/library/ecp.c b/library/ecp.c index b4da3c50f..bb0cf6905 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3198,6 +3198,25 @@ int mbedtls_ecp_gen_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, } #endif /* MBEDTLS_ECP_C */ +int mbedtls_ecp_set_public_key(mbedtls_ecp_group_id grp_id, + mbedtls_ecp_keypair *key, + const mbedtls_ecp_point *Q) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + if (key->grp.id == MBEDTLS_ECP_DP_NONE) { + /* Group not set yet */ + if ((ret = mbedtls_ecp_group_load(&key->grp, grp_id)) != 0) { + return ret; + } + } else if (key->grp.id != grp_id) { + /* Group mismatch */ + return MBEDTLS_ERR_ECP_BAD_INPUT_DATA; + } + return mbedtls_ecp_copy(&key->Q, Q); +} + + #define ECP_CURVE25519_KEY_SIZE 32 #define ECP_CURVE448_KEY_SIZE 56 /* diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 100299195..8bf288b79 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -581,6 +581,48 @@ genkey_mx_known_answer:447:"ffffffffffffffffffffffffffffffffffffffffffffffffffff ECP generate Montgomery key: Curve448, not enough entropy genkey_mx_known_answer:447:"4f0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f30313233343536":"" +ECP set public key: invalid group (0) +ecp_set_public_key_group_check:MBEDTLS_ECP_DP_NONE:MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE + +ECP set public key: valid group (secp256r1) +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_set_public_key_group_check:MBEDTLS_ECP_DP_SECP256R1:0 + +ECP set public key: group not supported (secp256r1) +depends_on:!MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_set_public_key_group_check:MBEDTLS_ECP_DP_SECP256R1:MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE + +ECP set public key: bad group (not in enum) +ecp_set_public_key_group_check:MBEDTLS_ECP_DP_MAX:MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE + +ECP set public key: good, secp256r1 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_set_public_key_good:MBEDTLS_ECP_DP_SECP256R1:"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e0e1ff20e1ffe120e1e1e173287170a761308491683e345cacaebb500c96e1a7bbd37772968b2c951f0579" + +ECP set public key: good, Curve25519 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_set_public_key_good:MBEDTLS_ECP_DP_CURVE25519:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" + +ECP set public key after private: good, secp256r1 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_set_public_key_after_private:MBEDTLS_ECP_DP_SECP256R1:"70726976617465206b6579":MBEDTLS_ECP_DP_SECP256R1:"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e0e1ff20e1ffe120e1e1e173287170a761308491683e345cacaebb500c96e1a7bbd37772968b2c951f0579" + +ECP set public key after private: good, Curve25519 +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_set_public_key_after_private:MBEDTLS_ECP_DP_CURVE25519:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":MBEDTLS_ECP_DP_CURVE25519:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" + +ECP set public key after private: secp256r1 then secp256k1 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP256K1_ENABLED +ecp_set_public_key_after_private:MBEDTLS_ECP_DP_SECP256R1:"70726976617465206b6579":MBEDTLS_ECP_DP_SECP256K1:"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e0e1ff20e1ffe120e1e1e173287170a761308491683e345cacaebb500c96e1a7bbd37772968b2c951f0579" + +ECP set public key after private: secp256r1 then secp384r1 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +ecp_set_public_key_after_private:MBEDTLS_ECP_DP_SECP256R1:"70726976617465206b6579":MBEDTLS_ECP_DP_SECP384R1:"04aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaae1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e0e1ff20e1ffe120e1e1e173287170a761308491683e345cacaebb500c96e1a7bbd37772968b2c951f0579bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" + +ECP set public key after private: secp384r1 then secp256r1 +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_set_public_key_after_private:MBEDTLS_ECP_DP_SECP384R1:"70726976617465206b6579":MBEDTLS_ECP_DP_SECP256R1:"04e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e1e0e1ff20e1ffe120e1e1e173287170a761308491683e345cacaebb500c96e1a7bbd37772968b2c951f0579" + ECP read key #1 (short weierstrass, too small) depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"00":MBEDTLS_ERR_ECP_INVALID_KEY:0 diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index aefb57a58..53b78d900 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -1039,6 +1039,109 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void ecp_set_public_key_group_check(int grp_id, int expected_ret) +{ + mbedtls_ecp_keypair key; + mbedtls_ecp_keypair_init(&key); + mbedtls_ecp_point Q; + mbedtls_ecp_point_init(&Q); + + TEST_EQUAL(mbedtls_ecp_set_public_key(grp_id, &key, &Q), + expected_ret); + +exit: + mbedtls_ecp_keypair_free(&key); + mbedtls_ecp_point_free(&Q); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void ecp_set_public_key_good(int grp_id, data_t *public_data) +{ + mbedtls_ecp_keypair key; + mbedtls_ecp_keypair_init(&key); + mbedtls_ecp_group grp; + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point Q; + mbedtls_ecp_point_init(&Q); + + TEST_EQUAL(mbedtls_ecp_group_load(&grp, grp_id), 0); + TEST_EQUAL(mbedtls_ecp_point_read_binary(&grp, &Q, + public_data->x, public_data->len), + 0); + + /* Freshly initialized key */ + TEST_EQUAL(mbedtls_ecp_set_public_key(grp_id, &key, &Q), 0); + TEST_EQUAL(key.grp.id, grp_id); + TEST_EQUAL(mbedtls_ecp_point_cmp(&key.Q, &Q), 0); + +#if defined(MBEDTLS_BIGNUM_C) + /* Key with a public key already set to a different value */ + TEST_EQUAL(mbedtls_mpi_add_int(&key.Q.X, &key.Q.X, 1), 0); + TEST_EQUAL(mbedtls_mpi_add_int(&key.Q.Y, &key.Q.Y, 1), 0); + TEST_EQUAL(mbedtls_mpi_add_int(&key.Q.Z, &key.Q.Z, 1), 0); + TEST_EQUAL(mbedtls_ecp_set_public_key(grp_id, &key, &Q), 0); + TEST_EQUAL(key.grp.id, grp_id); + TEST_EQUAL(mbedtls_ecp_point_cmp(&key.Q, &Q), 0); +#endif + +exit: + mbedtls_ecp_keypair_free(&key); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&Q); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void ecp_set_public_key_after_private(int private_grp_id, data_t *private_data, + int public_grp_id, data_t *public_data) +{ + mbedtls_ecp_keypair key; + mbedtls_ecp_keypair_init(&key); + mbedtls_ecp_group grp; + mbedtls_ecp_group_init(&grp); + mbedtls_ecp_point Q; + mbedtls_ecp_point_init(&Q); +#if defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi d; + mbedtls_mpi_init(&d); +#endif + + TEST_EQUAL(mbedtls_ecp_group_load(&grp, public_grp_id), 0); + TEST_EQUAL(mbedtls_ecp_point_read_binary(&grp, &Q, + public_data->x, public_data->len), + 0); + TEST_EQUAL(mbedtls_ecp_read_key(private_grp_id, &key, + private_data->x, private_data->len), + 0); +#if defined(MBEDTLS_BIGNUM_C) + TEST_EQUAL(mbedtls_mpi_copy(&d, &key.d), 0); +#endif + + int ret = mbedtls_ecp_set_public_key(public_grp_id, &key, &Q); + + if (private_grp_id == public_grp_id) { + TEST_EQUAL(ret, 0); + TEST_EQUAL(key.grp.id, public_grp_id); + TEST_EQUAL(mbedtls_ecp_point_cmp(&key.Q, &Q), 0); +#if defined(MBEDTLS_BIGNUM_C) + TEST_EQUAL(mbedtls_mpi_cmp_mpi(&d, &key.d), 0); +#endif + } else { + TEST_EQUAL(ret, MBEDTLS_ERR_ECP_BAD_INPUT_DATA); + } + +exit: + mbedtls_ecp_keypair_free(&key); + mbedtls_ecp_group_free(&grp); + mbedtls_ecp_point_free(&Q); +#if defined(MBEDTLS_BIGNUM_C) + mbedtls_mpi_free(&d); +#endif +} +/* END_CASE */ + /* BEGIN_CASE */ void mbedtls_ecp_read_key(int grp_id, data_t *in_key, int expected, int canonical) { From 7ea72026cde2d9c9e0cc6141f0d8f34493163189 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Jun 2023 20:39:08 +0200 Subject: [PATCH 1170/1674] New function mbedtls_ecp_keypair_calc_public For when you calculate or import a private key, and then need to calculate the public key. Signed-off-by: Gilles Peskine --- include/mbedtls/ecp.h | 17 ++++++++++++++ library/ecp.c | 8 +++++++ tests/suites/test_suite_ecp.data | 18 +++++++++++++++ tests/suites/test_suite_ecp.function | 34 ++++++++++++++++++++++++++++ 4 files changed, 77 insertions(+) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 96f030d1f..1847f2cb2 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -1365,6 +1365,23 @@ int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); +/** \brief Calculate the public key from a private key in a key pair. + * + * \param key A keypair structure. It must have a private key set. + * If the public key is set, it will be overwritten. + * \param f_rng The RNG function. This must not be \c NULL. + * \param p_rng The RNG context to be passed to \p f_rng. This may be \c + * NULL if \p f_rng doesn't need a context. + * + * \return \c 0 on success. The key pair object can be used for + * operations that require the public key. + * \return An \c MBEDTLS_ERR_ECP_XXX or an \c MBEDTLS_ERR_MPI_XXX + * error code on calculation failure. + */ +int mbedtls_ecp_keypair_calc_public( + mbedtls_ecp_keypair *key, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); + /** \brief Query the group that a key pair belongs to. * * \param key The key pair to query. diff --git a/library/ecp.c b/library/ecp.c index bb0cf6905..43f7d6930 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3374,6 +3374,14 @@ cleanup: return ret; } + +int mbedtls_ecp_keypair_calc_public(mbedtls_ecp_keypair *key, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng) +{ + return mbedtls_ecp_mul(&key->grp, &key->Q, &key->d, &key->grp.G, + f_rng, p_rng); +} #endif /* MBEDTLS_ECP_C */ mbedtls_ecp_group_id mbedtls_ecp_keypair_get_group_id( diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 8bf288b79..01fdc477f 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -529,6 +529,24 @@ ECP check public-private #7 (wrong Qy) depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED mbedtls_ecp_check_pub_priv:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edfe":MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edfe":MBEDTLS_ERR_ECP_BAD_INPUT_DATA +ECP calculate public: secp256r1, good +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_calc_public:MBEDTLS_ECP_DP_SECP256R1:"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":0:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff" + +ECP calculate public: secp256r1, private value out of range +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED +ecp_calc_public:MBEDTLS_ECP_DP_SECP256R1:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":MBEDTLS_ERR_ECP_INVALID_KEY:"" + +# Alice's private key from rfc 7748, masked and adjusted for endianness +# because the test function wants the little-endian representation. +ECP calculate public: Curve25519, good +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_calc_public:MBEDTLS_ECP_DP_CURVE25519:"6a2cb91da5fb77b12a99c0eb872f4cdf4566b25172c1163c7da518730a6d0770":0:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" + +ECP calculate public: Curve25519, private value not masked +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +ecp_calc_public:MBEDTLS_ECP_DP_CURVE25519:"2a2cb91da5fb77b12a99c0eb872f4cdf4566b25172c1163c7da518730a6d0770":MBEDTLS_ERR_ECP_INVALID_KEY:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" + ECP gen keypair [#1] depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED mbedtls_ecp_gen_keypair:MBEDTLS_ECP_DP_SECP192R1 diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 53b78d900..8c8d32699 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -988,6 +988,40 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECP_C */ +void ecp_calc_public(int grp_id, data_t *private, + int expected_ret, data_t *expected_public) +{ + mbedtls_ecp_keypair key; + mbedtls_ecp_keypair_init(&key); + mbedtls_test_rnd_pseudo_info rnd_info; + memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); + + TEST_EQUAL(mbedtls_ecp_group_load(&key.grp, grp_id), 0); + TEST_EQUAL(mbedtls_mpi_read_binary(&key.d, private->x, private->len), 0); + + TEST_EQUAL(mbedtls_ecp_keypair_calc_public(&key, + &mbedtls_test_rnd_pseudo_rand, &rnd_info), + expected_ret); + + if (expected_ret == 0) { + TEST_EQUAL(mbedtls_ecp_check_pub_priv(&key, &key, + &mbedtls_test_rnd_pseudo_rand, &rnd_info), + 0); + unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN]; + size_t length; + TEST_EQUAL(mbedtls_ecp_point_write_binary(&key.grp, &key.Q, + MBEDTLS_ECP_PF_UNCOMPRESSED, + &length, buf, sizeof(buf)), + 0); + ASSERT_COMPARE(expected_public->x, expected_public->len, buf, length); + } + +exit: + mbedtls_ecp_keypair_free(&key); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_ECP_C */ void mbedtls_ecp_gen_keypair(int id) { From ad5e437c8e185d6a6d5ffc5c6e295475d560669c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 22 Dec 2023 21:59:46 +0100 Subject: [PATCH 1171/1674] mbedtls_ecp_read_key: explain how to set the public key Signed-off-by: Gilles Peskine --- include/mbedtls/ecp.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 1847f2cb2..fc0a7636b 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -1297,6 +1297,11 @@ int mbedtls_ecp_set_public_key(mbedtls_ecp_group_id grp_id, * \note This function does not set the public key in the * key pair object. Without a public key, the key pair object * cannot be used with operations that require the public key. + * Call mbedtls_ecp_keypair_calc_public() to set the public + * key from the private key. Alternatively, you can call + * mbedtls_ecp_set_public_key() to set the public key part, + * and then optionally mbedtls_ecp_check_pub_priv() to check + * that the private and public parts are consistent. * * \note If a public key has already been set in the key pair * object, this function does not check that it is consistent From 6dd87384ae26c5c828997b582b78265f7c355d50 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Jun 2023 20:27:19 +0200 Subject: [PATCH 1172/1674] Rename variable that's a C++ keyword It gave uncrustify trouble (https://github.com/uncrustify/uncrustify/issues/4044) Signed-off-by: Gilles Peskine --- tests/suites/test_suite_ecp.function | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 8c8d32699..354a92cec 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -989,7 +989,7 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECP_C */ -void ecp_calc_public(int grp_id, data_t *private, +void ecp_calc_public(int grp_id, data_t *private_data, int expected_ret, data_t *expected_public) { mbedtls_ecp_keypair key; @@ -998,7 +998,8 @@ void ecp_calc_public(int grp_id, data_t *private, memset(&rnd_info, 0x00, sizeof(mbedtls_test_rnd_pseudo_info)); TEST_EQUAL(mbedtls_ecp_group_load(&key.grp, grp_id), 0); - TEST_EQUAL(mbedtls_mpi_read_binary(&key.d, private->x, private->len), 0); + TEST_EQUAL(mbedtls_mpi_read_binary(&key.d, + private_data->x, private_data->len), 0); TEST_EQUAL(mbedtls_ecp_keypair_calc_public(&key, &mbedtls_test_rnd_pseudo_rand, &rnd_info), From 62e33bcc64c05027a5873830b7a26dbdbb84f282 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Jun 2023 22:27:32 +0200 Subject: [PATCH 1173/1674] New function mbedtls_ecp_write_public_key Directly export the public part of a key pair without having to go through intermediate objects (using mbedtls_ecp_point_write_binary would require a group object and a point object). Signed-off-by: Gilles Peskine --- include/mbedtls/ecp.h | 26 ++++++++++++++++++++++++ library/ecp.c | 12 +++++++++++ tests/suites/test_suite_ecp.function | 30 +++++++++++++++++++--------- 3 files changed, 59 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index fc0a7636b..619a8a51a 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -1346,6 +1346,32 @@ int mbedtls_ecp_read_key(mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int mbedtls_ecp_write_key(mbedtls_ecp_keypair *key, unsigned char *buf, size_t buflen); +/** + * \brief This function exports an elliptic curve public key. + * + * \param key The public key. + * \param format The point format. This must be either + * #MBEDTLS_ECP_PF_COMPRESSED or #MBEDTLS_ECP_PF_UNCOMPRESSED. + * (For groups without these formats, this parameter is + * ignored. But it still has to be either of the above + * values.) + * \param olen The address at which to store the length of + * the output in Bytes. This must not be \c NULL. + * \param buf The output buffer. This must be a writable buffer + * of length \p buflen Bytes. + * \param buflen The length of the output buffer \p buf in Bytes. + * + * \return \c 0 on success. + * \return #MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL if the output buffer + * is too small to hold the point. + * \return #MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the point format + * or the export for the given group is not implemented. + * \return Another negative error code on other kinds of failure. + */ +int mbedtls_ecp_write_public_key(mbedtls_ecp_keypair *key, + int format, size_t *olen, + unsigned char *buf, size_t buflen); + /** * \brief This function checks that the keypair objects * \p pub and \p prv have the same group and the diff --git a/library/ecp.c b/library/ecp.c index 43f7d6930..12924bf32 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3333,6 +3333,18 @@ cleanup: return ret; } +/* + * Write a public key. + */ +int mbedtls_ecp_write_public_key(mbedtls_ecp_keypair *key, + int format, size_t *olen, + unsigned char *buf, size_t buflen) +{ + return mbedtls_ecp_point_write_binary(&key->grp, &key->Q, + format, olen, buf, buflen); +} + + #if defined(MBEDTLS_ECP_C) /* * Check a public-private key pair diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 354a92cec..ced4ca387 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -590,29 +590,41 @@ void ecp_write_binary(int id, char *x, char *y, char *z, int format, { mbedtls_ecp_group grp; mbedtls_ecp_point P; + mbedtls_ecp_keypair key; unsigned char buf[256]; size_t olen; memset(buf, 0, sizeof(buf)); mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&P); + mbedtls_ecp_keypair_init(&key); - TEST_ASSERT(mbedtls_ecp_group_load(&grp, id) == 0); + TEST_EQUAL(mbedtls_ecp_group_load(&grp, id), 0); - TEST_ASSERT(mbedtls_test_read_mpi(&P.X, x) == 0); - TEST_ASSERT(mbedtls_test_read_mpi(&P.Y, y) == 0); - TEST_ASSERT(mbedtls_test_read_mpi(&P.Z, z) == 0); - - TEST_ASSERT(mbedtls_ecp_point_write_binary(&grp, &P, format, - &olen, buf, blen) == ret); + TEST_EQUAL(mbedtls_test_read_mpi(&P.X, x), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&P.Y, y), 0); + TEST_EQUAL(mbedtls_test_read_mpi(&P.Z, z), 0); + TEST_EQUAL(mbedtls_ecp_point_write_binary(&grp, &P, format, + &olen, buf, blen), ret); if (ret == 0) { - TEST_ASSERT(olen <= MBEDTLS_ECP_MAX_PT_LEN); - TEST_ASSERT(mbedtls_test_hexcmp(buf, out->x, olen, out->len) == 0); + TEST_LE_U(olen, MBEDTLS_ECP_MAX_PT_LEN); + ASSERT_COMPARE(buf, olen, + out->x, out->len); + } + + memset(buf, 0, blen); + TEST_EQUAL(mbedtls_ecp_set_public_key(grp.id, &key, &P), 0); + TEST_EQUAL(mbedtls_ecp_write_public_key(&key, format, + &olen, buf, blen), ret); + if (ret == 0) { + ASSERT_COMPARE(buf, olen, + out->x, out->len); } exit: mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&P); + mbedtls_ecp_keypair_free(&key); } /* END_CASE */ From 52cc2a6368872eb2116bc3ed1066e884920e91fa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Jun 2023 22:32:05 +0200 Subject: [PATCH 1174/1674] Use new mbedtls_ecp_keypair functions in sample programs This eliminates the use of MBEDTLS_PRIVATE in sample programs to access fields of an mbedtls_ecp_keypair structure. When displaying elliptic curve points, the program now display the coordinates in the standard form instead of the internal representation. The auxiliary function show_ecp_key is present in three programs. It's more complex than the previous code which was also triplicated. There's no good place for such auxiliary functions that don't belong in the library and are used in multiple sample programs. Signed-off-by: Gilles Peskine --- programs/pkey/ecdsa.c | 23 +++++---- programs/pkey/gen_key.c | 75 ++++++++++++++++++++++++--- programs/pkey/key_app.c | 94 ++++++++++++++++++++++++++-------- programs/pkey/key_app_writer.c | 82 +++++++++++++++++++++++++---- 4 files changed, 228 insertions(+), 46 deletions(-) diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c index afd6fb31a..5664b8c4e 100644 --- a/programs/pkey/ecdsa.c +++ b/programs/pkey/ecdsa.c @@ -60,8 +60,8 @@ static void dump_pubkey(const char *title, mbedtls_ecdsa_context *key) unsigned char buf[300]; size_t len; - if (mbedtls_ecp_point_write_binary(&key->MBEDTLS_PRIVATE(grp), &key->MBEDTLS_PRIVATE(Q), - MBEDTLS_ECP_PF_UNCOMPRESSED, &len, buf, sizeof(buf)) != 0) { + if (mbedtls_ecp_write_public_key(key, MBEDTLS_ECP_PF_UNCOMPRESSED, + &len, buf, sizeof(buf)) != 0) { mbedtls_printf("internal error\n"); return; } @@ -79,6 +79,8 @@ int main(int argc, char *argv[]) int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; mbedtls_ecdsa_context ctx_sign, ctx_verify; + mbedtls_ecp_point Q; + mbedtls_ecp_point_init(&Q); mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; unsigned char message[100]; @@ -128,7 +130,10 @@ int main(int argc, char *argv[]) goto exit; } - mbedtls_printf(" ok (key size: %d bits)\n", (int) ctx_sign.MBEDTLS_PRIVATE(grp).pbits); + mbedtls_ecp_group_id grp_id = mbedtls_ecp_keypair_get_group_id(&ctx_sign); + const mbedtls_ecp_curve_info *curve_info = + mbedtls_ecp_curve_info_from_grp_id(grp_id); + mbedtls_printf(" ok (key size: %d bits)\n", (int) curve_info->bit_size); dump_pubkey(" + Public key: ", &ctx_sign); @@ -174,16 +179,13 @@ int main(int argc, char *argv[]) mbedtls_printf(" . Preparing verification context..."); fflush(stdout); - if ((ret = - mbedtls_ecp_group_copy(&ctx_verify.MBEDTLS_PRIVATE(grp), - &ctx_sign.MBEDTLS_PRIVATE(grp))) != 0) { - mbedtls_printf(" failed\n ! mbedtls_ecp_group_copy returned %d\n", ret); + if ((ret = mbedtls_ecp_export(&ctx_sign, NULL, NULL, &Q)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecp_export returned %d\n", ret); goto exit; } - if ((ret = - mbedtls_ecp_copy(&ctx_verify.MBEDTLS_PRIVATE(Q), &ctx_sign.MBEDTLS_PRIVATE(Q))) != 0) { - mbedtls_printf(" failed\n ! mbedtls_ecp_copy returned %d\n", ret); + if ((ret = mbedtls_ecp_set_public_key(grp_id, &ctx_verify, &Q)) != 0) { + mbedtls_printf(" failed\n ! mbedtls_ecp_set_public_key returned %d\n", ret); goto exit; } @@ -208,6 +210,7 @@ exit: mbedtls_ecdsa_free(&ctx_verify); mbedtls_ecdsa_free(&ctx_sign); + mbedtls_ecp_point_free(&Q); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index f6bb23787..cbdf5b760 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -160,6 +160,71 @@ static int write_private_key(mbedtls_pk_context *key, const char *output_file) return 0; } +#if defined(MBEDTLS_ECP_C) +static int show_ecp_key(const mbedtls_ecp_keypair *ecp, int has_private) +{ + int ret = 0; + + const mbedtls_ecp_curve_info *curve_info = + mbedtls_ecp_curve_info_from_grp_id( + mbedtls_ecp_keypair_get_group_id(ecp)); + mbedtls_printf("curve: %s\n", curve_info->name); + + mbedtls_ecp_group grp; + mbedtls_ecp_group_init(&grp); + mbedtls_mpi D; + mbedtls_mpi_init(&D); + mbedtls_ecp_point pt; + mbedtls_ecp_point_init(&pt); + mbedtls_mpi X, Y; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); + + MBEDTLS_MPI_CHK(mbedtls_ecp_export(ecp, &grp, + (has_private ? &D : NULL), + &pt)); + + unsigned char point_bin[MBEDTLS_ECP_MAX_PT_LEN]; + size_t len = 0; + MBEDTLS_MPI_CHK(mbedtls_ecp_point_write_binary( + &grp, &pt, MBEDTLS_ECP_PF_UNCOMPRESSED, + &len, point_bin, sizeof(point_bin))); + switch (mbedtls_ecp_get_type(&grp)) { + case MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS: + if ((len & 1) == 0 || point_bin[0] != 0x04) { + /* Point in an unxepected format. This shouldn't happen. */ + ret = -1; + goto cleanup; + } + MBEDTLS_MPI_CHK( + mbedtls_mpi_read_binary(&X, point_bin + 1, len / 2)); + MBEDTLS_MPI_CHK( + mbedtls_mpi_read_binary(&Y, point_bin + 1 + len / 2, len / 2)); + mbedtls_mpi_write_file("X_Q: ", &X, 16, NULL); + mbedtls_mpi_write_file("Y_Q: ", &Y, 16, NULL); + break; + case MBEDTLS_ECP_TYPE_MONTGOMERY: + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&X, point_bin, len)); + mbedtls_mpi_write_file("X_Q: ", &X, 16, NULL); + break; + default: + mbedtls_printf( + "This program does not yet support listing coordinates for this curve type.\n"); + break; + } + + if (has_private) { + mbedtls_mpi_write_file("D: ", &D, 16, NULL); + } + +cleanup: + mbedtls_ecp_group_free(&grp); + mbedtls_mpi_free(&D); + mbedtls_ecp_point_free(&pt); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); + return ret; +} +#endif + int main(int argc, char *argv[]) { int ret = 1; @@ -365,12 +430,10 @@ usage: #endif #if defined(MBEDTLS_ECP_C) if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(key); - mbedtls_printf("curve: %s\n", - mbedtls_ecp_curve_info_from_grp_id(ecp->MBEDTLS_PRIVATE(grp).id)->name); - mbedtls_mpi_write_file("X_Q: ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, NULL); - mbedtls_mpi_write_file("Y_Q: ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, NULL); - mbedtls_mpi_write_file("D: ", &ecp->MBEDTLS_PRIVATE(d), 16, NULL); + if (show_ecp_key(mbedtls_pk_ec(key), 1) != 0) { + mbedtls_printf(" failed\n ! could not export ECC parameters\n\n"); + goto exit; + } } else #endif mbedtls_printf(" ! key type not supported\n"); diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c index 194c4102d..e3a696605 100644 --- a/programs/pkey/key_app.c +++ b/programs/pkey/key_app.c @@ -53,6 +53,71 @@ int main(void) #else +#if defined(MBEDTLS_ECP_C) +static int show_ecp_key(const mbedtls_ecp_keypair *ecp, int has_private) +{ + int ret = 0; + + const mbedtls_ecp_curve_info *curve_info = + mbedtls_ecp_curve_info_from_grp_id( + mbedtls_ecp_keypair_get_group_id(ecp)); + mbedtls_printf("curve: %s\n", curve_info->name); + + mbedtls_ecp_group grp; + mbedtls_ecp_group_init(&grp); + mbedtls_mpi D; + mbedtls_mpi_init(&D); + mbedtls_ecp_point pt; + mbedtls_ecp_point_init(&pt); + mbedtls_mpi X, Y; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); + + MBEDTLS_MPI_CHK(mbedtls_ecp_export(ecp, &grp, + (has_private ? &D : NULL), + &pt)); + + unsigned char point_bin[MBEDTLS_ECP_MAX_PT_LEN]; + size_t len = 0; + MBEDTLS_MPI_CHK(mbedtls_ecp_point_write_binary( + &grp, &pt, MBEDTLS_ECP_PF_UNCOMPRESSED, + &len, point_bin, sizeof(point_bin))); + switch (mbedtls_ecp_get_type(&grp)) { + case MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS: + if ((len & 1) == 0 || point_bin[0] != 0x04) { + /* Point in an unxepected format. This shouldn't happen. */ + ret = -1; + goto cleanup; + } + MBEDTLS_MPI_CHK( + mbedtls_mpi_read_binary(&X, point_bin + 1, len / 2)); + MBEDTLS_MPI_CHK( + mbedtls_mpi_read_binary(&Y, point_bin + 1 + len / 2, len / 2)); + mbedtls_mpi_write_file("X_Q: ", &X, 16, NULL); + mbedtls_mpi_write_file("Y_Q: ", &Y, 16, NULL); + break; + case MBEDTLS_ECP_TYPE_MONTGOMERY: + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&X, point_bin, len)); + mbedtls_mpi_write_file("X_Q: ", &X, 16, NULL); + break; + default: + mbedtls_printf( + "This program does not yet support listing coordinates for this curve type.\n"); + break; + } + + if (has_private) { + mbedtls_mpi_write_file("D: ", &D, 16, NULL); + } + +cleanup: + mbedtls_ecp_group_free(&grp); + mbedtls_mpi_free(&D); + mbedtls_ecp_point_free(&pt); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); + return ret; +} +#endif + /* * global options */ @@ -219,17 +284,10 @@ usage: #endif #if defined(MBEDTLS_ECP_C) if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY) { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk); - MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(X): ", - &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, - NULL)); - MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Y): ", - &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, - NULL)); - MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Z): ", - &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 16, - NULL)); - MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("D : ", &ecp->MBEDTLS_PRIVATE(d), 16, NULL)); + if (show_ecp_key(mbedtls_pk_ec(pk), 1) != 0) { + mbedtls_printf(" failed\n ! could not export ECC parameters\n\n"); + goto cleanup; + } } else #endif { @@ -269,16 +327,10 @@ usage: #endif #if defined(MBEDTLS_ECP_C) if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY) { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk); - MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(X): ", - &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, - NULL)); - MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Y): ", - &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, - NULL)); - MBEDTLS_MPI_CHK(mbedtls_mpi_write_file("Q(Z): ", - &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 16, - NULL)); + if (show_ecp_key(mbedtls_pk_ec(pk), 0) != 0) { + mbedtls_printf(" failed\n ! could not export ECC parameters\n\n"); + goto cleanup; + } } else #endif { diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index c07c56464..cc4c4dc72 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -176,6 +176,71 @@ static int write_private_key(mbedtls_pk_context *key, const char *output_file) return 0; } +#if defined(MBEDTLS_ECP_C) +static int show_ecp_key(const mbedtls_ecp_keypair *ecp, int has_private) +{ + int ret = 0; + + const mbedtls_ecp_curve_info *curve_info = + mbedtls_ecp_curve_info_from_grp_id( + mbedtls_ecp_keypair_get_group_id(ecp)); + mbedtls_printf("curve: %s\n", curve_info->name); + + mbedtls_ecp_group grp; + mbedtls_ecp_group_init(&grp); + mbedtls_mpi D; + mbedtls_mpi_init(&D); + mbedtls_ecp_point pt; + mbedtls_ecp_point_init(&pt); + mbedtls_mpi X, Y; + mbedtls_mpi_init(&X); mbedtls_mpi_init(&Y); + + MBEDTLS_MPI_CHK(mbedtls_ecp_export(ecp, &grp, + (has_private ? &D : NULL), + &pt)); + + unsigned char point_bin[MBEDTLS_ECP_MAX_PT_LEN]; + size_t len = 0; + MBEDTLS_MPI_CHK(mbedtls_ecp_point_write_binary( + &grp, &pt, MBEDTLS_ECP_PF_UNCOMPRESSED, + &len, point_bin, sizeof(point_bin))); + switch (mbedtls_ecp_get_type(&grp)) { + case MBEDTLS_ECP_TYPE_SHORT_WEIERSTRASS: + if ((len & 1) == 0 || point_bin[0] != 0x04) { + /* Point in an unxepected format. This shouldn't happen. */ + ret = -1; + goto cleanup; + } + MBEDTLS_MPI_CHK( + mbedtls_mpi_read_binary(&X, point_bin + 1, len / 2)); + MBEDTLS_MPI_CHK( + mbedtls_mpi_read_binary(&Y, point_bin + 1 + len / 2, len / 2)); + mbedtls_mpi_write_file("X_Q: ", &X, 16, NULL); + mbedtls_mpi_write_file("Y_Q: ", &Y, 16, NULL); + break; + case MBEDTLS_ECP_TYPE_MONTGOMERY: + MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&X, point_bin, len)); + mbedtls_mpi_write_file("X_Q: ", &X, 16, NULL); + break; + default: + mbedtls_printf( + "This program does not yet support listing coordinates for this curve type.\n"); + break; + } + + if (has_private) { + mbedtls_mpi_write_file("D: ", &D, 16, NULL); + } + +cleanup: + mbedtls_ecp_group_free(&grp); + mbedtls_mpi_free(&D); + mbedtls_ecp_point_free(&pt); + mbedtls_mpi_free(&X); mbedtls_mpi_free(&Y); + return ret; +} +#endif + int main(int argc, char *argv[]) { int ret = 1; @@ -338,11 +403,10 @@ usage: #endif #if defined(MBEDTLS_ECP_C) if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(key); - mbedtls_mpi_write_file("Q(X): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, NULL); - mbedtls_mpi_write_file("Q(Y): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, NULL); - mbedtls_mpi_write_file("Q(Z): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 16, NULL); - mbedtls_mpi_write_file("D : ", &ecp->MBEDTLS_PRIVATE(d), 16, NULL); + if (show_ecp_key(mbedtls_pk_ec(key), 1) != 0) { + mbedtls_printf(" failed\n ! could not export ECC parameters\n\n"); + goto exit; + } } else #endif mbedtls_printf("key type not supported yet\n"); @@ -384,10 +448,10 @@ usage: #endif #if defined(MBEDTLS_ECP_C) if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(key); - mbedtls_mpi_write_file("Q(X): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, NULL); - mbedtls_mpi_write_file("Q(Y): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, NULL); - mbedtls_mpi_write_file("Q(Z): ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 16, NULL); + if (show_ecp_key(mbedtls_pk_ec(key), 0) != 0) { + mbedtls_printf(" failed\n ! could not export ECC parameters\n\n"); + goto exit; + } } else #endif mbedtls_printf("key type not supported yet\n"); From 9552a52f5f334bf0f0eba5bcb8221c9d6ff29ea1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 23 Dec 2023 18:44:20 +0100 Subject: [PATCH 1175/1674] Declare dependency on bignum in sample programs Signed-off-by: Gilles Peskine --- programs/pkey/gen_key.c | 32 +++++++++++++----------------- programs/pkey/key_app_writer.c | 36 +++++++++++++++------------------- 2 files changed, 30 insertions(+), 38 deletions(-) diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c index cbdf5b760..6914c9390 100644 --- a/programs/pkey/gen_key.c +++ b/programs/pkey/gen_key.c @@ -9,8 +9,19 @@ #include "mbedtls/platform.h" -#if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO) && \ - defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C) +#if !defined(MBEDTLS_PK_WRITE_C) || !defined(MBEDTLS_PEM_WRITE_C) || \ + !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \ + !defined(MBEDTLS_CTR_DRBG_C) || !defined(MBEDTLS_BIGNUM_C) +int main(void) +{ + mbedtls_printf("MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_PEM_WRITE_C and/or MBEDTLS_BIGNUM_C " + "not defined.\n"); + mbedtls_exit(0); +} +#else + #include "mbedtls/error.h" #include "mbedtls/pk.h" #include "mbedtls/ecdsa.h" @@ -61,7 +72,6 @@ int dev_random_entropy_poll(void *data, unsigned char *output, return 0; } #endif /* !_WIN32 */ -#endif #if defined(MBEDTLS_ECP_C) #define DFL_EC_CURVE mbedtls_ecp_curve_list()->grp_id @@ -96,19 +106,6 @@ int dev_random_entropy_poll(void *data, unsigned char *output, USAGE_DEV_RANDOM \ "\n" -#if !defined(MBEDTLS_PK_WRITE_C) || !defined(MBEDTLS_PEM_WRITE_C) || \ - !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_CTR_DRBG_C) -int main(void) -{ - mbedtls_printf("MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_PEM_WRITE_C" - "not defined.\n"); - mbedtls_exit(0); -} -#else - /* * global options @@ -478,5 +475,4 @@ exit: mbedtls_exit(exit_code); } -#endif /* MBEDTLS_PK_WRITE_C && MBEDTLS_PEM_WRITE_C && MBEDTLS_FS_IO && - * MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ +#endif /* program viability conditions */ diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c index cc4c4dc72..60f992e43 100644 --- a/programs/pkey/key_app_writer.c +++ b/programs/pkey/key_app_writer.c @@ -9,9 +9,21 @@ #include "mbedtls/platform.h" -#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_PK_WRITE_C) && \ - defined(MBEDTLS_FS_IO) && \ - defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C) +#if !defined(MBEDTLS_PK_PARSE_C) || \ + !defined(MBEDTLS_PK_WRITE_C) || \ + !defined(MBEDTLS_FS_IO) || \ + !defined(MBEDTLS_ENTROPY_C) || \ + !defined(MBEDTLS_CTR_DRBG_C) || \ + !defined(MBEDTLS_BIGNUM_C) +int main(void) +{ + mbedtls_printf("MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or " + "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " + "MBEDTLS_FS_IO and/or MBEDTLS_BIGNUM_C not defined.\n"); + mbedtls_exit(0); +} +#else + #include "mbedtls/error.h" #include "mbedtls/pk.h" #include "mbedtls/error.h" @@ -21,7 +33,6 @@ #include #include -#endif #if defined(MBEDTLS_PEM_WRITE_C) #define USAGE_OUT \ @@ -66,20 +77,6 @@ USAGE_OUT \ "\n" -#if !defined(MBEDTLS_PK_PARSE_C) || \ - !defined(MBEDTLS_PK_WRITE_C) || \ - !defined(MBEDTLS_FS_IO) || \ - !defined(MBEDTLS_ENTROPY_C) || \ - !defined(MBEDTLS_CTR_DRBG_C) -int main(void) -{ - mbedtls_printf("MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or " - "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or " - "MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit(0); -} -#else - /* * global options @@ -495,5 +492,4 @@ exit: mbedtls_exit(exit_code); } -#endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO && - MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */ +#endif /* program viability conditions */ From 3b17ae78d2123cfb8f1596ff4a9c85d288ba50c2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 23 Jun 2023 11:08:39 +0200 Subject: [PATCH 1176/1674] Add ECP-heavy-only test cases to the driver parity analysis ignore list Signed-off-by: Gilles Peskine --- tests/scripts/analyze_outcomes.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index d3ea8c0e1..96d4e46bb 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -325,6 +325,7 @@ KNOWN_TASKS = { # is required. 'test_suite_ecp': [ re.compile(r'ECP check public-private .*'), + re.compile(r'ECP calculate public: .*'), re.compile(r'ECP gen keypair .*'), re.compile(r'ECP point muladd .*'), re.compile(r'ECP point multiplication .*'), From 28e9d86cbc23ea4f202f9dc639cd3a2925dbc5fe Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Jun 2023 20:40:55 +0200 Subject: [PATCH 1177/1674] Changelog entry for the new ECP functions Signed-off-by: Gilles Peskine --- ChangeLog.d/ecp-keypair-utilities.txt | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 ChangeLog.d/ecp-keypair-utilities.txt diff --git a/ChangeLog.d/ecp-keypair-utilities.txt b/ChangeLog.d/ecp-keypair-utilities.txt new file mode 100644 index 000000000..6f9714aaa --- /dev/null +++ b/ChangeLog.d/ecp-keypair-utilities.txt @@ -0,0 +1,5 @@ +Features + * Add utility functions to manipulate mbedtls_ecp_keypair objects, filling + gaps made by making its fields private: mbedtls_ecp_set_public_key(), + mbedtls_ecp_write_public_key(), mbedtls_ecp_keypair_calc_public(), + mbedtls_ecp_keypair_get_group_id(). Fixes #5017, #5441, #8367, #8652. From 8f1307adcd818f628014d97a77ffb21e06b8d9fc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 Dec 2023 21:42:23 +0100 Subject: [PATCH 1178/1674] Asymmetric cryptography: rough draft Still many open questions Signed-off-by: Gilles Peskine --- .../psa-migration/psa-legacy-bridges.md | 194 +++++++++++++++++- 1 file changed, 189 insertions(+), 5 deletions(-) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index e8f20b2b6..75a05fc24 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -12,7 +12,7 @@ This is a design document. The target audience is library maintainers. See the c ### Keywords * [TODO] A part of the analysis that isn't finished. -* [QUESTION] A specific aspect of the design where there are several plausible decisions. +* [OPEN] Open question: a specific aspect of the design where there are several plausible decisions. * [ACTION] A finalized part of the design that will need to be carried out. ### Context @@ -70,13 +70,18 @@ With respect to the legacy API, we do not consider functionality of low-level mo ## Gap analysis +The document [“Transitioning to the PSA API”](../../psa-transition.md) enumerates the public header files in Mbed TLS 3.4 and the API elements (especially enums and functions) that they provide, listing PSA equivalents where they exist. There are gaps in two cases: + +* Where the PSA equivalents do not provide the same functionality. A typical example is parsing and formatting asymmetric keys. +* To convert between data representations used by legacy APIs and data representations used by PSA APIs. + Based on “[Where mixing happens](#where-mixing-happens)”, we focus the gap analysis on two topics: metadata and keys. This chapter explores the gaps in each family of cryptographic mechanisms. ### Generic metadata gaps #### Need for error code conversion -[QUESTION] Do we need public functions to convert between `MBEDTLS_ERR_xxx` error codes and `PSA_ERROR_xxx` error codes? We have such functions for internal use. +[OPEN] Do we need public functions to convert between `MBEDTLS_ERR_xxx` error codes and `PSA_ERROR_xxx` error codes? We have such functions for internal use. ### Hash gap analysis @@ -104,17 +109,101 @@ Gap: functions to convert between `psa_algorithm_t` hash algorithms and `mbedtls ### Asymmetric cryptography gap analysis -[TODO] +#### Asymmetric cryptography metadata + +The legacy API only has generic support for two key types: RSA and ECC, via the pk module. The type of ECC keys is divided in subtypes: one for each curve. The legacy API also supports DHM (Diffie-Hellman-Merkle = FFDH: finite-field Diffie-Hellman) keys, but those are not integrated in the pk module. + +An RSA or ECC key can potentially be used for different algorithms in the scope of the pk module: + +* RSA: PKCS#1v1.5 signature, PSS signature, PKCS#1v1.5 encryption, OAEP encryption. +* ECC: ECDSA signature (randomized or deterministic), ECDH key agreement. + +ECC keys are also involved in EC-JPAKE, but this happens internally: the EC-JPAKE interface only needs one piece of metadata, namely, to identify a curve. + +Since there is no algorithm that can be used with multiple types, and PSA keys have a policy that (for the most part) limits them to one algorithm, there does not seem to be a need to convert between legacy and PSA asymmetric key types on their own. The useful metadata conversions are: + +* Selecting an **elliptic curve**. + + This means converting between an `mbedtls_ecp_group_id` and a pair of `{psa_ecc_family_t; size_t}`. + + This is fulfilled by `mbedtls_ecc_group_to_psa` and `mbedtls_ecc_group_of_psa`, which were introduced into the public API after Mbed TLS 3.5. + +* Selecting A **DHM group**. + + PSA only supports predefined groups, whereas legacy only supports ad hoc groups. An existing application referring to `MBEDTLS_DHM_RFC7919_FFDHExxx` values would need to refer to `PSA_DH_FAMILY_RFC7919`; an existing application using arbitrary groups cannot migrate to PSA. + +* Simultaneously supporting **a key type and an algorithm**. + + On the legacy side, this is an `mbedtls_pk_type_t` value and more. For ECDSA, the choice between randomized and deterministic is made at compile time. For RSA, the choice of encryption or signature algorithm is made either by configuring the underlying `mbedtls_rsa_context` or when calling the operation function. + + On the PSA side, this is a `psa_key_type_t` value and an algorithm which is normally encoded as policy information in a `psa_key_attributes_t`. The algorithm is also needed in its own right when calling operation functions. + +#### Using a legacy key pair or public key with PSA + +There are several scenarios where an application has a legacy key pair or public key (`mbedtls_pk_context`) and needs to create a PSA key object (`psa_key_id_t`). + +Reasons for creating a legacy key object, where it's impossible or impractical to directly create a PSA key: + +* A very common case where the input is a legacy key object is parsing. PSA does not (yet) have an equivalent of the `mbedtls_pk_parse_xxx` functions. +* The PSA key creation interface is less flexible in some cases. In particular, PSA RSA key generation does not (yet) allow choosing the public exponent. +* The pk object may be created by a part of the application (or a third-party library) that hasn't been migrated to the PSA API yet. + +Reasons for needing a PSA key object: + +* Using the key in TLS 1.3 or some third-party interface that takes a PSA key identifier as input. +* Benefiting from a PSA accelerator, or from PSA's world separation, even without `MBEDTLS_USE_PSA_CRYPTO`. (Not a priority scenario: we generally expect people to activate `MBEDTLS_USE_PSA_CRYPTO` at an early stage of their migration to PSA.) + +Gap: a way to create a PSA key object from an `mbedtls_pk_context`. This partially exists in the form of `mbedtls_pk_wrap_as_opaque`, but it is not fully satisfactory, for reasons that are detailed in “[API to create a PSA key from a PK context](#api-to-create-a-psa-key-from-a-pk-context)” below. + +#### Using a PSA key as a PK context + +There are several scenarios where an application has a PSA key and needs to use it through an interface that wants an `mbedtls_pk_context` object. Typically, there is an existing key in the PSA key store (possibly in a secure element and non-exportable), and the key needs to be used in an interface that requires a `mbedtls_pk_context *` input, such as Mbed TLS's X.509 API or a similar third-party interface, or the `mbedtls_pk_write_xxx` interfaces which do not (yet) have PSA equivalents. + +There is a function `mbedtls_pk_setup_opaque` that mostly does this. However, it has several limitations: + +* It creates a PK key of type `MBEDTLS_PK_OPAQUE` that wraps the PSA key. This is good enough in some scenarios, but not others. For example, it's ok for pkwrite, because we've upgraded the pkwrite code to handle `MBEDTLS_PK_OPAQUE`. That doesn't help users of third-party libraries that haven't yet been upgraded. +* It ties the lifetime of the PK object to the PSA key, which is error-prone: if the PSA key is destroyed but the PK object isn't, there is no way to reliably detect any subsequent misuse of the PK object. +* It is only available under `MBEDTLS_USE_PSA_CRYPTO`. (Not a priority concern: we generally expect people to activate `MBEDTLS_USE_PSA_CRYPTO` at an early stage of their migration to PSA.) + +Gap: a way to copy a PSA key into a PK context. This can only be expected to work if the PSA key is exportable. + +[OPEN] Is `mbedtls_pk_setup_opaque` ok or do we want to tweak it? + +#### Signature formats + +The pk module uses signature formats intended for X.509. The PSA module uses the simplest sensible signature format. + +* For RSA, the formats are the same. +* For ECDSA, PSA uses a fixed-size concatenation of (r,s), whereas X.509 and pk use an ASN.1 DER encoding of the sequence (r,s). + +Gap: We need APIs to convert between these two formats. The conversion code already exists under the hood, but it's in pieces that can't be called directly. + +There is a design choice here: do we provide conversions functions for ECDSA specifically, or do we provide conversion functions that take an algorithm as argument and just happen to be a no-op with RSA? One factor is plausible extensions. These conversions functions will remain useful in Mbed TLS 4.x and perhaps beyond. We will at least add EdDSA support, and its signature encoding is the fixed-size concatenation (r,s) even in X.509. We may well also add support for some post-quantum signatures, and their concrete format is still uncertain. + +Given the uncertainty, it would be nice to provide a sufficiently generic interface to convert between the PSA and the pk signature format, parametrized by the algorithm. However, it is difficult to predict exactly what parameters are needed. For example, converting from an ASN.1 ECDSA signature to (r,s) requires the knowledge of the curve, or at least the curve's size. + +#### Asymmetric cryptography TODO + +[TODO] Other gaps? ## New APIs This section presents new APIs to implement based on the [gap analysis](#gap-analysis). +### General notes + +Each action to implement a function entails: + +* Implement the library function. +* Document it precisely, including error conditions. +* Unit-test it. +* Mention it where relevant in the PSA transition guide. + ### Hash APIs Based on the [gap analysis](#hash-gap-analysis): -[ACTION] Move `mbedtls_md_psa_alg_from_type` and `mbedtls_md_type_from_psa_alg` from `library/md_psa.h` to `include/mbedtls/md.h`. +[ACTION] [#8340](https://github.com/Mbed-TLS/mbedtls/issues/8340) Move `mbedtls_md_psa_alg_from_type` and `mbedtls_md_type_from_psa_alg` from `library/md_psa.h` to `include/mbedtls/md.h`. ### MAC APIs @@ -134,4 +223,99 @@ Based on the [gap analysis](#hash-gap-analysis): ### Asymmetric cryptography APIs -[TODO] +#### Asymmetric cryptography metadata APIs + +Based on the [gap analysis](#asymmetric-cryptography-metadata): + +* No further work is needed about RSA specifically. The amount of metadata other than hashes is sufficiently small to be handled in ad hoc ways in applications, and hashes have [their own conversions](#hash-apis). +* No further work is needed about ECC specifically. We have just added adequate functions. +* No further work is needed about DHM specifically. There is no good way to translate the relevant information. +* [OPEN] Is there a decent way to convert between `mbedtls_pk_type_t` plus extra information, and `psa_key_type_t` plus policy information? The two APIs are different in crucial ways, with different splits between key type, policy information and operation algorithm. + +#### API to create a PSA key from a PK context + +Based on the [gap analysis](#using-a-legacy-key-pair-or-public-key-with-psa): + +Given an `mbedtls_pk_context`, we want a function that creates a PSA key with the same key material and algorithm. “Same key material” is straightforward, but “same algorithm” is not, because a PK context has incomplete algorithm information. For example, there is no way to distinguish between an RSA key that is intended for signature or for encryption. Between algorithms of the same nature, there is no way to distinguish a key intended for PKCS#1v1.5 and one intended for PKCS#1v2.1 (OAEP/PSS): this is indicated in the underlying RSA context, but the indication there is only a default that can be overridden by calling `mbedtls_pk_{sign,verify}_ext`. Also there is no way to distinguish between `PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)` and `PSA_ALG_RSA_PKCS1V15_SIGN_RAW`: in the legacy interface, this is only determined when actually doing a signature/verification operation. Therefore the function that creates the PSA key needs extra information to indicate which algorithm to put in the key's policy. + +When creating a PSA key, apart from the key material, the key is determined by attributes, which fall under three categories: + +* Type and size. These are directly related to the key material and can be deduced from it if the key material is in a structured format, which is the case with an `mbedtls_pk_context` input. +* Policy. This includes the chosen algorithm, which as discussed above cannot be fully deduced from the `mbedtls_pk_context` object. Just choosing one algorithm is problematic because it doesn't allow implementation-specific extensions, such as Mbed TLS's enrollment algorithm. The intended usage flags cannot be deduced from the PK context either, but the conversion function could sensibly just enable all the relevant usage flags. Users who want a more restrictive usage can call `psa_copy_key` and `psa_destroy_key` to obtain a PSA key object with a more restrictive usage. +* Persistence and location. This is completely orthogonal to the information from the `mbedtls_pk_context` object. It is convenient, but not necessary, for the conversion function to allow customizing these aspects. If it doesn't, users can call the conversion function and then call `psa_copy_key` and `psa_destroy_key` to move the key to its desired location. + +To allow the full flexibility around policies, and make the creation of a persistent key more convenient, the conversion function shall take a `const psa_key_attributes_t *` input, like all other functions that create a PSA key. In addition, there shall be a helper function to populate a `psa_key_attributes_t` with a sensible default. This lets the caller choose a more flexible, or just different usage policy, unlike the default-then-copy approach which only allows restricting the policy. + +This is close to the existing function `mbedtls_pk_wrap_as_opaque`, but does not bake in the implementation-specific consideration that a PSA key has exactly two algorithms, and also allows the caller to benefit from default for the policy in more cases. + +[ACTION] Implement `mbedtls_pk_get_psa_attributes` and `mbedtls_pk_import_into_psa` as described below. These functions are available whenever `MBEDTLS_PK_C` and `MBEDTLS_PSA_CRYPTO_CLIENT` are both defined. Deprecate `mbedtls_pk_wrap_as_opaque`. + +``` +int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, + psa_key_attributes_t *attributes); +int mbedtls_pk_import_into_psa(const mbedtls_pk_context *pk, + const psa_key_attributes_t *attributes, + mbedtls_svc_key_id_t *key_id); +``` + +* `mbedtls_pk_get_psa_attributes` does not change the id/lifetime fields of the attributes (which indicate a volatile key by default). +* `mbedtls_pk_get_psa_attributes` sets the type and size based on what's in the pk context. + * The key type is a key pair if the context contains a private key, and a public key if the context only contains a public key. +* `mbedtls_pk_get_psa_attributes` sets all the potentially applicable usage flags: `EXPORT`, `COPY`; `VERIFY_HASH | VERIFY_MESSAGE` or `ENCRYPT` as applicable for both public keys and key pairs; `SIGN` or `DECRYPT` as applicable for a key pair. +* [OPEN] What is the default algorithm for `mbedtls_pk_get_psa_attributes`? Suggestion: assume signature by default. For RSA, either `PSA_RSA_PKCS1_V15_SIGN(PSA_ALG_ANY_HASH)` or `PSA_ALG_RSA_PSS(hash_alg)` depending on the RSA context's padding mode. For ECC, `PSA_ALG_DETERMINISTIC_ECDSA` if `MBEDTLS_ECDSA_DETERMINISTIC` is enabled and `PSA_ALG_ECDSA` otherwise. +* [OPEN] Or does `mbedtls_pk_get_psa_attributes` need an extra argument indicating how to treat RSA and ECC keys? +* `mbedtls_pk_import_into_psa` checks that the type field in the attributes is consistent with the content of the `mbedtls_pk_context` object (RSA/ECC, and availability of the private key). + * The key type can be a public key even if the private key is available. +* `mbedtls_pk_import_into_psa` does not need to check the bit-size in the attributes: `psa_import_key` will do enough checks. +* `mbedtls_pk_import_into_psa` does not check that the policy in the attributes is sensible. That's on the user. + +#### API to copy a PSA key to a PK context + +Based on the [gap analysis](#using-a-psa-key-as-a-pk-context): + +[ACTION] Implement `mbedtls_pk_copy_from_psa` as described below. + +``` +int mbedtls_pk_copy_from_psa(mbedtls_svc_key_id_t key_id, + mbedtls_pk_context *pk); +``` + +* `pk` must be initialized, but not set up. +* It is an error if the key is neither a key pair nor a public key. +* It is an error if the key is not exportable. +* The resulting pk object has a transparent type, not `MBEDTLS_PK_OPAQUE`. +* Once this function returns, the pk object is completely independent of the PSA key. +* Calling `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_pk_encrypt`, `mbedtls_pk_decrypt` on the resulting pk context will perform an algorithm that is compatible with the PSA key's primary algorithm policy (`psa_get_key_algorithm`), but with no restriction on the hash (as if the policy had `PSA_ALG_ANY_HASH` instead of a specific hash, and with `PSA_ALG_RSA_PKCS1V15_SIGN_RAW` merged with `PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)`). For ECDSA, the choice of deterministic vs randomized will be based on the compile-time setting `MBEDTLS_ECDSA_DETERMINISTIC`, like `mbedtls_pk_sign` today. + * [OPEN] How do we distinguish between signature-only and encryption-only RSA keys? Do we just allow both (e.g. a PSS key gets generalized into a PSS/OAEP key)? + * [OPEN] What about `mbedtls_pk_sign_ext` and `mbedtls_pk_verify_ext`? + +[OPEN] Should there be a way to use a different algorithm? This can be resolved by `psa_copy_key` on the input to tweak the policy if needed. + +#### API to create a PK object that wraps a PSA key + +Based on the [gap analysis](#using-a-psa-key-as-a-pk-context): + +[ACTION] Clarify the documentation of `mbedtls_pk_setup_opaque` regarding which algorithms the resulting key will perform with `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_pk_encrypt`, `mbedtls_pk_decrypt`. + +[OPEN] What about `mbedtls_pk_sign_ext` and `mbedtls_pk_verify_ext`? + +#### API to convert between signature formats + +Based on the [gap analysis](#signature-formats): + +[ACTION] [#7765](https://github.com/Mbed-TLS/mbedtls/issues/7765) Implement `mbedtls_ecdsa_raw_to_der` and `mbedtls_ecdsa_der_to_raw` as described below. + +``` +int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, + unsigned char *der, size_t der_size, size_t *der_len); +int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, + unsigned char *raw, size_t raw_size, size_t *raw_len, + size_t bits); +``` + +* These functions convert between the signature format used by `mbedtls_pk_{sign,verify}{,_ext}` and the signature format used by `psa_{sign,verify}_{hash,message}`. +* The input and output buffers can overlap. +* [OPEN] Should we maybe use a different interface that is better integrated with ASN.1 and X.509 parsing and writing functions in Mbed TLS? That is: + * DER production writes from right to left in the destination buffer. + * DER parsing takes a pointer-to-pointer to the start of the buffer and an end pointer, instead of pointer-to-start and size. + * Names should match the patterns found in X.509 and ASN.1 parsing and writing function. From e98ad5931a894f9668615d623c1167f18dc90800 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 10:42:12 +0100 Subject: [PATCH 1179/1674] mbedls_config: update documentation for MBEDTLS_PKCS[5/12]_C Signed-off-by: Valerio Setti --- include/mbedtls/mbedtls_config.h | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 758a51424..30b7b30f2 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3082,7 +3082,6 @@ * * Module: library/pkcs5.c * - * Requires: MBEDTLS_CIPHER_C * Auto-enables: MBEDTLS_MD_C * * \warning If using a hash that is only provided by PSA drivers, you must @@ -3117,8 +3116,8 @@ * Module: library/pkcs12.c * Caller: library/pkparse.c * - * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C and either - * MBEDTLS_MD_C or MBEDTLS_PSA_CRYPTO_C. + * Requires: MBEDTLS_ASN1_PARSE_C and either MBEDTLS_MD_C or + * MBEDTLS_PSA_CRYPTO_C. * * \warning If using a hash that is only provided by PSA drivers, you must * call psa_crypto_init() before doing any PKCS12 operations. From b9f4bfc33b7d585530f05762c4957875915fcf9e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 11:07:48 +0100 Subject: [PATCH 1180/1674] all.sh: fix messages in test_psa_crypto_config_accel_des Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 224f09b2a..b2857e05d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3644,7 +3644,7 @@ component_test_psa_crypto_config_reference_hash_use_psa() { } component_test_psa_crypto_config_accel_des () { - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher" + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated DES" # Albeit this components aims at accelerating DES which should only support # CBC and ECB modes, we need to accelerate more than that otherwise DES_C @@ -3686,7 +3686,7 @@ component_test_psa_crypto_config_accel_des () { # Run the tests # ------------- - msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher" + msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated DES" make test } From b3413bf0b4a499e3a3c4ad20feeb1d72f6098e58 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 12:15:45 +0100 Subject: [PATCH 1181/1674] changelog: update description Signed-off-by: Valerio Setti --- ChangeLog.d/8358.txt | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/ChangeLog.d/8358.txt b/ChangeLog.d/8358.txt index 2b66d8d22..123bdbd80 100644 --- a/ChangeLog.d/8358.txt +++ b/ChangeLog.d/8358.txt @@ -1,9 +1,9 @@ Features - * It is now possible to accelerate all ciphers and AEADs through a driver, - while completely removing legacy support and MBEDTLS_CIPHER_C, and still - get most things working, including TLS - see - docs/driver-only-builds.md for full details and current limitations. - * The CTR-DRBG module no longer depends on MBEDTLS_AES_C and can also use - AES from a PSA driver. This requires MBEDTLS_PSA_CRYPTO_C, - PSA_WANT_KEY_TYPE_AES and PSA_WANT_ALG_ECB_NO_PADDING to be enabled, and - MBEDTLS_AES_C to be disabled. + * If a cipher or AEAD mechanism has a PSA driver, you can now build the + library without the corresponding built-in implementation and without + enabling MBEDTLS_CIPHER_C. + * It is possible to disable MBEDTLS_CIPHER_C in some circumstances, please + see docs/driver-only-builds.md for full details and current limitations. + * The CTR_DRBG module will now use AES from a PSA driver if MBEDTLS_AES_C is + disabled. This requires PSA_WANT_ALG_ECB_NO_PADDING in addition to + MBEDTLS_PSA_CRYPTO_C and PSA_WANT_KEY_TYPE_AES. From 92e5c693badb932aebd3dd6c21b5c2b527b30068 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 13:28:03 +0100 Subject: [PATCH 1182/1674] driver-only-builds: updated ciphers and AEADs related sections Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 85 +++++++++++++++++++------------------- 1 file changed, 43 insertions(+), 42 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index fba3779ad..c628e9e92 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -58,10 +58,13 @@ For now, only the following (families of) mechanisms are supported: - AEADs: - GCM and CCM with AES, ARIA and Camellia key types - ChachaPoly with ChaCha20 Key type -- Ciphers: +- Unauthenticated ciphers: - key types: AES, ARIA, Camellia, DES - modes: ECB, CBC, CTR, CFB, OFB, XTS +For each family listed above, all the mentioned alorithms/key types are also +all the mechanisms that exist in PSA API. + Supported means that when those are provided only by drivers, everything (including PK, X.509 and TLS if `MBEDTLS_USE_PSA_CRYPTO` is enabled) should work in the same way as if the mechanisms where built-in, except as documented @@ -246,14 +249,14 @@ Ciphers and AEADs It is possible to have all ciphers and AEAD operations provided only by a driver. More precisely, for each desired combination of key type and algorithm/mode you can: -- enable desired PSA key type(s): +- Enable desired PSA key type(s): - `PSA_WANT_KEY_TYPE_AES`, - `PSA_WANT_KEY_TYPE_ARIA`, - `PSA_WANT_KEY_TYPE_CAMELLIA`, - `PSA_WANT_KEY_TYPE_CHACHA20`, - `PSA_WANT_KEY_TYPE_DES`. -- enable desired PSA algorithm(s): - - unauthenticated ciphers modes: +- Enable desired PSA algorithm(s): + - Unauthenticated ciphers modes: - `PSA_WANT_ALG_CBC_NO_PADDING`, - `PSA_WANT_ALG_CBC_PKCS7`, - `PSA_WANT_ALG_CCM_STAR_NO_TAG`, @@ -266,9 +269,9 @@ algorithm/mode you can: - `PSA_WANT_ALG_CCM`, - `PSA_WANT_ALG_GCM`, - `PSA_WANT_ALG_CHACHA20_POLY1305`. -- enable `MBEDTLS_PSA_ACCEL_[KEY_TYPE_xxx|ALG_yyy]` symbol(s) which correspond +- Enable `MBEDTLS_PSA_ACCEL_[KEY_TYPE_xxx|ALG_yyy]` symbol(s) which correspond to the PSA_WANT_KEY_TYPE_xxx` and `PSA_WANT_ALG_yyy` of the previous steps. -- disable builtin support of key types: +- Disable builtin support of key types: - `MBEDTLS_AES_C`, - `MBEDTLS_ARIA_C`, - `MBEDTLS_CAMELLIA_C`, @@ -295,36 +298,37 @@ some non-PSA APIs will be absent or have reduced functionality, see - If an algorithm other than GCM and CCM (see ["Partial acceleration for CCM/GCM"](#partial-acceleration-for-ccmgcm) below) is enabled but not accelerated, then all key types than can be used with it - will need to be built-in; -- if a key type is enabled but not accelerated, then all algorithms than can be + will need to be built-in. +- If a key type is enabled but not accelerated, then all algorithms than can be used with it will need to be built-in. ### Legacy <-> PSA matching -It should be noticed that the matching between legacy (i.e. `MBEDTLS_xxx_C`) -and PSA (i.e. `PSA_WANT_xxx`) symbols is not always 1:1. For example: +Note that the matching between legacy (i.e. `MBEDTLS_xxx_C`) and PSA +(i.e. `PSA_WANT_xxx`) symbols is not always 1:1. For example: - ECB mode is always enabled in legacy configuration for each key type that allows it (AES, ARIA, Camellia, DES), whereas it must be explicitly enabled - in PSA with `PSA_WANT_ALG_ECB_NO_PADDING`; -- similarly for stream ciphers, it is automatically enabled for key types that - support it (`CHACHA20_C` and `NULL_CIPHER`) whereas it must be explicitly - enabled in PSA with `PSA_WANT_ALG_STREAM_CIPHER`; -- legacy symbol `MBEDTLS_CCM_C` adds support for both cipher and AEAD, whereas - in PSA there are 2 different symbols: `PSA_WANT_ALG_CCM_STAR_NO_TAG` and - `PSA_WANT_ALG_CCM`, respectively. + in PSA with `PSA_WANT_ALG_ECB_NO_PADDING`. +- In the legacy API, MBEDTLS_CHACHA20_C enables the ChaCha20 stream cipher, and + enabling MBEDTLS_CHACHAPOLY_C also enables the ChaCha20-Poly1305 AEAD. In the + PSA API, you need to enable PSA_KEY_TYPE_CHACHA20 for both, plus + PSA_ALG_STREAM_CIPHER or PSA_ALG_CHACHA20_POLY1305 as desired. +- The legacy symbol `MBEDTLS_CCM_C` adds support for both cipher and AEAD, + whereas in PSA there are 2 different symbols: `PSA_WANT_ALG_CCM_STAR_NO_TAG` + and `PSA_WANT_ALG_CCM`, respectively. ### Partial acceleration for CCM/GCM [This section depends on #8598 so it might updated while that PR progresses.] In case legacy CCM/GCM algorithms are enabled it is still possible to benefit -from PSA acceleration by enabling support for ECB mode -(`PSA_WANT_ALG_ECB_NO_PADDING`) together with desired key type(s) +from PSA acceleration of the underlying block cipher by enabling support for +ECB mode (`PSA_WANT_ALG_ECB_NO_PADDING`) together with desired key type(s) (`PSA_WANT_KEY_TYPE_[AES|ARIA|CAMELLIA]`). In such configuration it is possible to: -- still benefit from legacy functions belonging to CCM/GCM modules - (`mbedtls_[ccm|gcm]_xxx()`), -- disable legacy key types (`MBEDTLS_[AES|ARIA|CAMELLIA]_C`) if there is no +- Still benefit from legacy functions belonging to CCM/GCM modules + (`mbedtls_[ccm|gcm]_xxx()`). +- Disable legacy key types (`MBEDTLS_[AES|ARIA|CAMELLIA]_C`) if there is no other dependency requiring them, of course. ChaChaPoly has not such feature, so it requires full acceleration (key type + @@ -332,32 +336,29 @@ algorithm) in order to work with a driver. ### CTR-DRBG -Legacy CTR-DRBG module (enabled by `MBEDTLS_CTR_DRBG_C`) can also benefit from -PSA acceleration when: -- the legacy AES module is not enabled (`MBEDTLS_AES_C`) and +The legacy CTR-DRBG module (enabled by `MBEDTLS_CTR_DRBG_C`) can also benefit +from PSA acceleration if both of the following conditions are met: +- The legacy AES module (`MBEDTLS_AES_C`) is not enabled and - AES is supported on the PSA side together with ECB mode, i.e. `PSA_WANT_KEY_TYPE_AES` + `PSA_WANT_ALG_ECB_NO_PADDING`. ### Disabling CIPHER_C -This only depends on unauthenticated ciphers: they can be either completely -accelerated or disabled in order to remove the dependency on `MBEDTLS_CIPHER_C`. +It is possible to save code size by disabling MBEDTLS_CIPHER_C when all of the +following conditions are met: +- The application is not using the `mbedtls_cipher_` API. +- In PSA, all unauthenticated (that is, non-AEAD) ciphers are either disabled or + fully accelerated (that is, all compatible key types are accelerated too). +- Either TLS is disabled, or `MBEDTLS_USE_PSA_CRYPTO` is enabled. +- `MBEDTLS_NIST_KW` is disabled. -AEADs do not have such a restriction. Of course they can be accelerated as well, -but they can also rely on the legacy modules (`MBEDTLS_[CCM|GCM|CHACHAPOLY]`) -with the following conditions on the underlying key types: -- CCM/GCM can either use legacy key type modules `MBEDTLS_[AES|ARIA|CAMELLIA]_C` - or their accelerated version, as described in section - ["Partial acceleration for CCM/GCM"](#partial-acceleration-for-ccmgcm). -- ChaChaPoly instead can only rely on the legacy key type module - `MBEDTLS_CHACHA20_C` and algorithm `MBEDTLS_POLY1305_C`. +In such a build, everything will work as usual except for the following: +- Encryption/decryption functions from the PKCS5 and PKCS12 module will not be + available (only key derivation functions). +- Parsing of PKCS5- or PKCS12-encrypted keys in PK parse will fail. + +Note: AEAD ciphers (CCM, GCM, ChachaPoly) do not have a dependency on +MBEDTLS_CIPHER_C even when using the built-in implementations. -It should be noticed that disabling `MBEDTLS_CIPHER_C` helps to reduce the -code's footprint, but unfortunately it makes the following features unavailable: -- encryption/decryption in PKCS5 and PKCS12 modules (key derivations will still - be available), -- encrypted PEM (write and unecrypted read work normally), -- parsing of encrypted keys (PKCS5 or PKCS12) in PK modules, -- NIST-KW (`MBEDTLS_NIST_KW_C`). From ab0494f19335b09183d1cee6aa1de58e5e755077 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 13:56:13 +0100 Subject: [PATCH 1183/1674] analyze_outcomes: update comments of skipped tests Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 7dc6afe3c..277ea7362 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -566,12 +566,13 @@ KNOWN_TASKS = { re.compile(r'CAMELLIA-\d+[- ]CCM\*-NO-TAG .*'), ], 'test_suite_error': [ - # Following tests require AES_C which is disabled in the accelerated component + # Following tests depend on AES_C but are not about them + # really, just need to know some error code is there. 'Single low error', 'Low and high error', ], 'test_suite_version': [ - # Following tests require AES_C which is disabled in the accelerated component + # Similar to test_suite_error above. 'Check for MBEDTLS_AES_C when already present', ], 'test_suite_platform': [ From 1994e72e185294bd67b33ddd725dec5532162a40 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 14:01:22 +0100 Subject: [PATCH 1184/1674] check_config/block_cipher: minor improvements Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 10 ++++------ library/block_cipher.c | 2 +- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 30ef7d6fc..3b39c912f 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -334,16 +334,14 @@ #undef MBEDTLS_HAS_MEMSAN #if defined(MBEDTLS_CCM_C) && \ - !(defined(MBEDTLS_BLOCK_CIPHER_CAN_AES) || defined(MBEDTLS_AES_C) || \ - defined(MBEDTLS_BLOCK_CIPHER_CAN_ARIA) || defined(MBEDTLS_ARIA_C) || \ - defined(MBEDTLS_BLOCK_CIPHER_CAN_CAMELLIA) || defined(MBEDTLS_CAMELLIA_C)) + !(defined(MBEDTLS_CCM_GCM_CAN_AES) || defined(MBEDTLS_CCM_GCM_CAN_ARIA) || \ + defined(MBEDTLS_CCM_GCM_CAN_CAMELLIA)) #error "MBEDTLS_CCM_C defined, but not all prerequisites" #endif #if defined(MBEDTLS_GCM_C) && \ - !(defined(MBEDTLS_BLOCK_CIPHER_CAN_AES) || defined(MBEDTLS_AES_C) || \ - defined(MBEDTLS_BLOCK_CIPHER_CAN_ARIA) || defined(MBEDTLS_ARIA_C) || \ - defined(MBEDTLS_BLOCK_CIPHER_CAN_CAMELLIA) || defined(MBEDTLS_CAMELLIA_C)) + !(defined(MBEDTLS_CCM_GCM_CAN_AES) || defined(MBEDTLS_CCM_GCM_CAN_ARIA) || \ + defined(MBEDTLS_CCM_GCM_CAN_CAMELLIA)) #error "MBEDTLS_GCM_C defined, but not all prerequisites" #endif diff --git a/library/block_cipher.c b/library/block_cipher.c index bfb605ec4..e21541ec1 100644 --- a/library/block_cipher.c +++ b/library/block_cipher.c @@ -42,7 +42,7 @@ static psa_key_type_t psa_key_type_from_block_cipher_id(mbedtls_block_cipher_id_ } } -int mbedtls_cipher_error_from_psa(psa_status_t status) +static int mbedtls_cipher_error_from_psa(psa_status_t status) { return PSA_TO_MBEDTLS_ERR_LIST(status, psa_to_cipher_errors, psa_generic_status_to_mbedtls); From 9a4cc122a7c06866dccd60b9d0866e920c7c0e00 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 14:05:15 +0100 Subject: [PATCH 1185/1674] test_suite_block_cipher.psa: remove misleading initial comment Signed-off-by: Valerio Setti --- tests/suites/test_suite_block_cipher.psa.data | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/suites/test_suite_block_cipher.psa.data b/tests/suites/test_suite_block_cipher.psa.data index e9b48e195..eb0c27837 100644 --- a/tests/suites/test_suite_block_cipher.psa.data +++ b/tests/suites/test_suite_block_cipher.psa.data @@ -1,7 +1,3 @@ -# These tests behave differently depending on the presence of -# drivers and/or built-in, so they're isolated here for the benefit of -# analyze_outcomes.py (driver vs reference comparison). - AES - legacy only depends_on:MBEDTLS_BLOCK_CIPHER_AES_VIA_LEGACY:!MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA block_cipher_psa_dynamic_dispatch:MBEDTLS_CIPHER_ID_AES:0:MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY From 1fff4f20120d1ba0982cbc1c567159d07829ff53 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 14:19:34 +0100 Subject: [PATCH 1186/1674] psa: add key_type as input parameter of psa_can_do_cipher() Signed-off-by: Valerio Setti --- library/block_cipher.c | 5 +++-- library/psa_crypto.c | 3 ++- library/psa_crypto_core.h | 2 +- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/library/block_cipher.c b/library/block_cipher.c index e21541ec1..04cd7fb44 100644 --- a/library/block_cipher.c +++ b/library/block_cipher.c @@ -88,8 +88,9 @@ int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx, MBEDTLS_BLOCK_CIPHER_ID_NONE; #if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) - if (psa_can_do_cipher(cipher_id) && - (psa_key_type_from_block_cipher_id(ctx->id) != PSA_KEY_TYPE_NONE)) { + psa_key_type_t psa_key_type = psa_key_type_from_block_cipher_id(ctx->id); + if (psa_key_type != PSA_KEY_TYPE_NONE && + psa_can_do_cipher(psa_key_type, PSA_ALG_ECB_NO_PADDING)) { ctx->engine = MBEDTLS_BLOCK_CIPHER_ENGINE_PSA; return 0; } diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a9ba787d0..dd5b4465f 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -116,8 +116,9 @@ int psa_can_do_hash(psa_algorithm_t hash_alg) return global_data.drivers_initialized; } -int psa_can_do_cipher(psa_algorithm_t cipher_alg) +int psa_can_do_cipher(psa_key_type_t key_type, psa_algorithm_t cipher_alg) { + (void) key_type; (void) cipher_alg; return global_data.drivers_initialized; } diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 43b1c2377..ff01add95 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -43,7 +43,7 @@ int psa_can_do_hash(psa_algorithm_t hash_alg); * * \return 1 if the driver subsytem is ready, 0 otherwise. */ -int psa_can_do_cipher(psa_algorithm_t cipher_alg); +int psa_can_do_cipher(psa_key_type_t key_type, psa_algorithm_t cipher_alg); typedef enum { PSA_SLOT_EMPTY = 0, From cd21d4eb8fe0bbad753210172dd3133160dcc03a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 16:00:55 +0100 Subject: [PATCH 1187/1674] all.sh: keep legacy cipher modes enabled in test_full_block_cipher_legacy_dispatch() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 4a3f72146..437709537 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3840,9 +3840,8 @@ common_block_cipher_dispatch() { # Disable cipher's modes and AEADs that, when not accelerated, cause # legacy key types to be re-enabled in "config_adjust_legacy_from_psa.h". - # Keep this also in the reference component in order to avoid re-enabling - # (in "config_adjust_legacy_from_psa.h") legacy cipher modes that were - # disabled in that component. + # Keep this also in the reference component in order to skip the same tests + # that were skipped in the accelerated one. scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CTR scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CFB scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_OFB @@ -3901,11 +3900,6 @@ component_test_full_block_cipher_legacy_dispatch () { common_block_cipher_dispatch 0 - # Disable cipher modes other than ECB as in the accelerated component. ECB - # does not have a configuration symbol and it's automatically enabled as - # long as underlying key types are. - scripts/config.py unset-all MBEDTLS_CIPHER_MODE - make msg "test: full + legacy dispatch in block_cipher" From 0635cca7d19f8bfd39e630e1e096784a503e1b7a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 16:16:02 +0100 Subject: [PATCH 1188/1674] analyze_outcomes: update skipped tests following latest changes to all.sh Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 39 +++++++++++++++++-------------- 1 file changed, 21 insertions(+), 18 deletions(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 277ea7362..bdbdbddbc 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -542,28 +542,31 @@ KNOWN_TASKS = { 'ignored_suites': [ # Skipped in the accelerated component 'aes', 'aria', 'camellia', - # These require AES_C and CAMELLIA_C to be enabled in order for the cipher - # module (actually cipher_wrapper) to work properly. However these symbols - # are disabled in the accelerated component so we ignore them. - 'cipher.ccm', 'cipher.gcm', 'cmac', + # These require AES_C, ARIA_C or CAMELLIA_C to be enabled in + # order for the cipher module (actually cipher_wrapper) to work + # properly. However these symbols are disabled in the accelerated + # component so we ignore them. + 'cipher.ccm', 'cipher.gcm', 'cmac', 'cipher.aes', 'cipher.aria', + 'cipher.camellia', ], 'ignored_tests': { - 'test_suite_cipher.aes': [ - # CCM*-NO-TAG is disabled in the accelerated component but - # there is no way to get CCM without CCM*-NO-TAG with legacy symbols. - re.compile(r'AES-\d+[- ]CCM\*-NO-TAG .*'), - # Following test require AES_C to be enabled for CIPHER_C operations - re.compile(r'AES-\d+-ECB .* NIST KAT .*'), - # This test requires AES_C which is disabled in the accelerated component - 'Cipher Corner Case behaviours', + 'test_suite_cipher.padding': [ + # Following tests require AES_C/CAMELLIA_C to be enabled, + # but these are not available in the accelerated component. + re.compile('Set( non-existent)? padding with (AES|CAMELLIA).*'), ], - 'test_suite_cipher.aria': [ - # Same as for test_suite_cipher.aes - re.compile(r'ARIA-\d+[- ]CCM\*-NO-TAG .*'), + 'test_suite_pkparse': [ + # PEM (called by pkparse) requires AES_C in order to decrypt + # the key, but this is not available in the accelerated + # component. + re.compile('Parse RSA Key.*(password|AES-).*'), ], - 'test_suite_cipher.camellia': [ - # Same as for test_suite_cipher.aes - re.compile(r'CAMELLIA-\d+[- ]CCM\*-NO-TAG .*'), + 'test_suite_pem': [ + # Following tests require AES_C, but this is diabled in the + # accelerated component. + 'PEM read (AES-128-CBC + invalid iv)', + 'PEM read (malformed PEM AES-128-CBC)', + 'PEM read (unknown encryption algorithm)', ], 'test_suite_error': [ # Following tests depend on AES_C but are not about them From 6a971fd61a3fc0d52f4c31379dc3a2e0651b60f9 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 28 Dec 2023 17:48:16 +0000 Subject: [PATCH 1189/1674] Refactor and improve Record size limit handling Signed-off-by: Waleed Elmelegy --- library/ssl_tls.c | 81 +++++++++++++++++++------------------- library/ssl_tls13_client.c | 8 ++-- 2 files changed, 44 insertions(+), 45 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 452970ebe..250adfb28 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3387,6 +3387,31 @@ const char *mbedtls_ssl_get_version(const mbedtls_ssl_context *ssl) } } +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + +size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl) +{ + const size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; + size_t record_size_limit = max_len; + + if (ssl->session != NULL && + ssl->session->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN && + ssl->session->record_size_limit < max_len) { + record_size_limit = ssl->session->record_size_limit; + } + + // TODO: this is currently untested + /* During a handshake, use the value being negotiated */ + if (ssl->session_negotiate != NULL && + ssl->session_negotiate->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN && + ssl->session_negotiate->record_size_limit < max_len) { + record_size_limit = ssl->session_negotiate->record_size_limit; + } + + return record_size_limit; +} +#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ + #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl) { @@ -3420,31 +3445,6 @@ size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl) return max_len; } -#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) - -size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl) -{ - const size_t max_len = MBEDTLS_SSL_OUT_CONTENT_LEN; - size_t record_size_limit = max_len; - - if (ssl->session != NULL && - ssl->session->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN && - ssl->session->record_size_limit < max_len) { - record_size_limit = ssl->session->record_size_limit; - } - - // TODO: this is currently untested - /* During a handshake, use the value being negotiated */ - if (ssl->session_negotiate != NULL && - ssl->session_negotiate->record_size_limit >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN && - ssl->session_negotiate->record_size_limit < max_len) { - record_size_limit = ssl->session_negotiate->record_size_limit; - } - - return record_size_limit; -} -#endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ - size_t mbedtls_ssl_get_output_max_frag_len(const mbedtls_ssl_context *ssl) { size_t max_len; @@ -3516,24 +3516,25 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) if (max_len > record_size_limit) { max_len = record_size_limit; - if (ssl->transform_out != NULL && - ssl->transform_out->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - /* RFC 8449, section 4: - * - * This value [record_size_limit] is the length of the plaintext - * of a protected record. - * The value includes the content type and padding added in TLS 1.3 - * (that is, the complete length of TLSInnerPlaintext). - * - * Thus, round down to a multiple of MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY - * and subtract 1 (for the content type that will be added later) - */ - max_len = ((max_len / MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) * - MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) - 1; - } } #endif + if (ssl->transform_out != NULL && + ssl->transform_out->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { + /* RFC 8449, section 4: + * + * This value [record_size_limit] is the length of the plaintext + * of a protected record. + * The value includes the content type and padding added in TLS 1.3 + * (that is, the complete length of TLSInnerPlaintext). + * + * Thus, round down to a multiple of MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY + * and subtract 1 (for the content type that will be added later) + */ + max_len = ((max_len / MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) * + MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) - 1; + } + #if defined(MBEDTLS_SSL_PROTO_DTLS) if (mbedtls_ssl_get_current_mtu(ssl) != 0) { const size_t mtu = mbedtls_ssl_get_current_mtu(ssl); diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 503db5862..5775a3ea5 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2133,11 +2133,9 @@ static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl, if ((handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(RECORD_SIZE_LIMIT)) && (handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(MAX_FRAGMENT_LENGTH))) { - mbedtls_debug_print_msg(ssl, - 3, - __FILE__, - __LINE__, - "Record size limit extension cannot be used with max fragment length extension"); + MBEDTLS_SSL_DEBUG_MSG(3, + ( + "Record size limit extension cannot be used with max fragment length extension")); MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); From 87a373eea689f4b3e1582e207b442ccb3c7ad6b6 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 28 Dec 2023 17:49:36 +0000 Subject: [PATCH 1190/1674] Improve Record size limit testing Signed-off-by: Waleed Elmelegy --- tests/ssl-opt.sh | 131 +++++++++++++++++------------------------------ 1 file changed, 48 insertions(+), 83 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 8fd295f30..de89add8c 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4842,13 +4842,9 @@ run_test "Record Size Limit: TLS 1.3: Server-side parsing and debug output" \ "$P_SRV debug_level=3 force_version=tls13" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4" \ 0 \ - -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ - -c "Sending extension Record Size Limit/28 (2 bytes)" \ - -s "ClientHello: record_size_limit(28) extension received."\ - -s "found record_size_limit extension" \ -s "RecordSizeLimit: 16385 Bytes" \ -s "ClientHello: record_size_limit(28) extension exists." \ - -s "Maximum outgoing record payload length is 16384" \ + -s "Maximum outgoing record payload length is 16383" \ -s "bytes written in 1 fragments" requires_gnutls_tls1_3 @@ -4863,10 +4859,6 @@ run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \ -s "Preparing extension (Record Size Limit/28) for 'encrypted extensions'" # The P_CLI can not yet send the Record Size Limit extension. Thus, the G_NEXT_SRV does not send # a response in its EncryptedExtensions record. -# -s "Parsing extension 'Record Size Limit/28 (2 bytes)" \ -# -s "Sending extension Record Size Limit/28 (2 bytes)" \ -# -c "EncryptedExtensions: record_size_limit(28) extension received."\ -# -c "found record_size_limit extension" \ # -c "RecordSizeLimit: 16385 Bytes" # In the following (9) tests, --recordsize is the value used by the G_NEXT_CLI (3.7.2) to configure the @@ -4882,59 +4874,56 @@ run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \ # https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/lib/ext/record_size_limit.c#L142 # Currently test certificates being used do not fit in 513 record size limit -# so 513 record size limit tests will not pass until certificates size -# is reduced or handshake messages fragmentation is supported. +# so for 513 record size limit tests we use preshared key to avoid sending +# the certificate. -# requires_gnutls_tls1_3 -# requires_gnutls_record_size_limit -# requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -# requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -# run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 1 fragment" \ -# "$P_SRV debug_level=3 force_version=tls13 response_size=256" \ -# "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 512" \ -# 0 \ -# -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ -# -c "Sending extension Record Size Limit/28 (2 bytes)" \ -# -s "ClientHello: record_size_limit(28) extension received."\ -# -s "found record_size_limit extension" \ -# -s "RecordSizeLimit: 513 Bytes" \ -# -s "ClientHello: record_size_limit(28) extension exists." \ -# -s "Maximum outgoing record payload length is 511" \ -# -s "256 bytes written in 1 fragments" +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED +run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 1 fragment" \ + "$P_SRV debug_level=3 force_version=tls13 tls13_kex_modes=psk \ + psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70 \ + response_size=256" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \ + --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \ + 0 \ + -s "RecordSizeLimit: 513 Bytes" \ + -s "Maximum outgoing record payload length is 511" \ + -s "256 bytes written in 1 fragments" -# requires_gnutls_tls1_3 -# requires_gnutls_record_size_limit -# requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -# requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -# run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 2 fragments" \ -# "$P_SRV debug_level=3 force_version=tls13 response_size=768" \ -# "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 512" \ -# 0 \ -# -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ -# -c "Sending extension Record Size Limit/28 (2 bytes)" \ -# -s "ClientHello: record_size_limit(28) extension received."\ -# -s "found record_size_limit extension" \ -# -s "RecordSizeLimit: 513 Bytes" \ -# -s "ClientHello: record_size_limit(28) extension exists." \ -# -s "Maximum outgoing record payload length is 511" \ -# -s "768 bytes written in 2 fragments" +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED +run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 2 fragments" \ + "$P_SRV debug_level=3 force_version=tls13 tls13_kex_modes=psk \ + psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70 \ + response_size=768" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \ + --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \ + 0 \ + -s "RecordSizeLimit: 513 Bytes" \ + -s "Maximum outgoing record payload length is 511" \ + -s "768 bytes written in 2 fragments" -# requires_gnutls_tls1_3 -# requires_gnutls_record_size_limit -# requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -# requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE -# run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 3 fragments" \ -# "$P_SRV debug_level=3 force_version=tls13 response_size=1280" \ -# "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 512" \ -# 0 \ -# -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ -# -c "Sending extension Record Size Limit/28 (2 bytes)" \ -# -s "ClientHello: record_size_limit(28) extension received."\ -# -s "found record_size_limit extension" \ -# -s "RecordSizeLimit: 513 Bytes" \ -# -s "ClientHello: record_size_limit(28) extension exists." \ -# -s "Maximum outgoing record payload length is 511" \ -# -s "1280 bytes written in 3 fragments" +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED +run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 3 fragments" \ + "$P_SRV debug_level=3 force_version=tls13 tls13_kex_modes=psk \ + psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70 \ + response_size=1280" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \ + --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \ + 0 \ + -s "RecordSizeLimit: 513 Bytes" \ + -s "Maximum outgoing record payload length is 511" \ + -s "1280 bytes written in 3 fragments" requires_gnutls_tls1_3 requires_gnutls_record_size_limit @@ -4944,10 +4933,6 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=512" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ 0 \ - -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ - -c "Sending extension Record Size Limit/28 (2 bytes)" \ - -s "ClientHello: record_size_limit(28) extension received."\ - -s "found record_size_limit extension" \ -s "RecordSizeLimit: 1024 Bytes" \ -s "ClientHello: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 1023" \ @@ -4961,10 +4946,6 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=1536" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ 0 \ - -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ - -c "Sending extension Record Size Limit/28 (2 bytes)" \ - -s "ClientHello: record_size_limit(28) extension received."\ - -s "found record_size_limit extension" \ -s "RecordSizeLimit: 1024 Bytes" \ -s "ClientHello: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 1023" \ @@ -4978,10 +4959,6 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=2560" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ 0 \ - -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ - -c "Sending extension Record Size Limit/28 (2 bytes)" \ - -s "ClientHello: record_size_limit(28) extension received."\ - -s "found record_size_limit extension" \ -s "RecordSizeLimit: 1024 Bytes" \ -s "ClientHello: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 1023" \ @@ -4995,10 +4972,6 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=2048" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ 0 \ - -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ - -c "Sending extension Record Size Limit/28 (2 bytes)" \ - -s "ClientHello: record_size_limit(28) extension received."\ - -s "found record_size_limit extension" \ -s "RecordSizeLimit: 4096 Bytes" \ -s "ClientHello: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 4095" \ @@ -5012,10 +4985,6 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=6144" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ 0 \ - -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ - -c "Sending extension Record Size Limit/28 (2 bytes)" \ - -s "ClientHello: record_size_limit(28) extension received."\ - -s "found record_size_limit extension" \ -s "RecordSizeLimit: 4096 Bytes" \ -s "ClientHello: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 4095" \ @@ -5029,10 +4998,6 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=10240" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ 0 \ - -c "Preparing extension (Record Size Limit/28) for 'client hello'" \ - -c "Sending extension Record Size Limit/28 (2 bytes)" \ - -s "ClientHello: record_size_limit(28) extension received."\ - -s "found record_size_limit extension" \ -s "RecordSizeLimit: 4096 Bytes" \ -s "ClientHello: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 4095" \ From 160b2bde094148f776ab6bee31c019f9ecd8647f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 29 Dec 2023 14:07:11 +0100 Subject: [PATCH 1191/1674] test_suite_cmac: add used key type to all test cases This is useful for grepping and skipping disparities in analyze_outcomes.py. Signed-off-by: Valerio Setti --- tests/suites/test_suite_cmac.data | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_cmac.data b/tests/suites/test_suite_cmac.data index 03c799f33..14eb7973c 100644 --- a/tests/suites/test_suite_cmac.data +++ b/tests/suites/test_suite_cmac.data @@ -53,43 +53,43 @@ CMAC init #8 ARIA-256: wrong cipher depends_on:MBEDTLS_ARIA_C mbedtls_cmac_setkey:MBEDTLS_CIPHER_ARIA_256_ECB:256:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -CMAC Single Blocks #1 - Empty block, no updates +CMAC Single Blocks #1 AES-128 - Empty block, no updates depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"":-1:"":-1:"":-1:"":-1:"bb1d6929e95937287fa37d129b756746" -CMAC Single Blocks #2 - Single 16 byte block +CMAC Single Blocks #2 AES-128 - Single 16 byte block depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172a":16:"":-1:"":-1:"":-1:"070a16b46b4d4144f79bdd9dd04a287c" -CMAC Single Blocks #3 - Single 64 byte block +CMAC Single Blocks #3 AES-128 - Single 64 byte block depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":64:"":-1:"":-1:"":-1:"51f0bebf7e3b9d92fc49741779363cfe" -CMAC Multiple Blocks #1 - Multiple 8 byte blocks +CMAC Multiple Blocks #1 AES-128 - Multiple 8 byte blocks depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96":8:"e93d7e117393172a":8:"":-1:"":-1:"070a16b46b4d4144f79bdd9dd04a287c" -CMAC Multiple Blocks #2 - Multiple 16 byte blocks +CMAC Multiple Blocks #2 AES-128 - Multiple 16 byte blocks depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96e93d7e117393172a":16:"ae2d8a571e03ac9c9eb76fac45af8e51":16:"30c81c46a35ce411e5fbc1191a0a52ef":16:"f69f2445df4f9b17ad2b417be66c3710":16:"51f0bebf7e3b9d92fc49741779363cfe" -CMAC Multiple Blocks #3 - Multiple variable sized blocks +CMAC Multiple Blocks #3 AES-128 - Multiple variable sized blocks depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"6bc1bee22e409f96":8:"e93d7e117393172aae2d8a571e03ac9c":16:"9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52ef":24:"f69f2445df4f9b17ad2b417be66c3710":16:"51f0bebf7e3b9d92fc49741779363cfe" -CMAC Multiple Blocks #4 - Multiple 8 byte blocks with gaps +CMAC Multiple Blocks #4 AES-128 - Multiple 8 byte blocks with gaps depends_on:MBEDTLS_AES_C mbedtls_cmac_multiple_blocks:MBEDTLS_CIPHER_AES_128_ECB:"2b7e151628aed2a6abf7158809cf4f3c":128:16:"":0:"6bc1bee22e409f96":8:"":0:"e93d7e117393172a":8:"070a16b46b4d4144f79bdd9dd04a287c" -CMAC Multiple Operations, same key #1 - Empty, empty +CMAC Multiple Operations, same key #1 AES-192 - Empty, empty depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367":"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367" -CMAC Multiple Operations, same key #2 - Empty, 64 byte block +CMAC Multiple Operations, same key #2 AES-192 - Empty, 64 byte block depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"":-1:"":-1:"":-1:"d17ddf46adaacde531cac483de7a9367":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":64:"":-1:"":-1:"a1d5df0eed790f794d77589659f39a11" -CMAC Multiple Operations, same key #3 - variable byte blocks +CMAC Multiple Operations, same key #3 AES-192 - variable byte blocks depends_on:MBEDTLS_AES_C:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH mbedtls_cmac_multiple_operations_same_key:MBEDTLS_CIPHER_AES_192_ECB:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":192:16:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51":32:"30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":32:"":-1:"a1d5df0eed790f794d77589659f39a11":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e51":32:"30c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":32:"":-1:"a1d5df0eed790f794d77589659f39a11" From a0c9c6684d949105d9629872ab79d58870fd7d62 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 29 Dec 2023 14:14:11 +0100 Subject: [PATCH 1192/1674] analyze_outcomes: ignore only test concerning AES/ARIA/Camellia in CMAC Signed-off-by: Valerio Setti --- tests/scripts/analyze_outcomes.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index bdbdbddbc..3b11ca24c 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -546,10 +546,16 @@ KNOWN_TASKS = { # order for the cipher module (actually cipher_wrapper) to work # properly. However these symbols are disabled in the accelerated # component so we ignore them. - 'cipher.ccm', 'cipher.gcm', 'cmac', 'cipher.aes', 'cipher.aria', + 'cipher.ccm', 'cipher.gcm', 'cipher.aes', 'cipher.aria', 'cipher.camellia', ], 'ignored_tests': { + 'test_suite_cmac': [ + # Following tests require AES_C/ARIA_C/CAMELLIA_C to be enabled, + # but these are not available in the accelerated component. + 'CMAC null arguments', + re.compile('CMAC.* (AES|ARIA|Camellia).*'), + ], 'test_suite_cipher.padding': [ # Following tests require AES_C/CAMELLIA_C to be enabled, # but these are not available in the accelerated component. From f333b3fbde20ecdc905bb3dfe32cd37b0b46b77a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 29 Dec 2023 14:49:03 +0100 Subject: [PATCH 1193/1674] driver-only-builds: fix typos Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 50 +++++++++++++++++++------------------- 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index c628e9e92..47d123ede 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -270,68 +270,68 @@ algorithm/mode you can: - `PSA_WANT_ALG_GCM`, - `PSA_WANT_ALG_CHACHA20_POLY1305`. - Enable `MBEDTLS_PSA_ACCEL_[KEY_TYPE_xxx|ALG_yyy]` symbol(s) which correspond - to the PSA_WANT_KEY_TYPE_xxx` and `PSA_WANT_ALG_yyy` of the previous steps. + to the `PSA_WANT_KEY_TYPE_xxx` and `PSA_WANT_ALG_yyy` of the previous steps. - Disable builtin support of key types: - `MBEDTLS_AES_C`, - `MBEDTLS_ARIA_C`, - `MBEDTLS_CAMELLIA_C`, - `MBEDTLS_DES_C`, - - `MBEDTLS_CHACHA20_C`; + - `MBEDTLS_CHACHA20_C`. and algorithms/modes: - - `MBEDTLS_CBC_C` - - `MBEDTLS_CFB_C` - - `MBEDTLS_CTR_C` - - `MBEDTLS_OFB_C` - - `MBEDTLS_XTS_C` - - `MBEDTLS_CCM_C` - - `MBEDTLS_GCM_C` - - `MBEDTLS_CHACHAPOLY_C` - - `MBEDTLS_NULL_CIPHER` + - `MBEDTLS_CBC_C`, + - `MBEDTLS_CFB_C`, + - `MBEDTLS_CTR_C`, + - `MBEDTLS_OFB_C`, + - `MBEDTLS_XTS_C`, + - `MBEDTLS_CCM_C`, + - `MBEDTLS_GCM_C`, + - `MBEDTLS_CHACHAPOLY_C`, + - `MBEDTLS_NULL_CIPHER`. Once a key type and related algorithm are accelerated, all the PSA Crypto APIs -will work, as well as X.509 and TLS (with MBEDTLS_USE_PSA_CRYPTO enabled) but +will work, as well as X.509 and TLS (with `MBEDTLS_USE_PSA_CRYPTO` enabled) but some non-PSA APIs will be absent or have reduced functionality, see [Disabling CIPHER_C](#disabling-cipher_c) for details. ### Restrictions -- If an algorithm other than GCM and CCM (see +- If an algorithm other than CCM and GCM (see ["Partial acceleration for CCM/GCM"](#partial-acceleration-for-ccmgcm) below) - is enabled but not accelerated, then all key types than can be used with it + is enabled but not accelerated, then all key types that can be used with it will need to be built-in. - If a key type is enabled but not accelerated, then all algorithms than can be used with it will need to be built-in. ### Legacy <-> PSA matching -Note that the matching between legacy (i.e. `MBEDTLS_xxx_C`) and PSA +Note that the relationship between legacy (i.e. `MBEDTLS_xxx_C`) and PSA (i.e. `PSA_WANT_xxx`) symbols is not always 1:1. For example: -- ECB mode is always enabled in legacy configuration for each key type that +- ECB mode is always enabled in the legacy configuration for each key type that allows it (AES, ARIA, Camellia, DES), whereas it must be explicitly enabled in PSA with `PSA_WANT_ALG_ECB_NO_PADDING`. -- In the legacy API, MBEDTLS_CHACHA20_C enables the ChaCha20 stream cipher, and - enabling MBEDTLS_CHACHAPOLY_C also enables the ChaCha20-Poly1305 AEAD. In the - PSA API, you need to enable PSA_KEY_TYPE_CHACHA20 for both, plus - PSA_ALG_STREAM_CIPHER or PSA_ALG_CHACHA20_POLY1305 as desired. +- In the legacy API, `MBEDTLS_CHACHA20_C` enables the ChaCha20 stream cipher, and + enabling `MBEDTLS_CHACHAPOLY_C` also enables the ChaCha20-Poly1305 AEAD. In the + PSA API, you need to enable `PSA_KEY_TYPE_CHACHA20` for both, plus + `PSA_ALG_STREAM_CIPHER` or `PSA_ALG_CHACHA20_POLY1305` as desired. - The legacy symbol `MBEDTLS_CCM_C` adds support for both cipher and AEAD, whereas in PSA there are 2 different symbols: `PSA_WANT_ALG_CCM_STAR_NO_TAG` and `PSA_WANT_ALG_CCM`, respectively. ### Partial acceleration for CCM/GCM -[This section depends on #8598 so it might updated while that PR progresses.] +[This section depends on #8598 so it might be updated while that PR progresses.] -In case legacy CCM/GCM algorithms are enabled it is still possible to benefit +In case legacy CCM/GCM algorithms are enabled, it is still possible to benefit from PSA acceleration of the underlying block cipher by enabling support for ECB mode (`PSA_WANT_ALG_ECB_NO_PADDING`) together with desired key type(s) -(`PSA_WANT_KEY_TYPE_[AES|ARIA|CAMELLIA]`). In such configuration it is possible +(`PSA_WANT_KEY_TYPE_[AES|ARIA|CAMELLIA]`). In such configurations it is possible to: - Still benefit from legacy functions belonging to CCM/GCM modules (`mbedtls_[ccm|gcm]_xxx()`). - Disable legacy key types (`MBEDTLS_[AES|ARIA|CAMELLIA]_C`) if there is no - other dependency requiring them, of course. + other dependency requiring them. -ChaChaPoly has not such feature, so it requires full acceleration (key type + +ChaChaPoly has no such feature, so it requires full acceleration (key type + algorithm) in order to work with a driver. ### CTR-DRBG From 045d680054841eb1965bf9e9ea869b04fb25912d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 29 Dec 2023 15:42:22 +0100 Subject: [PATCH 1194/1674] driver-only-builds: enhancing cipher related sections Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 47 ++++++++++++++++++++++++++++++-------- 1 file changed, 38 insertions(+), 9 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 47d123ede..287be1df9 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -243,8 +243,8 @@ The same holds for the associated algorithm: `[PSA_WANT|MBEDTLS_PSA_ACCEL]_ALG_FFDH` allow builds accelerating FFDH and removing builtin support (i.e. `MBEDTLS_DHM_C`). -Ciphers and AEADs ------------------ +Ciphers (unauthenticated and AEAD) +---------------------------------- It is possible to have all ciphers and AEAD operations provided only by a driver. More precisely, for each desired combination of key type and @@ -291,7 +291,7 @@ algorithm/mode you can: Once a key type and related algorithm are accelerated, all the PSA Crypto APIs will work, as well as X.509 and TLS (with `MBEDTLS_USE_PSA_CRYPTO` enabled) but some non-PSA APIs will be absent or have reduced functionality, see -[Disabling CIPHER_C](#disabling-cipher_c) for details. +[Restrictions](#restrictions) for details. ### Restrictions @@ -302,6 +302,29 @@ some non-PSA APIs will be absent or have reduced functionality, see - If a key type is enabled but not accelerated, then all algorithms than can be used with it will need to be built-in. +Some legacy modules can't take advantage of PSA drivers yet, and will either +need to be disabled, or have reduced features when the built-in implementations +of some ciphers are removed: +- `MBEDTLS_NIST_KW_C` needs built-in AES: it must be disabled when + `MBEDTLS_AES_C` is disabled. +- `MBEDTLS_CMAC_C` needs built-in AES/DES: it must be disabled when + `MBEDTLS_AES_C` and `MBEDTLS_DES_C` are both disabled. When only one of them + is enabled, then only the corresponding cipher will be available at runtime + for use with `mbedtls_cipher_cmac_xxx`. (Note: if there is driver support for + CMAC and all compatible key types, then `PSA_WANT_ALG_CMAC` can be enabled + without `MBEDTLS_CMAC_C` and CMAC will be usable with `psa_max_xxx` APIs.) +- `MBEDTLS_CIPHER_C`: the `mbedtls_cipher_xxx()` APIs will only work with + ciphers that are built-in - that is, both the underlying cipher + (eg `MBEDTLS_AES_C`) and the mode (eg `MBEDTLS_CIPHER_MODE_CBC` or + `MBEDTLS_GCM_C`). +- `MBEDTLS_PKCS5_C`: encryption/decryption (PBES2, PBE) will only work with + ciphers that are built-in. +- PEM decryption will only work with ciphers that are built-in. +- PK parse will only be able to parse encrypted keys using built-in ciphers. + +Note that if you also disable `MBEDTLS_CIPHER_C`, there will be additional +restrictions, see [Disabling `MBEDTLS_CIPHER_C`](#disabling-mbedtls_cipher_c). + ### Legacy <-> PSA matching Note that the relationship between legacy (i.e. `MBEDTLS_xxx_C`) and PSA @@ -323,11 +346,12 @@ Note that the relationship between legacy (i.e. `MBEDTLS_xxx_C`) and PSA In case legacy CCM/GCM algorithms are enabled, it is still possible to benefit from PSA acceleration of the underlying block cipher by enabling support for -ECB mode (`PSA_WANT_ALG_ECB_NO_PADDING`) together with desired key type(s) -(`PSA_WANT_KEY_TYPE_[AES|ARIA|CAMELLIA]`). In such configurations it is possible -to: -- Still benefit from legacy functions belonging to CCM/GCM modules - (`mbedtls_[ccm|gcm]_xxx()`). +ECB mode (`PSA_WANT_ALG_ECB_NO_PADDING` + `MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING`) +together with desired key type(s) (`PSA_WANT_KEY_TYPE_[AES|ARIA|CAMELLIA]` + +`MBEDTLS_PSA_ACCEL_KEY_TYPE_[AES|ARIA|CAMELLIA]`). +In such configurations it is possible to: +- Use CCM and GCM via the PSA Crypto APIs. +- Use CCM and GCM via legacy functions (`mbedtls_[ccm|gcm]_xxx()`). - Disable legacy key types (`MBEDTLS_[AES|ARIA|CAMELLIA]_C`) if there is no other dependency requiring them. @@ -342,7 +366,7 @@ from PSA acceleration if both of the following conditions are met: - AES is supported on the PSA side together with ECB mode, i.e. `PSA_WANT_KEY_TYPE_AES` + `PSA_WANT_ALG_ECB_NO_PADDING`. -### Disabling CIPHER_C +### Disabling `MBEDTLS_CIPHER_C` It is possible to save code size by disabling MBEDTLS_CIPHER_C when all of the following conditions are met: @@ -351,6 +375,8 @@ following conditions are met: fully accelerated (that is, all compatible key types are accelerated too). - Either TLS is disabled, or `MBEDTLS_USE_PSA_CRYPTO` is enabled. - `MBEDTLS_NIST_KW` is disabled. +- `MBEDTLS_CMAC_C` is disabled. (Note: support for CMAC in PSA can be provided by + a driver.) In such a build, everything will work as usual except for the following: - Encryption/decryption functions from the PKCS5 and PKCS12 module will not be @@ -360,5 +386,8 @@ In such a build, everything will work as usual except for the following: Note: AEAD ciphers (CCM, GCM, ChachaPoly) do not have a dependency on MBEDTLS_CIPHER_C even when using the built-in implementations. +If you also have some ciphers fully accelerated and the built-ins removed, see +[Restrictions](#restrictions) for restrictions related to removing the built-ins. + From 81338483e6e610f2df1d6ebdd46e71779f9a4499 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 29 Dec 2023 15:46:17 +0100 Subject: [PATCH 1195/1674] changelog: enhance description Signed-off-by: Valerio Setti --- ChangeLog.d/8358.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog.d/8358.txt b/ChangeLog.d/8358.txt index 123bdbd80..70b795a4b 100644 --- a/ChangeLog.d/8358.txt +++ b/ChangeLog.d/8358.txt @@ -1,7 +1,7 @@ Features * If a cipher or AEAD mechanism has a PSA driver, you can now build the - library without the corresponding built-in implementation and without - enabling MBEDTLS_CIPHER_C. + library without the corresponding built-in implementation. See + docs/driver-only-builds.md for full details and current limitations. * It is possible to disable MBEDTLS_CIPHER_C in some circumstances, please see docs/driver-only-builds.md for full details and current limitations. * The CTR_DRBG module will now use AES from a PSA driver if MBEDTLS_AES_C is From 562dfe10674319a26c51c0b93c012f3e671e5ff2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 29 Dec 2023 16:34:19 +0100 Subject: [PATCH 1196/1674] all.sh: keep PKCS[5/12] enabled in full_no_cipher test components Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index b2857e05d..aa7626a51 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1547,8 +1547,6 @@ component_test_full_no_cipher () { # Disable features that depend on CIPHER_C scripts/config.py unset MBEDTLS_CMAC_C scripts/config.py unset MBEDTLS_NIST_KW_C - scripts/config.py unset MBEDTLS_PKCS12_C - scripts/config.py unset MBEDTLS_PKCS5_C scripts/config.py unset MBEDTLS_PSA_CRYPTO_C scripts/config.py unset MBEDTLS_SSL_TLS_C scripts/config.py unset MBEDTLS_SSL_TICKET_C @@ -1606,8 +1604,6 @@ common_test_full_no_cipher_with_psa_crypto () { # The following modules directly depends on CIPHER_C scripts/config.py unset MBEDTLS_CMAC_C scripts/config.py unset MBEDTLS_NIST_KW_C - scripts/config.py unset MBEDTLS_PKCS12_C - scripts/config.py unset MBEDTLS_PKCS5_C make From e581e140cc8b8394829b409c0e51286c69726182 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 29 Dec 2023 16:35:07 +0100 Subject: [PATCH 1197/1674] oid/pkparse: add missing guards for PKCS[5/12] functions when !CIPHER_C This commit also updates test_suite_pkparse.data file adding MBEDTLS_CIPHER_C dependencies whenever PKCS[5/12] is used. Signed-off-by: Valerio Setti --- include/mbedtls/oid.h | 2 +- library/oid.c | 4 +- library/pkparse.c | 10 +- tests/suites/test_suite_pkparse.data | 412 +++++++++++++-------------- 4 files changed, 214 insertions(+), 214 deletions(-) diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index e48817d68..8a67486bb 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -698,7 +698,6 @@ int mbedtls_oid_get_oid_by_md(mbedtls_md_type_t md_alg, const char **oid, size_t * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND */ int mbedtls_oid_get_cipher_alg(const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg); -#endif /* MBEDTLS_CIPHER_C */ #if defined(MBEDTLS_PKCS12_C) /** @@ -714,6 +713,7 @@ int mbedtls_oid_get_cipher_alg(const mbedtls_asn1_buf *oid, mbedtls_cipher_type_ int mbedtls_oid_get_pkcs12_pbe_alg(const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg, mbedtls_cipher_type_t *cipher_alg); #endif /* MBEDTLS_PKCS12_C */ +#endif /* MBEDTLS_CIPHER_C */ #ifdef __cplusplus } diff --git a/library/oid.c b/library/oid.c index d8339c138..d30a46405 100644 --- a/library/oid.c +++ b/library/oid.c @@ -866,7 +866,7 @@ static const oid_md_hmac_t oid_md_hmac[] = FN_OID_TYPED_FROM_ASN1(oid_md_hmac_t, md_hmac, oid_md_hmac) FN_OID_GET_ATTR1(mbedtls_oid_get_md_hmac, oid_md_hmac_t, md_hmac, mbedtls_md_type_t, md_hmac) -#if defined(MBEDTLS_PKCS12_C) +#if defined(MBEDTLS_PKCS12_C) && defined(MBEDTLS_CIPHER_C) /* * For PKCS#12 PBEs */ @@ -904,7 +904,7 @@ FN_OID_GET_ATTR2(mbedtls_oid_get_pkcs12_pbe_alg, md_alg, mbedtls_cipher_type_t, cipher_alg) -#endif /* MBEDTLS_PKCS12_C */ +#endif /* MBEDTLS_PKCS12_C && MBEDTLS_CIPHER_C */ /* Return the x.y.z.... style numeric string for the given OID */ int mbedtls_oid_get_numeric_string(char *buf, size_t size, diff --git a/library/pkparse.c b/library/pkparse.c index 18498e5f0..5ba9645da 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1417,7 +1417,7 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der( unsigned char *buf; unsigned char *p, *end; mbedtls_asn1_buf pbe_alg_oid, pbe_params; -#if defined(MBEDTLS_PKCS12_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7) +#if defined(MBEDTLS_PKCS12_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7) && defined(MBEDTLS_CIPHER_C) mbedtls_cipher_type_t cipher_alg; mbedtls_md_type_t md_alg; #endif @@ -1465,7 +1465,7 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der( /* * Decrypt EncryptedData with appropriate PBE */ -#if defined(MBEDTLS_PKCS12_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7) +#if defined(MBEDTLS_PKCS12_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7) && defined(MBEDTLS_CIPHER_C) if (mbedtls_oid_get_pkcs12_pbe_alg(&pbe_alg_oid, &md_alg, &cipher_alg) == 0) { if ((ret = mbedtls_pkcs12_pbe_ext(&pbe_params, MBEDTLS_PKCS12_PBE_DECRYPT, cipher_alg, md_alg, @@ -1479,8 +1479,8 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der( decrypted = 1; } else -#endif /* MBEDTLS_PKCS12_C */ -#if defined(MBEDTLS_PKCS5_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7) +#endif /* MBEDTLS_PKCS12_C && MBEDTLS_CIPHER_PADDING_PKCS7 && MBEDTLS_CIPHER_C */ +#if defined(MBEDTLS_PKCS5_C) && defined(MBEDTLS_CIPHER_PADDING_PKCS7) && defined(MBEDTLS_CIPHER_C) if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS5_PBES2, &pbe_alg_oid) == 0) { if ((ret = mbedtls_pkcs5_pbes2_ext(&pbe_params, MBEDTLS_PKCS5_DECRYPT, pwd, pwdlen, p, len, buf, len, &outlen)) != 0) { @@ -1493,7 +1493,7 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der( decrypted = 1; } else -#endif /* MBEDTLS_PKCS5_C */ +#endif /* MBEDTLS_PKCS5_C && MBEDTLS_CIPHER_PADDING_PKCS7 && MBEDTLS_CIPHER_C */ { ((void) pwd); } diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index 71735114c..638773587 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -75,819 +75,819 @@ depends_on:MBEDTLS_MD_CAN_MD5:MBEDTLS_PEM_PARSE_C pk_parse_keyfile_rsa:"data_files/format_gen.key":"":0 Parse RSA Key #20 (PKCS#8 encrypted SHA1-3DES) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem":"PolarSSLTest":0 Parse RSA Key #20.1 (PKCS#8 encrypted SHA1-3DES, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #20.2 (PKCS#8 encrypted SHA1-3DES, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #21 (PKCS#8 encrypted SHA1-3DES, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem":"PolarSSLTest":0 Parse RSA Key #21.1 (PKCS#8 encrypted SHA1-3DES, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #21.2 (PKCS#8 encrypted SHA1-3DES, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #22 (PKCS#8 encrypted SHA1-3DES, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem":"PolarSSLTest":0 Parse RSA Key #22.1 (PKCS#8 encrypted SHA1-3DES, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #22.2 (PKCS#8 encrypted SHA1-3DES, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #23 (PKCS#8 encrypted SHA1-3DES DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_3des.der":"PolarSSLTest":0 Parse RSA Key #24 (PKCS#8 encrypted SHA1-3DES DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_3des.der":"PolarSSLTest":0 Parse RSA Key #25 (PKCS#8 encrypted SHA1-3DES DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_3des.der":"PolarSSLTest":0 Parse RSA Key #26 (PKCS#8 encrypted SHA1-2DES) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem":"PolarSSLTest":0 Parse RSA Key #26.1 (PKCS#8 encrypted SHA1-2DES, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem":"PolarSLTest":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #26.2 (PKCS#8 encrypted SHA1-2DES, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #27 (PKCS#8 encrypted SHA1-2DES, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem":"PolarSSLTest":0 Parse RSA Key #27.1 (PKCS#8 encrypted SHA1-2DES, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem":"PolarSLTest":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #27.2 (PKCS#8 encrypted SHA1-2DES, 2048-bit no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #28 (PKCS#8 encrypted SHA1-2DES, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem":"PolarSSLTest":0 Parse RSA Key #28.1 (PKCS#8 encrypted SHA1-2DES, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem":"PolarSLTest":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #28.2 (PKCS#8 encrypted SHA1-2DES, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #29 (PKCS#8 encrypted SHA1-2DES DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_2des.der":"PolarSSLTest":0 Parse RSA Key #30 (PKCS#8 encrypted SHA1-2DES DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_2des.der":"PolarSSLTest":0 Parse RSA Key #31 (PKCS#8 encrypted SHA1-2DES DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.der":"PolarSSLTest":0 Parse RSA Key #38 (PKCS#8 encrypted v2 PBKDF2 3DES) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem":"PolarSSLTest":0 Parse RSA Key #38.1 (PKCS#8 encrypted v2 PBKDF2 3DES, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #38.2 (PKCS#8 encrypted v2 PBKDF2 3DES, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #39 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem":"PolarSSLTest":0 Parse RSA Key #39.1 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #39.2 (PKCS#8 encrypted v2 PBKDF2 3DES, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #40 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem":"PolarSSLTest":0 Parse RSA Key #40.1 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #40.2 (PKCS#8 encrypted v2 PBKDF2 3DES, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #41 (PKCS#8 encrypted v2 PBKDF2 3DES DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.der":"PolarSSLTest":0 Parse RSA Key #41.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #41.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #42 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.der":"PolarSSLTest":0 Parse RSA Key #42.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #42.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #43 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.der":"PolarSSLTest":0 Parse RSA Key #43.1 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #43.2 (PKCS#8 encrypted v2 PBKDF2 3DES DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #44 (PKCS#8 encrypted v2 PBKDF2 DES) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.pem":"PolarSSLTest":0 Parse RSA Key #44.1 (PKCS#8 encrypted v2 PBKDF2 DES, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #44.2 (PKCS#8 encrypted v2 PBKDF2 DES, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #45 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.pem":"PolarSSLTest":0 Parse RSA Key #45.1 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #45.2 (PKCS#8 encrypted v2 PBKDF2 DES, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #46 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.pem":"PolarSSLTest":0 Parse RSA Key #46.1 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #46.2 (PKCS#8 encrypted v2 PBKDF2 DES, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #47 (PKCS#8 encrypted v2 PBKDF2 DES DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.der":"PolarSSLTest":0 Parse RSA Key #47.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #47.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #48 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.der":"PolarSSLTest":0 Parse RSA Key #48.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #48.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #49 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der":"PolarSSLTest":0 Parse RSA Key #49.1 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #49.2 (PKCS#8 encrypted v2 PBKDF2 DES DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #50 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #50.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #50.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #51 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #51.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #51.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #52 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #52.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #52.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #53 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"PolarSSLTest":0 Parse RSA Key #53.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #53.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #54 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"PolarSSLTest":0 Parse RSA Key #54.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #54.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #55 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"PolarSSLTest":0 Parse RSA Key #55.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #55.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #56 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #56.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #56.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #57 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #57.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #57.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #58 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #58.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #58.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #59 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"PolarSSLTest":0 Parse RSA Key #59.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #59.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #60 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"PolarSSLTest":0 Parse RSA Key #60.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #60.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #61 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"PolarSSLTest":0 Parse RSA Key #61.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #61.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA224:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #62 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem":"PolarSSLTest":0 Parse RSA Key #62.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #62.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #63 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem":"PolarSSLTest":0 Parse RSA Key #63.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #63.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #64 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem":"PolarSSLTest":0 Parse RSA Key #64.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #64.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #65 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der":"PolarSSLTest":0 Parse RSA Key #65.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #65.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #66 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der":"PolarSSLTest":0 Parse RSA Key #66.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #66.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #67 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der":"PolarSSLTest":0 Parse RSA Key #68.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #68.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #69 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem":"PolarSSLTest":0 Parse RSA Key #69.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #69.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #70 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem":"PolarSSLTest":0 Parse RSA Key #70.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #70.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #71 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem":"PolarSSLTest":0 Parse RSA Key #71.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #71.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #72 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der":"PolarSSLTest":0 Parse RSA Key #72.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #72.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #73 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der":"PolarSSLTest":0 Parse RSA Key #73.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #73.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #74 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"PolarSSLTest":0 Parse RSA Key #74.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #74.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA256 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #75 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #75.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #75.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #76 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #76.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #76.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #77 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #77.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #77.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #78 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #78.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #78.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #79 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #79.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #79.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #80 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #80.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #80.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #81 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #81.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #81.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #82 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #82.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #82.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #83 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #83.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #83.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #84 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #84.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #85.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #86 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #86.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #86.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #87 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #87.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #87.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #88 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem":"PolarSSLTest":0 Parse RSA Key #88.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #88.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #89 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem":"PolarSSLTest":0 Parse RSA Key #89.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #89.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #90 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem":"PolarSSLTest":0 Parse RSA Key #90.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #90.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #91 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der":"PolarSSLTest":0 Parse RSA Key #91.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #91.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #92 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der":"PolarSSLTest":0 Parse RSA Key #92.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #92.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #93 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der":"PolarSSLTest":0 Parse RSA Key #93.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #93.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #94 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem":"PolarSSLTest":0 Parse RSA Key #94.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #94.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #95 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem":"PolarSSLTest":0 Parse RSA Key #95.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #95.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #96 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem":"PolarSSLTest":0 Parse RSA Key #96.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #96.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #97 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der":"PolarSSLTest":0 Parse RSA Key #97.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #97.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #98 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der":"PolarSSLTest":0 Parse RSA Key #98.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #98.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #99 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"PolarSSLTest":0 Parse RSA Key #99.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #99.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA512 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_MD_CAN_SHA512:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse Public RSA Key #1 (PKCS#8 wrapped) @@ -1220,11 +1220,11 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519 pk_parse_key:"3072020101300506032b656e04220420b06d829655543a51cba36e53522bc0acfd60af59466555fb3e1e796872ab1a59a01f301d060a2a864886f70d01090914310f0c0d437572646c65204368616972738121009bc3b0e93d8233fe6a8ba6138948cc12a91362d5c2ed81584db05ab5419c9d11":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Key ASN1 (Encrypted key PKCS5, trailing garbage data) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519:MBEDTLS_MD_CAN_SHA1:MBEDTLS_CIPHER_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C pk_parse_key_encrypted:"307C304006092A864886F70D01050D3033301B06092A864886F70D01050C300E04082ED7F24A1D516DD702020800301406082A864886F70D030704088A4FCC9DCC3949100438AD100BAC552FD0AE70BECAFA60F5E519B6180C77E8DB0B9ECC6F23FEDD30AB9BDCA2AF9F97BC470FC3A82DCA2364E22642DE0AF9275A82CB":"AAAAAAAAAAAAAAAAAA":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH Key ASN1 (Encrypted key PKCS12, trailing garbage data) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519:MBEDTLS_MD_CAN_SHA1:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:MBEDTLS_PKCS12_C +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_ECP_HAVE_CURVE25519:MBEDTLS_MD_CAN_SHA1:MBEDTLS_CIPHER_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_C pk_parse_key_encrypted:"3058301C060A2A864886F70D010C0103300E0409CCCCCCCCCCCCCCCCCC02010A04380A8CAF39C4FA001884D0583B323C5E70942444FBE1F650B92F8ADF4AD7BD5049B4748F53A2531139EBF253FE01E8FC925C82C759C944B4D0":"AAAAAAAAAAAAAAAAAA":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH # From RFC8410 Appendix A but made into version 0 From ea03183bd7ddcae35349af9c79c8bdce780c2959 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 29 Dec 2023 15:36:51 +0000 Subject: [PATCH 1198/1674] Adjust TLS 1.3 tests to new maximum output changes Signed-off-by: Waleed Elmelegy --- tests/ssl-opt.sh | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index de89add8c..197ca9f68 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -8589,20 +8589,20 @@ run_test "Large client packet TLS 1.2 AEAD shorter tag" \ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Large client packet TLS 1.3 AEAD" \ "$P_SRV" \ - "$P_CLI request_size=16384 \ + "$P_CLI request_size=16383 \ force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \ 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" + -c "16383 bytes written in $(fragments_for_write 16383) fragments" \ + -s "Read from client: 16383 bytes read" requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Large client packet TLS 1.3 AEAD shorter tag" \ "$P_SRV" \ - "$P_CLI request_size=16384 \ + "$P_CLI request_size=16383 \ force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \ 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" + -c "16383 bytes written in $(fragments_for_write 16383) fragments" \ + -s "Read from client: 16383 bytes read" # The tests below fail when the server's OUT_CONTENT_LEN is less than 16384. run_test "Large server packet TLS 1.2 BlockCipher" \ @@ -8645,17 +8645,17 @@ run_test "Large server packet TLS 1.2 AEAD shorter tag" \ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Large server packet TLS 1.3 AEAD" \ - "$P_SRV response_size=16384" \ + "$P_SRV response_size=16383" \ "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \ 0 \ - -c "Read from server: 16384 bytes read" + -c "Read from server: 16383 bytes read" requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Large server packet TLS 1.3 AEAD shorter tag" \ - "$P_SRV response_size=16384" \ + "$P_SRV response_size=16383" \ "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \ 0 \ - -c "Read from server: 16384 bytes read" + -c "Read from server: 16383 bytes read" # Tests for restartable ECC From 84d19e08364002555df292c6207d46a52024adae Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 29 Dec 2023 16:41:54 +0100 Subject: [PATCH 1199/1674] all.sh: keep DES_C and CTR_DRBG_C enabled in test_full_no_cipher_with_crypto() These were probably leftovers from the development phase of the associated PR that were not removed in the end. Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index aa7626a51..206fdc596 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1597,9 +1597,6 @@ common_test_full_no_cipher_with_psa_crypto () { # Disable cipher modes/keys that make PSA depend on CIPHER_C. # Keep CHACHA20 and CHACHAPOLY enabled since they do not depend on CIPHER_C. scripts/config.py unset-all MBEDTLS_CIPHER_MODE - scripts/config.py unset MBEDTLS_DES_C - # Dependencies on AES_C - scripts/config.py unset MBEDTLS_CTR_DRBG_C fi # The following modules directly depends on CIPHER_C scripts/config.py unset MBEDTLS_CMAC_C From bae705c12b4c8a17b8a20b6a0121beac183f2517 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Mon, 1 Jan 2024 14:21:21 +0000 Subject: [PATCH 1200/1674] Fix TLS 1.2 test to use TLS 1.2 maximum output size Signed-off-by: Waleed Elmelegy --- tests/ssl-opt.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 197ca9f68..be736169a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -8400,7 +8400,7 @@ run_test "mbedtls_ssl_get_bytes_avail: extra data (*2)" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "mbedtls_ssl_get_bytes_avail: extra data (max)" \ - "$P_SRV buffer_size=100" \ + "$P_SRV buffer_size=100 force_version=tls12" \ "$P_CLI request_size=$MAX_CONTENT_LEN" \ 0 \ -s "Read from client: $MAX_CONTENT_LEN bytes read (100 + $((MAX_CONTENT_LEN - 100)))" From 3d46b7f81a8ca9b0c128c8af26c5a7396b72a435 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Mon, 1 Jan 2024 20:50:53 +0000 Subject: [PATCH 1201/1674] Fix Max fragmen length test to use TLS 1.2 maximum output size Signed-off-by: Waleed Elmelegy --- tests/ssl-opt.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index be736169a..0c9a5c5ca 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4481,7 +4481,7 @@ run_test "Session resume using cache, DTLS: openssl server" \ requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: enabled, default" \ - "$P_SRV debug_level=3" \ + "$P_SRV debug_level=3 force_version=tls12" \ "$P_CLI debug_level=3" \ 0 \ -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ @@ -4496,7 +4496,7 @@ run_test "Max fragment length: enabled, default" \ requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: enabled, default, larger message" \ - "$P_SRV debug_level=3" \ + "$P_SRV debug_level=3 force_version=tls12" \ "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \ 0 \ -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ @@ -4534,7 +4534,7 @@ run_test "Max fragment length, DTLS: enabled, default, larger message" \ requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length: disabled, larger message" \ - "$P_SRV debug_level=3" \ + "$P_SRV debug_level=3 force_version=tls12" \ "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \ 0 \ -C "Maximum incoming record payload length is 16384" \ @@ -4548,7 +4548,7 @@ run_test "Max fragment length: disabled, larger message" \ requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Max fragment length, DTLS: disabled, larger message" \ - "$P_SRV debug_level=3 dtls=1" \ + "$P_SRV debug_level=3 dtls=1 force_version=tls12" \ "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \ 1 \ -C "Maximum incoming record payload length is 16384" \ From 8c8b4da3a39cac5943c7c1d800ddb5dd39f3642f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 2 Jan 2024 11:44:30 +0100 Subject: [PATCH 1202/1674] all.sh: keep PSA_WANT_ALG_[CCM/GCM] enabled in common_block_cipher_dispatch() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 437709537..ec4ac6bdd 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3838,7 +3838,7 @@ common_block_cipher_dispatch() { scripts/config.py unset MBEDTLS_CAMELLIA_C fi - # Disable cipher's modes and AEADs that, when not accelerated, cause + # Disable cipher's modes that, when not accelerated, cause # legacy key types to be re-enabled in "config_adjust_legacy_from_psa.h". # Keep this also in the reference component in order to skip the same tests # that were skipped in the accelerated one. @@ -3849,8 +3849,6 @@ common_block_cipher_dispatch() { scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CBC_PKCS7 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CMAC scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CCM_STAR_NO_TAG - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_CCM - scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_GCM # Disable direct dependency on AES_C scripts/config.py unset MBEDTLS_NIST_KW_C From 93cdb778352ca5a59d9074aecc9f3359abaabe06 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 2 Jan 2024 13:15:04 +0100 Subject: [PATCH 1203/1674] Minor clarifications Signed-off-by: Gilles Peskine --- .../psa-migration/psa-legacy-bridges.md | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index 75a05fc24..5798728c2 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -111,12 +111,12 @@ Gap: functions to convert between `psa_algorithm_t` hash algorithms and `mbedtls #### Asymmetric cryptography metadata -The legacy API only has generic support for two key types: RSA and ECC, via the pk module. The type of ECC keys is divided in subtypes: one for each curve. The legacy API also supports DHM (Diffie-Hellman-Merkle = FFDH: finite-field Diffie-Hellman) keys, but those are not integrated in the pk module. +The legacy API only has generic support for two key types: RSA and ECC, via the pk module. ECC keys can also be further classified according to their curve. The legacy API also supports DHM (Diffie-Hellman-Merkle = FFDH: finite-field Diffie-Hellman) keys, but those are not integrated in the pk module. An RSA or ECC key can potentially be used for different algorithms in the scope of the pk module: * RSA: PKCS#1v1.5 signature, PSS signature, PKCS#1v1.5 encryption, OAEP encryption. -* ECC: ECDSA signature (randomized or deterministic), ECDH key agreement. +* ECC: ECDSA signature (randomized or deterministic), ECDH key agreement (via `mbedtls_pk_ec`). ECC keys are also involved in EC-JPAKE, but this happens internally: the EC-JPAKE interface only needs one piece of metadata, namely, to identify a curve. @@ -142,7 +142,7 @@ Since there is no algorithm that can be used with multiple types, and PSA keys h There are several scenarios where an application has a legacy key pair or public key (`mbedtls_pk_context`) and needs to create a PSA key object (`psa_key_id_t`). -Reasons for creating a legacy key object, where it's impossible or impractical to directly create a PSA key: +Reasons for first creating a legacy key object, where it's impossible or impractical to directly create a PSA key: * A very common case where the input is a legacy key object is parsing. PSA does not (yet) have an equivalent of the `mbedtls_pk_parse_xxx` functions. * The PSA key creation interface is less flexible in some cases. In particular, PSA RSA key generation does not (yet) allow choosing the public exponent. @@ -157,7 +157,7 @@ Gap: a way to create a PSA key object from an `mbedtls_pk_context`. This partial #### Using a PSA key as a PK context -There are several scenarios where an application has a PSA key and needs to use it through an interface that wants an `mbedtls_pk_context` object. Typically, there is an existing key in the PSA key store (possibly in a secure element and non-exportable), and the key needs to be used in an interface that requires a `mbedtls_pk_context *` input, such as Mbed TLS's X.509 API or a similar third-party interface, or the `mbedtls_pk_write_xxx` interfaces which do not (yet) have PSA equivalents. +There are several scenarios where an application has a PSA key and needs to use it through an interface that wants an `mbedtls_pk_context` object. Typically, there is an existing key in the PSA key store (possibly in a secure element and non-exportable), and the key needs to be used in an interface that requires a `mbedtls_pk_context *` input, such as Mbed TLS's X.509 and TLS APIs or a similar third-party interface, or the `mbedtls_pk_write_xxx` interfaces which do not (yet) have PSA equivalents. There is a function `mbedtls_pk_setup_opaque` that mostly does this. However, it has several limitations: @@ -165,6 +165,11 @@ There is a function `mbedtls_pk_setup_opaque` that mostly does this. However, it * It ties the lifetime of the PK object to the PSA key, which is error-prone: if the PSA key is destroyed but the PK object isn't, there is no way to reliably detect any subsequent misuse of the PK object. * It is only available under `MBEDTLS_USE_PSA_CRYPTO`. (Not a priority concern: we generally expect people to activate `MBEDTLS_USE_PSA_CRYPTO` at an early stage of their migration to PSA.) +It therefore appears that we need two ways to “convert” a PSA key to PK: + +* Wrapping, which is what `mbedtls_pk_setup_opaque` does. This works for any PSA key but is limited by the key's lifetime and creates a PK object with limited functionality. +* Copying, which requires a new function. This requires an exportable key but creates a fully independent, fully functional PK object. + Gap: a way to copy a PSA key into a PK context. This can only be expected to work if the PSA key is exportable. [OPEN] Is `mbedtls_pk_setup_opaque` ok or do we want to tweak it? @@ -180,7 +185,7 @@ Gap: We need APIs to convert between these two formats. The conversion code alre There is a design choice here: do we provide conversions functions for ECDSA specifically, or do we provide conversion functions that take an algorithm as argument and just happen to be a no-op with RSA? One factor is plausible extensions. These conversions functions will remain useful in Mbed TLS 4.x and perhaps beyond. We will at least add EdDSA support, and its signature encoding is the fixed-size concatenation (r,s) even in X.509. We may well also add support for some post-quantum signatures, and their concrete format is still uncertain. -Given the uncertainty, it would be nice to provide a sufficiently generic interface to convert between the PSA and the pk signature format, parametrized by the algorithm. However, it is difficult to predict exactly what parameters are needed. For example, converting from an ASN.1 ECDSA signature to (r,s) requires the knowledge of the curve, or at least the curve's size. +Given the uncertainty, it would be nice to provide a sufficiently generic interface to convert between the PSA and the pk signature format, parametrized by the algorithm. However, it is difficult to predict exactly what parameters are needed. For example, converting from an ASN.1 ECDSA signature to (r,s) requires the knowledge of the curve, or at least the curve's size. Therefore we are not going to add a generic function at this stage. #### Asymmetric cryptography TODO @@ -263,7 +268,7 @@ int mbedtls_pk_import_into_psa(const mbedtls_pk_context *pk, * The key type is a key pair if the context contains a private key, and a public key if the context only contains a public key. * `mbedtls_pk_get_psa_attributes` sets all the potentially applicable usage flags: `EXPORT`, `COPY`; `VERIFY_HASH | VERIFY_MESSAGE` or `ENCRYPT` as applicable for both public keys and key pairs; `SIGN` or `DECRYPT` as applicable for a key pair. * [OPEN] What is the default algorithm for `mbedtls_pk_get_psa_attributes`? Suggestion: assume signature by default. For RSA, either `PSA_RSA_PKCS1_V15_SIGN(PSA_ALG_ANY_HASH)` or `PSA_ALG_RSA_PSS(hash_alg)` depending on the RSA context's padding mode. For ECC, `PSA_ALG_DETERMINISTIC_ECDSA` if `MBEDTLS_ECDSA_DETERMINISTIC` is enabled and `PSA_ALG_ECDSA` otherwise. -* [OPEN] Or does `mbedtls_pk_get_psa_attributes` need an extra argument indicating how to treat RSA and ECC keys? +* [OPEN] Or does `mbedtls_pk_get_psa_attributes` need an extra argument that conveys some kind of policy for RSA keys and, independently, some kind of policy for ECC keys? * `mbedtls_pk_import_into_psa` checks that the type field in the attributes is consistent with the content of the `mbedtls_pk_context` object (RSA/ECC, and availability of the private key). * The key type can be a public key even if the private key is available. * `mbedtls_pk_import_into_psa` does not need to check the bit-size in the attributes: `psa_import_key` will do enough checks. From a7226a1f60fa08f2f8de65d67241b7aaad8a9693 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 2 Jan 2024 13:15:14 +0100 Subject: [PATCH 1204/1674] Our TLS 1.3 API doesn't actually require PSA key identifiers Signed-off-by: Gilles Peskine --- docs/architecture/psa-migration/psa-legacy-bridges.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index 5798728c2..6ffe28f09 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -150,7 +150,7 @@ Reasons for first creating a legacy key object, where it's impossible or impract Reasons for needing a PSA key object: -* Using the key in TLS 1.3 or some third-party interface that takes a PSA key identifier as input. +* Using the key with third-party interface that takes a PSA key identifier as input. (Mbed TLS itself has a few TLS functions that take PSA key identifiers, but as of Mbed TLS 3.5, it is always possible to use a legacy key instead.) * Benefiting from a PSA accelerator, or from PSA's world separation, even without `MBEDTLS_USE_PSA_CRYPTO`. (Not a priority scenario: we generally expect people to activate `MBEDTLS_USE_PSA_CRYPTO` at an early stage of their migration to PSA.) Gap: a way to create a PSA key object from an `mbedtls_pk_context`. This partially exists in the form of `mbedtls_pk_wrap_as_opaque`, but it is not fully satisfactory, for reasons that are detailed in “[API to create a PSA key from a PK context](#api-to-create-a-psa-key-from-a-pk-context)” below. From f80dcc5f8bb54ae441be07a5cac3c77c22e70263 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 2 Jan 2024 13:15:47 +0100 Subject: [PATCH 1205/1674] Resolve ECDSA conversion API: don't use an ASN.1 interface Signed-off-by: Gilles Peskine --- docs/architecture/psa-migration/psa-legacy-bridges.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index 6ffe28f09..0c3e05a65 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -187,6 +187,8 @@ There is a design choice here: do we provide conversions functions for ECDSA spe Given the uncertainty, it would be nice to provide a sufficiently generic interface to convert between the PSA and the pk signature format, parametrized by the algorithm. However, it is difficult to predict exactly what parameters are needed. For example, converting from an ASN.1 ECDSA signature to (r,s) requires the knowledge of the curve, or at least the curve's size. Therefore we are not going to add a generic function at this stage. +For ECDSA, there are two plausible APIs: follow the ASN.1/X.509 write/parse APIs, or present an ordinary input/output API. The ASN.1 APIs are the way they are to accommodate nested TLV structures. But ECDSA signatures do not appear nested in TLV structures in either TLS (there's just a signature field) or X.509 (the signature is inside a BITSTRING, not directly in a SEQUENCE). So there does not seem to be a need for an ASN.1-like API for the ASN.1 format, just the format conversion itself in a buffer that just contains the signature. + #### Asymmetric cryptography TODO [TODO] Other gaps? @@ -320,7 +322,3 @@ int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, * These functions convert between the signature format used by `mbedtls_pk_{sign,verify}{,_ext}` and the signature format used by `psa_{sign,verify}_{hash,message}`. * The input and output buffers can overlap. -* [OPEN] Should we maybe use a different interface that is better integrated with ASN.1 and X.509 parsing and writing functions in Mbed TLS? That is: - * DER production writes from right to left in the destination buffer. - * DER parsing takes a pointer-to-pointer to the start of the buffer and an end pointer, instead of pointer-to-start and size. - * Names should match the patterns found in X.509 and ASN.1 parsing and writing function. From 9fe1c699a8a73a528878f3072c5ee127a3928f84 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 2 Jan 2024 13:16:31 +0100 Subject: [PATCH 1206/1674] Clarify PSA-to-PK copy intent Signed-off-by: Gilles Peskine --- docs/architecture/psa-migration/psa-legacy-bridges.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index 0c3e05a65..064b7d278 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -290,9 +290,10 @@ int mbedtls_pk_copy_from_psa(mbedtls_svc_key_id_t key_id, * `pk` must be initialized, but not set up. * It is an error if the key is neither a key pair nor a public key. * It is an error if the key is not exportable. -* The resulting pk object has a transparent type, not `MBEDTLS_PK_OPAQUE`. +* The resulting pk object has a transparent type, not `MBEDTLS_PK_OPAQUE`. That's `MBEDTLS_PK_RSA` for RSA keys (since pk objects don't use `MBEDTLS_PK_RSASSA_PSS)` as a type, and `MBEDTLS_PK_ECKEY` for ECC keys (following the example of pkparse). * Once this function returns, the pk object is completely independent of the PSA key. * Calling `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_pk_encrypt`, `mbedtls_pk_decrypt` on the resulting pk context will perform an algorithm that is compatible with the PSA key's primary algorithm policy (`psa_get_key_algorithm`), but with no restriction on the hash (as if the policy had `PSA_ALG_ANY_HASH` instead of a specific hash, and with `PSA_ALG_RSA_PKCS1V15_SIGN_RAW` merged with `PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)`). For ECDSA, the choice of deterministic vs randomized will be based on the compile-time setting `MBEDTLS_ECDSA_DETERMINISTIC`, like `mbedtls_pk_sign` today. + * The primary intent of this requirement is to allow an application to switch to PSA for creating the key material (for example to benefit from a PSA accelerator driver, or to start using a secure element), without modifying the code that consumes the key. For RSA keys, the PSA primary algorithm policy is how one conveys the same information as RSA key padding information in the legacy API. [ACTION] Convey this in the documentation. * [OPEN] How do we distinguish between signature-only and encryption-only RSA keys? Do we just allow both (e.g. a PSS key gets generalized into a PSS/OAEP key)? * [OPEN] What about `mbedtls_pk_sign_ext` and `mbedtls_pk_verify_ext`? From 45c3cae8a5b9c6282d3ffb3efd980ac92f5a4288 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 2 Jan 2024 13:26:04 +0100 Subject: [PATCH 1207/1674] md: move PSA conversion functions from md_psa.h to psa_util.h Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 37 +++++++++++++++++++++++++++++++++++++ library/md_psa.h | 37 ------------------------------------- 2 files changed, 37 insertions(+), 37 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 5f6a05315..249b8d421 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -148,6 +148,43 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, int bits_is_sloppy); #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ +/** + * \brief This function returns the PSA algorithm identifier + * associated with the given digest type. + * + * \param md_type The type of digest to search for. Must not be NONE. + * + * \warning If \p md_type is \c MBEDTLS_MD_NONE, this function will + * not return \c PSA_ALG_NONE, but an invalid algorithm. + * + * \warning This function does not check if the algorithm is + * supported, it always returns the corresponding identifier. + * + * \return The PSA algorithm identifier associated with \p md_type, + * regardless of whether it is supported or not. + */ +static inline psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type) +{ + return PSA_ALG_CATEGORY_HASH | (psa_algorithm_t) md_type; +} + +/** + * \brief This function returns the given digest type + * associated with the PSA algorithm identifier. + * + * \param psa_alg The PSA algorithm identifier to search for. + * + * \warning This function does not check if the algorithm is + * supported, it always returns the corresponding identifier. + * + * \return The MD type associated with \p psa_alg, + * regardless of whether it is supported or not. + */ +static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg) +{ + return (mbedtls_md_type_t) (psa_alg & PSA_ALG_HASH_MASK); +} + /**@}*/ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/md_psa.h b/library/md_psa.h index b201263b1..028ba2409 100644 --- a/library/md_psa.h +++ b/library/md_psa.h @@ -15,43 +15,6 @@ #include "mbedtls/md.h" #include "psa/crypto.h" -/** - * \brief This function returns the PSA algorithm identifier - * associated with the given digest type. - * - * \param md_type The type of digest to search for. Must not be NONE. - * - * \warning If \p md_type is \c MBEDTLS_MD_NONE, this function will - * not return \c PSA_ALG_NONE, but an invalid algorithm. - * - * \warning This function does not check if the algorithm is - * supported, it always returns the corresponding identifier. - * - * \return The PSA algorithm identifier associated with \p md_type, - * regardless of whether it is supported or not. - */ -static inline psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type) -{ - return PSA_ALG_CATEGORY_HASH | (psa_algorithm_t) md_type; -} - -/** - * \brief This function returns the given digest type - * associated with the PSA algorithm identifier. - * - * \param psa_alg The PSA algorithm identifier to search for. - * - * \warning This function does not check if the algorithm is - * supported, it always returns the corresponding identifier. - * - * \return The MD type associated with \p psa_alg, - * regardless of whether it is supported or not. - */ -static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg) -{ - return (mbedtls_md_type_t) (psa_alg & PSA_ALG_HASH_MASK); -} - /** Convert PSA status to MD error code. * * \param status PSA status. From 384fbde49a4e9d6b87dac45217557eed06267661 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 2 Jan 2024 13:26:40 +0100 Subject: [PATCH 1208/1674] library/tests: replace md_psa.h with psa_util.h as include file for MD conversion Signed-off-by: Valerio Setti --- library/pk.c | 2 +- library/pk_wrap.c | 2 +- library/psa_crypto.c | 2 +- library/psa_crypto_ecp.c | 2 +- library/psa_crypto_rsa.c | 2 +- library/ssl_ciphersuites.c | 2 +- library/ssl_cookie.c | 2 +- library/ssl_tls.c | 1 + library/ssl_tls13_client.c | 2 +- library/ssl_tls13_generic.c | 2 +- library/ssl_tls13_keys.c | 2 +- library/ssl_tls13_server.c | 2 +- library/x509_crt.c | 2 +- library/x509write_crt.c | 2 +- library/x509write_csr.c | 2 +- tests/src/test_helpers/ssl_helpers.c | 2 +- tests/suites/test_suite_constant_time_hmac.function | 2 +- tests/suites/test_suite_md.function | 2 +- tests/suites/test_suite_pk.function | 2 +- tests/suites/test_suite_x509write.function | 2 +- 20 files changed, 20 insertions(+), 19 deletions(-) diff --git a/library/pk.c b/library/pk.c index 61ac0dfab..926183701 100644 --- a/library/pk.c +++ b/library/pk.c @@ -31,7 +31,7 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa_util_internal.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" #endif #include diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 924794523..c23265022 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -13,7 +13,7 @@ #include "pk_wrap.h" #include "pk_internal.h" #include "mbedtls/error.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" /* Even if RSA not activated, for the sake of RSA-alt */ #include "mbedtls/rsa.h" diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 10d17b6df..a20dafaf0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -70,7 +70,7 @@ #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/sha512.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" #if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \ diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index e4a372d24..41641549c 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -14,7 +14,7 @@ #include "psa_crypto_core.h" #include "psa_crypto_ecp.h" #include "psa_crypto_random_impl.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" #include #include diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 0679f41ea..7b58ea22a 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -16,7 +16,7 @@ #include "psa_crypto_random_impl.h" #include "psa_crypto_rsa.h" #include "psa_crypto_hash.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" #include #include diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 6224ef205..23619a26c 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -17,7 +17,7 @@ #include "mbedtls/ssl.h" #include "ssl_misc.h" #if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "md_psa.h" +#include "mbedtls/psa_util.h" #endif #include diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index ee81eb420..2772cac4b 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -24,7 +24,7 @@ #include #if defined(MBEDTLS_USE_PSA_CRYPTO) -#include "md_psa.h" +#include "mbedtls/psa_util.h" /* Define a local translating function to save code size by not using too many * arguments in each translating place. */ static int local_err_translation(psa_status_t status) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index e1fb1283e..28bf1d8a0 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -29,6 +29,7 @@ #include #if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "mbedtls/psa_util.h" #include "md_psa.h" #include "psa_util_internal.h" #include "psa/crypto.h" diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index ae1136431..ffaffe925 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -19,7 +19,7 @@ #include "ssl_client.h" #include "ssl_tls13_keys.h" #include "ssl_debug_helpers.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) /* Define a local translating function to save code size by not using too many diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index fe2a2eba7..30b444d59 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -17,7 +17,7 @@ #include "mbedtls/platform.h" #include "mbedtls/constant_time.h" #include "psa/crypto.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" #include "ssl_misc.h" #include "ssl_tls13_invasive.h" diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 9b775ec95..edb453c3e 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -22,7 +22,7 @@ #include "ssl_tls13_invasive.h" #include "psa/crypto.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" /* Define a local translating function to save code size by not using too many * arguments in each translating place. */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index fe7a674d6..82b6bfcec 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -14,7 +14,7 @@ #include "mbedtls/platform.h" #include "mbedtls/constant_time.h" #include "mbedtls/oid.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" #include "ssl_misc.h" #include "ssl_tls13_keys.h" diff --git a/library/x509_crt.c b/library/x509_crt.c index 4e7672e37..84b92a891 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -35,7 +35,7 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" #include "psa_util_internal.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ #include "pk_internal.h" diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 44b6b1781..913b15a70 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -33,7 +33,7 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" #include "psa_util_internal.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ void mbedtls_x509write_crt_init(mbedtls_x509write_cert *ctx) diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 254da69a9..af75e7f72 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -24,7 +24,7 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" #include "psa_util_internal.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" #endif /* MBEDTLS_USE_PSA_CRYPTO */ #include diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index d02d30539..6233580b9 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -9,7 +9,7 @@ */ #include -#include "md_psa.h" +#include "mbedtls/psa_util.h" #if defined(MBEDTLS_SSL_TLS_C) #if defined(MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED) diff --git a/tests/suites/test_suite_constant_time_hmac.function b/tests/suites/test_suite_constant_time_hmac.function index 9d9aa3c77..0e870d80f 100644 --- a/tests/suites/test_suite_constant_time_hmac.function +++ b/tests/suites/test_suite_constant_time_hmac.function @@ -3,7 +3,7 @@ #include #include #include -#include "md_psa.h" +#include "mbedtls/psa_util.h" #include #include diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 866ff588f..2a885e237 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -1,6 +1,6 @@ /* BEGIN_HEADER */ #include "mbedtls/md.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" #include "mbedtls/oid.h" #include "mbedtls/asn1.h" diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 226598c72..f05444317 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -16,7 +16,7 @@ * but the test code generator requires test case data to be valid C code * unconditionally (https://github.com/Mbed-TLS/mbedtls/issues/2023). */ #include "psa/crypto.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" /* Used for properly sizing the key buffer in pk_genkey_ec() */ #include "psa_util_internal.h" diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index b59fd48f3..543b441ff 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -7,7 +7,7 @@ #include "mbedtls/rsa.h" #include "mbedtls/asn1write.h" #include "mbedtls/pk.h" -#include "md_psa.h" +#include "mbedtls/psa_util.h" #if defined(MBEDTLS_RSA_C) int mbedtls_rsa_decrypt_func(void *ctx, size_t *olen, From 3d2e0f5f42b9ac646f63d67e442f4af0f8a3fe4f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 2 Jan 2024 14:57:19 +0100 Subject: [PATCH 1209/1674] psa_util: add algorithm's availability checks for MD conversion functions Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 27 +++------- library/psa_util.c | 106 +++++++++++++++++++++++++++++++++++++ 2 files changed, 112 insertions(+), 21 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 249b8d421..e8fb3de61 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -152,21 +152,12 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, * \brief This function returns the PSA algorithm identifier * associated with the given digest type. * - * \param md_type The type of digest to search for. Must not be NONE. + * \param md_type The type of digest to search for. * - * \warning If \p md_type is \c MBEDTLS_MD_NONE, this function will - * not return \c PSA_ALG_NONE, but an invalid algorithm. - * - * \warning This function does not check if the algorithm is - * supported, it always returns the corresponding identifier. - * - * \return The PSA algorithm identifier associated with \p md_type, - * regardless of whether it is supported or not. + * \return The PSA algorithm identifier associated with \p md_type; + * #PSA_ALG_NONE if the algorithm is unuspported or invalid. */ -static inline psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type) -{ - return PSA_ALG_CATEGORY_HASH | (psa_algorithm_t) md_type; -} +psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type); /** * \brief This function returns the given digest type @@ -174,16 +165,10 @@ static inline psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_ * * \param psa_alg The PSA algorithm identifier to search for. * - * \warning This function does not check if the algorithm is - * supported, it always returns the corresponding identifier. - * * \return The MD type associated with \p psa_alg, - * regardless of whether it is supported or not. + * #MBEDTLS_MD_NONE if the algorithm is unsupported or invalid. */ -static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg) -{ - return (mbedtls_md_type_t) (psa_alg & PSA_ALG_HASH_MASK); -} +mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg); /**@}*/ diff --git a/library/psa_util.c b/library/psa_util.c index 9b06de273..bb054a33f 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -330,4 +330,110 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, } #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ +psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type) +{ + switch (md_type) { +#if defined(PSA_WANT_ALG_MD5) + case MBEDTLS_MD_MD5: + return PSA_ALG_MD5; +#endif +#if defined(PSA_WANT_ALG_RIPEMD160) + case MBEDTLS_MD_RIPEMD160: + return PSA_ALG_RIPEMD160; +#endif +#if defined(PSA_WANT_ALG_SHA_1) + case MBEDTLS_MD_SHA1: + return PSA_ALG_SHA_1; +#endif +#if defined(PSA_WANT_ALG_SHA_224) + case MBEDTLS_MD_SHA224: + return PSA_ALG_SHA_224; +#endif +#if defined(PSA_WANT_ALG_SHA_256) + case MBEDTLS_MD_SHA256: + return PSA_ALG_SHA_256; +#endif +#if defined(PSA_WANT_ALG_SHA_384) + case MBEDTLS_MD_SHA384: + return PSA_ALG_SHA_384; +#endif +#if defined(PSA_WANT_ALG_SHA_512) + case MBEDTLS_MD_SHA512: + return PSA_ALG_SHA_512; +#endif +#if defined(PSA_WANT_ALG_SHA3_224) + case MBEDTLS_MD_SHA3_224: + return PSA_ALG_SHA3_224; +#endif +#if defined(PSA_WANT_ALG_SHA3_256) + case MBEDTLS_MD_SHA3_256: + return PSA_ALG_SHA3_256; +#endif +#if defined(PSA_WANT_ALG_SHA3_384) + case MBEDTLS_MD_SHA3_384: + return PSA_ALG_SHA3_384; +#endif +#if defined(PSA_WANT_ALG_SHA3_512) + case MBEDTLS_MD_SHA3_512: + return PSA_ALG_SHA3_512; +#endif + case MBEDTLS_MD_NONE: + default: + return PSA_ALG_NONE; + } +} + +mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg) +{ + switch (psa_alg) { +#if defined(PSA_WANT_ALG_MD5) + case PSA_ALG_MD5: + return MBEDTLS_MD_MD5; +#endif +#if defined(PSA_WANT_ALG_RIPEMD160) + case PSA_ALG_RIPEMD160: + return MBEDTLS_MD_RIPEMD160; +#endif +#if defined(PSA_WANT_ALG_SHA_1) + case PSA_ALG_SHA_1: + return MBEDTLS_MD_SHA1; +#endif +#if defined(PSA_WANT_ALG_SHA_224) + case PSA_ALG_SHA_224: + return MBEDTLS_MD_SHA224; +#endif +#if defined(PSA_WANT_ALG_SHA_256) + case PSA_ALG_SHA_256: + return MBEDTLS_MD_SHA256; +#endif +#if defined(PSA_WANT_ALG_SHA_384) + case PSA_ALG_SHA_384: + return MBEDTLS_MD_SHA384; +#endif +#if defined(PSA_WANT_ALG_SHA_512) + case PSA_ALG_SHA_512: + return MBEDTLS_MD_SHA512; +#endif +#if defined(PSA_WANT_ALG_SHA3_224) + case PSA_ALG_SHA3_224: + return MBEDTLS_MD_SHA3_224; +#endif +#if defined(PSA_WANT_ALG_SHA3_256) + case PSA_ALG_SHA3_256: + return MBEDTLS_MD_SHA3_256; +#endif +#if defined(PSA_WANT_ALG_SHA3_384) + case PSA_ALG_SHA3_384: + return MBEDTLS_MD_SHA3_384; +#endif +#if defined(PSA_WANT_ALG_SHA3_512) + case PSA_ALG_SHA3_512: + return MBEDTLS_MD_SHA3_512; +#endif + case PSA_ALG_NONE: + default: + return MBEDTLS_MD_NONE; + } +} + #endif /* MBEDTLS_PSA_CRYPTO_C */ From 2c1070b39700be8a6fcda5f2266e8bbe5ac42e1c Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 2 Jan 2024 14:58:22 +0100 Subject: [PATCH 1210/1674] test_suite_md: improve md_to_from_psa() test function and related data Signed-off-by: Valerio Setti --- tests/suites/test_suite_md.data | 48 +++++++++++++++++++++++++++-- tests/suites/test_suite_md.function | 24 +++------------ 2 files changed, 51 insertions(+), 21 deletions(-) diff --git a/tests/suites/test_suite_md.data b/tests/suites/test_suite_md.data index fb9b5effa..b831500d6 100644 --- a/tests/suites/test_suite_md.data +++ b/tests/suites/test_suite_md.data @@ -2,8 +2,52 @@ MD list mbedtls_md_list: -MD <-> PSA conversion -md_to_from_psa: +MD <-> PSA conversion - MD5 +depends_on:PSA_WANT_ALG_MD5 +md_to_from_psa:MBEDTLS_MD_MD5:PSA_ALG_MD5 + +MD <-> PSA conversion - RIPEMD160 +depends_on:PSA_WANT_ALG_RIPEMD160 +md_to_from_psa:MBEDTLS_MD_RIPEMD160:PSA_ALG_RIPEMD160 + +MD <-> PSA conversion - SHA1 +depends_on:PSA_WANT_ALG_SHA_1 +md_to_from_psa:MBEDTLS_MD_SHA1:PSA_ALG_SHA_1 + +MD <-> PSA conversion - SHA224 +depends_on:PSA_WANT_ALG_SHA_224 +md_to_from_psa:MBEDTLS_MD_SHA224:PSA_ALG_SHA_224 + +MD <-> PSA conversion - SHA256 +depends_on:PSA_WANT_ALG_SHA_256 +md_to_from_psa:MBEDTLS_MD_SHA256:PSA_ALG_SHA_256 + +MD <-> PSA conversion - SHA384 +depends_on:PSA_WANT_ALG_SHA_384 +md_to_from_psa:MBEDTLS_MD_SHA384:PSA_ALG_SHA_384 + +MD <-> PSA conversion - SHA512 +depends_on:PSA_WANT_ALG_SHA_512 +md_to_from_psa:MBEDTLS_MD_SHA512:PSA_ALG_SHA_512 + +MD <-> PSA conversion - SHA3_224 +depends_on:PSA_WANT_ALG_SHA3_224 +md_to_from_psa:MBEDTLS_MD_SHA3_224:PSA_ALG_SHA3_224 + +MD <-> PSA conversion - SHA3_256 +depends_on:PSA_WANT_ALG_SHA3_256 +md_to_from_psa:MBEDTLS_MD_SHA3_256:PSA_ALG_SHA3_256 + +MD <-> PSA conversion - SHA3_384 +depends_on:PSA_WANT_ALG_SHA3_384 +md_to_from_psa:MBEDTLS_MD_SHA3_384:PSA_ALG_SHA3_384 + +MD <-> PSA conversion - SHA3_512 +depends_on:PSA_WANT_ALG_SHA3_512 +md_to_from_psa:MBEDTLS_MD_SHA3_512:PSA_ALG_SHA3_512 + +MD <-> PSA conversion - NONE +md_to_from_psa:MBEDTLS_MD_NONE:PSA_ALG_NONE MD NULL/uninitialised arguments md_null_args: diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 2a885e237..0a8e4216e 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -4,10 +4,6 @@ #include "mbedtls/oid.h" #include "mbedtls/asn1.h" - -#define MD_PSA(md, psa) \ - TEST_EQUAL(mbedtls_md_psa_alg_from_type(md), psa); \ - TEST_EQUAL(mbedtls_md_type_from_psa_alg(psa), md); /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -63,23 +59,13 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ -void md_to_from_psa() +void md_to_from_psa(int md_alg_arg, int psa_alg_arg) { - /* We use a simplified implementation that relies on numerical values - * being aligned, so make sure they remain so. */ - MD_PSA(MBEDTLS_MD_MD5, PSA_ALG_MD5); - MD_PSA(MBEDTLS_MD_RIPEMD160, PSA_ALG_RIPEMD160); - MD_PSA(MBEDTLS_MD_SHA1, PSA_ALG_SHA_1); - MD_PSA(MBEDTLS_MD_SHA224, PSA_ALG_SHA_224); - MD_PSA(MBEDTLS_MD_SHA256, PSA_ALG_SHA_256); - MD_PSA(MBEDTLS_MD_SHA384, PSA_ALG_SHA_384); - MD_PSA(MBEDTLS_MD_SHA512, PSA_ALG_SHA_512); - MD_PSA(MBEDTLS_MD_SHA3_224, PSA_ALG_SHA3_224); - MD_PSA(MBEDTLS_MD_SHA3_256, PSA_ALG_SHA3_256); - MD_PSA(MBEDTLS_MD_SHA3_384, PSA_ALG_SHA3_384); - MD_PSA(MBEDTLS_MD_SHA3_512, PSA_ALG_SHA3_512); + mbedtls_md_type_t md_alg = md_alg_arg; + psa_algorithm_t psa_alg = psa_alg_arg; - /* Don't test for NONE<->NONE as this is not guaranteed */ + TEST_EQUAL(mbedtls_md_psa_alg_from_type(md_alg), psa_alg); \ + TEST_EQUAL(mbedtls_md_type_from_psa_alg(psa_alg), md_alg); } /* END_CASE */ From a835d6da087ff55e9ec103074bba805490862140 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 2 Jan 2024 15:02:19 +0100 Subject: [PATCH 1211/1674] changelog: document MD's conversion functions Signed-off-by: Valerio Setti --- ChangeLog.d/8664.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/8664.txt diff --git a/ChangeLog.d/8664.txt b/ChangeLog.d/8664.txt new file mode 100644 index 000000000..03e297c18 --- /dev/null +++ b/ChangeLog.d/8664.txt @@ -0,0 +1,4 @@ +Features + * mbedtls_md_psa_alg_from_type() and mbedtls_md_type_from_psa_alg() helper + functions were added to convert from mbedtls_md_type_t to psa_algorithm_t + and viceversa. From a87cd17b35325092ebb7933ccad61303de89b12a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 2 Jan 2024 15:12:37 +0100 Subject: [PATCH 1212/1674] psa-transition: update with MD translation functions Signed-off-by: Valerio Setti --- docs/psa-transition.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 067ffafbd..48beb80a3 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -443,6 +443,10 @@ The equivalent to `mbedtls_md_type_t` and `MBEDTLS_MD_XXX` constants is the type | `MBEDTLS_MD_SHA3_384` | `PSA_ALG_SHA3_384` | | `MBEDTLS_MD_SHA3_512` | `PSA_ALG_SHA3_512` | +The following helper functions can be used to convert between the 2 types: +- `mbedtls_md_psa_alg_from_type()` converts from legacy `mbedtls_md_type_t` to PSA's `psa_algorithm_t`. +- `mbedtls_md_type_from_psa_alg()` converts from PSA's `psa_algorithm_t` to legacy `mbedtls_md_type_t`. + ### MAC mechanism selection PSA Crypto has a generic API with the same functions for all MAC mechanisms. The mechanism is determined by a combination of an algorithm value of type [`psa_algorithm_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gac2e4d47f1300d73c2f829a6d99252d69) and a key type value of type [`psa_key_type_t`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga63fce6880ca5933b5d6baa257febf1f6). From c1c6858bfc9a2e7a9c3062fa12e0acdb6d56fff1 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 2 Jan 2024 11:46:17 +0100 Subject: [PATCH 1213/1674] cipher_wrap: fix guards for some CCM/GCM functions Legacy CCM and GCM can work even when AES_C is not defined thanks to the block_cipher module, so we can relax guards in cipher_wrap. Signed-off-by: Valerio Setti --- library/cipher_wrap.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 5be9799fc..d2fee22e2 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -566,14 +566,14 @@ static const mbedtls_cipher_info_t aes_256_xts_info = { #endif /* MBEDTLS_CIPHER_MODE_XTS */ #endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_GCM_C) && defined(MBEDTLS_CCM_GCM_CAN_AES) static int gcm_aes_setkey_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { return mbedtls_gcm_setkey((mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES, key, key_bitlen); } -#endif /* MBEDTLS_GCM_C && MBEDTLS_AES_C */ +#endif /* MBEDTLS_GCM_C && MBEDTLS_CCM_GCM_CAN_AES */ #if defined(MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_base_t gcm_aes_info = { @@ -650,14 +650,14 @@ static const mbedtls_cipher_info_t aes_256_gcm_info = { #endif #endif /* MBEDTLS_CIPHER_HAVE_GCM_AES_VIA_LEGACY_OR_USE_PSA */ -#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_AES_C) +#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_CCM_GCM_CAN_AES) static int ccm_aes_setkey_wrap(void *ctx, const unsigned char *key, unsigned int key_bitlen) { return mbedtls_ccm_setkey((mbedtls_ccm_context *) ctx, MBEDTLS_CIPHER_ID_AES, key, key_bitlen); } -#endif /* MBEDTLS_CCM_C && MBEDTLS_AES_C */ +#endif /* MBEDTLS_CCM_C && MBEDTLS_CCM_GCM_CAN_AES */ #if defined(MBEDTLS_CIPHER_HAVE_CCM_AES_VIA_LEGACY_OR_USE_PSA) static const mbedtls_cipher_base_t ccm_aes_info = { From 6315441be7644e823faf7c5f5165c762a4f99108 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 2 Jan 2024 11:47:41 +0100 Subject: [PATCH 1214/1674] adjust_legacy_from_psa: relax condition for legacy block cipher auto-enabling CCM/GCM can be either fully accelerated or rely on just the key type being accelerated. This means that ultimately it is just the key type which determines if the legacy block cipher modes need to be auto-enabled or not. Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_from_psa.h | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index bf87c364e..691fed6e5 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -692,11 +692,6 @@ #define PSA_HAVE_SOFT_BLOCK_MODE 1 #endif -#if (defined(PSA_WANT_ALG_GCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_GCM)) || \ - (defined(PSA_WANT_ALG_CCM) && !defined(MBEDTLS_PSA_ACCEL_ALG_CCM)) -#define PSA_HAVE_SOFT_BLOCK_AEAD 1 -#endif - #if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) #if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128) #define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1 @@ -709,8 +704,7 @@ #define PSA_HAVE_SOFT_KEY_TYPE_AES 1 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */ #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \ - defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ - defined(PSA_HAVE_SOFT_BLOCK_AEAD) + defined(PSA_HAVE_SOFT_BLOCK_MODE) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1 #define MBEDTLS_AES_C #endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */ @@ -721,8 +715,7 @@ #define PSA_HAVE_SOFT_KEY_TYPE_ARIA 1 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA */ #if defined(PSA_HAVE_SOFT_KEY_TYPE_ARIA) || \ - defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ - defined(PSA_HAVE_SOFT_BLOCK_AEAD) + defined(PSA_HAVE_SOFT_BLOCK_MODE) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARIA 1 #define MBEDTLS_ARIA_C #endif /* PSA_HAVE_SOFT_KEY_TYPE_ARIA || PSA_HAVE_SOFT_BLOCK_MODE */ @@ -733,8 +726,7 @@ #define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA */ #if defined(PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA) || \ - defined(PSA_HAVE_SOFT_BLOCK_MODE) || \ - defined(PSA_HAVE_SOFT_BLOCK_AEAD) + defined(PSA_HAVE_SOFT_BLOCK_MODE) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1 #define MBEDTLS_CAMELLIA_C #endif /* PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA || PSA_HAVE_SOFT_BLOCK_MODE */ From 39b7bba8a08ad1fd171659ea8f231627a6f3367c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 2 Jan 2024 17:56:54 +0100 Subject: [PATCH 1215/1674] Make input parameter const Signed-off-by: Gilles Peskine --- include/mbedtls/ecp.h | 2 +- library/ecp.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 619a8a51a..76aef32fb 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -1368,7 +1368,7 @@ int mbedtls_ecp_write_key(mbedtls_ecp_keypair *key, * or the export for the given group is not implemented. * \return Another negative error code on other kinds of failure. */ -int mbedtls_ecp_write_public_key(mbedtls_ecp_keypair *key, +int mbedtls_ecp_write_public_key(const mbedtls_ecp_keypair *key, int format, size_t *olen, unsigned char *buf, size_t buflen); diff --git a/library/ecp.c b/library/ecp.c index 12924bf32..758d54bd7 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -3336,7 +3336,7 @@ cleanup: /* * Write a public key. */ -int mbedtls_ecp_write_public_key(mbedtls_ecp_keypair *key, +int mbedtls_ecp_write_public_key(const mbedtls_ecp_keypair *key, int format, size_t *olen, unsigned char *buf, size_t buflen) { From 5d867872dda985052ac9304f06f7060f4f15e261 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 2 Jan 2024 17:57:51 +0100 Subject: [PATCH 1216/1674] Improve readability of null-argument tests Signed-off-by: Gilles Peskine --- tests/suites/test_suite_ecp.function | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index ced4ca387..c8be4e581 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -1401,17 +1401,21 @@ void ecp_export(int id, char *Qx, char *Qy, char *d, int expected_ret, int inval TEST_EQUAL(export_grp.id, mbedtls_ecp_keypair_get_group_id(&key)); - /* Test null arguments */ + /* Test null arguments: grp only */ mbedtls_ecp_group_free(&export_grp); - mbedtls_mpi_free(&export_d); - mbedtls_ecp_point_free(&export_Q); mbedtls_ecp_group_init(&export_grp); - mbedtls_mpi_init(&export_d); - mbedtls_ecp_point_init(&export_Q); TEST_EQUAL(mbedtls_ecp_export(&key, &export_grp, NULL, NULL), 0); TEST_EQUAL(mbedtls_ecp_group_cmp(&key.grp, &export_grp), 0); + + /* Test null arguments: d only */ + mbedtls_mpi_free(&export_d); + mbedtls_mpi_init(&export_d); TEST_EQUAL(mbedtls_ecp_export(&key, NULL, &export_d, NULL), 0); TEST_EQUAL(mbedtls_mpi_cmp_mpi(&key.d, &export_d), 0); + + /* Test null arguments: Q only */ + mbedtls_ecp_point_free(&export_Q); + mbedtls_ecp_point_init(&export_Q); TEST_EQUAL(mbedtls_ecp_export(&key, NULL, NULL, &export_Q), 0); TEST_EQUAL(mbedtls_ecp_point_cmp(&key.Q, &export_Q), 0); } From 570e54822c045f848cd3d9d9e317f965be0f6190 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 2 Jan 2024 18:11:10 +0100 Subject: [PATCH 1217/1674] Finish unifying LOCAL_CFLAGS fixup "Create common.make with LOCAL_CFLAGS and friends" The code wasn't what I had intended, although it was functionally equivalent. Make it more readable and more robust. Signed-off-by: Gilles Peskine --- programs/Makefile | 1 - scripts/common.make | 2 +- tests/Makefile | 2 +- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/programs/Makefile b/programs/Makefile index 64f7cc1a3..50be1763e 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -3,7 +3,6 @@ MBEDTLS_TEST_PATH = ../tests # code which is in the src/test_helpers subdirectory. MBEDTLS_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/*.c ${MBEDTLS_TEST_PATH}/src/drivers/*.c)) -LOCAL_CFLAGS = $(WARNING_CFLAGS) -I$(MBEDTLS_TEST_PATH)/include -I../include -D_FILE_OFFSET_BITS=64 include ../scripts/common.make ifeq ($(shell uname -s),Linux) diff --git a/scripts/common.make b/scripts/common.make index 2f27d0ef5..b115076f8 100644 --- a/scripts/common.make +++ b/scripts/common.make @@ -5,7 +5,7 @@ WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral WARNING_CXXFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral LDFLAGS ?= -LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../tests/include -I../include -D_FILE_OFFSET_BITS=64 +LOCAL_CFLAGS = $(WARNING_CFLAGS) -I$(MBEDTLS_TEST_PATH)/include -I../include -D_FILE_OFFSET_BITS=64 LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -I../tests/include -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \ -L../library \ diff --git a/tests/Makefile b/tests/Makefile index 7a10af271..848d3c499 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -1,3 +1,4 @@ +MBEDTLS_TEST_PATH = . include ../scripts/common.make # Set this to -v to see the details of failing test cases @@ -109,7 +110,6 @@ BINARIES := $(addsuffix $(EXEXT),$(APPS)) all: $(BINARIES) -MBEDTLS_TEST_PATH = . MBEDTLS_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/*.c ${MBEDTLS_TEST_PATH}/src/drivers/*.c)) MBEDTLS_TEST_OBJS += $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/test_helpers/*.c)) From 89391483390fbcf6ccabd00ac897e10564b52fa7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 2 Jan 2024 18:14:00 +0100 Subject: [PATCH 1218/1674] Minor readability improvement Signed-off-by: Gilles Peskine --- programs/Makefile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/programs/Makefile b/programs/Makefile index 50be1763e..4bf11062c 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -1,8 +1,4 @@ MBEDTLS_TEST_PATH = ../tests -# Support code used by test programs and test builds, excluding TLS-specific -# code which is in the src/test_helpers subdirectory. -MBEDTLS_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/*.c ${MBEDTLS_TEST_PATH}/src/drivers/*.c)) - include ../scripts/common.make ifeq ($(shell uname -s),Linux) @@ -11,6 +7,10 @@ else DLOPEN_LDFLAGS ?= endif +# Support code used by test programs and test builds, excluding TLS-specific +# code which is in the src/test_helpers subdirectory. +MBEDTLS_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/*.c ${MBEDTLS_TEST_PATH}/src/drivers/*.c)) + DEP=${MBEDLIBS} ${MBEDTLS_TEST_OBJS} # Only build the dlopen test in shared library builds, and not when building From cd06a813c6a0ad4e19ce8cca88d4410b57389473 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 2 Jan 2024 18:14:40 +0100 Subject: [PATCH 1219/1674] Fix name in documentation fixup "Correct name and documentation of preprocessor symbol check function" Signed-off-by: Gilles Peskine --- scripts/common.make | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/common.make b/scripts/common.make index b115076f8..e8d22cb74 100644 --- a/scripts/common.make +++ b/scripts/common.make @@ -35,7 +35,7 @@ endif ## Remove the preprocessor symbols that are set in the current configuration ## from PREPROCESSOR_INPUT. Also normalize whitespace. ## Example: -## $(call remove_set_options,MBEDTLS_FOO MBEDTLS_BAR) +## $(call remove_enabled_options,MBEDTLS_FOO MBEDTLS_BAR) ## This expands to an empty string "" if MBEDTLS_FOO and MBEDTLS_BAR are both ## enabled, to "MBEDTLS_FOO" if MBEDTLS_BAR is enabled but MBEDTLS_FOO is ## disabled, etc. From 0ae58dd985c3b7c8473c3d969507fffa6f7b3a59 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 2 Jan 2024 23:11:24 +0100 Subject: [PATCH 1220/1674] Unify MBEDTLS_TEST_OBJS `$(MBEDTLS_TEST_OBJS)` included TLS-specific test support modules in `tests/Makefile` but not in `programs/Makefile`. This difference is not actually necessary. What is necessary is that all programs that use functions from TLS-specific test support modules are linked with those modules in addition to `-lmbedtls`, and programs that are not linked with `-lmbedtls` are not linked with TLS-specific test support modules. Since we always pass `-lmbedtls` when linking programs in `programs/Makefile`, we can link with the TLS-specific test support modules as well. This keeps things simpler. Signed-off-by: Gilles Peskine --- programs/Makefile | 4 ---- scripts/common.make | 12 ++++++++++++ tests/Makefile | 3 --- 3 files changed, 12 insertions(+), 7 deletions(-) diff --git a/programs/Makefile b/programs/Makefile index 4bf11062c..82c856996 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -7,10 +7,6 @@ else DLOPEN_LDFLAGS ?= endif -# Support code used by test programs and test builds, excluding TLS-specific -# code which is in the src/test_helpers subdirectory. -MBEDTLS_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/*.c ${MBEDTLS_TEST_PATH}/src/drivers/*.c)) - DEP=${MBEDLIBS} ${MBEDTLS_TEST_OBJS} # Only build the dlopen test in shared library builds, and not when building diff --git a/scripts/common.make b/scripts/common.make index e8d22cb74..6c95b4235 100644 --- a/scripts/common.make +++ b/scripts/common.make @@ -105,3 +105,15 @@ ifndef WINDOWS else for %f in ($(subst /,\,$(GENERATED_FILES))) if exist %f del /Q /F %f endif + +# Auxiliary modules used by tests and some sample programs +MBEDTLS_CORE_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard \ + ${MBEDTLS_TEST_PATH}/src/*.c \ + ${MBEDTLS_TEST_PATH}/src/drivers/*.c \ + )) +# Additional auxiliary modules for TLS testing +MBEDTLS_TLS_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard \ + ${MBEDTLS_TEST_PATH}/src/test_helpers/*.c \ + )) + +MBEDTLS_TEST_OBJS = $(MBEDTLS_CORE_TEST_OBJS) $(MBEDTLS_TLS_TEST_OBJS) diff --git a/tests/Makefile b/tests/Makefile index 848d3c499..f82c267ac 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -110,9 +110,6 @@ BINARIES := $(addsuffix $(EXEXT),$(APPS)) all: $(BINARIES) -MBEDTLS_TEST_OBJS = $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/*.c ${MBEDTLS_TEST_PATH}/src/drivers/*.c)) -MBEDTLS_TEST_OBJS += $(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/src/test_helpers/*.c)) - mbedtls_test: $(MBEDTLS_TEST_OBJS) TEST_OBJS_DEPS = $(wildcard include/test/*.h include/test/*/*.h) From bff2a58b6ef2589c4d45033861b9a23862d27ba0 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 8 Dec 2023 15:26:32 +0000 Subject: [PATCH 1221/1674] Add supporting files to enable use of verbatim TF-M config Signed-off-by: Dave Rodgman --- configs/ext/README.md | 20 ++++++++++++++++++++ configs/ext/config_tfm.h | 13 +++++++++++++ configs/ext/mbedtls_entropy_nv_seed_config.h | 13 +++++++++++++ 3 files changed, 46 insertions(+) create mode 100644 configs/ext/README.md create mode 100644 configs/ext/config_tfm.h create mode 100644 configs/ext/mbedtls_entropy_nv_seed_config.h diff --git a/configs/ext/README.md b/configs/ext/README.md new file mode 100644 index 000000000..dbd7c43e6 --- /dev/null +++ b/configs/ext/README.md @@ -0,0 +1,20 @@ +Summary +------- + +All files in this directory are distributed under the normal Mbed TLS dual Apache 2.0 or GPLv2-or-later +license. + +Background +----------- + +The two files crypto_config_profile_medium.h and tfm_mbedcrypto_config_profile_medium.h +are taken verbatim from the TF-M source code here: + +https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/lib/ext/mbedcrypto/mbedcrypto_config + +In TF-M, they are distributed under a 3-Clause BSD license, as noted at the top of the files. + +In Mbed TLS, with permission from the TF-M project, they are distributed under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. + +We only retain the note at the top of the files because we are taking the files un-modified, for ease of +maintenance. diff --git a/configs/ext/config_tfm.h b/configs/ext/config_tfm.h new file mode 100644 index 000000000..60d855ed5 --- /dev/null +++ b/configs/ext/config_tfm.h @@ -0,0 +1,13 @@ +/* + * Empty placeholder + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +/* + * This file is intentionally empty. + * + * Having an empty file here allows us to build the TF-M config, which references this file, + * without making any changes to the TF-M config. + */ diff --git a/configs/ext/mbedtls_entropy_nv_seed_config.h b/configs/ext/mbedtls_entropy_nv_seed_config.h new file mode 100644 index 000000000..60d855ed5 --- /dev/null +++ b/configs/ext/mbedtls_entropy_nv_seed_config.h @@ -0,0 +1,13 @@ +/* + * Empty placeholder + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +/* + * This file is intentionally empty. + * + * Having an empty file here allows us to build the TF-M config, which references this file, + * without making any changes to the TF-M config. + */ From 27a3785d98592fd9a84beb46fc15b5e0f8454c52 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 8 Dec 2023 15:27:49 +0000 Subject: [PATCH 1222/1674] Use verbatim TF-M configs from upstream Signed-off-by: Dave Rodgman --- configs/ext/crypto_config_profile_medium.h | 11 +++++----- .../tfm_mbedcrypto_config_profile_medium.h | 22 +++++++++++++++---- 2 files changed, 24 insertions(+), 9 deletions(-) diff --git a/configs/ext/crypto_config_profile_medium.h b/configs/ext/crypto_config_profile_medium.h index 63ed4701d..af8869f13 100644 --- a/configs/ext/crypto_config_profile_medium.h +++ b/configs/ext/crypto_config_profile_medium.h @@ -1,13 +1,14 @@ +/* + * Copyright (c) 2018-2023, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + * + */ /** * \file psa/crypto_config.h * \brief PSA crypto configuration options (set of defines) * */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - */ - #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) /** * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in mbedtls_config.h, diff --git a/configs/ext/tfm_mbedcrypto_config_profile_medium.h b/configs/ext/tfm_mbedcrypto_config_profile_medium.h index beebddf5a..ecdecea5e 100644 --- a/configs/ext/tfm_mbedcrypto_config_profile_medium.h +++ b/configs/ext/tfm_mbedcrypto_config_profile_medium.h @@ -8,14 +8,28 @@ * memory footprint. */ /* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * Copyright (C) 2006-2023, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) */ #ifndef PROFILE_M_MBEDTLS_CONFIG_H #define PROFILE_M_MBEDTLS_CONFIG_H -//#include "config_tfm.h" +#include "config_tfm.h" #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 @@ -549,7 +563,7 @@ #endif /* CRYPTO_NV_SEED */ #if !defined(CRYPTO_HW_ACCELERATOR) && defined(MBEDTLS_ENTROPY_NV_SEED) -//#include "mbedtls_entropy_nv_seed_config.h" +#include "mbedtls_entropy_nv_seed_config.h" #endif #ifdef CRYPTO_HW_ACCELERATOR From fc566605b693f9651576bce235b7d57bf3fc8300 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 8 Dec 2023 15:33:50 +0000 Subject: [PATCH 1223/1674] Mention copyright in the readme Signed-off-by: Dave Rodgman --- configs/ext/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configs/ext/README.md b/configs/ext/README.md index dbd7c43e6..adcebbf50 100644 --- a/configs/ext/README.md +++ b/configs/ext/README.md @@ -2,7 +2,7 @@ Summary ------- All files in this directory are distributed under the normal Mbed TLS dual Apache 2.0 or GPLv2-or-later -license. +license, and are copyright The Mbed TLS Contributors. Background ----------- @@ -14,7 +14,7 @@ https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/lib/ext/mbedcry In TF-M, they are distributed under a 3-Clause BSD license, as noted at the top of the files. -In Mbed TLS, with permission from the TF-M project, they are distributed under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license. +In Mbed TLS, with permission from the TF-M project, they are distributed under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license, with copyright assigned to The Mbed TLS Contributors. We only retain the note at the top of the files because we are taking the files un-modified, for ease of maintenance. From b925d141de46dd07e5e7ec9706e487492a191359 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 8 Dec 2023 16:04:29 +0000 Subject: [PATCH 1224/1674] minor tidy-up Signed-off-by: Dave Rodgman --- configs/ext/README.md | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/configs/ext/README.md b/configs/ext/README.md index adcebbf50..1358bd442 100644 --- a/configs/ext/README.md +++ b/configs/ext/README.md @@ -1,11 +1,16 @@ Summary ------- -All files in this directory are distributed under the normal Mbed TLS dual Apache 2.0 or GPLv2-or-later -license, and are copyright The Mbed TLS Contributors. +The two files: + +* crypto_config_profile_medium.h +* tfm_mbedcrypto_config_profile_medium.h + +are copyright The Mbed TLS Contributors, and are distributed under the license normally +used by Mbed TLS: a dual Apache 2.0 or GPLv2-or-later license. Background ------------ +---------- The two files crypto_config_profile_medium.h and tfm_mbedcrypto_config_profile_medium.h are taken verbatim from the TF-M source code here: @@ -16,5 +21,5 @@ In TF-M, they are distributed under a 3-Clause BSD license, as noted at the top In Mbed TLS, with permission from the TF-M project, they are distributed under a dual [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) OR [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) license, with copyright assigned to The Mbed TLS Contributors. -We only retain the note at the top of the files because we are taking the files un-modified, for ease of +We only retain the note at the top of the files because we are taking the files verbatim, for ease of maintenance. From 1c91057fabf7b1276f4b7d5279ff59b8156c3b48 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 8 Dec 2023 17:58:44 +0000 Subject: [PATCH 1225/1674] Update check_files.py to accomodate non-standard license headers in TF-M config files Signed-off-by: Dave Rodgman --- tests/scripts/check_files.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/scripts/check_files.py b/tests/scripts/check_files.py index f6f6d6c71..65fbc9f07 100755 --- a/tests/scripts/check_files.py +++ b/tests/scripts/check_files.py @@ -373,8 +373,9 @@ class LicenseIssueTracker(LineIssueTracker): r'(ChangeLog|LICENSE|[-0-9A-Z_a-z]+\.md)\Z', # Files imported from TF-M, and not used except in test builds, # may be under a different license. - r'configs/crypto_config_profile_medium\.h\Z', - r'configs/tfm_mbedcrypto_config_profile_medium\.h\Z', + r'configs/ext/crypto_config_profile_medium\.h\Z', + r'configs/ext/tfm_mbedcrypto_config_profile_medium\.h\Z', + r'configs/ext/README\.md\Z', # Third-party file. r'dco\.txt\Z', ] From 13d2633126ca890a8711712fc4eeecb69157140b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 13 Dec 2023 17:23:46 +0000 Subject: [PATCH 1226/1674] Fix MBEDTLS_NO_PLATFORM_ENTROPY for baremetal aarch64 with armclang Signed-off-by: Dave Rodgman --- configs/config-tfm.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index 197b80814..8ed0792ed 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -21,9 +21,6 @@ /* MBEDTLS_PSA_CRYPTO_SPM needs third-party files, so disable it. */ #undef MBEDTLS_PSA_CRYPTO_SPM -/* Use built-in platform entropy functions (TF-M provides its own). */ -#undef MBEDTLS_NO_PLATFORM_ENTROPY - /* Disable buffer-based memory allocator. This isn't strictly required, * but using the native allocator is faster and works better with * memory management analysis frameworks such as ASan. */ @@ -53,10 +50,14 @@ /* * In order to get an example config that works cleanly out-of-the-box * for both baremetal and non-baremetal builds, we detect baremetal builds - * and set this variable automatically. + * (either IAR, Arm compiler or __ARM_EABI__ defined), and adjust some + * variables accordingly. */ -#if defined(__IAR_SYSTEMS_ICC__) || defined(__ARM_EABI__) +#if defined(__IAR_SYSTEMS_ICC__) || defined(__ARMCC_VERSION) || defined(__ARM_EABI__) #define MBEDTLS_NO_PLATFORM_ENTROPY +#else +/* Use built-in platform entropy functions (TF-M provides its own). */ +#undef MBEDTLS_NO_PLATFORM_ENTROPY #endif /*********************************************************************** From 7565b54545135f161668d42a98ca7426865df687 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 13 Dec 2023 17:26:57 +0000 Subject: [PATCH 1227/1674] Move MBEDTLS_CIPHER modification to appropriate section Signed-off-by: Dave Rodgman --- configs/config-tfm.h | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/configs/config-tfm.h b/configs/config-tfm.h index 8ed0792ed..14896d40f 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -42,11 +42,6 @@ #undef MBEDTLS_PLATFORM_STD_EXIT_SUCCESS #undef MBEDTLS_PLATFORM_STD_EXIT_FAILURE -/* CCM is the only cipher/AEAD enabled in TF-M configuration files, but it - * does not need CIPHER_C to be enabled, so we can disable it in order - * to reduce code size further. */ -#undef MBEDTLS_CIPHER_C - /* * In order to get an example config that works cleanly out-of-the-box * for both baremetal and non-baremetal builds, we detect baremetal builds @@ -66,3 +61,8 @@ // We expect TF-M to pick this up soon #define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT + +/* CCM is the only cipher/AEAD enabled in TF-M configuration files, but it + * does not need CIPHER_C to be enabled, so we can disable it in order + * to reduce code size further. */ +#undef MBEDTLS_CIPHER_C From a10d112e456bfebab8a55757d8ef1efc7d90e54d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 3 Jan 2024 14:08:10 +0100 Subject: [PATCH 1228/1674] Remove useless guards on MBEDTLS_BIGNUM_C All of ECP requires the bignum module and there is no plan to change that, so guarding a few bits of code is just noise. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_ecp.function | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index c8be4e581..295fe7f15 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -1123,7 +1123,6 @@ void ecp_set_public_key_good(int grp_id, data_t *public_data) TEST_EQUAL(key.grp.id, grp_id); TEST_EQUAL(mbedtls_ecp_point_cmp(&key.Q, &Q), 0); -#if defined(MBEDTLS_BIGNUM_C) /* Key with a public key already set to a different value */ TEST_EQUAL(mbedtls_mpi_add_int(&key.Q.X, &key.Q.X, 1), 0); TEST_EQUAL(mbedtls_mpi_add_int(&key.Q.Y, &key.Q.Y, 1), 0); @@ -1131,7 +1130,6 @@ void ecp_set_public_key_good(int grp_id, data_t *public_data) TEST_EQUAL(mbedtls_ecp_set_public_key(grp_id, &key, &Q), 0); TEST_EQUAL(key.grp.id, grp_id); TEST_EQUAL(mbedtls_ecp_point_cmp(&key.Q, &Q), 0); -#endif exit: mbedtls_ecp_keypair_free(&key); @@ -1150,10 +1148,8 @@ void ecp_set_public_key_after_private(int private_grp_id, data_t *private_data, mbedtls_ecp_group_init(&grp); mbedtls_ecp_point Q; mbedtls_ecp_point_init(&Q); -#if defined(MBEDTLS_BIGNUM_C) mbedtls_mpi d; mbedtls_mpi_init(&d); -#endif TEST_EQUAL(mbedtls_ecp_group_load(&grp, public_grp_id), 0); TEST_EQUAL(mbedtls_ecp_point_read_binary(&grp, &Q, @@ -1162,9 +1158,7 @@ void ecp_set_public_key_after_private(int private_grp_id, data_t *private_data, TEST_EQUAL(mbedtls_ecp_read_key(private_grp_id, &key, private_data->x, private_data->len), 0); -#if defined(MBEDTLS_BIGNUM_C) TEST_EQUAL(mbedtls_mpi_copy(&d, &key.d), 0); -#endif int ret = mbedtls_ecp_set_public_key(public_grp_id, &key, &Q); @@ -1172,9 +1166,7 @@ void ecp_set_public_key_after_private(int private_grp_id, data_t *private_data, TEST_EQUAL(ret, 0); TEST_EQUAL(key.grp.id, public_grp_id); TEST_EQUAL(mbedtls_ecp_point_cmp(&key.Q, &Q), 0); -#if defined(MBEDTLS_BIGNUM_C) TEST_EQUAL(mbedtls_mpi_cmp_mpi(&d, &key.d), 0); -#endif } else { TEST_EQUAL(ret, MBEDTLS_ERR_ECP_BAD_INPUT_DATA); } @@ -1183,9 +1175,7 @@ exit: mbedtls_ecp_keypair_free(&key); mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&Q); -#if defined(MBEDTLS_BIGNUM_C) mbedtls_mpi_free(&d); -#endif } /* END_CASE */ @@ -1198,11 +1188,9 @@ void mbedtls_ecp_read_key(int grp_id, data_t *in_key, int expected, int canonica mbedtls_ecp_keypair key2; mbedtls_ecp_keypair_init(&key2); -#if defined(MBEDTLS_BIGNUM_C) TEST_EQUAL(mbedtls_mpi_lset(&key.Q.X, 1), 0); TEST_EQUAL(mbedtls_mpi_lset(&key.Q.Y, 2), 0); TEST_EQUAL(mbedtls_mpi_lset(&key.Q.Z, 3), 0); -#endif ret = mbedtls_ecp_read_key(grp_id, &key, in_key->x, in_key->len); TEST_ASSERT(ret == expected); @@ -1212,11 +1200,9 @@ void mbedtls_ecp_read_key(int grp_id, data_t *in_key, int expected, int canonica ret = mbedtls_ecp_check_privkey(&key.grp, &key.d); TEST_ASSERT(ret == 0); -#if defined(MBEDTLS_BIGNUM_C) TEST_EQUAL(mbedtls_mpi_cmp_int(&key.Q.X, 1), 0); TEST_EQUAL(mbedtls_mpi_cmp_int(&key.Q.Y, 2), 0); TEST_EQUAL(mbedtls_mpi_cmp_int(&key.Q.Z, 3), 0); -#endif if (canonical) { unsigned char buf[MBEDTLS_ECP_MAX_BYTES]; From 7406b74fce33e39979a2d24337b433a1191cbc28 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 3 Jan 2024 14:47:36 +0100 Subject: [PATCH 1229/1674] driver-only-builds: fix typo Signed-off-by: Valerio Setti --- docs/driver-only-builds.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 287be1df9..f085471c6 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -299,7 +299,7 @@ some non-PSA APIs will be absent or have reduced functionality, see ["Partial acceleration for CCM/GCM"](#partial-acceleration-for-ccmgcm) below) is enabled but not accelerated, then all key types that can be used with it will need to be built-in. -- If a key type is enabled but not accelerated, then all algorithms than can be +- If a key type is enabled but not accelerated, then all algorithms that can be used with it will need to be built-in. Some legacy modules can't take advantage of PSA drivers yet, and will either From 478dd84b63929ff22d0068e6c6bd7ee640f784dd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 3 Jan 2024 20:50:56 +0100 Subject: [PATCH 1230/1674] Fix mixup between secp224r1 and secp224k1 in test scripts secp224k1 is the one with 225-bit private keys. The consequences of this mistake were: * We emitted positive test cases for hypothetical SECP_R1_225 and SECP_K1_224 curves, which were never executed. * We emitted useless not-supported test cases for SECP_R1_225 and SECP_K1_224. * We were missing positive test cases for SECP_R1_224 in automatically generated tests. * We were missing not-supported test cases for SECP_R1_224 and SECP_K1_225. Thus this didn't cause test failures, but it caused missing test coverage and some never-executed test cases. Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/asymmetric_key_data.py | 4 ++-- scripts/mbedtls_dev/crypto_knowledge.py | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/mbedtls_dev/asymmetric_key_data.py b/scripts/mbedtls_dev/asymmetric_key_data.py index ef3e3a05e..29d95d0e1 100644 --- a/scripts/mbedtls_dev/asymmetric_key_data.py +++ b/scripts/mbedtls_dev/asymmetric_key_data.py @@ -41,13 +41,13 @@ ASYMMETRIC_KEY_DATA = construct_asymmetric_key_data({ 'ECC(PSA_ECC_FAMILY_SECP_K1)': { 192: ("297ac1722ccac7589ecb240dc719842538ca974beb79f228", "0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5"), - 224: ("0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8", + 225: ("0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8", "042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d"), 256: ("7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9", "045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"), }, 'ECC(PSA_ECC_FAMILY_SECP_R1)': { - 225: ("872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995", + 224: ("872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995", "046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"), 256: ("49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee", "047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"), diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py index 285d6c638..ebfd55cdb 100644 --- a/scripts/mbedtls_dev/crypto_knowledge.py +++ b/scripts/mbedtls_dev/crypto_knowledge.py @@ -131,8 +131,8 @@ class KeyType: 'PSA_DH_FAMILY_RFC7919': (2048, 3072, 4096, 6144, 8192), } # type: Dict[str, Tuple[int, ...]] ECC_KEY_SIZES = { - 'PSA_ECC_FAMILY_SECP_K1': (192, 224, 256), - 'PSA_ECC_FAMILY_SECP_R1': (225, 256, 384, 521), + 'PSA_ECC_FAMILY_SECP_K1': (192, 225, 256), + 'PSA_ECC_FAMILY_SECP_R1': (224, 256, 384, 521), 'PSA_ECC_FAMILY_SECP_R2': (160,), 'PSA_ECC_FAMILY_SECT_K1': (163, 233, 239, 283, 409, 571), 'PSA_ECC_FAMILY_SECT_R1': (163, 233, 283, 409, 571), From 68b5182dad13f8c4ba0302b9cd4cd0c249e3043b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 3 Jan 2024 20:57:52 +0100 Subject: [PATCH 1231/1674] Add test data for secp192r1 Same generation methodology as 0cbaf056fadf60228b32245aeba893959be31ede: ``` openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:P-192 -text |perl -0777 -pe 's/.*\npriv:([\n 0-9a-f:]*)pub:([\n 0-9a-f:]*).*/"$1","$2"/s or die; y/\n ://d; s/,/,\n /;' ``` Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/asymmetric_key_data.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/mbedtls_dev/asymmetric_key_data.py b/scripts/mbedtls_dev/asymmetric_key_data.py index 29d95d0e1..8ca675878 100644 --- a/scripts/mbedtls_dev/asymmetric_key_data.py +++ b/scripts/mbedtls_dev/asymmetric_key_data.py @@ -47,6 +47,8 @@ ASYMMETRIC_KEY_DATA = construct_asymmetric_key_data({ "045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d"), }, 'ECC(PSA_ECC_FAMILY_SECP_R1)': { + 192: ("d83b57a59c51358d9c8bbb898aff507f44dd14cf16917190", + "04e35fcbee11cec3154f80a1a61df7d7612de4f2fd70c5608d0ee3a4a1a5719471adb33966dd9b035fdb774feeba94b04c"), 224: ("872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995", "046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160"), 256: ("49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee", From 2a22dac6948898ac108b18db9957384540b7e7d0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 3 Jan 2024 20:58:55 +0100 Subject: [PATCH 1232/1674] Fix typo in curve name Signed-off-by: Gilles Peskine --- include/psa/crypto_values.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 5e33f6bd5..a5e885ff5 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -600,7 +600,7 @@ /** SEC random curves over prime fields. * * This family comprises the following curves: - * secp192k1, secp224r1, secp256r1, secp384r1, secp521r1. + * secp192r1, secp224r1, secp256r1, secp384r1, secp521r1. * They are defined in _Standards for Efficient Cryptography_, * _SEC 2: Recommended Elliptic Curve Domain Parameters_. * https://www.secg.org/sec2-v2.pdf From 6e2069661efe1a9dbd746838dd40643ceb25fa09 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 3 Jan 2024 20:59:03 +0100 Subject: [PATCH 1233/1674] Note unusual curve size Signed-off-by: Gilles Peskine --- include/psa/crypto_values.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index a5e885ff5..e69f0c4d6 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -594,6 +594,8 @@ * They are defined in _Standards for Efficient Cryptography_, * _SEC 2: Recommended Elliptic Curve Domain Parameters_. * https://www.secg.org/sec2-v2.pdf + * + * \note For secp224k1, the bit-size is 225 (size of a private value). */ #define PSA_ECC_FAMILY_SECP_K1 ((psa_ecc_family_t) 0x17) From 44d557c52d4380c638058cae34ae12e53dd07440 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 3 Jan 2024 20:59:38 +0100 Subject: [PATCH 1234/1674] Indicate which curves Mbed TLS supports Signed-off-by: Gilles Peskine --- include/psa/crypto_values.h | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index e69f0c4d6..8d30bf0fb 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -596,6 +596,8 @@ * https://www.secg.org/sec2-v2.pdf * * \note For secp224k1, the bit-size is 225 (size of a private value). + * + * \note Mbed TLS only supports secp192k1 and secp256k1. */ #define PSA_ECC_FAMILY_SECP_K1 ((psa_ecc_family_t) 0x17) @@ -608,7 +610,7 @@ * https://www.secg.org/sec2-v2.pdf */ #define PSA_ECC_FAMILY_SECP_R1 ((psa_ecc_family_t) 0x12) -/* SECP160R2 (SEC2 v1, obsolete) */ +/* SECP160R2 (SEC2 v1, obsolete, not supported in Mbed TLS) */ #define PSA_ECC_FAMILY_SECP_R2 ((psa_ecc_family_t) 0x1b) /** SEC Koblitz curves over binary fields. @@ -618,6 +620,8 @@ * They are defined in _Standards for Efficient Cryptography_, * _SEC 2: Recommended Elliptic Curve Domain Parameters_. * https://www.secg.org/sec2-v2.pdf + * + * \note Mbed TLS does not support any curve in this family. */ #define PSA_ECC_FAMILY_SECT_K1 ((psa_ecc_family_t) 0x27) @@ -628,6 +632,8 @@ * They are defined in _Standards for Efficient Cryptography_, * _SEC 2: Recommended Elliptic Curve Domain Parameters_. * https://www.secg.org/sec2-v2.pdf + * + * \note Mbed TLS does not support any curve in this family. */ #define PSA_ECC_FAMILY_SECT_R1 ((psa_ecc_family_t) 0x22) @@ -638,6 +644,8 @@ * It is defined in _Standards for Efficient Cryptography_, * _SEC 2: Recommended Elliptic Curve Domain Parameters_. * https://www.secg.org/sec2-v2.pdf + * + * \note Mbed TLS does not support any curve in this family. */ #define PSA_ECC_FAMILY_SECT_R2 ((psa_ecc_family_t) 0x2b) @@ -647,6 +655,9 @@ * brainpoolP160r1, brainpoolP192r1, brainpoolP224r1, brainpoolP256r1, * brainpoolP320r1, brainpoolP384r1, brainpoolP512r1. * It is defined in RFC 5639. + * + * \note Mbed TLS only supports the 256-bit, 384-bit and 512-bit curves + * in this family. */ #define PSA_ECC_FAMILY_BRAINPOOL_P_R1 ((psa_ecc_family_t) 0x30) @@ -675,6 +686,8 @@ * - 448-bit: Edwards448, the twisted Edwards curve birationally equivalent * to Curve448. * Hamburg, _Ed448-Goldilocks, a new elliptic curve_, NIST ECC Workshop, 2015. + * + * \note Mbed TLS does not support Edwards curves yet. */ #define PSA_ECC_FAMILY_TWISTED_EDWARDS ((psa_ecc_family_t) 0x42) From 2a185c30af0ea800335b179e0af59cbccd88ae0c Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 4 Jan 2024 13:31:36 +0100 Subject: [PATCH 1235/1674] changelog: rename changelog file to reflect the number of the related issue Signed-off-by: Valerio Setti --- ChangeLog.d/{8664.txt => 8340.txt} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename ChangeLog.d/{8664.txt => 8340.txt} (100%) diff --git a/ChangeLog.d/8664.txt b/ChangeLog.d/8340.txt similarity index 100% rename from ChangeLog.d/8664.txt rename to ChangeLog.d/8340.txt From 04cccef256e2f66ead467e46e38c483e5765b2a2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 4 Jan 2024 13:33:12 +0100 Subject: [PATCH 1236/1674] changelog: improve wording Signed-off-by: Valerio Setti --- ChangeLog.d/8340.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/8340.txt b/ChangeLog.d/8340.txt index 03e297c18..78e84f7da 100644 --- a/ChangeLog.d/8340.txt +++ b/ChangeLog.d/8340.txt @@ -1,4 +1,4 @@ Features - * mbedtls_md_psa_alg_from_type() and mbedtls_md_type_from_psa_alg() helper - functions were added to convert from mbedtls_md_type_t to psa_algorithm_t - and viceversa. + * Add functions mbedtls_md_psa_alg_from_type() and + mbedtls_md_type_from_psa_alg() to convert between mbedtls_md_type_t and + psa_algorithm_t and vice versa. From 60f0f727c303e5131672710bf737aa8da8d419bf Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 4 Jan 2024 14:57:31 +0000 Subject: [PATCH 1237/1674] Add config dependencies to record size tests Signed-off-by: Waleed Elmelegy --- tests/ssl-opt.sh | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 0c9a5c5ca..92b3e171c 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4927,8 +4927,9 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit requires_gnutls_tls1_3 requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 1 fragment" \ "$P_SRV debug_level=3 force_version=tls13 response_size=512" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ @@ -4940,8 +4941,9 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit requires_gnutls_tls1_3 requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 2 fragments" \ "$P_SRV debug_level=3 force_version=tls13 response_size=1536" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ @@ -4953,8 +4955,9 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit requires_gnutls_tls1_3 requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 3 fragments" \ "$P_SRV debug_level=3 force_version=tls13 response_size=2560" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ @@ -4966,8 +4969,9 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit requires_gnutls_tls1_3 requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 1 fragment" \ "$P_SRV debug_level=3 force_version=tls13 response_size=2048" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ @@ -4979,8 +4983,9 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit requires_gnutls_tls1_3 requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 2 fragments" \ "$P_SRV debug_level=3 force_version=tls13 response_size=6144" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ @@ -4992,8 +4997,9 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit requires_gnutls_tls1_3 requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 3 fragments" \ "$P_SRV debug_level=3 force_version=tls13 response_size=10240" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ From d7dc7ff91cc5c2638d7ee41b61fa5af25668c25e Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 21 Dec 2023 16:40:43 +0000 Subject: [PATCH 1238/1674] Update psa_key_slot_t Remove the `status` field and replace with the `state` field. Remove the `lock_count` field and replace with the `registered_readers` field. Add documentation which describes how and why these fields are to be used. Signed-off-by: Ryan Everett --- library/psa_crypto_core.h | 50 ++++++++++++++++++++++++++++----------- 1 file changed, 36 insertions(+), 14 deletions(-) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 46c57755e..9ea482da2 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -35,8 +35,10 @@ int psa_can_do_hash(psa_algorithm_t hash_alg); typedef enum { PSA_SLOT_EMPTY = 0, - PSA_SLOT_OCCUPIED, -} psa_key_slot_status_t; + PSA_SLOT_FILLING, + PSA_SLOT_FULL, + PSA_SLOT_PENDING_DELETION, +} psa_key_slot_state_t; /** The data structure representing a key slot, containing key material * and metadata for one key. @@ -44,18 +46,39 @@ typedef enum { typedef struct { psa_core_key_attributes_t attr; - psa_key_slot_status_t status; + /* + * The current state of the key slot, as described in + * docs/architecture/psa-thread-safety/psa-thread-safety.md. + * + * Library functions can modify the state of a key slot by calling + * psa_key_slot_state_transition. + * + * The state variable is used to help determine whether library functions + * which operate on the slot succeed. For example, psa_finish_key_creation, + * which transfers the state of a slot from PSA_SLOT_FILLING to + * PSA_SLOT_FULL, must fail with error code PSA_ERROR_BAD_STATE + * if the state of the slot is not PSA_SLOT_FILLING. + * + * Library functions which traverse the array of key slots only consider + * slots that are in a suitable state for the function. + * For example, psa_get_and_lock_key_slot_in_memory, which finds a slot + * containing a given key ID, will only check slots whose state variable is + * PSA_SLOT_FULL. */ + psa_key_slot_state_t state; /* - * Number of locks on the key slot held by the library. + * Number of functions registered as reading the material in the key slot. * - * This counter is incremented by one each time a library function - * retrieves through one of the dedicated internal API a pointer to the - * key slot. + * Library functions must not write directly to registered_readers + * (unless the slot's state is PSA_SLOT_FILLING and the slot needs to be + * wiped following a failed key creation). * - * This counter is decremented by one each time a library function stops - * accessing the key slot and states it by calling the - * psa_unlock_key_slot() API. + * A function must call psa_register_read(slot) before reading the current + * contents of the slot for an operation. + * They then must call psa_unregister_read(slot) once they have finished + * reading the current contents of the slot. + * A function must call psa_key_slot_has_readers(slot) to check if + * the slot is in use for reading. * * This counter is used to prevent resetting the key slot while the library * may access it. For example, such control is needed in the following @@ -66,10 +89,9 @@ typedef struct { * the library cannot be reclaimed to free a key slot to load the * persistent key. * . In case of a multi-threaded application where one thread asks to close - * or purge or destroy a key while it is in used by the library through - * another thread. - */ - size_t lock_count; + * or purge or destroy a key while it is in use by the library through + * another thread. */ + size_t registered_readers; /* Dynamically allocated key data buffer. * Format as specified in psa_export_key(). */ From aa33c512cc489d18cbb48b6b64aa959046a83dd1 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 21 Dec 2023 17:32:07 +0000 Subject: [PATCH 1239/1674] Update psa_wipe_key_slot Change psa_wipe_key_slot to use the new state system. Signed-off-by: Ryan Everett --- library/psa_crypto.c | 16 +++++++++++----- library/psa_crypto_core.h | 9 ++++++--- 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 10d17b6df..7a76c0bbf 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -981,18 +981,23 @@ psa_status_t psa_remove_key_data_from_memory(psa_key_slot_t *slot) * Persistent storage is not affected. */ psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot) { + if (slot->state != PSA_SLOT_PENDING_DELETION) { + return PSA_ERROR_BAD_STATE; + } + psa_status_t status = psa_remove_key_data_from_memory(slot); /* * As the return error code may not be handled in case of multiple errors, - * do our best to report an unexpected lock counter. Assert with - * MBEDTLS_TEST_HOOK_TEST_ASSERT that the lock counter is equal to one: + * do our best to report an unexpected amount of registered readers. + * Assert with MBEDTLS_TEST_HOOK_TEST_ASSERT that registered_readers is + * equal to one: * if the MBEDTLS_TEST_HOOKS configuration option is enabled and the * function is called as part of the execution of a test suite, the * execution of the test suite is stopped in error if the assertion fails. */ - if (slot->lock_count != 1) { - MBEDTLS_TEST_HOOK_TEST_ASSERT(slot->lock_count == 1); + if (slot->registered_readers != 1) { + MBEDTLS_TEST_HOOK_TEST_ASSERT(slot->registered_readers == 1); status = PSA_ERROR_CORRUPTION_DETECTED; } @@ -1003,7 +1008,8 @@ psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot) * key material can linger until all operations are completed. */ /* At this point, key material and other type-specific content has * been wiped. Clear remaining metadata. We can call memset and not - * zeroize because the metadata is not particularly sensitive. */ + * zeroize because the metadata is not particularly sensitive. + * This memset also sets the slot's state to PSA_SLOT_EMPTY. */ memset(slot, 0, sizeof(*slot)); return status; } diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 9ea482da2..5c1edafe7 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -200,13 +200,16 @@ static inline psa_key_slot_number_t psa_key_slot_get_slot_number( /** Completely wipe a slot in memory, including its policy. * * Persistent storage is not affected. + * Sets the slot's state to PSA_SLOT_EMPTY. * * \param[in,out] slot The key slot to wipe. * * \retval #PSA_SUCCESS - * Success. This includes the case of a key slot that was - * already fully wiped. - * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription + * The slot has been successfully wiped. + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * The amount of registered readers was not equal to 1. + * \retval #PSA_ERROR_BAD_STATE + * The slot's state was not PSA_SLOT_PENDING_DELETION. */ psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot); From 62aa79ac5c4dd4623af9a04a0caa96bcb6c23580 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Tue, 2 Jan 2024 16:21:03 +0000 Subject: [PATCH 1240/1674] Implement psa_key_slot_has_readers and remove psa_is_key_slot_occupied Remove psa_is_key_slot_occupied, any function which calls this can just check the state variable instead. Replace psa_is_key_slot_locked with psa_key_slot_has_readers. References to the now removed functions are changed in future commits. Signed-off-by: Ryan Everett --- library/psa_crypto_core.h | 24 ++++-------------------- 1 file changed, 4 insertions(+), 20 deletions(-) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 5c1edafe7..3b5c63497 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -106,31 +106,15 @@ typedef struct { #define PSA_KA_MASK_INTERNAL_ONLY ( \ 0) -/** Test whether a key slot is occupied. - * - * A key slot is occupied iff the key type is nonzero. This works because - * no valid key can have 0 as its key type. +/** Test whether a key slot has any registered readers. * * \param[in] slot The key slot to test. * - * \return 1 if the slot is occupied, 0 otherwise. + * \return 1 if the slot has any registered readers, 0 otherwise. */ -static inline int psa_is_key_slot_occupied(const psa_key_slot_t *slot) +static inline int psa_key_slot_has_readers(const psa_key_slot_t *slot) { - return slot->status == PSA_SLOT_OCCUPIED; -} - -/** Test whether a key slot is locked. - * - * A key slot is locked iff its lock counter is strictly greater than 0. - * - * \param[in] slot The key slot to test. - * - * \return 1 if the slot is locked, 0 otherwise. - */ -static inline int psa_is_key_slot_locked(const psa_key_slot_t *slot) -{ - return slot->lock_count > 0; + return slot->registered_readers > 0; } /** Retrieve flags from psa_key_slot_t::attr::core::flags. From 39cc9d755e20827cb7ebc3cde53065def94e2ef6 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 21 Dec 2023 17:57:14 +0000 Subject: [PATCH 1241/1674] Implement psa_register_read and psa_unregister_read Replaces psa_lock_key_slot and psa_unlock_key_slot. Future commits will remove the calls to locking/unlocking functions, and add calls to registering/unregistering functions. Signed-off-by: Ryan Everett --- library/psa_crypto_slot_management.c | 25 ++++++++++++----- library/psa_crypto_slot_management.h | 40 +++++++++++++++++----------- 2 files changed, 43 insertions(+), 22 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 5ecc3a76c..32881e5e9 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -394,26 +394,37 @@ psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key, #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ } -psa_status_t psa_unlock_key_slot(psa_key_slot_t *slot) +psa_status_t psa_unregister_read(psa_key_slot_t *slot) { if (slot == NULL) { return PSA_SUCCESS; } + if ((slot->state != PSA_SLOT_FULL) && + (slot->state != PSA_SLOT_PENDING_DELETION)) { + return PSA_ERROR_BAD_STATE; + } - if (slot->lock_count > 0) { - slot->lock_count--; + /* If we are the last reader and the slot is marked for deletion, + * we must wipe the slot here. */ + if ((slot->state == PSA_SLOT_PENDING_DELETION) && + (slot->registered_readers == 1)) { + return psa_wipe_key_slot(slot); + } + + if (psa_key_slot_has_readers(slot)) { + slot->registered_readers--; return PSA_SUCCESS; } /* * As the return error code may not be handled in case of multiple errors, - * do our best to report if the lock counter is equal to zero. Assert with - * MBEDTLS_TEST_HOOK_TEST_ASSERT that the lock counter is strictly greater - * than zero: if the MBEDTLS_TEST_HOOKS configuration option is enabled and + * do our best to report if there are no registered readers. Assert with + * MBEDTLS_TEST_HOOK_TEST_ASSERT that there are registered readers: + * if the MBEDTLS_TEST_HOOKS configuration option is enabled and * the function is called as part of the execution of a test suite, the * execution of the test suite is stopped in error if the assertion fails. */ - MBEDTLS_TEST_HOOK_TEST_ASSERT(slot->lock_count > 0); + MBEDTLS_TEST_HOOK_TEST_ASSERT(psa_key_slot_has_readers(slot)); return PSA_ERROR_CORRUPTION_DETECTED; } diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 6041a3528..c38876d3d 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -113,32 +113,39 @@ void psa_wipe_all_key_slots(void); psa_status_t psa_get_empty_key_slot(psa_key_id_t *volatile_key_id, psa_key_slot_t **p_slot); -/** Lock a key slot. +/** Register as a reader of a key slot. * - * This function increments the key slot lock counter by one. + * This function increments the key slot registered reader counter by one. * * \param[in] slot The key slot. * * \retval #PSA_SUCCESS - The key slot lock counter was incremented. + The key slot registered reader counter was incremented. * \retval #PSA_ERROR_CORRUPTION_DETECTED - * The lock counter already reached its maximum value and was not + * The reader counter already reached its maximum value and was not * increased. + * \retval #PSA_ERROR_BAD_STATE + * The slot's state was not PSA_SLOT_FULL. */ -static inline psa_status_t psa_lock_key_slot(psa_key_slot_t *slot) +static inline psa_status_t psa_register_read(psa_key_slot_t *slot) { - if (slot->lock_count >= SIZE_MAX) { + if (slot->state != PSA_SLOT_FULL) { + return PSA_ERROR_BAD_STATE; + } + if (slot->registered_readers >= SIZE_MAX) { return PSA_ERROR_CORRUPTION_DETECTED; } - - slot->lock_count++; + slot->registered_readers++; return PSA_SUCCESS; } -/** Unlock a key slot. +/** Unregister from reading a key slot. * - * This function decrements the key slot lock counter by one. + * This function decrements the key slot registered reader counter by one. + * If the state of the slot is PSA_SLOT_PENDING_DELETION, + * and there is only one registered reader (the caller), + * this function will call psa_wipe_slot(). * * \note To ease the handling of errors in retrieving a key slot * a NULL input pointer is valid, and the function returns @@ -146,13 +153,16 @@ static inline psa_status_t psa_lock_key_slot(psa_key_slot_t *slot) * * \param[in] slot The key slot. * \retval #PSA_SUCCESS - * \p slot is NULL or the key slot lock counter has been - * decremented successfully. + * \p slot is NULL or the key slot reader counter has been + * decremented (and potentially wiped) successfully. * \retval #PSA_ERROR_CORRUPTION_DETECTED - * The lock counter was equal to 0. - * + * registered_readers was equal to 0. + * \retval #PSA_ERROR_BAD_STATE + * The slot's state was neither PSA_SLOT_FULL nor + * PSA_SLOT_PENDING_DELETION, or a wipe was attempted and + * the slot's state was not PSA_SLOT_PENDING_DELETION. */ -psa_status_t psa_unlock_key_slot(psa_key_slot_t *slot); +psa_status_t psa_unregister_read(psa_key_slot_t *slot); /** Test whether a lifetime designates a key in an external cryptoprocessor. * From 4a78277cb2684ca0e9615ba390ecee87d27dde06 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 4 Jan 2024 10:53:26 +0000 Subject: [PATCH 1242/1674] Implement psa_key_slot_state_transition This inline function is used in every case we want to change the state of a slot, except for where we do not care about what the state of the slot was before. Signed-off-by: Ryan Everett --- library/psa_crypto_slot_management.h | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index c38876d3d..f0bbed98f 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -112,6 +112,31 @@ void psa_wipe_all_key_slots(void); */ psa_status_t psa_get_empty_key_slot(psa_key_id_t *volatile_key_id, psa_key_slot_t **p_slot); +/** Change the state of a key slot. + * + * This function changes the state of the key slot from expected_state to + * new state. If the state of the slot was not expected_state, the state is + * unchanged. + * + * \param[in] slot The key slot. + * \param[in] expected_state The current state of the slot. + * \param[in] new_state The new state of the slot. + * + * \retval #PSA_SUCCESS + The key slot's state variable is new_state. + * \retval #PSA_ERROR_BAD_STATE + * The slot's state was not expected_state. + */ +static inline psa_status_t psa_key_slot_state_transition( + psa_key_slot_t *slot, psa_key_slot_state_t expected_state, + psa_key_slot_state_t new_state) +{ + if (slot->state != expected_state) { + return PSA_ERROR_BAD_STATE; + } + slot->state = new_state; + return PSA_SUCCESS; +} /** Register as a reader of a key slot. * From 2afb5160110f54a5d89e968723b3dbb940de42b7 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Fri, 22 Dec 2023 15:59:45 +0000 Subject: [PATCH 1243/1674] Update and rename psa_get_empty_key_slot Rename to psa_reserve_free_key_slot, as this function reserves a slot which is free (not always empty) for filling. Implement necessary state transitions and state checks. Rename unlocked_persistent_key_slot to unused_persistent_key_slot. Signed-off-by: Ryan Everett --- library/psa_crypto_slot_management.c | 39 +++++++++++++++++----------- library/psa_crypto_slot_management.h | 24 ++++++++++------- 2 files changed, 39 insertions(+), 24 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 32881e5e9..0f480fb09 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -147,30 +147,31 @@ void psa_wipe_all_key_slots(void) global_data.key_slots_initialized = 0; } -psa_status_t psa_get_empty_key_slot(psa_key_id_t *volatile_key_id, - psa_key_slot_t **p_slot) +psa_status_t psa_reserve_free_key_slot(psa_key_id_t *volatile_key_id, + psa_key_slot_t **p_slot) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; size_t slot_idx; - psa_key_slot_t *selected_slot, *unlocked_persistent_key_slot; + psa_key_slot_t *selected_slot, *unused_persistent_key_slot; if (!global_data.key_slots_initialized) { status = PSA_ERROR_BAD_STATE; goto error; } - selected_slot = unlocked_persistent_key_slot = NULL; + selected_slot = unused_persistent_key_slot = NULL; for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) { psa_key_slot_t *slot = &global_data.key_slots[slot_idx]; - if (!psa_is_key_slot_occupied(slot)) { + if (slot->state == PSA_SLOT_EMPTY) { selected_slot = slot; break; } - if ((unlocked_persistent_key_slot == NULL) && - (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) && - (!psa_is_key_slot_locked(slot))) { - unlocked_persistent_key_slot = slot; + if ((unused_persistent_key_slot == NULL) && + (slot->state == PSA_SLOT_FULL) && + (!psa_key_slot_has_readers(slot)) && + (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime))) { + unused_persistent_key_slot = slot; } } @@ -182,16 +183,24 @@ psa_status_t psa_get_empty_key_slot(psa_key_id_t *volatile_key_id, * storage. */ if ((selected_slot == NULL) && - (unlocked_persistent_key_slot != NULL)) { - selected_slot = unlocked_persistent_key_slot; - selected_slot->lock_count = 1; - psa_wipe_key_slot(selected_slot); + (unused_persistent_key_slot != NULL)) { + selected_slot = unused_persistent_key_slot; + psa_register_read(selected_slot); + /* If the state is not changed then psa_wipe_key_slot + * will report an error. */ + psa_key_slot_state_transition(selected_slot, PSA_SLOT_FULL, + PSA_SLOT_PENDING_DELETION); + status = psa_wipe_key_slot(selected_slot); + if (status != PSA_SUCCESS) { + goto error; + } } if (selected_slot != NULL) { - status = psa_lock_key_slot(selected_slot); + status = psa_key_slot_state_transition(selected_slot, PSA_SLOT_EMPTY, + PSA_SLOT_FILLING); if (status != PSA_SUCCESS) { - goto error; + return status; } *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index f0bbed98f..b2cf57011 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -95,23 +95,29 @@ psa_status_t psa_initialize_key_slots(void); * This does not affect persistent storage. */ void psa_wipe_all_key_slots(void); -/** Find a free key slot. +/** Find a free key slot and reserve it to be filled with a key. * - * This function returns a key slot that is available for use and is in its - * ground state (all-bits-zero). On success, the key slot is locked. It is - * the responsibility of the caller to unlock the key slot when it does not - * access it anymore. + * This function finds a key slot that is free, + * sets its state to PSA_SLOT_FILLING and then returns the slot. + * + * On success, the key slot's state is PSA_SLOT_FILLING. + * It is the responsibility of the caller to change the slot's state to + * PSA_SLOT_EMPTY/FULL once key creation has finished. * * \param[out] volatile_key_id On success, volatile key identifier * associated to the returned slot. * \param[out] p_slot On success, a pointer to the slot. * * \retval #PSA_SUCCESS \emptydescription - * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription - * \retval #PSA_ERROR_BAD_STATE \emptydescription + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * There were no free key slots. + * \retval #PSA_ERROR_BAD_STATE + * This function attempted to operate on a key slot which was in an + * unexpected state. */ -psa_status_t psa_get_empty_key_slot(psa_key_id_t *volatile_key_id, - psa_key_slot_t **p_slot); +psa_status_t psa_reserve_free_key_slot(psa_key_id_t *volatile_key_id, + psa_key_slot_t **p_slot); + /** Change the state of a key slot. * * This function changes the state of the key slot from expected_state to From b69118ebd0b7aa63d5b7c9b2c17f295aa4c854f8 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Tue, 2 Jan 2024 15:54:32 +0000 Subject: [PATCH 1244/1674] Update key creation functions to use the new key slot states Update psa_start_key_creation, psa_finish_key_creation and psa_fail_key_creation. Signed-off-by: Ryan Everett --- library/psa_crypto.c | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 7a76c0bbf..3c5bbbdf6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1576,8 +1576,9 @@ static psa_status_t psa_validate_key_attributes( * In case of failure at any step, stop the sequence and call * psa_fail_key_creation(). * - * On success, the key slot is locked. It is the responsibility of the caller - * to unlock the key slot when it does not access it anymore. + * On success, the key slot's state is PSA_SLOT_FILLING. + * It is the responsibility of the caller to change the slot's state to + * PSA_SLOT_EMPTY/FULL once key creation has finished. * * \param method An identification of the calling function. * \param[in] attributes Key attributes for the new key. @@ -1608,7 +1609,7 @@ static psa_status_t psa_start_key_creation( return status; } - status = psa_get_empty_key_slot(&volatile_key_id, p_slot); + status = psa_reserve_free_key_slot(&volatile_key_id, p_slot); if (status != PSA_SUCCESS) { return status; } @@ -1634,7 +1635,7 @@ static psa_status_t psa_start_key_creation( /* Erase external-only flags from the internal copy. To access * external-only flags, query `attributes`. Thanks to the check * in psa_validate_key_attributes(), this leaves the dual-use - * flags and any internal flag that psa_get_empty_key_slot() + * flags and any internal flag that psa_reserve_free_key_slot() * may have set. */ slot->attr.flags &= ~MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY; @@ -1686,8 +1687,6 @@ static psa_status_t psa_start_key_creation( } #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - slot->status = PSA_SLOT_OCCUPIED; - return PSA_SUCCESS; } @@ -1699,9 +1698,9 @@ static psa_status_t psa_start_key_creation( * See the documentation of psa_start_key_creation() for the intended use * of this function. * - * If the finalization succeeds, the function unlocks the key slot (it was - * locked by psa_start_key_creation()) and the key slot cannot be accessed - * anymore as part of the key creation process. + * If the finalization succeeds, the function sets the key slot's state to + * PSA_SLOT_FULL, and the key slot can no longer be accessed as part of the + * key creation process. * * \param[in,out] slot Pointer to the slot with key material. * \param[in] driver The secure element driver for the key, @@ -1717,6 +1716,7 @@ static psa_status_t psa_start_key_creation( * \retval #PSA_ERROR_DATA_INVALID \emptydescription * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription + * \retval #PSA_ERROR_BAD_STATE \emptydescription * * \return If this function fails, the key slot is an invalid state. * You must call psa_fail_key_creation() to wipe and free the slot. @@ -1777,7 +1777,8 @@ static psa_status_t psa_finish_key_creation( if (status == PSA_SUCCESS) { *key = slot->attr.id; - status = psa_unlock_key_slot(slot); + status = psa_key_slot_state_transition(slot, PSA_SLOT_FILLING, + PSA_SLOT_FULL); if (status != PSA_SUCCESS) { *key = MBEDTLS_SVC_KEY_ID_INIT; } @@ -1792,7 +1793,7 @@ static psa_status_t psa_finish_key_creation( * or after psa_finish_key_creation() fails. In other circumstances, this * function may not clean up persistent storage. * See the documentation of psa_start_key_creation() for the intended use - * of this function. + * of this function. Sets the slot's state to PSA_SLOT_EMPTY. * * \param[in,out] slot Pointer to the slot with key material. * \param[in] driver The secure element driver for the key, @@ -1824,6 +1825,11 @@ static void psa_fail_key_creation(psa_key_slot_t *slot, (void) psa_crypto_stop_transaction(); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + /* Prepare the key slot to be wiped, and then wipe it. */ + slot->registered_readers = 1; + psa_key_slot_state_transition(slot, PSA_SLOT_FILLING, + PSA_SLOT_PENDING_DELETION); + psa_wipe_key_slot(slot); } From 098c6659ada1a89194caddcf8bc7334a463f502b Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 3 Jan 2024 13:03:36 +0000 Subject: [PATCH 1245/1674] Update psa_get_and_lock_key_slot_X functions Signed-off-by: Ryan Everett --- library/psa_crypto.c | 14 ++++++++------ library/psa_crypto_slot_management.c | 19 ++++++++++++++++--- library/psa_crypto_slot_management.h | 9 ++++++--- 3 files changed, 30 insertions(+), 12 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3c5bbbdf6..a27fd42c4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -881,8 +881,9 @@ static psa_status_t psa_restrict_key_policy( * In case of a persistent key, the function loads the description of the key * into a key slot if not already done. * - * On success, the returned key slot is locked. It is the responsibility of - * the caller to unlock the key slot when it does not access it anymore. + * On success, the returned key slot has been registered for reading. + * It is the responsibility of the caller to call psa_unregister_read(slot) + * when they have finished reading the contents of the slot. */ static psa_status_t psa_get_and_lock_key_slot_with_policy( mbedtls_svc_key_id_t key, @@ -926,7 +927,7 @@ static psa_status_t psa_get_and_lock_key_slot_with_policy( error: *p_slot = NULL; - psa_unlock_key_slot(slot); + psa_unregister_read(slot); return status; } @@ -941,8 +942,9 @@ error: * psa_get_and_lock_key_slot_with_policy() when there is no opaque key support * for a cryptographic operation. * - * On success, the returned key slot is locked. It is the responsibility of the - * caller to unlock the key slot when it does not access it anymore. + * On success, the returned key slot has been registered for reading. + * It is the responsibility of the caller to call psa_unregister_read(slot) + * when they have finished reading the contents of the slot. */ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy( mbedtls_svc_key_id_t key, @@ -957,7 +959,7 @@ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy( } if (psa_key_lifetime_is_external((*p_slot)->attr.lifetime)) { - psa_unlock_key_slot(*p_slot); + psa_unregister_read(*p_slot); *p_slot = NULL; return PSA_ERROR_NOT_SUPPORTED; } diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 0f480fb09..4846e33ea 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -108,7 +108,9 @@ static psa_status_t psa_get_and_lock_key_slot_in_memory( for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) { slot = &global_data.key_slots[slot_idx]; - if (mbedtls_svc_key_id_equal(key, slot->attr.id)) { + /* Only consider slots which are in a full state. */ + if ((slot->state == PSA_SLOT_FULL) && + (mbedtls_svc_key_id_equal(key, slot->attr.id))) { break; } } @@ -117,7 +119,7 @@ static psa_status_t psa_get_and_lock_key_slot_in_memory( } if (status == PSA_SUCCESS) { - status = psa_lock_key_slot(slot); + status = psa_register_read(slot); if (status == PSA_SUCCESS) { *p_slot = slot; } @@ -367,7 +369,7 @@ psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key, defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) psa_key_id_t volatile_key_id; - status = psa_get_empty_key_slot(&volatile_key_id, p_slot); + status = psa_reserve_free_key_slot(&volatile_key_id, p_slot); if (status != PSA_SUCCESS) { return status; } @@ -388,13 +390,24 @@ psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key, #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ if (status != PSA_SUCCESS) { + /* Prepare the key slot to be wiped, and then wipe it. + * Don't overwrite status as a BAD_STATE error here + * can be reported in the psa_wipe_key_slot call. */ + (*p_slot)->registered_readers = 1; + psa_key_slot_state_transition((*p_slot), PSA_SLOT_FILLING, + PSA_SLOT_PENDING_DELETION); psa_wipe_key_slot(*p_slot); + if (status == PSA_ERROR_DOES_NOT_EXIST) { status = PSA_ERROR_INVALID_HANDLE; } } else { /* Add implicit usage flags. */ psa_extend_key_usage_flags(&(*p_slot)->attr.policy.usage); + + psa_key_slot_state_transition((*p_slot), PSA_SLOT_FILLING, + PSA_SLOT_FULL); + status = psa_register_read(*p_slot); } return status; diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index b2cf57011..5858b1851 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -54,8 +54,9 @@ static inline int psa_key_id_is_volatile(psa_key_id_t key_id) * In case of a persistent key, the function loads the description of the key * into a key slot if not already done. * - * On success, the returned key slot is locked. It is the responsibility of - * the caller to unlock the key slot when it does not access it anymore. + * On success, the returned key slot has been registered for reading. + * It is the responsibility of the caller to call psa_unregister_read(slot) + * when they have finished reading the contents of the slot. * * \param key Key identifier to query. * \param[out] p_slot On success, `*p_slot` contains a pointer to the @@ -67,7 +68,9 @@ static inline int psa_key_id_is_volatile(psa_key_id_t key_id) * description of the key identified by \p key. * The key slot counter has been incremented. * \retval #PSA_ERROR_BAD_STATE - * The library has not been initialized. + * The library has not been initialized. Or, + * this call was operating on a key slot and found the slot in + * an invalid state for the operation. * \retval #PSA_ERROR_INVALID_HANDLE * \p key is not a valid key identifier. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY From c70ce576bd8856a8efa99d4353700bd3130d000b Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 3 Jan 2024 16:04:33 +0000 Subject: [PATCH 1246/1674] Update psa_destroy_key, psa_purge_key and psa_close_key This does not yet implement destruction while a key is in use for psa_destroy_key; that will be implemented in a separate pr. (I am not sure if I am allowed to change the documentation in the include files.) Signed-off-by: Ryan Everett --- include/psa/crypto.h | 8 ++++++-- include/psa/crypto_compat.h | 4 +++- library/psa_crypto.c | 8 +++++--- library/psa_crypto_slot_management.c | 19 +++++++++++-------- 4 files changed, 25 insertions(+), 14 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fe10ee0e4..fd1928a65 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -415,7 +415,9 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize - * results in this error code. + * results in this error code. Or, + * this call was operating on a key slot and found the slot in + * an invalid state for the operation. */ psa_status_t psa_purge_key(mbedtls_svc_key_id_t key); @@ -555,7 +557,9 @@ psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key, * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize - * results in this error code. + * results in this error code. Or, + * this call was operating on a key slot and found the slot in + * an invalid state for the operation. */ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key); diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index f896fae1c..bfc00164b 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -142,7 +142,9 @@ psa_status_t psa_open_key(mbedtls_svc_key_id_t key, * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize - * results in this error code. + * results in this error code. Or, + * this call was operating on a key slot and found the slot in + * an invalid state for the operation. */ psa_status_t psa_close_key(psa_key_handle_t handle); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a27fd42c4..3e49d0a75 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1048,11 +1048,13 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key) * implemented), the key should be destroyed when all accesses have * stopped. */ - if (slot->lock_count > 1) { - psa_unlock_key_slot(slot); + if (slot->registered_readers > 1) { + psa_unregister_read(slot); return PSA_ERROR_GENERIC_ERROR; } + slot->state = PSA_SLOT_PENDING_DELETION; + if (PSA_KEY_LIFETIME_IS_READ_ONLY(slot->attr.lifetime)) { /* Refuse the destruction of a read-only key (which may or may not work * if we attempt it, depending on whether the key is merely read-only @@ -1126,7 +1128,7 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key) exit: status = psa_wipe_key_slot(slot); - /* Prioritize CORRUPTION_DETECTED from wiping over a storage error */ + /* Prioritize an error from wiping over a storage error */ if (status != PSA_SUCCESS) { overall_status = status; } diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 4846e33ea..a21388a0b 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -539,11 +539,14 @@ psa_status_t psa_close_key(psa_key_handle_t handle) return status; } - if (slot->lock_count <= 1) { - return psa_wipe_key_slot(slot); - } else { - return psa_unlock_key_slot(slot); + if (slot->registered_readers == 1) { + status = psa_key_slot_state_transition(slot, PSA_SLOT_FULL, + PSA_SLOT_PENDING_DELETION); + if (status != PSA_SUCCESS) { + return status; + } } + return psa_unregister_read(slot); } psa_status_t psa_purge_key(mbedtls_svc_key_id_t key) @@ -557,11 +560,11 @@ psa_status_t psa_purge_key(mbedtls_svc_key_id_t key) } if ((!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) && - (slot->lock_count <= 1)) { - return psa_wipe_key_slot(slot); - } else { - return psa_unlock_key_slot(slot); + (slot->registered_readers == 1)) { + psa_key_slot_state_transition(slot, PSA_SLOT_FULL, + PSA_SLOT_PENDING_DELETION); } + return psa_unregister_read(slot); } void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats) From eb27dc0f3a95e0c75b45a3366e862324b90bc742 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 3 Jan 2024 16:19:12 +0000 Subject: [PATCH 1247/1674] Update psa_load_X_key_into_slot These functions (on success) take a slot from PSA_SLOT_FILLING to PSA_SLOT_FULL. Signed-off-by: Ryan Everett --- library/psa_crypto_slot_management.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index a21388a0b..3d997a50c 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -250,7 +250,8 @@ static psa_status_t psa_load_persistent_key_into_slot(psa_key_slot_t *slot) slot, data->slot_number, sizeof(data->slot_number)); if (status == PSA_SUCCESS) { - slot->status = PSA_SLOT_OCCUPIED; + status = psa_key_slot_state_transition(slot, PSA_SLOT_FILLING, + PSA_SLOT_FULL); } goto exit; } @@ -261,7 +262,8 @@ static psa_status_t psa_load_persistent_key_into_slot(psa_key_slot_t *slot) goto exit; } - slot->status = PSA_SLOT_OCCUPIED; + status = psa_key_slot_state_transition(slot, PSA_SLOT_FILLING, + PSA_SLOT_FULL); exit: psa_free_persistent_key_data(key_data, key_data_length); @@ -335,8 +337,9 @@ static psa_status_t psa_load_builtin_key_into_slot(psa_key_slot_t *slot) /* Copy actual key length and core attributes into the slot on success */ slot->key.bytes = key_buffer_length; slot->attr = attributes.core; - slot->status = PSA_SLOT_OCCUPIED; + status = psa_key_slot_state_transition(slot, PSA_SLOT_FILLING, + PSA_SLOT_FULL); exit: if (status != PSA_SUCCESS) { psa_remove_key_data_from_memory(slot); From 1b70a07eca5bd44bef32203c59ecf5f033246f64 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 4 Jan 2024 10:32:49 +0000 Subject: [PATCH 1248/1674] Replace psa_unlock_key_slot calls in operations which act on FULL slots Replaces calls to psa_unlock_key_slot with calls to psa_unregister_read. All instances follow a pattern of a call to psa_get_and_lock_key_slot_X, followed by some code which reads from a slot, followed by a call to psa_unregister_read. Signed-off-by: Ryan Everett --- library/psa_crypto.c | 44 ++++++++++++++-------------- library/psa_crypto_slot_management.c | 2 +- 2 files changed, 23 insertions(+), 23 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3e49d0a75..da5e5be77 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1253,7 +1253,7 @@ psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key, psa_reset_key_attributes(attributes); } - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -1349,7 +1349,7 @@ psa_status_t psa_export_key(mbedtls_svc_key_id_t key, slot->key.data, slot->key.bytes, data, data_size, data_length); - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -1463,7 +1463,7 @@ psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key, data, data_size, data_length); exit: - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -2141,7 +2141,7 @@ exit: psa_fail_key_creation(target_slot, driver); } - unlock_status = psa_unlock_key_slot(source_slot); + unlock_status = psa_unregister_read(source_slot); return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -2462,7 +2462,7 @@ exit: psa_mac_abort(operation); } - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -2648,7 +2648,7 @@ exit: psa_wipe_tag_output_buffer(mac, status, mac_size, *mac_length); - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -2792,7 +2792,7 @@ exit: psa_wipe_tag_output_buffer(signature, status, signature_size, *signature_length); - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -2840,7 +2840,7 @@ static psa_status_t psa_verify_internal(mbedtls_svc_key_id_t key, signature, signature_length); } - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); return (status == PSA_SUCCESS) ? unlock_status : status; @@ -3107,7 +3107,7 @@ psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key, alg, input, input_length, salt, salt_length, output, output_size, output_length); exit: - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -3159,7 +3159,7 @@ psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key, output, output_size, output_length); exit: - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -3268,7 +3268,7 @@ exit: psa_sign_hash_abort_internal(operation); } - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); if (unlock_status != PSA_SUCCESS) { operation->error_occurred = 1; @@ -3413,7 +3413,7 @@ psa_status_t psa_verify_hash_start( psa_verify_hash_abort_internal(operation); } - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); if (unlock_status != PSA_SUCCESS) { operation->error_occurred = 1; @@ -3985,7 +3985,7 @@ exit: psa_cipher_abort(operation); } - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -4230,7 +4230,7 @@ psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key, output_size - default_iv_length, output_length); exit: - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); if (status == PSA_SUCCESS) { status = unlock_status; } @@ -4291,7 +4291,7 @@ psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key, output, output_size, output_length); exit: - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); if (status == PSA_SUCCESS) { status = unlock_status; } @@ -4417,7 +4417,7 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key, } exit: - psa_unlock_key_slot(slot); + psa_unregister_read(slot); return status; } @@ -4472,7 +4472,7 @@ psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key, } exit: - psa_unlock_key_slot(slot); + psa_unregister_read(slot); return status; } @@ -4584,7 +4584,7 @@ static psa_status_t psa_aead_setup(psa_aead_operation_t *operation, operation->key_type = psa_get_key_type(&attributes); exit: - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); if (status == PSA_SUCCESS) { status = unlock_status; @@ -6907,7 +6907,7 @@ psa_status_t psa_key_derivation_input_key( slot->key.data, slot->key.bytes); - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -7064,7 +7064,7 @@ psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *op } } - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -7125,7 +7125,7 @@ exit: *output_length = output_size; } - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); return (status == PSA_SUCCESS) ? unlock_status : status; } @@ -7799,7 +7799,7 @@ exit: if (status != PSA_SUCCESS) { psa_pake_abort(operation); } - unlock_status = psa_unlock_key_slot(slot); + unlock_status = psa_unregister_read(slot); return (status == PSA_SUCCESS) ? unlock_status : status; } diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 3d997a50c..3c16de334 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -516,7 +516,7 @@ psa_status_t psa_open_key(mbedtls_svc_key_id_t key, psa_key_handle_t *handle) *handle = key; - return psa_unlock_key_slot(slot); + return psa_unregister_read(slot); #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C || MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ (void) key; From 6cd2b8db960e30cdd858a695b8618731c3225cc0 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 4 Jan 2024 12:10:18 +0000 Subject: [PATCH 1249/1674] Update psa_wipe_all_key_slots This will still wipe the slot regardless of state/readers. Signed-off-by: Ryan Everett --- library/psa_crypto_slot_management.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 3c16de334..a8be912b7 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -143,7 +143,8 @@ void psa_wipe_all_key_slots(void) for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) { psa_key_slot_t *slot = &global_data.key_slots[slot_idx]; - slot->lock_count = 1; + slot->registered_readers = 1; + slot->state = PSA_SLOT_PENDING_DELETION; (void) psa_wipe_key_slot(slot); } global_data.key_slots_initialized = 0; From 6a9c14b918da52d614fcff92df382b03aa366ff9 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 4 Jan 2024 12:13:45 +0000 Subject: [PATCH 1250/1674] Update mbedtls_psa_get_stats Uses readers to report "locked_slots", and slot state empty to report "empty_slots". Signed-off-by: Ryan Everett --- library/psa_crypto_slot_management.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index a8be912b7..ef76dcb89 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -579,10 +579,10 @@ void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats) for (slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++) { const psa_key_slot_t *slot = &global_data.key_slots[slot_idx]; - if (psa_is_key_slot_locked(slot)) { + if (psa_key_slot_has_readers(slot)) { ++stats->locked_slots; } - if (!psa_is_key_slot_occupied(slot)) { + if (slot->state == PSA_SLOT_EMPTY) { ++stats->empty_slots; continue; } From 3742f7c4b46d85369e8691efbf0f291a6f0d9830 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 5 Jan 2024 10:37:58 +0100 Subject: [PATCH 1251/1674] changelog: improve wording Signed-off-by: Valerio Setti --- ChangeLog.d/8340.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/8340.txt b/ChangeLog.d/8340.txt index 78e84f7da..5664bf170 100644 --- a/ChangeLog.d/8340.txt +++ b/ChangeLog.d/8340.txt @@ -1,4 +1,4 @@ Features * Add functions mbedtls_md_psa_alg_from_type() and mbedtls_md_type_from_psa_alg() to convert between mbedtls_md_type_t and - psa_algorithm_t and vice versa. + psa_algorithm_t. From e2d3db5cfc977cd6a88e9e3d1bbfaf6f9dcb663c Mon Sep 17 00:00:00 2001 From: Waleed-Ziad Maamoun-Elmelegy <122474370+waleed-elmelegy-arm@users.noreply.github.com> Date: Fri, 5 Jan 2024 14:19:16 +0000 Subject: [PATCH 1252/1674] Update mbedtls_ssl_get_output_record_size_limit signature Co-authored-by: Ronald Cron Signed-off-by: Waleed-Ziad Maamoun-Elmelegy <122474370+waleed-elmelegy-arm@users.noreply.github.com> --- library/ssl_misc.h | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index fabb48bd8..c8de03609 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -441,18 +441,13 @@ size_t mbedtls_ssl_get_input_max_frag_len(const mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) /** - * \brief Return the RecordSizeLimit (in bytes) for - * the output buffer. This is less than the value requested by the - * peer (see RFC 8449), since it subtracts the space required for the - * content type and padding of the TLSInnerPlaintext struct (RFC 8446). - * Returns MBEDTLS_SSL_OUT_CONTENT_LEN if no limit was requested by the peer. - * - * \sa mbedtls_ssl_get_max_out_record_payload() - * ssl_compute_internal_record_size_limit() + * \brief Get the size limit in bytes for the protected outgoing records + * as defined in RFC 8449 * * \param ssl SSL context * - * \return Current record size limit for the output buffer. + * \return The size limit in bytes for the protected outgoing + * records as defined in RFC 8449. */ size_t mbedtls_ssl_get_output_record_size_limit(const mbedtls_ssl_context *ssl); #endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ From 98f5db9fca7fa9dc3a30c3264b720e41589d713d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 5 Jan 2024 18:17:38 +0100 Subject: [PATCH 1253/1674] psa_util: fix typo in comment Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index e8fb3de61..7fcc9d2b0 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -155,7 +155,7 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, * \param md_type The type of digest to search for. * * \return The PSA algorithm identifier associated with \p md_type; - * #PSA_ALG_NONE if the algorithm is unuspported or invalid. + * #PSA_ALG_NONE if the algorithm is unsupported or invalid. */ psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type); From 729cf89704c1d86d9798534da2c16baf50b3936d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 8 Jan 2024 10:38:51 +0100 Subject: [PATCH 1254/1674] Consolidate ChangeLog entries about CIPHER_C MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/8060.txt | 4 ---- ChangeLog.d/8357.txt | 8 -------- ChangeLog.d/8358.txt | 2 -- ChangeLog.d/no-cipher.txt | 9 +++++++++ 4 files changed, 9 insertions(+), 14 deletions(-) delete mode 100644 ChangeLog.d/8060.txt delete mode 100644 ChangeLog.d/8357.txt create mode 100644 ChangeLog.d/no-cipher.txt diff --git a/ChangeLog.d/8060.txt b/ChangeLog.d/8060.txt deleted file mode 100644 index a5fd93c8d..000000000 --- a/ChangeLog.d/8060.txt +++ /dev/null @@ -1,4 +0,0 @@ -Features - * The CCM and GCM modules no longer depend on MBEDTLS_CIPHER_C. People who - use CCM and GCM but don't need the Cipher API can now disable - MBEDTLS_CIPHER_C in order to save code size. diff --git a/ChangeLog.d/8357.txt b/ChangeLog.d/8357.txt deleted file mode 100644 index 9cae396ec..000000000 --- a/ChangeLog.d/8357.txt +++ /dev/null @@ -1,8 +0,0 @@ -Features - * It is now possible to have AEADs support (CCM, GCM and ChaChaPoly) without - MBEDTLS_CIPHER_C. This holds both for the builtin suport (MBEDTLS_CCM_C, - MBEDTLS_GCM_C and MBEDTLS_CHACHAPOLY_C) as well as the PSA one - (PSA_WANT_ALG_CCM, PSA_WANT_ALG_GCM, PSA_WANT_ALG_CHACHA20_POLY1305). - On the PSA side this means that it is possible to enable - MBEDTLS_PSA_CRYPTO_C without MBEDTLS_CIPHER_C if none of the - non-authenticated ciphers is enabled. diff --git a/ChangeLog.d/8358.txt b/ChangeLog.d/8358.txt index 70b795a4b..2c3e15d66 100644 --- a/ChangeLog.d/8358.txt +++ b/ChangeLog.d/8358.txt @@ -2,8 +2,6 @@ Features * If a cipher or AEAD mechanism has a PSA driver, you can now build the library without the corresponding built-in implementation. See docs/driver-only-builds.md for full details and current limitations. - * It is possible to disable MBEDTLS_CIPHER_C in some circumstances, please - see docs/driver-only-builds.md for full details and current limitations. * The CTR_DRBG module will now use AES from a PSA driver if MBEDTLS_AES_C is disabled. This requires PSA_WANT_ALG_ECB_NO_PADDING in addition to MBEDTLS_PSA_CRYPTO_C and PSA_WANT_KEY_TYPE_AES. diff --git a/ChangeLog.d/no-cipher.txt b/ChangeLog.d/no-cipher.txt new file mode 100644 index 000000000..4deadab98 --- /dev/null +++ b/ChangeLog.d/no-cipher.txt @@ -0,0 +1,9 @@ +Features + * Fewer modules depend on MBEDTLS_CIPHER_C, making it possible to save code + size by disabling it in more circumstances. In particular, the CCM and + GCM modules no longer depends on MBEDTLS_CIPHER_C. Also, + MBEDTLS_PSA_CRYPTO can now be enabled without MBEDTLS_CIPHER_C if all + unauthenticated (non-AEAD) ciphers are disabled, or if they're all + fully provided by drivers. See docs/driver-only-builds.md for full + details and current limitations; in particular, NIST_KW and PKCS5/PKCS12 + decryption still unconditionally depend on MBEDTLS_CIPHER_C. From a57278151b0fe3d5bbbd22b1c3becb314f7a7705 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 8 Jan 2024 10:47:46 +0100 Subject: [PATCH 1255/1674] Update ChangeLog for CCM/GCM improvements MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/{8358.txt => driver-only-cipher.txt} | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) rename ChangeLog.d/{8358.txt => driver-only-cipher.txt} (58%) diff --git a/ChangeLog.d/8358.txt b/ChangeLog.d/driver-only-cipher.txt similarity index 58% rename from ChangeLog.d/8358.txt rename to ChangeLog.d/driver-only-cipher.txt index 2c3e15d66..e2a946c91 100644 --- a/ChangeLog.d/8358.txt +++ b/ChangeLog.d/driver-only-cipher.txt @@ -1,6 +1,10 @@ Features * If a cipher or AEAD mechanism has a PSA driver, you can now build the - library without the corresponding built-in implementation. See + library without the corresponding built-in implementation. Generally + speaking that requires both the key type and algorithm to be accelerated + or they'll both be built in. However for CCM and GCM the built-in + implementation is able to take advantage of a driver that only + accelerates the key type (that is, the block cipher primitive). See docs/driver-only-builds.md for full details and current limitations. * The CTR_DRBG module will now use AES from a PSA driver if MBEDTLS_AES_C is disabled. This requires PSA_WANT_ALG_ECB_NO_PADDING in addition to From dc4103e9aadc503f490f267a30c6f5a9c8ee8ebd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 8 Jan 2024 10:54:47 +0100 Subject: [PATCH 1256/1674] Clarify CCM/CM with partial accel MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- docs/driver-only-builds.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index f085471c6..1a60bfd4f 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -349,9 +349,11 @@ from PSA acceleration of the underlying block cipher by enabling support for ECB mode (`PSA_WANT_ALG_ECB_NO_PADDING` + `MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING`) together with desired key type(s) (`PSA_WANT_KEY_TYPE_[AES|ARIA|CAMELLIA]` + `MBEDTLS_PSA_ACCEL_KEY_TYPE_[AES|ARIA|CAMELLIA]`). + In such configurations it is possible to: - Use CCM and GCM via the PSA Crypto APIs. -- Use CCM and GCM via legacy functions (`mbedtls_[ccm|gcm]_xxx()`). +- Use CCM and GCM via legacy functions `mbedtls_[ccm|gcm]_xxx()` (but not the + legacy functions `mbedtls_cipher_xxx()`). - Disable legacy key types (`MBEDTLS_[AES|ARIA|CAMELLIA]_C`) if there is no other dependency requiring them. From 7f48d5e203274bebdf74bc26c92b8f416465cc49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 8 Jan 2024 10:55:09 +0100 Subject: [PATCH 1257/1674] Rename test components to better reflect content MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 34 +++++++++++++++---------------- tests/scripts/analyze_outcomes.py | 8 ++++---- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8f899c060..8bf91d62e 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3741,9 +3741,9 @@ component_test_psa_crypto_config_accel_aead () { } # This is a common configuration function used in: -# - component_test_psa_crypto_config_accel_cipher_aead -# - component_test_psa_crypto_config_reference_cipher_aead -common_psa_crypto_config_accel_cipher_aead() { +# - component_test_psa_crypto_config_accel_cipher_aead_cmac +# - component_test_psa_crypto_config_reference_cipher_aead_cmac +common_psa_crypto_config_accel_cipher_aead_cmac() { # Start from the full config helper_libtestdriver1_adjust_config "full" @@ -3751,12 +3751,12 @@ common_psa_crypto_config_accel_cipher_aead() { } # The 2 following test components, i.e. -# - component_test_psa_crypto_config_accel_cipher_aead -# - component_test_psa_crypto_config_reference_cipher_aead +# - component_test_psa_crypto_config_accel_cipher_aead_cmac +# - component_test_psa_crypto_config_reference_cipher_aead_cmac # are meant to be used together in analyze_outcomes.py script in order to test # driver's coverage for ciphers and AEADs. -component_test_psa_crypto_config_accel_cipher_aead () { - msg "build: full config with accelerated cipher and AEAD" +component_test_psa_crypto_config_accel_cipher_aead_cmac () { + msg "build: full config with accelerated cipher inc. AEAD and CMAC" loc_accel_list="ALG_ECB_NO_PADDING ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB \ ALG_OFB ALG_XTS ALG_STREAM_CIPHER ALG_CCM_STAR_NO_TAG \ @@ -3766,7 +3766,7 @@ component_test_psa_crypto_config_accel_cipher_aead () { # Configure # --------- - common_psa_crypto_config_accel_cipher_aead + common_psa_crypto_config_accel_cipher_aead_cmac # Disable the things that are being accelerated scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC @@ -3810,29 +3810,29 @@ component_test_psa_crypto_config_accel_cipher_aead () { # Run the tests # ------------- - msg "test: full config with accelerated cipher and AEAD" + msg "test: full config with accelerated cipher inc. AEAD and CMAC" make test - msg "ssl-opt: full config with accelerated cipher and AEAD" + msg "ssl-opt: full config with accelerated cipher inc. AEAD and CMAC" tests/ssl-opt.sh - msg "compat.sh: full config with accelerated cipher and AEAD" + msg "compat.sh: full config with accelerated cipher inc. AEAD and CMAC" tests/compat.sh -V NO -p mbedTLS } -component_test_psa_crypto_config_reference_cipher_aead () { - msg "build: full config with non-accelerated cipher and AEAD" - common_psa_crypto_config_accel_cipher_aead +component_test_psa_crypto_config_reference_cipher_aead_cmac () { + msg "build: full config with non-accelerated cipher inc. AEAD and CMAC" + common_psa_crypto_config_accel_cipher_aead_cmac make - msg "test: full config with non-accelerated cipher and AEAD" + msg "test: full config with non-accelerated cipher inc. AEAD and CMAC" make test - msg "ssl-opt: full config with non-accelerated cipher and AEAD" + msg "ssl-opt: full config with non-accelerated cipher inc. AEAD and CMAC" tests/ssl-opt.sh - msg "compat.sh: full config with non-accelerated cipher and AEAD" + msg "compat.sh: full config with non-accelerated cipher inc. AEAD and CMAC" tests/compat.sh -V NO -p mbedTLS } diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py index 3b11ca24c..a86797175 100755 --- a/tests/scripts/analyze_outcomes.py +++ b/tests/scripts/analyze_outcomes.py @@ -240,16 +240,16 @@ KNOWN_TASKS = { } } }, - 'analyze_driver_vs_reference_cipher_aead': { + 'analyze_driver_vs_reference_cipher_aead_cmac': { 'test_function': do_analyze_driver_vs_reference, 'args': { - 'component_ref': 'test_psa_crypto_config_reference_cipher_aead', - 'component_driver': 'test_psa_crypto_config_accel_cipher_aead', + 'component_ref': 'test_psa_crypto_config_reference_cipher_aead_cmac', + 'component_driver': 'test_psa_crypto_config_accel_cipher_aead_cmac', # Modules replaced by drivers. 'ignored_suites': [ # low-level (block/stream) cipher modules 'aes', 'aria', 'camellia', 'des', 'chacha20', - # AEAD modes + # AEAD modes and CMAC 'ccm', 'chachapoly', 'cmac', 'gcm', # The Cipher abstraction layer 'cipher', From 88bae8bc5273c51bb532c2f3e5955db7722ec1ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 8 Jan 2024 10:56:35 +0100 Subject: [PATCH 1258/1674] Rename tests components for clarity MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit All no_cipher components have crypto (as in libmbedcrypto.a), but the difference is one doesn't have PSA crypto while the other two do. Signed-off-by: Manuel Pégourié-Gonnard --- tests/scripts/all.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8bf91d62e..b37973add 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1540,7 +1540,7 @@ component_test_crypto_full_md_light_only () { make test } -component_test_full_no_cipher () { +component_test_full_no_cipher_no_psa_crypto () { msg "build: full no CIPHER no PSA_CRYPTO_C" scripts/config.py full scripts/config.py unset MBEDTLS_CIPHER_C @@ -1565,8 +1565,8 @@ component_test_full_no_cipher () { } # This is a common configurator and test function that is used in: -# - component_test_full_no_cipher_with_crypto -# - component_test_full_no_cipher_with_crypto_config +# - component_test_full_no_cipher_with_psa_crypto +# - component_test_full_no_cipher_with_psa_crypto_config # It accepts 2 input parameters: # - $1: boolean value which basically reflects status of MBEDTLS_PSA_CRYPTO_CONFIG # - $2: a text string which describes the test component @@ -1614,11 +1614,11 @@ common_test_full_no_cipher_with_psa_crypto () { make test } -component_test_full_no_cipher_with_crypto() { +component_test_full_no_cipher_with_psa_crypto() { common_test_full_no_cipher_with_psa_crypto 0 "full no CIPHER no CRYPTO_CONFIG" } -component_test_full_no_cipher_with_crypto_config() { +component_test_full_no_cipher_with_psa_crypto_config() { common_test_full_no_cipher_with_psa_crypto 1 "full no CIPHER" } From c1cea63478aa3739c1a724a93c53273bdc236b1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 8 Jan 2024 11:02:26 +0100 Subject: [PATCH 1259/1674] Quickly mention the status of RSA accel MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Not related to other commits in this PR, should have been done in #8616 really, but since I'm updating the document, might as well do it here. Signed-off-by: Manuel Pégourié-Gonnard --- docs/driver-only-builds.md | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 1a60bfd4f..8f708259c 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -55,6 +55,8 @@ For now, only the following (families of) mechanisms are supported: - hashes: SHA-3, SHA-2, SHA-1, MD5, etc. - elliptic-curve cryptography (ECC): ECDH, ECDSA, EC J-PAKE, ECC key types. - finite-field Diffie-Hellman: FFDH algorithm, DH key types. +- RSA: PKCS#1 v1.5 and v2.1 signature and encryption algorithms, RSA key types + (for now, only crypto, no X.509 or TLS support). - AEADs: - GCM and CCM with AES, ARIA and Camellia key types - ChachaPoly with ChaCha20 Key type @@ -71,9 +73,6 @@ work in the same way as if the mechanisms where built-in, except as documented in the "Limitations" sub-sections of the sections dedicated to each family below. -Currently (mid-2023) we don't have plans to extend this to RSA. If -you're interested in driver-only support for RSA, please let us know. - Hashes ------ @@ -138,9 +137,10 @@ then you can also disable `MBEDTLS_ECP_C`. However, a small subset of it might still be included in the build, see limitations sub-section below. In addition, if: -- `MBEDTLS_ECP_C` is fully removed (see limitation sub-section below), and -- support for RSA key types and algorithms is fully disabled, and -- support for DH key types and the FFDH algorithm is either disabled, or +- `MBEDTLS_ECP_C` is fully removed (see limitation sub-section below), +- and support for RSA key types and algorithms is either fully disabled or + fully provided by a driver, +- and support for DH key types and the FFDH algorithm is either disabled or fully provided by a driver, then you can also disable `MBEDTLS_BIGNUM_C`. @@ -243,6 +243,29 @@ The same holds for the associated algorithm: `[PSA_WANT|MBEDTLS_PSA_ACCEL]_ALG_FFDH` allow builds accelerating FFDH and removing builtin support (i.e. `MBEDTLS_DHM_C`). +RSA +--- + +It is possible for all RSA operations to be provided only by a driver. + +More precisely, if: +- all the RSA algorithms that are enabled (`PSA_WANT_ALG_RSA_*`) are also + accelerated (`MBEDTLS_PSA_ACCEL_ALG_RSA_*`), +- and all the RSA key types that are enabled (`PSA_WANT_KEY_TYPE_RSA_*`) are + also accelerated (`MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_*`), + +then you can disable `MBEDTLS_RSA_C`, `MBEDTLS_PKCS1_V15` and +`MBEDTLS_PKCS1_V21`, and RSA will still work in PSA Crypto. + +### Limitations on RSA acceleration + +Unlike other mechanisms, for now in configurations with driver-only RSA, only +PSA Crypto works. In particular, PK, X.509 and TLS will _not_ work with +driver-only RSA even if `MBEDTLS_USE_PSA_CRYPTO` is enabled. + +Currently (early 2024) we don't have plans to extend this support. If you're +interested in wider driver-only support for RSA, please let us know. + Ciphers (unauthenticated and AEAD) ---------------------------------- From d0c6f70e58e7909a02b83f66e5d78f3050635654 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 8 Jan 2024 11:33:31 +0100 Subject: [PATCH 1260/1674] Update architecture doc for cipher dual dispatch MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- .../psa-migration/md-cipher-dispatch.md | 32 +++++++++++++++---- 1 file changed, 25 insertions(+), 7 deletions(-) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index 430b0caec..ac67dd6b2 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -494,7 +494,7 @@ int psa_can_do_hash(psa_algorithm_t hash_alg); The job of this private function is to return 1 if `hash_alg` can be performed through PSA now, and 0 otherwise. It is only defined on algorithms that are enabled via PSA. -As a starting point, return 1 if PSA crypto has been initialized. This will be refined later (to return 1 if the [accelerator subsystem](https://github.com/Mbed-TLS/mbedtls/issues/6007) has been initialized). +As a starting point, return 1 if PSA crypto's driver subsystem has been initialized. Usage note: for algorithms that are not enabled via PSA, calling `psa_can_do_hash` is generally safe: whether it returns 0 or 1, you can call a PSA hash function on the algorithm and it will return `PSA_ERROR_NOT_SUPPORTED`. @@ -566,14 +566,15 @@ The architecture can be extended to support `MBEDTLS_PSA_CRYPTO_CLIENT` with a l * Compile-time dependencies: instead of checking `defined(MBEDTLS_PSA_CRYPTO_C)`, check `defined(MBEDTLS_PSA_CRYPTO_C) || defined(MBEDTLS_PSA_CRYPTO_CLIENT)`. * Implementers of `MBEDTLS_PSA_CRYPTO_CLIENT` will need to provide `psa_can_do_hash()` (or a more general function `psa_can_do`) alongside `psa_crypto_init()`. Note that at this point, it will become a public interface, hence we won't be able to change it at a whim. -### Internal "block cipher" abstraction (Cipher light) +### Internal "block cipher" abstraction (previously known as "Cipher light") #### Definition The new module is automatically enabled in `build_info.h` by modules that need -it, namely: CCM, GCM, only when `CIPHER_C` is not available. Note: CCM and GCM -currently depend on the full `CIPHER_C` (enforced by `check_config.h`); this -hard dependency would be replaced by the above auto-enablement. +it, namely: CCM, GCM, only when `CIPHER_C` is not available, or the new module +is needed for PSA dispatch (see next section). Note: CCM and GCM currently +depend on the full `CIPHER_C` (enforced by `check_config.h`); this hard +dependency would be replaced by the above auto-enablement. The following API functions are offered: ``` @@ -593,6 +594,23 @@ The only supported ciphers are AES, ARIA and Camellia. They are identified by an `mbedtls_cipher_id_t` in the `setup()` function, because that's how they're identifed by callers (GCM/CCM). -#### Cipher light dual dispatch +#### Block cipher dual dispatch -This is likely to come in the future, but has not been defined yet. +Support for dual dispatch in the new internal module `block_cipher` is extremely similar to that in MD light. + +A block cipher context contains either a legacy module's context (AES, ARIA, Camellia) or a PSA key identifier; it has a field indicated which one is in use. All fields are private. + +The `engine` field is almost redundant with knowledge about `type`. However, when an algorithm is available both via a legacy module and a PSA accelerator, we will choose based on the runtime availability of the accelerator when the context is set up. This choice needs to be recorded in the context structure. + +Support is determined at runtime using the new internal function +``` +int psa_can_do_cipher(psa_key_type_t key_type, psa_algorithm_t cipher_alg); +``` + +The job of this private function is to return 1 if `hash_alg` can be performed through PSA now, and 0 otherwise. It is only defined on algorithms that are enabled via PSA. As a starting point, return 1 if PSA crypto's driver subsystem has been initialized. + +Each function in the module needs to know whether to dispatch via PSA or legacy. All function with just consult the context's `engine` field, except `setup()` which will set it according to the key type and the return value of `psa_can_do_cipher()` as discussed above. + +Note that this assumes that an operation that has been started via PSA can be completed. This implies that `mbedtls_psa_crypto_free` must not be called while an operation using PSA is in progress. + +After calling a PSA function, call `mbedtls_cipher_error_from_psa` to convert its status code. From 95c32973f90b0b0867061f21e4a3e75164bff804 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 20 Dec 2023 11:28:47 +0100 Subject: [PATCH 1261/1674] check_config: add check for PSA builtin unauthenticated ciphers Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index b21135686..4dc26779c 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -203,6 +203,19 @@ #endif #endif +#if defined(MBEDTLS_PSA_CRYPTO_C) && \ + (defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG)) && \ + !defined(MBEDTLS_CIPHER_C) +#error "Built-in unauthenticated ciphers are enabled in PSA, but not all prerequisites" +#endif + #if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C) #error "MBEDTLS_ECDH_C defined, but not all prerequisites" #endif From c95ab2a1a06dd53042b47abfd336d356128f638c Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 20 Dec 2023 17:15:34 +0100 Subject: [PATCH 1262/1674] mbedtls_config: extend documentation for MBEDTLS_PSA_CRYPTO_C Signed-off-by: Valerio Setti --- include/mbedtls/mbedtls_config.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 94e21e271..5670d67ec 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -3167,7 +3167,8 @@ * * Requires: either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C, * or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C, - * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG. + * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG; + * MBEDTLS_CIPHER_C if any unauthenticated cipher is builtin in PSA. * */ #define MBEDTLS_PSA_CRYPTO_C From 1aaffec7cf5e52d9b7cd7d95f857511b7ca549ae Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 09:06:54 +0100 Subject: [PATCH 1263/1674] Revert "check_config: add check for PSA builtin unauthenticated ciphers" This reverts commit d5d99e800a0d648e976a28819ab8709daabcab9b. Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 4dc26779c..b21135686 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -203,19 +203,6 @@ #endif #endif -#if defined(MBEDTLS_PSA_CRYPTO_C) && \ - (defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG)) && \ - !defined(MBEDTLS_CIPHER_C) -#error "Built-in unauthenticated ciphers are enabled in PSA, but not all prerequisites" -#endif - #if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C) #error "MBEDTLS_ECDH_C defined, but not all prerequisites" #endif From 9772642b8c44381c46ac70202b895bc52bcda1cb Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 09:55:09 +0100 Subject: [PATCH 1264/1674] adjust_legacy_crypto: auto-enable CIPHER_C when any builtin cipher is enabled in PSA Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_crypto.h | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index c6b7f8ef3..696266c6f 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -22,6 +22,20 @@ #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H #define MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H +/* Auto-enable CIPHER_C when any of the unauthenticated ciphers is builtin + * in PSA. */ +#if defined(MBEDTLS_PSA_CRYPTO_C) && \ + (defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CTR) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CFB) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_OFB) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \ + defined(MBEDTLS_PSA_BUILTIN_ALG_CCM_STAR_NO_TAG)) +#define MBEDTLS_CIPHER_C +#endif + /* Auto-enable MBEDTLS_MD_LIGHT based on MBEDTLS_MD_C. * This allows checking for MD_LIGHT rather than MD_LIGHT || MD_C. */ From d5cab81405dd72ffbab9ef65261771aecbe531ba Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 10:04:51 +0100 Subject: [PATCH 1265/1674] mbedtls_config: update documentation for CIPHER_C and CRYPTO_C Adding auto-enablement sections. Signed-off-by: Valerio Setti --- include/mbedtls/mbedtls_config.h | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 5670d67ec..6a5828c74 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -2579,6 +2579,8 @@ * library/ssl_ciphersuites.c * library/ssl_msg.c * library/ssl_ticket.c (unless MBEDTLS_USE_PSA_CRYPTO is enabled) + * Auto-enabled by: MBEDTLS_PSA_CRYPTO_C depending on which ciphers are enabled + * (see the documentation of that option for details). * * Uncomment to enable generic cipher wrappers. */ @@ -3167,9 +3169,10 @@ * * Requires: either MBEDTLS_CTR_DRBG_C and MBEDTLS_ENTROPY_C, * or MBEDTLS_HMAC_DRBG_C and MBEDTLS_ENTROPY_C, - * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG; - * MBEDTLS_CIPHER_C if any unauthenticated cipher is builtin in PSA. - * + * or MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG. + * Auto-enables: MBEDTLS_CIPHER_C if any unauthenticated (ie, non-AEAD) cipher + * is enabled in PSA (unless it's fully accelerated, see + * docs/driver-only-builds.md about that). */ #define MBEDTLS_PSA_CRYPTO_C From cd38f2720678fffd28669aa1625695106060695f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 9 Jan 2024 08:41:03 +0100 Subject: [PATCH 1266/1674] Revert "psa_util: fix typo in comment" This reverts commit 98f5db9fca7fa9dc3a30c3264b720e41589d713d. Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 7fcc9d2b0..e8fb3de61 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -155,7 +155,7 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, * \param md_type The type of digest to search for. * * \return The PSA algorithm identifier associated with \p md_type; - * #PSA_ALG_NONE if the algorithm is unsupported or invalid. + * #PSA_ALG_NONE if the algorithm is unuspported or invalid. */ psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type); From 9b2d738ccde53c4643a9905f548509e2a8457d86 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 9 Jan 2024 08:41:21 +0100 Subject: [PATCH 1267/1674] Revert "test_suite_md: improve md_to_from_psa() test function and related data" This reverts commit 2c1070b39700be8a6fcda5f2266e8bbe5ac42e1c. Signed-off-by: Valerio Setti --- tests/suites/test_suite_md.data | 48 ++--------------------------- tests/suites/test_suite_md.function | 24 ++++++++++++--- 2 files changed, 21 insertions(+), 51 deletions(-) diff --git a/tests/suites/test_suite_md.data b/tests/suites/test_suite_md.data index b831500d6..fb9b5effa 100644 --- a/tests/suites/test_suite_md.data +++ b/tests/suites/test_suite_md.data @@ -2,52 +2,8 @@ MD list mbedtls_md_list: -MD <-> PSA conversion - MD5 -depends_on:PSA_WANT_ALG_MD5 -md_to_from_psa:MBEDTLS_MD_MD5:PSA_ALG_MD5 - -MD <-> PSA conversion - RIPEMD160 -depends_on:PSA_WANT_ALG_RIPEMD160 -md_to_from_psa:MBEDTLS_MD_RIPEMD160:PSA_ALG_RIPEMD160 - -MD <-> PSA conversion - SHA1 -depends_on:PSA_WANT_ALG_SHA_1 -md_to_from_psa:MBEDTLS_MD_SHA1:PSA_ALG_SHA_1 - -MD <-> PSA conversion - SHA224 -depends_on:PSA_WANT_ALG_SHA_224 -md_to_from_psa:MBEDTLS_MD_SHA224:PSA_ALG_SHA_224 - -MD <-> PSA conversion - SHA256 -depends_on:PSA_WANT_ALG_SHA_256 -md_to_from_psa:MBEDTLS_MD_SHA256:PSA_ALG_SHA_256 - -MD <-> PSA conversion - SHA384 -depends_on:PSA_WANT_ALG_SHA_384 -md_to_from_psa:MBEDTLS_MD_SHA384:PSA_ALG_SHA_384 - -MD <-> PSA conversion - SHA512 -depends_on:PSA_WANT_ALG_SHA_512 -md_to_from_psa:MBEDTLS_MD_SHA512:PSA_ALG_SHA_512 - -MD <-> PSA conversion - SHA3_224 -depends_on:PSA_WANT_ALG_SHA3_224 -md_to_from_psa:MBEDTLS_MD_SHA3_224:PSA_ALG_SHA3_224 - -MD <-> PSA conversion - SHA3_256 -depends_on:PSA_WANT_ALG_SHA3_256 -md_to_from_psa:MBEDTLS_MD_SHA3_256:PSA_ALG_SHA3_256 - -MD <-> PSA conversion - SHA3_384 -depends_on:PSA_WANT_ALG_SHA3_384 -md_to_from_psa:MBEDTLS_MD_SHA3_384:PSA_ALG_SHA3_384 - -MD <-> PSA conversion - SHA3_512 -depends_on:PSA_WANT_ALG_SHA3_512 -md_to_from_psa:MBEDTLS_MD_SHA3_512:PSA_ALG_SHA3_512 - -MD <-> PSA conversion - NONE -md_to_from_psa:MBEDTLS_MD_NONE:PSA_ALG_NONE +MD <-> PSA conversion +md_to_from_psa: MD NULL/uninitialised arguments md_null_args: diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function index 0a8e4216e..2a885e237 100644 --- a/tests/suites/test_suite_md.function +++ b/tests/suites/test_suite_md.function @@ -4,6 +4,10 @@ #include "mbedtls/oid.h" #include "mbedtls/asn1.h" + +#define MD_PSA(md, psa) \ + TEST_EQUAL(mbedtls_md_psa_alg_from_type(md), psa); \ + TEST_EQUAL(mbedtls_md_type_from_psa_alg(psa), md); /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -59,13 +63,23 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ -void md_to_from_psa(int md_alg_arg, int psa_alg_arg) +void md_to_from_psa() { - mbedtls_md_type_t md_alg = md_alg_arg; - psa_algorithm_t psa_alg = psa_alg_arg; + /* We use a simplified implementation that relies on numerical values + * being aligned, so make sure they remain so. */ + MD_PSA(MBEDTLS_MD_MD5, PSA_ALG_MD5); + MD_PSA(MBEDTLS_MD_RIPEMD160, PSA_ALG_RIPEMD160); + MD_PSA(MBEDTLS_MD_SHA1, PSA_ALG_SHA_1); + MD_PSA(MBEDTLS_MD_SHA224, PSA_ALG_SHA_224); + MD_PSA(MBEDTLS_MD_SHA256, PSA_ALG_SHA_256); + MD_PSA(MBEDTLS_MD_SHA384, PSA_ALG_SHA_384); + MD_PSA(MBEDTLS_MD_SHA512, PSA_ALG_SHA_512); + MD_PSA(MBEDTLS_MD_SHA3_224, PSA_ALG_SHA3_224); + MD_PSA(MBEDTLS_MD_SHA3_256, PSA_ALG_SHA3_256); + MD_PSA(MBEDTLS_MD_SHA3_384, PSA_ALG_SHA3_384); + MD_PSA(MBEDTLS_MD_SHA3_512, PSA_ALG_SHA3_512); - TEST_EQUAL(mbedtls_md_psa_alg_from_type(md_alg), psa_alg); \ - TEST_EQUAL(mbedtls_md_type_from_psa_alg(psa_alg), md_alg); + /* Don't test for NONE<->NONE as this is not guaranteed */ } /* END_CASE */ From dd2afcd881df115474eb12f9aa877b35530ec799 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 9 Jan 2024 08:41:29 +0100 Subject: [PATCH 1268/1674] Revert "psa_util: add algorithm's availability checks for MD conversion functions" This reverts commit 3d2e0f5f42b9ac646f63d67e442f4af0f8a3fe4f. Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 27 +++++++--- library/psa_util.c | 106 ------------------------------------- 2 files changed, 21 insertions(+), 112 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index e8fb3de61..249b8d421 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -152,12 +152,21 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, * \brief This function returns the PSA algorithm identifier * associated with the given digest type. * - * \param md_type The type of digest to search for. + * \param md_type The type of digest to search for. Must not be NONE. * - * \return The PSA algorithm identifier associated with \p md_type; - * #PSA_ALG_NONE if the algorithm is unuspported or invalid. + * \warning If \p md_type is \c MBEDTLS_MD_NONE, this function will + * not return \c PSA_ALG_NONE, but an invalid algorithm. + * + * \warning This function does not check if the algorithm is + * supported, it always returns the corresponding identifier. + * + * \return The PSA algorithm identifier associated with \p md_type, + * regardless of whether it is supported or not. */ -psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type); +static inline psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type) +{ + return PSA_ALG_CATEGORY_HASH | (psa_algorithm_t) md_type; +} /** * \brief This function returns the given digest type @@ -165,10 +174,16 @@ psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type); * * \param psa_alg The PSA algorithm identifier to search for. * + * \warning This function does not check if the algorithm is + * supported, it always returns the corresponding identifier. + * * \return The MD type associated with \p psa_alg, - * #MBEDTLS_MD_NONE if the algorithm is unsupported or invalid. + * regardless of whether it is supported or not. */ -mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg); +static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg) +{ + return (mbedtls_md_type_t) (psa_alg & PSA_ALG_HASH_MASK); +} /**@}*/ diff --git a/library/psa_util.c b/library/psa_util.c index bb054a33f..9b06de273 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -330,110 +330,4 @@ mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, } #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ -psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type) -{ - switch (md_type) { -#if defined(PSA_WANT_ALG_MD5) - case MBEDTLS_MD_MD5: - return PSA_ALG_MD5; -#endif -#if defined(PSA_WANT_ALG_RIPEMD160) - case MBEDTLS_MD_RIPEMD160: - return PSA_ALG_RIPEMD160; -#endif -#if defined(PSA_WANT_ALG_SHA_1) - case MBEDTLS_MD_SHA1: - return PSA_ALG_SHA_1; -#endif -#if defined(PSA_WANT_ALG_SHA_224) - case MBEDTLS_MD_SHA224: - return PSA_ALG_SHA_224; -#endif -#if defined(PSA_WANT_ALG_SHA_256) - case MBEDTLS_MD_SHA256: - return PSA_ALG_SHA_256; -#endif -#if defined(PSA_WANT_ALG_SHA_384) - case MBEDTLS_MD_SHA384: - return PSA_ALG_SHA_384; -#endif -#if defined(PSA_WANT_ALG_SHA_512) - case MBEDTLS_MD_SHA512: - return PSA_ALG_SHA_512; -#endif -#if defined(PSA_WANT_ALG_SHA3_224) - case MBEDTLS_MD_SHA3_224: - return PSA_ALG_SHA3_224; -#endif -#if defined(PSA_WANT_ALG_SHA3_256) - case MBEDTLS_MD_SHA3_256: - return PSA_ALG_SHA3_256; -#endif -#if defined(PSA_WANT_ALG_SHA3_384) - case MBEDTLS_MD_SHA3_384: - return PSA_ALG_SHA3_384; -#endif -#if defined(PSA_WANT_ALG_SHA3_512) - case MBEDTLS_MD_SHA3_512: - return PSA_ALG_SHA3_512; -#endif - case MBEDTLS_MD_NONE: - default: - return PSA_ALG_NONE; - } -} - -mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg) -{ - switch (psa_alg) { -#if defined(PSA_WANT_ALG_MD5) - case PSA_ALG_MD5: - return MBEDTLS_MD_MD5; -#endif -#if defined(PSA_WANT_ALG_RIPEMD160) - case PSA_ALG_RIPEMD160: - return MBEDTLS_MD_RIPEMD160; -#endif -#if defined(PSA_WANT_ALG_SHA_1) - case PSA_ALG_SHA_1: - return MBEDTLS_MD_SHA1; -#endif -#if defined(PSA_WANT_ALG_SHA_224) - case PSA_ALG_SHA_224: - return MBEDTLS_MD_SHA224; -#endif -#if defined(PSA_WANT_ALG_SHA_256) - case PSA_ALG_SHA_256: - return MBEDTLS_MD_SHA256; -#endif -#if defined(PSA_WANT_ALG_SHA_384) - case PSA_ALG_SHA_384: - return MBEDTLS_MD_SHA384; -#endif -#if defined(PSA_WANT_ALG_SHA_512) - case PSA_ALG_SHA_512: - return MBEDTLS_MD_SHA512; -#endif -#if defined(PSA_WANT_ALG_SHA3_224) - case PSA_ALG_SHA3_224: - return MBEDTLS_MD_SHA3_224; -#endif -#if defined(PSA_WANT_ALG_SHA3_256) - case PSA_ALG_SHA3_256: - return MBEDTLS_MD_SHA3_256; -#endif -#if defined(PSA_WANT_ALG_SHA3_384) - case PSA_ALG_SHA3_384: - return MBEDTLS_MD_SHA3_384; -#endif -#if defined(PSA_WANT_ALG_SHA3_512) - case PSA_ALG_SHA3_512: - return MBEDTLS_MD_SHA3_512; -#endif - case PSA_ALG_NONE: - default: - return MBEDTLS_MD_NONE; - } -} - #endif /* MBEDTLS_PSA_CRYPTO_C */ From 60c9eee2671fcbd06b04fb3cdf1ae5c5aba1dc83 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 9 Jan 2024 10:08:53 +0100 Subject: [PATCH 1269/1674] Improve wording & fix typos MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- docs/architecture/psa-migration/md-cipher-dispatch.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index ac67dd6b2..30afad831 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -514,7 +514,7 @@ Note that this assumes that an operation that has been started via PSA can be co #### Error code conversion -After calling a PSA function, call `mbedtls_md_error_from_psa` to convert its status code. +After calling a PSA function, MD light calls `mbedtls_md_error_from_psa` to convert its status code. ### Support all legacy algorithms in PSA @@ -570,8 +570,8 @@ The architecture can be extended to support `MBEDTLS_PSA_CRYPTO_CLIENT` with a l #### Definition -The new module is automatically enabled in `build_info.h` by modules that need -it, namely: CCM, GCM, only when `CIPHER_C` is not available, or the new module +The new module is automatically enabled in `config_adjust_legacy_crypto.h` by modules that need +it (namely: CCM, GCM) only when `CIPHER_C` is not available, or the new module is needed for PSA dispatch (see next section). Note: CCM and GCM currently depend on the full `CIPHER_C` (enforced by `check_config.h`); this hard dependency would be replaced by the above auto-enablement. @@ -598,7 +598,7 @@ identifed by callers (GCM/CCM). Support for dual dispatch in the new internal module `block_cipher` is extremely similar to that in MD light. -A block cipher context contains either a legacy module's context (AES, ARIA, Camellia) or a PSA key identifier; it has a field indicated which one is in use. All fields are private. +A block cipher context contains either a legacy module's context (AES, ARIA, Camellia) or a PSA key identifier; it has a field indicating which one is in use. All fields are private. The `engine` field is almost redundant with knowledge about `type`. However, when an algorithm is available both via a legacy module and a PSA accelerator, we will choose based on the runtime availability of the accelerator when the context is set up. This choice needs to be recorded in the context structure. @@ -613,4 +613,4 @@ Each function in the module needs to know whether to dispatch via PSA or legacy. Note that this assumes that an operation that has been started via PSA can be completed. This implies that `mbedtls_psa_crypto_free` must not be called while an operation using PSA is in progress. -After calling a PSA function, call `mbedtls_cipher_error_from_psa` to convert its status code. +After calling a PSA function, `block_cipher` functions call `mbedtls_cipher_error_from_psa` to convert its status code. From ddba51e6c9120869c15bd931d4dad9bd3d35e787 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 21 Dec 2023 10:16:33 +0100 Subject: [PATCH 1270/1674] psa: rename "mbedtls_ecc_group_of_psa" to "mbedtls_ecc_group_from_psa" Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 6 +++--- library/pk_internal.h | 4 ++-- library/pkparse.c | 2 +- library/psa_crypto.c | 2 +- library/psa_crypto_ecp.c | 6 +++--- library/psa_util.c | 6 +++--- 6 files changed, 13 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 5f6a05315..5368e040e 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -143,9 +143,9 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, * \return #MBEDTLS_ECP_DP_NONE if \p bits is not * correct for \p curve. */ -mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, - size_t bits, - int bits_is_sloppy); +mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, + size_t bits, + int bits_is_sloppy); #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ /**@}*/ diff --git a/library/pk_internal.h b/library/pk_internal.h index 025ee8b01..642a0c7bb 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -98,13 +98,13 @@ static inline mbedtls_ecp_group_id mbedtls_pk_get_ec_group_id(const mbedtls_pk_c } opaque_key_type = psa_get_key_type(&opaque_attrs); curve = PSA_KEY_TYPE_ECC_GET_FAMILY(opaque_key_type); - id = mbedtls_ecc_group_of_psa(curve, psa_get_key_bits(&opaque_attrs), 0); + id = mbedtls_ecc_group_from_psa(curve, psa_get_key_bits(&opaque_attrs), 0); psa_reset_key_attributes(&opaque_attrs); } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ { #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - id = mbedtls_ecc_group_of_psa(pk->ec_family, pk->ec_bits, 0); + id = mbedtls_ecc_group_from_psa(pk->ec_family, pk->ec_bits, 0); #else /* MBEDTLS_PK_USE_PSA_EC_DATA */ id = mbedtls_pk_ec_ro(*pk)->grp.id; #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ diff --git a/library/pkparse.c b/library/pkparse.c index d36fa3f83..ef3aff22b 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -250,7 +250,7 @@ static int pk_ecc_set_pubkey_psa_ecp_fallback(mbedtls_pk_context *pk, mbedtls_ecp_group_id ecp_group_id; int ret; - ecp_group_id = mbedtls_ecc_group_of_psa(pk->ec_family, pk->ec_bits, 0); + ecp_group_id = mbedtls_ecc_group_from_psa(pk->ec_family, pk->ec_bits, 0); mbedtls_ecp_keypair_init(&ecp_key); ret = mbedtls_ecp_group_load(&(ecp_key.grp), ecp_group_id); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a8baa6b6f..d39310981 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5708,7 +5708,7 @@ static psa_status_t psa_generate_derived_ecc_key_weierstrass_helper( psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( slot->attr.type); mbedtls_ecp_group_id grp_id = - mbedtls_ecc_group_of_psa(curve, bits, 0); + mbedtls_ecc_group_from_psa(curve, bits, 0); if (grp_id == MBEDTLS_ECP_DP_NONE) { ret = MBEDTLS_ERR_ASN1_INVALID_DATA; diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index e4a372d24..3f2ec23e3 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -83,8 +83,8 @@ psa_status_t mbedtls_psa_ecp_load_representation( mbedtls_ecp_keypair_init(ecp); /* Load the group. */ - grp_id = mbedtls_ecc_group_of_psa(PSA_KEY_TYPE_ECC_GET_FAMILY(type), - curve_bits, !explicit_bits); + grp_id = mbedtls_ecc_group_from_psa(PSA_KEY_TYPE_ECC_GET_FAMILY(type), + curve_bits, !explicit_bits); if (grp_id == MBEDTLS_ECP_DP_NONE) { /* We can't distinguish between a nonsensical family/size combination * (which would warrant PSA_ERROR_INVALID_ARGUMENT) and a @@ -285,7 +285,7 @@ psa_status_t mbedtls_psa_ecp_generate_key( psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( attributes->core.type); mbedtls_ecp_group_id grp_id = - mbedtls_ecc_group_of_psa(curve, attributes->core.bits, 0); + mbedtls_ecc_group_from_psa(curve, attributes->core.bits, 0); const mbedtls_ecp_curve_info *curve_info = mbedtls_ecp_curve_info_from_grp_id(grp_id); diff --git a/library/psa_util.c b/library/psa_util.c index 36b7175df..f4685dbc6 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -252,9 +252,9 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, } } -mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve, - size_t bits, - int bits_is_sloppy) +mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, + size_t bits, + int bits_is_sloppy) { switch (curve) { case PSA_ECC_FAMILY_SECP_R1: From d36c313b53b4ba45561bbcde9408f8c0f39b8ece Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 21 Dec 2023 14:03:51 +0100 Subject: [PATCH 1271/1674] psa: remove bits_is_sloppy parameter from mbedtls_ecc_group_from_psa() Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 3 +-- library/pk_internal.h | 4 ++-- library/pkparse.c | 2 +- library/psa_crypto.c | 2 +- library/psa_crypto_ecp.c | 16 ++++++++++++++-- library/psa_util.c | 16 +++------------- 6 files changed, 22 insertions(+), 21 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 5368e040e..e1dd822e5 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -144,8 +144,7 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, * correct for \p curve. */ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, - size_t bits, - int bits_is_sloppy); + size_t bits); #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ /**@}*/ diff --git a/library/pk_internal.h b/library/pk_internal.h index 642a0c7bb..3d5adf8de 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -98,13 +98,13 @@ static inline mbedtls_ecp_group_id mbedtls_pk_get_ec_group_id(const mbedtls_pk_c } opaque_key_type = psa_get_key_type(&opaque_attrs); curve = PSA_KEY_TYPE_ECC_GET_FAMILY(opaque_key_type); - id = mbedtls_ecc_group_from_psa(curve, psa_get_key_bits(&opaque_attrs), 0); + id = mbedtls_ecc_group_from_psa(curve, psa_get_key_bits(&opaque_attrs)); psa_reset_key_attributes(&opaque_attrs); } else #endif /* MBEDTLS_USE_PSA_CRYPTO */ { #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - id = mbedtls_ecc_group_from_psa(pk->ec_family, pk->ec_bits, 0); + id = mbedtls_ecc_group_from_psa(pk->ec_family, pk->ec_bits); #else /* MBEDTLS_PK_USE_PSA_EC_DATA */ id = mbedtls_pk_ec_ro(*pk)->grp.id; #endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ diff --git a/library/pkparse.c b/library/pkparse.c index ef3aff22b..5f95545af 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -250,7 +250,7 @@ static int pk_ecc_set_pubkey_psa_ecp_fallback(mbedtls_pk_context *pk, mbedtls_ecp_group_id ecp_group_id; int ret; - ecp_group_id = mbedtls_ecc_group_from_psa(pk->ec_family, pk->ec_bits, 0); + ecp_group_id = mbedtls_ecc_group_from_psa(pk->ec_family, pk->ec_bits); mbedtls_ecp_keypair_init(&ecp_key); ret = mbedtls_ecp_group_load(&(ecp_key.grp), ecp_group_id); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d39310981..850f20610 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5708,7 +5708,7 @@ static psa_status_t psa_generate_derived_ecc_key_weierstrass_helper( psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( slot->attr.type); mbedtls_ecp_group_id grp_id = - mbedtls_ecc_group_from_psa(curve, bits, 0); + mbedtls_ecc_group_from_psa(curve, bits); if (grp_id == MBEDTLS_ECP_DP_NONE) { ret = MBEDTLS_ERR_ASN1_INVALID_DATA; diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 3f2ec23e3..20ef29c12 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -41,6 +41,7 @@ psa_status_t mbedtls_psa_ecp_load_representation( psa_status_t status; mbedtls_ecp_keypair *ecp = NULL; size_t curve_bytes = data_length; + size_t curve_bits_check; int explicit_bits = (curve_bits != 0); if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type) && @@ -84,7 +85,7 @@ psa_status_t mbedtls_psa_ecp_load_representation( /* Load the group. */ grp_id = mbedtls_ecc_group_from_psa(PSA_KEY_TYPE_ECC_GET_FAMILY(type), - curve_bits, !explicit_bits); + curve_bits); if (grp_id == MBEDTLS_ECP_DP_NONE) { /* We can't distinguish between a nonsensical family/size combination * (which would warrant PSA_ERROR_INVALID_ARGUMENT) and a @@ -96,6 +97,17 @@ psa_status_t mbedtls_psa_ecp_load_representation( goto exit; } + /* Get the exact number of bits which are necessary for this key. This is + * used to validate the "curve_bits" input parameter (only in case it was + * provided). + * Note: we intentionally ignore the return value of mbedtls_ecc_group_to_psa() + * because we are only interested in the curve's bit size. */ + mbedtls_ecc_group_to_psa(grp_id, &curve_bits_check); + if (explicit_bits && (curve_bits_check != curve_bits)) { + status = PSA_ERROR_NOT_SUPPORTED; + goto exit; + } + status = mbedtls_to_psa_error( mbedtls_ecp_group_load(&ecp->grp, grp_id)); if (status != PSA_SUCCESS) { @@ -285,7 +297,7 @@ psa_status_t mbedtls_psa_ecp_generate_key( psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( attributes->core.type); mbedtls_ecp_group_id grp_id = - mbedtls_ecc_group_from_psa(curve, attributes->core.bits, 0); + mbedtls_ecc_group_from_psa(curve, attributes->core.bits); const mbedtls_ecp_curve_info *curve_info = mbedtls_ecp_curve_info_from_grp_id(grp_id); diff --git a/library/psa_util.c b/library/psa_util.c index f4685dbc6..abd7a5f6b 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -253,8 +253,7 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, } mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, - size_t bits, - int bits_is_sloppy) + size_t bits) { switch (curve) { case PSA_ECC_FAMILY_SECP_R1: @@ -277,12 +276,8 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, #endif #if defined(PSA_WANT_ECC_SECP_R1_521) case 521: - return MBEDTLS_ECP_DP_SECP521R1; case 528: - if (bits_is_sloppy) { - return MBEDTLS_ECP_DP_SECP521R1; - } - break; + return MBEDTLS_ECP_DP_SECP521R1; #endif } break; @@ -308,12 +303,8 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, switch (bits) { #if defined(PSA_WANT_ECC_MONTGOMERY_255) case 255: - return MBEDTLS_ECP_DP_CURVE25519; case 256: - if (bits_is_sloppy) { - return MBEDTLS_ECP_DP_CURVE25519; - } - break; + return MBEDTLS_ECP_DP_CURVE25519; #endif #if defined(PSA_WANT_ECC_MONTGOMERY_448) case 448: @@ -340,7 +331,6 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, break; } - (void) bits_is_sloppy; return MBEDTLS_ECP_DP_NONE; } #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ From 673868be5df7918878c78b98f4ef87f7ec76b7a8 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 21 Dec 2023 14:48:31 +0100 Subject: [PATCH 1272/1674] psa_crypto_ecp: add helper for checking EC parameters This commit also updates "test_suite_psa_crypto.data" replacing PSA_ERROR_NOT_SUPPORTED with PSA_ERROR_INVALID_ARGUMENT when a wrong bit size is provided while importing key. Signed-off-by: Valerio Setti --- library/psa_crypto_ecp.c | 78 +++++++++++++++++++------ tests/suites/test_suite_psa_crypto.data | 6 +- 2 files changed, 63 insertions(+), 21 deletions(-) diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 20ef29c12..866ef7956 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -32,6 +32,60 @@ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) +/* Helper function to verify if the provided EC's family and key bit size are + * valid. */ +static int check_ecc_parameters(psa_ecc_family_t family, size_t bits, int allow_bit_size_roundup) +{ + switch (family) { + case PSA_ECC_FAMILY_SECP_R1: + switch (bits) { + case 192: + case 224: + case 256: + case 384: + case 521: + return PSA_SUCCESS; + case 528: + if (allow_bit_size_roundup) { + return PSA_SUCCESS; + } + } + break; + + case PSA_ECC_FAMILY_BRAINPOOL_P_R1: + switch (bits) { + case 256: + case 384: + case 512: + return PSA_SUCCESS; + } + break; + + case PSA_ECC_FAMILY_MONTGOMERY: + switch (bits) { + case 448: + case 255: + return PSA_SUCCESS; + case 256: + if (allow_bit_size_roundup) { + return PSA_SUCCESS; + } + } + break; + + case PSA_ECC_FAMILY_SECP_K1: + switch (bits) { + case 192: + case 224: + case 256: + return PSA_SUCCESS; + } + break; + } + + return PSA_ERROR_INVALID_ARGUMENT; +} + psa_status_t mbedtls_psa_ecp_load_representation( psa_key_type_t type, size_t curve_bits, const uint8_t *data, size_t data_length, @@ -41,7 +95,6 @@ psa_status_t mbedtls_psa_ecp_load_representation( psa_status_t status; mbedtls_ecp_keypair *ecp = NULL; size_t curve_bytes = data_length; - size_t curve_bits_check; int explicit_bits = (curve_bits != 0); if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type) && @@ -83,27 +136,16 @@ psa_status_t mbedtls_psa_ecp_load_representation( } mbedtls_ecp_keypair_init(ecp); + status = check_ecc_parameters(PSA_KEY_TYPE_ECC_GET_FAMILY(type), curve_bits, + !explicit_bits); + if (status != PSA_SUCCESS) { + goto exit; + } + /* Load the group. */ grp_id = mbedtls_ecc_group_from_psa(PSA_KEY_TYPE_ECC_GET_FAMILY(type), curve_bits); if (grp_id == MBEDTLS_ECP_DP_NONE) { - /* We can't distinguish between a nonsensical family/size combination - * (which would warrant PSA_ERROR_INVALID_ARGUMENT) and a - * well-regarded curve that Mbed TLS just doesn't know about (which - * would warrant PSA_ERROR_NOT_SUPPORTED). For uniformity with how - * curves that Mbed TLS knows about but for which support is disabled - * at build time, return NOT_SUPPORTED. */ - status = PSA_ERROR_NOT_SUPPORTED; - goto exit; - } - - /* Get the exact number of bits which are necessary for this key. This is - * used to validate the "curve_bits" input parameter (only in case it was - * provided). - * Note: we intentionally ignore the return value of mbedtls_ecc_group_to_psa() - * because we are only interested in the curve's bit size. */ - mbedtls_ecc_group_to_psa(grp_id, &curve_bits_check); - if (explicit_bits && (curve_bits_check != curve_bits)) { status = PSA_ERROR_NOT_SUPPORTED; goto exit; } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1bd8b6500..0cb800573 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -684,7 +684,7 @@ import_with_data:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: explicit bit-size=255 for secp256r1 depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 -import_with_data:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):255:PSA_ERROR_NOT_SUPPORTED +import_with_data:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):255:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: explicit bit-size=521 for secp521r1 (good) depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_521 @@ -692,7 +692,7 @@ import_with_data:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af PSA import EC keypair: explicit bit-size=528 for secp521r1 (bad) depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_521 -import_with_data:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):528:PSA_ERROR_NOT_SUPPORTED +import_with_data:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):528:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: explicit bit-size, DER format depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 @@ -716,7 +716,7 @@ import_with_data:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba0120 PSA import EC keypair: implicit bit-size, not a valid length depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 -import_with_data:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_NOT_SUPPORTED +import_with_data:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):0:PSA_ERROR_INVALID_ARGUMENT PSA import EC keypair: secp256r1, all-bits-zero (bad) depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT:PSA_WANT_ECC_SECP_R1_256 From 3b7663de29940dd6b6c00995711936f50ebf7c62 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 21 Dec 2023 14:56:14 +0100 Subject: [PATCH 1273/1674] psa_util: update the documentation of ECC conversion functions Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 6 ------ 1 file changed, 6 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index e1dd822e5..a2604e1f3 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -109,9 +109,6 @@ extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state; #include /** Convert an ECC curve identifier from the Mbed TLS encoding to PSA. - * - * \note This function is provided solely for the convenience of - * Mbed TLS and may be removed at any time without notice. * * \param grpid An Mbed TLS elliptic curve identifier * (`MBEDTLS_ECP_DP_xxx`). @@ -125,9 +122,6 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits); /** Convert an ECC curve identifier from the PSA encoding to Mbed TLS. - * - * \note This function is provided solely for the convenience of - * Mbed TLS and may be removed at any time without notice. * * \param curve A PSA elliptic curve identifier * (`PSA_ECC_FAMILY_xxx`). From bf999cb22ec7de888cf3ca3baf79bca137f53f57 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 17:48:13 +0100 Subject: [PATCH 1274/1674] test_suite_psa_crypto: add test functions and cases for ECC conversion functions Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto.data | 55 +++++++++++++++++++++ tests/suites/test_suite_psa_crypto.function | 29 +++++++++++ 2 files changed, 84 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 0cb800573..d2fa84250 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -7406,3 +7406,58 @@ persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY PSA derive persistent key: HKDF SHA-256, exportable persistent_key_load_key_from_storage:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_TYPE_RAW_DATA:1024:PSA_KEY_USAGE_EXPORT:0:DERIVE_KEY + +ECP group ID <-> PSA family - SECP192R1 +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP192R1 + +ECP group ID <-> PSA family - SECP224R1 +depends_on:PSA_WANT_ECC_SECP_R1_224 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP224R1 + +ECP group ID <-> PSA family - SECP256R1 +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP256R1 + +ECP group ID <-> PSA family - SECP384R1 +depends_on:PSA_WANT_ECC_SECP_R1_384 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP384R1 + +ECP group ID <-> PSA family - SECP521R1 +depends_on:PSA_WANT_ECC_SECP_R1_521 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP521R1 + +ECP group ID <-> PSA family - BP256R1 +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256 +ecc_conversion_functions:MBEDTLS_ECP_DP_BP256R1 + +ECP group ID <-> PSA family - BP384R1 +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384 +ecc_conversion_functions:MBEDTLS_ECP_DP_BP384R1 + +ECP group ID <-> PSA family - BP512R1 +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +ecc_conversion_functions:MBEDTLS_ECP_DP_BP512R1 + +ECP group ID <-> PSA family - CURVE25519 +depends_on:PSA_WANT_ECC_MONTGOMERY_255 +ecc_conversion_functions:MBEDTLS_ECP_DP_CURVE25519 + +ECP group ID <-> PSA family - SECP192K1 +depends_on:PSA_WANT_ECC_SECP_K1_192 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP192K1 + +ECP group ID <-> PSA family - SECP224K1 +depends_on:PSA_WANT_ECC_SECP_K1_224 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP224K1 + +ECP group ID <-> PSA family - SECP256K1 +depends_on:PSA_WANT_ECC_SECP_K1_256 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP256K1 + +ECP group ID <-> PSA family - CURVE448 +depends_on:PSA_WANT_ECC_MONTGOMERY_448 +ecc_conversion_functions:MBEDTLS_ECP_DP_CURVE448 + +ECP group ID <-> PSA family - fail +ecc_conversion_functions_fail: \ No newline at end of file diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4c08a9017..a2d156d4e 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -6,6 +6,8 @@ #include "mbedtls/oid.h" #include "common.h" +#include "mbedtls/psa_util.h" + /* For MBEDTLS_CTR_DRBG_MAX_REQUEST, knowing that psa_generate_random() * uses mbedtls_ctr_drbg internally. */ #include "mbedtls/ctr_drbg.h" @@ -9479,6 +9481,33 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void ecc_conversion_functions(int grp_id_arg) +{ + mbedtls_ecp_group_id grp_id = grp_id_arg; + psa_ecc_family_t ecc_family; + size_t bits; + + ecc_family = mbedtls_ecc_group_to_psa(grp_id, &bits); + TEST_ASSERT(ecc_family != 0); + TEST_EQUAL(grp_id, mbedtls_ecc_group_from_psa(ecc_family, bits)); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void ecc_conversion_functions_fail(void) +{ + psa_ecc_family_t ecc_family; + size_t bits; + + // Pick an invalid group ID (MBEDTLS_ECP_DP_CURVE448 is the last enum) + ecc_family = mbedtls_ecc_group_to_psa(MBEDTLS_ECP_DP_CURVE448 + 1, &bits); + TEST_EQUAL(ecc_family, 0); + + TEST_EQUAL(MBEDTLS_ECP_DP_NONE, mbedtls_ecc_group_from_psa(PSA_ECC_FAMILY_SECP_R1, 0)); +} +/* END_CASE */ + /* BEGIN_CASE */ void key_agreement_output(int alg_arg, int our_key_type_arg, data_t *our_key_data, From 90e764c1bff2416eadfca2a901786c98f32966f5 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 18:16:33 +0100 Subject: [PATCH 1275/1674] changelog: added documentation for the 2 new public functions Signed-off-by: Valerio Setti --- ChangeLog.d/7764.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/7764.txt diff --git a/ChangeLog.d/7764.txt b/ChangeLog.d/7764.txt new file mode 100644 index 000000000..be332cd60 --- /dev/null +++ b/ChangeLog.d/7764.txt @@ -0,0 +1,4 @@ +Features + * mbedtls_ecc_group_to_psa() and mbedtls_ecc_group_from_psa() helper + functions were added to convert from mbedtls_ecp_group_id to + psa_ecc_family_t and curve's bit size and viceversa, respectively. \ No newline at end of file From dc33200b74db515ef0e031d97f8207282ed41e06 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 28 Dec 2023 18:28:11 +0100 Subject: [PATCH 1276/1674] psa-transition: extend "Elliptic curve mechanism selection" Signed-off-by: Valerio Setti --- docs/psa-transition.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 067ffafbd..71b3d68f9 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -743,6 +743,10 @@ A curve is fully determined by a curve family identifier and the private key siz | `MBEDTLS_ECP_DP_SECP256K1` | [`PSA_ECC_FAMILY_SECP_K1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 256 | | `MBEDTLS_ECP_DP_CURVE448` | [`PSA_ECC_FAMILY_MONTGOMERY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga1f624c5cdaf25b21287af33024e1aff8) | 448 | +The following helper functions can be used to convert between the 2 types: +- `mbedtls_ecc_group_to_psa()` converts from the legacy curve type identifier to PSA curve family and bit-size. +- `mbedtls_ecc_group_from_psa()` converts from PSA curve family and bit-size to the legacy identifier. + The following cryptographic algorithms work with ECC keys: * ECDH key agreement (including X25519 and X448): [`PSA_ALG_ECDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab2dbcf71b63785e7dd7b54a100edee43). From 0e608807e36e46c06abcd7bd1bdb8c6cef2c3f66 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 29 Dec 2023 11:46:44 +0100 Subject: [PATCH 1277/1674] psa: let mbedtls_ecc_group_from_psa() accept only exact bit lengths Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 9 ++------- library/psa_crypto_ecp.c | 30 +++++++++++++++--------------- library/psa_util.c | 2 -- 3 files changed, 17 insertions(+), 24 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index a2604e1f3..cfb4bce58 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -126,16 +126,11 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, * \param curve A PSA elliptic curve identifier * (`PSA_ECC_FAMILY_xxx`). * \param bits The bit-length of a private key on \p curve. - * \param bits_is_sloppy If true, \p bits may be the bit-length rounded up - * to the nearest multiple of 8. This allows the caller - * to infer the exact curve from the length of a key - * which is supplied as a byte string. * * \return The corresponding Mbed TLS elliptic curve identifier * (`MBEDTLS_ECP_DP_xxx`). - * \return #MBEDTLS_ECP_DP_NONE if \c curve is not recognized. - * \return #MBEDTLS_ECP_DP_NONE if \p bits is not - * correct for \p curve. + * \return #MBEDTLS_ECP_DP_NONE if the combination of \c curve + * and \p bits is not recognized. */ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, size_t bits); diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 866ef7956..3c5aa729b 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -32,13 +32,16 @@ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) -/* Helper function to verify if the provided EC's family and key bit size are - * valid. */ -static int check_ecc_parameters(psa_ecc_family_t family, size_t bits, int allow_bit_size_roundup) +/* Helper function to verify if the provided EC's family and key bit size are valid. + * + * Note: "bits" parameter is used both as input and output and it might be updated + * in case provided input value is not multiple of 8 ("sloppy" bits). + */ +static int check_ecc_parameters(psa_ecc_family_t family, size_t *bits) { switch (family) { case PSA_ECC_FAMILY_SECP_R1: - switch (bits) { + switch (*bits) { case 192: case 224: case 256: @@ -46,14 +49,13 @@ static int check_ecc_parameters(psa_ecc_family_t family, size_t bits, int allow_ case 521: return PSA_SUCCESS; case 528: - if (allow_bit_size_roundup) { - return PSA_SUCCESS; - } + *bits = 521; + return PSA_SUCCESS; } break; case PSA_ECC_FAMILY_BRAINPOOL_P_R1: - switch (bits) { + switch (*bits) { case 256: case 384: case 512: @@ -62,19 +64,18 @@ static int check_ecc_parameters(psa_ecc_family_t family, size_t bits, int allow_ break; case PSA_ECC_FAMILY_MONTGOMERY: - switch (bits) { + switch (*bits) { case 448: case 255: return PSA_SUCCESS; case 256: - if (allow_bit_size_roundup) { - return PSA_SUCCESS; - } + *bits = 255; + return PSA_SUCCESS; } break; case PSA_ECC_FAMILY_SECP_K1: - switch (bits) { + switch (*bits) { case 192: case 224: case 256: @@ -136,8 +137,7 @@ psa_status_t mbedtls_psa_ecp_load_representation( } mbedtls_ecp_keypair_init(ecp); - status = check_ecc_parameters(PSA_KEY_TYPE_ECC_GET_FAMILY(type), curve_bits, - !explicit_bits); + status = check_ecc_parameters(PSA_KEY_TYPE_ECC_GET_FAMILY(type), &curve_bits); if (status != PSA_SUCCESS) { goto exit; } diff --git a/library/psa_util.c b/library/psa_util.c index abd7a5f6b..28b028552 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -276,7 +276,6 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, #endif #if defined(PSA_WANT_ECC_SECP_R1_521) case 521: - case 528: return MBEDTLS_ECP_DP_SECP521R1; #endif } @@ -303,7 +302,6 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, switch (bits) { #if defined(PSA_WANT_ECC_MONTGOMERY_255) case 255: - case 256: return MBEDTLS_ECP_DP_CURVE25519; #endif #if defined(PSA_WANT_ECC_MONTGOMERY_448) From ad819679a55a36338d8c1ba4e72db69d11409646 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 29 Dec 2023 12:14:41 +0100 Subject: [PATCH 1278/1674] test_suite_psa_crypto: explicitly check return values of conversion functions Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto.data | 31 ++++++++++---------- tests/suites/test_suite_psa_crypto.function | 32 ++++++++------------- 2 files changed, 28 insertions(+), 35 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d2fa84250..501cbb783 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -7409,55 +7409,56 @@ persistent_key_load_key_from_storage:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b ECP group ID <-> PSA family - SECP192R1 depends_on:PSA_WANT_ECC_SECP_R1_192 -ecc_conversion_functions:MBEDTLS_ECP_DP_SECP192R1 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP192R1:PSA_ECC_FAMILY_SECP_R1:192 ECP group ID <-> PSA family - SECP224R1 depends_on:PSA_WANT_ECC_SECP_R1_224 -ecc_conversion_functions:MBEDTLS_ECP_DP_SECP224R1 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP224R1:PSA_ECC_FAMILY_SECP_R1:224 ECP group ID <-> PSA family - SECP256R1 depends_on:PSA_WANT_ECC_SECP_R1_256 -ecc_conversion_functions:MBEDTLS_ECP_DP_SECP256R1 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP256R1:PSA_ECC_FAMILY_SECP_R1:256 ECP group ID <-> PSA family - SECP384R1 depends_on:PSA_WANT_ECC_SECP_R1_384 -ecc_conversion_functions:MBEDTLS_ECP_DP_SECP384R1 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP384R1:PSA_ECC_FAMILY_SECP_R1:384 ECP group ID <-> PSA family - SECP521R1 depends_on:PSA_WANT_ECC_SECP_R1_521 -ecc_conversion_functions:MBEDTLS_ECP_DP_SECP521R1 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP521R1:PSA_ECC_FAMILY_SECP_R1:521 ECP group ID <-> PSA family - BP256R1 depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256 -ecc_conversion_functions:MBEDTLS_ECP_DP_BP256R1 +ecc_conversion_functions:MBEDTLS_ECP_DP_BP256R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:256 ECP group ID <-> PSA family - BP384R1 depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384 -ecc_conversion_functions:MBEDTLS_ECP_DP_BP384R1 +ecc_conversion_functions:MBEDTLS_ECP_DP_BP384R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:384 ECP group ID <-> PSA family - BP512R1 depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 -ecc_conversion_functions:MBEDTLS_ECP_DP_BP512R1 +ecc_conversion_functions:MBEDTLS_ECP_DP_BP512R1:PSA_ECC_FAMILY_BRAINPOOL_P_R1:512 ECP group ID <-> PSA family - CURVE25519 depends_on:PSA_WANT_ECC_MONTGOMERY_255 -ecc_conversion_functions:MBEDTLS_ECP_DP_CURVE25519 +ecc_conversion_functions:MBEDTLS_ECP_DP_CURVE25519:PSA_ECC_FAMILY_MONTGOMERY:255 ECP group ID <-> PSA family - SECP192K1 depends_on:PSA_WANT_ECC_SECP_K1_192 -ecc_conversion_functions:MBEDTLS_ECP_DP_SECP192K1 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP192K1:PSA_ECC_FAMILY_SECP_K1:192 ECP group ID <-> PSA family - SECP224K1 depends_on:PSA_WANT_ECC_SECP_K1_224 -ecc_conversion_functions:MBEDTLS_ECP_DP_SECP224K1 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP224K1:PSA_ECC_FAMILY_SECP_K1:224 ECP group ID <-> PSA family - SECP256K1 depends_on:PSA_WANT_ECC_SECP_K1_256 -ecc_conversion_functions:MBEDTLS_ECP_DP_SECP256K1 +ecc_conversion_functions:MBEDTLS_ECP_DP_SECP256K1:PSA_ECC_FAMILY_SECP_K1:256 ECP group ID <-> PSA family - CURVE448 depends_on:PSA_WANT_ECC_MONTGOMERY_448 -ecc_conversion_functions:MBEDTLS_ECP_DP_CURVE448 +ecc_conversion_functions:MBEDTLS_ECP_DP_CURVE448:PSA_ECC_FAMILY_MONTGOMERY:448 + +ECP group ID <-> PSA family - Wrong values +ecc_conversion_functions:MBEDTLS_ECP_DP_MAX:0:0 -ECP group ID <-> PSA family - fail -ecc_conversion_functions_fail: \ No newline at end of file diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index a2d156d4e..ec8afe705 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -9481,30 +9481,22 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ -void ecc_conversion_functions(int grp_id_arg) +/* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ +void ecc_conversion_functions(int grp_id_arg, int psa_family_arg, int bits_arg) { mbedtls_ecp_group_id grp_id = grp_id_arg; - psa_ecc_family_t ecc_family; - size_t bits; + psa_ecc_family_t ecc_family = psa_family_arg; + size_t bits = bits_arg; + size_t bits_tmp; - ecc_family = mbedtls_ecc_group_to_psa(grp_id, &bits); - TEST_ASSERT(ecc_family != 0); - TEST_EQUAL(grp_id, mbedtls_ecc_group_from_psa(ecc_family, bits)); -} -/* END_CASE */ + TEST_EQUAL(ecc_family, mbedtls_ecc_group_to_psa(grp_id, &bits_tmp)); + TEST_EQUAL(bits, bits_tmp); -/* BEGIN_CASE */ -void ecc_conversion_functions_fail(void) -{ - psa_ecc_family_t ecc_family; - size_t bits; - - // Pick an invalid group ID (MBEDTLS_ECP_DP_CURVE448 is the last enum) - ecc_family = mbedtls_ecc_group_to_psa(MBEDTLS_ECP_DP_CURVE448 + 1, &bits); - TEST_EQUAL(ecc_family, 0); - - TEST_EQUAL(MBEDTLS_ECP_DP_NONE, mbedtls_ecc_group_from_psa(PSA_ECC_FAMILY_SECP_R1, 0)); + if (grp_id != MBEDTLS_ECP_DP_MAX) { + TEST_EQUAL(grp_id, mbedtls_ecc_group_from_psa(ecc_family, bits)); + } else { + TEST_EQUAL(MBEDTLS_ECP_DP_NONE, mbedtls_ecc_group_from_psa(ecc_family, bits)); + } } /* END_CASE */ From 8bd330dff554dfbf3e170463bcd21d31e2405595 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 29 Dec 2023 13:35:58 +0100 Subject: [PATCH 1279/1674] changelog: add missing newline Signed-off-by: Valerio Setti --- ChangeLog.d/7764.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/7764.txt b/ChangeLog.d/7764.txt index be332cd60..5eb14b4d2 100644 --- a/ChangeLog.d/7764.txt +++ b/ChangeLog.d/7764.txt @@ -1,4 +1,4 @@ Features * mbedtls_ecc_group_to_psa() and mbedtls_ecc_group_from_psa() helper functions were added to convert from mbedtls_ecp_group_id to - psa_ecc_family_t and curve's bit size and viceversa, respectively. \ No newline at end of file + psa_ecc_family_t and curve's bit size and viceversa, respectively. From 0bc8598d20071c1a8ae122cdeae74f7c53ba0e62 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 3 Jan 2024 15:22:46 +0100 Subject: [PATCH 1280/1674] psa_util: properly handle secp224r1 private key size Signed-off-by: Valerio Setti --- library/psa_crypto_ecp.c | 5 +++++ library/psa_util.c | 8 ++++++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 3c5aa729b..f38efff67 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -80,6 +80,11 @@ static int check_ecc_parameters(psa_ecc_family_t family, size_t *bits) case 224: case 256: return PSA_SUCCESS; + /* secp224k1 has 224-bit coordinates but 225-bit private keys. + * This means that private keys are represented with 232 bits. */ + case 232: + *bits = 225; + return PSA_SUCCESS; } break; } diff --git a/library/psa_util.c b/library/psa_util.c index 28b028552..971f965e4 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -232,8 +232,10 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, return PSA_ECC_FAMILY_SECP_K1; #endif #if defined(MBEDTLS_ECP_HAVE_SECP224K1) + /* secp224k1 has 224-bit coordinates but 225-bit private keys. + * The nominal key size in PSA is the private key size, hence 225. */ case MBEDTLS_ECP_DP_SECP224K1: - *bits = 224; + *bits = 225; return PSA_ECC_FAMILY_SECP_K1; #endif #if defined(MBEDTLS_ECP_HAVE_SECP256K1) @@ -318,7 +320,9 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, return MBEDTLS_ECP_DP_SECP192K1; #endif #if defined(PSA_WANT_ECC_SECP_K1_224) - case 224: + /* secp224k1 has 224-bit coordinates but 225-bit private keys. + * The nominal key size in PSA is the private key size, hence 225. */ + case 225: return MBEDTLS_ECP_DP_SECP224K1; #endif #if defined(PSA_WANT_ECC_SECP_K1_256) From fc8a48a9e34d0bd42a0b8c6aaffeffc11391f230 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 4 Jan 2024 09:03:23 +0100 Subject: [PATCH 1281/1674] changelog: fix working Signed-off-by: Valerio Setti --- ChangeLog.d/7764.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/7764.txt b/ChangeLog.d/7764.txt index 5eb14b4d2..0734fb911 100644 --- a/ChangeLog.d/7764.txt +++ b/ChangeLog.d/7764.txt @@ -1,4 +1,4 @@ Features - * mbedtls_ecc_group_to_psa() and mbedtls_ecc_group_from_psa() helper - functions were added to convert from mbedtls_ecp_group_id to - psa_ecc_family_t and curve's bit size and viceversa, respectively. + * Add functions mbedtls_ecc_group_to_psa() and mbedtls_ecc_group_from_psa() + to convert between mbedtls_ecp_group_id and psa_ecc_family_t and curve's + bit size and vice versa, respectively. From afa01c7394a2e02b060f741f56c3614f7af70b86 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 4 Jan 2024 09:47:50 +0100 Subject: [PATCH 1282/1674] psa-transition: update "Elliptic curve mechanism selection" section - add hyperlinks for the conversion functions. - move conversion functions' description before the legacy<->PSA table. Signed-off-by: Valerio Setti --- docs/psa-transition.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/psa-transition.md b/docs/psa-transition.md index 71b3d68f9..617426cfd 100644 --- a/docs/psa-transition.md +++ b/docs/psa-transition.md @@ -725,7 +725,11 @@ An ECC public key has the type [`PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)`](https://mb An ECC key pair has the type [`PSA_KEY_TYPE_ECC_KEY_PAIR(curve)`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga0b6f5d4d5037c54ffa850d8059c32df0) where `curve` is a curve family identifier. A key with this type can be used both for private-key and public-key operations (there is no separate key type for a private key without the corresponding public key). You can always use a private key for operations on the corresponding public key (as long as the policy permits it). -A curve is fully determined by a curve family identifier and the private key size in bits. The following table gives the correspondence between legacy and PSA elliptic curve designations. +A curve is fully determined by a curve family identifier and the private key size in bits. You can use the following functions to convert between the PSA and legacy elliptic curve designations: +- [`mbedtls_ecc_group_to_psa()`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__psa__tls__helpers/#group__psa__tls__helpers_1ga9c83c095adfec7da99401cf81e164f99) converts from the legacy curve type identifier to PSA curve family and bit-size. +- [`mbedtls_ecc_group_from_psa()`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__psa__tls__helpers/#group__psa__tls__helpers_1ga6243eb619d5b2f5fe4667811adeb8a12) converts from PSA curve family and bit-size to the legacy identifier. + +The following table gives the correspondence between legacy and PSA elliptic curve designations. | Mbed TLS legacy curve identifier | PSA curve family | Curve bit-size | | -------------------------------- | ---------------- | -------------- | @@ -743,10 +747,6 @@ A curve is fully determined by a curve family identifier and the private key siz | `MBEDTLS_ECP_DP_SECP256K1` | [`PSA_ECC_FAMILY_SECP_K1`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga48bb340b5544ba617b0f5b89542665a7) | 256 | | `MBEDTLS_ECP_DP_CURVE448` | [`PSA_ECC_FAMILY_MONTGOMERY`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1ga1f624c5cdaf25b21287af33024e1aff8) | 448 | -The following helper functions can be used to convert between the 2 types: -- `mbedtls_ecc_group_to_psa()` converts from the legacy curve type identifier to PSA curve family and bit-size. -- `mbedtls_ecc_group_from_psa()` converts from PSA curve family and bit-size to the legacy identifier. - The following cryptographic algorithms work with ECC keys: * ECDH key agreement (including X25519 and X448): [`PSA_ALG_ECDH`](https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__crypto__types/#group__crypto__types_1gab2dbcf71b63785e7dd7b54a100edee43). From 4ba0c61eda41c5873879d670e58842e4f6196f52 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 4 Jan 2024 09:51:25 +0100 Subject: [PATCH 1283/1674] test_suite_psa_crypto: add test case for ECP conversion with null values Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto.data | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 501cbb783..c0916e067 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -7459,6 +7459,9 @@ ECP group ID <-> PSA family - CURVE448 depends_on:PSA_WANT_ECC_MONTGOMERY_448 ecc_conversion_functions:MBEDTLS_ECP_DP_CURVE448:PSA_ECC_FAMILY_MONTGOMERY:448 +ECP group ID <-> PSA family - Null values +ecc_conversion_functions:MBEDTLS_ECP_DP_NONE:0:0 + ECP group ID <-> PSA family - Wrong values ecc_conversion_functions:MBEDTLS_ECP_DP_MAX:0:0 From ac739524740747292352b8b8393e7fdbe244b6d2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 4 Jan 2024 10:22:01 +0100 Subject: [PATCH 1284/1674] test_suite_psa_crypto: improve failing tests for EC conversion functions Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto.data | 2 +- tests/suites/test_suite_psa_crypto.function | 30 ++++++++++++++++----- 2 files changed, 25 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index c0916e067..eda6f5d8c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -7463,5 +7463,5 @@ ECP group ID <-> PSA family - Null values ecc_conversion_functions:MBEDTLS_ECP_DP_NONE:0:0 ECP group ID <-> PSA family - Wrong values -ecc_conversion_functions:MBEDTLS_ECP_DP_MAX:0:0 +ecc_conversion_functions_fail diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index ec8afe705..1112cfcd5 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -9491,15 +9491,33 @@ void ecc_conversion_functions(int grp_id_arg, int psa_family_arg, int bits_arg) TEST_EQUAL(ecc_family, mbedtls_ecc_group_to_psa(grp_id, &bits_tmp)); TEST_EQUAL(bits, bits_tmp); - - if (grp_id != MBEDTLS_ECP_DP_MAX) { - TEST_EQUAL(grp_id, mbedtls_ecc_group_from_psa(ecc_family, bits)); - } else { - TEST_EQUAL(MBEDTLS_ECP_DP_NONE, mbedtls_ecc_group_from_psa(ecc_family, bits)); - } + TEST_EQUAL(grp_id, mbedtls_ecc_group_from_psa(ecc_family, bits)); } /* END_CASE */ +/* BEGIN_CASE depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ +void ecc_conversion_functions_fail() +{ + size_t bits; + + /* Invalid legacy curve identifier. */ + TEST_EQUAL(0, mbedtls_ecc_group_to_psa(MBEDTLS_ECP_DP_NONE, &bits)); + TEST_EQUAL(0, bits); + + /* Invalid PSA EC family. */ + TEST_EQUAL(MBEDTLS_ECP_DP_NONE, mbedtls_ecc_group_from_psa(0, 192)); + /* Invalid bit-size for a valid EC family. */ + TEST_EQUAL(MBEDTLS_ECP_DP_NONE, mbedtls_ecc_group_from_psa(PSA_ECC_FAMILY_SECP_R1, 512)); + + /* Twisted-Edward curves are not supported yet. */ + TEST_EQUAL(MBEDTLS_ECP_DP_NONE, + mbedtls_ecc_group_from_psa(PSA_ECC_FAMILY_TWISTED_EDWARDS, 255)); + TEST_EQUAL(MBEDTLS_ECP_DP_NONE, + mbedtls_ecc_group_from_psa(PSA_ECC_FAMILY_TWISTED_EDWARDS, 448)); +} +/* END_CASE */ + + /* BEGIN_CASE */ void key_agreement_output(int alg_arg, int our_key_type_arg, data_t *our_key_data, From 65df79303fafe853809dc392f8eb91d2bddec31d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 4 Jan 2024 10:58:36 +0100 Subject: [PATCH 1285/1674] psa_crypto_ecp: return unsupported for secp224k1 in check_ecc_parameters() Signed-off-by: Valerio Setti --- library/psa_crypto_ecp.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index f38efff67..d6b640cf7 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -77,14 +77,14 @@ static int check_ecc_parameters(psa_ecc_family_t family, size_t *bits) case PSA_ECC_FAMILY_SECP_K1: switch (*bits) { case 192: - case 224: case 256: return PSA_SUCCESS; - /* secp224k1 has 224-bit coordinates but 225-bit private keys. - * This means that private keys are represented with 232 bits. */ + /* secp224k1 is not and will not be supported in PSA (#3541). + * Note: secp224k1 has 225-bit private keys which are rounded + * up to 232 for their representation. */ + case 224: case 232: - *bits = 225; - return PSA_SUCCESS; + return PSA_ERROR_NOT_SUPPORTED; } break; } From 7863627bd6fe7320542095fde87eae093b30a61d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 4 Jan 2024 13:17:04 +0100 Subject: [PATCH 1286/1674] psa_util: remove support for secp224k1 in EC conversion functions Signed-off-by: Valerio Setti --- library/psa_util.c | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/library/psa_util.c b/library/psa_util.c index 971f965e4..d833299e8 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -232,11 +232,7 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, return PSA_ECC_FAMILY_SECP_K1; #endif #if defined(MBEDTLS_ECP_HAVE_SECP224K1) - /* secp224k1 has 224-bit coordinates but 225-bit private keys. - * The nominal key size in PSA is the private key size, hence 225. */ - case MBEDTLS_ECP_DP_SECP224K1: - *bits = 225; - return PSA_ECC_FAMILY_SECP_K1; + /* secp224k1 is not and will not be supported in PSA (#3541). */ #endif #if defined(MBEDTLS_ECP_HAVE_SECP256K1) case MBEDTLS_ECP_DP_SECP256K1: @@ -320,10 +316,7 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, return MBEDTLS_ECP_DP_SECP192K1; #endif #if defined(PSA_WANT_ECC_SECP_K1_224) - /* secp224k1 has 224-bit coordinates but 225-bit private keys. - * The nominal key size in PSA is the private key size, hence 225. */ - case 225: - return MBEDTLS_ECP_DP_SECP224K1; + /* secp224k1 is not and will not be supported in PSA (#3541). */ #endif #if defined(PSA_WANT_ECC_SECP_K1_256) case 256: From eca07140f3c160eba07cf63c34c1d2495c925b40 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 4 Jan 2024 13:17:31 +0100 Subject: [PATCH 1287/1674] psa_util: update documentation of EC conversion functions Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index cfb4bce58..d0d95ae19 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -112,11 +112,16 @@ extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state; * * \param grpid An Mbed TLS elliptic curve identifier * (`MBEDTLS_ECP_DP_xxx`). - * \param[out] bits On success, the bit size of the curve. + * \param[out] bits On success the bit size of the curve; 0 on failure. * - * \return The corresponding PSA elliptic curve identifier + * \return On success the corresponding PSA elliptic curve identifier * (`PSA_ECC_FAMILY_xxx`). - * \return \c 0 on failure (\p grpid is not recognized). + * \return \c 0 if \p grpid is not supported. + * + * \note A successful conversion means that the curve is supported + * in PSA. Legacy support (`mbedtls_ecp_xxx`) is only + * enabled if the curve is builtin (see + * `config_adjust_legacy_from_psa.h` for details). */ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits); @@ -127,10 +132,23 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, * (`PSA_ECC_FAMILY_xxx`). * \param bits The bit-length of a private key on \p curve. * - * \return The corresponding Mbed TLS elliptic curve identifier - * (`MBEDTLS_ECP_DP_xxx`). + * \return On success the corresponding Mbed TLS elliptic curve + * identifier (`MBEDTLS_ECP_DP_xxx`). * \return #MBEDTLS_ECP_DP_NONE if the combination of \c curve - * and \p bits is not recognized. + * and \p bits is not supported or invalid: + * - not supported means that the proper `PSA_WANT_ECC_xxx` + * symbol is not enabled for the requested curve. + * - invalid if `PSA_WANT_ECC_xxx` is enabled, but the + * combination of \p curve and \p bits are not correct + * for that curve. + * \return #MBEDTLS_ECP_DP_NONE for secp224k1 curve, no matter + * what the status of `PSA_WANT_ECC_SECP_K1_224` is, because + * this curve is not and will not be supported in PSA (#3541). + * + * \note A successful conversion means that the curve is supported + * in PSA. Legacy support (`mbedtls_ecp_xxx`) is only + * enabled if the curve is builtin (see + * `config_adjust_legacy_from_psa.h` for details). */ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, size_t bits); From db6e02902de5c399e37fc9f171f117d1c9afa962 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 5 Jan 2024 10:15:45 +0100 Subject: [PATCH 1288/1674] test_suite_psa_crypto: test also MBEDTLS_ECP_DP_MAX in ecc_conversion_functions_fail() Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto.function | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 1112cfcd5..7b6f5ae04 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -9500,7 +9500,9 @@ void ecc_conversion_functions_fail() { size_t bits; - /* Invalid legacy curve identifier. */ + /* Invalid legacy curve identifiers. */ + TEST_EQUAL(0, mbedtls_ecc_group_to_psa(MBEDTLS_ECP_DP_MAX, &bits)); + TEST_EQUAL(0, bits); TEST_EQUAL(0, mbedtls_ecc_group_to_psa(MBEDTLS_ECP_DP_NONE, &bits)); TEST_EQUAL(0, bits); From 0d438fa390355958c0745f0393859110029f0bf6 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 5 Jan 2024 10:33:51 +0100 Subject: [PATCH 1289/1674] psa_crypto_ecp: fix comment for secp224k1 in check_ecc_parameters Signed-off-by: Valerio Setti --- library/psa_crypto_ecp.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index d6b640cf7..4d9a59baa 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -80,8 +80,8 @@ static int check_ecc_parameters(psa_ecc_family_t family, size_t *bits) case 256: return PSA_SUCCESS; /* secp224k1 is not and will not be supported in PSA (#3541). - * Note: secp224k1 has 225-bit private keys which are rounded - * up to 232 for their representation. */ + * Note: secp224k1 has 224-bit coordinates but 225-bit private + * keys which are rounded up to 232 for their representation. */ case 224: case 232: return PSA_ERROR_NOT_SUPPORTED; From 2622b1dab364d29923035189620a44a5109d0c20 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 5 Jan 2024 10:36:33 +0100 Subject: [PATCH 1290/1674] changelog: improve wording Signed-off-by: Valerio Setti --- ChangeLog.d/7764.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/7764.txt b/ChangeLog.d/7764.txt index 0734fb911..983058403 100644 --- a/ChangeLog.d/7764.txt +++ b/ChangeLog.d/7764.txt @@ -1,4 +1,4 @@ Features * Add functions mbedtls_ecc_group_to_psa() and mbedtls_ecc_group_from_psa() to convert between mbedtls_ecp_group_id and psa_ecc_family_t and curve's - bit size and vice versa, respectively. + bit size. From 3afdd02e378f4e901845ad7d6f00e7379073d497 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 9 Jan 2024 08:50:20 +0100 Subject: [PATCH 1291/1674] changelog: improve wording Signed-off-by: Valerio Setti --- ChangeLog.d/7764.txt | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ChangeLog.d/7764.txt b/ChangeLog.d/7764.txt index 983058403..4cd20798a 100644 --- a/ChangeLog.d/7764.txt +++ b/ChangeLog.d/7764.txt @@ -1,4 +1,3 @@ Features * Add functions mbedtls_ecc_group_to_psa() and mbedtls_ecc_group_from_psa() - to convert between mbedtls_ecp_group_id and psa_ecc_family_t and curve's - bit size. + to convert between Mbed TLS and PSA curve identifiers. From d0aa9c1316e4fdc98c3e5f501bf9aa1e0b3342b0 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 9 Jan 2024 09:10:44 +0100 Subject: [PATCH 1292/1674] psa_util: update documentation for PSA conversion functions Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 31 ++++++++----------------------- 1 file changed, 8 insertions(+), 23 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index d0d95ae19..f36d89ad6 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -114,14 +114,11 @@ extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state; * (`MBEDTLS_ECP_DP_xxx`). * \param[out] bits On success the bit size of the curve; 0 on failure. * - * \return On success the corresponding PSA elliptic curve identifier - * (`PSA_ECC_FAMILY_xxx`). - * \return \c 0 if \p grpid is not supported. - * - * \note A successful conversion means that the curve is supported - * in PSA. Legacy support (`mbedtls_ecp_xxx`) is only - * enabled if the curve is builtin (see - * `config_adjust_legacy_from_psa.h` for details). + * \return If the curve is supported in the PSA API, this function + * returns the proper PSA curve identifier + * (`PSA_ECC_FAMILY_xxx`). This holds even if the curve is + * not supported by the ECP module. + * \return \c 0 if the curve is not supported in the PSA API. */ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, size_t *bits); @@ -132,23 +129,11 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, * (`PSA_ECC_FAMILY_xxx`). * \param bits The bit-length of a private key on \p curve. * - * \return On success the corresponding Mbed TLS elliptic curve + * \return If the curve is supported in the PSA API, this function + * returns the corresponding Mbed TLS elliptic curve * identifier (`MBEDTLS_ECP_DP_xxx`). * \return #MBEDTLS_ECP_DP_NONE if the combination of \c curve - * and \p bits is not supported or invalid: - * - not supported means that the proper `PSA_WANT_ECC_xxx` - * symbol is not enabled for the requested curve. - * - invalid if `PSA_WANT_ECC_xxx` is enabled, but the - * combination of \p curve and \p bits are not correct - * for that curve. - * \return #MBEDTLS_ECP_DP_NONE for secp224k1 curve, no matter - * what the status of `PSA_WANT_ECC_SECP_K1_224` is, because - * this curve is not and will not be supported in PSA (#3541). - * - * \note A successful conversion means that the curve is supported - * in PSA. Legacy support (`mbedtls_ecp_xxx`) is only - * enabled if the curve is builtin (see - * `config_adjust_legacy_from_psa.h` for details). + * and \p bits is not supported. */ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, size_t bits); From 39faa9cad4e83293094e74b2a39bab8914109994 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 9 Jan 2024 09:11:22 +0100 Subject: [PATCH 1293/1674] psa_util: rename parameter of mbedtls_ecc_group_from_psa The new name better reflects the fact that the 1st parameter is just the EC family and not the curve. Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 4 ++-- library/psa_util.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index f36d89ad6..1b142562e 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -125,7 +125,7 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, /** Convert an ECC curve identifier from the PSA encoding to Mbed TLS. * - * \param curve A PSA elliptic curve identifier + * \param family A PSA elliptic curve family identifier * (`PSA_ECC_FAMILY_xxx`). * \param bits The bit-length of a private key on \p curve. * @@ -135,7 +135,7 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, * \return #MBEDTLS_ECP_DP_NONE if the combination of \c curve * and \p bits is not supported. */ -mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, +mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t family, size_t bits); #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ diff --git a/library/psa_util.c b/library/psa_util.c index d833299e8..41586e262 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -250,10 +250,10 @@ psa_ecc_family_t mbedtls_ecc_group_to_psa(mbedtls_ecp_group_id grpid, } } -mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t curve, +mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t family, size_t bits) { - switch (curve) { + switch (family) { case PSA_ECC_FAMILY_SECP_R1: switch (bits) { #if defined(PSA_WANT_ECC_SECP_R1_192) From 2bd2b788cf82437d1d238bbdadbd26fa652532aa Mon Sep 17 00:00:00 2001 From: Jonathan Winzig Date: Tue, 9 Jan 2024 15:19:42 +0100 Subject: [PATCH 1294/1674] Add tests for Issue #8687 Signed-off-by: Jonathan Winzig --- tests/suites/test_suite_x509write.data | 6 ++++++ tests/suites/test_suite_x509write.function | 21 +++++++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 28cef301c..730e76e71 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -265,3 +265,9 @@ mbedtls_x509_string_to_names:"C=NL, 2.5.4.10.234.532=#0C084F6666737061726B, OU=P Check max serial length x509_set_serial_check: + +Check max extension length (Max-1) +x509_set_extension_length_check:0xFFFFFFFE + +Check max extension length (Max) +x509_set_extension_length_check:0xFFFFFFFF \ No newline at end of file diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index b59fd48f3..7690dc049 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -752,3 +752,24 @@ exit: USE_PSA_DONE(); } /* END_CASE */ + +/* BEGIN_CASE */ +void x509_set_extension_length_check(int val_len) +{ + int ret = 0; + + mbedtls_x509write_csr ctx; + mbedtls_x509write_csr_init(&ctx); + + unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 }; + unsigned char *p = buf + sizeof(buf); + + ret = mbedtls_x509_set_extension(&(ctx.MBEDTLS_PRIVATE(extensions)), + MBEDTLS_OID_EXTENDED_KEY_USAGE, + MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE), + 0, + p, + val_len); + TEST_ASSERT(ret == MBEDTLS_ERR_X509_BAD_INPUT_DATA || ret == MBEDTLS_ERR_X509_ALLOC_FAILED); +} +/* END_CASE */ From 05c722bfd03712b5fbea0dc3087244be10425935 Mon Sep 17 00:00:00 2001 From: Jonathan Winzig Date: Tue, 9 Jan 2024 15:20:03 +0100 Subject: [PATCH 1295/1674] Fix Issue #8687 Signed-off-by: Jonathan Winzig --- library/x509_create.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/x509_create.c b/library/x509_create.c index 8f31c3bea..c761a8c45 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -382,6 +382,10 @@ int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, { mbedtls_asn1_named_data *cur; + if (0xFFFFFFFF == (uint32_t) val_len) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } + if ((cur = mbedtls_asn1_store_named_data(head, oid, oid_len, NULL, val_len + 1)) == NULL) { return MBEDTLS_ERR_X509_ALLOC_FAILED; From 5caf20ea80b46edbad29448d169e694659968cd1 Mon Sep 17 00:00:00 2001 From: Jonathan Winzig Date: Tue, 9 Jan 2024 16:41:10 +0100 Subject: [PATCH 1296/1674] Update fix to be more platform-independent Co-authored-by: David Horstmann Signed-off-by: Jonathan Winzig --- library/x509_create.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/x509_create.c b/library/x509_create.c index c761a8c45..f7a17e712 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -382,7 +382,7 @@ int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, { mbedtls_asn1_named_data *cur; - if (0xFFFFFFFF == (uint32_t) val_len) { + if (val_len > (SIZE_MAX - 1)) { return MBEDTLS_ERR_X509_BAD_INPUT_DATA; } From c5e77bf4e490d6a84311916572b6e9c8320ffc06 Mon Sep 17 00:00:00 2001 From: Jonathan Winzig Date: Tue, 9 Jan 2024 16:47:12 +0100 Subject: [PATCH 1297/1674] Add missing newline at the end of test_suite_x509write.data Signed-off-by: Jonathan Winzig --- tests/suites/test_suite_x509write.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 730e76e71..f46d19d58 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -270,4 +270,4 @@ Check max extension length (Max-1) x509_set_extension_length_check:0xFFFFFFFE Check max extension length (Max) -x509_set_extension_length_check:0xFFFFFFFF \ No newline at end of file +x509_set_extension_length_check:0xFFFFFFFF From a72454bc16701603a93b05c60b4339341703a2c6 Mon Sep 17 00:00:00 2001 From: Jonathan Winzig Date: Tue, 9 Jan 2024 17:39:42 +0100 Subject: [PATCH 1298/1674] Update test-data to use SIZE_MAX Co-authored-by: David Horstmann Signed-off-by: Jonathan Winzig --- tests/suites/test_suite_x509write.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index f46d19d58..869ea7f59 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -270,4 +270,4 @@ Check max extension length (Max-1) x509_set_extension_length_check:0xFFFFFFFE Check max extension length (Max) -x509_set_extension_length_check:0xFFFFFFFF +x509_set_extension_length_check:SIZE_MAX From 6c9779fabbafa060e130728bdb899f0cf9d7d08a Mon Sep 17 00:00:00 2001 From: Jonathan Winzig Date: Tue, 9 Jan 2024 17:47:10 +0100 Subject: [PATCH 1299/1674] Remove unneeded testcase Signed-off-by: Jonathan Winzig --- tests/suites/test_suite_x509write.data | 7 ++----- tests/suites/test_suite_x509write.function | 6 +++--- 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 869ea7f59..5c6a9032d 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -266,8 +266,5 @@ mbedtls_x509_string_to_names:"C=NL, 2.5.4.10.234.532=#0C084F6666737061726B, OU=P Check max serial length x509_set_serial_check: -Check max extension length (Max-1) -x509_set_extension_length_check:0xFFFFFFFE - -Check max extension length (Max) -x509_set_extension_length_check:SIZE_MAX +Check max extension length +x509_set_extension_length_check: diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 7690dc049..4c002f9ee 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -754,7 +754,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void x509_set_extension_length_check(int val_len) +void x509_set_extension_length_check() { int ret = 0; @@ -769,7 +769,7 @@ void x509_set_extension_length_check(int val_len) MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE), 0, p, - val_len); - TEST_ASSERT(ret == MBEDTLS_ERR_X509_BAD_INPUT_DATA || ret == MBEDTLS_ERR_X509_ALLOC_FAILED); + SIZE_MAX); + TEST_ASSERT(MBEDTLS_ERR_X509_BAD_INPUT_DATA == ret); } /* END_CASE */ From 315c3ca9e55f74e58ae4a5be96c2ed890106c0dd Mon Sep 17 00:00:00 2001 From: Jonathan Winzig Date: Tue, 9 Jan 2024 18:31:11 +0100 Subject: [PATCH 1300/1674] Add required dependency to the testcase Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com> Signed-off-by: Jonathan Winzig --- tests/suites/test_suite_x509write.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 4c002f9ee..503d9764c 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -753,7 +753,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_WRITE_C */ void x509_set_extension_length_check() { int ret = 0; From 0f45a1aec5a73de46796681d09483bd87c26e744 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 10 Jan 2024 09:43:06 +0100 Subject: [PATCH 1301/1674] Fix typos / improve syntax MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/driver-only-cipher.txt | 2 +- ChangeLog.d/no-cipher.txt | 2 +- docs/architecture/psa-migration/md-cipher-dispatch.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/driver-only-cipher.txt b/ChangeLog.d/driver-only-cipher.txt index e2a946c91..331b2f997 100644 --- a/ChangeLog.d/driver-only-cipher.txt +++ b/ChangeLog.d/driver-only-cipher.txt @@ -2,7 +2,7 @@ Features * If a cipher or AEAD mechanism has a PSA driver, you can now build the library without the corresponding built-in implementation. Generally speaking that requires both the key type and algorithm to be accelerated - or they'll both be built in. However for CCM and GCM the built-in + or they'll both be built in. However, for CCM and GCM the built-in implementation is able to take advantage of a driver that only accelerates the key type (that is, the block cipher primitive). See docs/driver-only-builds.md for full details and current limitations. diff --git a/ChangeLog.d/no-cipher.txt b/ChangeLog.d/no-cipher.txt index 4deadab98..87f2f6d3a 100644 --- a/ChangeLog.d/no-cipher.txt +++ b/ChangeLog.d/no-cipher.txt @@ -1,7 +1,7 @@ Features * Fewer modules depend on MBEDTLS_CIPHER_C, making it possible to save code size by disabling it in more circumstances. In particular, the CCM and - GCM modules no longer depends on MBEDTLS_CIPHER_C. Also, + GCM modules no longer depend on MBEDTLS_CIPHER_C. Also, MBEDTLS_PSA_CRYPTO can now be enabled without MBEDTLS_CIPHER_C if all unauthenticated (non-AEAD) ciphers are disabled, or if they're all fully provided by drivers. See docs/driver-only-builds.md for full diff --git a/docs/architecture/psa-migration/md-cipher-dispatch.md b/docs/architecture/psa-migration/md-cipher-dispatch.md index 30afad831..eda65a348 100644 --- a/docs/architecture/psa-migration/md-cipher-dispatch.md +++ b/docs/architecture/psa-migration/md-cipher-dispatch.md @@ -609,7 +609,7 @@ int psa_can_do_cipher(psa_key_type_t key_type, psa_algorithm_t cipher_alg); The job of this private function is to return 1 if `hash_alg` can be performed through PSA now, and 0 otherwise. It is only defined on algorithms that are enabled via PSA. As a starting point, return 1 if PSA crypto's driver subsystem has been initialized. -Each function in the module needs to know whether to dispatch via PSA or legacy. All function with just consult the context's `engine` field, except `setup()` which will set it according to the key type and the return value of `psa_can_do_cipher()` as discussed above. +Each function in the module needs to know whether to dispatch via PSA or legacy. All functions consult the context's `engine` field, except `setup()` which will set it according to the key type and the return value of `psa_can_do_cipher()` as discussed above. Note that this assumes that an operation that has been started via PSA can be completed. This implies that `mbedtls_psa_crypto_free` must not be called while an operation using PSA is in progress. From e3344867539d0522a45848cd6e99f36233232d5b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 10 Jan 2024 10:24:31 +0100 Subject: [PATCH 1302/1674] Add new lines before lists MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is more portable markdown, and also for people who read the text, it make the new lines after the list (but inside the same sentence) less surprising I hope. Signed-off-by: Manuel Pégourié-Gonnard --- docs/driver-only-builds.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 8f708259c..f59420e3d 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -16,6 +16,7 @@ driver. In order to have some mechanism provided only by a driver, you'll want the following compile-time configuration options enabled: + - `MBEDTLS_PSA_CRYPTO_C` (enabled by default) - this enables PSA Crypto. - `MBEDTLS_USE_PSA_CRYPTO` (disabled by default) - this makes PK, X.509 and TLS use PSA Crypto. You need to enable this if you're using PK, X.509 or TLS @@ -28,6 +29,7 @@ mechanism through the PSA API in Mbed TLS](proposed/psa-conditional-inclusion-c.md) for details. In addition, for each mechanism you want provided only by your driver: + - Define the corresponding `PSA_WANT` macro in `psa/crypto_config.h` - this means the algorithm will be available in the PSA Crypto API. - Define the corresponding `MBEDTLS_PSA_ACCEL` in your build. This could be @@ -52,6 +54,7 @@ Mechanisms covered ------------------ For now, only the following (families of) mechanisms are supported: + - hashes: SHA-3, SHA-2, SHA-1, MD5, etc. - elliptic-curve cryptography (ECC): ECDH, ECDSA, EC J-PAKE, ECC key types. - finite-field Diffie-Hellman: FFDH algorithm, DH key types. @@ -79,6 +82,7 @@ Hashes It is possible to have all hash operations provided only by a driver. More precisely: + - you can enable `PSA_WANT_ALG_SHA_256` without `MBEDTLS_SHA256_C`, provided you have `MBEDTLS_PSA_ACCEL_ALG_SHA_256` enabled; - and similarly for all supported hash algorithms: `MD5`, `RIPEMD160`, @@ -97,6 +101,7 @@ considerations](#general-considerations) above. If you want to check at compile-time whether a certain hash algorithm is available in the present build of Mbed TLS, regardless of whether it's provided by a driver or built-in, you should use the following macros: + - for code that uses only the PSA Crypto API: `PSA_WANT_ALG_xxx` from `psa/crypto.h`; - for code that uses non-PSA crypto APIs: `MBEDTLS_MD_CAN_xxx` from @@ -106,10 +111,12 @@ Elliptic-curve cryptography (ECC) --------------------------------- It is possible to have most ECC operations provided only by a driver: + - the ECDH, ECDSA and EC J-PAKE algorithms; - key import, export, and random generation. More precisely, if: + - you have driver support for ECC public and using private keys (that is, `MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY` and `MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC` are enabled), and @@ -118,6 +125,7 @@ More precisely, if: `MBEDTLS_PSA_ACCEL_ECC_xxx` macros is enabled as well); then you can: + - enable `PSA_WANT_ALG_ECDH` without `MBEDTLS_ECDH_C`, provided `MBEDTLS_PSA_ACCEL_ALG_ECDH` is enabled - enable `PSA_WANT_ALG_ECDSA` without `MBEDTLS_ECDSA_C`, provided @@ -126,6 +134,7 @@ then you can: `MBEDTLS_PSA_ACCEL_ALG_JPAKE` is enabled. In addition, if: + - none of `MBEDTLS_ECDH_C`, `MBEDTLS_ECDSA_C`, `MBEDTLS_ECJPAKE_C` are enabled (see conditions above), and - you have driver support for all enabled ECC key pair operations - that is, @@ -137,6 +146,7 @@ then you can also disable `MBEDTLS_ECP_C`. However, a small subset of it might still be included in the build, see limitations sub-section below. In addition, if: + - `MBEDTLS_ECP_C` is fully removed (see limitation sub-section below), - and support for RSA key types and algorithms is either fully disabled or fully provided by a driver, @@ -148,6 +158,7 @@ then you can also disable `MBEDTLS_BIGNUM_C`. In such builds, all crypto operations via the PSA Crypto API will work as usual, as well as the PK, X.509 and TLS modules if `MBEDTLS_USE_PSA_CRYPTO` is enabled, with the following exceptions: + - direct calls to APIs from the disabled modules are not possible; - PK, X.509 and TLS will not support restartable ECC operations (see limitation sub-section below). @@ -155,6 +166,7 @@ enabled, with the following exceptions: If you want to check at compile-time whether a certain curve is available in the present build of Mbed TLS, regardless of whether ECC is provided by a driver or built-in, you should use the following macros: + - for code that uses only the PSA Crypto API: `PSA_WANT_ECC_xxx` from `psa/crypto.h`; - for code that may also use non-PSA crypto APIs: `MBEDTLS_ECP_HAVE_xxx` from @@ -170,6 +182,7 @@ automatically defined when enabling `MBEDTLS_PSA_P256M_DRIVER_ENABLED`. A limited subset of `ecp.c` will still be automatically re-enabled if any of the following is enabled: + - `MBEDTLS_PK_PARSE_EC_COMPRESSED` - support for parsing ECC keys where the public part is in compressed format; - `MBEDTLS_PK_PARSE_EC_EXTENDED` - support for parsing ECC keys where the @@ -249,6 +262,7 @@ RSA It is possible for all RSA operations to be provided only by a driver. More precisely, if: + - all the RSA algorithms that are enabled (`PSA_WANT_ALG_RSA_*`) are also accelerated (`MBEDTLS_PSA_ACCEL_ALG_RSA_*`), - and all the RSA key types that are enabled (`PSA_WANT_KEY_TYPE_RSA_*`) are @@ -272,6 +286,7 @@ Ciphers (unauthenticated and AEAD) It is possible to have all ciphers and AEAD operations provided only by a driver. More precisely, for each desired combination of key type and algorithm/mode you can: + - Enable desired PSA key type(s): - `PSA_WANT_KEY_TYPE_AES`, - `PSA_WANT_KEY_TYPE_ARIA`, @@ -328,6 +343,7 @@ some non-PSA APIs will be absent or have reduced functionality, see Some legacy modules can't take advantage of PSA drivers yet, and will either need to be disabled, or have reduced features when the built-in implementations of some ciphers are removed: + - `MBEDTLS_NIST_KW_C` needs built-in AES: it must be disabled when `MBEDTLS_AES_C` is disabled. - `MBEDTLS_CMAC_C` needs built-in AES/DES: it must be disabled when @@ -352,6 +368,7 @@ restrictions, see [Disabling `MBEDTLS_CIPHER_C`](#disabling-mbedtls_cipher_c). Note that the relationship between legacy (i.e. `MBEDTLS_xxx_C`) and PSA (i.e. `PSA_WANT_xxx`) symbols is not always 1:1. For example: + - ECB mode is always enabled in the legacy configuration for each key type that allows it (AES, ARIA, Camellia, DES), whereas it must be explicitly enabled in PSA with `PSA_WANT_ALG_ECB_NO_PADDING`. @@ -374,6 +391,7 @@ together with desired key type(s) (`PSA_WANT_KEY_TYPE_[AES|ARIA|CAMELLIA]` + `MBEDTLS_PSA_ACCEL_KEY_TYPE_[AES|ARIA|CAMELLIA]`). In such configurations it is possible to: + - Use CCM and GCM via the PSA Crypto APIs. - Use CCM and GCM via legacy functions `mbedtls_[ccm|gcm]_xxx()` (but not the legacy functions `mbedtls_cipher_xxx()`). @@ -387,6 +405,7 @@ algorithm) in order to work with a driver. The legacy CTR-DRBG module (enabled by `MBEDTLS_CTR_DRBG_C`) can also benefit from PSA acceleration if both of the following conditions are met: + - The legacy AES module (`MBEDTLS_AES_C`) is not enabled and - AES is supported on the PSA side together with ECB mode, i.e. `PSA_WANT_KEY_TYPE_AES` + `PSA_WANT_ALG_ECB_NO_PADDING`. @@ -395,6 +414,7 @@ from PSA acceleration if both of the following conditions are met: It is possible to save code size by disabling MBEDTLS_CIPHER_C when all of the following conditions are met: + - The application is not using the `mbedtls_cipher_` API. - In PSA, all unauthenticated (that is, non-AEAD) ciphers are either disabled or fully accelerated (that is, all compatible key types are accelerated too). @@ -404,6 +424,7 @@ following conditions are met: a driver.) In such a build, everything will work as usual except for the following: + - Encryption/decryption functions from the PKCS5 and PKCS12 module will not be available (only key derivation functions). - Parsing of PKCS5- or PKCS12-encrypted keys in PK parse will fail. From a8b4291836b788d509bd00cd2436e5cbd363544a Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 8 Nov 2023 11:10:47 +0800 Subject: [PATCH 1303/1674] tls13: add generic function to write Record Size Limit ext Signed-off-by: Yanray Wang --- library/ssl_misc.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index a8afd429c..62b212d72 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2710,6 +2710,13 @@ MBEDTLS_CHECK_RETURN_CRITICAL int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl, const unsigned char *buf, const unsigned char *end); + +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_tls13_write_record_size_limit_ext(mbedtls_ssl_context *ssl, + uint16_t record_size_limit, + unsigned char *buf, + const unsigned char *end, + size_t *out_len); #endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ #if defined(MBEDTLS_SSL_ALPN) From faf70bdf9d314e52fd8b3e7d92a922316cac05c5 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Thu, 7 Dec 2023 10:03:32 +0800 Subject: [PATCH 1304/1674] ssl_tls13_generic: check value of RecordSizeLimit in helper function Signed-off-by: Yanray Wang --- library/ssl_tls13_generic.c | 67 +++++++++++++++++++++++++++++++------ 1 file changed, 56 insertions(+), 11 deletions(-) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index ecfaf8a1a..0befe3bba 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1698,6 +1698,27 @@ int mbedtls_ssl_tls13_check_received_extension( } #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) +/* RFC 8449, section 4: + * + * Endpoints MUST NOT send a "record_size_limit" extension with a value + * smaller than 64. An endpoint MUST treat receipt of a smaller value + * as a fatal error and generate an "illegal_parameter" alert. + */ +static int mbedtls_ssl_is_record_size_limit_valid(mbedtls_ssl_context *ssl, + uint16_t record_size_limit) +{ + if (record_size_limit < MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Invalid record size limit : %u Bytes", + record_size_limit)); + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, + MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + } + + return 0; +} + /* RFC 8449, section 4: * * The ExtensionData of the "record_size_limit" extension is @@ -1709,6 +1730,7 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl, const unsigned char *buf, const unsigned char *end) { + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; uint16_t record_size_limit; const size_t extension_data_len = end - buf; @@ -1731,17 +1753,9 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG(2, ("RecordSizeLimit: %u Bytes", record_size_limit)); - /* RFC 8449, section 4: - * - * Endpoints MUST NOT send a "record_size_limit" extension with a value - * smaller than 64. An endpoint MUST treat receipt of a smaller value - * as a fatal error and generate an "illegal_parameter" alert. - */ - if (record_size_limit < MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN) { - MBEDTLS_SSL_PEND_FATAL_ALERT( - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, - MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); - return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; + ret = mbedtls_ssl_is_record_size_limit_valid(ssl, record_size_limit); + if (ret != 0) { + return ret; } ssl->session_negotiate->record_size_limit = record_size_limit; @@ -1749,6 +1763,37 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl, return 0; } +MBEDTLS_CHECK_RETURN_CRITICAL +int mbedtls_ssl_tls13_write_record_size_limit_ext(mbedtls_ssl_context *ssl, + uint16_t record_size_limit, + unsigned char *buf, + const unsigned char *end, + size_t *out_len) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + unsigned char *p = buf; + *out_len = 0; + + ret = mbedtls_ssl_is_record_size_limit_valid(ssl, record_size_limit); + if (ret != 0) { + return ret; + } + + MBEDTLS_SSL_CHK_BUF_PTR(p, end, 6); + + MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT, p, 0); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH, p, 2); + MBEDTLS_PUT_UINT16_BE(record_size_limit, p, 4); + + *out_len = 6; + + MBEDTLS_SSL_DEBUG_MSG(2, ("Sent RecordSizeLimit: %u Bytes", record_size_limit)); + + mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT); + + return 0; +} + #endif /* MBEDTLS_SSL_RECORD_SIZE_LIMIT */ #endif /* MBEDTLS_SSL_TLS_C && MBEDTLS_SSL_PROTO_TLS1_3 */ From 42017cd4c9dacef74a82618a1d1b8afbfbfe35a9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 8 Nov 2023 11:15:23 +0800 Subject: [PATCH 1305/1674] tls13: cli: write Record Size Limit ext in ClientHello - add the support in library - update corresponding test case Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 9 +++++++++ tests/ssl-opt.sh | 11 +++++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 342ec5242..0d132227c 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1160,6 +1160,15 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, } p += ext_len; +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + ret = mbedtls_ssl_tls13_write_record_size_limit_ext( + ssl, MBEDTLS_SSL_IN_CONTENT_LEN, p, end, &ext_len); + if (ret != 0) { + return ret; + } + p += ext_len; +#endif + #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) if (mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) { ret = ssl_tls13_write_key_share_ext(ssl, p, end, &ext_len); diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 92b3e171c..1cd01dc0c 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4856,10 +4856,13 @@ run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \ "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert -d 4" \ "$P_CLI debug_level=4 force_version=tls13" \ 0 \ - -s "Preparing extension (Record Size Limit/28) for 'encrypted extensions'" -# The P_CLI can not yet send the Record Size Limit extension. Thus, the G_NEXT_SRV does not send -# a response in its EncryptedExtensions record. -# -c "RecordSizeLimit: 16385 Bytes" + -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "found record_size_limit extension" \ + -c "RecordSizeLimit: 16385 Bytes" \ + -c "EncryptedExtensions: record_size_limit(28) extension received." \ + -s "Parsing extension 'Record Size Limit/28' (2 bytes)" \ + -s "record_size_limit 16384 negotiated" # In the following (9) tests, --recordsize is the value used by the G_NEXT_CLI (3.7.2) to configure the # maximum record size using "https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-size". From 47d294694355b2544f8a2647c3fcfae5b77ac8fc Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Wed, 3 Jan 2024 17:31:52 +0000 Subject: [PATCH 1306/1674] tls13: server: write Record Size Limit ext in EncryptedExtensions - add the support in library - update corresponding test cases. Signed-off-by: Yanray Wang Signed-off-by: Waleed Elmelegy --- library/ssl_tls13_server.c | 9 +++++++++ tests/ssl-opt.sh | 24 ++++++++++-------------- 2 files changed, 19 insertions(+), 14 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index a7c266b52..c9fddda1e 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2530,6 +2530,15 @@ static int ssl_tls13_write_encrypted_extensions_body(mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_EARLY_DATA */ +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + ret = mbedtls_ssl_tls13_write_record_size_limit_ext( + ssl, MBEDTLS_SSL_IN_CONTENT_LEN, p, end, &output_len); + if (ret != 0) { + return ret; + } + p += output_len; +#endif + extensions_len = (p - p_extensions_len) - 2; MBEDTLS_PUT_UINT16_BE(extensions_len, p_extensions_len, 0); diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 1cd01dc0c..89243e4a2 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4843,7 +4843,6 @@ run_test "Record Size Limit: TLS 1.3: Server-side parsing and debug output" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4" \ 0 \ -s "RecordSizeLimit: 16385 Bytes" \ - -s "ClientHello: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 16383" \ -s "bytes written in 1 fragments" @@ -4857,10 +4856,7 @@ run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \ "$P_CLI debug_level=4 force_version=tls13" \ 0 \ -c "Sent RecordSizeLimit: 16384 Bytes" \ - -c "ClientHello: record_size_limit(28) extension exists." \ - -c "found record_size_limit extension" \ -c "RecordSizeLimit: 16385 Bytes" \ - -c "EncryptedExtensions: record_size_limit(28) extension received." \ -s "Parsing extension 'Record Size Limit/28' (2 bytes)" \ -s "record_size_limit 16384 negotiated" @@ -4937,8 +4933,8 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=512" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ 0 \ - -s "RecordSizeLimit: 1024 Bytes" \ - -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Sent RecordSizeLimit: 16384 Bytes" \ + -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 1023" \ -s "512 bytes written in 1 fragments" @@ -4951,8 +4947,8 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=1536" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ 0 \ - -s "RecordSizeLimit: 1024 Bytes" \ - -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Sent RecordSizeLimit: 16384 Bytes" \ + -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 1023" \ -s "1536 bytes written in 2 fragments" @@ -4965,8 +4961,8 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=2560" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ 0 \ - -s "RecordSizeLimit: 1024 Bytes" \ - -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Sent RecordSizeLimit: 16384 Bytes" \ + -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 1023" \ -s "2560 bytes written in 3 fragments" @@ -4979,8 +4975,8 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=2048" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ 0 \ - -s "RecordSizeLimit: 4096 Bytes" \ - -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Sent RecordSizeLimit: 16384 Bytes" \ + -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 4095" \ -s "2048 bytes written in 1 fragments" @@ -4993,8 +4989,8 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=6144" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ 0 \ - -s "RecordSizeLimit: 4096 Bytes" \ - -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Sent RecordSizeLimit: 16384 Bytes" \ + -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 4095" \ -s "6144 bytes written in 2 fragments" From 598ea09dd5b142a0743c4a9b8ab7a3a9b6a9a813 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Wed, 3 Jan 2024 17:34:03 +0000 Subject: [PATCH 1307/1674] TLS1.3: SRV/CLI: add support for sending Record Size Limit extension Signed-off-by: Yanray Wang Signed-off-by: Waleed Elmelegy --- tests/ssl-opt.sh | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 89243e4a2..e45a165df 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5003,11 +5003,33 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=10240" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ 0 \ - -s "RecordSizeLimit: 4096 Bytes" \ - -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Sent RecordSizeLimit: 16384 Bytes" \ + -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 4095" \ -s "10240 bytes written in 3 fragments" +# TODO: For time being, we send fixed value of RecordSizeLimit defined by +# MBEDTLS_SSL_IN_CONTENT_LEN. Once we support variable buffer length of +# RecordSizeLimit, we need to modify value of RecordSizeLimit in below test. +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_SSL_SRV_C +run_test "Record Size Limit: TLS 1.3 m->m: both peer comply with record size limit (16384)" \ + "$P_SRV debug_level=4 force_version=tls13" \ + "$P_CLI debug_level=4 force_version=tls13" \ + 0 \ + -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "RecordSizeLimit: 16384 Bytes" \ + -c "EncryptedExtensions: record_size_limit(28) extension exists." \ + -c "Maximum outgoing record payload length is 16383" \ + -s "RecordSizeLimit: 16384 Bytes" \ + -s "Sent RecordSizeLimit: 16384 Bytes" \ + -s "EncryptedExtensions: record_size_limit(28) extension exists." \ + -s "Maximum outgoing record payload length is 16383" \ + -s "Maximum incoming record payload length is 16384" + # Tests for renegotiation # Renegotiation SCSV always added, regardless of SSL_RENEGOTIATION From 148dfb64575dab43a26fe66677d2b7f98d22f049 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 4 Jan 2024 18:02:35 +0000 Subject: [PATCH 1308/1674] Change record size limit writing function Signed-off-by: Waleed Elmelegy --- library/ssl_misc.h | 1 - library/ssl_tls13_client.c | 2 +- library/ssl_tls13_generic.c | 12 ++++-------- 3 files changed, 5 insertions(+), 10 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 62b212d72..7195d6343 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2713,7 +2713,6 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl, MBEDTLS_CHECK_RETURN_CRITICAL int mbedtls_ssl_tls13_write_record_size_limit_ext(mbedtls_ssl_context *ssl, - uint16_t record_size_limit, unsigned char *buf, const unsigned char *end, size_t *out_len); diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 0d132227c..2a8081dda 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1162,7 +1162,7 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) ret = mbedtls_ssl_tls13_write_record_size_limit_ext( - ssl, MBEDTLS_SSL_IN_CONTENT_LEN, p, end, &ext_len); + ssl, p, end, &ext_len); if (ret != 0) { return ret; } diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 0befe3bba..ad2b7f672 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1765,29 +1765,25 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl, MBEDTLS_CHECK_RETURN_CRITICAL int mbedtls_ssl_tls13_write_record_size_limit_ext(mbedtls_ssl_context *ssl, - uint16_t record_size_limit, unsigned char *buf, const unsigned char *end, size_t *out_len) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = buf; *out_len = 0; - ret = mbedtls_ssl_is_record_size_limit_valid(ssl, record_size_limit); - if (ret != 0) { - return ret; - } + MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_IN_CONTENT_LEN >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN, + "MBEDTLS_SSL_IN_CONTENT_LEN is less than the minimum record size limit"); MBEDTLS_SSL_CHK_BUF_PTR(p, end, 6); MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT, p, 0); MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH, p, 2); - MBEDTLS_PUT_UINT16_BE(record_size_limit, p, 4); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_IN_CONTENT_LEN, p, 4); *out_len = 6; - MBEDTLS_SSL_DEBUG_MSG(2, ("Sent RecordSizeLimit: %u Bytes", record_size_limit)); + MBEDTLS_SSL_DEBUG_MSG(2, ("Sent RecordSizeLimit: %u Bytes", MBEDTLS_SSL_IN_CONTENT_LEN)); mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT); From d2fc90e024b055e023c412fac6a1377229396eff Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 4 Jan 2024 18:04:53 +0000 Subject: [PATCH 1309/1674] Stop sending record size limit extension if it's not sent from client Signed-off-by: Waleed Elmelegy --- library/ssl_tls13_server.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index c9fddda1e..36d1c059f 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2500,6 +2500,9 @@ static int ssl_tls13_write_encrypted_extensions_body(mbedtls_ssl_context *ssl, size_t extensions_len = 0; unsigned char *p_extensions_len; size_t output_len; +#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) + uint32_t record_size_extension_mask; +#endif *out_len = 0; @@ -2531,12 +2534,15 @@ static int ssl_tls13_write_encrypted_extensions_body(mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_EARLY_DATA */ #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) - ret = mbedtls_ssl_tls13_write_record_size_limit_ext( - ssl, MBEDTLS_SSL_IN_CONTENT_LEN, p, end, &output_len); - if (ret != 0) { - return ret; + record_size_extension_mask = mbedtls_ssl_get_extension_mask(MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT); + if (ssl->handshake->received_extensions | record_size_extension_mask) { + ret = mbedtls_ssl_tls13_write_record_size_limit_ext( + ssl, p, end, &output_len); + if (ret != 0) { + return ret; + } + p += output_len; } - p += output_len; #endif extensions_len = (p - p_extensions_len) - 2; From e1ac98d8887872ccc8a5034a5e237f74965f3a47 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 5 Jan 2024 18:10:12 +0000 Subject: [PATCH 1310/1674] remove mbedtls_ssl_is_record_size_limit_valid function Signed-off-by: Waleed Elmelegy --- library/ssl_tls13_generic.c | 46 +++++++++++++++---------------------- 1 file changed, 19 insertions(+), 27 deletions(-) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index ad2b7f672..0afedbc35 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1698,26 +1698,6 @@ int mbedtls_ssl_tls13_check_received_extension( } #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) -/* RFC 8449, section 4: - * - * Endpoints MUST NOT send a "record_size_limit" extension with a value - * smaller than 64. An endpoint MUST treat receipt of a smaller value - * as a fatal error and generate an "illegal_parameter" alert. - */ -static int mbedtls_ssl_is_record_size_limit_valid(mbedtls_ssl_context *ssl, - uint16_t record_size_limit) -{ - if (record_size_limit < MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN) { - MBEDTLS_SSL_DEBUG_MSG(1, ("Invalid record size limit : %u Bytes", - record_size_limit)); - MBEDTLS_SSL_PEND_FATAL_ALERT( - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, - MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); - return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; - } - - return 0; -} /* RFC 8449, section 4: * @@ -1730,7 +1710,6 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl, const unsigned char *buf, const unsigned char *end) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = buf; uint16_t record_size_limit; const size_t extension_data_len = end - buf; @@ -1753,9 +1732,19 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG(2, ("RecordSizeLimit: %u Bytes", record_size_limit)); - ret = mbedtls_ssl_is_record_size_limit_valid(ssl, record_size_limit); - if (ret != 0) { - return ret; + /* RFC 8449, section 4: + * + * Endpoints MUST NOT send a "record_size_limit" extension with a value + * smaller than 64. An endpoint MUST treat receipt of a smaller value + * as a fatal error and generate an "illegal_parameter" alert. + */ + if (record_size_limit < MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN) { + MBEDTLS_SSL_DEBUG_MSG(1, ("Invalid record size limit : %u Bytes", + record_size_limit)); + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER, + MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER); + return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; } ssl->session_negotiate->record_size_limit = record_size_limit; @@ -1773,17 +1762,20 @@ int mbedtls_ssl_tls13_write_record_size_limit_ext(mbedtls_ssl_context *ssl, *out_len = 0; MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_IN_CONTENT_LEN >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN, - "MBEDTLS_SSL_IN_CONTENT_LEN is less than the minimum record size limit"); + "MBEDTLS_SSL_IN_CONTENT_LEN is less than the " + "minimum record size limit"); MBEDTLS_SSL_CHK_BUF_PTR(p, end, 6); MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT, p, 0); - MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH, p, 2); + MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH, + p, 2); MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_IN_CONTENT_LEN, p, 4); *out_len = 6; - MBEDTLS_SSL_DEBUG_MSG(2, ("Sent RecordSizeLimit: %u Bytes", MBEDTLS_SSL_IN_CONTENT_LEN)); + MBEDTLS_SSL_DEBUG_MSG(2, ("Sent RecordSizeLimit: %u Bytes", + MBEDTLS_SSL_IN_CONTENT_LEN)); mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT); From fbe42743eb37c0d8b846b6127144643400288fa4 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 5 Jan 2024 18:11:10 +0000 Subject: [PATCH 1311/1674] Fix issue in checking in writing extensions Fix issue in checking if server received record size limit extension. Signed-off-by: Waleed Elmelegy --- library/ssl_tls13_server.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 36d1c059f..227d287af 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2500,9 +2500,6 @@ static int ssl_tls13_write_encrypted_extensions_body(mbedtls_ssl_context *ssl, size_t extensions_len = 0; unsigned char *p_extensions_len; size_t output_len; -#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) - uint32_t record_size_extension_mask; -#endif *out_len = 0; @@ -2534,8 +2531,7 @@ static int ssl_tls13_write_encrypted_extensions_body(mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_EARLY_DATA */ #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) - record_size_extension_mask = mbedtls_ssl_get_extension_mask(MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT); - if (ssl->handshake->received_extensions | record_size_extension_mask) { + if (ssl->handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(RECORD_SIZE_LIMIT)) { ret = mbedtls_ssl_tls13_write_record_size_limit_ext( ssl, p, end, &output_len); if (ret != 0) { From 3a37756496f89937214d600d5f2b7b8ccd95ed07 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 5 Jan 2024 18:13:42 +0000 Subject: [PATCH 1312/1674] Improve record size limit tests Signed-off-by: Waleed Elmelegy --- tests/ssl-opt.sh | 41 +++++++++++++++++++++++++++-------------- 1 file changed, 27 insertions(+), 14 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index e45a165df..f47cc8ef6 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4843,6 +4843,7 @@ run_test "Record Size Limit: TLS 1.3: Server-side parsing and debug output" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4" \ 0 \ -s "RecordSizeLimit: 16385 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 16383" \ -s "bytes written in 1 fragments" @@ -4856,6 +4857,9 @@ run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \ "$P_CLI debug_level=4 force_version=tls13" \ 0 \ -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "found record_size_limit extension" \ + -c "EncryptedExtensions: record_size_limit(28) extension received." \ -c "RecordSizeLimit: 16385 Bytes" \ -s "Parsing extension 'Record Size Limit/28' (2 bytes)" \ -s "record_size_limit 16384 negotiated" @@ -4933,6 +4937,8 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=512" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ 0 \ + -s "RecordSizeLimit: 1024 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ -s "Sent RecordSizeLimit: 16384 Bytes" \ -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 1023" \ @@ -4947,6 +4953,8 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=1536" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ 0 \ + -s "RecordSizeLimit: 1024 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ -s "Sent RecordSizeLimit: 16384 Bytes" \ -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 1023" \ @@ -4961,6 +4969,8 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=2560" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ 0 \ + -s "RecordSizeLimit: 1024 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ -s "Sent RecordSizeLimit: 16384 Bytes" \ -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 1023" \ @@ -4975,6 +4985,8 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=2048" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ 0 \ + -s "RecordSizeLimit: 4096 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ -s "Sent RecordSizeLimit: 16384 Bytes" \ -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 4095" \ @@ -4989,6 +5001,8 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=6144" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ 0 \ + -s "RecordSizeLimit: 4096 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ -s "Sent RecordSizeLimit: 16384 Bytes" \ -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 4095" \ @@ -5003,6 +5017,8 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 response_size=10240" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ 0 \ + -s "RecordSizeLimit: 4096 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ -s "Sent RecordSizeLimit: 16384 Bytes" \ -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 4095" \ @@ -5011,23 +5027,20 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit # TODO: For time being, we send fixed value of RecordSizeLimit defined by # MBEDTLS_SSL_IN_CONTENT_LEN. Once we support variable buffer length of # RecordSizeLimit, we need to modify value of RecordSizeLimit in below test. -requires_config_enabled MBEDTLS_DEBUG_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_value_equals "MBEDTLS_SSL_IN_CONTENT_LEN" 16384 +requires_all_configs_enabled MBEDTLS_SSL_CLI_C MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -requires_config_enabled MBEDTLS_SSL_CLI_C -requires_config_enabled MBEDTLS_SSL_SRV_C -run_test "Record Size Limit: TLS 1.3 m->m: both peer comply with record size limit (16384)" \ +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +run_test "Record Size Limit: TLS 1.3 m->m: both peer comply with record size limit (default)" \ "$P_SRV debug_level=4 force_version=tls13" \ - "$P_CLI debug_level=4 force_version=tls13" \ + "$P_CLI debug_level=4" \ 0 \ - -c "Sent RecordSizeLimit: 16384 Bytes" \ - -c "RecordSizeLimit: 16384 Bytes" \ - -c "EncryptedExtensions: record_size_limit(28) extension exists." \ - -c "Maximum outgoing record payload length is 16383" \ - -s "RecordSizeLimit: 16384 Bytes" \ - -s "Sent RecordSizeLimit: 16384 Bytes" \ - -s "EncryptedExtensions: record_size_limit(28) extension exists." \ - -s "Maximum outgoing record payload length is 16383" \ + -c "Sent RecordSizeLimit: $MAX_IN_LEN Bytes" \ + -c "RecordSizeLimit: $MAX_IN_LEN Bytes" \ + -c "Maximum outgoing record payload length is 16383" \ + -s "RecordSizeLimit: $MAX_IN_LEN Bytes" \ + -s "Sent RecordSizeLimit: $MAX_IN_LEN Bytes" \ + -s "Maximum outgoing record payload length is 16383" \ -s "Maximum incoming record payload length is 16384" # Tests for renegotiation From 2a2462e8f93d290220cd63956fb1ada69646dc1f Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 5 Jan 2024 18:58:46 +0000 Subject: [PATCH 1313/1674] Add Changlog entry for record size extension Signed-off-by: Waleed Elmelegy --- ChangeLog.d/add-record-size-limit-extension-support.txt | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 ChangeLog.d/add-record-size-limit-extension-support.txt diff --git a/ChangeLog.d/add-record-size-limit-extension-support.txt b/ChangeLog.d/add-record-size-limit-extension-support.txt new file mode 100644 index 000000000..ca1a7c268 --- /dev/null +++ b/ChangeLog.d/add-record-size-limit-extension-support.txt @@ -0,0 +1,2 @@ +Features + * Add support for sending and receiving Record Size Limit extension. From 9457e67afd58b5e3deb67dbceb9662c34daeff41 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Mon, 8 Jan 2024 15:40:12 +0000 Subject: [PATCH 1314/1674] update record size limit tests to be more consistent Signed-off-by: Waleed Elmelegy --- tests/ssl-opt.sh | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index f47cc8ef6..12605f5b0 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4836,8 +4836,9 @@ run_test "Max fragment length: DTLS client, larger message" \ requires_gnutls_tls1_3 requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_SRV_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Record Size Limit: TLS 1.3: Server-side parsing and debug output" \ "$P_SRV debug_level=3 force_version=tls13" \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4" \ @@ -4849,20 +4850,17 @@ run_test "Record Size Limit: TLS 1.3: Server-side parsing and debug output" \ requires_gnutls_tls1_3 requires_gnutls_record_size_limit -requires_gnutls_next_disable_tls13_compat +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT -requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \ - "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert -d 4" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL --disable-client-cert -d 4" \ "$P_CLI debug_level=4 force_version=tls13" \ 0 \ -c "Sent RecordSizeLimit: 16384 Bytes" \ -c "ClientHello: record_size_limit(28) extension exists." \ - -c "found record_size_limit extension" \ -c "EncryptedExtensions: record_size_limit(28) extension received." \ -c "RecordSizeLimit: 16385 Bytes" \ - -s "Parsing extension 'Record Size Limit/28' (2 bytes)" \ - -s "record_size_limit 16384 negotiated" # In the following (9) tests, --recordsize is the value used by the G_NEXT_CLI (3.7.2) to configure the # maximum record size using "https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-size". @@ -4889,10 +4887,13 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit "$P_SRV debug_level=3 force_version=tls13 tls13_kex_modes=psk \ psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70 \ response_size=256" \ - "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \ - --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \ + "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \ + --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \ 0 \ -s "RecordSizeLimit: 513 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Sent RecordSizeLimit: 16384 Bytes" \ + -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 511" \ -s "256 bytes written in 1 fragments" @@ -4909,6 +4910,9 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \ 0 \ -s "RecordSizeLimit: 513 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Sent RecordSizeLimit: 16384 Bytes" \ + -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 511" \ -s "768 bytes written in 2 fragments" @@ -4925,6 +4929,9 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \ 0 \ -s "RecordSizeLimit: 513 Bytes" \ + -s "ClientHello: record_size_limit(28) extension exists." \ + -s "Sent RecordSizeLimit: 16384 Bytes" \ + -s "EncryptedExtensions: record_size_limit(28) extension exists." \ -s "Maximum outgoing record payload length is 511" \ -s "1280 bytes written in 3 fragments" From f501790ff20bf3896fff6299fd1f889106fab047 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Tue, 9 Jan 2024 14:18:34 +0000 Subject: [PATCH 1315/1674] Improve comments across record size limit changes Signed-off-by: Waleed Elmelegy --- library/ssl_misc.h | 1 + library/ssl_tls.c | 18 +++++++++--------- tests/ssl-opt.sh | 20 ++++++++++++-------- 3 files changed, 22 insertions(+), 17 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 7195d6343..2e621be89 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2704,6 +2704,7 @@ int mbedtls_ssl_parse_server_name_ext(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) #define MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH (2) +/* This value is defined by RFC 8449 */ #define MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN (64) MBEDTLS_CHECK_RETURN_CRITICAL diff --git a/library/ssl_tls.c b/library/ssl_tls.c index f92e40ac7..517af785a 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3521,15 +3521,15 @@ int mbedtls_ssl_get_max_out_record_payload(const mbedtls_ssl_context *ssl) if (ssl->transform_out != NULL && ssl->transform_out->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - /* RFC 8449, section 4: - * - * This value [record_size_limit] is the length of the plaintext - * of a protected record. - * The value includes the content type and padding added in TLS 1.3 - * (that is, the complete length of TLSInnerPlaintext). - * - * Thus, round down to a multiple of MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY - * and subtract 1 (for the content type that will be added later) + /* + * In TLS 1.3 case, when records are protected, `max_len` as computed + * above is the maximum length of the TLSInnerPlaintext structure that + * along the plaintext payload contains the inner content type (one byte) + * and some zero padding. Given the algorithm used for padding + * in mbedtls_ssl_encrypt_buf(), compute the maximum length for + * the plaintext payload. Round down to a multiple of + * MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY and + * subtract 1. */ max_len = ((max_len / MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) * MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) - 1; diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 12605f5b0..30e6a725a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -4862,16 +4862,18 @@ run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \ -c "EncryptedExtensions: record_size_limit(28) extension received." \ -c "RecordSizeLimit: 16385 Bytes" \ -# In the following (9) tests, --recordsize is the value used by the G_NEXT_CLI (3.7.2) to configure the -# maximum record size using "https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-size". -# There is currently a lower limit of 512, caused by this function not respecting the -# "%ALLOW_SMALL_RECORDS" priority string and not using the more recent function -# https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-recv-size. +# In the following tests, --recordsize is the value used by the G_NEXT_CLI (3.7.2) to configure the +# maximum record size using gnutls_record_set_max_size() +# (https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-size). +# There is currently a lower limit of 512, caused by gnutls_record_set_max_size() +# not respecting the "%ALLOW_SMALL_RECORDS" priority string and not using the +# more recent function gnutls_record_set_max_recv_size() +# (https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-recv-size). # There is currently an upper limit of 4096, caused by the cli arg parser: # https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/src/cli-args.def#L395. -# Thus, these tests are currently limit to that value range. -# Moreover, the value sent in the extension is expected to be larger by one compared -# to the value passed on the cli: +# Thus, these tests are currently limited to the value range 512-4096. +# Also, the value sent in the extension will be one larger than the value +# set at the command line: # https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/lib/ext/record_size_limit.c#L142 # Currently test certificates being used do not fit in 513 record size limit @@ -5050,6 +5052,8 @@ run_test "Record Size Limit: TLS 1.3 m->m: both peer comply with record size -s "Maximum outgoing record payload length is 16383" \ -s "Maximum incoming record payload length is 16384" +# End of Record size limit tests + # Tests for renegotiation # Renegotiation SCSV always added, regardless of SSL_RENEGOTIATION From 2fa99b2ddd5581f922a85555d84352cc291ff8d9 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Tue, 9 Jan 2024 17:15:03 +0000 Subject: [PATCH 1316/1674] Add tests for client complying with record size limit Signed-off-by: Waleed Elmelegy --- tests/ssl-opt.sh | 145 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 144 insertions(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 30e6a725a..a0811a428 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5033,6 +5033,150 @@ run_test "Record Size Limit: TLS 1.3: Server complies with record size limit -s "Maximum outgoing record payload length is 4095" \ -s "10240 bytes written in 3 fragments" +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (513), 1 fragment" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --recordsize 512" \ + "$P_CLI debug_level=4 force_version=tls13 request_size=256" \ + 0 \ + -c "RecordSizeLimit: 513 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "EncryptedExtensions: record_size_limit(28) extension exists." \ + -c "Maximum outgoing record payload length is 511" \ + -c "256 bytes written in 1 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (513), 2 fragments" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --recordsize 512" \ + "$P_CLI debug_level=4 force_version=tls13 request_size=768" \ + 0 \ + -c "RecordSizeLimit: 513 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "EncryptedExtensions: record_size_limit(28) extension exists." \ + -c "Maximum outgoing record payload length is 511" \ + -c "768 bytes written in 2 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (513), 3 fragments" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --recordsize 512" \ + "$P_CLI debug_level=4 force_version=tls13 request_size=1280" \ + 0 \ + -c "RecordSizeLimit: 513 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "EncryptedExtensions: record_size_limit(28) extension exists." \ + -c "Maximum outgoing record payload length is 511" \ + -c "1280 bytes written in 3 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (1024), 1 fragment" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \ + "$P_CLI debug_level=4 force_version=tls13 request_size=512" \ + 0 \ + -c "RecordSizeLimit: 1024 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "EncryptedExtensions: record_size_limit(28) extension exists." \ + -c "Maximum outgoing record payload length is 1023" \ + -c "512 bytes written in 1 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (1024), 2 fragments" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \ + "$P_CLI debug_level=4 force_version=tls13 request_size=1536" \ + 0 \ + -c "RecordSizeLimit: 1024 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "EncryptedExtensions: record_size_limit(28) extension exists." \ + -c "Maximum outgoing record payload length is 1023" \ + -c "1536 bytes written in 2 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (1024), 3 fragments" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \ + "$P_CLI debug_level=4 force_version=tls13 request_size=2560" \ + 0 \ + -c "RecordSizeLimit: 1024 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "EncryptedExtensions: record_size_limit(28) extension exists." \ + -c "Maximum outgoing record payload length is 1023" \ + -c "2560 bytes written in 3 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (4096), 1 fragment" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \ + "$P_CLI debug_level=4 force_version=tls13 request_size=2048" \ + 0 \ + -c "RecordSizeLimit: 4096 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "EncryptedExtensions: record_size_limit(28) extension exists." \ + -c "Maximum outgoing record payload length is 4095" \ + -c "2048 bytes written in 1 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (4096), 2 fragments" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \ + "$P_CLI debug_level=4 force_version=tls13 request_size=6144" \ + 0 \ + -c "RecordSizeLimit: 4096 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "EncryptedExtensions: record_size_limit(28) extension exists." \ + -c "Maximum outgoing record payload length is 4095" \ + -c "6144 bytes written in 2 fragments" + +requires_gnutls_tls1_3 +requires_gnutls_record_size_limit +requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE MBEDTLS_SSL_CLI_C MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT +requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (4096), 3 fragments" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \ + "$P_CLI debug_level=4 force_version=tls13 request_size=10240" \ + 0 \ + -c "RecordSizeLimit: 4096 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "EncryptedExtensions: record_size_limit(28) extension exists." \ + -c "Maximum outgoing record payload length is 4095" \ + -c "10240 bytes written in 3 fragments" + # TODO: For time being, we send fixed value of RecordSizeLimit defined by # MBEDTLS_SSL_IN_CONTENT_LEN. Once we support variable buffer length of # RecordSizeLimit, we need to modify value of RecordSizeLimit in below test. @@ -5046,7 +5190,6 @@ run_test "Record Size Limit: TLS 1.3 m->m: both peer comply with record size 0 \ -c "Sent RecordSizeLimit: $MAX_IN_LEN Bytes" \ -c "RecordSizeLimit: $MAX_IN_LEN Bytes" \ - -c "Maximum outgoing record payload length is 16383" \ -s "RecordSizeLimit: $MAX_IN_LEN Bytes" \ -s "Sent RecordSizeLimit: $MAX_IN_LEN Bytes" \ -s "Maximum outgoing record payload length is 16383" \ From e840263f76c830e17d09a1d8f4d4e5ab8b1644d1 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Tue, 9 Jan 2024 17:21:20 +0000 Subject: [PATCH 1317/1674] Move record size limit testing to tls13 component Signed-off-by: Waleed Elmelegy --- tests/scripts/all.sh | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f1b9cc23a..1ab7e5833 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -5645,6 +5645,7 @@ support_build_armcc () { component_test_tls13_only () { msg "build: default config with MBEDTLS_SSL_PROTO_TLS1_3, without MBEDTLS_SSL_PROTO_TLS1_2" scripts/config.py set MBEDTLS_SSL_EARLY_DATA + scripts/config.py set MBEDTLS_SSL_RECORD_SIZE_LIMIT make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" msg "test: TLS 1.3 only, all key exchange modes enabled" @@ -5807,18 +5808,6 @@ component_test_tls13_no_compatibility_mode () { tests/ssl-opt.sh } -component_test_tls13_only_record_size_limit () { - msg "build: TLS 1.3 only from default, record size limit extension enabled" - scripts/config.py set MBEDTLS_SSL_RECORD_SIZE_LIMIT - make CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/tls13-only.h\"'" - - msg "test_suite_ssl: TLS 1.3 only, record size limit extension enabled" - cd tests; ./test_suite_ssl; cd .. - - msg "ssl-opt.sh: (TLS 1.3 only, record size limit extension enabled)" - tests/ssl-opt.sh -} - component_build_mingw () { msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 lib programs From f37c70746b1c6645564b68ee52eb5e1fb55e232d Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Tue, 9 Jan 2024 17:22:46 +0000 Subject: [PATCH 1318/1674] Add MBEDTLS_SSL_RECORD_SIZE_LIMIT to full config Signed-off-by: Waleed Elmelegy --- scripts/config.py | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/config.py b/scripts/config.py index d5fb85e52..ab0e5ea6e 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -207,7 +207,6 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_A_CRYPTO_IF_PRESENT 'MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # setting *_USE_ARMV8_A_CRYPTO is sufficient - 'MBEDTLS_SSL_RECORD_SIZE_LIMIT', # in development, currently breaks other tests 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) 'MBEDTLS_X509_REMOVE_INFO', # removes a feature From 7ae74b74cc8001cb83f61885893b05685966b933 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Tue, 9 Jan 2024 21:51:05 +0000 Subject: [PATCH 1319/1674] Make sure record size limit is not configured without TLS 1.3 Signed-off-by: Waleed Elmelegy --- tests/scripts/all.sh | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1ab7e5833..cf8d920c5 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1335,6 +1335,7 @@ component_test_no_ctr_drbg_classic () { scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -1381,6 +1382,7 @@ component_test_no_hmac_drbg_classic () { scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -1434,6 +1436,7 @@ component_test_psa_external_rng_no_drbg_classic () { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG scripts/config.py unset MBEDTLS_ENTROPY_C scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED @@ -2436,6 +2439,7 @@ component_test_no_use_psa_crypto_full_cmake_asan() { scripts/config.py unset MBEDTLS_PSA_CRYPTO_C scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C @@ -3360,6 +3364,7 @@ build_and_test_psa_want_key_pair_partial() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT # All the PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy are enabled by default in # crypto_config.h so we just disable the one we don't want. @@ -3958,6 +3963,7 @@ component_build_psa_accel_alg_ecdh() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py unset MBEDTLS_ECDH_C scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED @@ -3974,6 +3980,7 @@ component_build_psa_accel_alg_hmac() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT # Need to define the correct symbol and include the test driver header path in order to build with the test driver make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } @@ -3984,9 +3991,11 @@ component_build_psa_accel_alg_hkdf() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py unset MBEDTLS_HKDF_C # Make sure to unset TLS1_3 since it requires HKDF_C and will not build properly without it. scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT # Need to define the correct symbol and include the test driver header path in order to build with the test driver make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } @@ -3997,6 +4006,7 @@ component_build_psa_accel_alg_md5() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 @@ -4016,6 +4026,7 @@ component_build_psa_accel_alg_ripemd160() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 @@ -4035,6 +4046,7 @@ component_build_psa_accel_alg_sha1() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 @@ -4054,6 +4066,7 @@ component_build_psa_accel_alg_sha224() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 @@ -4070,6 +4083,7 @@ component_build_psa_accel_alg_sha256() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 @@ -4086,6 +4100,7 @@ component_build_psa_accel_alg_sha384() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 @@ -4104,6 +4119,7 @@ component_build_psa_accel_alg_sha512() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 @@ -4123,6 +4139,7 @@ component_build_psa_accel_alg_rsa_pkcs1v15_crypt() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP @@ -4137,6 +4154,7 @@ component_build_psa_accel_alg_rsa_pkcs1v15_sign() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP @@ -4151,6 +4169,7 @@ component_build_psa_accel_alg_rsa_oaep() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_OAEP 1 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN @@ -4165,6 +4184,7 @@ component_build_psa_accel_alg_rsa_pss() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN @@ -4179,6 +4199,7 @@ component_build_psa_accel_key_type_rsa_key_pair() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 @@ -4194,6 +4215,7 @@ component_build_psa_accel_key_type_rsa_public_key() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 + scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 # Need to define the correct symbol and include the test driver header path in order to build with the test driver From a3bfdea82b55710bd1a1ff7ae6ebeecc3bc44634 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Wed, 10 Jan 2024 15:30:46 +0000 Subject: [PATCH 1320/1674] Revert "Make sure record size limit is not configured without TLS 1.3" This reverts commit 52cac7a3e6782bbf46a76158c9034afad53981a7. Signed-off-by: Waleed Elmelegy --- tests/scripts/all.sh | 22 ---------------------- 1 file changed, 22 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index cf8d920c5..1ab7e5833 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1335,7 +1335,6 @@ component_test_no_ctr_drbg_classic () { scripts/config.py unset MBEDTLS_CTR_DRBG_C scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -1382,7 +1381,6 @@ component_test_no_hmac_drbg_classic () { scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make @@ -1436,7 +1434,6 @@ component_test_psa_external_rng_no_drbg_classic () { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py set MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG scripts/config.py unset MBEDTLS_ENTROPY_C scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED @@ -2439,7 +2436,6 @@ component_test_no_use_psa_crypto_full_cmake_asan() { scripts/config.py unset MBEDTLS_PSA_CRYPTO_C scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C @@ -3364,7 +3360,6 @@ build_and_test_psa_want_key_pair_partial() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT # All the PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy are enabled by default in # crypto_config.h so we just disable the one we don't want. @@ -3963,7 +3958,6 @@ component_build_psa_accel_alg_ecdh() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py unset MBEDTLS_ECDH_C scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED @@ -3980,7 +3974,6 @@ component_build_psa_accel_alg_hmac() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT # Need to define the correct symbol and include the test driver header path in order to build with the test driver make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HMAC -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } @@ -3991,11 +3984,9 @@ component_build_psa_accel_alg_hkdf() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py unset MBEDTLS_HKDF_C # Make sure to unset TLS1_3 since it requires HKDF_C and will not build properly without it. scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT # Need to define the correct symbol and include the test driver header path in order to build with the test driver make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include" LDFLAGS="$ASAN_CFLAGS" } @@ -4006,7 +3997,6 @@ component_build_psa_accel_alg_md5() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 @@ -4026,7 +4016,6 @@ component_build_psa_accel_alg_ripemd160() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 @@ -4046,7 +4035,6 @@ component_build_psa_accel_alg_sha1() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_224 @@ -4066,7 +4054,6 @@ component_build_psa_accel_alg_sha224() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 @@ -4083,7 +4070,6 @@ component_build_psa_accel_alg_sha256() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 @@ -4100,7 +4086,6 @@ component_build_psa_accel_alg_sha384() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 @@ -4119,7 +4104,6 @@ component_build_psa_accel_alg_sha512() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_MD5 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RIPEMD160 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_SHA_1 @@ -4139,7 +4123,6 @@ component_build_psa_accel_alg_rsa_pkcs1v15_crypt() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP @@ -4154,7 +4137,6 @@ component_build_psa_accel_alg_rsa_pkcs1v15_sign() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_OAEP @@ -4169,7 +4151,6 @@ component_build_psa_accel_alg_rsa_oaep() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_OAEP 1 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN @@ -4184,7 +4165,6 @@ component_build_psa_accel_alg_rsa_pss() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_RSA_PKCS1V15_SIGN @@ -4199,7 +4179,6 @@ component_build_psa_accel_key_type_rsa_key_pair() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT 1 @@ -4215,7 +4194,6 @@ component_build_psa_accel_key_type_rsa_public_key() { scripts/config.py full scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 - scripts/config.py unset MBEDTLS_SSL_RECORD_SIZE_LIMIT scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_ALG_RSA_PSS 1 scripts/config.py -f "$CRYPTO_CONFIG_H" set PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY 1 # Need to define the correct symbol and include the test driver header path in order to build with the test driver From 09561a75750d4924b5c06eb8cedee32433455369 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Wed, 10 Jan 2024 16:13:53 +0000 Subject: [PATCH 1321/1674] Add MBEDTLS_SSL_RECORD_SIZE_LIMIT to config_adjust_ssl.h Signed-off-by: Waleed Elmelegy --- include/mbedtls/config_adjust_ssl.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/mbedtls/config_adjust_ssl.h b/include/mbedtls/config_adjust_ssl.h index 8415f3e5f..5dd331c76 100644 --- a/include/mbedtls/config_adjust_ssl.h +++ b/include/mbedtls/config_adjust_ssl.h @@ -65,6 +65,7 @@ #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED #undef MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED #undef MBEDTLS_SSL_EARLY_DATA +#undef MBEDTLS_SSL_RECORD_SIZE_LIMIT #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ From 1487760b550c9cd87168ffa4ce464e8e80d94992 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Wed, 10 Jan 2024 16:15:08 +0000 Subject: [PATCH 1322/1674] Change order of checking of record size limit client tests Signed-off-by: Waleed Elmelegy --- tests/ssl-opt.sh | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index a0811a428..10d75a77f 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5042,9 +5042,9 @@ run_test "Record Size Limit: TLS 1.3: Client complies with record size limit "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --recordsize 512" \ "$P_CLI debug_level=4 force_version=tls13 request_size=256" \ 0 \ - -c "RecordSizeLimit: 513 Bytes" \ - -c "ClientHello: record_size_limit(28) extension exists." \ -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "RecordSizeLimit: 513 Bytes" \ -c "EncryptedExtensions: record_size_limit(28) extension exists." \ -c "Maximum outgoing record payload length is 511" \ -c "256 bytes written in 1 fragments" @@ -5058,9 +5058,9 @@ run_test "Record Size Limit: TLS 1.3: Client complies with record size limit "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --recordsize 512" \ "$P_CLI debug_level=4 force_version=tls13 request_size=768" \ 0 \ - -c "RecordSizeLimit: 513 Bytes" \ - -c "ClientHello: record_size_limit(28) extension exists." \ -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "RecordSizeLimit: 513 Bytes" \ -c "EncryptedExtensions: record_size_limit(28) extension exists." \ -c "Maximum outgoing record payload length is 511" \ -c "768 bytes written in 2 fragments" @@ -5074,9 +5074,9 @@ run_test "Record Size Limit: TLS 1.3: Client complies with record size limit "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --recordsize 512" \ "$P_CLI debug_level=4 force_version=tls13 request_size=1280" \ 0 \ - -c "RecordSizeLimit: 513 Bytes" \ - -c "ClientHello: record_size_limit(28) extension exists." \ -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "RecordSizeLimit: 513 Bytes" \ -c "EncryptedExtensions: record_size_limit(28) extension exists." \ -c "Maximum outgoing record payload length is 511" \ -c "1280 bytes written in 3 fragments" @@ -5090,9 +5090,9 @@ run_test "Record Size Limit: TLS 1.3: Client complies with record size limit "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \ "$P_CLI debug_level=4 force_version=tls13 request_size=512" \ 0 \ - -c "RecordSizeLimit: 1024 Bytes" \ - -c "ClientHello: record_size_limit(28) extension exists." \ -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "RecordSizeLimit: 1024 Bytes" \ -c "EncryptedExtensions: record_size_limit(28) extension exists." \ -c "Maximum outgoing record payload length is 1023" \ -c "512 bytes written in 1 fragments" @@ -5106,9 +5106,9 @@ run_test "Record Size Limit: TLS 1.3: Client complies with record size limit "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \ "$P_CLI debug_level=4 force_version=tls13 request_size=1536" \ 0 \ - -c "RecordSizeLimit: 1024 Bytes" \ - -c "ClientHello: record_size_limit(28) extension exists." \ -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "RecordSizeLimit: 1024 Bytes" \ -c "EncryptedExtensions: record_size_limit(28) extension exists." \ -c "Maximum outgoing record payload length is 1023" \ -c "1536 bytes written in 2 fragments" @@ -5122,9 +5122,9 @@ run_test "Record Size Limit: TLS 1.3: Client complies with record size limit "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \ "$P_CLI debug_level=4 force_version=tls13 request_size=2560" \ 0 \ - -c "RecordSizeLimit: 1024 Bytes" \ - -c "ClientHello: record_size_limit(28) extension exists." \ -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "RecordSizeLimit: 1024 Bytes" \ -c "EncryptedExtensions: record_size_limit(28) extension exists." \ -c "Maximum outgoing record payload length is 1023" \ -c "2560 bytes written in 3 fragments" @@ -5138,9 +5138,9 @@ run_test "Record Size Limit: TLS 1.3: Client complies with record size limit "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \ "$P_CLI debug_level=4 force_version=tls13 request_size=2048" \ 0 \ - -c "RecordSizeLimit: 4096 Bytes" \ - -c "ClientHello: record_size_limit(28) extension exists." \ -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "RecordSizeLimit: 4096 Bytes" \ -c "EncryptedExtensions: record_size_limit(28) extension exists." \ -c "Maximum outgoing record payload length is 4095" \ -c "2048 bytes written in 1 fragments" @@ -5154,9 +5154,9 @@ run_test "Record Size Limit: TLS 1.3: Client complies with record size limit "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \ "$P_CLI debug_level=4 force_version=tls13 request_size=6144" \ 0 \ - -c "RecordSizeLimit: 4096 Bytes" \ - -c "ClientHello: record_size_limit(28) extension exists." \ -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "RecordSizeLimit: 4096 Bytes" \ -c "EncryptedExtensions: record_size_limit(28) extension exists." \ -c "Maximum outgoing record payload length is 4095" \ -c "6144 bytes written in 2 fragments" @@ -5170,9 +5170,9 @@ run_test "Record Size Limit: TLS 1.3: Client complies with record size limit "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \ "$P_CLI debug_level=4 force_version=tls13 request_size=10240" \ 0 \ - -c "RecordSizeLimit: 4096 Bytes" \ - -c "ClientHello: record_size_limit(28) extension exists." \ -c "Sent RecordSizeLimit: 16384 Bytes" \ + -c "ClientHello: record_size_limit(28) extension exists." \ + -c "RecordSizeLimit: 4096 Bytes" \ -c "EncryptedExtensions: record_size_limit(28) extension exists." \ -c "Maximum outgoing record payload length is 4095" \ -c "10240 bytes written in 3 fragments" From 3ff472441a704aa15aa55cf57d16c3e1b63062ab Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Wed, 10 Jan 2024 16:15:52 +0000 Subject: [PATCH 1323/1674] Fix warning in ssl_tls13_generic.c Signed-off-by: Waleed Elmelegy --- library/ssl_tls13_generic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 0afedbc35..47fa65c18 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1774,7 +1774,7 @@ int mbedtls_ssl_tls13_write_record_size_limit_ext(mbedtls_ssl_context *ssl, *out_len = 6; - MBEDTLS_SSL_DEBUG_MSG(2, ("Sent RecordSizeLimit: %u Bytes", + MBEDTLS_SSL_DEBUG_MSG(2, ("Sent RecordSizeLimit: %d Bytes", MBEDTLS_SSL_IN_CONTENT_LEN)); mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT); From 5f3a938d9542bfa93f82f926586bd0e715df08da Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Wed, 13 Sep 2023 16:28:12 +0530 Subject: [PATCH 1324/1674] Fix psa_key_derivation_setup_kdf Signed-off-by: Kusumit Ghoderao --- library/psa_crypto.c | 83 ++++++++++++++++++++++++++++++-------------- 1 file changed, 57 insertions(+), 26 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a8baa6b6f..3ca89fbe8 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -6075,27 +6075,39 @@ static psa_status_t psa_key_derivation_setup_kdf( if (!is_kdf_alg_supported(kdf_alg)) { return PSA_ERROR_NOT_SUPPORTED; } + psa_status_t status = PSA_SUCCESS; + +#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) + if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { + operation->capacity = PSA_HASH_LENGTH(PSA_ALG_SHA_256); + return PSA_SUCCESS; + } +#endif +#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128) + if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { +#if (UINT_MAX > UINT32_MAX) + operation->capacity = UINT32_MAX * PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, + 128U, + PSA_ALG_CMAC); +#else + operation->capacity = UINT32_MAX; +#endif + return PSA_SUCCESS; + } +#endif - /* All currently supported key derivation algorithms (apart from - * ecjpake to pms and pbkdf2_aes_cmac_128) are based on a hash algorithm. */ psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg); size_t hash_size = PSA_HASH_LENGTH(hash_alg); - if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { - hash_size = PSA_HASH_LENGTH(PSA_ALG_SHA_256); - } else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { - hash_size = PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC); - } else { - if (hash_size == 0) { - return PSA_ERROR_NOT_SUPPORTED; - } + if (hash_size == 0) { + return PSA_ERROR_NOT_SUPPORTED; + } - /* Make sure that hash_alg is a supported hash algorithm. Otherwise - * we might fail later, which is somewhat unfriendly and potentially - * risk-prone. */ - psa_status_t status = psa_hash_try_support(hash_alg); - if (status != PSA_SUCCESS) { - return status; - } + /* Make sure that hash_alg is a supported hash algorithm. Otherwise + * we might fail later, which is somewhat unfriendly and potentially + * risk-prone. */ + status = psa_hash_try_support(hash_alg); + if (status != PSA_SUCCESS) { + return status; } if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) || @@ -6103,16 +6115,35 @@ static psa_status_t psa_key_derivation_setup_kdf( !(hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) { return PSA_ERROR_NOT_SUPPORTED; } -#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \ - defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) - if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg) || - (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS)) { + if (PSA_ALG_IS_HKDF(kdf_alg)) { + operation->capacity = 255 * hash_size; + } +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) + if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg)) { operation->capacity = hash_size; - } else -#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT || - MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */ - operation->capacity = 255 * hash_size; - return PSA_SUCCESS; + } +#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT */ +#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) + if (PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) { + operation->capacity = 255 * hash_size; + } +#endif + if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) { + operation->capacity = UINT_MAX; + } + if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { + /* Master Secret consists of 2-byte version number + * and a 46-byte random value */ + operation->capacity = 48U; + } + if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { +#if (UINT_MAX > UINT32_MAX) + operation->capacity = UINT32_MAX * hash_size; +#else + operation->capacity = UINT32_MAX; +#endif + } + return status; } static psa_status_t psa_key_agreement_try_support(psa_algorithm_t alg) From 4aa6b36a3510695d4caad9d272bb4160d393a05d Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Wed, 13 Sep 2023 16:50:09 +0530 Subject: [PATCH 1325/1674] add tests for derive_full and derive_set_capacity Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1bd8b6500..aa9f4e39a 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6320,6 +6320,10 @@ PSA key derivation: HKDF-Expand SHA-1, request too much capacity depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_1 derive_set_capacity:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_1):255 * PSA_HASH_LENGTH(PSA_ALG_SHA_1) + 1:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: TLS 1.2 PSK-to-MS, request too much capacity +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +derive_set_capacity:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):48U + 1U:PSA_ERROR_INVALID_ARGUMENT + PSA key derivation: over capacity 42: output 42+1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":PSA_SUCCESS:0:"":PSA_SUCCESS:"":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff":0:1:0 @@ -6528,6 +6532,14 @@ PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) +PSA key derivation: TLS 1.2 PSK-to-MS, read maximum capacity minus 1 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":47 + +PSA key derivation: TLS 1.2 PSK-to-MS, read maximum capacity +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48 + PSA key derivation: HKDF SHA-256, exercise AES128-CTR depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR From a0907f5750efedda58e11ea6b09395ba36b0fc2d Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 27 Oct 2023 15:08:00 +0530 Subject: [PATCH 1326/1674] Reorder and correct comment Signed-off-by: Kusumit Ghoderao --- library/psa_crypto.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3ca89fbe8..a1d96bfa9 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -6110,11 +6110,6 @@ static psa_status_t psa_key_derivation_setup_kdf( return status; } - if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) || - PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) && - !(hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) { - return PSA_ERROR_NOT_SUPPORTED; - } if (PSA_ALG_IS_HKDF(kdf_alg)) { operation->capacity = 255 * hash_size; } @@ -6128,12 +6123,17 @@ static psa_status_t psa_key_derivation_setup_kdf( operation->capacity = 255 * hash_size; } #endif + if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) || + PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) && + !(hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) { + return PSA_ERROR_NOT_SUPPORTED; + } if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) { operation->capacity = UINT_MAX; } if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { - /* Master Secret consists of 2-byte version number - * and a 46-byte random value */ + /* Master Secret is always 48 bytes + * https://datatracker.ietf.org/doc/html/rfc5246.html#section-8.1 */ operation->capacity = 48U; } if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { From 86e83dd4a7be88d6da353aa787d38aa777364aa1 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:38:26 +0530 Subject: [PATCH 1327/1674] Add kdf_set_max_capacity function Signed-off-by: Kusumit Ghoderao --- library/psa_crypto.c | 149 ++++++++++++++++++++++++------------------- 1 file changed, 82 insertions(+), 67 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a1d96bfa9..a116beff6 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -6063,6 +6063,86 @@ static psa_status_t psa_hash_try_support(psa_algorithm_t alg) return status; } +static psa_status_t psa_key_derivation_set_maximum_capacity( + psa_key_derivation_operation_t *operation, + psa_algorithm_t kdf_alg) +{ +#if defined(PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS) + if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { + operation->capacity = PSA_HASH_LENGTH(PSA_ALG_SHA_256); + return PSA_SUCCESS; + } +#endif +#if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) + if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { +#if (SIZE_MAX > UINT32_MAX) + operation->capacity = UINT32_MAX * PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, + 128U, + PSA_ALG_CMAC); +#else + operation->capacity = SIZE_MAX; +#endif + return PSA_SUCCESS; + } +#endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */ + + /* After this point, if kdf_alg is not valid then value of hash_alg may be + * invalid or meaningless but it does not affect this function */ + psa_algorithm_t hash_alg = PSA_ALG_GET_HASH(kdf_alg); + size_t hash_size = PSA_HASH_LENGTH(hash_alg); + + /* Make sure that hash_alg is a supported hash algorithm. Otherwise + * we might fail later, which is somewhat unfriendly and potentially + * risk-prone. */ + psa_status_t status = psa_hash_try_support(hash_alg); + if (status != PSA_SUCCESS) { + return status; + } + +#if defined(PSA_WANT_ALG_HKDF) + if (PSA_ALG_IS_HKDF(kdf_alg)) { + operation->capacity = 255 * hash_size; + } else +#endif +#if defined(PSA_WANT_ALG_HKDF_EXTRACT) + if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg)) { + operation->capacity = hash_size; + } else +#endif +#if defined(PSA_WANT_ALG_HKDF_EXPAND) + if (PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) { + operation->capacity = 255 * hash_size; + } else +#endif +#if defined(PSA_WANT_ALG_TLS12_PRF) + if (PSA_ALG_IS_TLS12_PRF(kdf_alg) && + (hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) { + operation->capacity = SIZE_MAX; + } else +#endif +#if defined(PSA_WANT_ALG_TLS12_PSK_TO_MS) + if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg) && + (hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) { + /* Master Secret is always 48 bytes + * https://datatracker.ietf.org/doc/html/rfc5246.html#section-8.1 */ + operation->capacity = 48U; + } else +#endif +#if defined(PSA_WANT_ALG_PBKDF2_HMAC) + if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { +#if (SIZE_MAX > UINT32_MAX) + operation->capacity = UINT32_MAX * hash_size; +#else + operation->capacity = SIZE_MAX; +#endif + } else +#endif /* PSA_WANT_ALG_PBKDF2_HMAC */ + { + status = PSA_ERROR_NOT_SUPPORTED; + } + return status; +} + static psa_status_t psa_key_derivation_setup_kdf( psa_key_derivation_operation_t *operation, psa_algorithm_t kdf_alg) @@ -6075,74 +6155,9 @@ static psa_status_t psa_key_derivation_setup_kdf( if (!is_kdf_alg_supported(kdf_alg)) { return PSA_ERROR_NOT_SUPPORTED; } - psa_status_t status = PSA_SUCCESS; -#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) - if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { - operation->capacity = PSA_HASH_LENGTH(PSA_ALG_SHA_256); - return PSA_SUCCESS; - } -#endif -#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128) - if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { -#if (UINT_MAX > UINT32_MAX) - operation->capacity = UINT32_MAX * PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, - 128U, - PSA_ALG_CMAC); -#else - operation->capacity = UINT32_MAX; -#endif - return PSA_SUCCESS; - } -#endif - - psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg); - size_t hash_size = PSA_HASH_LENGTH(hash_alg); - if (hash_size == 0) { - return PSA_ERROR_NOT_SUPPORTED; - } - - /* Make sure that hash_alg is a supported hash algorithm. Otherwise - * we might fail later, which is somewhat unfriendly and potentially - * risk-prone. */ - status = psa_hash_try_support(hash_alg); - if (status != PSA_SUCCESS) { - return status; - } - - if (PSA_ALG_IS_HKDF(kdf_alg)) { - operation->capacity = 255 * hash_size; - } -#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) - if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg)) { - operation->capacity = hash_size; - } -#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT */ -#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND) - if (PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) { - operation->capacity = 255 * hash_size; - } -#endif - if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) || - PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) && - !(hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) { - return PSA_ERROR_NOT_SUPPORTED; - } - if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) { - operation->capacity = UINT_MAX; - } - if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) { - /* Master Secret is always 48 bytes - * https://datatracker.ietf.org/doc/html/rfc5246.html#section-8.1 */ - operation->capacity = 48U; - } - if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) { -#if (UINT_MAX > UINT32_MAX) - operation->capacity = UINT32_MAX * hash_size; -#else - operation->capacity = UINT32_MAX; -#endif - } + psa_status_t status = psa_key_derivation_set_maximum_capacity(operation, + kdf_alg); return status; } From 9ffd397e4c217ef7cb3fdae4ea79fb2a7a8a4de8 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:40:13 +0530 Subject: [PATCH 1328/1674] Increase input parameter type and buffer size Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4c08a9017..f87c8000c 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -8451,7 +8451,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void derive_set_capacity(int alg_arg, int capacity_arg, +void derive_set_capacity(int alg_arg, int64_t capacity_arg, int expected_status_arg) { psa_algorithm_t alg = alg_arg; @@ -8932,7 +8932,7 @@ void derive_full(int alg_arg, psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - unsigned char output_buffer[16]; + unsigned char output_buffer[32]; size_t expected_capacity = requested_capacity; size_t current_capacity; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; From 2c4264bd412f64bafda9a19e6756efd3c0a1828d Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:41:26 +0530 Subject: [PATCH 1329/1674] Add hkdf_extract, hkdf_expand and ecjpake_to_pms cases Signed-off-by: Kusumit Ghoderao --- tests/src/psa_exercise_key.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index f8b36e1fa..560b7113d 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -414,6 +414,21 @@ int mbedtls_test_psa_setup_key_derivation_wrap( PSA_KEY_DERIVATION_INPUT_INFO, input2, input2_length)); + } else if (PSA_ALG_IS_HKDF_EXTRACT(alg)) { + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_SALT, + input1, input1_length)); + PSA_ASSERT(psa_key_derivation_input_key(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key)); + } else if (PSA_ALG_IS_HKDF_EXPAND(alg)) { + PSA_ASSERT(psa_key_derivation_input_key(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + key)); + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_INFO, + input2, + input2_length)); } else if (PSA_ALG_IS_TLS12_PRF(alg) || PSA_ALG_IS_TLS12_PSK_TO_MS(alg)) { PSA_ASSERT(psa_key_derivation_input_bytes(operation, @@ -436,6 +451,10 @@ int mbedtls_test_psa_setup_key_derivation_wrap( PSA_ASSERT(psa_key_derivation_input_key(operation, PSA_KEY_DERIVATION_INPUT_PASSWORD, key)); + } else if (alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) { + PSA_ASSERT(psa_key_derivation_input_bytes(operation, + PSA_KEY_DERIVATION_INPUT_SECRET, + input1, input1_length)); } else { TEST_FAIL("Key derivation algorithm not supported"); } From 604e1cbbe70d4485c6a34bf78bf2722aebc8f4ea Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:43:03 +0530 Subject: [PATCH 1330/1674] Change error status for invalid HKDF alg Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index aa9f4e39a..61181f448 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -5185,7 +5185,7 @@ derive_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT PSA key derivation setup: algorithm from bad hash depends_on:PSA_WANT_ALG_SHA_256 -derive_setup:PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_NOT_SUPPORTED +derive_setup:PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_INVALID_ARGUMENT PSA key derivation setup: bad algorithm depends_on:PSA_WANT_ALG_SHA_256 @@ -7041,7 +7041,7 @@ key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA PSA key agreement setup: ECDH, unknown KDF depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 -key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT PSA key agreement setup: bad key agreement algorithm depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 From 1da06da398eb9c0d03a269ac546f7ea2f3f8c588 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:44:02 +0530 Subject: [PATCH 1331/1674] Add tests for derive_set_capacity for pbkdf and ecjpake_to_pms Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 26 +++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 61181f448..3ab07d90c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6324,6 +6324,32 @@ PSA key derivation: TLS 1.2 PSK-to-MS, request too much capacity depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_set_capacity:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):48U + 1U:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: TLS 1.2 ECJPAKE-to-PMS, request too much capacity +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +derive_set_capacity:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT + +# UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256) = 137438953440 +# This test case will work correctly on 64-bit machines +PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:UINT32_MAX * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE + 1:PSA_ERROR_INVALID_ARGUMENT + +PSA key derivation: TLS 1.2 PRF, request maximum capacity +depends_on:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_SHA_256 +derive_set_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):SIZE_MAX:PSA_SUCCESS + +PSA key derivation: PBKDF2-HMAC-SHA256, request maximum capacity +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256):PSA_SUCCESS + +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request maximum capacity +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:UINT32_MAX * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE:PSA_SUCCESS + PSA key derivation: over capacity 42: output 42+1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:"000102030405060708090a0b0c":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:"f0f1f2f3f4f5f6f7f8f9":PSA_SUCCESS:0:"":PSA_SUCCESS:"":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff":0:1:0 From d3ae165adb1b375828e0724632acbcb13adaf387 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:44:52 +0530 Subject: [PATCH 1332/1674] Add tests for derive_full for hkdf_extract, hkdf_expand and ecjpake_to_pms Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3ab07d90c..3d79e459d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6550,13 +6550,21 @@ PSA key derivation: HKDF SHA-256, read maximum capacity depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) -PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity minus 1 -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF -derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) - 1 +PSA key derivation: HKDF-Extract SHA-256, read maximum capacity minus 1 +depends_on:PSA_WANT_ALG_HKDF_EXTRACT:PSA_WANT_ALG_SHA_256 +derive_full:PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"":PSA_HASH_LENGTH(PSA_ALG_SHA_256) - 1 -PSA key derivation: TLS 1.2 PRF SHA-256, read maximum capacity -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF -derive_full:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) +PSA key derivation: HKDF-Extract SHA-256, read maximum capacity +depends_on:PSA_WANT_ALG_HKDF_EXTRACT:PSA_WANT_ALG_SHA_256 +derive_full:PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"":PSA_HASH_LENGTH(PSA_ALG_SHA_256) + +PSA key derivation: HKDF-Expand SHA-256, read maximum capacity minus 1 +depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_256 +derive_full:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) - 1 + +PSA key derivation: HKDF-Expand SHA-256, read maximum capacity +depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_256 +derive_full:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) PSA key derivation: TLS 1.2 PSK-to-MS, read maximum capacity minus 1 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS @@ -6566,6 +6574,10 @@ PSA key derivation: TLS 1.2 PSK-to-MS, read maximum capacity depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48 +PSA key derivation: TLS 1.2 ECJPAKE-to-PMS, read maximum capacity +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +derive_full:PSA_ALG_TLS12_ECJPAKE_TO_PMS:"deadbeef":"0409fc1accc230a205e4a208e64a8f204291f581a12756392da4b8c0cf5ef02b950000000000000000000000000000000000000000000000000000000000000000":"":PSA_HASH_LENGTH(PSA_ALG_SHA_256) + PSA key derivation: HKDF SHA-256, exercise AES128-CTR depends_on:PSA_WANT_ALG_CTR:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_AES derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR From 83455ebcc002d5604c7a492b84c1158a8b428f6f Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:50:51 +0530 Subject: [PATCH 1333/1674] disable pbkdf2_hmac set max capacity test Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 3d79e459d..36f48f28d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6328,11 +6328,10 @@ PSA key derivation: TLS 1.2 ECJPAKE-to-PMS, request too much capacity depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS derive_set_capacity:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT -# UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256) = 137438953440 # This test case will work correctly on 64-bit machines -PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT +#PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity +#depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +#erive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES From 911eafda316e3f1ba3ba43af143c06cbbec48c3d Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 1 Dec 2023 16:59:56 +0530 Subject: [PATCH 1334/1674] add bugfix changelog entry Signed-off-by: Kusumit Ghoderao --- ChangeLog.d/fix_kdf_correct_initial_capacity.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/fix_kdf_correct_initial_capacity.txt diff --git a/ChangeLog.d/fix_kdf_correct_initial_capacity.txt b/ChangeLog.d/fix_kdf_correct_initial_capacity.txt new file mode 100644 index 000000000..6eeffd777 --- /dev/null +++ b/ChangeLog.d/fix_kdf_correct_initial_capacity.txt @@ -0,0 +1,3 @@ +Bugfix + * Correct initial capacities for key derivation algorithms:TLS12_PRF, + TLS12_PSK_TO_MS, PBKDF2-HMAC, PBKDF2-CMAC From d3f70d321a16a5e043a8d6341a830b516024d1f4 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Wed, 6 Dec 2023 16:20:04 +0530 Subject: [PATCH 1335/1674] fix unused variable warning and other fixes Signed-off-by: Kusumit Ghoderao --- ...ity.txt => fix_kdf_incorrect_initial_capacity.txt} | 2 +- library/psa_crypto.c | 11 ++++++++--- 2 files changed, 9 insertions(+), 4 deletions(-) rename ChangeLog.d/{fix_kdf_correct_initial_capacity.txt => fix_kdf_incorrect_initial_capacity.txt} (92%) diff --git a/ChangeLog.d/fix_kdf_correct_initial_capacity.txt b/ChangeLog.d/fix_kdf_incorrect_initial_capacity.txt similarity index 92% rename from ChangeLog.d/fix_kdf_correct_initial_capacity.txt rename to ChangeLog.d/fix_kdf_incorrect_initial_capacity.txt index 6eeffd777..10e2795bb 100644 --- a/ChangeLog.d/fix_kdf_correct_initial_capacity.txt +++ b/ChangeLog.d/fix_kdf_incorrect_initial_capacity.txt @@ -1,3 +1,3 @@ Bugfix - * Correct initial capacities for key derivation algorithms:TLS12_PRF, + * Correct initial capacities for key derivation algorithms:TLS12_PRF, TLS12_PSK_TO_MS, PBKDF2-HMAC, PBKDF2-CMAC diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a116beff6..672a97d1a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -6076,9 +6076,10 @@ static psa_status_t psa_key_derivation_set_maximum_capacity( #if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { #if (SIZE_MAX > UINT32_MAX) - operation->capacity = UINT32_MAX * PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, - 128U, - PSA_ALG_CMAC); + operation->capacity = UINT32_MAX * (size_t)PSA_MAC_LENGTH( + PSA_KEY_TYPE_AES, + 128U, + PSA_ALG_CMAC); #else operation->capacity = SIZE_MAX; #endif @@ -6090,6 +6091,9 @@ static psa_status_t psa_key_derivation_set_maximum_capacity( * invalid or meaningless but it does not affect this function */ psa_algorithm_t hash_alg = PSA_ALG_GET_HASH(kdf_alg); size_t hash_size = PSA_HASH_LENGTH(hash_alg); + if (hash_size == 0) { + return PSA_ERROR_NOT_SUPPORTED; + } /* Make sure that hash_alg is a supported hash algorithm. Otherwise * we might fail later, which is somewhat unfriendly and potentially @@ -6138,6 +6142,7 @@ static psa_status_t psa_key_derivation_set_maximum_capacity( } else #endif /* PSA_WANT_ALG_PBKDF2_HMAC */ { + (void) hash_size; status = PSA_ERROR_NOT_SUPPORTED; } return status; From f4351c1a619859fe7215c9a5e7efd6dbfe6a1b18 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Wed, 6 Dec 2023 16:20:47 +0530 Subject: [PATCH 1336/1674] correct test data Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 36f48f28d..71f5b8e42 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -5185,7 +5185,7 @@ derive_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT PSA key derivation setup: algorithm from bad hash depends_on:PSA_WANT_ALG_SHA_256 -derive_setup:PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_INVALID_ARGUMENT +derive_setup:PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):PSA_ERROR_NOT_SUPPORTED PSA key derivation setup: bad algorithm depends_on:PSA_WANT_ALG_SHA_256 @@ -6329,25 +6329,28 @@ depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS derive_set_capacity:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT # This test case will work correctly on 64-bit machines -#PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity -#depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 -#erive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT +# This test case will work correctly on 64-bit machines PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:UINT32_MAX * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE + 1:PSA_ERROR_INVALID_ARGUMENT +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: TLS 1.2 PRF, request maximum capacity depends_on:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_SHA_256 derive_set_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):SIZE_MAX:PSA_SUCCESS +# This test case will work correctly on 64-bit machines PSA key derivation: PBKDF2-HMAC-SHA256, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):UINT32_MAX * PSA_HASH_LENGTH(PSA_ALG_SHA_256):PSA_SUCCESS +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256):PSA_SUCCESS +# This test case will work correctly on 64-bit machines PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:UINT32_MAX * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE:PSA_SUCCESS +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE:PSA_SUCCESS PSA key derivation: over capacity 42: output 42+1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 @@ -7078,7 +7081,7 @@ key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA PSA key agreement setup: ECDH, unknown KDF depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 -key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT +key_agreement_setup:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(0)):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED PSA key agreement setup: bad key agreement algorithm depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_SECP_R1_256 From 7d4db631cf7396e71473e690b9bd24d9aee4ff4b Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Thu, 7 Dec 2023 16:17:46 +0530 Subject: [PATCH 1337/1674] add depends on for capacity tests and fix code style Signed-off-by: Kusumit Ghoderao --- library/psa_crypto.c | 2 +- tests/suites/test_suite_psa_crypto.data | 20 ++++++++------------ 2 files changed, 9 insertions(+), 13 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 672a97d1a..8e6a75834 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -6076,7 +6076,7 @@ static psa_status_t psa_key_derivation_set_maximum_capacity( #if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { #if (SIZE_MAX > UINT32_MAX) - operation->capacity = UINT32_MAX * (size_t)PSA_MAC_LENGTH( + operation->capacity = UINT32_MAX * (size_t) PSA_MAC_LENGTH( PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC); diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 71f5b8e42..7f9fa3c7f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6328,28 +6328,24 @@ PSA key derivation: TLS 1.2 ECJPAKE-to-PMS, request too much capacity depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS derive_set_capacity:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT -# This test case will work correctly on 64-bit machines -PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT +#PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity +#depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:SIZE_MAX>=0xffffffffffffffff +#derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT -# This test case will work correctly on 64-bit machines -PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity -depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES -derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE + 1:PSA_ERROR_INVALID_ARGUMENT +#PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity +#depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff +#derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: TLS 1.2 PRF, request maximum capacity depends_on:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_SHA_256 derive_set_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):SIZE_MAX:PSA_SUCCESS -# This test case will work correctly on 64-bit machines PSA key derivation: PBKDF2-HMAC-SHA256, request maximum capacity -depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256 +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:SIZE_MAX>=0xffffffffffffffff derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256):PSA_SUCCESS -# This test case will work correctly on 64-bit machines PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request maximum capacity -depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE:PSA_SUCCESS PSA key derivation: over capacity 42: output 42+1 From 179f33a1ea356f5bec04896efbdda8a6d5c8f2f5 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Wed, 10 Jan 2024 21:48:38 +0530 Subject: [PATCH 1338/1674] add test cases with different hash algs Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 85 ++++++++++++++++++++----- 1 file changed, 68 insertions(+), 17 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 7f9fa3c7f..bc35d32a0 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -5452,19 +5452,19 @@ depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS12_ECJPAKE_TO_PMS, good input, output too short -depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"04aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: TLS12_ECJPAKE_TO_PMS, input[0]=0x02 -depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"02aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ERROR_INVALID_ARGUMENT:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS12_ECJPAKE_TO_PMS, input too short -depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"04aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ERROR_INVALID_ARGUMENT:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: TLS12_ECJPAKE_TO_PMS, input too long -depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS:PSA_WANT_ALG_SHA_256 derive_input:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"04aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ERROR_INVALID_ARGUMENT:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE PSA key derivation: PBKDF2-HMAC-SHA256, good case, direct output @@ -6320,33 +6320,52 @@ PSA key derivation: HKDF-Expand SHA-1, request too much capacity depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_1 derive_set_capacity:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_1):255 * PSA_HASH_LENGTH(PSA_ALG_SHA_1) + 1:PSA_ERROR_INVALID_ARGUMENT -PSA key derivation: TLS 1.2 PSK-to-MS, request too much capacity +# TLS 1.2 PRF does not have a maximum capacity therefore +# derive_set_capacity negative test case is not added + +PSA key derivation: TLS 1.2 PSK-to-MS SHA-256, request too much capacity depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_set_capacity:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):48U + 1U:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: TLS 1.2 PSK-to-MS SHA-384, request too much capacity +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS +derive_set_capacity:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):48U + 1U:PSA_ERROR_INVALID_ARGUMENT + PSA key derivation: TLS 1.2 ECJPAKE-to-PMS, request too much capacity -depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS:PSA_WANT_ALG_SHA_256 derive_set_capacity:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT -#PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity -#depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:SIZE_MAX>=0xffffffffffffffff -#derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:SIZE_MAX>=0xffffffffffffffff +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT -#PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity -#depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff -#derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE + 1:PSA_ERROR_INVALID_ARGUMENT +PSA key derivation: PBKDF2-HMAC-SHA512, request too much capacity +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:SIZE_MAX>=0xffffffffffffffff +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_512) + 1:PSA_ERROR_INVALID_ARGUMENT -PSA key derivation: TLS 1.2 PRF, request maximum capacity +PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity +depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * 16 + 1:PSA_ERROR_INVALID_ARGUMENT + +PSA key derivation: TLS 1.2 PRF SHA-256, request maximum capacity depends_on:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_SHA_256 derive_set_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):SIZE_MAX:PSA_SUCCESS +PSA key derivation: TLS 1.2 PRF SHA-384, request maximum capacity +depends_on:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_SHA_384 +derive_set_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):SIZE_MAX:PSA_SUCCESS + PSA key derivation: PBKDF2-HMAC-SHA256, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:SIZE_MAX>=0xffffffffffffffff derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256):PSA_SUCCESS +PSA key derivation: PBKDF2-HMAC-SHA512, request maximum capacity +depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:SIZE_MAX>=0xffffffffffffffff +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_512):PSA_SUCCESS + PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE:PSA_SUCCESS +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * 16:PSA_SUCCESS PSA key derivation: over capacity 42: output 42+1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 @@ -6544,36 +6563,68 @@ PSA key derivation: HKDF SHA-256, read maximum capacity minus 1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) - 1 +PSA key derivation: HKDF SHA-512, read maximum capacity minus 1 +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512 +derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_512) - 1 + PSA key derivation: HKDF SHA-256, read maximum capacity depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) +PSA key derivation: HKDF SHA-512, read maximum capacity +depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_512 +derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_512) + PSA key derivation: HKDF-Extract SHA-256, read maximum capacity minus 1 depends_on:PSA_WANT_ALG_HKDF_EXTRACT:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"":PSA_HASH_LENGTH(PSA_ALG_SHA_256) - 1 +PSA key derivation: HKDF-Extract SHA-512, read maximum capacity minus 1 +depends_on:PSA_WANT_ALG_HKDF_EXTRACT:PSA_WANT_ALG_SHA_512 +derive_full:PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"":PSA_HASH_LENGTH(PSA_ALG_SHA_512) - 1 + PSA key derivation: HKDF-Extract SHA-256, read maximum capacity depends_on:PSA_WANT_ALG_HKDF_EXTRACT:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"":PSA_HASH_LENGTH(PSA_ALG_SHA_256) +PSA key derivation: HKDF-Extract SHA-512, read maximum capacity +depends_on:PSA_WANT_ALG_HKDF_EXTRACT:PSA_WANT_ALG_SHA_512 +derive_full:PSA_ALG_HKDF_EXTRACT(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"":PSA_HASH_LENGTH(PSA_ALG_SHA_512) + PSA key derivation: HKDF-Expand SHA-256, read maximum capacity minus 1 depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) - 1 +PSA key derivation: HKDF-Expand SHA-512, read maximum capacity minus 1 +depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_512 +derive_full:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_512) - 1 + PSA key derivation: HKDF-Expand SHA-256, read maximum capacity depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_256) -PSA key derivation: TLS 1.2 PSK-to-MS, read maximum capacity minus 1 +PSA key derivation: HKDF-Expand SHA-512, read maximum capacity +depends_on:PSA_WANT_ALG_HKDF_EXPAND:PSA_WANT_ALG_SHA_512 +derive_full:PSA_ALG_HKDF_EXPAND(PSA_ALG_SHA_512):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"f0f1f2f3f4f5f6f7f8f9":255 * PSA_HASH_LENGTH(PSA_ALG_SHA_512) + +PSA key derivation: TLS 1.2 PSK-to-MS SHA-256, read maximum capacity minus 1 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":47 -PSA key derivation: TLS 1.2 PSK-to-MS, read maximum capacity +PSA key derivation: TLS 1.2 PSK-to-MS SHA-384, read maximum capacity minus 1 +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":47 + +PSA key derivation: TLS 1.2 PSK-to-MS SHA-256, read maximum capacity depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48 +PSA key derivation: TLS 1.2 PSK-to-MS SHA-384, read maximum capacity +depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48 + PSA key derivation: TLS 1.2 ECJPAKE-to-PMS, read maximum capacity -depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS +depends_on:PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS:PSA_WANT_ALG_SHA_256 derive_full:PSA_ALG_TLS12_ECJPAKE_TO_PMS:"deadbeef":"0409fc1accc230a205e4a208e64a8f204291f581a12756392da4b8c0cf5ef02b950000000000000000000000000000000000000000000000000000000000000000":"":PSA_HASH_LENGTH(PSA_ALG_SHA_256) PSA key derivation: HKDF SHA-256, exercise AES128-CTR From a7c55d5a1484db6eb502712e5171043a1e395a75 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Thu, 11 Jan 2024 00:43:48 +0530 Subject: [PATCH 1339/1674] fix depends on condition Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index bc35d32a0..660b73d5d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6361,7 +6361,7 @@ derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH PSA key derivation: PBKDF2-HMAC-SHA512, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_512):PSA_SUCCESS +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_512):PSA_SUCCESS PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff @@ -6612,7 +6612,7 @@ depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":47 PSA key derivation: TLS 1.2 PSK-to-MS SHA-384, read maximum capacity minus 1 -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":47 PSA key derivation: TLS 1.2 PSK-to-MS SHA-256, read maximum capacity @@ -6620,7 +6620,7 @@ depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48 PSA key derivation: TLS 1.2 PSK-to-MS SHA-384, read maximum capacity -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PSK_TO_MS +depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_ALG_TLS12_PSK_TO_MS derive_full:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48 PSA key derivation: TLS 1.2 ECJPAKE-to-PMS, read maximum capacity From e83be5f639311adcd8bead731786cdaa49d920d3 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Wed, 10 Jan 2024 23:39:54 +0000 Subject: [PATCH 1340/1674] Change renegotiation tests to work with TLS 1.2 only Signed-off-by: Waleed Elmelegy --- tests/ssl-opt.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 10d75a77f..5f0daaa1e 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5530,7 +5530,7 @@ requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: gnutls server strict, client-initiated" \ "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \ - "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ + "$P_CLI force_version=tls12 debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ 0 \ -c "client hello, adding renegotiation extension" \ -c "found renegotiation extension" \ @@ -5649,7 +5649,7 @@ requires_gnutls requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renego ext: gnutls server strict, client default" \ "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \ - "$P_CLI debug_level=3" \ + "$P_CLI force_version=tls12 debug_level=3" \ 0 \ -c "found renegotiation extension" \ -C "error" \ From 19ec9e4f66eabb8e8fa71f0cca69b1fb74095c4d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 9 Jan 2024 13:45:05 +0100 Subject: [PATCH 1341/1674] psa_crypto_ecp: remove support for secp224k1 Since this curve is not supported in PSA (and it will not ever be in the future), we save a few bytes. Signed-off-by: Valerio Setti --- library/psa_crypto_ecp.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c index 4d9a59baa..61c941479 100644 --- a/library/psa_crypto_ecp.c +++ b/library/psa_crypto_ecp.c @@ -77,14 +77,9 @@ static int check_ecc_parameters(psa_ecc_family_t family, size_t *bits) case PSA_ECC_FAMILY_SECP_K1: switch (*bits) { case 192: + /* secp224k1 is not and will not be supported in PSA (#3541). */ case 256: return PSA_SUCCESS; - /* secp224k1 is not and will not be supported in PSA (#3541). - * Note: secp224k1 has 224-bit coordinates but 225-bit private - * keys which are rounded up to 232 for their representation. */ - case 224: - case 232: - return PSA_ERROR_NOT_SUPPORTED; } break; } From 85ddd43656b420d1812aaa1c68c8bc280193c209 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Thu, 11 Jan 2024 11:07:57 +0000 Subject: [PATCH 1342/1674] Improve record size limit changelog wording Signed-off-by: Waleed Elmelegy --- ChangeLog.d/add-record-size-limit-extension-support.txt | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ChangeLog.d/add-record-size-limit-extension-support.txt b/ChangeLog.d/add-record-size-limit-extension-support.txt index ca1a7c268..bc954003a 100644 --- a/ChangeLog.d/add-record-size-limit-extension-support.txt +++ b/ChangeLog.d/add-record-size-limit-extension-support.txt @@ -1,2 +1,5 @@ Features - * Add support for sending and receiving Record Size Limit extension. + * Add support for Record Size Limit extension as defined by RFC 8449 + and configured with MBEDTLS_SSL_RECORD_SIZE_LIMIT. + Application data sent and received will be fragmented according to + Record size limits negotiated during handshake. From 153586a3d56ea1ef19d24b899a7f9eac018b4ae0 Mon Sep 17 00:00:00 2001 From: Kusumit Ghoderao Date: Fri, 12 Jan 2024 11:19:16 +0530 Subject: [PATCH 1343/1674] change values to ULL Signed-off-by: Kusumit Ghoderao --- tests/suites/test_suite_psa_crypto.data | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 660b73d5d..cd6033308 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -6337,15 +6337,15 @@ derive_set_capacity:PSA_ALG_TLS12_ECJPAKE_TO_PMS:PSA_HASH_LENGTH(PSA_ALG_SHA_256 PSA key derivation: PBKDF2-HMAC-SHA256, request too much capacity depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295ULL * PSA_HASH_LENGTH(PSA_ALG_SHA_256) + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: PBKDF2-HMAC-SHA512, request too much capacity depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_512) + 1:PSA_ERROR_INVALID_ARGUMENT +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295ULL * PSA_HASH_LENGTH(PSA_ALG_SHA_512) + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request too much capacity depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * 16 + 1:PSA_ERROR_INVALID_ARGUMENT +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295ULL * 16 + 1:PSA_ERROR_INVALID_ARGUMENT PSA key derivation: TLS 1.2 PRF SHA-256, request maximum capacity depends_on:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_SHA_256 @@ -6357,15 +6357,15 @@ derive_set_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):SIZE_MAX:PSA_SUCCESS PSA key derivation: PBKDF2-HMAC-SHA256, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_256):PSA_SUCCESS +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):4294967295ULL * PSA_HASH_LENGTH(PSA_ALG_SHA_256):PSA_SUCCESS PSA key derivation: PBKDF2-HMAC-SHA512, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_512:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295UL * PSA_HASH_LENGTH(PSA_ALG_SHA_512):PSA_SUCCESS +derive_set_capacity:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_512):4294967295ULL * PSA_HASH_LENGTH(PSA_ALG_SHA_512):PSA_SUCCESS PSA key derivation: PBKDF2-AES-CMAC-PRF-128, request maximum capacity depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES:SIZE_MAX>=0xffffffffffffffff -derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295UL * 16:PSA_SUCCESS +derive_set_capacity:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:4294967295ULL * 16:PSA_SUCCESS PSA key derivation: over capacity 42: output 42+1 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 From 4b09dcd19c68c24a07bd81be88606e665f7ddfeb Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 12 Jan 2024 10:50:25 +0000 Subject: [PATCH 1344/1674] Change renegotiation test to use G_NEXT_SRV Change renegotiation test to use G_NEXT_SRV to avoid problems when sending TLS 1.3 extensions since we exceed the extension limit in G_SRV. Signed-off-by: Waleed Elmelegy --- tests/ssl-opt.sh | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 5f0daaa1e..e5637e3e5 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5199,6 +5199,10 @@ run_test "Record Size Limit: TLS 1.3 m->m: both peer comply with record size # Tests for renegotiation +# G_NEXT_SRV is used in renegotiation tests becuase of the increased +# extensions limit since we exceed the limit in G_SRV when we send +# TLS 1.3 extensions in the initial handshake. + # Renegotiation SCSV always added, regardless of SSL_RENEGOTIATION run_test "Renegotiation: none, for reference" \ "$P_SRV debug_level=3 exchanges=2 auth_mode=optional" \ @@ -5529,8 +5533,8 @@ requires_gnutls requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: gnutls server strict, client-initiated" \ - "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \ - "$P_CLI force_version=tls12 debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ 0 \ -c "client hello, adding renegotiation extension" \ -c "found renegotiation extension" \ @@ -5543,7 +5547,7 @@ requires_gnutls requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: gnutls server unsafe, client-initiated default" \ - "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ 1 \ -c "client hello, adding renegotiation extension" \ @@ -5557,7 +5561,7 @@ requires_gnutls requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: gnutls server unsafe, client-inititated no legacy" \ - "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \ allow_legacy=0" \ 1 \ @@ -5572,7 +5576,7 @@ requires_gnutls requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: gnutls server unsafe, client-inititated legacy" \ - "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \ allow_legacy=1" \ 0 \ @@ -5633,7 +5637,7 @@ requires_gnutls requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renegotiation: DTLS, gnutls server, client-initiated" \ - "$G_SRV -u --mtu 4096" \ + "$G_NEXT_SRV -u --mtu 4096" \ "$P_CLI debug_level=3 dtls=1 exchanges=1 renegotiation=1 renegotiate=1" \ 0 \ -c "client hello, adding renegotiation extension" \ @@ -5648,8 +5652,8 @@ run_test "Renegotiation: DTLS, gnutls server, client-initiated" \ requires_gnutls requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renego ext: gnutls server strict, client default" \ - "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \ - "$P_CLI force_version=tls12 debug_level=3" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \ + "$P_CLI debug_level=3" \ 0 \ -c "found renegotiation extension" \ -C "error" \ @@ -5658,7 +5662,7 @@ run_test "Renego ext: gnutls server strict, client default" \ requires_gnutls requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renego ext: gnutls server unsafe, client default" \ - "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ "$P_CLI debug_level=3" \ 0 \ -C "found renegotiation extension" \ @@ -5668,7 +5672,7 @@ run_test "Renego ext: gnutls server unsafe, client default" \ requires_gnutls requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "Renego ext: gnutls server unsafe, client break legacy" \ - "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ + "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ "$P_CLI debug_level=3 allow_legacy=-1" \ 1 \ -C "found renegotiation extension" \ From f0ccf467139a023b4fb7edabc21339ac49057c19 Mon Sep 17 00:00:00 2001 From: Waleed Elmelegy Date: Fri, 12 Jan 2024 10:52:45 +0000 Subject: [PATCH 1345/1674] Add minor cosmetic changes to record size limit changelog and comments Signed-off-by: Waleed Elmelegy --- ChangeLog.d/add-record-size-limit-extension-support.txt | 2 +- library/ssl_misc.h | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/add-record-size-limit-extension-support.txt b/ChangeLog.d/add-record-size-limit-extension-support.txt index bc954003a..3562b8504 100644 --- a/ChangeLog.d/add-record-size-limit-extension-support.txt +++ b/ChangeLog.d/add-record-size-limit-extension-support.txt @@ -1,5 +1,5 @@ Features - * Add support for Record Size Limit extension as defined by RFC 8449 + * Add support for record size limit extension as defined by RFC 8449 and configured with MBEDTLS_SSL_RECORD_SIZE_LIMIT. Application data sent and received will be fragmented according to Record size limits negotiated during handshake. diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 2e621be89..b0cdd5d78 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2704,8 +2704,7 @@ int mbedtls_ssl_parse_server_name_ext(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) #define MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH (2) -/* This value is defined by RFC 8449 */ -#define MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN (64) +#define MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN (64) /* As defined in RFC 8449 */ MBEDTLS_CHECK_RETURN_CRITICAL int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl, From 67223bb50178bab8138f5633f88fa366bb340179 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 12 Jan 2024 16:37:07 +0000 Subject: [PATCH 1346/1674] add support for AES-CTR to benchmark Signed-off-by: Dave Rodgman --- programs/test/benchmark.c | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index 755a7311a..6f7f69bda 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -507,7 +507,7 @@ typedef struct { char md5, ripemd160, sha1, sha256, sha512, sha3_224, sha3_256, sha3_384, sha3_512, des3, des, - aes_cbc, aes_cfb128, aes_cfb8, aes_gcm, aes_ccm, aes_xts, chachapoly, + aes_cbc, aes_cfb128, aes_cfb8, aes_ctr, aes_gcm, aes_ccm, aes_xts, chachapoly, aes_cmac, des3_cmac, aria, camellia, chacha20, poly1305, @@ -571,6 +571,8 @@ int main(int argc, char *argv[]) todo.aes_cfb128 = 1; } else if (strcmp(argv[i], "aes_cfb8") == 0) { todo.aes_cfb8 = 1; + } else if (strcmp(argv[i], "aes_ctr") == 0) { + todo.aes_ctr = 1; } else if (strcmp(argv[i], "aes_xts") == 0) { todo.aes_xts = 1; } else if (strcmp(argv[i], "aes_gcm") == 0) { @@ -774,6 +776,31 @@ int main(int argc, char *argv[]) mbedtls_aes_free(&aes); } #endif +#if defined(MBEDTLS_CIPHER_MODE_CTR) + if (todo.aes_ctr) { + int keysize; + mbedtls_aes_context aes; + + uint8_t stream_block[16]; + size_t nc_off; + + mbedtls_aes_init(&aes); + for (keysize = 128; keysize <= 256; keysize += 64) { + mbedtls_snprintf(title, sizeof(title), "AES-CTR-%d", keysize); + + memset(buf, 0, sizeof(buf)); + memset(tmp, 0, sizeof(tmp)); + memset(stream_block, 0, sizeof(stream_block)); + nc_off = 0; + + CHECK_AND_CONTINUE(mbedtls_aes_setkey_enc(&aes, tmp, keysize)); + + TIME_AND_TSC(title, mbedtls_aes_crypt_ctr(&aes, BUFSIZE, &nc_off, tmp, stream_block, + buf, buf)); + } + mbedtls_aes_free(&aes); + } +#endif #if defined(MBEDTLS_CIPHER_MODE_XTS) if (todo.aes_xts) { int keysize; From f202c2968b9c83ffe948ad5af788a7d035acc87a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 15 Jan 2024 10:42:37 +0100 Subject: [PATCH 1347/1674] test_suite_psa_crypto: test asymmetric encryption/decryption also with opaque keys Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto.data | 20 +++++++++++-------- tests/suites/test_suite_psa_crypto.function | 22 ++++++++++++++++----- 2 files changed, 29 insertions(+), 13 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1bd8b6500..e6acfb20f 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1025,35 +1025,39 @@ aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_AEAD_WITH_ PSA key policy: asymmetric encryption, encrypt | decrypt depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT -asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:0 PSA key policy: asymmetric encryption, wrong algorithm (v1.5/OAEP) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT -asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0 PSA key policy: asymmetric encryption, wrong algorithm (OAEP with different hash) depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_224:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT -asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_224):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0 PSA key policy: asymmetric encryption, alg=0 in policy depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT -asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:0 PSA key policy: asymmetric encryption, ANY_HASH in policy is not meaningful depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT -asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):0 PSA key policy: asymmetric encryption, encrypt but not decrypt depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT -asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:0 PSA key policy: asymmetric encryption, decrypt but not encrypt depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT -asymmetric_encryption_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT +asymmetric_encryption_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:0 PSA key policy: asymmetric encryption, neither encrypt nor decrypt depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT -asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT +asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:0 + +PSA key policy: asymmetric encryption, opaque key, encrypt | decrypt +depends_on:PSA_CRYPTO_DRIVER_TEST:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT +asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT:1 PSA key policy: asymmetric signature, sign | verify hash, PKCS#1v1.5 SHA-256 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 4c08a9017..f67508c5f 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2107,7 +2107,8 @@ void asymmetric_encryption_key_policy(int policy_usage_arg, int policy_alg, int key_type, data_t *key_data, - int exercise_alg) + int exercise_alg, + int use_opaque_key) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -2124,6 +2125,11 @@ void asymmetric_encryption_key_policy(int policy_usage_arg, psa_set_key_algorithm(&attributes, policy_alg); psa_set_key_type(&attributes, key_type); + if (use_opaque_key) { + psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( + PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION)); + } + PSA_ASSERT(psa_import_key(&attributes, key_data->x, key_data->len, &key)); @@ -2142,8 +2148,11 @@ void asymmetric_encryption_key_policy(int policy_usage_arg, NULL, 0, buffer, buffer_length, &output_length); - if (policy_alg == exercise_alg && - (policy_usage & PSA_KEY_USAGE_ENCRYPT) != 0) { + if (use_opaque_key) { + /* Encryption/decryption is opaque keys is currently not supported. */ + TEST_EQUAL(status, PSA_ERROR_NOT_SUPPORTED); + } else if (policy_alg == exercise_alg && + (policy_usage & PSA_KEY_USAGE_ENCRYPT) != 0) { PSA_ASSERT(status); } else { TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); @@ -2157,8 +2166,11 @@ void asymmetric_encryption_key_policy(int policy_usage_arg, NULL, 0, buffer, buffer_length, &output_length); - if (policy_alg == exercise_alg && - (policy_usage & PSA_KEY_USAGE_DECRYPT) != 0) { + if (use_opaque_key) { + /* Encryption/decryption is opaque keys is currently not supported. */ + TEST_EQUAL(status, PSA_ERROR_NOT_SUPPORTED); + } else if (policy_alg == exercise_alg && + (policy_usage & PSA_KEY_USAGE_DECRYPT) != 0) { TEST_EQUAL(status, PSA_ERROR_INVALID_PADDING); } else { TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); From 5bb454aace1db636dc7128a48eb5d7328b018639 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 15 Jan 2024 10:43:16 +0100 Subject: [PATCH 1348/1674] psa_crypto: allow asymmetric encryption/decryption also with opaque keys Signed-off-by: Valerio Setti --- library/psa_crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a8baa6b6f..e4ecdd08c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3080,7 +3080,7 @@ psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key, return PSA_ERROR_INVALID_ARGUMENT; } - status = psa_get_and_lock_transparent_key_slot_with_policy( + status = psa_get_and_lock_key_slot_with_policy( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg); if (status != PSA_SUCCESS) { return status; @@ -3132,7 +3132,7 @@ psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key, return PSA_ERROR_INVALID_ARGUMENT; } - status = psa_get_and_lock_transparent_key_slot_with_policy( + status = psa_get_and_lock_key_slot_with_policy( key, &slot, PSA_KEY_USAGE_DECRYPT, alg); if (status != PSA_SUCCESS) { return status; From c4f984f2a579307dbffeda22e7b5a96d606fd34d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 12 Jan 2024 18:29:01 +0000 Subject: [PATCH 1349/1674] Iterate in 16-byte chunks Signed-off-by: Dave Rodgman --- library/aes.c | 32 +++++++++++++++++++------------- 1 file changed, 19 insertions(+), 13 deletions(-) diff --git a/library/aes.c b/library/aes.c index f4b9739f7..ced8a3263 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1441,36 +1441,42 @@ int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx, const unsigned char *input, unsigned char *output) { - int c, i; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t n; - n = *nc_off; + size_t offset = *nc_off; - if (n > 0x0F) { + if (offset > 0x0F) { return MBEDTLS_ERR_AES_BAD_INPUT_DATA; } - while (length--) { - if (n == 0) { + for (size_t i = 0; i < length;) { + size_t n = 16; + if (offset == 0) { ret = mbedtls_aes_crypt_ecb(ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block); if (ret != 0) { goto exit; } - - for (i = 16; i > 0; i--) { - if (++nonce_counter[i - 1] != 0) { + for (int j = 16; j > 0; j--) { + if (++nonce_counter[j - 1] != 0) { break; } } + } else { + n -= offset; } - c = *input++; - *output++ = (unsigned char) (c ^ stream_block[n]); - n = (n + 1) & 0x0F; + if (n > (length - i)) { + n = (length - i); + } + mbedtls_xor(&output[i], &input[i], &stream_block[offset], n); + // offset might be non-zero for the last block, but in that case, we don't use it again + offset = 0; + i += n; } - *nc_off = n; + // capture offset for future resumption + *nc_off = (*nc_off + length) % 16; + ret = 0; exit: From 4755e6bda47e8722ade10b0a86d1e94e89c312f1 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Fri, 12 Jan 2024 16:35:59 +0000 Subject: [PATCH 1350/1674] Relax psa_wipe_key_slot to allow states other than SLOT_PENDING_DELETION psa_wipe_key_slot can now be called on a slot in any state, if the slot's state is PSA_SLOT_FULL or PSA_SLOT_PENDING_DELETION then there must be exactly 1 registered reader. Remove the state changing calls that are no longer necessary. Signed-off-by: Ryan Everett --- library/psa_crypto.c | 14 +++----------- library/psa_crypto_core.h | 7 ++----- library/psa_crypto_slot_management.c | 25 ++++++------------------- library/psa_crypto_slot_management.h | 2 +- 4 files changed, 12 insertions(+), 36 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index da5e5be77..1f6450025 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -983,10 +983,6 @@ psa_status_t psa_remove_key_data_from_memory(psa_key_slot_t *slot) * Persistent storage is not affected. */ psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot) { - if (slot->state != PSA_SLOT_PENDING_DELETION) { - return PSA_ERROR_BAD_STATE; - } - psa_status_t status = psa_remove_key_data_from_memory(slot); /* @@ -998,7 +994,9 @@ psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot) * function is called as part of the execution of a test suite, the * execution of the test suite is stopped in error if the assertion fails. */ - if (slot->registered_readers != 1) { + if (((slot->state == PSA_SLOT_FULL) || + (slot->state == PSA_SLOT_PENDING_DELETION)) && + (slot->registered_readers != 1)) { MBEDTLS_TEST_HOOK_TEST_ASSERT(slot->registered_readers == 1); status = PSA_ERROR_CORRUPTION_DETECTED; } @@ -1828,12 +1826,6 @@ static void psa_fail_key_creation(psa_key_slot_t *slot, * itself. */ (void) psa_crypto_stop_transaction(); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - - /* Prepare the key slot to be wiped, and then wipe it. */ - slot->registered_readers = 1; - psa_key_slot_state_transition(slot, PSA_SLOT_FILLING, - PSA_SLOT_PENDING_DELETION); - psa_wipe_key_slot(slot); } diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 3b5c63497..f11df9f36 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -70,8 +70,6 @@ typedef struct { * Number of functions registered as reading the material in the key slot. * * Library functions must not write directly to registered_readers - * (unless the slot's state is PSA_SLOT_FILLING and the slot needs to be - * wiped following a failed key creation). * * A function must call psa_register_read(slot) before reading the current * contents of the slot for an operation. @@ -191,9 +189,8 @@ static inline psa_key_slot_number_t psa_key_slot_get_slot_number( * \retval #PSA_SUCCESS * The slot has been successfully wiped. * \retval #PSA_ERROR_CORRUPTION_DETECTED - * The amount of registered readers was not equal to 1. - * \retval #PSA_ERROR_BAD_STATE - * The slot's state was not PSA_SLOT_PENDING_DELETION. + * The slot's state was PSA_SLOT_FULL or PSA_SLOT_PENDING_DELETION, and + * the amount of registered readers was not equal to 1. */ psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot); diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index ef76dcb89..e7ea8efb4 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -189,10 +189,6 @@ psa_status_t psa_reserve_free_key_slot(psa_key_id_t *volatile_key_id, (unused_persistent_key_slot != NULL)) { selected_slot = unused_persistent_key_slot; psa_register_read(selected_slot); - /* If the state is not changed then psa_wipe_key_slot - * will report an error. */ - psa_key_slot_state_transition(selected_slot, PSA_SLOT_FULL, - PSA_SLOT_PENDING_DELETION); status = psa_wipe_key_slot(selected_slot); if (status != PSA_SUCCESS) { goto error; @@ -394,12 +390,6 @@ psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key, #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ if (status != PSA_SUCCESS) { - /* Prepare the key slot to be wiped, and then wipe it. - * Don't overwrite status as a BAD_STATE error here - * can be reported in the psa_wipe_key_slot call. */ - (*p_slot)->registered_readers = 1; - psa_key_slot_state_transition((*p_slot), PSA_SLOT_FILLING, - PSA_SLOT_PENDING_DELETION); psa_wipe_key_slot(*p_slot); if (status == PSA_ERROR_DOES_NOT_EXIST) { @@ -544,13 +534,10 @@ psa_status_t psa_close_key(psa_key_handle_t handle) return status; } if (slot->registered_readers == 1) { - status = psa_key_slot_state_transition(slot, PSA_SLOT_FULL, - PSA_SLOT_PENDING_DELETION); - if (status != PSA_SUCCESS) { - return status; - } + return psa_wipe_key_slot(slot); + } else { + return psa_unregister_read(slot); } - return psa_unregister_read(slot); } psa_status_t psa_purge_key(mbedtls_svc_key_id_t key) @@ -565,10 +552,10 @@ psa_status_t psa_purge_key(mbedtls_svc_key_id_t key) if ((!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) && (slot->registered_readers == 1)) { - psa_key_slot_state_transition(slot, PSA_SLOT_FULL, - PSA_SLOT_PENDING_DELETION); + return psa_wipe_key_slot(slot); + } else { + return psa_unregister_read(slot); } - return psa_unregister_read(slot); } void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats) diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 5858b1851..9b8e89132 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -179,7 +179,7 @@ static inline psa_status_t psa_register_read(psa_key_slot_t *slot) * This function decrements the key slot registered reader counter by one. * If the state of the slot is PSA_SLOT_PENDING_DELETION, * and there is only one registered reader (the caller), - * this function will call psa_wipe_slot(). + * this function will call psa_wipe_key_slot(). * * \note To ease the handling of errors in retrieving a key slot * a NULL input pointer is valid, and the function returns From dfe8bf86a8957cf93795584cba2eb5603d40f84c Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Fri, 12 Jan 2024 17:45:05 +0000 Subject: [PATCH 1351/1674] Return CORRUPTION_DETECTED instead of BAD_SLOT when the slot's state is wrong These error codes are only returned if the program has been tampered with, so they should be CORRUPTION_DETECTED. Signed-off-by: Ryan Everett --- include/psa/crypto.h | 8 ++------ include/psa/crypto_compat.h | 4 +--- library/psa_crypto.c | 1 - library/psa_crypto_core.h | 2 +- library/psa_crypto_slot_management.c | 2 +- library/psa_crypto_slot_management.h | 29 ++++++++++++---------------- 6 files changed, 17 insertions(+), 29 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index fd1928a65..fe10ee0e4 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -415,9 +415,7 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes); * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize - * results in this error code. Or, - * this call was operating on a key slot and found the slot in - * an invalid state for the operation. + * results in this error code. */ psa_status_t psa_purge_key(mbedtls_svc_key_id_t key); @@ -557,9 +555,7 @@ psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key, * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize - * results in this error code. Or, - * this call was operating on a key slot and found the slot in - * an invalid state for the operation. + * results in this error code. */ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key); diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index bfc00164b..f896fae1c 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -142,9 +142,7 @@ psa_status_t psa_open_key(mbedtls_svc_key_id_t key, * \retval #PSA_ERROR_BAD_STATE * The library has not been previously initialized by psa_crypto_init(). * It is implementation-dependent whether a failure to initialize - * results in this error code. Or, - * this call was operating on a key slot and found the slot in - * an invalid state for the operation. + * results in this error code. */ psa_status_t psa_close_key(psa_key_handle_t handle); diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 1f6450025..2a8183e04 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1718,7 +1718,6 @@ static psa_status_t psa_start_key_creation( * \retval #PSA_ERROR_DATA_INVALID \emptydescription * \retval #PSA_ERROR_DATA_CORRUPT \emptydescription * \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription - * \retval #PSA_ERROR_BAD_STATE \emptydescription * * \return If this function fails, the key slot is an invalid state. * You must call psa_fail_key_creation() to wipe and free the slot. diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index f11df9f36..376337e16 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -56,7 +56,7 @@ typedef struct { * The state variable is used to help determine whether library functions * which operate on the slot succeed. For example, psa_finish_key_creation, * which transfers the state of a slot from PSA_SLOT_FILLING to - * PSA_SLOT_FULL, must fail with error code PSA_ERROR_BAD_STATE + * PSA_SLOT_FULL, must fail with error code PSA_ERROR_CORRUPTION_DETECTED * if the state of the slot is not PSA_SLOT_FILLING. * * Library functions which traverse the array of key slots only consider diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index e7ea8efb4..3accacff0 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -417,7 +417,7 @@ psa_status_t psa_unregister_read(psa_key_slot_t *slot) } if ((slot->state != PSA_SLOT_FULL) && (slot->state != PSA_SLOT_PENDING_DELETION)) { - return PSA_ERROR_BAD_STATE; + return PSA_ERROR_CORRUPTION_DETECTED; } /* If we are the last reader and the slot is marked for deletion, diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 9b8e89132..0b0d7b320 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -68,9 +68,7 @@ static inline int psa_key_id_is_volatile(psa_key_id_t key_id) * description of the key identified by \p key. * The key slot counter has been incremented. * \retval #PSA_ERROR_BAD_STATE - * The library has not been initialized. Or, - * this call was operating on a key slot and found the slot in - * an invalid state for the operation. + * The library has not been initialized. * \retval #PSA_ERROR_INVALID_HANDLE * \p key is not a valid key identifier. * \retval #PSA_ERROR_INSUFFICIENT_MEMORY @@ -114,7 +112,8 @@ void psa_wipe_all_key_slots(void); * \retval #PSA_SUCCESS \emptydescription * \retval #PSA_ERROR_INSUFFICIENT_MEMORY * There were no free key slots. - * \retval #PSA_ERROR_BAD_STATE + * \retval #PSA_ERROR_BAD_STATE \emptydescription + * \retval #PSA_ERROR_CORRUPTION_DETECTED * This function attempted to operate on a key slot which was in an * unexpected state. */ @@ -133,7 +132,7 @@ psa_status_t psa_reserve_free_key_slot(psa_key_id_t *volatile_key_id, * * \retval #PSA_SUCCESS The key slot's state variable is new_state. - * \retval #PSA_ERROR_BAD_STATE + * \retval #PSA_ERROR_CORRUPTION_DETECTED * The slot's state was not expected_state. */ static inline psa_status_t psa_key_slot_state_transition( @@ -141,7 +140,7 @@ static inline psa_status_t psa_key_slot_state_transition( psa_key_slot_state_t new_state) { if (slot->state != expected_state) { - return PSA_ERROR_BAD_STATE; + return PSA_ERROR_CORRUPTION_DETECTED; } slot->state = new_state; return PSA_SUCCESS; @@ -157,16 +156,12 @@ static inline psa_status_t psa_key_slot_state_transition( The key slot registered reader counter was incremented. * \retval #PSA_ERROR_CORRUPTION_DETECTED * The reader counter already reached its maximum value and was not - * increased. - * \retval #PSA_ERROR_BAD_STATE - * The slot's state was not PSA_SLOT_FULL. + * increased, or the slot's state was not PSA_SLOT_FULL. */ static inline psa_status_t psa_register_read(psa_key_slot_t *slot) { - if (slot->state != PSA_SLOT_FULL) { - return PSA_ERROR_BAD_STATE; - } - if (slot->registered_readers >= SIZE_MAX) { + if ((slot->state != PSA_SLOT_FULL) || + (slot->registered_readers >= SIZE_MAX)) { return PSA_ERROR_CORRUPTION_DETECTED; } slot->registered_readers++; @@ -190,11 +185,11 @@ static inline psa_status_t psa_register_read(psa_key_slot_t *slot) * \p slot is NULL or the key slot reader counter has been * decremented (and potentially wiped) successfully. * \retval #PSA_ERROR_CORRUPTION_DETECTED - * registered_readers was equal to 0. - * \retval #PSA_ERROR_BAD_STATE * The slot's state was neither PSA_SLOT_FULL nor - * PSA_SLOT_PENDING_DELETION, or a wipe was attempted and - * the slot's state was not PSA_SLOT_PENDING_DELETION. + * PSA_SLOT_PENDING_DELETION. + * Or a wipe was attempted and the slot's state was not + * PSA_SLOT_PENDING_DELETION. + * Or registered_readers was equal to 0. */ psa_status_t psa_unregister_read(psa_key_slot_t *slot); From 709120a9ceb73dd02578d487caebee0a51491767 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Mon, 15 Jan 2024 11:19:03 +0000 Subject: [PATCH 1352/1674] Revert change to return behaviour in psa_reserve_free_key_slot This change was a mistake, we still need to wipe the pointers here. Signed-off-by: Ryan Everett --- library/psa_crypto_slot_management.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 3accacff0..8d7ff908e 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -199,7 +199,7 @@ psa_status_t psa_reserve_free_key_slot(psa_key_id_t *volatile_key_id, status = psa_key_slot_state_transition(selected_slot, PSA_SLOT_EMPTY, PSA_SLOT_FILLING); if (status != PSA_SUCCESS) { - return status; + goto error; } *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + From 1d32a577645cc188793ffd1401d84a05fa39e0ca Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Mon, 15 Jan 2024 11:27:58 +0000 Subject: [PATCH 1353/1674] Revert change to psa_destroy_key documentation Signed-off-by: Ryan Everett --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2a8183e04..d15ace559 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1126,7 +1126,7 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key) exit: status = psa_wipe_key_slot(slot); - /* Prioritize an error from wiping over a storage error */ + /* Prioritize CORRUPTION_DETECTED from wiping over a storage error */ if (status != PSA_SUCCESS) { overall_status = status; } From b49cf1019d32e204c13839fba9ac329d623a1105 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 13 Jan 2024 16:40:58 +0000 Subject: [PATCH 1354/1674] Introduce mbedtls_ctr_increment_counter Signed-off-by: Dave Rodgman --- library/ctr.h | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 library/ctr.h diff --git a/library/ctr.h b/library/ctr.h new file mode 100644 index 000000000..a6b84cdeb --- /dev/null +++ b/library/ctr.h @@ -0,0 +1,30 @@ +/** + * \file ctr.h + * + * \brief This file contains common functionality for counter algorithms. + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include "common.h" + +/** + * \brief Increment a big-endian 16-byte value. + * This is quite performance-sensitive for AES-CTR and CTR-DRBG. + * + * \param n A 16-byte value to be incremented. + */ +static inline void mbedtls_ctr_increment_counter(uint8_t n[16]) +{ + // The 32-bit version seems to perform about the same as a 64-bit version + // on 64-bit architectures, so no need to define a 64-bit version. + for (int i = 3;; i--) { + uint32_t x = MBEDTLS_GET_UINT32_BE(n, i << 2); + x += 1; + MBEDTLS_PUT_UINT32_BE(x, n, i << 2); + if (x != 0 || i == 0) { + break; + } + } +} From ae730348e9c983410d343c14940e08550bcb58b4 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 13 Jan 2024 17:31:13 +0000 Subject: [PATCH 1355/1674] Add tests for mbedtls_ctr_increment_counter Signed-off-by: Dave Rodgman --- tests/suites/test_suite_ctr_drbg.data | 45 ++++++++++++++ tests/suites/test_suite_ctr_drbg.function | 73 +++++++++++++++++++++++ 2 files changed, 118 insertions(+) diff --git a/tests/suites/test_suite_ctr_drbg.data b/tests/suites/test_suite_ctr_drbg.data index 028a07f80..89dfb9792 100644 --- a/tests/suites/test_suite_ctr_drbg.data +++ b/tests/suites/test_suite_ctr_drbg.data @@ -1105,3 +1105,48 @@ ctr_drbg_threads:"B10A961F2EA39927B4C48AEDDD299026":1:5 CTR_DRBG self test ctr_drbg_selftest: + +Increment counter rollover +ctr_increment_rollover + +Increment counter 00 +ctr_increment:"00" + +Increment counter ff00 +ctr_increment:"ff00" + +Increment counter ff0000 +ctr_increment:"ff0000" + +Increment counter ff000000 +ctr_increment:"ff000000" + +Increment counter ff00000000 +ctr_increment:"ff00000000" + +Increment counter ff0000000000 +ctr_increment:"ff0000000000" + +Increment counter ff000000000000 +ctr_increment:"ff000000000000" + +Increment counter 01 +ctr_increment:"01" + +Increment counter ff01 +ctr_increment:"ff01" + +Increment counter ff0001 +ctr_increment:"ff0001" + +Increment counter ff000001 +ctr_increment:"ff000001" + +Increment counter ff00000001 +ctr_increment:"ff00000001" + +Increment counter ff0000000001 +ctr_increment:"ff0000000001" + +Increment counter ff000000000001 +ctr_increment:"ff000000000001" diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 1f0a072c7..425c43ef1 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -2,6 +2,7 @@ #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" #include "string.h" +#include "ctr.h" #if defined(MBEDTLS_THREADING_PTHREAD) #include "mbedtls/threading.h" @@ -443,3 +444,75 @@ void ctr_drbg_selftest() AES_PSA_DONE(); } /* END_CASE */ + +/* BEGIN_CASE */ +void ctr_increment_rollover() +{ + uint8_t c[16]; + uint8_t r[16]; + + // test all increments from 2^n - 1 to 2^n (i.e. where we roll over into the next bit) + for (int n = 0; n <= 128; n++) { + memset(c, 0, 16); + memset(r, 0, 16); + + // set least significant (highest address) n bits to 1, i.e. generate (2^n - 1) + for (int i = 0; i < n; i++) { + int bit = i % 8; + int byte = (i / 8); + c[15 - byte] |= 1 << bit; + } + // increment to get 2^n + mbedtls_ctr_increment_counter(c); + + // now generate a reference result equal to 2^n - i.e. set only bit (n + 1) + // if n == 127, this will not set any bits (i.e. wraps to 0). + int bit = n % 8; + int byte = n / 8; + if (byte < 16) { + r[15 - byte] = 1 << bit; + } + + TEST_MEMORY_COMPARE(c, 16, r, 16); + } + + uint64_t lsb = 10, msb = 20; + MBEDTLS_PUT_UINT64_BE(msb, c, 0); + MBEDTLS_PUT_UINT64_BE(lsb, c, 8); + memcpy(r, c, 16); + mbedtls_ctr_increment_counter(c); + for (int i = 15; i >= 0; i--) { + r[i] += 1; + if (r[i] != 0) { + break; + } + } + TEST_MEMORY_COMPARE(c, 16, r, 16); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void ctr_increment(data_t *x) +{ + uint8_t c[16]; + uint8_t r[16]; + + // initialise c and r from test argument + memset(c, 0, 16); + memcpy(c, x->x, x->len); + memcpy(r, c, 16); + + // increment c + mbedtls_ctr_increment_counter(c); + // increment reference + for (int i = 15; i >= 0; i--) { + r[i] += 1; + if (r[i] != 0) { + break; + } + } + + // test that mbedtls_ctr_increment_counter behaviour matches reference + TEST_MEMORY_COMPARE(c, 16, r, 16); +} +/* END_CASE */ From 591ff05384f36658022f3c67f408dbc903ec8897 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 13 Jan 2024 16:42:38 +0000 Subject: [PATCH 1356/1674] Use optimised counter increment in AES-CTR and CTR-DRBG Signed-off-by: Dave Rodgman --- library/aes.c | 7 ++----- library/ctr_drbg.c | 17 +++++------------ 2 files changed, 7 insertions(+), 17 deletions(-) diff --git a/library/aes.c b/library/aes.c index ced8a3263..b1a5c3ed1 100644 --- a/library/aes.c +++ b/library/aes.c @@ -53,6 +53,7 @@ #endif #include "mbedtls/platform.h" +#include "ctr.h" /* * This is a convenience shorthand macro to check if we need reverse S-box and @@ -1456,11 +1457,7 @@ int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx, if (ret != 0) { goto exit; } - for (int j = 16; j > 0; j--) { - if (++nonce_counter[j - 1] != 0) { - break; - } - } + mbedtls_ctr_increment_counter(nonce_counter); } else { n -= offset; } diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index da34f950b..f3995f709 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -14,6 +14,7 @@ #if defined(MBEDTLS_CTR_DRBG_C) +#include "ctr.h" #include "mbedtls/ctr_drbg.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" @@ -333,7 +334,7 @@ static int ctr_drbg_update_internal(mbedtls_ctr_drbg_context *ctx, { unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN]; unsigned char *p = tmp; - int i, j; + int j; int ret = 0; #if !defined(MBEDTLS_AES_C) psa_status_t status; @@ -346,11 +347,7 @@ static int ctr_drbg_update_internal(mbedtls_ctr_drbg_context *ctx, /* * Increase counter */ - for (i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i--) { - if (++ctx->counter[i - 1] != 0) { - break; - } - } + mbedtls_ctr_increment_counter(ctx->counter); /* * Crypt counter block @@ -652,13 +649,9 @@ int mbedtls_ctr_drbg_random_with_add(void *p_rng, while (output_len > 0) { /* - * Increase counter + * Increase counter (treat it as a 128-bit big-endian integer). */ - for (i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i--) { - if (++ctx->counter[i - 1] != 0) { - break; - } - } + mbedtls_ctr_increment_counter(ctx->counter); /* * Crypt counter block From 174eeff235f2d3c8290a5709811669332521685b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sat, 13 Jan 2024 16:43:18 +0000 Subject: [PATCH 1357/1674] Save 14 bytes in CTR-DRBG Signed-off-by: Dave Rodgman --- library/ctr_drbg.c | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index f3995f709..30574679f 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -369,9 +369,7 @@ static int ctr_drbg_update_internal(mbedtls_ctr_drbg_context *ctx, p += MBEDTLS_CTR_DRBG_BLOCKSIZE; } - for (i = 0; i < MBEDTLS_CTR_DRBG_SEEDLEN; i++) { - tmp[i] ^= data[i]; - } + mbedtls_xor(tmp, tmp, data, MBEDTLS_CTR_DRBG_SEEDLEN); /* * Update key and counter @@ -614,10 +612,11 @@ int mbedtls_ctr_drbg_random_with_add(void *p_rng, { int ret = 0; mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng; - unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN]; unsigned char *p = output; - unsigned char tmp[MBEDTLS_CTR_DRBG_BLOCKSIZE]; - int i; + struct { + unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN]; + unsigned char tmp[MBEDTLS_CTR_DRBG_BLOCKSIZE]; + } locals; size_t use_len; if (output_len > MBEDTLS_CTR_DRBG_MAX_REQUEST) { @@ -628,7 +627,7 @@ int mbedtls_ctr_drbg_random_with_add(void *p_rng, return MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; } - memset(add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN); + memset(locals.add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN); if (ctx->reseed_counter > ctx->reseed_interval || ctx->prediction_resistance) { @@ -639,10 +638,10 @@ int mbedtls_ctr_drbg_random_with_add(void *p_rng, } if (add_len > 0) { - if ((ret = block_cipher_df(add_input, additional, add_len)) != 0) { + if ((ret = block_cipher_df(locals.add_input, additional, add_len)) != 0) { goto exit; } - if ((ret = ctr_drbg_update_internal(ctx, add_input)) != 0) { + if ((ret = ctr_drbg_update_internal(ctx, locals.add_input)) != 0) { goto exit; } } @@ -658,7 +657,7 @@ int mbedtls_ctr_drbg_random_with_add(void *p_rng, */ #if defined(MBEDTLS_AES_C) if ((ret = mbedtls_aes_crypt_ecb(&ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, - ctx->counter, tmp)) != 0) { + ctx->counter, locals.tmp)) != 0) { goto exit; } #else @@ -678,20 +677,19 @@ int mbedtls_ctr_drbg_random_with_add(void *p_rng, /* * Copy random block to destination */ - memcpy(p, tmp, use_len); + memcpy(p, locals.tmp, use_len); p += use_len; output_len -= use_len; } - if ((ret = ctr_drbg_update_internal(ctx, add_input)) != 0) { + if ((ret = ctr_drbg_update_internal(ctx, locals.add_input)) != 0) { goto exit; } ctx->reseed_counter++; exit: - mbedtls_platform_zeroize(add_input, sizeof(add_input)); - mbedtls_platform_zeroize(tmp, sizeof(tmp)); + mbedtls_platform_zeroize(&locals, sizeof(locals)); return ret; } From 46697da5b3b555148c7e5a46aaf70393c6a48eb3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 14 Jan 2024 12:59:49 +0000 Subject: [PATCH 1358/1674] Make gcm counter increment more efficient Signed-off-by: Dave Rodgman --- library/gcm.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/library/gcm.c b/library/gcm.c index 20d55c0a8..c677ca4d7 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -401,12 +401,9 @@ int mbedtls_gcm_update_ad(mbedtls_gcm_context *ctx, /* Increment the counter. */ static void gcm_incr(unsigned char y[16]) { - size_t i; - for (i = 16; i > 12; i--) { - if (++y[i - 1] != 0) { - break; - } - } + uint32_t x = MBEDTLS_GET_UINT32_BE(y, 12); + x++; + MBEDTLS_PUT_UINT32_BE(x, y, 12); } /* Calculate and apply the encryption mask. Process use_len bytes of data, From 66a827fc8394f67096f6f3ea7eb11ddbe8ad6616 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 15 Jan 2024 15:00:52 +0100 Subject: [PATCH 1359/1674] test_driver_key_management: make opaque [un]wrapping functions public Signed-off-by: Valerio Setti --- tests/include/test/drivers/key_management.h | 8 ++++++++ tests/src/drivers/test_driver_key_management.c | 4 ++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 526adbb91..9a68777ec 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -67,6 +67,14 @@ void mbedtls_test_transparent_free(void); psa_status_t mbedtls_test_opaque_init(void); void mbedtls_test_opaque_free(void); +psa_status_t mbedtls_test_opaque_wrap_key( + const uint8_t *key, size_t key_length, uint8_t *wrapped_key_buffer, + size_t wrapped_key_buffer_size, size_t *wrapped_key_buffer_length); + +psa_status_t mbedtls_test_opaque_unwrap_key( + const uint8_t *wrapped_key, size_t wrapped_key_length, uint8_t *key_buffer, + size_t key_buffer_size, size_t *key_buffer_length); + psa_status_t mbedtls_test_transparent_generate_key( const psa_key_attributes_t *attributes, uint8_t *key, size_t key_size, size_t *key_length); diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index d522ebfe8..4188c25c1 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -125,7 +125,7 @@ static size_t mbedtls_test_opaque_get_base_size() * The argument wrapped_key_buffer_length is filled with the wrapped * key_size on success. * */ -static psa_status_t mbedtls_test_opaque_wrap_key( +psa_status_t mbedtls_test_opaque_wrap_key( const uint8_t *key, size_t key_length, uint8_t *wrapped_key_buffer, @@ -159,7 +159,7 @@ static psa_status_t mbedtls_test_opaque_wrap_key( * The argument key_buffer_length is filled with the unwrapped(clear) * key_size on success. * */ -static psa_status_t mbedtls_test_opaque_unwrap_key( +psa_status_t mbedtls_test_opaque_unwrap_key( const uint8_t *wrapped_key, size_t wrapped_key_length, uint8_t *key_buffer, From 62b6f10f64f8454b3aba38fda05257356cd56541 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 15 Jan 2024 15:03:17 +0100 Subject: [PATCH 1360/1674] test_driver_asymmetric_encryption: implement opaque [en/de]cryption functions Signed-off-by: Valerio Setti --- .../test_driver_asymmetric_encryption.c | 78 +++++++++++++------ 1 file changed, 55 insertions(+), 23 deletions(-) diff --git a/tests/src/drivers/test_driver_asymmetric_encryption.c b/tests/src/drivers/test_driver_asymmetric_encryption.c index ff46387d5..4fc8c9d34 100644 --- a/tests/src/drivers/test_driver_asymmetric_encryption.c +++ b/tests/src/drivers/test_driver_asymmetric_encryption.c @@ -13,11 +13,15 @@ #include "psa_crypto_rsa.h" #include "string.h" #include "test/drivers/asymmetric_encryption.h" +#include "test/drivers/key_management.h" #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) #include "libtestdriver1/library/psa_crypto_rsa.h" #endif +#define PSA_RSA_KEY_PAIR_MAX_SIZE \ + PSA_KEY_EXPORT_RSA_KEY_PAIR_MAX_SIZE(PSA_VENDOR_RSA_MAX_KEY_BITS) + mbedtls_test_driver_asymmetric_encryption_hooks_t mbedtls_test_driver_asymmetric_encryption_hooks = MBEDTLS_TEST_DRIVER_ASYMMETRIC_ENCRYPTION_INIT; @@ -104,7 +108,7 @@ psa_status_t mbedtls_test_transparent_asymmetric_decrypt( } /* - * opaque versions - TODO + * opaque versions */ psa_status_t mbedtls_test_opaque_asymmetric_encrypt( const psa_key_attributes_t *attributes, const uint8_t *key, @@ -112,17 +116,31 @@ psa_status_t mbedtls_test_opaque_asymmetric_encrypt( size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length) { - (void) attributes; - (void) key; - (void) key_length; - (void) alg; - (void) input; - (void) input_length; - (void) salt; - (void) salt_length; - (void) output; - (void) output_size; - (void) output_length; + unsigned char unwrapped_key[PSA_RSA_KEY_PAIR_MAX_SIZE]; + size_t unwrapped_key_length; + psa_status_t status; + + status = mbedtls_test_opaque_unwrap_key(key, key_length, + unwrapped_key, sizeof(unwrapped_key), + &unwrapped_key_length); + if (status != PSA_SUCCESS) { + return status; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) || defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)) + return libtestdriver1_mbedtls_psa_asymmetric_encrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + unwrapped_key, unwrapped_key_length, + alg, input, input_length, salt, salt_length, + output, output_size, output_length); +#else + return mbedtls_psa_asymmetric_encrypt( + attributes, unwrapped_key, unwrapped_key_length, + alg, input, input_length, salt, salt_length, + output, output_size, output_length); +#endif + return PSA_ERROR_NOT_SUPPORTED; } @@ -132,17 +150,31 @@ psa_status_t mbedtls_test_opaque_asymmetric_decrypt( size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length) { - (void) attributes; - (void) key; - (void) key_length; - (void) alg; - (void) input; - (void) input_length; - (void) salt; - (void) salt_length; - (void) output; - (void) output_size; - (void) output_length; + unsigned char unwrapped_key[PSA_RSA_KEY_PAIR_MAX_SIZE]; + size_t unwrapped_key_length; + psa_status_t status; + + status = mbedtls_test_opaque_unwrap_key(key, key_length, + unwrapped_key, sizeof(unwrapped_key), + &unwrapped_key_length); + if (status != PSA_SUCCESS) { + return status; + } + +#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \ + (defined(MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP) || defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT)) + return libtestdriver1_mbedtls_psa_asymmetric_decrypt( + (const libtestdriver1_psa_key_attributes_t *) attributes, + unwrapped_key, unwrapped_key_length, + alg, input, input_length, salt, salt_length, + output, output_size, output_length); +#else + return mbedtls_psa_asymmetric_decrypt( + attributes, unwrapped_key, unwrapped_key_length, + alg, input, input_length, salt, salt_length, + output, output_size, output_length); +#endif + return PSA_ERROR_NOT_SUPPORTED; } From 4860a6c7acc281bf581f972147d09c0407bebbe1 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 15 Jan 2024 15:05:24 +0100 Subject: [PATCH 1361/1674] test_suite_psa_crypto: revert known failing checks for [en|de]cryption with opaque keys Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto.function | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index f67508c5f..60c4f30d8 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -2148,11 +2148,8 @@ void asymmetric_encryption_key_policy(int policy_usage_arg, NULL, 0, buffer, buffer_length, &output_length); - if (use_opaque_key) { - /* Encryption/decryption is opaque keys is currently not supported. */ - TEST_EQUAL(status, PSA_ERROR_NOT_SUPPORTED); - } else if (policy_alg == exercise_alg && - (policy_usage & PSA_KEY_USAGE_ENCRYPT) != 0) { + if (policy_alg == exercise_alg && + (policy_usage & PSA_KEY_USAGE_ENCRYPT) != 0) { PSA_ASSERT(status); } else { TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); @@ -2166,11 +2163,8 @@ void asymmetric_encryption_key_policy(int policy_usage_arg, NULL, 0, buffer, buffer_length, &output_length); - if (use_opaque_key) { - /* Encryption/decryption is opaque keys is currently not supported. */ - TEST_EQUAL(status, PSA_ERROR_NOT_SUPPORTED); - } else if (policy_alg == exercise_alg && - (policy_usage & PSA_KEY_USAGE_DECRYPT) != 0) { + if (policy_alg == exercise_alg && + (policy_usage & PSA_KEY_USAGE_DECRYPT) != 0) { TEST_EQUAL(status, PSA_ERROR_INVALID_PADDING); } else { TEST_EQUAL(status, PSA_ERROR_NOT_PERMITTED); From 4cc6fb90393e3d271e8e00a28410f4904095a411 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 14 Jan 2024 18:13:05 +0000 Subject: [PATCH 1362/1674] add test for multipart AES-CTR Signed-off-by: Dave Rodgman --- tests/suites/test_suite_aes.ctr.data | 119 +++++++++++++++++++++++++++ tests/suites/test_suite_aes.function | 72 ++++++++++++++++ 2 files changed, 191 insertions(+) create mode 100644 tests/suites/test_suite_aes.ctr.data diff --git a/tests/suites/test_suite_aes.ctr.data b/tests/suites/test_suite_aes.ctr.data new file mode 100644 index 000000000..6ce7c01fc --- /dev/null +++ b/tests/suites/test_suite_aes.ctr.data @@ -0,0 +1,119 @@ +AES-CTR aes_encrypt_ctr_multipart 1 1 +aes_encrypt_ctr_multipart:1:1 + +AES-CTR aes_encrypt_ctr_multipart 2 1 +aes_encrypt_ctr_multipart:2:1 + +AES-CTR aes_encrypt_ctr_multipart 2 2 +aes_encrypt_ctr_multipart:2:2 + +AES-CTR aes_encrypt_ctr_multipart 4 1 +aes_encrypt_ctr_multipart:4:1 + +AES-CTR aes_encrypt_ctr_multipart 4 2 +aes_encrypt_ctr_multipart:4:2 + +AES-CTR aes_encrypt_ctr_multipart 15 1 +aes_encrypt_ctr_multipart:15:1 + +AES-CTR aes_encrypt_ctr_multipart 15 2 +aes_encrypt_ctr_multipart:15:2 + +AES-CTR aes_encrypt_ctr_multipart 15 8 +aes_encrypt_ctr_multipart:15:8 + +AES-CTR aes_encrypt_ctr_multipart 15 15 +aes_encrypt_ctr_multipart:15:15 + +AES-CTR aes_encrypt_ctr_multipart 16 1 +aes_encrypt_ctr_multipart:16:1 + +AES-CTR aes_encrypt_ctr_multipart 16 2 +aes_encrypt_ctr_multipart:16:2 + +AES-CTR aes_encrypt_ctr_multipart 16 8 +aes_encrypt_ctr_multipart:16:8 + +AES-CTR aes_encrypt_ctr_multipart 16 15 +aes_encrypt_ctr_multipart:16:15 + +AES-CTR aes_encrypt_ctr_multipart 16 16 +aes_encrypt_ctr_multipart:16:16 + +AES-CTR aes_encrypt_ctr_multipart 17 1 +aes_encrypt_ctr_multipart:17:1 + +AES-CTR aes_encrypt_ctr_multipart 17 2 +aes_encrypt_ctr_multipart:17:2 + +AES-CTR aes_encrypt_ctr_multipart 17 8 +aes_encrypt_ctr_multipart:17:8 + +AES-CTR aes_encrypt_ctr_multipart 17 15 +aes_encrypt_ctr_multipart:17:15 + +AES-CTR aes_encrypt_ctr_multipart 17 16 +aes_encrypt_ctr_multipart:17:16 + +AES-CTR aes_encrypt_ctr_multipart 63 1 +aes_encrypt_ctr_multipart:63:1 + +AES-CTR aes_encrypt_ctr_multipart 63 2 +aes_encrypt_ctr_multipart:63:2 + +AES-CTR aes_encrypt_ctr_multipart 63 8 +aes_encrypt_ctr_multipart:63:8 + +AES-CTR aes_encrypt_ctr_multipart 63 15 +aes_encrypt_ctr_multipart:63:15 + +AES-CTR aes_encrypt_ctr_multipart 63 16 +aes_encrypt_ctr_multipart:63:16 + +AES-CTR aes_encrypt_ctr_multipart 63 17 +aes_encrypt_ctr_multipart:63:17 + +AES-CTR aes_encrypt_ctr_multipart 64 1 +aes_encrypt_ctr_multipart:64:1 + +AES-CTR aes_encrypt_ctr_multipart 64 2 +aes_encrypt_ctr_multipart:64:2 + +AES-CTR aes_encrypt_ctr_multipart 64 8 +aes_encrypt_ctr_multipart:64:8 + +AES-CTR aes_encrypt_ctr_multipart 64 15 +aes_encrypt_ctr_multipart:64:15 + +AES-CTR aes_encrypt_ctr_multipart 64 16 +aes_encrypt_ctr_multipart:64:16 + +AES-CTR aes_encrypt_ctr_multipart 64 17 +aes_encrypt_ctr_multipart:64:17 + +AES-CTR aes_encrypt_ctr_multipart 1024 1 +aes_encrypt_ctr_multipart:1024:1 + +AES-CTR aes_encrypt_ctr_multipart 1024 10 +aes_encrypt_ctr_multipart:1024:10 + +AES-CTR aes_encrypt_ctr_multipart 1024 15 +aes_encrypt_ctr_multipart:1024:15 + +AES-CTR aes_encrypt_ctr_multipart 1024 16 +aes_encrypt_ctr_multipart:1024:16 + +AES-CTR aes_encrypt_ctr_multipart 1024 63 +aes_encrypt_ctr_multipart:1024:63 + +AES-CTR aes_encrypt_ctr_multipart 1024 64 +aes_encrypt_ctr_multipart:1024:64 + +AES-CTR aes_encrypt_ctr_multipart 1024 65 +aes_encrypt_ctr_multipart:1024:65 + +AES-CTR aes_encrypt_ctr_multipart 1024 1023 +aes_encrypt_ctr_multipart:1024:1023 + +AES-CTR aes_encrypt_ctr_multipart 1024 1024 +aes_encrypt_ctr_multipart:1024:1024 diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index 2ca3f7f20..f4950a083 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -88,6 +88,78 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */ +void aes_encrypt_ctr_multipart(int length, int step_size) +{ + unsigned char key[16]; + unsigned char ctr_a[16]; + unsigned char ctr_b[16]; + unsigned char stream_block_a[16]; + unsigned char stream_block_b[16]; + unsigned char *input = NULL; + unsigned char *output_a = NULL; + unsigned char *output_b = NULL; + mbedtls_aes_context ctx; + size_t nc_off_a, nc_off_b; + + TEST_ASSERT(length >= 0); + TEST_ASSERT(step_size > 0); + + TEST_CALLOC(input, length); + TEST_CALLOC(output_a, length); + TEST_CALLOC(output_b, length); + + // set up a random key + mbedtls_test_rnd_std_rand(NULL, key, sizeof(key)); + + // random input + mbedtls_test_rnd_std_rand(NULL, input, sizeof(input)); + + + // complete encryption in one call + mbedtls_aes_init(&ctx); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key, sizeof(key) * 8) == 0); + memset(ctr_a, 0, sizeof(ctr_a)); + memset(stream_block_a, 0, sizeof(stream_block_a)); + nc_off_a = 0; + TEST_EQUAL(mbedtls_aes_crypt_ctr(&ctx, length, &nc_off_a, ctr_a, + stream_block_a, input, output_a), 0); + mbedtls_aes_free(&ctx); + + + // encrypt in multiple steps of varying size + mbedtls_aes_init(&ctx); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key, sizeof(key) * 8) == 0); + memset(ctr_b, 0, sizeof(ctr_b)); + memset(stream_block_b, 0, sizeof(stream_block_b)); + nc_off_b = 0; + size_t remaining = length; + unsigned char *ip = input, *op = output_b; + while (remaining != 0) { + size_t l = MIN(remaining, (size_t) step_size); + step_size *= 2; + remaining -= l; + TEST_EQUAL(mbedtls_aes_crypt_ctr(&ctx, l, &nc_off_b, ctr_b, stream_block_b, ip, op), 0); + ip += l; + op += l; + } + + // finally, validate that multiple steps produced same result as single-pass + TEST_MEMORY_COMPARE(output_a, length, output_b, length); + TEST_MEMORY_COMPARE(ctr_a, sizeof(ctr_a), ctr_b, sizeof(ctr_b)); + TEST_MEMORY_COMPARE(stream_block_a, sizeof(stream_block_a), + stream_block_b, sizeof(stream_block_b)); + TEST_EQUAL(nc_off_a, nc_off_b); + +exit: + mbedtls_free(input); + mbedtls_free(output_a); + mbedtls_free(output_b); + + mbedtls_aes_free(&ctx); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ void aes_decrypt_ecb(data_t *key_str, data_t *src_str, data_t *dst, int setkey_result) From 24ad1b59e884df644d872149bb662b9c0cb9eb87 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 14 Jan 2024 23:52:27 +0000 Subject: [PATCH 1363/1674] Add NIST AES-CTR test vectors Signed-off-by: Dave Rodgman --- tests/suites/test_suite_aes.ctr.data | 16 ++++++++++ tests/suites/test_suite_aes.function | 46 ++++++++++++++++++++++++++++ 2 files changed, 62 insertions(+) diff --git a/tests/suites/test_suite_aes.ctr.data b/tests/suites/test_suite_aes.ctr.data index 6ce7c01fc..85c4c9645 100644 --- a/tests/suites/test_suite_aes.ctr.data +++ b/tests/suites/test_suite_aes.ctr.data @@ -1,3 +1,19 @@ +# Test vectors from NIST Special Publication 800-38A 2001 Edition +# Recommendation for Block Edition Cipher Modes of Operation + +# as below, but corrupt the key to check the test catches it +AES-CTR NIST 128 bad +aes_ctr:"00000000000000000000000000000000":"f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":"874d6191b620e3261bef6864990db6ce9806f66b7970fdff8617187bb9fffdff5ae4df3edbd5d35e5b4f09020db03eab1e031dda2fbe03d1792170a0f3009cee":1 + +AES-CTR NIST 128 +aes_ctr:"2b7e151628aed2a6abf7158809cf4f3c":"f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":"874d6191b620e3261bef6864990db6ce9806f66b7970fdff8617187bb9fffdff5ae4df3edbd5d35e5b4f09020db03eab1e031dda2fbe03d1792170a0f3009cee":0 + +AES-CTR NIST 192 +aes_ctr:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":"f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":"1abc932417521ca24f2b0459fe7e6e0b090339ec0aa6faefd5ccc2c6f4ce8e941e36b26bd1ebc670d1bd1d665620abf74f78a7f6d29809585a97daec58c6b050":0 + +AES-CTR NIST 256 +aes_ctr:"603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4":"f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":"601ec313775789a5b7a7f504bbf3d228f443e3ca4d62b59aca84e990cacaf5c52b0930daa23de94ce87017ba2d84988ddfc9c58db67aada613c2dd08457941a6":0 + AES-CTR aes_encrypt_ctr_multipart 1 1 aes_encrypt_ctr_multipart:1:1 diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index f4950a083..7b1306a82 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -88,6 +88,52 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */ +void aes_ctr(data_t *key, data_t *ictr, data_t *pt, data_t *ct, int expected) +{ + unsigned char *output = NULL; + unsigned char ctr[16]; + unsigned char stream_block[16]; + mbedtls_aes_context ctx; + + // sanity checks on test input + TEST_ASSERT(pt->len == ct->len); + TEST_ASSERT(key->len == 16 || key->len == 24 || key->len == 32); + + TEST_CALLOC(output, pt->len); + + // expected result is always success on zero-length input, so skip len == 0 if expecting failure + for (size_t len = (expected == 0 ? 0 : 1); len <= pt->len; len++) { + for (int i = 0; i < 2; i++) { + mbedtls_aes_init(&ctx); + TEST_ASSERT(mbedtls_aes_setkey_enc(&ctx, key->x, key->len * 8) == 0); + + memcpy(ctr, ictr->x, 16); + memset(stream_block, 0, 16); + memset(output, 0, pt->len); + + size_t nc_off = 0; + + if (i == 0) { + // encrypt + TEST_EQUAL(mbedtls_aes_crypt_ctr(&ctx, len, &nc_off, ctr, + stream_block, pt->x, output), 0); + TEST_ASSERT(!!memcmp(output, ct->x, len) == expected); + } else { + // decrypt + TEST_EQUAL(mbedtls_aes_crypt_ctr(&ctx, len, &nc_off, ctr, + stream_block, ct->x, output), 0); + TEST_ASSERT(!!memcmp(output, pt->x, len) == expected); + } + } + } + +exit: + mbedtls_free(output); + mbedtls_aes_free(&ctx); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */ void aes_encrypt_ctr_multipart(int length, int step_size) { From 9f97566c0442066e01fedd28e5ce47b24baf158b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Sun, 14 Jan 2024 23:55:20 +0000 Subject: [PATCH 1364/1674] Add Changelog Signed-off-by: Dave Rodgman --- ChangeLog.d/ctr-perf.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/ctr-perf.txt diff --git a/ChangeLog.d/ctr-perf.txt b/ChangeLog.d/ctr-perf.txt new file mode 100644 index 000000000..bc04080bf --- /dev/null +++ b/ChangeLog.d/ctr-perf.txt @@ -0,0 +1,3 @@ +Features + * Improve performance of AES-GCM, AES-CTR and CTR-DRBG when + hardware accelerated AES is not present (around 13-23% on 64-bit Arm). From 333ca8fdfc0c41852aadbf55e60100a6db5d09ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Tue, 16 Jan 2024 17:05:19 +0100 Subject: [PATCH 1365/1674] Migrate to new RTD redirect format MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Migrate to the new redirect format introduced by ReadTheDocs in readthedocs/readthedocs.org#10881 Signed-off-by: Bence Szépkúti --- docs/redirects.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/redirects.yaml b/docs/redirects.yaml index 7ea1d9550..969ffe43c 100644 --- a/docs/redirects.yaml +++ b/docs/redirects.yaml @@ -7,5 +7,5 @@ # expose it. - type: exact - from_url: /projects/api/en/latest/$rest - to_url: /projects/api/en/development/ + from_url: /projects/api/en/latest/* + to_url: /projects/api/en/development/:splat From b7778b2388c2bdae733a7d702432faf41b718d80 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 16 Jan 2024 16:27:34 +0000 Subject: [PATCH 1366/1674] Fix ASAN error in test Signed-off-by: Dave Rodgman --- tests/suites/test_suite_aes.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function index 7b1306a82..9118a9865 100644 --- a/tests/suites/test_suite_aes.function +++ b/tests/suites/test_suite_aes.function @@ -159,7 +159,7 @@ void aes_encrypt_ctr_multipart(int length, int step_size) mbedtls_test_rnd_std_rand(NULL, key, sizeof(key)); // random input - mbedtls_test_rnd_std_rand(NULL, input, sizeof(input)); + mbedtls_test_rnd_std_rand(NULL, input, length); // complete encryption in one call From 7e5b7f91ca8efd5252a36765502ce9115ba73e61 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 16 Jan 2024 17:28:25 +0000 Subject: [PATCH 1367/1674] Fix error in ctr_drbg Signed-off-by: Dave Rodgman --- library/ctr_drbg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c index 30574679f..66d9d28c5 100644 --- a/library/ctr_drbg.c +++ b/library/ctr_drbg.c @@ -665,7 +665,7 @@ int mbedtls_ctr_drbg_random_with_add(void *p_rng, size_t tmp_len; status = psa_cipher_update(&ctx->psa_ctx.operation, ctx->counter, sizeof(ctx->counter), - tmp, MBEDTLS_CTR_DRBG_BLOCKSIZE, &tmp_len); + locals.tmp, MBEDTLS_CTR_DRBG_BLOCKSIZE, &tmp_len); if (status != PSA_SUCCESS) { ret = psa_generic_status_to_mbedtls(status); goto exit; From 9039ba572b102f32fd1418c1ab6d6cd8edc30dbc Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 16 Jan 2024 18:38:55 +0000 Subject: [PATCH 1368/1674] Fix test dependencies Signed-off-by: Dave Rodgman --- tests/suites/test_suite_aes.ctr.data | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/suites/test_suite_aes.ctr.data b/tests/suites/test_suite_aes.ctr.data index 85c4c9645..a14823666 100644 --- a/tests/suites/test_suite_aes.ctr.data +++ b/tests/suites/test_suite_aes.ctr.data @@ -9,9 +9,11 @@ AES-CTR NIST 128 aes_ctr:"2b7e151628aed2a6abf7158809cf4f3c":"f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":"874d6191b620e3261bef6864990db6ce9806f66b7970fdff8617187bb9fffdff5ae4df3edbd5d35e5b4f09020db03eab1e031dda2fbe03d1792170a0f3009cee":0 AES-CTR NIST 192 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_ctr:"8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":"f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":"1abc932417521ca24f2b0459fe7e6e0b090339ec0aa6faefd5ccc2c6f4ce8e941e36b26bd1ebc670d1bd1d665620abf74f78a7f6d29809585a97daec58c6b050":0 AES-CTR NIST 256 +depends_on:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH aes_ctr:"603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4":"f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710":"601ec313775789a5b7a7f504bbf3d228f443e3ca4d62b59aca84e990cacaf5c52b0930daa23de94ce87017ba2d84988ddfc9c58db67aada613c2dd08457941a6":0 AES-CTR aes_encrypt_ctr_multipart 1 1 From 584dc80d965541e1e93301d4e9b1d7f719168c32 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 16 Jan 2024 16:43:07 +0100 Subject: [PATCH 1369/1674] add changelog Signed-off-by: Valerio Setti --- ChangeLog.d/8461.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/8461.txt diff --git a/ChangeLog.d/8461.txt b/ChangeLog.d/8461.txt new file mode 100644 index 000000000..459e47bd2 --- /dev/null +++ b/ChangeLog.d/8461.txt @@ -0,0 +1,4 @@ +Bugfix + * Fix unsupported PSA asymmetric encryption and dectryption + (psa_asymmetric_[en|de]crypt) with opaque keys. + Resolves #8461. From 32294044e14cf166e77b3d4e3bbaac156700808c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Jan 2024 10:07:55 +0100 Subject: [PATCH 1370/1674] Generalize mbedtls_pk_setup_opaque beyond MBEDTLS_USE_PSA_CRYPTO It's useful in applications that want to use some PSA opaque keys regardless of whether all pk operations go through PSA. Signed-off-by: Gilles Peskine --- docs/architecture/psa-migration/psa-legacy-bridges.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index 064b7d278..738e0ab2f 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -163,7 +163,7 @@ There is a function `mbedtls_pk_setup_opaque` that mostly does this. However, it * It creates a PK key of type `MBEDTLS_PK_OPAQUE` that wraps the PSA key. This is good enough in some scenarios, but not others. For example, it's ok for pkwrite, because we've upgraded the pkwrite code to handle `MBEDTLS_PK_OPAQUE`. That doesn't help users of third-party libraries that haven't yet been upgraded. * It ties the lifetime of the PK object to the PSA key, which is error-prone: if the PSA key is destroyed but the PK object isn't, there is no way to reliably detect any subsequent misuse of the PK object. -* It is only available under `MBEDTLS_USE_PSA_CRYPTO`. (Not a priority concern: we generally expect people to activate `MBEDTLS_USE_PSA_CRYPTO` at an early stage of their migration to PSA.) +* It is only available under `MBEDTLS_USE_PSA_CRYPTO`. This is not a priority concern, since we generally expect people to activate `MBEDTLS_USE_PSA_CRYPTO` at an early stage of their migration to PSA. However, this function is useful to use specific PSA keys in X.509/TLS regardless of whether X.509/TLS use the PSA API for all cryptographic operations, so this is a wart in the current API. It therefore appears that we need two ways to “convert” a PSA key to PK: @@ -305,6 +305,8 @@ Based on the [gap analysis](#using-a-psa-key-as-a-pk-context): [ACTION] Clarify the documentation of `mbedtls_pk_setup_opaque` regarding which algorithms the resulting key will perform with `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_pk_encrypt`, `mbedtls_pk_decrypt`. +[ACTION] Provide `mbedtls_pk_setup_opaque` whenever `MBEDTLS_PSA_CRYPTO_CLIENT` is enabled, not just when `MBEDTLS_USE_PSA_CRYPTO` is enabled. This is nice-to-have, not critical. Update `use-psa-crypto.md` accordingly. + [OPEN] What about `mbedtls_pk_sign_ext` and `mbedtls_pk_verify_ext`? #### API to convert between signature formats From 89ca6c7e72b351cf63f321031b94661d7185f4fd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Jan 2024 10:08:56 +0100 Subject: [PATCH 1371/1674] typo Signed-off-by: Gilles Peskine --- docs/architecture/psa-migration/psa-legacy-bridges.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index 738e0ab2f..79b08aa14 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -290,7 +290,7 @@ int mbedtls_pk_copy_from_psa(mbedtls_svc_key_id_t key_id, * `pk` must be initialized, but not set up. * It is an error if the key is neither a key pair nor a public key. * It is an error if the key is not exportable. -* The resulting pk object has a transparent type, not `MBEDTLS_PK_OPAQUE`. That's `MBEDTLS_PK_RSA` for RSA keys (since pk objects don't use `MBEDTLS_PK_RSASSA_PSS)` as a type, and `MBEDTLS_PK_ECKEY` for ECC keys (following the example of pkparse). +* The resulting pk object has a transparent type, not `MBEDTLS_PK_OPAQUE`. That's `MBEDTLS_PK_RSA` for RSA keys (since pk objects don't use `MBEDTLS_PK_RSASSA_PSS` as a type), and `MBEDTLS_PK_ECKEY` for ECC keys (following the example of pkparse). * Once this function returns, the pk object is completely independent of the PSA key. * Calling `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_pk_encrypt`, `mbedtls_pk_decrypt` on the resulting pk context will perform an algorithm that is compatible with the PSA key's primary algorithm policy (`psa_get_key_algorithm`), but with no restriction on the hash (as if the policy had `PSA_ALG_ANY_HASH` instead of a specific hash, and with `PSA_ALG_RSA_PKCS1V15_SIGN_RAW` merged with `PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)`). For ECDSA, the choice of deterministic vs randomized will be based on the compile-time setting `MBEDTLS_ECDSA_DETERMINISTIC`, like `mbedtls_pk_sign` today. * The primary intent of this requirement is to allow an application to switch to PSA for creating the key material (for example to benefit from a PSA accelerator driver, or to start using a secure element), without modifying the code that consumes the key. For RSA keys, the PSA primary algorithm policy is how one conveys the same information as RSA key padding information in the legacy API. [ACTION] Convey this in the documentation. From 5a64c426936997fb0128635548e147af977ae1b5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Jan 2024 10:09:16 +0100 Subject: [PATCH 1372/1674] Reference ongoing work Signed-off-by: Gilles Peskine --- docs/architecture/psa-migration/psa-legacy-bridges.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index 79b08aa14..e37f50ff4 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -126,7 +126,7 @@ Since there is no algorithm that can be used with multiple types, and PSA keys h This means converting between an `mbedtls_ecp_group_id` and a pair of `{psa_ecc_family_t; size_t}`. - This is fulfilled by `mbedtls_ecc_group_to_psa` and `mbedtls_ecc_group_of_psa`, which were introduced into the public API after Mbed TLS 3.5. + This is fulfilled by `mbedtls_ecc_group_to_psa` and `mbedtls_ecc_group_from_psa`, which were introduced into the public API between Mbed TLS 3.5 and 3.6 ([#8664](https://github.com/Mbed-TLS/mbedtls/pull/8664)). * Selecting A **DHM group**. From bbff303fe13a070e630353ac3e1658f584119fe0 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 11:47:44 +0100 Subject: [PATCH 1373/1674] crypto_config: define feature macros for DH keys Signed-off-by: Valerio Setti --- include/psa/crypto_config.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h index 5bf00f402..36e937ad3 100644 --- a/include/psa/crypto_config.h +++ b/include/psa/crypto_config.h @@ -109,6 +109,12 @@ #define PSA_WANT_ECC_SECP_R1_384 1 #define PSA_WANT_ECC_SECP_R1_521 1 +#define PSA_WANT_DH_RFC7919_2048 1 +#define PSA_WANT_DH_RFC7919_3072 1 +#define PSA_WANT_DH_RFC7919_4096 1 +#define PSA_WANT_DH_RFC7919_6144 1 +#define PSA_WANT_DH_RFC7919_8192 1 + #define PSA_WANT_KEY_TYPE_DERIVE 1 #define PSA_WANT_KEY_TYPE_PASSWORD 1 #define PSA_WANT_KEY_TYPE_PASSWORD_HASH 1 From 885248c8ee824fafabd56a915ce0b941e4380631 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 17 Jan 2024 11:06:31 +0000 Subject: [PATCH 1374/1674] Add header guards Signed-off-by: Dave Rodgman --- library/ctr.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/library/ctr.h b/library/ctr.h index a6b84cdeb..aa48fb9e7 100644 --- a/library/ctr.h +++ b/library/ctr.h @@ -7,6 +7,9 @@ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ +#ifndef MBEDTLS_CTR_H +#define MBEDTLS_CTR_H + #include "common.h" /** @@ -28,3 +31,5 @@ static inline void mbedtls_ctr_increment_counter(uint8_t n[16]) } } } + +#endif /* MBEDTLS_CTR_H */ From 42a025dc9cc26e5f185e3edf6811268c7702a30c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Jan 2024 12:35:15 +0100 Subject: [PATCH 1375/1674] Reference filed issues All PK-related actions are now covered. Signed-off-by: Gilles Peskine --- docs/architecture/psa-migration/psa-legacy-bridges.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index e37f50ff4..873fc39be 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -255,7 +255,7 @@ To allow the full flexibility around policies, and make the creation of a persis This is close to the existing function `mbedtls_pk_wrap_as_opaque`, but does not bake in the implementation-specific consideration that a PSA key has exactly two algorithms, and also allows the caller to benefit from default for the policy in more cases. -[ACTION] Implement `mbedtls_pk_get_psa_attributes` and `mbedtls_pk_import_into_psa` as described below. These functions are available whenever `MBEDTLS_PK_C` and `MBEDTLS_PSA_CRYPTO_CLIENT` are both defined. Deprecate `mbedtls_pk_wrap_as_opaque`. +[ACTION] [#8708](https://github.com/Mbed-TLS/mbedtls/issues/8708) Implement `mbedtls_pk_get_psa_attributes` and `mbedtls_pk_import_into_psa` as described below. These functions are available whenever `MBEDTLS_PK_C` and `MBEDTLS_PSA_CRYPTO_CLIENT` are both defined. Deprecate `mbedtls_pk_wrap_as_opaque`. ``` int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, @@ -280,7 +280,7 @@ int mbedtls_pk_import_into_psa(const mbedtls_pk_context *pk, Based on the [gap analysis](#using-a-psa-key-as-a-pk-context): -[ACTION] Implement `mbedtls_pk_copy_from_psa` as described below. +[ACTION] [#8709](https://github.com/Mbed-TLS/mbedtls/issues/8709) Implement `mbedtls_pk_copy_from_psa` as described below. ``` int mbedtls_pk_copy_from_psa(mbedtls_svc_key_id_t key_id, @@ -293,7 +293,7 @@ int mbedtls_pk_copy_from_psa(mbedtls_svc_key_id_t key_id, * The resulting pk object has a transparent type, not `MBEDTLS_PK_OPAQUE`. That's `MBEDTLS_PK_RSA` for RSA keys (since pk objects don't use `MBEDTLS_PK_RSASSA_PSS` as a type), and `MBEDTLS_PK_ECKEY` for ECC keys (following the example of pkparse). * Once this function returns, the pk object is completely independent of the PSA key. * Calling `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_pk_encrypt`, `mbedtls_pk_decrypt` on the resulting pk context will perform an algorithm that is compatible with the PSA key's primary algorithm policy (`psa_get_key_algorithm`), but with no restriction on the hash (as if the policy had `PSA_ALG_ANY_HASH` instead of a specific hash, and with `PSA_ALG_RSA_PKCS1V15_SIGN_RAW` merged with `PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)`). For ECDSA, the choice of deterministic vs randomized will be based on the compile-time setting `MBEDTLS_ECDSA_DETERMINISTIC`, like `mbedtls_pk_sign` today. - * The primary intent of this requirement is to allow an application to switch to PSA for creating the key material (for example to benefit from a PSA accelerator driver, or to start using a secure element), without modifying the code that consumes the key. For RSA keys, the PSA primary algorithm policy is how one conveys the same information as RSA key padding information in the legacy API. [ACTION] Convey this in the documentation. + * The primary intent of this requirement is to allow an application to switch to PSA for creating the key material (for example to benefit from a PSA accelerator driver, or to start using a secure element), without modifying the code that consumes the key. For RSA keys, the PSA primary algorithm policy is how one conveys the same information as RSA key padding information in the legacy API. Convey this in the documentation. * [OPEN] How do we distinguish between signature-only and encryption-only RSA keys? Do we just allow both (e.g. a PSS key gets generalized into a PSS/OAEP key)? * [OPEN] What about `mbedtls_pk_sign_ext` and `mbedtls_pk_verify_ext`? @@ -303,9 +303,9 @@ int mbedtls_pk_copy_from_psa(mbedtls_svc_key_id_t key_id, Based on the [gap analysis](#using-a-psa-key-as-a-pk-context): -[ACTION] Clarify the documentation of `mbedtls_pk_setup_opaque` regarding which algorithms the resulting key will perform with `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_pk_encrypt`, `mbedtls_pk_decrypt`. +[ACTION] [#8712](https://github.com/Mbed-TLS/mbedtls/issues/8712) Clarify the documentation of `mbedtls_pk_setup_opaque` regarding which algorithms the resulting key will perform with `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_pk_encrypt`, `mbedtls_pk_decrypt`. -[ACTION] Provide `mbedtls_pk_setup_opaque` whenever `MBEDTLS_PSA_CRYPTO_CLIENT` is enabled, not just when `MBEDTLS_USE_PSA_CRYPTO` is enabled. This is nice-to-have, not critical. Update `use-psa-crypto.md` accordingly. +[ACTION] [#8710](https://github.com/Mbed-TLS/mbedtls/issues/8710) Provide `mbedtls_pk_setup_opaque` whenever `MBEDTLS_PSA_CRYPTO_CLIENT` is enabled, not just when `MBEDTLS_USE_PSA_CRYPTO` is enabled. This is nice-to-have, not critical. Update `use-psa-crypto.md` accordingly. [OPEN] What about `mbedtls_pk_sign_ext` and `mbedtls_pk_verify_ext`? From 7ed542e0f1aea1673f2b8bb3079c294e04777558 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 17 Jan 2024 11:39:09 +0000 Subject: [PATCH 1376/1674] Implement delayed deletion in psa_destroy_key and some cleanup Signed-off-by: Ryan Everett --- library/psa_crypto.c | 80 +++++++++++++++++++++++++++++--------------- 1 file changed, 53 insertions(+), 27 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index d15ace559..565b5e14c 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -987,18 +987,41 @@ psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot) /* * As the return error code may not be handled in case of multiple errors, - * do our best to report an unexpected amount of registered readers. - * Assert with MBEDTLS_TEST_HOOK_TEST_ASSERT that registered_readers is - * equal to one: + * do our best to report an unexpected amount of registered readers or + * an unexpected state. + * Assert with MBEDTLS_TEST_HOOK_TEST_ASSERT that the slot is valid for + * wiping. * if the MBEDTLS_TEST_HOOKS configuration option is enabled and the * function is called as part of the execution of a test suite, the * execution of the test suite is stopped in error if the assertion fails. */ - if (((slot->state == PSA_SLOT_FULL) || - (slot->state == PSA_SLOT_PENDING_DELETION)) && - (slot->registered_readers != 1)) { - MBEDTLS_TEST_HOOK_TEST_ASSERT(slot->registered_readers == 1); - status = PSA_ERROR_CORRUPTION_DETECTED; + switch (slot->state) { + case PSA_SLOT_FULL: + /* In this state psa_wipe_key_slot() must only be called if the + * caller is the last reader. */ + case PSA_SLOT_PENDING_DELETION: + /* In this state psa_wipe_key_slot() must only be called if the + * caller is the last reader. */ + if (slot->registered_readers != 1) { + MBEDTLS_TEST_HOOK_TEST_ASSERT(slot->registered_readers == 1); + status = PSA_ERROR_CORRUPTION_DETECTED; + } + break; + case PSA_SLOT_FILLING: + /* In this state registered_readers must be 0. */ + if (slot->registered_readers != 0) { + MBEDTLS_TEST_HOOK_TEST_ASSERT(slot->registered_readers == 0); + status = PSA_ERROR_CORRUPTION_DETECTED; + } + break; + case PSA_SLOT_EMPTY: + /* The slot is already empty, it cannot be wiped. */ + MBEDTLS_TEST_HOOK_TEST_ASSERT(slot->state != PSA_SLOT_EMPTY); + status = PSA_ERROR_CORRUPTION_DETECTED; + break; + default: + /* The slot's state is invalid. */ + status = PSA_ERROR_CORRUPTION_DETECTED; } /* Multipart operations may still be using the key. This is safe @@ -1028,29 +1051,25 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key) } /* - * Get the description of the key in a key slot. In case of a persistent - * key, this will load the key description from persistent memory if not - * done yet. We cannot avoid this loading as without it we don't know if + * Get the description of the key in a key slot, and register to read it. + * In the case of a persistent key, this will load the key description + * from persistent memory if not done yet. + * We cannot avoid this loading as without it we don't know if * the key is operated by an SE or not and this information is needed by - * the current implementation. - */ + * the current implementation. */ status = psa_get_and_lock_key_slot(key, &slot); if (status != PSA_SUCCESS) { return status; } - /* - * If the key slot containing the key description is under access by the - * library (apart from the present access), the key cannot be destroyed - * yet. For the time being, just return in error. Eventually (to be - * implemented), the key should be destroyed when all accesses have - * stopped. - */ - if (slot->registered_readers > 1) { - psa_unregister_read(slot); - return PSA_ERROR_GENERIC_ERROR; - } - + /* Set the key slot containing the key description's state to + * PENDING_DELETION. This stops new operations from registering + * to read the slot. Current readers can safely continue to access + * the key within the slot; the last registered reader will + * automatically wipe the slot when they call psa_unregister_read(). + * If the key is persistent, we can now delete the copy of the key + * from memory. If the key is opaque, we require the driver to + * deal with the deletion. */ slot->state = PSA_SLOT_PENDING_DELETION; if (PSA_KEY_LIFETIME_IS_READ_ONLY(slot->attr.lifetime)) { @@ -1099,6 +1118,9 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key) #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) if (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { + /* Destroy the copy of the persistent key from memory. + * The slot will still hold a copy of the key until the last reader + * unregisters. */ status = psa_destroy_persistent_key(slot->attr.id); if (overall_status == PSA_SUCCESS) { overall_status = status; @@ -1125,8 +1147,11 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key) #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ exit: - status = psa_wipe_key_slot(slot); - /* Prioritize CORRUPTION_DETECTED from wiping over a storage error */ + /* Unregister from reading the slot. If we are the last active reader + * then this will wipe the slot. */ + status = psa_unregister_read(slot); + /* Prioritize CORRUPTION_DETECTED from unregistering over + * a storage error. */ if (status != PSA_SUCCESS) { overall_status = status; } @@ -1825,6 +1850,7 @@ static void psa_fail_key_creation(psa_key_slot_t *slot, * itself. */ (void) psa_crypto_stop_transaction(); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + psa_wipe_key_slot(slot); } From 38a2b7a6a3215b2d062da23b9945bbecd889e277 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 17 Jan 2024 11:45:44 +0000 Subject: [PATCH 1377/1674] Extend psa_wipe_key_slot documentation Signed-off-by: Ryan Everett --- library/psa_crypto_core.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 376337e16..b5b9c5451 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -190,7 +190,10 @@ static inline psa_key_slot_number_t psa_key_slot_get_slot_number( * The slot has been successfully wiped. * \retval #PSA_ERROR_CORRUPTION_DETECTED * The slot's state was PSA_SLOT_FULL or PSA_SLOT_PENDING_DELETION, and - * the amount of registered readers was not equal to 1. + * the amount of registered readers was not equal to 1. Or, + * the slot's state was PSA_SLOT_EMPTY. Or, + * the slot's state was PSA_SLOT_FILLING, and the amount + * of registered readers was not equal to 0. */ psa_status_t psa_wipe_key_slot(psa_key_slot_t *slot); From 702d9f65f681f9b493c774a0fdd61ccf9e23a305 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Jan 2024 12:58:25 +0100 Subject: [PATCH 1378/1674] Resolve several open questions as nothing special to do Signed-off-by: Gilles Peskine --- .../psa-migration/psa-legacy-bridges.md | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index 873fc39be..7fe03d779 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -81,7 +81,11 @@ Based on “[Where mixing happens](#where-mixing-happens)”, we focus the gap a #### Need for error code conversion -[OPEN] Do we need public functions to convert between `MBEDTLS_ERR_xxx` error codes and `PSA_ERROR_xxx` error codes? We have such functions for internal use. +Do we need public functions to convert between `MBEDTLS_ERR_xxx` error codes and `PSA_ERROR_xxx` error codes? We have such functions for internal use. + +Mbed TLS needs these conversions because it has many functions that expose one API (legacy/API) but are implemented on top of the other API. Most applications would convert legacy and PSA error code to their own error codes, and converting between `MBEDTLS_ERR_xxx` error codes and `PSA_ERROR_xxx` is not particularly helpful for that. Application code might need such conversion functions when implementing an X.509 or TLS callback (returning `MBEDTLS_ERR_xxx`) on top of PSA functions, but this is a very limited use case. + +Conclusion: no need for public error code conversion functions. ### Hash gap analysis @@ -172,7 +176,7 @@ It therefore appears that we need two ways to “convert” a PSA key to PK: Gap: a way to copy a PSA key into a PK context. This can only be expected to work if the PSA key is exportable. -[OPEN] Is `mbedtls_pk_setup_opaque` ok or do we want to tweak it? +After some discussion, have not identified anything we want to change in the behavior of `mbedtls_pk_setup_opaque`. We only want to generalize it to non-`MBEDTLS_USE_PSA_CRYPTO` and to document it better. #### Signature formats @@ -238,6 +242,7 @@ Based on the [gap analysis](#asymmetric-cryptography-metadata): * No further work is needed about ECC specifically. We have just added adequate functions. * No further work is needed about DHM specifically. There is no good way to translate the relevant information. * [OPEN] Is there a decent way to convert between `mbedtls_pk_type_t` plus extra information, and `psa_key_type_t` plus policy information? The two APIs are different in crucial ways, with different splits between key type, policy information and operation algorithm. + Thinking so far: there isn't really a nice way to present this conversion. For a specific key, `mbedtls_pk_get_psa_attributes` and `mbedtls_pk_copy_from_psa` do the job. #### API to create a PSA key from a PK context @@ -292,12 +297,10 @@ int mbedtls_pk_copy_from_psa(mbedtls_svc_key_id_t key_id, * It is an error if the key is not exportable. * The resulting pk object has a transparent type, not `MBEDTLS_PK_OPAQUE`. That's `MBEDTLS_PK_RSA` for RSA keys (since pk objects don't use `MBEDTLS_PK_RSASSA_PSS` as a type), and `MBEDTLS_PK_ECKEY` for ECC keys (following the example of pkparse). * Once this function returns, the pk object is completely independent of the PSA key. -* Calling `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_pk_encrypt`, `mbedtls_pk_decrypt` on the resulting pk context will perform an algorithm that is compatible with the PSA key's primary algorithm policy (`psa_get_key_algorithm`), but with no restriction on the hash (as if the policy had `PSA_ALG_ANY_HASH` instead of a specific hash, and with `PSA_ALG_RSA_PKCS1V15_SIGN_RAW` merged with `PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)`). For ECDSA, the choice of deterministic vs randomized will be based on the compile-time setting `MBEDTLS_ECDSA_DETERMINISTIC`, like `mbedtls_pk_sign` today. +* Calling `mbedtls_pk_sign`, `mbedtls_pk_verify`, `mbedtls_pk_encrypt`, `mbedtls_pk_decrypt` on the resulting pk context will perform an algorithm that is compatible with the PSA key's primary algorithm policy (`psa_get_key_algorithm`) if that is a matching operation type (sign/verify, encrypt/decrypt), but with no restriction on the hash (as if the policy had `PSA_ALG_ANY_HASH` instead of a specific hash, and with `PSA_ALG_RSA_PKCS1V15_SIGN_RAW` merged with `PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)`). + * For ECDSA, the choice of deterministic vs randomized will be based on the compile-time setting `MBEDTLS_ECDSA_DETERMINISTIC`, like `mbedtls_pk_sign` today. + * For an RSA key, the output key will allow both encrypt/decrypt and sign/verify regardless of the original key's policy. The original key's policy determines the output key's padding mode. * The primary intent of this requirement is to allow an application to switch to PSA for creating the key material (for example to benefit from a PSA accelerator driver, or to start using a secure element), without modifying the code that consumes the key. For RSA keys, the PSA primary algorithm policy is how one conveys the same information as RSA key padding information in the legacy API. Convey this in the documentation. - * [OPEN] How do we distinguish between signature-only and encryption-only RSA keys? Do we just allow both (e.g. a PSS key gets generalized into a PSS/OAEP key)? - * [OPEN] What about `mbedtls_pk_sign_ext` and `mbedtls_pk_verify_ext`? - -[OPEN] Should there be a way to use a different algorithm? This can be resolved by `psa_copy_key` on the input to tweak the policy if needed. #### API to create a PK object that wraps a PSA key From d5b04a0c639f7f148f33c3e224b0731fea3f1dc0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Jan 2024 14:29:21 +0100 Subject: [PATCH 1379/1674] Add a usage parameter to mbedtls_pk_get_psa_attributes Let the user specify whether to use the key as a sign/verify key, an encrypt/decrypt key or a key agreement key. Also let the user indicate if they just want the public part when the input is a key pair. Based on a discussion in https://github.com/Mbed-TLS/mbedtls/pull/8682#discussion_r1444936480 Signed-off-by: Gilles Peskine --- .../psa-migration/psa-legacy-bridges.md | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index 7fe03d779..3039968b3 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -264,6 +264,7 @@ This is close to the existing function `mbedtls_pk_wrap_as_opaque`, but does not ``` int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, + psa_key_usage_flags_t usage, psa_key_attributes_t *attributes); int mbedtls_pk_import_into_psa(const mbedtls_pk_context *pk, const psa_key_attributes_t *attributes, @@ -271,11 +272,21 @@ int mbedtls_pk_import_into_psa(const mbedtls_pk_context *pk, ``` * `mbedtls_pk_get_psa_attributes` does not change the id/lifetime fields of the attributes (which indicate a volatile key by default). + * [OPEN] Or should it reset them to 0? Resetting is more convenient for the case where the pk key is a `MBEDTLS_PK_OPAQUE`. But that's an uncommon use case. It's probably less surprising if this function leaves the lifetime-related alone, since its job is to set the type-related and policy-related attributes. * `mbedtls_pk_get_psa_attributes` sets the type and size based on what's in the pk context. - * The key type is a key pair if the context contains a private key, and a public key if the context only contains a public key. -* `mbedtls_pk_get_psa_attributes` sets all the potentially applicable usage flags: `EXPORT`, `COPY`; `VERIFY_HASH | VERIFY_MESSAGE` or `ENCRYPT` as applicable for both public keys and key pairs; `SIGN` or `DECRYPT` as applicable for a key pair. -* [OPEN] What is the default algorithm for `mbedtls_pk_get_psa_attributes`? Suggestion: assume signature by default. For RSA, either `PSA_RSA_PKCS1_V15_SIGN(PSA_ALG_ANY_HASH)` or `PSA_ALG_RSA_PSS(hash_alg)` depending on the RSA context's padding mode. For ECC, `PSA_ALG_DETERMINISTIC_ECDSA` if `MBEDTLS_ECDSA_DETERMINISTIC` is enabled and `PSA_ALG_ECDSA` otherwise. -* [OPEN] Or does `mbedtls_pk_get_psa_attributes` need an extra argument that conveys some kind of policy for RSA keys and, independently, some kind of policy for ECC keys? + * The key type is a key pair if the context contains a private key and the indicated usage is a private-key usage. The key type is a public key if the context only contains a public key, in which case a private-key usage is an error. +* `mbedtls_pk_get_psa_attributes` sets the usage flags based on the `usage` parameter. It extends the usage to other usage that is possible: + * `EXPORT` and `COPY` are always set. + * If `SIGN_{HASH,MESSAGE}` is set then so is `VERIFY_{HASH,MESSAGE}`. + * If `DECRYPT` is set then so is `ENCRYPT`. + * It is an error if `usage` has more than one flag set, or has a usage that is incompatible with the key type. +* `mbedtls_pk_get_psa_attributes` sets the algorithm usage policy based on information in the key object and on `usage`. + * For an RSA key with the `MBEDTLS_RSA_PKCS_V15` padding mode, the algorithm policy is `PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH)` for a sign/verify usage, and `PSA_ALG_RSA_PKCS1V15_CRYPT` for an encrypt/decrypt usage. + * For an RSA key with the `MBEDTLS_RSA_PKCS_V15` padding mode, the algorithm policy is `PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH)` for a sign/verify usage, and `PSA_ALG_RSA_OAEP(hash)` for an encrypt/decrypt usage where `hash` is from the RSA key's parameters. (Note that `PSA_ALG_ANY_HASH` is only allowed in signature algorithms.) + * For an `MBEDTLS_PK_ECKEY` or `MBEDTLS_PK_ECDSA` with a sign/verify usage, the algorithm policy is `PSA_ALG_DETERMINISTIC_ECDSA` if `MBEDTLS_ECDSA_DETERMINISTIC` is enabled and `PSA_ALG_ECDSA` otherwise. In either case, the hash policy is `PSA_ALG_ANY_HASH`. + * For an `MBEDTLS_PK_ECKEY` or `MBEDTLS_PK_ECDKEY_DH` with the usage `PSA_KEY_USAGE_DERIVE`, the algorithm is `PSA_ALG_ECDH`. + * For a `MBEDTLS_PK_OPAQUE`, this function reads the attributes of the existing PK key and copies them (without overriding the lifetime and key identifier in `attributes`), then applies a public-key restriction if needed. + * Public-key restriction: if `usage` is a public-key usage, change the type to the corresponding public-key type, and remove private-key usage flags from the usage flags read from the existing key. * `mbedtls_pk_import_into_psa` checks that the type field in the attributes is consistent with the content of the `mbedtls_pk_context` object (RSA/ECC, and availability of the private key). * The key type can be a public key even if the private key is available. * `mbedtls_pk_import_into_psa` does not need to check the bit-size in the attributes: `psa_import_key` will do enough checks. From dd77343381161e09a63b4694001da3957e27d3a7 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Jan 2024 14:33:32 +0100 Subject: [PATCH 1380/1674] Open question for ECDSA signature that can be resolved during implementation Signed-off-by: Gilles Peskine --- docs/architecture/psa-migration/psa-legacy-bridges.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index 3039968b3..fb0070597 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -339,3 +339,5 @@ int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, * These functions convert between the signature format used by `mbedtls_pk_{sign,verify}{,_ext}` and the signature format used by `psa_{sign,verify}_{hash,message}`. * The input and output buffers can overlap. + +[OPEN] Should these functions rely on the ASN.1 module? To be decided when implementing. From 4a0ba80bdbf9b2ef1f44071cdabc733962870d69 Mon Sep 17 00:00:00 2001 From: Ryan Everett <144035422+Ryan-Everett-arm@users.noreply.github.com> Date: Wed, 17 Jan 2024 14:12:33 +0000 Subject: [PATCH 1381/1674] Clarify psa_destroy_key documentation Co-authored-by: Janos Follath Signed-off-by: Ryan Everett <144035422+Ryan-Everett-arm@users.noreply.github.com> --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 565b5e14c..56265c197 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1118,7 +1118,7 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key) #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) if (!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) { - /* Destroy the copy of the persistent key from memory. + /* Destroy the copy of the persistent key from storage. * The slot will still hold a copy of the key until the last reader * unregisters. */ status = psa_destroy_persistent_key(slot->attr.id); From fecef8bc8ed50051463a901f544c02095a9f72ca Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 12:06:40 +0100 Subject: [PATCH 1382/1674] config_adjust: fix adjustments between legacy and PSA Signed-off-by: Valerio Setti --- .../mbedtls/config_adjust_legacy_from_psa.h | 35 +++++++++++++++++++ .../mbedtls/config_adjust_psa_from_legacy.h | 11 +++++- 2 files changed, 45 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index 691fed6e5..3d2293d34 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -440,6 +440,41 @@ /* End of ECC section */ +#if defined(PSA_WANT_DH_RFC7919_2048) +#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048) +#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 1 +#define MBEDTLS_DHM_C +#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 */ +#endif /* PSA_WANT_DH_RFC7919_2048 */ + +#if defined(PSA_WANT_DH_RFC7919_3072) +#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072) +#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 1 +#define MBEDTLS_DHM_C +#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 */ +#endif /* PSA_WANT_DH_RFC7919_3072 */ + +#if defined(PSA_WANT_DH_RFC7919_4096) +#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096) +#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 1 +#define MBEDTLS_DHM_C +#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 */ +#endif /* PSA_WANT_DH_RFC7919_4096 */ + +#if defined(PSA_WANT_DH_RFC7919_6144) +#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144) +#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 1 +#define MBEDTLS_DHM_C +#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 */ +#endif /* PSA_WANT_DH_RFC7919_6144 */ + +#if defined(PSA_WANT_DH_RFC7919_8192) +#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192) +#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 1 +#define MBEDTLS_DHM_C +#endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 */ +#endif /* PSA_WANT_DH_RFC7919_8192 */ + #if defined(PSA_WANT_ALG_FFDH) #if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) #define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1 diff --git a/include/mbedtls/config_adjust_psa_from_legacy.h b/include/mbedtls/config_adjust_psa_from_legacy.h index b841875cf..345661594 100644 --- a/include/mbedtls/config_adjust_psa_from_legacy.h +++ b/include/mbedtls/config_adjust_psa_from_legacy.h @@ -81,13 +81,22 @@ #define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 #define PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY 1 #define PSA_WANT_ALG_FFDH 1 -#define PSA_WANT_DH_FAMILY_RFC7919 1 +#define PSA_WANT_DH_RFC7919_2048 1 +#define PSA_WANT_DH_RFC7919_3072 1 +#define PSA_WANT_DH_RFC7919_4096 1 +#define PSA_WANT_DH_RFC7919_6144 1 +#define PSA_WANT_DH_RFC7919_8192 1 #define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1 +#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 1 +#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 1 +#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 1 +#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 1 +#define MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 1 #endif /* MBEDTLS_DHM_C */ #if defined(MBEDTLS_GCM_C) From 4ed8daa929c9ccf6a401fb39caa8c41c31154a35 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 12:16:14 +0100 Subject: [PATCH 1383/1674] psa_crypto_ffdh: add guards for enabled domain parameters Signed-off-by: Valerio Setti --- library/psa_crypto_ffdh.c | 36 ++++++++++++++++++++++++++++-------- 1 file changed, 28 insertions(+), 8 deletions(-) diff --git a/library/psa_crypto_ffdh.c b/library/psa_crypto_ffdh.c index a57f02e5e..6cc086ef6 100644 --- a/library/psa_crypto_ffdh.c +++ b/library/psa_crypto_ffdh.c @@ -35,58 +35,78 @@ static psa_status_t mbedtls_psa_ffdh_set_prime_generator(size_t key_size, return PSA_ERROR_INVALID_ARGUMENT; } +#if defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048) static const unsigned char dhm_P_2048[] = MBEDTLS_DHM_RFC7919_FFDHE2048_P_BIN; - static const unsigned char dhm_P_3072[] = - MBEDTLS_DHM_RFC7919_FFDHE3072_P_BIN; - static const unsigned char dhm_P_4096[] = - MBEDTLS_DHM_RFC7919_FFDHE4096_P_BIN; - static const unsigned char dhm_P_6144[] = - MBEDTLS_DHM_RFC7919_FFDHE6144_P_BIN; - static const unsigned char dhm_P_8192[] = - MBEDTLS_DHM_RFC7919_FFDHE8192_P_BIN; static const unsigned char dhm_G_2048[] = MBEDTLS_DHM_RFC7919_FFDHE2048_G_BIN; +#endif /* MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 */ +#if defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072) + static const unsigned char dhm_P_3072[] = + MBEDTLS_DHM_RFC7919_FFDHE3072_P_BIN; static const unsigned char dhm_G_3072[] = MBEDTLS_DHM_RFC7919_FFDHE3072_G_BIN; +#endif /* MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 */ +#if defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096) + static const unsigned char dhm_P_4096[] = + MBEDTLS_DHM_RFC7919_FFDHE4096_P_BIN; static const unsigned char dhm_G_4096[] = MBEDTLS_DHM_RFC7919_FFDHE4096_G_BIN; +#endif /* MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 */ +#if defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144) + static const unsigned char dhm_P_6144[] = + MBEDTLS_DHM_RFC7919_FFDHE6144_P_BIN; static const unsigned char dhm_G_6144[] = MBEDTLS_DHM_RFC7919_FFDHE6144_G_BIN; +#endif /* MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 */ +#if defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192) + static const unsigned char dhm_P_8192[] = + MBEDTLS_DHM_RFC7919_FFDHE8192_P_BIN; static const unsigned char dhm_G_8192[] = MBEDTLS_DHM_RFC7919_FFDHE8192_G_BIN; +#endif /* MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 */ switch (key_size) { +#if defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048) case sizeof(dhm_P_2048): dhm_P = dhm_P_2048; dhm_G = dhm_G_2048; dhm_size_P = sizeof(dhm_P_2048); dhm_size_G = sizeof(dhm_G_2048); break; +#endif /* MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 */ +#if defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072) case sizeof(dhm_P_3072): dhm_P = dhm_P_3072; dhm_G = dhm_G_3072; dhm_size_P = sizeof(dhm_P_3072); dhm_size_G = sizeof(dhm_G_3072); break; +#endif /* MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 */ +#if defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096) case sizeof(dhm_P_4096): dhm_P = dhm_P_4096; dhm_G = dhm_G_4096; dhm_size_P = sizeof(dhm_P_4096); dhm_size_G = sizeof(dhm_G_4096); break; +#endif /* MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 */ +#if defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144) case sizeof(dhm_P_6144): dhm_P = dhm_P_6144; dhm_G = dhm_G_6144; dhm_size_P = sizeof(dhm_P_6144); dhm_size_G = sizeof(dhm_G_6144); break; +#endif /* MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 */ +#if defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192) case sizeof(dhm_P_8192): dhm_P = dhm_P_8192; dhm_G = dhm_G_8192; dhm_size_P = sizeof(dhm_P_8192); dhm_size_G = sizeof(dhm_G_8192); break; +#endif /* MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 */ default: return PSA_ERROR_INVALID_ARGUMENT; } From de504130090b952e3eb4e95522b057b36fb32ca0 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 12:21:55 +0100 Subject: [PATCH 1384/1674] crypto_sizes: adjust PSA_VENDOR_FFDH_MAX_KEY_BITS based on the supported groups Signed-off-by: Valerio Setti --- include/psa/crypto_sizes.h | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h index 836c28cc2..635ee98f8 100644 --- a/include/psa/crypto_sizes.h +++ b/include/psa/crypto_sizes.h @@ -224,10 +224,20 @@ #endif /* The maximum size of an DH key on this implementation, in bits. - * - * Note that an implementation may set different size limits for different - * operations, and does not need to accept all key sizes up to the limit. */ + * This is a vendor-specific macro.*/ +#if defined(PSA_WANT_DH_RFC7919_8192) #define PSA_VENDOR_FFDH_MAX_KEY_BITS 8192u +#elif defined(PSA_WANT_DH_RFC7919_6144) +#define PSA_VENDOR_FFDH_MAX_KEY_BITS 6144u +#elif defined(PSA_WANT_DH_RFC7919_4096) +#define PSA_VENDOR_FFDH_MAX_KEY_BITS 4096u +#elif defined(PSA_WANT_DH_RFC7919_3072) +#define PSA_VENDOR_FFDH_MAX_KEY_BITS 3072u +#elif defined(PSA_WANT_DH_RFC7919_2048) +#define PSA_VENDOR_FFDH_MAX_KEY_BITS 2048u +#else +#define PSA_VENDOR_FFDH_MAX_KEY_BITS 0u +#endif /* The maximum size of an ECC key on this implementation, in bits. * This is a vendor-specific macro. */ From ecaf7c5690b7a82e73f8803b04fb9c2266451d65 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 12:30:30 +0100 Subject: [PATCH 1385/1674] ssl_tls: add guards for enabled DH key types Signed-off-by: Valerio Setti --- library/ssl_tls13_generic.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 47fa65c18..a20e28a2c 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -1539,26 +1539,36 @@ static psa_status_t mbedtls_ssl_get_psa_ffdh_info_from_tls_id( uint16_t tls_id, size_t *bits, psa_key_type_t *key_type) { switch (tls_id) { +#if defined(PSA_WANT_DH_RFC7919_2048) case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048: *bits = 2048; *key_type = PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919); return PSA_SUCCESS; +#endif /* PSA_WANT_DH_RFC7919_2048 */ +#if defined(PSA_WANT_DH_RFC7919_3072) case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072: *bits = 3072; *key_type = PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919); return PSA_SUCCESS; +#endif /* PSA_WANT_DH_RFC7919_3072 */ +#if defined(PSA_WANT_DH_RFC7919_4096) case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096: *bits = 4096; *key_type = PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919); return PSA_SUCCESS; +#endif /* PSA_WANT_DH_RFC7919_4096 */ +#if defined(PSA_WANT_DH_RFC7919_6144) case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144: *bits = 6144; *key_type = PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919); return PSA_SUCCESS; +#endif /* PSA_WANT_DH_RFC7919_6144 */ +#if defined(PSA_WANT_DH_RFC7919_8192) case MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192: *bits = 8192; *key_type = PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919); return PSA_SUCCESS; +#endif /* PSA_WANT_DH_RFC7919_8192 */ default: return PSA_ERROR_NOT_SUPPORTED; } From e8683ce9eff13f054d602e9c60023f09420e9396 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 12:34:06 +0100 Subject: [PATCH 1386/1674] ssl_test_lib: add guards for enabled DH groups Signed-off-by: Valerio Setti --- programs/ssl/ssl_test_lib.c | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/programs/ssl/ssl_test_lib.c b/programs/ssl/ssl_test_lib.c index b49dd67c2..650fbfb1e 100644 --- a/programs/ssl/ssl_test_lib.c +++ b/programs/ssl/ssl_test_lib.c @@ -515,17 +515,31 @@ static const struct { #endif #if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED) && \ defined(PSA_WANT_ALG_FFDH) +#if defined(PSA_WANT_DH_RFC7919_2048) { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048, "ffdhe2048", 1 }, - { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072, "ffdhe3072", 1 }, - { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096, "ffdhe4096", 1 }, - { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144, "ffdhe6144", 1 }, - { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192, "ffdhe8192", 1 }, -#else +#else /* PSA_WANT_DH_RFC7919_2048 */ { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE2048, "ffdhe2048", 0 }, +#endif /* PSA_WANT_DH_RFC7919_2048 */ +#if defined(PSA_WANT_DH_RFC7919_3072) + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072, "ffdhe3072", 1 }, +#else /* PSA_WANT_DH_RFC7919_3072 */ { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE3072, "ffdhe3072", 0 }, +#endif /* PSA_WANT_DH_RFC7919_3072 */ +#if defined(PSA_WANT_DH_RFC7919_4096) + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096, "ffdhe4096", 1 }, +#else /* PSA_WANT_DH_RFC7919_4096 */ { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE4096, "ffdhe4096", 0 }, +#endif /* PSA_WANT_DH_RFC7919_4096 */ +#if defined(PSA_WANT_DH_RFC7919_6144) + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144, "ffdhe6144", 1 }, +#else /* PSA_WANT_DH_RFC7919_6144 */ { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE6144, "ffdhe6144", 0 }, +#endif /* PSA_WANT_DH_RFC7919_6144 */ +#if defined(PSA_WANT_DH_RFC7919_8192) + { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192, "ffdhe8192", 1 }, +#else /* PSA_WANT_DH_RFC7919_8192 */ { MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192, "ffdhe8192", 0 }, +#endif /* PSA_WANT_DH_RFC7919_8192 */ #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_EPHEMERAL_ENABLED && PSA_WANT_ALG_FFDH */ { 0, NULL, 0 }, }; From 504a10254c3867d3241052e251a4820e2580d92e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 15:19:30 +0100 Subject: [PATCH 1387/1674] psa_crypto: do not validate DH groups which are not enabled Signed-off-by: Valerio Setti --- library/psa_crypto.c | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a8baa6b6f..917375778 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -129,12 +129,30 @@ int psa_can_do_cipher(psa_key_type_t key_type, psa_algorithm_t cipher_alg) defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) static int psa_is_dh_key_size_valid(size_t bits) { - if (bits != 2048 && bits != 3072 && bits != 4096 && - bits != 6144 && bits != 8192) { - return 0; + switch (bits) { +#if defined(PSA_WANT_DH_RFC7919_2048) + case 2048: + return 1; +#endif /* PSA_WANT_DH_RFC7919_2048 */ +#if defined(PSA_WANT_DH_RFC7919_3072) + case 3072: + return 1; +#endif /* PSA_WANT_DH_RFC7919_3072 */ +#if defined(PSA_WANT_DH_RFC7919_4096) + case 4096: + return 1; +#endif /* PSA_WANT_DH_RFC7919_4096 */ +#if defined(PSA_WANT_DH_RFC7919_6144) + case 6144: + return 1; +#endif /* PSA_WANT_DH_RFC7919_6144 */ +#if defined(PSA_WANT_DH_RFC7919_8192) + case 8192: + return 1; +#endif /* PSA_WANT_DH_RFC7919_8192 */ + default: + return 0; } - - return 1; } #endif /* MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT || MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY || @@ -577,7 +595,7 @@ psa_status_t psa_import_key_into_slot( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY) if (PSA_KEY_TYPE_IS_DH(type)) { if (psa_is_dh_key_size_valid(PSA_BYTES_TO_BITS(data_length)) == 0) { - return PSA_ERROR_INVALID_ARGUMENT; + return PSA_ERROR_NOT_SUPPORTED; } return mbedtls_psa_ffdh_import_key(attributes, data, data_length, From 6bed64ec75599106f9aff9326f1a2d8080b15bde Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 15:21:44 +0100 Subject: [PATCH 1388/1674] all.sh: add new component with only DH 2048 bits. Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 44930d28b..0b2a36aa3 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2374,6 +2374,26 @@ component_test_depends_py_pkalgs_psa () { tests/scripts/depends.py pkalgs } +component_test_psa_crypto_config_ffdh_2048_only () { + msg "build: full config - only DH 2048" + + scripts/config.py full + + # Disable all DH groups other than 2048. + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_DH_RFC7919_3072 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_DH_RFC7919_4096 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_DH_RFC7919_6144 + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_DH_RFC7919_8192 + + make CFLAGS="$ASAN_CFLAGS -Werror" LDFLAGS="$ASAN_CFLAGS" + + msg "test: full config - only DH 2048" + make test + + msg "ssl-opt: full config - only DH 2048" + tests/ssl-opt.sh -f "ffdh" +} + component_build_no_pk_rsa_alt_support () { msg "build: !MBEDTLS_PK_RSA_ALT_SUPPORT" # ~30s From 48a847afb7d34b26050904fc3155a55852e45cb4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 15:22:47 +0100 Subject: [PATCH 1389/1674] tests: add guards for DH groups Signed-off-by: Valerio Setti --- scripts/mbedtls_dev/psa_information.py | 2 +- tests/suites/test_suite_psa_crypto.data | 132 ++++++++++++------------ 2 files changed, 67 insertions(+), 67 deletions(-) diff --git a/scripts/mbedtls_dev/psa_information.py b/scripts/mbedtls_dev/psa_information.py index b21a0cfc2..60803864f 100644 --- a/scripts/mbedtls_dev/psa_information.py +++ b/scripts/mbedtls_dev/psa_information.py @@ -82,7 +82,7 @@ def automatic_dependencies(*expressions: str) -> List[str]: """ used = set() for expr in expressions: - used.update(re.findall(r'PSA_(?:ALG|ECC_FAMILY|KEY_TYPE)_\w+', expr)) + used.update(re.findall(r'PSA_(?:ALG|ECC_FAMILY|DH_FAMILY|KEY_TYPE)_\w+', expr)) used.difference_update(SYMBOLS_WITHOUT_DEPENDENCY) return sorted(psa_want_symbol(name) for name in used) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1bd8b6500..b1bc67834 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -507,167 +507,167 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:P import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:0:PSA_SUCCESS:0 PSA import/export FFDH RFC7919 2048 key pair: good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_2048 import_export:"2A45292441157B3C25572F76A5CDF960A7BDBF06731D783C5BF8920FB94CCC3D5DCCF86A3CB66B4E3AEDD23106222458ACF3F72C753CB67C2E19AD399566866FEBC16C3B4DC72773B4709047AE1AEC2D9107C2041B06B86A8F604465B26E0E753D6B10772798B3797232D950A36F2D4B33B04B36DE73AC6B8A7365015DF5745A1F892728B0CA947702C36E3BC646E72E23E80C345DBB014B7F93B36C80B4051F9A716D19B980861E86D62977466565462FBD3C1BB4EFD630DCCBEB351A7FA95602B7FE23903C7C7DC999950493BEC028AC42346858FAD969452DCF1DE9AD445F7F928D63B75FA86E8C1D722AB242D91995D3545A1791D72B0F384E74B45C7C01":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:2048:0:PSA_SUCCESS:1 PSA import/export FFDH RFC7919 2048 public key: good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_2048 import_export:"2898897F34E672DAE8E629C6AD5D525A8ECCF88CEEB2F7D456DBC726D4E4A473A57F530BB6A7A67D58A560C2FDF51C9E4826DB48F408150CEAFBD32766C03D277D611139AA9F4017B0125EEA089ECD906EA0854AC0A435507DEC05C3CF2F37F98ED987E13E4795BB44051F231753C9BA3023D1A9E969FD98AC21091F704F6AD5B49B2F95DE7FA0CC1B6D9FC1DAD308EB2D1B021D8EA99959BD0BBA3CD5AD33C4B4A608A74B42B6C0342CBCFE3F41ED0752389D7A982DE512514EEC4C6D1165D3C52485A02EF310E2A4C0B5197FADE3D6F768E81AA01926FEAE92040706A621676200F6F80B51D0B4CAC38A406778D81EF3CB68EAC2E9DC06ED8E47363CE260E0":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:2048:0:PSA_SUCCESS:1 PSA import/export FFDH RFC7919 3072 key pair: good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_3072 import_export:"A13B0B091871DE0F21FA9031BFFB6F37C485F0553B0468169A04AC0E2710185C9D8B5C5FB01C2846CEBA007298CB0F208DA2CF551C5098281EB4490647B733636EE14F6F4540EA05434AC258090A575D10EF9523AA4B545D27851878FAA04361D9412E3B55645A52BE03EE2E6DF0F83DBA295363E68F7307B5A19E205B655E6CFE005217D69B2F521A61CE23C286426D11A09768B5657A32E9965A49AE2BF4476582A278B7515B3B46F70368F324724ED4A1F36364AB4D6E3ADCA53142834353A9EB37747D26680A4B8D9A30BADACD172872BC677212B328B47B117901B4EA22C8760D7B727FFF276FA4E36082A0605E590F732F24468201DD05BF4A5710C546FAE1B153F8668D6E1A9707340B82493CADCC0721032E627DB9AD3D04124FAA19BB7FBD38FFA4416C05741C688F21B11C63508F5A3F50C219D1A4F46F0D3CC74EBD762A241C328F20C7169566E5E8E60B8F4442497B92A65FE69CD12E57BB4F44ED11A6075541B50FD95BB0224621193779873711B6616F6D9E31DE7D7369E963":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:3072:0:PSA_SUCCESS:1 PSA import/export FFDH RFC7919 3072 public key: good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_3072 import_export:"57214B78F3045CA8996F024B97AFCE32F3B8D24A0F1A6E37F83559C3B07270F830D9EEB40E22BE7D53C8215832C024DF8602815D087CFD546392EC338C2683FF2329BEA2236E94184037284C8A8FE6DC9F56BBEC47C887953FE2AF8700A96ED13B1DD50EA7065C2D102DE1CF037699C47A3A96CC561C5B7E1D5DCE028BB8CEB15EC9B6A8D7E12224B95D893DA596B0C198C0E07C566C7A008C2F260D358DA9D2C2EFD7182B6B03501321408791769D567FC61BE2F9BEF8D58A82AEEA857F088FF89075B0263074FF403EA94673AA2C4728ED966B23BDEB1A240BBEE9343548E02755579FFB158F9BBB11525C5081C0681A969BC6D828F74CF577FA27AEA68A5E56E8505688653590CB9CAA5D76B40BD113764141E1DD7BB09A24023C0EDE10D2C8826FACCD4EC7B2896FE6F2A1E9925C0DFBEB48A4501D57B23A2F6624772664472B5FA76AD952EEE3AABEE33897324DA167ABCD13504F85114A57CA038629437333F6B2D93F8776C8B4ACED82696BEFBE802B3281A2E1FB32A940A4A714C853":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:3072:0:PSA_SUCCESS:1 PSA import/export FFDH RFC7919 4096 key pair: good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_4096 import_export:"46EEB441AF38234285F3ED05BC650E370B051170543816366235B4460F6A45736145651F383B4C14AED4BC6E4A08AA1AFBEFBA457C2669362EFBF459F1447A64C25A502F8121362FF68D144BCE30592511FD902DD6338315447C21055DD9BC7AA8348445AF1E9B0C5B970500DABC792C004C897F32FD592CD383DC0B463A3E41E1357D6E5877CA1102A04C78EC3A8E5EACAFE04764D5003FFCA4D3510DF545679C104D53AA79904057FDEF019700081926A0F97686F8E45B8845827DE9FA4926071A1B0B7FD39648B72BA34B1917AC3855071A5EFCA7C45076F06833FD3B9E23ABC65F5DD1876E33D7F81750AB12E95C0385C85FAA7CF45BF14C271EE4BA454E02F4BE6DF3EC7316D0F5D32CAEA39F3558C27455CC9AA77EBC98E51CF4D2C1287714383F1396D51E8CD3C9419DB43136998EBA7A14194C3F86AF7B5CA1A8D50593ECE2073EDB1E28BABF813EE9F3FC653A83E37830B0EA71E62F9B09E549435601385925BE28B359915C2C3304BD210568A5A73582A95351E87767536B9966237696C767B86D3B00193D0659CE583C3D8508E37ED5D5EB75C22BFE65FC1C1B3EE96BC1144EFFC72799D14C7482FA7B0F631814672081C85023A35115F604F76E5E5CE778DD62D353DFF8F35498DFCA710D13BE45C6288F5E7D290E480E4B176B845142380E863A7B12083970ECF6E96D912F8E4CFA7FA0435790501107C65533":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:4096:0:PSA_SUCCESS:1 PSA import/export FFDH RFC7919 4096 public key: good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_4096 import_export:"BF50F1FDD8B6B5332047A808088E669F06D6CA71A59CB7CA9FB48EB47E1F179C531B15382D2D0382D18CD77E1A517BAA4175D59795898DABECCA469981E4C69EBC62B35936791F6B03E37EF39945B80503113C97474967AB4832EBD7E30ED4EFA47B49080D69B88FD7BD33847B7E6A7D0024AAD08C829CDAA44EC7C6E4013E6321DD64975E323A9779EE99FA7B210232F20B198A3AB6A0FAC525785777A084AB71EB58367C04FE456EA3EF260C1091FDC94781485784D110CB0EBCF4ADE74FBED11D59FC53CD66B3743603B06587DC47D4DBBE46CAABA2EA3190D0D859D3B5B8AC604F069D178E551E85AC26AD2BEBD22A27E9D517DEF70DBE15ECB5679881D522228377BDFDAC76677B4AEC68853EBA16D72087184ECA46DB62D4DCAADFDB9BF0029CD6C7711DD94ADEC835FE7145F371DAE027711DAC6820720CDFA2A61C97CFE84576B8C462A1FBA5C15F4E3AB55E10285A4F64B7124ECFEB5F517A065A0F1F8D7AA0E5189BDE525A34E7B17B78F15BECCD02CFF8AFB3DDFCF8809B6FD34683D7E87F3810C9658F1A4BD8495C163FB2F012E82CF22183361ABE0035C9A974386DF07886348BFA1F69BA35A77E3903741B9BF8B300D4BF67AB4A25D26EF8ECBD8965A398A2D38538C6BF59636622A404DCA0CCABE06395D209E24FE9DE738152E3A049FADEF4FE9585F84197383DF7AAC40DE842B2333A4C29855C25D40B3B":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:4096:0:PSA_SUCCESS:1 PSA import/export FFDH RFC7919 6144 key pair: good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_6144 import_export:"E4012A5FD17FB739867A475501A75212E2C1DA5376693759A1B5FC1523927D0DBF907037232C43416B4AA925D65A154FC1E13F72C7643E431C480A7799F09F66F8CA816E66E82E75B79A6D2C4DB6CB6D7532B020FBC69D7BBE80881A7778C66BEFD4F01450BD8E1DA05FFB59D8331C6E3281E67EDF3EF557A5800D4C1683105EB0BEAC112BFB5421172A637092808765A1648C7AB8DF5F06B612057360F5FC31DB0BA347215DAE18375012019CEDE239E8C1EC5B53981C7835DE8220E18C6E4AB9804B6DEC78F04C2E433A382FB3FB0DE73F8E48ECC3C252A62BC279D6147F5D3D815170468BBD53AF489B4B6F02386F25CAB22B54C9A8178585484DD5885F3D7FC4FD389DAFAB3D6809E72220298A33558F0B441E1CEC15811E8765319BAE0B3F799A2EB86E9966CD889145273B870A0B07B65E0367146608C8F554C587014CEFDF0433370B300DF43AFD59D71F937B23CFF25F9A66BF53AD34125960504450E0F17C275C7DAD24CF527C3F05BC2F53B046563C55D8C40CDA448F102F0B5475F287704A424E76335034DE2847177C0E606A6249D152650E78B22A1A9FE3FC7789C1FE74463BBC5FC71E840294C8B45349A2D045CFE679575950B61F3882D57806F2A9644D8BB3790FA268742AC19C44E7F1724DBDD67A4D8A11E114C7E3EF74195428725A645D54CC9F1F48CA9A7E2EAF3C2261A7E4AE58F9A5D223A1C4922BE932250C49DAB04CE8DB0E3A4A9D87551A2D165B618E3954E980844DA3EE1450A7C9F533B09F085038B7C923F06BC679808682279107804328EE9B7286782C0CDF92333D38900467B039C950C684A60AF5667F343B4BAA658E68967F0EBBA72695AF073A5A08B647D855265544EC291B01ED6420D2FBF878E5B0BC46EB1F8A2C1BD6A945CD8CCB0035BD11023603C0202E1B05551E3E964FD9F1D470D5E4FA08CFDD9E1F11A99E14C550C1024F642147A3B01E58EE3E5D75D5DC4D538243521526CF615C8616172448C8F81F1B36E110C161C109D6308F1F29F188375611C943313945670247AF0C9AFDF25E3226AA07D442A8057FAEAF251D463434EF18524A":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:6144:0:PSA_SUCCESS:1 PSA import/export FFDH RFC7919 6144 public key: good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_6144 import_export:"201757BBAC6FF53E1966C29822B5154F56E332DCE1370D3A117B380D9C63FBD98F027F434EFBE530581BB1A0ACEDF30D749854F6BFC3E2E9F24A75B9109DB1FC787BB2D1DEF56414E6585757C5F84394AE9D7DB98AAADB5BCE0E4E55397B54E5DFAEDFB8CA87E6CAF0FC40E77421129F8D020287E7BD0330F60A7B01257FE36E1270B27D39F96AA464AF60C9DF47979517D7E9F0F68F93138BDC06E8F6F0AB39C90DA731925D26E48C24383425B22244D092BB9D6E3192467A91B27F0073C507D0615C3042F7432903E83494C2214089BACEF60A2D670E9D0EA0DC2F882E6AB90EC26A0CC4F9ED3DAF3912304079AA2447573AC51AAD69F4DFA07A03780922B4C7BACB286767EF758454526319C92F1486FA75E63E8EB2CBCA2A11938FE0BC5A9B50584505E16A3C8E2A599F8E2192BEC986DA602AD980190955B4AC8EF86EAF6EAFCFF7438ACD4DF64E407E675C0A114E04A9360A4431B6C0AB249B023BE89A41DA36FDFAB0FA3247DD9280EC538F724C6AF8CECD22DA87E91959AC12B690175937B7DB09B12FEE5D018802A4E561AE4F671C5569C73E928BBD66A494BBEF7F0DE8F00FED7546068E7F82F6317106885F0138AFD399DF9A8FB83C345840129B485EAD2C570BDAC992515663FCF86769808DFEFB9426D6938E5799104F197D3A3BDFFF8C4BF5E736E8B78FDB01D6C61DEAC56BC9BC8073FD4BABCCFC6D15253CA7F9FBD06F41D3F490965671F778812F5237791223FF9A1E6DBE2DD318570786051A74E58FCD0AA1BAC8CEF0656A1AD230E0578F6EC60C275C7FBAF01053DFE093DF049531282BFE7E459236D9B7315DFDB72105BD2A1509238F1CC488F3CE8907C4F931EF89FAC9D6C7D624D6BE70169A283C97E95E28DA1B90A2311733565BB082BA845BE97EDAB6698EE25E35988149B61ED64F1F41D54CD2EECB8224A22C118666551067F607B5B5C569DC8AF082D3CF0782FFC638F149765F9BE50CC52C157A58936B3E0CAA89891C71F5B960A46020AC8B7F449C8753561812B9CE313A932D3F7FD7AEF526E6BA47FE569A180CB96C5C3081A73407B52D53C6FEE6886D":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:6144:0:PSA_SUCCESS:1 PSA import/export FFDH RFC7919 8192 key pair: good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_8192 import_export:"AE5FA06AE9400A03F48C0201F4BF53263185BA76D07AB16B74869F141AEB365EB162806840F7B97C12561F5C6B9EE27521009341E52672786E10CE1615447F30E4D17F1CA049643A8CFDAC3BF66FB93B6C5C4805287D4E63D5DC895535D993203F309908AC8ABC3A96F5EF4E72E7AF59B1DC9D014EECB5609E03045B5F3C3E6C372DC0639390065C53FC911269B27A5A630BB847C8823127839DB138146E3830087AEB2395F3D0147F0C1B26297A7E657A1A430DEE1CE93C3EBEFD155EECC2298E664D77CABBAA51555C7C65FAC2957CF238F9342A39063B2F9C291D3169923DD7C3C275C591196CA350421788A06077137ECF4C41544672E8DC9E634AAB8F30D4E44C4E3BD93076B35D0A0B37F00416035C621D37FBBB434B5E3D460BD64D41CCEE8C58CB6A586C3450CC264709D065B9874129720ECA3CA5F5920F47EE8E203CCA740EFA510F7541B1241D2E036E43258B1530704D4E3A5F6C0001FC4ED82535DF672602BD421884EF381D485D37734411890A6CCCD7009208C72318F6D558A8A508774666D12E50E6DA6EAB016B147D618D729B441835B7D7B85549501A4B66AF7021EB27857C9059EA301F37B24A5E364F39364F7D406625416B9A00C44730A18C35A7D66508C903320B552CA2651724B4422870320C517B7A0B4C031C692B2D7524D66AB3289460535C6F3EFE2E42378B2927691A008734D407EADC93206DCFEB2ED71AAF7696DEFE34EA307921735FC72B4DB6B70A3381936CD90E384D38DE3C07C4DA7D1DF945EA1796148C40FA29FB5D5F6B2B03311550082ACB87130742910BFA18821380F729791E66454E2289B41FD172A4046B6961374DB62944A7DD572DFFC9B413BCF42773EA14E3562633CF134429FC7AD4F176779302BB421B44AB716AD0752C7D3334648EA3721DB7862D37B1B4C75068B2AA6AF0646A3E758F456E61F894028679F67E6FB9404CC063C005B78E46079984C85FC7A55111B1A7C81A197CF258E60B975FD4307D3AEBEE965D5175F81621E7A67E92CCEE0A503FAD2ADEDBCE717CE1D16177727C3E2205CB6C51D348590A7537013D49765EBBA3BE0588A86B65CCECE87B732AEC3C395D3336349F9366638F567BAEEC782495972869E9084D7A1DA6B97055FBE86EA1979301B62A82501DA13A00523F5C1CD0A6742903ADD15F2670D956BB950B075422CA76485780554D62FA11A461772126334F47CA43CC731BD4F35F48381A341B17154D26492B6185819012D6BAD352AEF19646516E790E49E5BF0FE74ECA7C850D0D75AC74160B953B43211AA5355E967D6305B2E1FC1170A01E4D3715F706680C7F628D41594D8954532338B3F30B90EE2A2DB0C42C7AF348FF12E410F523F81BAD4F41ABF92488726C451E4FFC160BEFC518A44660256687164B2606DB65CA8F8B06EB08A75DFCC0AE387881224C":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:8192:0:PSA_SUCCESS:1 PSA import/export FFDH RFC7919 8192 public key: good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_8192 import_export:"3D1EB2C023E54A123420B9587F6985AFFCF6FE75A2F1768866CBAA10ABD5B7448409EFCE8786C0BD1D325FBAC47119A846C63103DAA8BC5FAF427C69D07AFE2FA0064A8BE9C33E30E6926A57850248EAAD8F0FA887452FF1467064DBE4041950CBFF55763AB58E1F2300C9B133E5D0FBD18604B93EC16BEA9CE340AC92B18DC188629A5D7FEC64601334CDBFEBD8126BE4743440C9A48F03F37298548C2EF226D44C296F440EB1E5F1128F203120ACE6C45D3CA992998CCF68C301CC4A32CF852FA4C2968C62D4016AF526FCD61A56F2BF479743D1EB62AD21120563BC1CE0D0791920BB89D82473F4DE75BCF6A728490F071899F683FCA10DCF6D9605749810A901F1FAAF96DC6AA0AF1CAFCF61E8A51E9E7A1BF5D9E5FDD6D63ED824CFD4016EF0782946F44E44B1B72B4CF9D4CE5E57A93EB738AEC084F02BBA52C385BCC013C720B0B98B78580AFFA84B0D204866B3FA39D73EECF1E0E6921D5484D929C1ADC7975741A308BCB060A43DF556F278F56CBDBDCE07F7CC8292FB27B3CDDB286E4B5A92552308DD8001F4BABC67C56B8DC6E5C4ED8FC4724A89441433EDD58C68E513E1940F5E6DB512574D7A37974E5739E28C03FECA3134AD8817E1A52BEBDCF2EE1F7DC66B09742005902A977DB0D617B8F6CFD75508F00225BE362D53BCA0AF4BE0D2DAD0A64054CA1204E31217F82D4F95315E54AEBF3BF98E2667A35A0017799C5479F369D8692317CABBB78C07D8314153D22110EA7617091ED755041A6E201F1FD76BC258DF84260369BBB2A1A13B5D266844A25E9A8F1D1279C349E0113CAAAB0A3D4510367E754980328B937CF7BEAABDBA39F4EA3CDE5C9BB6ECDA5BC44CC9EB6BEE6F2FF3698FA393DD4F85507415622CD7C0802240F7CE22F75F2DBA7CB7217352B34C57921B975BF2E73B6DA6A34C11192338C80B986AA3707DA64324056FE7EE2C0754045C7BC596B68FFCB501C186F89D618A76144C9CB35B59370D1D3E668F10A9EF6C851F6AD3FA9FA776E9391F3F143D7928F816EE4F56F756BF450E1B4F87A7B19EFB02850C45F6F7BCC87AA8FF27C474269EB53F3F1E28DD4D6BF1C6B16AD97F10418596D1A3EC5F664773FCA1E93743005C7230D5F8549DAEE3472418A648B91834BA7A19834B48D7E6DB57F7BD92887C366D78532A2497D9B9F35D598E79026F586D4DC1577FDA2B9DD5877A521EB9F3C87DFD77F5EC690519E04E702CE3A5203920A7B891F764CB0B2DDEE7EB01CC55EB45F1BECD4514540F10F03ABBA3E4D627DCEF89F1FADF26034C2D7C36E6776C7163D99BF5CADEFDB142A6CD631D3B58269F0116B1016633B7CD4752E2F636614ABDD27592734B8BFF08E155C350808C6072C42E46F2AEDD83EA6FFBF3EA5AA809B0F9DABF6CD8E2E0E1BC998AAAA0698F44B1819B0D7A19C2067F071A932D10F0281187":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:8192:0:PSA_SUCCESS:1 PSA import/export FFDH RFC7919 2048 key pair: export not permitterd -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_2048 import_export:"2A45292441157B3C25572F76A5CDF960A7BDBF06731D783C5BF8920FB94CCC3D5DCCF86A3CB66B4E3AEDD23106222458ACF3F72C753CB67C2E19AD399566866FEBC16C3B4DC72773B4709047AE1AEC2D9107C2041B06B86A8F604465B26E0E753D6B10772798B3797232D950A36F2D4B33B04B36DE73AC6B8A7365015DF5745A1F892728B0CA947702C36E3BC646E72E23E80C345DBB014B7F93B36C80B4051F9A716D19B980861E86D62977466565462FBD3C1BB4EFD630DCCBEB351A7FA95602B7FE23903C7C7DC999950493BEC028AC42346858FAD969452DCF1DE9AD445F7F928D63B75FA86E8C1D722AB242D91995D3545A1791D72B0F384E74B45C7C01":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:2048:0:PSA_ERROR_NOT_PERMITTED:1 PSA import/export FFDH RFC7919 2040 key pair: import invalid key length -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_2048 import_with_data:"2A45292441157B3C25572F76A5CDF960A7BDBF06731D783C5BF8920FB94CCC3D5DCCF86A3CB66B4E3AEDD23106222458ACF3F72C753CB67C2E19AD399566866FEBC16C3B4DC72773B4709047AE1AEC2D9107C2041B06B86A8F604465B26E0E753D6B10772798B3797232D950A36F2D4B33B04B36DE73AC6B8A7365015DF5745A1F892728B0CA947702C36E3BC646E72E23E80C345DBB014B7F93B36C80B4051F9A716D19B980861E86D62977466565462FBD3C1BB4EFD630DCCBEB351A7FA95602B7FE23903C7C7DC999950493BEC028AC42346858FAD969452DCF1DE9AD445F7F928D63B75FA86E8C1D722AB242D91995D3545A1791D72B0F384E74B45C7C":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):2048:PSA_ERROR_INVALID_ARGUMENT PSA import/export FFDH RFC7919 2040 public key: import invalid key length -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_2048 import_with_data:"2898897F34E672DAE8E629C6AD5D525A8ECCF88CEEB2F7D456DBC726D4E4A473A57F530BB6A7A67D58A560C2FDF51C9E4826DB48F408150CEAFBD32766C03D277D611139AA9F4017B0125EEA089ECD906EA0854AC0A435507DEC05C3CF2F37F98ED987E13E4795BB44051F231753C9BA3023D1A9E969FD98AC21091F704F6AD5B49B2F95DE7FA0CC1B6D9FC1DAD308EB2D1B021D8EA99959BD0BBA3CD5AD33C4B4A608A74B42B6C0342CBCFE3F41ED0752389D7A982DE512514EEC4C6D1165D3C52485A02EF310E2A4C0B5197FADE3D6F768E81AA01926FEAE92040706A621676200F6F80B51D0B4CAC38A406778D81EF3CB68EAC2E9DC06ED8E47363CE260":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):2048:PSA_ERROR_INVALID_ARGUMENT PSA import/export FFDH RFC7919 3064 key pair: import invalid key length -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_3072 import_with_data:"A13B0B091871DE0F21FA9031BFFB6F37C485F0553B0468169A04AC0E2710185C9D8B5C5FB01C2846CEBA007298CB0F208DA2CF551C5098281EB4490647B733636EE14F6F4540EA05434AC258090A575D10EF9523AA4B545D27851878FAA04361D9412E3B55645A52BE03EE2E6DF0F83DBA295363E68F7307B5A19E205B655E6CFE005217D69B2F521A61CE23C286426D11A09768B5657A32E9965A49AE2BF4476582A278B7515B3B46F70368F324724ED4A1F36364AB4D6E3ADCA53142834353A9EB37747D26680A4B8D9A30BADACD172872BC677212B328B47B117901B4EA22C8760D7B727FFF276FA4E36082A0605E590F732F24468201DD05BF4A5710C546FAE1B153F8668D6E1A9707340B82493CADCC0721032E627DB9AD3D04124FAA19BB7FBD38FFA4416C05741C688F21B11C63508F5A3F50C219D1A4F46F0D3CC74EBD762A241C328F20C7169566E5E8E60B8F4442497B92A65FE69CD12E57BB4F44ED11A6075541B50FD95BB0224621193779873711B6616F6D9E31DE7D7369E9":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):3072:PSA_ERROR_INVALID_ARGUMENT PSA import/export FFDH RFC7919 3064 public key: import invalid key length -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_3072 import_with_data:"57214B78F3045CA8996F024B97AFCE32F3B8D24A0F1A6E37F83559C3B07270F830D9EEB40E22BE7D53C8215832C024DF8602815D087CFD546392EC338C2683FF2329BEA2236E94184037284C8A8FE6DC9F56BBEC47C887953FE2AF8700A96ED13B1DD50EA7065C2D102DE1CF037699C47A3A96CC561C5B7E1D5DCE028BB8CEB15EC9B6A8D7E12224B95D893DA596B0C198C0E07C566C7A008C2F260D358DA9D2C2EFD7182B6B03501321408791769D567FC61BE2F9BEF8D58A82AEEA857F088FF89075B0263074FF403EA94673AA2C4728ED966B23BDEB1A240BBEE9343548E02755579FFB158F9BBB11525C5081C0681A969BC6D828F74CF577FA27AEA68A5E56E8505688653590CB9CAA5D76B40BD113764141E1DD7BB09A24023C0EDE10D2C8826FACCD4EC7B2896FE6F2A1E9925C0DFBEB48A4501D57B23A2F6624772664472B5FA76AD952EEE3AABEE33897324DA167ABCD13504F85114A57CA038629437333F6B2D93F8776C8B4ACED82696BEFBE802B3281A2E1FB32A940A4A714C8":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):3072:PSA_ERROR_INVALID_ARGUMENT PSA import/export FFDH RFC7919 4088 key pair: import invalid key length -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_4096 import_with_data:"46EEB441AF38234285F3ED05BC650E370B051170543816366235B4460F6A45736145651F383B4C14AED4BC6E4A08AA1AFBEFBA457C2669362EFBF459F1447A64C25A502F8121362FF68D144BCE30592511FD902DD6338315447C21055DD9BC7AA8348445AF1E9B0C5B970500DABC792C004C897F32FD592CD383DC0B463A3E41E1357D6E5877CA1102A04C78EC3A8E5EACAFE04764D5003FFCA4D3510DF545679C104D53AA79904057FDEF019700081926A0F97686F8E45B8845827DE9FA4926071A1B0B7FD39648B72BA34B1917AC3855071A5EFCA7C45076F06833FD3B9E23ABC65F5DD1876E33D7F81750AB12E95C0385C85FAA7CF45BF14C271EE4BA454E02F4BE6DF3EC7316D0F5D32CAEA39F3558C27455CC9AA77EBC98E51CF4D2C1287714383F1396D51E8CD3C9419DB43136998EBA7A14194C3F86AF7B5CA1A8D50593ECE2073EDB1E28BABF813EE9F3FC653A83E37830B0EA71E62F9B09E549435601385925BE28B359915C2C3304BD210568A5A73582A95351E87767536B9966237696C767B86D3B00193D0659CE583C3D8508E37ED5D5EB75C22BFE65FC1C1B3EE96BC1144EFFC72799D14C7482FA7B0F631814672081C85023A35115F604F76E5E5CE778DD62D353DFF8F35498DFCA710D13BE45C6288F5E7D290E480E4B176B845142380E863A7B12083970ECF6E96D912F8E4CFA7FA0435790501107C655":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):4096:PSA_ERROR_INVALID_ARGUMENT PSA import/export FFDH RFC7919 4088 public key: import invalid key length -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_4096 import_with_data:"BF50F1FDD8B6B5332047A808088E669F06D6CA71A59CB7CA9FB48EB47E1F179C531B15382D2D0382D18CD77E1A517BAA4175D59795898DABECCA469981E4C69EBC62B35936791F6B03E37EF39945B80503113C97474967AB4832EBD7E30ED4EFA47B49080D69B88FD7BD33847B7E6A7D0024AAD08C829CDAA44EC7C6E4013E6321DD64975E323A9779EE99FA7B210232F20B198A3AB6A0FAC525785777A084AB71EB58367C04FE456EA3EF260C1091FDC94781485784D110CB0EBCF4ADE74FBED11D59FC53CD66B3743603B06587DC47D4DBBE46CAABA2EA3190D0D859D3B5B8AC604F069D178E551E85AC26AD2BEBD22A27E9D517DEF70DBE15ECB5679881D522228377BDFDAC76677B4AEC68853EBA16D72087184ECA46DB62D4DCAADFDB9BF0029CD6C7711DD94ADEC835FE7145F371DAE027711DAC6820720CDFA2A61C97CFE84576B8C462A1FBA5C15F4E3AB55E10285A4F64B7124ECFEB5F517A065A0F1F8D7AA0E5189BDE525A34E7B17B78F15BECCD02CFF8AFB3DDFCF8809B6FD34683D7E87F3810C9658F1A4BD8495C163FB2F012E82CF22183361ABE0035C9A974386DF07886348BFA1F69BA35A77E3903741B9BF8B300D4BF67AB4A25D26EF8ECBD8965A398A2D38538C6BF59636622A404DCA0CCABE06395D209E24FE9DE738152E3A049FADEF4FE9585F84197383DF7AAC40DE842B2333A4C29855C25D40B":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):4096:PSA_ERROR_INVALID_ARGUMENT PSA import/export FFDH RFC7919 6136 key pair: import invalid key length -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_6144 import_with_data:"E4012A5FD17FB739867A475501A75212E2C1DA5376693759A1B5FC1523927D0DBF907037232C43416B4AA925D65A154FC1E13F72C7643E431C480A7799F09F66F8CA816E66E82E75B79A6D2C4DB6CB6D7532B020FBC69D7BBE80881A7778C66BEFD4F01450BD8E1DA05FFB59D8331C6E3281E67EDF3EF557A5800D4C1683105EB0BEAC112BFB5421172A637092808765A1648C7AB8DF5F06B612057360F5FC31DB0BA347215DAE18375012019CEDE239E8C1EC5B53981C7835DE8220E18C6E4AB9804B6DEC78F04C2E433A382FB3FB0DE73F8E48ECC3C252A62BC279D6147F5D3D815170468BBD53AF489B4B6F02386F25CAB22B54C9A8178585484DD5885F3D7FC4FD389DAFAB3D6809E72220298A33558F0B441E1CEC15811E8765319BAE0B3F799A2EB86E9966CD889145273B870A0B07B65E0367146608C8F554C587014CEFDF0433370B300DF43AFD59D71F937B23CFF25F9A66BF53AD34125960504450E0F17C275C7DAD24CF527C3F05BC2F53B046563C55D8C40CDA448F102F0B5475F287704A424E76335034DE2847177C0E606A6249D152650E78B22A1A9FE3FC7789C1FE74463BBC5FC71E840294C8B45349A2D045CFE679575950B61F3882D57806F2A9644D8BB3790FA268742AC19C44E7F1724DBDD67A4D8A11E114C7E3EF74195428725A645D54CC9F1F48CA9A7E2EAF3C2261A7E4AE58F9A5D223A1C4922BE932250C49DAB04CE8DB0E3A4A9D87551A2D165B618E3954E980844DA3EE1450A7C9F533B09F085038B7C923F06BC679808682279107804328EE9B7286782C0CDF92333D38900467B039C950C684A60AF5667F343B4BAA658E68967F0EBBA72695AF073A5A08B647D855265544EC291B01ED6420D2FBF878E5B0BC46EB1F8A2C1BD6A945CD8CCB0035BD11023603C0202E1B05551E3E964FD9F1D470D5E4FA08CFDD9E1F11A99E14C550C1024F642147A3B01E58EE3E5D75D5DC4D538243521526CF615C8616172448C8F81F1B36E110C161C109D6308F1F29F188375611C943313945670247AF0C9AFDF25E3226AA07D442A8057FAEAF251D463434EF1852":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):6144:PSA_ERROR_INVALID_ARGUMENT PSA import/export FFDH RFC7919 6136 public key: import invalid key length -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_6144 import_with_data:"201757BBAC6FF53E1966C29822B5154F56E332DCE1370D3A117B380D9C63FBD98F027F434EFBE530581BB1A0ACEDF30D749854F6BFC3E2E9F24A75B9109DB1FC787BB2D1DEF56414E6585757C5F84394AE9D7DB98AAADB5BCE0E4E55397B54E5DFAEDFB8CA87E6CAF0FC40E77421129F8D020287E7BD0330F60A7B01257FE36E1270B27D39F96AA464AF60C9DF47979517D7E9F0F68F93138BDC06E8F6F0AB39C90DA731925D26E48C24383425B22244D092BB9D6E3192467A91B27F0073C507D0615C3042F7432903E83494C2214089BACEF60A2D670E9D0EA0DC2F882E6AB90EC26A0CC4F9ED3DAF3912304079AA2447573AC51AAD69F4DFA07A03780922B4C7BACB286767EF758454526319C92F1486FA75E63E8EB2CBCA2A11938FE0BC5A9B50584505E16A3C8E2A599F8E2192BEC986DA602AD980190955B4AC8EF86EAF6EAFCFF7438ACD4DF64E407E675C0A114E04A9360A4431B6C0AB249B023BE89A41DA36FDFAB0FA3247DD9280EC538F724C6AF8CECD22DA87E91959AC12B690175937B7DB09B12FEE5D018802A4E561AE4F671C5569C73E928BBD66A494BBEF7F0DE8F00FED7546068E7F82F6317106885F0138AFD399DF9A8FB83C345840129B485EAD2C570BDAC992515663FCF86769808DFEFB9426D6938E5799104F197D3A3BDFFF8C4BF5E736E8B78FDB01D6C61DEAC56BC9BC8073FD4BABCCFC6D15253CA7F9FBD06F41D3F490965671F778812F5237791223FF9A1E6DBE2DD318570786051A74E58FCD0AA1BAC8CEF0656A1AD230E0578F6EC60C275C7FBAF01053DFE093DF049531282BFE7E459236D9B7315DFDB72105BD2A1509238F1CC488F3CE8907C4F931EF89FAC9D6C7D624D6BE70169A283C97E95E28DA1B90A2311733565BB082BA845BE97EDAB6698EE25E35988149B61ED64F1F41D54CD2EECB8224A22C118666551067F607B5B5C569DC8AF082D3CF0782FFC638F149765F9BE50CC52C157A58936B3E0CAA89891C71F5B960A46020AC8B7F449C8753561812B9CE313A932D3F7FD7AEF526E6BA47FE569A180CB96C5C3081A73407B52D53C6FEE688":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):6144:PSA_ERROR_INVALID_ARGUMENT PSA import/export FFDH RFC7919 8184 key pair: import invalid key length -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_8192 import_with_data:"AE5FA06AE9400A03F48C0201F4BF53263185BA76D07AB16B74869F141AEB365EB162806840F7B97C12561F5C6B9EE27521009341E52672786E10CE1615447F30E4D17F1CA049643A8CFDAC3BF66FB93B6C5C4805287D4E63D5DC895535D993203F309908AC8ABC3A96F5EF4E72E7AF59B1DC9D014EECB5609E03045B5F3C3E6C372DC0639390065C53FC911269B27A5A630BB847C8823127839DB138146E3830087AEB2395F3D0147F0C1B26297A7E657A1A430DEE1CE93C3EBEFD155EECC2298E664D77CABBAA51555C7C65FAC2957CF238F9342A39063B2F9C291D3169923DD7C3C275C591196CA350421788A06077137ECF4C41544672E8DC9E634AAB8F30D4E44C4E3BD93076B35D0A0B37F00416035C621D37FBBB434B5E3D460BD64D41CCEE8C58CB6A586C3450CC264709D065B9874129720ECA3CA5F5920F47EE8E203CCA740EFA510F7541B1241D2E036E43258B1530704D4E3A5F6C0001FC4ED82535DF672602BD421884EF381D485D37734411890A6CCCD7009208C72318F6D558A8A508774666D12E50E6DA6EAB016B147D618D729B441835B7D7B85549501A4B66AF7021EB27857C9059EA301F37B24A5E364F39364F7D406625416B9A00C44730A18C35A7D66508C903320B552CA2651724B4422870320C517B7A0B4C031C692B2D7524D66AB3289460535C6F3EFE2E42378B2927691A008734D407EADC93206DCFEB2ED71AAF7696DEFE34EA307921735FC72B4DB6B70A3381936CD90E384D38DE3C07C4DA7D1DF945EA1796148C40FA29FB5D5F6B2B03311550082ACB87130742910BFA18821380F729791E66454E2289B41FD172A4046B6961374DB62944A7DD572DFFC9B413BCF42773EA14E3562633CF134429FC7AD4F176779302BB421B44AB716AD0752C7D3334648EA3721DB7862D37B1B4C75068B2AA6AF0646A3E758F456E61F894028679F67E6FB9404CC063C005B78E46079984C85FC7A55111B1A7C81A197CF258E60B975FD4307D3AEBEE965D5175F81621E7A67E92CCEE0A503FAD2ADEDBCE717CE1D16177727C3E2205CB6C51D348590A7537013D49765EBBA3BE0588A86B65CCECE87B732AEC3C395D3336349F9366638F567BAEEC782495972869E9084D7A1DA6B97055FBE86EA1979301B62A82501DA13A00523F5C1CD0A6742903ADD15F2670D956BB950B075422CA76485780554D62FA11A461772126334F47CA43CC731BD4F35F48381A341B17154D26492B6185819012D6BAD352AEF19646516E790E49E5BF0FE74ECA7C850D0D75AC74160B953B43211AA5355E967D6305B2E1FC1170A01E4D3715F706680C7F628D41594D8954532338B3F30B90EE2A2DB0C42C7AF348FF12E410F523F81BAD4F41ABF92488726C451E4FFC160BEFC518A44660256687164B2606DB65CA8F8B06EB08A75DFCC0AE38788122":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):8192:PSA_ERROR_INVALID_ARGUMENT PSA import/export FFDH RFC7919 8184 public key: import invalid key length -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_8192 import_with_data:"3D1EB2C023E54A123420B9587F6985AFFCF6FE75A2F1768866CBAA10ABD5B7448409EFCE8786C0BD1D325FBAC47119A846C63103DAA8BC5FAF427C69D07AFE2FA0064A8BE9C33E30E6926A57850248EAAD8F0FA887452FF1467064DBE4041950CBFF55763AB58E1F2300C9B133E5D0FBD18604B93EC16BEA9CE340AC92B18DC188629A5D7FEC64601334CDBFEBD8126BE4743440C9A48F03F37298548C2EF226D44C296F440EB1E5F1128F203120ACE6C45D3CA992998CCF68C301CC4A32CF852FA4C2968C62D4016AF526FCD61A56F2BF479743D1EB62AD21120563BC1CE0D0791920BB89D82473F4DE75BCF6A728490F071899F683FCA10DCF6D9605749810A901F1FAAF96DC6AA0AF1CAFCF61E8A51E9E7A1BF5D9E5FDD6D63ED824CFD4016EF0782946F44E44B1B72B4CF9D4CE5E57A93EB738AEC084F02BBA52C385BCC013C720B0B98B78580AFFA84B0D204866B3FA39D73EECF1E0E6921D5484D929C1ADC7975741A308BCB060A43DF556F278F56CBDBDCE07F7CC8292FB27B3CDDB286E4B5A92552308DD8001F4BABC67C56B8DC6E5C4ED8FC4724A89441433EDD58C68E513E1940F5E6DB512574D7A37974E5739E28C03FECA3134AD8817E1A52BEBDCF2EE1F7DC66B09742005902A977DB0D617B8F6CFD75508F00225BE362D53BCA0AF4BE0D2DAD0A64054CA1204E31217F82D4F95315E54AEBF3BF98E2667A35A0017799C5479F369D8692317CABBB78C07D8314153D22110EA7617091ED755041A6E201F1FD76BC258DF84260369BBB2A1A13B5D266844A25E9A8F1D1279C349E0113CAAAB0A3D4510367E754980328B937CF7BEAABDBA39F4EA3CDE5C9BB6ECDA5BC44CC9EB6BEE6F2FF3698FA393DD4F85507415622CD7C0802240F7CE22F75F2DBA7CB7217352B34C57921B975BF2E73B6DA6A34C11192338C80B986AA3707DA64324056FE7EE2C0754045C7BC596B68FFCB501C186F89D618A76144C9CB35B59370D1D3E668F10A9EF6C851F6AD3FA9FA776E9391F3F143D7928F816EE4F56F756BF450E1B4F87A7B19EFB02850C45F6F7BCC87AA8FF27C474269EB53F3F1E28DD4D6BF1C6B16AD97F10418596D1A3EC5F664773FCA1E93743005C7230D5F8549DAEE3472418A648B91834BA7A19834B48D7E6DB57F7BD92887C366D78532A2497D9B9F35D598E79026F586D4DC1577FDA2B9DD5877A521EB9F3C87DFD77F5EC690519E04E702CE3A5203920A7B891F764CB0B2DDEE7EB01CC55EB45F1BECD4514540F10F03ABBA3E4D627DCEF89F1FADF26034C2D7C36E6776C7163D99BF5CADEFDB142A6CD631D3B58269F0116B1016633B7CD4752E2F636614ABDD27592734B8BFF08E155C350808C6072C42E46F2AEDD83EA6FFBF3EA5AA809B0F9DABF6CD8E2E0E1BC998AAAA0698F44B1819B0D7A19C2067F071A932D10F02811":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):8192:PSA_ERROR_INVALID_ARGUMENT PSA import/export FFDH RFC7919 2048 key pair: export buffer to small -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_2048 import_export:"2A45292441157B3C25572F76A5CDF960A7BDBF06731D783C5BF8920FB94CCC3D5DCCF86A3CB66B4E3AEDD23106222458ACF3F72C753CB67C2E19AD399566866FEBC16C3B4DC72773B4709047AE1AEC2D9107C2041B06B86A8F604465B26E0E753D6B10772798B3797232D950A36F2D4B33B04B36DE73AC6B8A7365015DF5745A1F892728B0CA947702C36E3BC646E72E23E80C345DBB014B7F93B36C80B4051F9A716D19B980861E86D62977466565462FBD3C1BB4EFD630DCCBEB351A7FA95602B7FE23903C7C7DC999950493BEC028AC42346858FAD969452DCF1DE9AD445F7F928D63B75FA86E8C1D722AB242D91995D3545A1791D72B0F384E74B45C7C01":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:2048:0:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export FFDH RFC7919 2048 public key: export buffer to small -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_2048 import_export:"2898897F34E672DAE8E629C6AD5D525A8ECCF88CEEB2F7D456DBC726D4E4A473A57F530BB6A7A67D58A560C2FDF51C9E4826DB48F408150CEAFBD32766C03D277D611139AA9F4017B0125EEA089ECD906EA0854AC0A435507DEC05C3CF2F37F98ED987E13E4795BB44051F231753C9BA3023D1A9E969FD98AC21091F704F6AD5B49B2F95DE7FA0CC1B6D9FC1DAD308EB2D1B021D8EA99959BD0BBA3CD5AD33C4B4A608A74B42B6C0342CBCFE3F41ED0752389D7A982DE512514EEC4C6D1165D3C52485A02EF310E2A4C0B5197FADE3D6F768E81AA01926FEAE92040706A621676200F6F80B51D0B4CAC38A406778D81EF3CB68EAC2E9DC06ED8E47363CE260E0":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:2048:0:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export FFDH RFC7919 3072 key pair: export buffer to small -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_3072 import_export:"A13B0B091871DE0F21FA9031BFFB6F37C485F0553B0468169A04AC0E2710185C9D8B5C5FB01C2846CEBA007298CB0F208DA2CF551C5098281EB4490647B733636EE14F6F4540EA05434AC258090A575D10EF9523AA4B545D27851878FAA04361D9412E3B55645A52BE03EE2E6DF0F83DBA295363E68F7307B5A19E205B655E6CFE005217D69B2F521A61CE23C286426D11A09768B5657A32E9965A49AE2BF4476582A278B7515B3B46F70368F324724ED4A1F36364AB4D6E3ADCA53142834353A9EB37747D26680A4B8D9A30BADACD172872BC677212B328B47B117901B4EA22C8760D7B727FFF276FA4E36082A0605E590F732F24468201DD05BF4A5710C546FAE1B153F8668D6E1A9707340B82493CADCC0721032E627DB9AD3D04124FAA19BB7FBD38FFA4416C05741C688F21B11C63508F5A3F50C219D1A4F46F0D3CC74EBD762A241C328F20C7169566E5E8E60B8F4442497B92A65FE69CD12E57BB4F44ED11A6075541B50FD95BB0224621193779873711B6616F6D9E31DE7D7369E963":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:3072:0:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export FFDH RFC7919 3072 public key: export buffer to small -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_3072 import_export:"57214B78F3045CA8996F024B97AFCE32F3B8D24A0F1A6E37F83559C3B07270F830D9EEB40E22BE7D53C8215832C024DF8602815D087CFD546392EC338C2683FF2329BEA2236E94184037284C8A8FE6DC9F56BBEC47C887953FE2AF8700A96ED13B1DD50EA7065C2D102DE1CF037699C47A3A96CC561C5B7E1D5DCE028BB8CEB15EC9B6A8D7E12224B95D893DA596B0C198C0E07C566C7A008C2F260D358DA9D2C2EFD7182B6B03501321408791769D567FC61BE2F9BEF8D58A82AEEA857F088FF89075B0263074FF403EA94673AA2C4728ED966B23BDEB1A240BBEE9343548E02755579FFB158F9BBB11525C5081C0681A969BC6D828F74CF577FA27AEA68A5E56E8505688653590CB9CAA5D76B40BD113764141E1DD7BB09A24023C0EDE10D2C8826FACCD4EC7B2896FE6F2A1E9925C0DFBEB48A4501D57B23A2F6624772664472B5FA76AD952EEE3AABEE33897324DA167ABCD13504F85114A57CA038629437333F6B2D93F8776C8B4ACED82696BEFBE802B3281A2E1FB32A940A4A714C853":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:3072:0:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export FFDH RFC7919 4096 key pair: export buffer to small -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_4096 import_export:"46EEB441AF38234285F3ED05BC650E370B051170543816366235B4460F6A45736145651F383B4C14AED4BC6E4A08AA1AFBEFBA457C2669362EFBF459F1447A64C25A502F8121362FF68D144BCE30592511FD902DD6338315447C21055DD9BC7AA8348445AF1E9B0C5B970500DABC792C004C897F32FD592CD383DC0B463A3E41E1357D6E5877CA1102A04C78EC3A8E5EACAFE04764D5003FFCA4D3510DF545679C104D53AA79904057FDEF019700081926A0F97686F8E45B8845827DE9FA4926071A1B0B7FD39648B72BA34B1917AC3855071A5EFCA7C45076F06833FD3B9E23ABC65F5DD1876E33D7F81750AB12E95C0385C85FAA7CF45BF14C271EE4BA454E02F4BE6DF3EC7316D0F5D32CAEA39F3558C27455CC9AA77EBC98E51CF4D2C1287714383F1396D51E8CD3C9419DB43136998EBA7A14194C3F86AF7B5CA1A8D50593ECE2073EDB1E28BABF813EE9F3FC653A83E37830B0EA71E62F9B09E549435601385925BE28B359915C2C3304BD210568A5A73582A95351E87767536B9966237696C767B86D3B00193D0659CE583C3D8508E37ED5D5EB75C22BFE65FC1C1B3EE96BC1144EFFC72799D14C7482FA7B0F631814672081C85023A35115F604F76E5E5CE778DD62D353DFF8F35498DFCA710D13BE45C6288F5E7D290E480E4B176B845142380E863A7B12083970ECF6E96D912F8E4CFA7FA0435790501107C65533":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:4096:0:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export FFDH RFC7919 4096 public key: export buffer to small -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_4096 import_export:"BF50F1FDD8B6B5332047A808088E669F06D6CA71A59CB7CA9FB48EB47E1F179C531B15382D2D0382D18CD77E1A517BAA4175D59795898DABECCA469981E4C69EBC62B35936791F6B03E37EF39945B80503113C97474967AB4832EBD7E30ED4EFA47B49080D69B88FD7BD33847B7E6A7D0024AAD08C829CDAA44EC7C6E4013E6321DD64975E323A9779EE99FA7B210232F20B198A3AB6A0FAC525785777A084AB71EB58367C04FE456EA3EF260C1091FDC94781485784D110CB0EBCF4ADE74FBED11D59FC53CD66B3743603B06587DC47D4DBBE46CAABA2EA3190D0D859D3B5B8AC604F069D178E551E85AC26AD2BEBD22A27E9D517DEF70DBE15ECB5679881D522228377BDFDAC76677B4AEC68853EBA16D72087184ECA46DB62D4DCAADFDB9BF0029CD6C7711DD94ADEC835FE7145F371DAE027711DAC6820720CDFA2A61C97CFE84576B8C462A1FBA5C15F4E3AB55E10285A4F64B7124ECFEB5F517A065A0F1F8D7AA0E5189BDE525A34E7B17B78F15BECCD02CFF8AFB3DDFCF8809B6FD34683D7E87F3810C9658F1A4BD8495C163FB2F012E82CF22183361ABE0035C9A974386DF07886348BFA1F69BA35A77E3903741B9BF8B300D4BF67AB4A25D26EF8ECBD8965A398A2D38538C6BF59636622A404DCA0CCABE06395D209E24FE9DE738152E3A049FADEF4FE9585F84197383DF7AAC40DE842B2333A4C29855C25D40B3B":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:4096:0:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export FFDH RFC7919 6144 key pair: export buffer to small -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_6144 import_export:"E4012A5FD17FB739867A475501A75212E2C1DA5376693759A1B5FC1523927D0DBF907037232C43416B4AA925D65A154FC1E13F72C7643E431C480A7799F09F66F8CA816E66E82E75B79A6D2C4DB6CB6D7532B020FBC69D7BBE80881A7778C66BEFD4F01450BD8E1DA05FFB59D8331C6E3281E67EDF3EF557A5800D4C1683105EB0BEAC112BFB5421172A637092808765A1648C7AB8DF5F06B612057360F5FC31DB0BA347215DAE18375012019CEDE239E8C1EC5B53981C7835DE8220E18C6E4AB9804B6DEC78F04C2E433A382FB3FB0DE73F8E48ECC3C252A62BC279D6147F5D3D815170468BBD53AF489B4B6F02386F25CAB22B54C9A8178585484DD5885F3D7FC4FD389DAFAB3D6809E72220298A33558F0B441E1CEC15811E8765319BAE0B3F799A2EB86E9966CD889145273B870A0B07B65E0367146608C8F554C587014CEFDF0433370B300DF43AFD59D71F937B23CFF25F9A66BF53AD34125960504450E0F17C275C7DAD24CF527C3F05BC2F53B046563C55D8C40CDA448F102F0B5475F287704A424E76335034DE2847177C0E606A6249D152650E78B22A1A9FE3FC7789C1FE74463BBC5FC71E840294C8B45349A2D045CFE679575950B61F3882D57806F2A9644D8BB3790FA268742AC19C44E7F1724DBDD67A4D8A11E114C7E3EF74195428725A645D54CC9F1F48CA9A7E2EAF3C2261A7E4AE58F9A5D223A1C4922BE932250C49DAB04CE8DB0E3A4A9D87551A2D165B618E3954E980844DA3EE1450A7C9F533B09F085038B7C923F06BC679808682279107804328EE9B7286782C0CDF92333D38900467B039C950C684A60AF5667F343B4BAA658E68967F0EBBA72695AF073A5A08B647D855265544EC291B01ED6420D2FBF878E5B0BC46EB1F8A2C1BD6A945CD8CCB0035BD11023603C0202E1B05551E3E964FD9F1D470D5E4FA08CFDD9E1F11A99E14C550C1024F642147A3B01E58EE3E5D75D5DC4D538243521526CF615C8616172448C8F81F1B36E110C161C109D6308F1F29F188375611C943313945670247AF0C9AFDF25E3226AA07D442A8057FAEAF251D463434EF18524A":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:6144:0:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export FFDH RFC7919 6144 public key: export buffer to small -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_6144 import_export:"201757BBAC6FF53E1966C29822B5154F56E332DCE1370D3A117B380D9C63FBD98F027F434EFBE530581BB1A0ACEDF30D749854F6BFC3E2E9F24A75B9109DB1FC787BB2D1DEF56414E6585757C5F84394AE9D7DB98AAADB5BCE0E4E55397B54E5DFAEDFB8CA87E6CAF0FC40E77421129F8D020287E7BD0330F60A7B01257FE36E1270B27D39F96AA464AF60C9DF47979517D7E9F0F68F93138BDC06E8F6F0AB39C90DA731925D26E48C24383425B22244D092BB9D6E3192467A91B27F0073C507D0615C3042F7432903E83494C2214089BACEF60A2D670E9D0EA0DC2F882E6AB90EC26A0CC4F9ED3DAF3912304079AA2447573AC51AAD69F4DFA07A03780922B4C7BACB286767EF758454526319C92F1486FA75E63E8EB2CBCA2A11938FE0BC5A9B50584505E16A3C8E2A599F8E2192BEC986DA602AD980190955B4AC8EF86EAF6EAFCFF7438ACD4DF64E407E675C0A114E04A9360A4431B6C0AB249B023BE89A41DA36FDFAB0FA3247DD9280EC538F724C6AF8CECD22DA87E91959AC12B690175937B7DB09B12FEE5D018802A4E561AE4F671C5569C73E928BBD66A494BBEF7F0DE8F00FED7546068E7F82F6317106885F0138AFD399DF9A8FB83C345840129B485EAD2C570BDAC992515663FCF86769808DFEFB9426D6938E5799104F197D3A3BDFFF8C4BF5E736E8B78FDB01D6C61DEAC56BC9BC8073FD4BABCCFC6D15253CA7F9FBD06F41D3F490965671F778812F5237791223FF9A1E6DBE2DD318570786051A74E58FCD0AA1BAC8CEF0656A1AD230E0578F6EC60C275C7FBAF01053DFE093DF049531282BFE7E459236D9B7315DFDB72105BD2A1509238F1CC488F3CE8907C4F931EF89FAC9D6C7D624D6BE70169A283C97E95E28DA1B90A2311733565BB082BA845BE97EDAB6698EE25E35988149B61ED64F1F41D54CD2EECB8224A22C118666551067F607B5B5C569DC8AF082D3CF0782FFC638F149765F9BE50CC52C157A58936B3E0CAA89891C71F5B960A46020AC8B7F449C8753561812B9CE313A932D3F7FD7AEF526E6BA47FE569A180CB96C5C3081A73407B52D53C6FEE6886D":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:6144:0:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export FFDH RFC7919 8192 key pair: export buffer to small -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_8192 import_export:"AE5FA06AE9400A03F48C0201F4BF53263185BA76D07AB16B74869F141AEB365EB162806840F7B97C12561F5C6B9EE27521009341E52672786E10CE1615447F30E4D17F1CA049643A8CFDAC3BF66FB93B6C5C4805287D4E63D5DC895535D993203F309908AC8ABC3A96F5EF4E72E7AF59B1DC9D014EECB5609E03045B5F3C3E6C372DC0639390065C53FC911269B27A5A630BB847C8823127839DB138146E3830087AEB2395F3D0147F0C1B26297A7E657A1A430DEE1CE93C3EBEFD155EECC2298E664D77CABBAA51555C7C65FAC2957CF238F9342A39063B2F9C291D3169923DD7C3C275C591196CA350421788A06077137ECF4C41544672E8DC9E634AAB8F30D4E44C4E3BD93076B35D0A0B37F00416035C621D37FBBB434B5E3D460BD64D41CCEE8C58CB6A586C3450CC264709D065B9874129720ECA3CA5F5920F47EE8E203CCA740EFA510F7541B1241D2E036E43258B1530704D4E3A5F6C0001FC4ED82535DF672602BD421884EF381D485D37734411890A6CCCD7009208C72318F6D558A8A508774666D12E50E6DA6EAB016B147D618D729B441835B7D7B85549501A4B66AF7021EB27857C9059EA301F37B24A5E364F39364F7D406625416B9A00C44730A18C35A7D66508C903320B552CA2651724B4422870320C517B7A0B4C031C692B2D7524D66AB3289460535C6F3EFE2E42378B2927691A008734D407EADC93206DCFEB2ED71AAF7696DEFE34EA307921735FC72B4DB6B70A3381936CD90E384D38DE3C07C4DA7D1DF945EA1796148C40FA29FB5D5F6B2B03311550082ACB87130742910BFA18821380F729791E66454E2289B41FD172A4046B6961374DB62944A7DD572DFFC9B413BCF42773EA14E3562633CF134429FC7AD4F176779302BB421B44AB716AD0752C7D3334648EA3721DB7862D37B1B4C75068B2AA6AF0646A3E758F456E61F894028679F67E6FB9404CC063C005B78E46079984C85FC7A55111B1A7C81A197CF258E60B975FD4307D3AEBEE965D5175F81621E7A67E92CCEE0A503FAD2ADEDBCE717CE1D16177727C3E2205CB6C51D348590A7537013D49765EBBA3BE0588A86B65CCECE87B732AEC3C395D3336349F9366638F567BAEEC782495972869E9084D7A1DA6B97055FBE86EA1979301B62A82501DA13A00523F5C1CD0A6742903ADD15F2670D956BB950B075422CA76485780554D62FA11A461772126334F47CA43CC731BD4F35F48381A341B17154D26492B6185819012D6BAD352AEF19646516E790E49E5BF0FE74ECA7C850D0D75AC74160B953B43211AA5355E967D6305B2E1FC1170A01E4D3715F706680C7F628D41594D8954532338B3F30B90EE2A2DB0C42C7AF348FF12E410F523F81BAD4F41ABF92488726C451E4FFC160BEFC518A44660256687164B2606DB65CA8F8B06EB08A75DFCC0AE387881224C":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:8192:0:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export FFDH RFC7919 8192 public key: export buffer to small -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_8192 import_export:"3D1EB2C023E54A123420B9587F6985AFFCF6FE75A2F1768866CBAA10ABD5B7448409EFCE8786C0BD1D325FBAC47119A846C63103DAA8BC5FAF427C69D07AFE2FA0064A8BE9C33E30E6926A57850248EAAD8F0FA887452FF1467064DBE4041950CBFF55763AB58E1F2300C9B133E5D0FBD18604B93EC16BEA9CE340AC92B18DC188629A5D7FEC64601334CDBFEBD8126BE4743440C9A48F03F37298548C2EF226D44C296F440EB1E5F1128F203120ACE6C45D3CA992998CCF68C301CC4A32CF852FA4C2968C62D4016AF526FCD61A56F2BF479743D1EB62AD21120563BC1CE0D0791920BB89D82473F4DE75BCF6A728490F071899F683FCA10DCF6D9605749810A901F1FAAF96DC6AA0AF1CAFCF61E8A51E9E7A1BF5D9E5FDD6D63ED824CFD4016EF0782946F44E44B1B72B4CF9D4CE5E57A93EB738AEC084F02BBA52C385BCC013C720B0B98B78580AFFA84B0D204866B3FA39D73EECF1E0E6921D5484D929C1ADC7975741A308BCB060A43DF556F278F56CBDBDCE07F7CC8292FB27B3CDDB286E4B5A92552308DD8001F4BABC67C56B8DC6E5C4ED8FC4724A89441433EDD58C68E513E1940F5E6DB512574D7A37974E5739E28C03FECA3134AD8817E1A52BEBDCF2EE1F7DC66B09742005902A977DB0D617B8F6CFD75508F00225BE362D53BCA0AF4BE0D2DAD0A64054CA1204E31217F82D4F95315E54AEBF3BF98E2667A35A0017799C5479F369D8692317CABBB78C07D8314153D22110EA7617091ED755041A6E201F1FD76BC258DF84260369BBB2A1A13B5D266844A25E9A8F1D1279C349E0113CAAAB0A3D4510367E754980328B937CF7BEAABDBA39F4EA3CDE5C9BB6ECDA5BC44CC9EB6BEE6F2FF3698FA393DD4F85507415622CD7C0802240F7CE22F75F2DBA7CB7217352B34C57921B975BF2E73B6DA6A34C11192338C80B986AA3707DA64324056FE7EE2C0754045C7BC596B68FFCB501C186F89D618A76144C9CB35B59370D1D3E668F10A9EF6C851F6AD3FA9FA776E9391F3F143D7928F816EE4F56F756BF450E1B4F87A7B19EFB02850C45F6F7BCC87AA8FF27C474269EB53F3F1E28DD4D6BF1C6B16AD97F10418596D1A3EC5F664773FCA1E93743005C7230D5F8549DAEE3472418A648B91834BA7A19834B48D7E6DB57F7BD92887C366D78532A2497D9B9F35D598E79026F586D4DC1577FDA2B9DD5877A521EB9F3C87DFD77F5EC690519E04E702CE3A5203920A7B891F764CB0B2DDEE7EB01CC55EB45F1BECD4514540F10F03ABBA3E4D627DCEF89F1FADF26034C2D7C36E6776C7163D99BF5CADEFDB142A6CD631D3B58269F0116B1016633B7CD4752E2F636614ABDD27592734B8BFF08E155C350808C6072C42E46F2AEDD83EA6FFBF3EA5AA809B0F9DABF6CD8E2E0E1BC998AAAA0698F44B1819B0D7A19C2067F071A932D10F0281187":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:8192:0:PSA_ERROR_BUFFER_TOO_SMALL:1 PSA import/export-public FFDH RFC7919 public key 2048 good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_2048 import_export_public_key:"2898897F34E672DAE8E629C6AD5D525A8ECCF88CEEB2F7D456DBC726D4E4A473A57F530BB6A7A67D58A560C2FDF51C9E4826DB48F408150CEAFBD32766C03D277D611139AA9F4017B0125EEA089ECD906EA0854AC0A435507DEC05C3CF2F37F98ED987E13E4795BB44051F231753C9BA3023D1A9E969FD98AC21091F704F6AD5B49B2F95DE7FA0CC1B6D9FC1DAD308EB2D1B021D8EA99959BD0BBA3CD5AD33C4B4A608A74B42B6C0342CBCFE3F41ED0752389D7A982DE512514EEC4C6D1165D3C52485A02EF310E2A4C0B5197FADE3D6F768E81AA01926FEAE92040706A621676200F6F80B51D0B4CAC38A406778D81EF3CB68EAC2E9DC06ED8E47363CE260E0":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"2898897F34E672DAE8E629C6AD5D525A8ECCF88CEEB2F7D456DBC726D4E4A473A57F530BB6A7A67D58A560C2FDF51C9E4826DB48F408150CEAFBD32766C03D277D611139AA9F4017B0125EEA089ECD906EA0854AC0A435507DEC05C3CF2F37F98ED987E13E4795BB44051F231753C9BA3023D1A9E969FD98AC21091F704F6AD5B49B2F95DE7FA0CC1B6D9FC1DAD308EB2D1B021D8EA99959BD0BBA3CD5AD33C4B4A608A74B42B6C0342CBCFE3F41ED0752389D7A982DE512514EEC4C6D1165D3C52485A02EF310E2A4C0B5197FADE3D6F768E81AA01926FEAE92040706A621676200F6F80B51D0B4CAC38A406778D81EF3CB68EAC2E9DC06ED8E47363CE260E0" PSA import/export-public FFDH RFC7919 key pair 2048 good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_2048 import_export_public_key:"2A45292441157B3C25572F76A5CDF960A7BDBF06731D783C5BF8920FB94CCC3D5DCCF86A3CB66B4E3AEDD23106222458ACF3F72C753CB67C2E19AD399566866FEBC16C3B4DC72773B4709047AE1AEC2D9107C2041B06B86A8F604465B26E0E753D6B10772798B3797232D950A36F2D4B33B04B36DE73AC6B8A7365015DF5745A1F892728B0CA947702C36E3BC646E72E23E80C345DBB014B7F93B36C80B4051F9A716D19B980861E86D62977466565462FBD3C1BB4EFD630DCCBEB351A7FA95602B7FE23903C7C7DC999950493BEC028AC42346858FAD969452DCF1DE9AD445F7F928D63B75FA86E8C1D722AB242D91995D3545A1791D72B0F384E74B45C7C01":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"AA396C4E08F47E499243FF17B3E0D019415A52FB6E31FCA71B2B9F46FE84E3A611757DD414A21E1BE8A8FFD60479348245918F7D771EC4A78733F627F72CE0FE1717EE3950B4DB7982577A332CC66C3F3EEB79CD604568644FD3EDAE35A08F3C75C7A99E1A24CB8B56CF7D102984568C0D93BAB9C760F22BB2AC3BEE62E532010E6EEB5A3FB2ABE1EEE1562C1C8D9AC8F781B7283C846B435F4BD4F437EE4D60B97B6EF6ECE675F199E6A40EEFFDC8C65F2973B662782FD2069AEFC026560FA57DE67474AD1A5C8837FF0644F6D0E79161DE5AC38B4837818A5EC38D335D6ECCCC1F9FC676D3548BA30635C5DB24C02BF86977E401E47C3262B81C84C340D729" PSA import/export-public FFDH RFC7919 public key 3072 good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_3072 import_export_public_key:"8B6C629D0251EAA04FF127A9E2D748D744813E6F158F7BA3E4BBC50F928F9EFD689A7DDDA44023F0177DBDA344B2A9B9FED648F911118EA3C4ADBB6D3B1A85880BA80DD28B6E6FBB766D1B6858618013AAFA5A8FD4290E7D52FFD75682CB0EDD99B7AD314F4F4780F00114C344BA0574AD59975DD4FB0A93A46F1BBE98A52C21735381BCB8D3886F0345C4ABDFAD2C1B877E910D64AB4F57CCB419E386E3C81BD09E5755F88E7EA724967AD1C2E8D7AC2B2417CD6B0EB9C1366B413A461BF3249316B71912496EBA269A38E90CB324BA06BEA3B555D5E0D62EF817B2503017AD3D120EAC0CD61FB0A5C71E1C50FEEC90F4CFB11890AF21C2F1EDB501B2BB44AE3CED3C64204033144F293F696FEE4468623B3EFA405C2C00B9CD040B52442DA32C3C23E33930E4129390A5BCD061198C75AFE7DA8FF0EADA0DE931A5233C7C46D36C02B855315084CCDA54BFD155CEEA2C0C17AFB80987C54680828E1B9B2F6D2BB5FA3F7E70455CE8B66AC2D54762BB6D76CF6CE345BCD6CD2AF6A56010F512":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"8B6C629D0251EAA04FF127A9E2D748D744813E6F158F7BA3E4BBC50F928F9EFD689A7DDDA44023F0177DBDA344B2A9B9FED648F911118EA3C4ADBB6D3B1A85880BA80DD28B6E6FBB766D1B6858618013AAFA5A8FD4290E7D52FFD75682CB0EDD99B7AD314F4F4780F00114C344BA0574AD59975DD4FB0A93A46F1BBE98A52C21735381BCB8D3886F0345C4ABDFAD2C1B877E910D64AB4F57CCB419E386E3C81BD09E5755F88E7EA724967AD1C2E8D7AC2B2417CD6B0EB9C1366B413A461BF3249316B71912496EBA269A38E90CB324BA06BEA3B555D5E0D62EF817B2503017AD3D120EAC0CD61FB0A5C71E1C50FEEC90F4CFB11890AF21C2F1EDB501B2BB44AE3CED3C64204033144F293F696FEE4468623B3EFA405C2C00B9CD040B52442DA32C3C23E33930E4129390A5BCD061198C75AFE7DA8FF0EADA0DE931A5233C7C46D36C02B855315084CCDA54BFD155CEEA2C0C17AFB80987C54680828E1B9B2F6D2BB5FA3F7E70455CE8B66AC2D54762BB6D76CF6CE345BCD6CD2AF6A56010F512" PSA import/export-public FFDH RFC7919 key pair 3072 good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_3072 import_export_public_key:"c60a421e82deb778eb468760296ee4faa0b58ef058966fc457e8015185bb6c500677bf5a5a88bd8dedb5307ccc3c980a2bbe9a439c6b0c7af6c961e5b9c06f47212fc0e726da2f5bdd3542fba74e1dc2294caa1f363d942a92a391acd84aecd045a4a318db00785129ba171b31651b0e930eb8110a642dd63ef5ae1bb8c6e3b3971507c4057530d51ca14182e884974e20723dbfdd5778fa0ec78fbab26811c097f0dd291ccd7a6967caf5163fa04ba921448e1d3ec8de4ff3bc87dfdc35e53ba1bd4310fc9c98f68332ea0483ec051900e438fa3e5bcbf901771c740114922a7d9a74257befca7f9b62b2991ef6c58dbb1e516bb1ee18c8709f134ab7bb2077ec03356279a46f2978e6a89df22b0120223f6996c290607e98ecf14c36e2db62e80575329f4787ddc7b72856cbb0c4fa2dec9b391698832f559cbef49979c72e63cb3dad5d948f1c00219b47359fa75ec3fd352aa0223773e246c2fce492200b3a6e213e5e30d69cf3f56af43b0c09c0d647784b2f209c4fd1abb74b035d1ad4":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"c6dbc8151d22313ab19feea7be0f22f798ff9bec21e9da9b5020b6028395d4a3258f3db0cee7adda3f56864863d4c565498d59b205bcbcc3fc098d78efd4e6b4e09b97971c6fd00cd2fa63bb0b3c7380cc1c19fbb34d077fda61c4a71c254242aa5870786b5d0fd3cb179f64f737eb7ab83b57ca70f93955f49b43869ca2ea441650f48a516137229be2926b02129de4089c9d129df7d76848ecda1bcecda1cf95df195e8e388ee70fac0f1c4d9b38e745b067ee88b32e6d59cb159a95852f18b121f85fedfbb6a2c6962ed70cc1ae471813e1bdc053abacccd1eec79359a6f15ec55d92bbf3890b912fbbb2c029407e1493315394a290f4ce81c0d9dccfbab386b745145cb173b9e08f018d309200691b72acafb313cebf483ff8810080bce9516aa5382a18c3c10965a33176d93d8c51f83d6fca7f606200bb7c779a891fd65dd7ed6972f6835f4e94d928f89f1d0ee204b1ef073a761c65241a76f254695ac31842600aa0753c94e6c805c24ed101bbb26c96928db1166a91c7fea8bc3b90" PSA import/export-public FFDH RFC7919 public key 4096 good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_4096 import_export_public_key:"BF50F1FDD8B6B5332047A808088E669F06D6CA71A59CB7CA9FB48EB47E1F179C531B15382D2D0382D18CD77E1A517BAA4175D59795898DABECCA469981E4C69EBC62B35936791F6B03E37EF39945B80503113C97474967AB4832EBD7E30ED4EFA47B49080D69B88FD7BD33847B7E6A7D0024AAD08C829CDAA44EC7C6E4013E6321DD64975E323A9779EE99FA7B210232F20B198A3AB6A0FAC525785777A084AB71EB58367C04FE456EA3EF260C1091FDC94781485784D110CB0EBCF4ADE74FBED11D59FC53CD66B3743603B06587DC47D4DBBE46CAABA2EA3190D0D859D3B5B8AC604F069D178E551E85AC26AD2BEBD22A27E9D517DEF70DBE15ECB5679881D522228377BDFDAC76677B4AEC68853EBA16D72087184ECA46DB62D4DCAADFDB9BF0029CD6C7711DD94ADEC835FE7145F371DAE027711DAC6820720CDFA2A61C97CFE84576B8C462A1FBA5C15F4E3AB55E10285A4F64B7124ECFEB5F517A065A0F1F8D7AA0E5189BDE525A34E7B17B78F15BECCD02CFF8AFB3DDFCF8809B6FD34683D7E87F3810C9658F1A4BD8495C163FB2F012E82CF22183361ABE0035C9A974386DF07886348BFA1F69BA35A77E3903741B9BF8B300D4BF67AB4A25D26EF8ECBD8965A398A2D38538C6BF59636622A404DCA0CCABE06395D209E24FE9DE738152E3A049FADEF4FE9585F84197383DF7AAC40DE842B2333A4C29855C25D40B3B":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"BF50F1FDD8B6B5332047A808088E669F06D6CA71A59CB7CA9FB48EB47E1F179C531B15382D2D0382D18CD77E1A517BAA4175D59795898DABECCA469981E4C69EBC62B35936791F6B03E37EF39945B80503113C97474967AB4832EBD7E30ED4EFA47B49080D69B88FD7BD33847B7E6A7D0024AAD08C829CDAA44EC7C6E4013E6321DD64975E323A9779EE99FA7B210232F20B198A3AB6A0FAC525785777A084AB71EB58367C04FE456EA3EF260C1091FDC94781485784D110CB0EBCF4ADE74FBED11D59FC53CD66B3743603B06587DC47D4DBBE46CAABA2EA3190D0D859D3B5B8AC604F069D178E551E85AC26AD2BEBD22A27E9D517DEF70DBE15ECB5679881D522228377BDFDAC76677B4AEC68853EBA16D72087184ECA46DB62D4DCAADFDB9BF0029CD6C7711DD94ADEC835FE7145F371DAE027711DAC6820720CDFA2A61C97CFE84576B8C462A1FBA5C15F4E3AB55E10285A4F64B7124ECFEB5F517A065A0F1F8D7AA0E5189BDE525A34E7B17B78F15BECCD02CFF8AFB3DDFCF8809B6FD34683D7E87F3810C9658F1A4BD8495C163FB2F012E82CF22183361ABE0035C9A974386DF07886348BFA1F69BA35A77E3903741B9BF8B300D4BF67AB4A25D26EF8ECBD8965A398A2D38538C6BF59636622A404DCA0CCABE06395D209E24FE9DE738152E3A049FADEF4FE9585F84197383DF7AAC40DE842B2333A4C29855C25D40B3B" PSA import/export-public FFDH RFC7919 key pair 4096 good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_4096 import_export_public_key:"f085888f40e34d91c989fadcb9c3e8be8f4a270d75b90d78c9b3d7569e09662b7767d90112a4a339bc42e661bd0e464b26ba4eb07dee300dfdc38373ec17a5a4e86f3f4b5ae6c9700f8381ac93b564bc0b1ce64e03bb825aa21a8e87e572ccb13a5a7b2942e4b91a321c5b5cf87b8bad4042c5b8ba971870061f7bb0869e57205bd64ed41026d5093227eb9fc4abca6160376b9b9ebbf431b6cc7a362726f553ffcca07ab3fed69a60c1a3d6d7caf989c57dad04eae71dc7e5da1bd6a65d3f4509959f61741ad91b6bdc98c0cae835cea940048d325f1db5e6217b8a0c977741511c967330819115d325a6da3ac003b66364e52351b34de0e954d5df7301ac0c2772c461872b72c9c3bc810789d16d22f57fd57338487ff66fd01434fa08a57eb7b089686cda86c9dc9220e11409c5ecd7b2988c151ee24e19a5c5685b4824c60a29ee363e75f783d97a57cda08a9e2152769957163272b3d5e82cdcda71300566356c411dc01a2c24507693c819755568ea461b755e89e9ab150e243ae97d5878f58ba87be9a6bab3726e962f92e2305999cafd65aa32f486ccf2edea46ab4b4cd7e3130f2e69102e6a4d7104db2f9a66d0ddb4faa3ae34b3bac6007bdfc66541bc3f45db3eb730ba80e102850604fd64e3cf047825246264ad8e1e716aa44a99275aab9ebf0b26f703af7460a8e502088a311d7c571bf0905031ea6561a928":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"e0c2e35be32adb92560e6557d07ba9bab295792063a2724f9e381e9f2644423e73efeb074ddee70388444bc1a67edfe496a6c38eafff45ec500278f9b896a6fb1de4a59461e6fcf1de17867018e0c362876ae107fd4287383989a4ab41cd44844b103cf58085aa52b49527df433446fa5c4665037475e8f78c8d64d5d60a462603d292d02c539329e9d48c25e05083fa98fd6a513c84f0e2ced9121c2f5922559abb5e2fe3081e6bf2256d6043af211a70fe48e371bf683b953f199821fe0fbe924151dc772e72db53492ba5613bcf5661b7ed419fa02f332443be5f8b97908800077306abf6fd796afdbbdbc2badb21501ccee5ed67635b3cf37819f5d1db5370d77960ac0535a029b0af1bf634679367d35db0e7f38bbe0a022392efefc6b8ccf1e9f53bd7ac28012f6bf5e3701476606eb4649c64377b1e0c418840486bb4a286ebaf685449061ee375487e9e9164d0a7c9327c7b667b1933dc3adb11358e76457d594c19b88e8a689107c641d3503a7639159f3cdae7f58398204d29895e84fb82e192b796866c27d8373a36c5c062a445f6fd515e561d7c2328e7424057229689fe7851432f706f21e114f74d21ca3b01f1aa57d2743f28f8dbfa5ef5c584de2012d82ee978bb7cd713001237e76b5ee12e3cc51393cbcfe1717cefdf885022f18e66661097fe1ce91d0508e1931cf3774bd83d8f068711e09943b82355" PSA import/export-public FFDH RFC7919 public key 6144 good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_6144 import_export_public_key:"201757BBAC6FF53E1966C29822B5154F56E332DCE1370D3A117B380D9C63FBD98F027F434EFBE530581BB1A0ACEDF30D749854F6BFC3E2E9F24A75B9109DB1FC787BB2D1DEF56414E6585757C5F84394AE9D7DB98AAADB5BCE0E4E55397B54E5DFAEDFB8CA87E6CAF0FC40E77421129F8D020287E7BD0330F60A7B01257FE36E1270B27D39F96AA464AF60C9DF47979517D7E9F0F68F93138BDC06E8F6F0AB39C90DA731925D26E48C24383425B22244D092BB9D6E3192467A91B27F0073C507D0615C3042F7432903E83494C2214089BACEF60A2D670E9D0EA0DC2F882E6AB90EC26A0CC4F9ED3DAF3912304079AA2447573AC51AAD69F4DFA07A03780922B4C7BACB286767EF758454526319C92F1486FA75E63E8EB2CBCA2A11938FE0BC5A9B50584505E16A3C8E2A599F8E2192BEC986DA602AD980190955B4AC8EF86EAF6EAFCFF7438ACD4DF64E407E675C0A114E04A9360A4431B6C0AB249B023BE89A41DA36FDFAB0FA3247DD9280EC538F724C6AF8CECD22DA87E91959AC12B690175937B7DB09B12FEE5D018802A4E561AE4F671C5569C73E928BBD66A494BBEF7F0DE8F00FED7546068E7F82F6317106885F0138AFD399DF9A8FB83C345840129B485EAD2C570BDAC992515663FCF86769808DFEFB9426D6938E5799104F197D3A3BDFFF8C4BF5E736E8B78FDB01D6C61DEAC56BC9BC8073FD4BABCCFC6D15253CA7F9FBD06F41D3F490965671F778812F5237791223FF9A1E6DBE2DD318570786051A74E58FCD0AA1BAC8CEF0656A1AD230E0578F6EC60C275C7FBAF01053DFE093DF049531282BFE7E459236D9B7315DFDB72105BD2A1509238F1CC488F3CE8907C4F931EF89FAC9D6C7D624D6BE70169A283C97E95E28DA1B90A2311733565BB082BA845BE97EDAB6698EE25E35988149B61ED64F1F41D54CD2EECB8224A22C118666551067F607B5B5C569DC8AF082D3CF0782FFC638F149765F9BE50CC52C157A58936B3E0CAA89891C71F5B960A46020AC8B7F449C8753561812B9CE313A932D3F7FD7AEF526E6BA47FE569A180CB96C5C3081A73407B52D53C6FEE6886D":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"201757BBAC6FF53E1966C29822B5154F56E332DCE1370D3A117B380D9C63FBD98F027F434EFBE530581BB1A0ACEDF30D749854F6BFC3E2E9F24A75B9109DB1FC787BB2D1DEF56414E6585757C5F84394AE9D7DB98AAADB5BCE0E4E55397B54E5DFAEDFB8CA87E6CAF0FC40E77421129F8D020287E7BD0330F60A7B01257FE36E1270B27D39F96AA464AF60C9DF47979517D7E9F0F68F93138BDC06E8F6F0AB39C90DA731925D26E48C24383425B22244D092BB9D6E3192467A91B27F0073C507D0615C3042F7432903E83494C2214089BACEF60A2D670E9D0EA0DC2F882E6AB90EC26A0CC4F9ED3DAF3912304079AA2447573AC51AAD69F4DFA07A03780922B4C7BACB286767EF758454526319C92F1486FA75E63E8EB2CBCA2A11938FE0BC5A9B50584505E16A3C8E2A599F8E2192BEC986DA602AD980190955B4AC8EF86EAF6EAFCFF7438ACD4DF64E407E675C0A114E04A9360A4431B6C0AB249B023BE89A41DA36FDFAB0FA3247DD9280EC538F724C6AF8CECD22DA87E91959AC12B690175937B7DB09B12FEE5D018802A4E561AE4F671C5569C73E928BBD66A494BBEF7F0DE8F00FED7546068E7F82F6317106885F0138AFD399DF9A8FB83C345840129B485EAD2C570BDAC992515663FCF86769808DFEFB9426D6938E5799104F197D3A3BDFFF8C4BF5E736E8B78FDB01D6C61DEAC56BC9BC8073FD4BABCCFC6D15253CA7F9FBD06F41D3F490965671F778812F5237791223FF9A1E6DBE2DD318570786051A74E58FCD0AA1BAC8CEF0656A1AD230E0578F6EC60C275C7FBAF01053DFE093DF049531282BFE7E459236D9B7315DFDB72105BD2A1509238F1CC488F3CE8907C4F931EF89FAC9D6C7D624D6BE70169A283C97E95E28DA1B90A2311733565BB082BA845BE97EDAB6698EE25E35988149B61ED64F1F41D54CD2EECB8224A22C118666551067F607B5B5C569DC8AF082D3CF0782FFC638F149765F9BE50CC52C157A58936B3E0CAA89891C71F5B960A46020AC8B7F449C8753561812B9CE313A932D3F7FD7AEF526E6BA47FE569A180CB96C5C3081A73407B52D53C6FEE6886D" PSA import/export-public FFDH RFC7919 key pair 6144 good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_6144 import_export_public_key:"E4012A5FD17FB739867A475501A75212E2C1DA5376693759A1B5FC1523927D0DBF907037232C43416B4AA925D65A154FC1E13F72C7643E431C480A7799F09F66F8CA816E66E82E75B79A6D2C4DB6CB6D7532B020FBC69D7BBE80881A7778C66BEFD4F01450BD8E1DA05FFB59D8331C6E3281E67EDF3EF557A5800D4C1683105EB0BEAC112BFB5421172A637092808765A1648C7AB8DF5F06B612057360F5FC31DB0BA347215DAE18375012019CEDE239E8C1EC5B53981C7835DE8220E18C6E4AB9804B6DEC78F04C2E433A382FB3FB0DE73F8E48ECC3C252A62BC279D6147F5D3D815170468BBD53AF489B4B6F02386F25CAB22B54C9A8178585484DD5885F3D7FC4FD389DAFAB3D6809E72220298A33558F0B441E1CEC15811E8765319BAE0B3F799A2EB86E9966CD889145273B870A0B07B65E0367146608C8F554C587014CEFDF0433370B300DF43AFD59D71F937B23CFF25F9A66BF53AD34125960504450E0F17C275C7DAD24CF527C3F05BC2F53B046563C55D8C40CDA448F102F0B5475F287704A424E76335034DE2847177C0E606A6249D152650E78B22A1A9FE3FC7789C1FE74463BBC5FC71E840294C8B45349A2D045CFE679575950B61F3882D57806F2A9644D8BB3790FA268742AC19C44E7F1724DBDD67A4D8A11E114C7E3EF74195428725A645D54CC9F1F48CA9A7E2EAF3C2261A7E4AE58F9A5D223A1C4922BE932250C49DAB04CE8DB0E3A4A9D87551A2D165B618E3954E980844DA3EE1450A7C9F533B09F085038B7C923F06BC679808682279107804328EE9B7286782C0CDF92333D38900467B039C950C684A60AF5667F343B4BAA658E68967F0EBBA72695AF073A5A08B647D855265544EC291B01ED6420D2FBF878E5B0BC46EB1F8A2C1BD6A945CD8CCB0035BD11023603C0202E1B05551E3E964FD9F1D470D5E4FA08CFDD9E1F11A99E14C550C1024F642147A3B01E58EE3E5D75D5DC4D538243521526CF615C8616172448C8F81F1B36E110C161C109D6308F1F29F188375611C943313945670247AF0C9AFDF25E3226AA07D442A8057FAEAF251D463434EF18524A":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"201757BBAC6FF53E1966C29822B5154F56E332DCE1370D3A117B380D9C63FBD98F027F434EFBE530581BB1A0ACEDF30D749854F6BFC3E2E9F24A75B9109DB1FC787BB2D1DEF56414E6585757C5F84394AE9D7DB98AAADB5BCE0E4E55397B54E5DFAEDFB8CA87E6CAF0FC40E77421129F8D020287E7BD0330F60A7B01257FE36E1270B27D39F96AA464AF60C9DF47979517D7E9F0F68F93138BDC06E8F6F0AB39C90DA731925D26E48C24383425B22244D092BB9D6E3192467A91B27F0073C507D0615C3042F7432903E83494C2214089BACEF60A2D670E9D0EA0DC2F882E6AB90EC26A0CC4F9ED3DAF3912304079AA2447573AC51AAD69F4DFA07A03780922B4C7BACB286767EF758454526319C92F1486FA75E63E8EB2CBCA2A11938FE0BC5A9B50584505E16A3C8E2A599F8E2192BEC986DA602AD980190955B4AC8EF86EAF6EAFCFF7438ACD4DF64E407E675C0A114E04A9360A4431B6C0AB249B023BE89A41DA36FDFAB0FA3247DD9280EC538F724C6AF8CECD22DA87E91959AC12B690175937B7DB09B12FEE5D018802A4E561AE4F671C5569C73E928BBD66A494BBEF7F0DE8F00FED7546068E7F82F6317106885F0138AFD399DF9A8FB83C345840129B485EAD2C570BDAC992515663FCF86769808DFEFB9426D6938E5799104F197D3A3BDFFF8C4BF5E736E8B78FDB01D6C61DEAC56BC9BC8073FD4BABCCFC6D15253CA7F9FBD06F41D3F490965671F778812F5237791223FF9A1E6DBE2DD318570786051A74E58FCD0AA1BAC8CEF0656A1AD230E0578F6EC60C275C7FBAF01053DFE093DF049531282BFE7E459236D9B7315DFDB72105BD2A1509238F1CC488F3CE8907C4F931EF89FAC9D6C7D624D6BE70169A283C97E95E28DA1B90A2311733565BB082BA845BE97EDAB6698EE25E35988149B61ED64F1F41D54CD2EECB8224A22C118666551067F607B5B5C569DC8AF082D3CF0782FFC638F149765F9BE50CC52C157A58936B3E0CAA89891C71F5B960A46020AC8B7F449C8753561812B9CE313A932D3F7FD7AEF526E6BA47FE569A180CB96C5C3081A73407B52D53C6FEE6886D" PSA import/export-public FFDH RFC7919 public key 8192 good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_8192 import_export_public_key:"3D1EB2C023E54A123420B9587F6985AFFCF6FE75A2F1768866CBAA10ABD5B7448409EFCE8786C0BD1D325FBAC47119A846C63103DAA8BC5FAF427C69D07AFE2FA0064A8BE9C33E30E6926A57850248EAAD8F0FA887452FF1467064DBE4041950CBFF55763AB58E1F2300C9B133E5D0FBD18604B93EC16BEA9CE340AC92B18DC188629A5D7FEC64601334CDBFEBD8126BE4743440C9A48F03F37298548C2EF226D44C296F440EB1E5F1128F203120ACE6C45D3CA992998CCF68C301CC4A32CF852FA4C2968C62D4016AF526FCD61A56F2BF479743D1EB62AD21120563BC1CE0D0791920BB89D82473F4DE75BCF6A728490F071899F683FCA10DCF6D9605749810A901F1FAAF96DC6AA0AF1CAFCF61E8A51E9E7A1BF5D9E5FDD6D63ED824CFD4016EF0782946F44E44B1B72B4CF9D4CE5E57A93EB738AEC084F02BBA52C385BCC013C720B0B98B78580AFFA84B0D204866B3FA39D73EECF1E0E6921D5484D929C1ADC7975741A308BCB060A43DF556F278F56CBDBDCE07F7CC8292FB27B3CDDB286E4B5A92552308DD8001F4BABC67C56B8DC6E5C4ED8FC4724A89441433EDD58C68E513E1940F5E6DB512574D7A37974E5739E28C03FECA3134AD8817E1A52BEBDCF2EE1F7DC66B09742005902A977DB0D617B8F6CFD75508F00225BE362D53BCA0AF4BE0D2DAD0A64054CA1204E31217F82D4F95315E54AEBF3BF98E2667A35A0017799C5479F369D8692317CABBB78C07D8314153D22110EA7617091ED755041A6E201F1FD76BC258DF84260369BBB2A1A13B5D266844A25E9A8F1D1279C349E0113CAAAB0A3D4510367E754980328B937CF7BEAABDBA39F4EA3CDE5C9BB6ECDA5BC44CC9EB6BEE6F2FF3698FA393DD4F85507415622CD7C0802240F7CE22F75F2DBA7CB7217352B34C57921B975BF2E73B6DA6A34C11192338C80B986AA3707DA64324056FE7EE2C0754045C7BC596B68FFCB501C186F89D618A76144C9CB35B59370D1D3E668F10A9EF6C851F6AD3FA9FA776E9391F3F143D7928F816EE4F56F756BF450E1B4F87A7B19EFB02850C45F6F7BCC87AA8FF27C474269EB53F3F1E28DD4D6BF1C6B16AD97F10418596D1A3EC5F664773FCA1E93743005C7230D5F8549DAEE3472418A648B91834BA7A19834B48D7E6DB57F7BD92887C366D78532A2497D9B9F35D598E79026F586D4DC1577FDA2B9DD5877A521EB9F3C87DFD77F5EC690519E04E702CE3A5203920A7B891F764CB0B2DDEE7EB01CC55EB45F1BECD4514540F10F03ABBA3E4D627DCEF89F1FADF26034C2D7C36E6776C7163D99BF5CADEFDB142A6CD631D3B58269F0116B1016633B7CD4752E2F636614ABDD27592734B8BFF08E155C350808C6072C42E46F2AEDD83EA6FFBF3EA5AA809B0F9DABF6CD8E2E0E1BC998AAAA0698F44B1819B0D7A19C2067F071A932D10F0281187":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"3D1EB2C023E54A123420B9587F6985AFFCF6FE75A2F1768866CBAA10ABD5B7448409EFCE8786C0BD1D325FBAC47119A846C63103DAA8BC5FAF427C69D07AFE2FA0064A8BE9C33E30E6926A57850248EAAD8F0FA887452FF1467064DBE4041950CBFF55763AB58E1F2300C9B133E5D0FBD18604B93EC16BEA9CE340AC92B18DC188629A5D7FEC64601334CDBFEBD8126BE4743440C9A48F03F37298548C2EF226D44C296F440EB1E5F1128F203120ACE6C45D3CA992998CCF68C301CC4A32CF852FA4C2968C62D4016AF526FCD61A56F2BF479743D1EB62AD21120563BC1CE0D0791920BB89D82473F4DE75BCF6A728490F071899F683FCA10DCF6D9605749810A901F1FAAF96DC6AA0AF1CAFCF61E8A51E9E7A1BF5D9E5FDD6D63ED824CFD4016EF0782946F44E44B1B72B4CF9D4CE5E57A93EB738AEC084F02BBA52C385BCC013C720B0B98B78580AFFA84B0D204866B3FA39D73EECF1E0E6921D5484D929C1ADC7975741A308BCB060A43DF556F278F56CBDBDCE07F7CC8292FB27B3CDDB286E4B5A92552308DD8001F4BABC67C56B8DC6E5C4ED8FC4724A89441433EDD58C68E513E1940F5E6DB512574D7A37974E5739E28C03FECA3134AD8817E1A52BEBDCF2EE1F7DC66B09742005902A977DB0D617B8F6CFD75508F00225BE362D53BCA0AF4BE0D2DAD0A64054CA1204E31217F82D4F95315E54AEBF3BF98E2667A35A0017799C5479F369D8692317CABBB78C07D8314153D22110EA7617091ED755041A6E201F1FD76BC258DF84260369BBB2A1A13B5D266844A25E9A8F1D1279C349E0113CAAAB0A3D4510367E754980328B937CF7BEAABDBA39F4EA3CDE5C9BB6ECDA5BC44CC9EB6BEE6F2FF3698FA393DD4F85507415622CD7C0802240F7CE22F75F2DBA7CB7217352B34C57921B975BF2E73B6DA6A34C11192338C80B986AA3707DA64324056FE7EE2C0754045C7BC596B68FFCB501C186F89D618A76144C9CB35B59370D1D3E668F10A9EF6C851F6AD3FA9FA776E9391F3F143D7928F816EE4F56F756BF450E1B4F87A7B19EFB02850C45F6F7BCC87AA8FF27C474269EB53F3F1E28DD4D6BF1C6B16AD97F10418596D1A3EC5F664773FCA1E93743005C7230D5F8549DAEE3472418A648B91834BA7A19834B48D7E6DB57F7BD92887C366D78532A2497D9B9F35D598E79026F586D4DC1577FDA2B9DD5877A521EB9F3C87DFD77F5EC690519E04E702CE3A5203920A7B891F764CB0B2DDEE7EB01CC55EB45F1BECD4514540F10F03ABBA3E4D627DCEF89F1FADF26034C2D7C36E6776C7163D99BF5CADEFDB142A6CD631D3B58269F0116B1016633B7CD4752E2F636614ABDD27592734B8BFF08E155C350808C6072C42E46F2AEDD83EA6FFBF3EA5AA809B0F9DABF6CD8E2E0E1BC998AAAA0698F44B1819B0D7A19C2067F071A932D10F0281187" PSA import/export-public FFDH RFC7919 key pair 8192 good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_8192 import_export_public_key:"AE5FA06AE9400A03F48C0201F4BF53263185BA76D07AB16B74869F141AEB365EB162806840F7B97C12561F5C6B9EE27521009341E52672786E10CE1615447F30E4D17F1CA049643A8CFDAC3BF66FB93B6C5C4805287D4E63D5DC895535D993203F309908AC8ABC3A96F5EF4E72E7AF59B1DC9D014EECB5609E03045B5F3C3E6C372DC0639390065C53FC911269B27A5A630BB847C8823127839DB138146E3830087AEB2395F3D0147F0C1B26297A7E657A1A430DEE1CE93C3EBEFD155EECC2298E664D77CABBAA51555C7C65FAC2957CF238F9342A39063B2F9C291D3169923DD7C3C275C591196CA350421788A06077137ECF4C41544672E8DC9E634AAB8F30D4E44C4E3BD93076B35D0A0B37F00416035C621D37FBBB434B5E3D460BD64D41CCEE8C58CB6A586C3450CC264709D065B9874129720ECA3CA5F5920F47EE8E203CCA740EFA510F7541B1241D2E036E43258B1530704D4E3A5F6C0001FC4ED82535DF672602BD421884EF381D485D37734411890A6CCCD7009208C72318F6D558A8A508774666D12E50E6DA6EAB016B147D618D729B441835B7D7B85549501A4B66AF7021EB27857C9059EA301F37B24A5E364F39364F7D406625416B9A00C44730A18C35A7D66508C903320B552CA2651724B4422870320C517B7A0B4C031C692B2D7524D66AB3289460535C6F3EFE2E42378B2927691A008734D407EADC93206DCFEB2ED71AAF7696DEFE34EA307921735FC72B4DB6B70A3381936CD90E384D38DE3C07C4DA7D1DF945EA1796148C40FA29FB5D5F6B2B03311550082ACB87130742910BFA18821380F729791E66454E2289B41FD172A4046B6961374DB62944A7DD572DFFC9B413BCF42773EA14E3562633CF134429FC7AD4F176779302BB421B44AB716AD0752C7D3334648EA3721DB7862D37B1B4C75068B2AA6AF0646A3E758F456E61F894028679F67E6FB9404CC063C005B78E46079984C85FC7A55111B1A7C81A197CF258E60B975FD4307D3AEBEE965D5175F81621E7A67E92CCEE0A503FAD2ADEDBCE717CE1D16177727C3E2205CB6C51D348590A7537013D49765EBBA3BE0588A86B65CCECE87B732AEC3C395D3336349F9366638F567BAEEC782495972869E9084D7A1DA6B97055FBE86EA1979301B62A82501DA13A00523F5C1CD0A6742903ADD15F2670D956BB950B075422CA76485780554D62FA11A461772126334F47CA43CC731BD4F35F48381A341B17154D26492B6185819012D6BAD352AEF19646516E790E49E5BF0FE74ECA7C850D0D75AC74160B953B43211AA5355E967D6305B2E1FC1170A01E4D3715F706680C7F628D41594D8954532338B3F30B90EE2A2DB0C42C7AF348FF12E410F523F81BAD4F41ABF92488726C451E4FFC160BEFC518A44660256687164B2606DB65CA8F8B06EB08A75DFCC0AE387881224C":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_ALG_FFDH:0:0:PSA_SUCCESS:"3D1EB2C023E54A123420B9587F6985AFFCF6FE75A2F1768866CBAA10ABD5B7448409EFCE8786C0BD1D325FBAC47119A846C63103DAA8BC5FAF427C69D07AFE2FA0064A8BE9C33E30E6926A57850248EAAD8F0FA887452FF1467064DBE4041950CBFF55763AB58E1F2300C9B133E5D0FBD18604B93EC16BEA9CE340AC92B18DC188629A5D7FEC64601334CDBFEBD8126BE4743440C9A48F03F37298548C2EF226D44C296F440EB1E5F1128F203120ACE6C45D3CA992998CCF68C301CC4A32CF852FA4C2968C62D4016AF526FCD61A56F2BF479743D1EB62AD21120563BC1CE0D0791920BB89D82473F4DE75BCF6A728490F071899F683FCA10DCF6D9605749810A901F1FAAF96DC6AA0AF1CAFCF61E8A51E9E7A1BF5D9E5FDD6D63ED824CFD4016EF0782946F44E44B1B72B4CF9D4CE5E57A93EB738AEC084F02BBA52C385BCC013C720B0B98B78580AFFA84B0D204866B3FA39D73EECF1E0E6921D5484D929C1ADC7975741A308BCB060A43DF556F278F56CBDBDCE07F7CC8292FB27B3CDDB286E4B5A92552308DD8001F4BABC67C56B8DC6E5C4ED8FC4724A89441433EDD58C68E513E1940F5E6DB512574D7A37974E5739E28C03FECA3134AD8817E1A52BEBDCF2EE1F7DC66B09742005902A977DB0D617B8F6CFD75508F00225BE362D53BCA0AF4BE0D2DAD0A64054CA1204E31217F82D4F95315E54AEBF3BF98E2667A35A0017799C5479F369D8692317CABBB78C07D8314153D22110EA7617091ED755041A6E201F1FD76BC258DF84260369BBB2A1A13B5D266844A25E9A8F1D1279C349E0113CAAAB0A3D4510367E754980328B937CF7BEAABDBA39F4EA3CDE5C9BB6ECDA5BC44CC9EB6BEE6F2FF3698FA393DD4F85507415622CD7C0802240F7CE22F75F2DBA7CB7217352B34C57921B975BF2E73B6DA6A34C11192338C80B986AA3707DA64324056FE7EE2C0754045C7BC596B68FFCB501C186F89D618A76144C9CB35B59370D1D3E668F10A9EF6C851F6AD3FA9FA776E9391F3F143D7928F816EE4F56F756BF450E1B4F87A7B19EFB02850C45F6F7BCC87AA8FF27C474269EB53F3F1E28DD4D6BF1C6B16AD97F10418596D1A3EC5F664773FCA1E93743005C7230D5F8549DAEE3472418A648B91834BA7A19834B48D7E6DB57F7BD92887C366D78532A2497D9B9F35D598E79026F586D4DC1577FDA2B9DD5877A521EB9F3C87DFD77F5EC690519E04E702CE3A5203920A7B891F764CB0B2DDEE7EB01CC55EB45F1BECD4514540F10F03ABBA3E4D627DCEF89F1FADF26034C2D7C36E6776C7163D99BF5CADEFDB142A6CD631D3B58269F0116B1016633B7CD4752E2F636614ABDD27592734B8BFF08E155C350808C6072C42E46F2AEDD83EA6FFBF3EA5AA809B0F9DABF6CD8E2E0E1BC998AAAA0698F44B1819B0D7A19C2067F071A932D10F0281187" PSA import: reject raw data key of length 0 @@ -7080,35 +7080,35 @@ depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE:PSA_WANT_ECC_ raw_key_agreement:PSA_ALG_ECDH:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"1c306a7ac2a0e2e0990b294470cba339e6453772b075811d8fad0d1d6927c120bb5ee8972b0d3e21374c9c921b09d1b0366f10b65173992d":"9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0":"07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d" PSA raw key agreement: FFDH 2048 bits -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_2048 raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"4bd2bd426bda18aa94501942095ffe5a9affed1535b942f3449bce8e90f9e57f512c8fdda496c3ac051d951be206365fb5dd03a7d7db5236b98ddfa68237a45ef4513b381a82863cdb6521b44e10aa45de28d040326c5d95e9399ae25f6cad681f1cbf8c71934b91d5c8765f56d3978544784f297aa60afadd824e4b9525867fea33d873c379e3e7bd48528ec89aa01691b57df1c87c871b955331697e6a64db0837e1d24c80e2770179a98cae9da54d21cc5af4cc7b713b04554e2cdf417d78f12e8c749a2669e036a5b89eda7b087eb911c629f16128ab04f0ee7a3a9bec5772cfc68bbd0b492a781b36d26c2ec1f83953e192247e52714c3f32f0635f698c":"6d34e084b8d0e253a894237be9977e1a821b556ed4bc01cda691a927885979b59e55a30daa2a707769474b760e9f1c10544b2ce74b26efa4f069e05ce70471bf6b7e6c08a16fa880930790204e8b482478de0682ce3f58450a4e15abc14d05e13ef773a10a3e8bf2219f8ab556c88dc2a301b362c2d4e94bf2f0006bb36d15a5096ed1342f3f111ccf123ceae9bdc7bc0cde5edc9f0203f35f8a98aff6d75975357733a429364ed3aca32acaf9f857ef751e0e246140eebdfc2b403b644e42c48922f7f6cdaa6a2ef9ddfa54fb83657492f9f9a2c8aa4831601f9b11663e94d968d8be6e121aee2c79156e44aaa650bb26083983a76cc5883538d4794855ded1":"718ab2b5da3bc6e7767a98fb2c172bd74003fae2acffbc9a53d9b358401c1c748da36cab277e9397bc5eeec3010321d0f882d959eb097adddc99745526b213e30dc0df9fb1e4cd3fc27bfb1d6e89c715373439a66b9a13aa1334c84799827c17be1c36c1bc02fe60ea698da790fe4d2af710a435a1aae7fb11cd2a90a17ad87dde4f154b325dc47d8ea107a29d10a3bfa17149a1f9e8a1f7b680bfdca90fb0913c0b681670d904de49d7d000d24060330d4d2e4a2381d78c49e272d313174218561ceeb37e2ef824905d0fa42d13d49a73018411aeb749f7f4fc765bdc6db58bcebd995d4c949b0061f20759e1263d8f9ba3fd56afda07c178997256bb7d5230" PSA raw key agreement: FFDH 2048 bits (shared secred with leading zeros) -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_2048 raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"9156de25da686a831ca0645bfb49df73e4a126ab864393e943b3d12b7ad32cbf21709268bf918c4e03e9a3b54bd230d88f1ceaa2810fae5fd4091d31e76153daaf0da9168a7b39fa85acf618622efd1f70d5866e518f256d0ff90a0c468c41a329fb1dd837b18a4300be0f25b108fe7210705cdc0436df84592c1a8b372c5028d67ed5231f846452c942a5f087b3830aa139b0b045a7ae38903497e4ddd0585ce20504ff70e13dbadf77a73d5514eb9c38feeae3cb773311b360f8304f67cf3f2282e4aad47f1494b5823ae2196a23ca426426bef427e4056df1f9144b20bf0b1f6da451f8eead38fdc5bb71074e4d43e21bc6fa787a681c0ef92c633d73b348":"8a73c0f5d874a2afb718efa66f78c80adf713562145a9f5a1df5f2bb9ead8827eb518a769dc089364768b27b2e49ca465ec7c0710b3054ae256aec25de72bd435b3ede0e17ab50cc8ed102fa6a83a9f09454e59e218b894ee130fbd772fb95a83aba29c6b270daba1f3842b2eae2ad1eafe7945888a55cb459547d6cb0b276d25218df8948a86e49f3fefae9c5b30ca8a7fd1bac1c3a5cb4dedfbcbb5c6e5bafbdf8ffcb37d245260d00658450fad1ced83b5afedc43def222c7196f0531e101b3a777e5f5141597fe8c093485d0c8cc752b03e7f551ef3648b1da330fe3ba5dbbb9f11c1a44ef6c0c9c492b6140391254abb7ae8d3e77b4655ab6dd155ba2a1":"00a376f5bed9c27cfa7fa6e01ecd4094b6a189a6184270ea22cb5b2649a6c4b33682e0625536f7d61722fe85381d8ead8b283496db84f8e6b2eb7c5b015eb15c9bfa5eae290612e2aef4014d6bdce902f5907f73f6722d827b73297d14aa677ed1b75bc26785bb32cf60bed1d9467b2ac069ebe48ee9196bdbaa4565f9cfbff3c31e812c58d65bd5b4c45751d1439930d2ea237030307623a0b149a21077397ec5e2c50610c01f76cdec43ff2f9177a0b3a2b18de2a787d42b6f8bdacdcce49a6884f38c5a729e54ce616da439fc9fd6d7d266188b79e40800f22b8c21adcb1f8ffd2f5225e3dc4c485dc4df8184c04f0dea3b2c3f9b04e42e229fe1a24a77ba" PSA raw key agreement: FFDH 3072 bits -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_3072 raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"c60a421e82deb778eb468760296ee4faa0b58ef058966fc457e8015185bb6c500677bf5a5a88bd8dedb5307ccc3c980a2bbe9a439c6b0c7af6c961e5b9c06f47212fc0e726da2f5bdd3542fba74e1dc2294caa1f363d942a92a391acd84aecd045a4a318db00785129ba171b31651b0e930eb8110a642dd63ef5ae1bb8c6e3b3971507c4057530d51ca14182e884974e20723dbfdd5778fa0ec78fbab26811c097f0dd291ccd7a6967caf5163fa04ba921448e1d3ec8de4ff3bc87dfdc35e53ba1bd4310fc9c98f68332ea0483ec051900e438fa3e5bcbf901771c740114922a7d9a74257befca7f9b62b2991ef6c58dbb1e516bb1ee18c8709f134ab7bb2077ec03356279a46f2978e6a89df22b0120223f6996c290607e98ecf14c36e2db62e80575329f4787ddc7b72856cbb0c4fa2dec9b391698832f559cbef49979c72e63cb3dad5d948f1c00219b47359fa75ec3fd352aa0223773e246c2fce492200b3a6e213e5e30d69cf3f56af43b0c09c0d647784b2f209c4fd1abb74b035d1ad4":"c9185bfe9b6379e0cbded54f23ed487b2a692c697cd1de74c739264ffb26a8d48aca7169c2b8716f493777e79e1a4517f79af50666e57fa821b5982a37aaf92d00805dc92df7afcd60256442264ff368e15012b847f85c7b4c3eacc4bf5c0c49f3018f19ec09a82c11c30cfcd60b07dd59e262e0387cd6473e2ec926af0bbf8d91f7b2dd6564cb5971dfaccf12c044f7c423f4e7309268925a03b51dde987906b40236046d2515e6be4524b27ee7675f2f58be2d2177f1624dab1118d265b8221969dc34686155d6c15390fd42c394ca2f7a3f403364a507b0a8c105c2f1022d321cf5621dfa7a28185856a26e952dc14ee4763fd1ea27b94284880fd86e2f1a6215aa3bff98bbe1b93d397a20647edcb38f043b9dd06f81c62e4caf74dae77b511977c07ccaac5fee2529e867b36bfa2e1488186bab1c7990fcd4c30ce7c9c536f6c3c2b9d2ac4065a4fa7577ff86dbb2df8eed95713e85457b4a52251aefe1bb1b4c8eda66002eeda7d28af37f00673dba3f9f57d1a416abdbeccf75a7a102":"ff5de4e90966aadab8299ddbf8169af2c0d8d0d99a17b4a2e62ff55b36a69fe4566a775970dd0c2904465884b75b67756b0d04b68838e80d8bc84a741cd67d735ba7aec9b55a30cce1df81203fd5deb57bbec027846eb010054b4d5b911041f721358fc8acfc9c5f06d76932f42103adcde97d5607d93303a94fa9f9caea7108ce67a9ce866ef11b2b4ea8c2acb27340735ee8c64e7516e17bff3cf3ede166767f30cada892997f6b5309fc2cca54364678b93d044b4d8e5570e1f64127fcc21d8724fff275290d803df5fa413ec2f5231ce75a58f14a467cb80cc3c4f1f0a4a62ecc17c65f2723d3f7f804b2a02c91adbfea1b2bbbc9cf9a38df29da92a71375447c81c55b8fb4086f71d57e3260da06e08393f6329aa35e673a75545dee66d01e0c7243412c6e2043a984849b67095be3fb3bf39fff291639c57e44fda5d7c1898327c40c1815e88efe0330b4481e462d30e235f607dc9e53d99521f527d65bf3edb4d0332d6d074e652e84a2ffc5d75d1734b55f3b446db122af2a502f8a0" PSA raw key agreement: FFDH 3072 bits (shared secred with leading zeros) -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_3072 raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"1c357f078144dbbf6815e798fbc6d98037a65bbd01961c6eb82d1f97bd0993132cfbba209e95e8a231e3bed2616b41119cc5a2f97d5da71ac2d6d0a6617a4e7b5d61857627cbfa57161de3aa6a2afac23f50e4a35dca1a82376879e695892a88323af1c0728eb1a76b2d3a1684df3f91ced0728f954d5349981cec5e309137f6d4e837d22f24a13fbd7985e2169b61aae812a68a1a4b3427b1e9f8612002b5fd711b9c9518c777c4e554a5109c9f079b929d5895df748a24d659d39e787076a1f1d9237a89b52c296644165d2625c541ff5052371093046f4b6abc28d3d2fbb4eb1cd2aa3d393a030f71c7050681b017febccd3bb947c6dbecf6fca28adb2a0f06e7cd9a6aa6eda160f0a3098bdd7a719f31beda56ffa0e26a212834d0da1f53e0739ef3ddbd119ff61b497d420585e3a8ea7cc3370829297da76edd3fb701d8efff6116dd87e6e542e82a76ab76cf5a75eb4638e817679fe06a5a3f04e67a101d154f4c2ccbf70b8bec0e5663fdd838ac0f4a4da02f0071e514b6c6d0ff3358":"17ec74c211f655be646c2f006056230208dcff38644efc429591562f3869f867e7b79cdfb3e426fef60ca77d9fc80ea39e21ec060321bab3c7820177eba4242d0cd9f0301e4da7146608409add169ed05dfda2702a437f3e2b8cd162a0e50da2682433d50c37cc1aeabc5c7cd8fdd359381a8d192af00d7f41b8c049b1e552b832224b40f9d85c4307f0b76b0e2605858fb33e594ac1d0c04d358209ad47133e76fa8dafd0f2370b1944a4780138618eaf66f6d4961c584aa7a34bcc1c78bbd15e7f5a2b8beaa8f66819dc04eabe08b24cabfe69e2b78a12470162ba6703bbbcf34890b8af761d36c33e3b72f631dbc5dd6f1fbafca18a8498623ea00bd9aa6b426da30e2ebc27075eb589b237d1dc54e215a6b6ec40220f14e320b72c5f702ee496b53a63edd5620294d9be88a862544c561b4e175ff3c094ab3adacc579334cb95fa2d29b17fa483ba50d6270b6478ce4f26b564bec6ae82a60e2c15456c4610b6567ba7d91218b59a670c517179d30d743751ae3c3e777ec1f29af890b2ec":"00abc3c15e3f8156a2785949d76c96c22fffb49b0701c29fb6711b51af0ce2851a8b469b4cb25750e2c35938f848f31f179470e3271eb6b8780ad5d757a2c1353f825baf55e5c76fbf4c73d2f0cdab409e8c4f85c3001da101cc97bea764c72e844cfad5f00cb8a81a5bfce5a4bf62b68ff2d13515064b17f23b7f6e6a65440856715d2696fa1957cc022b29e38fdbb8c2a0a54e22595ed66bc4c74c36d525b60900c7427274a9d60ea289a04715a677fb9c71eb1dbb38e30f30b2af8fa24f18a5a13e9f6ee83aeb4ec3f9452986399e2673ada70826b0a84cf446a21cce41e5119bf50798bc5fc9ffca9febe4ffc9d64f1b8abae11c7c8f5da0da2288b0f7a8aed286af03d06cdb1914fc50054bdd46c289c18b14297c4254b39ab5fd719264841b981c6531a80ebc8a59ebdfec9ae0413f3f9795622fad3bd34778e539ae104b8a85918401b10a3802a81db413bddac66f83b6428a33fe5c217a2d0feef50c8ef933d6e3d0f10d8b8630c52c89ae78385716efbfb855729ad0e5ef39828e6b" PSA raw key agreement: FFDH 4096 bits -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_4096 raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"f085888f40e34d91c989fadcb9c3e8be8f4a270d75b90d78c9b3d7569e09662b7767d90112a4a339bc42e661bd0e464b26ba4eb07dee300dfdc38373ec17a5a4e86f3f4b5ae6c9700f8381ac93b564bc0b1ce64e03bb825aa21a8e87e572ccb13a5a7b2942e4b91a321c5b5cf87b8bad4042c5b8ba971870061f7bb0869e57205bd64ed41026d5093227eb9fc4abca6160376b9b9ebbf431b6cc7a362726f553ffcca07ab3fed69a60c1a3d6d7caf989c57dad04eae71dc7e5da1bd6a65d3f4509959f61741ad91b6bdc98c0cae835cea940048d325f1db5e6217b8a0c977741511c967330819115d325a6da3ac003b66364e52351b34de0e954d5df7301ac0c2772c461872b72c9c3bc810789d16d22f57fd57338487ff66fd01434fa08a57eb7b089686cda86c9dc9220e11409c5ecd7b2988c151ee24e19a5c5685b4824c60a29ee363e75f783d97a57cda08a9e2152769957163272b3d5e82cdcda71300566356c411dc01a2c24507693c819755568ea461b755e89e9ab150e243ae97d5878f58ba87be9a6bab3726e962f92e2305999cafd65aa32f486ccf2edea46ab4b4cd7e3130f2e69102e6a4d7104db2f9a66d0ddb4faa3ae34b3bac6007bdfc66541bc3f45db3eb730ba80e102850604fd64e3cf047825246264ad8e1e716aa44a99275aab9ebf0b26f703af7460a8e502088a311d7c571bf0905031ea6561a928":"f614318e0c2cc96ef5b9cb576e411c7319f9ac4caa626307c110018ff7e5082894147a1989166983f181ffa0ed062d7561af3ad26ef7339faedbcc6d41d3b53bb71f21de285c83af911a9dfc68e6efe5e067b36a5e761dea0b243e5d9af351aea1cd22841062c6beaeac0e66138c9562e3efc922bddb2f2709075ee4356337597fe9bb16c5b21de3017d06a18e98b606931c6a1d96f60fd22c920dbf18210178f844c9c0646a779db31eed21c29dff3556fe6f608c6db80e86229fa05117c624094a7d0c106718e9534de55b469ed03dd545c80b2134f10a073fa1d6b366f46727f630685ca916c84d28417b1753af57248445f81573de06bfb17bf6f3f6e5e72723390719e881d54ce3a76a79e4c3cd78f293f5ca90ca31038c4ae0f6df379177a96ceb0e55a85669335dc634f67d138c40b58474dffa4695c017ff75db55b37d9627836fad1813a9dd13e61ad99b96a488cb49348e1e75aefbad5eac288387381e6d7908c16b42c8f071c24b518feb1b4d38a538e4346e0b88c526125ae5b2fcf8e0f42608f5c5ef47b6b225122d5b6c94c2cf42767ff3df1f29461d72b7fe4eb2273c857d18daf33ed0cce043a5c389d116ba02a9ba5c8140d11c52249019749417950f444529a635592b137d30ee6f15fee89695d99e5f322d2e94c00d43d24aa63e0e68c27566d19e211f7f24e1cb72940cc9dd0b0cf34f69f03ee32be7":"262392693c8ca0da404d0195742df69a6b87d22984765c91e3c9dbbc0293960cf1f9deb7a25998a91f8c6b9756224435fc143f31690af35eb211acffec542c8f8fbea3c9112d666639d40a699467bb195815b8b816363ca44baa4df22eca425fa9ab1471ddf045f4e252090663c1c536dd29623c324c7e18b694f83a6c655fb3d95d5a9831ccc9978f66916e95aff49d973f322e2b43f5632a19d79d615a56539aa2ec8f4441bbf4f8016f8c23407e371e9de212c6f1d7d3ca4093c2648451eef68c03aa251547e94046d5fbdffb5cdc0f713bc390111d6727fc1d11243046203ad6632d91c1df3efa77ce530ff26376a208349f2b18628422c9ae13ef84f4a15c1e05ce5fb92ff55547943db4727d091308deb85f54acb94d14411049924b79da131e736a9af42a3fa7139d0357925f430c6cd4330b01ff66f5f8cca26f4230d562f45d5f75bd6d133114449205263c5631f3d561e2ed81e6aa54376094757cbb6f6857c03574e9f6042dc80ea78be470b836c5371a3fae8c119f67c28f856fe70c2affb46574a4356e995a45bdf35e50a6f3a2556d3d1d7c42db8e63430933ffc4783d571908a1270a3cd20d87678cc288ccc183c7cd7512587536a8e15267dd5af0ad3b501ecebc0ecd9ecfd410ce356f9305e4a32cfcafa676da5b5a9ed9b13a5e4cfc06e87310ccdc3ed988699610d7d3125de13a8ac0b59f782859f0b1" PSA raw key agreement: FFDH 4096 bits (shared secred with leading zeros) -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_4096 raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"d39cf86d9d81011fc48d3bd489decd4cd520ba87e469b5899fae777109ff7b43c8c809814521a8d66ac33099c9bd2a8567a202c21a8b5457603ac1ce95ea9ae705efd69fb7c514295059938d818bb65b7c881d1ef9541346be2131143f51db13109e9a4fdff1ef2208839c89eb1c1d52018c77c33f5b7e73a747002997c75f4a3dcf15e7cd73938ece0cdefc9fcfa2c4b1c3416eb2fecc00ce328b0b2bead58493b3e8c25d3c0a675bf6ce2363917d1e74a7987a464709fcfcd1b512b67dc1023ade2cc027109169ffcb51625fbb0c607946a6009811be07047024bb6e517f388a99a08f2c73b7e0b779d8469797eb3153f2e5ddde2931a8f97c586e20c5e521b84d015a52f8e13d5fa34c32bc118b62d34cf157f1db40423f384a16a78c7e1569a5d754db6216f6412abfa7c440586c506d5be88d5172a311b8f16f70a06162dbab6ee09fea55c47f6538d3775d236cfa50824f5c8bafa44bcd9424aa620ef17466413f35aa6e6eb5c8d8a26a7ffd6e8bda2dc5ada4b296885635fc8a73933de059ff403fb0a322bf6daba24330a7be204c307f44260b4d34000d2142f79654360af82179f9d5e18e8f47c7d94a10fd077f011bdef578a2b57d5a382ca404f67fd3c59d95a3481f1311c7454bb45acba1e1c30acb6a9fbda70aea30a9ca76471dc46e504abae9a06eb9a8cfed83143cffef3c530b03185609a55484aaf9f677":"b7baa37aca4cd56e4107c3e428a7a568adbf678e741ad89f157f66803370618abfd8ec7c159d84a741c276ea119eaf2ec1bc4431a073d92de3dbca1287a37522b2ca4ef8c0a0fa76c1dd5f665d498ae62e5e2925b6d921d797d76d86e27ac8286643c19a2a2b1361fe7dd772766e9511127fd0cf92ad98099a9e1760ad969be0a7df4936f1b37455cbfe3a1ac9b3b83205594f018bb5f64970371d4e5396f4c5e8cf0cffaa4525ee811b39632551af470efc435fab26e3cbd643feb0113bf56fd4bced3ad743e55be2eaefa7d36833f56af570ff773a3a3cf649b1ef62fb300c4c5a70d70e4d6ba1ca405483f036092f5b9f94960306515fcd4a0d8a086d826c105924d05ce5ee3dd7c62d61d1a460772b169fd943824e0efffdde3f27439e112766780bca7b4c82a2c8fac1d18894fcbd40ea5f7f23aa27024870404cf1832cfa025df193f31aa275fc685fb348c321a2186adf32c9cd203cb4b1c49b8afffbfe11e1d443711a5a1da302fa0e52b5143e6ae7aa40ed4828d03a17443f04061f56c2d3b83298d617cd3a78cd84233dda83c4e541e9b98f0f4e7fed504f888ac929f0f3e00e3569e0f0aa95dd811297efa8af84c645d59bb6c2e968c1ba77772d858ff2d7448b65c723f6a87604ce938b670b612b3eebaa795593be2cac1d631c1b7d9baccb2cbebda6019eb42469ae4209a953f48c3cd438cd1b7b06c8c54819":"0053ad8c14e1ec87d76bf9127e084beaead313bf93f0f241442316af144097077da91c83d68c78692dd952036731624ec8ea8bf8bf85f7a278289f667bd5d92a6aa2e41337ee9e6089f8ead48ff7e179c80bedc10fa6e6e0c1511f33afe96f0890e6ef9b6f981f8337e60ada56ce0ed30ab1f6f8b72a3234cbc77db017c470d549173ae203cf73b4a5901a4edf713a866069bc7790e799becde1a088e8c3e3c41ac8f9c9abf8561af51f738577e183197c85e5d3ea5bfc6471577e7daa5cd3ed53f7e72849890d2d1f8ff0a830a1ce6283dd61e5e04b25183b42074e193cfde4ed2e35b25fb57715f74290a612d21e404394d9bc4116952cf962c14149287cf71d7c8bc26a9eac0231a0dfc4ed68fad9ceb195f82ca0012c8c9ff4350bb0a2da913af26fb0f0940541dc3ad788d3cc8512e0dfdf7e5f9604437492ed8b52c5b0eabfa04231a90abbf1b29298f33b55c4e94fe7af4aa94b572d4a7f4cd67de41b90f3224b9ce57d6656835560a8c8d22496d8dd15ac37866dc1b04cdbc23847e5f2bd8d1a5639c6e91612ceba11bd1125a75dbed89f01ba738bd27ca0a788fddcec35b823f986d5be1acc037f56d236eebedf8ec50e831f532194a62740ef45b49511abbe51b7179ec04b1aa752c0182dbef3e099579fdfe2624848bfa1c389a06039bff756d4cc0cb9cb4cc2fd382336afce62a20975409e0fc5a45e7a83416c" PSA raw key agreement: FFDH 6144 bits -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_6144 raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"bbaec0a6c20e67aa77bd9db1f682b20227d3e17944ccf9ea639e437202309c29dc876a8d209e81e59e1d7584284089c4ffb3356e28acca6c94164752e7e331cee7fccdb3d08604a5faaf91c02cab4ea6ad2926e28d1dee9fadd437b2b8a5116c689869c0972529e4c362aaa8427c95f42d8a60c1f38f9f672c837a097bcd1a8c068c11a33ce36517915dae1ba47e2646aef079e6c84b9656991ef0f6ceb9f7f95c97e7232cc5c41c0335aed99169133702cb8d95ef1e9eb5af583f3469a77277243fe61f16dd5b4f9f4972e3d30050f289f891daf8146ff87cf2845c419dfe2ca0525c5e2e8fc6566d7118fadaf0103b24319061f862e2584e5fba1063d55365b78379820d335ee924ac0871ceb3a2a339fba250011371b53426bab5f48e9704b7a9e77d14d5f6cafcfbdb45463e6935be31bc87eafd9b6d228a5b76c2baa6364f450a4ac557dd07ed4b1a13f5603e2b3bb270e831f0f2950f52c52d866fdaeb748a4cbb6f20b332795fffb8cf77a34ef75d8105973f1fdada6a3b050a28c12268104a8f1cce9a86ebce1749a97e9e5f00608229799aa5b7a356fca7b8bb5c7829cb18a136836bb37f5165deb89b33f0b69c473236025bc649d382d008fbc7c8c84390b9d86b173e45fa1e162e0eabd7914f2ec4c26d5350be064fc0d68bf16446188dd4a76ac1267a63b764070b48342a884891eeddbba95257348764c646aef160523af105a719aedb041a28b81516dbe89e80592f687eb341aff447a4165ac145889ae3e8a14c948c82b581b35d8f7d1c4f5e0f838773a472ad0025b1ca0b1c8bfe58c42079194b9aa9c5a1139472e7f917655a3ae297c9a8e3bfa6e108242a5ac01b92a9e94d7b51fbe2732d68f1ec5c12607add5e9bddbe5a4837e9fa16a66b5d83456df4f9febb14158dc5ea467b7cc288fe58f28cade38fa3d4c8864c3cb93bda6d39ad28f7dab8b8c0be34f675d268d82ba6a2e22ba49a5e7de5d08edae35ec17d1419288719a4f82dfb7aad6f7b68c4216c69b83af7438771622e48381841d1fcb6081d41b1b84eae37912b34dc8df1794bb47ad87f94d9c841aa98":"31b48495f611fd0205994fc523bfbc6b72949417f28392d30c1c98878bde0ca467ab6d6fe58522df9749154f95c9683f9590c295cd2b62ff9c59f2a71aaa3f7cb72761740cdcac8994c3623e8c07e2991dac60c2ccba818623013467cfca64f9a3b58523d4a4982571365db08aa9de048303c2a48d1c02c9aafc2ecd6eaae1c5bce8314503d0711d755b59134cbfc773250690121f58fc5171ea34fe88e753d5ab3da23e0557aa326b408c2f55aad2b6f40504509c2203f353bcb17e7b2c61fdcba04c3f8c136ef5d14c38ded6ff0455f59f3052b52b2d45f76a2c3b4b09af388a57ebd9d33393853b83b8033b6973cf662907e62380b66b4ce04b82ab8fcd35f40083a330587e27daa0f84c21fc5d04af03104785f85cb880ae61024cf6cfd1dc14149fdff6653968458fb5761cf2cbf8263e915099eb209d1d149bd7a5b4e48b108f07a1f7c17aa4cbf7b3aa25075956f93f127d46b6392834e7781e46f0e2d1ba14ce2f2d91f9db106bf94c7110ace1bf6105cd9351031e0ec7b52a599ae41256581c1379be5882c352c750709c1b8d37cd8d1442ae5547db0f5a1371eca211f028428572a0fcc4c0852ec1f9be4de14a32536087f520cdeaf54c52b203bb6ff0008b2099fb0e1dff4547563a71db416c5b97ef8e7677d8edd15a2ae75dc64b817117fe5e0478cfa1a18e15cb44cfcc990c5f01127b3906187c18562c876631a046a70015e84b6c553be23168e572cedb5912a6505ff8bb65722cc0e9556e967600711b8d8a8e414811c9809aa3e15f680fdbb2b2297e414824fda530b501b278c35f3f0f0ac61da3262de7b8aa44e31544c593c8521f8ce4921b8d7df7d7382c97718efd03650caa5620bc0e6fb9753dfe26c78b0b6a3231391b9324ee6b7c81b45e7e90e5573ab6cb263b114d78eaba7eb2bc668dd57b6eef126abcdf8355656beac58ddbaeb0551a4083fd5a2bd0e405d35737b7c3c6f0f0190403c13b57e3ef7b6b76206725758523ef98e4053fb8e05147a74577b61b0935dc5eb699945d3290e78bcc9015c9c3210ffed7d6e96c6c8202e46ad37155d07f3e8c2d9a":"ede0361026e81a9ad960f674de49449f12ee33c2dda7028c6b7fad7f8f8a7edc495621a6d13e47847873a954adfe7bb6a2ed7c9bc21f3b57458d9116ff4ed06cfca40e2002a70bca91a9a9e0475dd74be7d58453d3cc155ee0b0be20197e14674a7a6f8d903e211cbdbdad1e3383d0d1ae6b4d56837671589d8f151acb34bb4d1cdda55a0f9d1f70e80c61553fd0152bc871e930054efe763fdcd1f8fd1702afa61b3471e7a504612c58ab05ed581b34e2a884c5dd8d2aa919855351719e2cb290d00f0b161c104415f5579731072c1382508421c8d674113b2fe25a0e979455c8f145285ed3d32b744153d3ffab7625a3173440f026ecc62d9dd1bbdff6136f5d9d5245ff307eabfa91f6a10e7cf62a889975c0afd2f707eb8a43c2499c05029ca613edae2741f8e56b186a6390fbb0962323ed6c492620c1c8a24f9a89f15c00bd7263423e714db0fe0381556a15a8e4d1b7383d52fd524425e0200f9d410833330253306b1c23c15c08310bfc12b48131c120db8444d34dd951c5fd6df44e0eecbe92ad5f13641600db68d1d2c7d8ff460058c09d89d4febf2fcaacb40c900e19e4dc868a24ec61361c452541a0fb13da53d61b59806e0598985031e161a2e887420e4c6ce217587c72cd3a7b3085d2383112e1066277ed63e82ec16ac6dc7ce0ade255f30275b9798d4476f31d8d237c4d79b13da9dc6ceed7fe626e4da6eb6cfd234b8fdec4fd4520898b13a77aa034361c0d63edef55595e3e638b48c1c00e8c683c8cffd9fac2a33f73e04aff1f4624669057c7faf51f996e3d64bea3097b4810f99c8f078887be2440f67b249467eb26a03210b4d2baeaa8dc9746a14a6cfb45297e121eef8540eb438270403105c11ef4fed87127545b81e37ee1f942605a5a46253752351dee91d0a171031defa9dd20cbb942e3940fa43542f6fbcb0980f6ef2b36297527f7c0d47e36ea203ab924e937ca10e9d9e64c6419a061a300f86ffed0e2e72a1f73310efc00118dd315a6b01e19406471e071e4c153e2216d525195357fedf3d1f12d2c1ca659bbd1a6d1fa28b6bfb648deec17f8a894" PSA raw key agreement: FFDH 6144 bits (shared secred with leading zeros) -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_6144 raw_key_agreement:PSA_ALG_FFDH:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"8bc903e9b5b0742e86d657f64082205c1d50268b8d1d9260e5474e8b686e63adfab13484cc24e35b6f43f5e998fcd7d92c4aece9eb30b0f51b7a2200911e6d38b41da23f04e37697b6a7ac053d15676b75538aefb6693be8eda8b7d07b7611fbc9673e98d8580131cd3462d8851ab00f5831497cb89b4fdfd597a4fc84a9fe1a28ca3ceb17b70334af2414fff73584f2a21fda89c10e2b23a4b454ea4cd6d901312e52a557d45b9350dc8e8b08eb31a73095f014efebf1336ea2c4938fd477f90da212c92eeba483d784b377514c3afb7e34f8dbd6d4ca281aa0bb9167d6d96894b225deccfee7453739becb849c1f381720a59836df967d6525876509515014e46b0a8b27afd304b5db238dfdbe14afb8fb1433b05a00654abede04978f84116e4e3e3a6bdc9ef558dbc1a9cc5c5ba1ee4bd8654845f04106d3b1b48b3208d109aa96609cad246e543d94683b8963e13597dc4aec21b0959e7e6d73efc91ff2b9b52f0e9189f0619264b9893f9289dd8e9bd6d3cbccf079ab8fbd525151e704bd517ee8f29505046620048a684883e6fb858ce7b9e72ea35ae4ad7ded04f39e37a3056b6b695ef2032cb5cf99e22ce5500ba0315aff86516c42b1288c94b46dc0548c7ba07c2b2ca8423b9ba4782c1d4626589ae2b325917484f8eda07f2071276d3fb78bb71a5c501396302eacd1b07b28487c580c5ec5be236e1ad4fcc434325b24a2409c236a85f7b9e0e66f6548a1814c519919d8215b0370b9b3256aa10a28a05f0d2265f6fa7842dfbc67c8f32e9fe12d0df647665ba9809349e5ef6911a4755330d004de03e598cbd7e2b80c259d9d66050177df8984263a7c53abb5ea3157945b727fbf1866649260e321a7ad5eaea41639b35ed6e98b74ab679eab93e5873857342fbb55cda604f57222555631741aa97d74b5eff885aa45ce5a25d34841aa0ea4ea317267e86c45f713c81c3de81cd6eb252053544a5dcacd9f7388704bda8acf83276975f03bffd403eaf199a7a1367d2e6b40c7d94e23679b6520eb40b5d61f5f56c6939f21a4f1dc00f13b5cdcaaf827c760a6e4a9c5601961":"b3795eb1aead05ed8b950e0a00fa12ac0ce4679e6f7715ffd8b5df04e5b068c82210482d3a377b224dc7aec1dfb7e4d635b9fbc22a5534b6a4cb50d3c39cd0dd5e0ec45ea69a3296b83ce89b5cc0c5e15e4934212e8c33ed23939912d0cd738eaa949f763450d5a07fb1540207065f1159a55af7f80bc48c49f88164cd4492b0020902c78295dacfe593fedc1914ddefebf45b5eccd6830681a80c853a3f2389798c391aab3baafd578ad0bf0dfe5b63fd05835e215c6850c0f61e48698053fec9281f0a11b45cc4e259b310a9720456c481031e0467401afeade395ab9b664d9fdb42f953aaf9fb6501c2e105868201ef26d58d31d473c676c751bd892a84a59441f92f7b6ba49a7e385b3d13f806e701a7c339d37e5596414631ed95908c7118f45250acb68f6f2d9ea4bfcb85dc75d21a03a5dc2b86d41cc55753a72a185ce94d20cb897f8759b4ba41e56fe9cf6edf7ee733581589b319e85300b7f479b093030e2d345584e2934dafddda62701404b628b2f25a15992b7ded6271fecb37b817316a908ede803285da3b57986196d59b164692384d469c09b4551b37862d588294a022db7deca641ae90f9a96d75612d55b673213419a450f7ccf78a2fdad291f6c905b5e1a0bbe90baec1c2706d7d81ea8f6d68d350004ea00f24009f6121650547e84b3edb66d969af206f5011ededee736eafe4100e4625ced482caf2cdf6b4465927d8fb138bebaeff652d6afa0fbfd03ea03cf70e80bd95ade41443b85bfa1c56f770f123ba3666412cc2c6997de49e90d7d9fa1722894d6c4f7dfa349e9a9c400eb59b4ce4f6a64763359ed1bf2327f552052070bd4bd2fc1a816e8eddf72645e7fb0ef10bf9c5dee2b386ee2258c99f8ec5b91d8e043b9411870c6f02d2df7863359e46e732e3ffc398993a232d812f934737c503f9d3532d4126c72d5dabf8ff9d6da214fb9571ad180935cb6d01ec1404c85346d9ca858adff2a8ae87ae2d9b99c3ea1557a801703bade1d349410304dfaca488cd5b90086dbee91d60c7dba504721fd54b38fa0835cf70b2f48837430476d5fe8349ad1f2f38":"00e17befd66905acec575c87804c61c047abc9a724db6337e34975980eb0395cf4da8c956c823fa23c52b901bb58a9d26eff282dc6a0f588d71a1636bb919ca1d564f400d7a8e909cc9c59cbaf18f09d5a2101a7afd32687657a3cd1b00148cc84411ff3f07609acc8c07eed678162d1d69280f1072674dfc1d6819d45d8710e2be12402b06b846d68f4088895ce64243f24156c1be33031dac21fb60916ebfdc3939a6bcb012c66c7ef748e30f43bcc08e13c5dea85703a4928166501bb1eec25e61ba5c187531bd982fb310e56656cadfe4f7f756c8b71062388d50cbb70a7d07220912891c4c736ef1ec6390d4bc12803f20c8f1ffa7f41996ce3c8ab792753165fc25d2c1b373f5664c38ed688b4d096a34bf2669e8245bb55ad4c0ad51206fd082969bef351c271b103aa1592889536a2b9ed18e02035a457735317bdca6b7f7104af64d30270c732cfff302d7b82c1a602f16194ea62290c1ed35e93911a62743b3d1bee83c01669320408f2219f2d53c926acf014150ab47ddcee73c6159b368ab26f4da25c5440f79fb898473bdc2b7c333cff7cc5f8332b43ba1a49c327bc5b5ad9459afabf5e9c8421cee51ec0a6821e7af83af0ba2857ef2dd1417b250e2e1e14045883a26e3c70404c53998daf94d8452ade76e0e886324cc6301cdd40d04be33c59ba11bb7e5ef62186647d3891b221bd955e109f5b9b3dc625b44cbc3359e8b2dc4b90171d4a0a47537e095e0108827b3228e6ba325e935a2eb2eb82985443c7691ac208d55ca8d7200adef6c9b9e224190f672efbba75554a4c72af539c70d0bb7af67ada46a2c46311a91bd67d7ce724581695f6b4b2c0a58cd23b84873a76556bf573e447fcf583395895600aca30340ba327b44df33b1aa5c51f515c542c37fd9dba35534f94383300c23ceb8426e46ada509e03dd06fc2ea3fc6b973ef02dd6cb6adc36d76158c21dd8975c0eaa3d50082b53d328acd5894a1229c27aabd513ff6d8de6e2e780ef8342182182f85a89e6697452166f4e012a6f3f137c8d2a5e279e1f490995d9618f177acfac9f16f65bb89c2087e7b5" PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: capacity=8160 @@ -7140,51 +7140,51 @@ depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"04d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c4417883c010f6e37cd6942c63bd8a65d8648c736bf8330b539760e18db13888d992":"" PSA key agreement: FFDH RFC7919 2048 key + HKDF-SHA256: read 256+0 -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_2048 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"4bd2bd426bda18aa94501942095ffe5a9affed1535b942f3449bce8e90f9e57f512c8fdda496c3ac051d951be206365fb5dd03a7d7db5236b98ddfa68237a45ef4513b381a82863cdb6521b44e10aa45de28d040326c5d95e9399ae25f6cad681f1cbf8c71934b91d5c8765f56d3978544784f297aa60afadd824e4b9525867fea33d873c379e3e7bd48528ec89aa01691b57df1c87c871b955331697e6a64db0837e1d24c80e2770179a98cae9da54d21cc5af4cc7b713b04554e2cdf417d78f12e8c749a2669e036a5b89eda7b087eb911c629f16128ab04f0ee7a3a9bec5772cfc68bbd0b492a781b36d26c2ec1f83953e192247e52714c3f32f0635f698c":"6d34e084b8d0e253a894237be9977e1a821b556ed4bc01cda691a927885979b59e55a30daa2a707769474b760e9f1c10544b2ce74b26efa4f069e05ce70471bf6b7e6c08a16fa880930790204e8b482478de0682ce3f58450a4e15abc14d05e13ef773a10a3e8bf2219f8ab556c88dc2a301b362c2d4e94bf2f0006bb36d15a5096ed1342f3f111ccf123ceae9bdc7bc0cde5edc9f0203f35f8a98aff6d75975357733a429364ed3aca32acaf9f857ef751e0e246140eebdfc2b403b644e42c48922f7f6cdaa6a2ef9ddfa54fb83657492f9f9a2c8aa4831601f9b11663e94d968d8be6e121aee2c79156e44aaa650bb26083983a76cc5883538d4794855ded1":"8f6f6b349b2c11a941882de0d6bd0dfde68d596c1f0b85d15cf94d651f99e1527e829d95fec5ffac32da6c5367785e735f126e1f2a326e8edcd6192452ce0ef7a11c541feb6b7b81bcb8c15a5db04ab407e8776426227ec335c2840c2a909d7914b158754dde8980dbdf607d63f0b9778f81df82836529b2e27f4a81a390bdbf848ee16817fa80d745bf93626ad0e19930fcde46a034a25f168c14e006a7d4e3cb2fce48797b5b2edb0a6c4995cf1ec0dc32d218a4b52d929ff1fa50b63af9b2c0e7045bbb7f7a0f976d1da8a2617294a67cd0f763e5bc50e1037ba5b49a02f3b1b5b6509bb0e2cfd67ff49da0e6fec01c06a219cb943151fa095bf5dda27ada":"" PSA key agreement: FFDH RFC7919 2048 key + HKDF-SHA256: read 255+1 -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_2048 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"4bd2bd426bda18aa94501942095ffe5a9affed1535b942f3449bce8e90f9e57f512c8fdda496c3ac051d951be206365fb5dd03a7d7db5236b98ddfa68237a45ef4513b381a82863cdb6521b44e10aa45de28d040326c5d95e9399ae25f6cad681f1cbf8c71934b91d5c8765f56d3978544784f297aa60afadd824e4b9525867fea33d873c379e3e7bd48528ec89aa01691b57df1c87c871b955331697e6a64db0837e1d24c80e2770179a98cae9da54d21cc5af4cc7b713b04554e2cdf417d78f12e8c749a2669e036a5b89eda7b087eb911c629f16128ab04f0ee7a3a9bec5772cfc68bbd0b492a781b36d26c2ec1f83953e192247e52714c3f32f0635f698c":"6d34e084b8d0e253a894237be9977e1a821b556ed4bc01cda691a927885979b59e55a30daa2a707769474b760e9f1c10544b2ce74b26efa4f069e05ce70471bf6b7e6c08a16fa880930790204e8b482478de0682ce3f58450a4e15abc14d05e13ef773a10a3e8bf2219f8ab556c88dc2a301b362c2d4e94bf2f0006bb36d15a5096ed1342f3f111ccf123ceae9bdc7bc0cde5edc9f0203f35f8a98aff6d75975357733a429364ed3aca32acaf9f857ef751e0e246140eebdfc2b403b644e42c48922f7f6cdaa6a2ef9ddfa54fb83657492f9f9a2c8aa4831601f9b11663e94d968d8be6e121aee2c79156e44aaa650bb26083983a76cc5883538d4794855ded1":"8f6f6b349b2c11a941882de0d6bd0dfde68d596c1f0b85d15cf94d651f99e1527e829d95fec5ffac32da6c5367785e735f126e1f2a326e8edcd6192452ce0ef7a11c541feb6b7b81bcb8c15a5db04ab407e8776426227ec335c2840c2a909d7914b158754dde8980dbdf607d63f0b9778f81df82836529b2e27f4a81a390bdbf848ee16817fa80d745bf93626ad0e19930fcde46a034a25f168c14e006a7d4e3cb2fce48797b5b2edb0a6c4995cf1ec0dc32d218a4b52d929ff1fa50b63af9b2c0e7045bbb7f7a0f976d1da8a2617294a67cd0f763e5bc50e1037ba5b49a02f3b1b5b6509bb0e2cfd67ff49da0e6fec01c06a219cb943151fa095bf5dda27a":"da" PSA key agreement: FFDH RFC7919 2048 key + HKDF-SHA256: read 1+255 -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_2048 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"4bd2bd426bda18aa94501942095ffe5a9affed1535b942f3449bce8e90f9e57f512c8fdda496c3ac051d951be206365fb5dd03a7d7db5236b98ddfa68237a45ef4513b381a82863cdb6521b44e10aa45de28d040326c5d95e9399ae25f6cad681f1cbf8c71934b91d5c8765f56d3978544784f297aa60afadd824e4b9525867fea33d873c379e3e7bd48528ec89aa01691b57df1c87c871b955331697e6a64db0837e1d24c80e2770179a98cae9da54d21cc5af4cc7b713b04554e2cdf417d78f12e8c749a2669e036a5b89eda7b087eb911c629f16128ab04f0ee7a3a9bec5772cfc68bbd0b492a781b36d26c2ec1f83953e192247e52714c3f32f0635f698c":"6d34e084b8d0e253a894237be9977e1a821b556ed4bc01cda691a927885979b59e55a30daa2a707769474b760e9f1c10544b2ce74b26efa4f069e05ce70471bf6b7e6c08a16fa880930790204e8b482478de0682ce3f58450a4e15abc14d05e13ef773a10a3e8bf2219f8ab556c88dc2a301b362c2d4e94bf2f0006bb36d15a5096ed1342f3f111ccf123ceae9bdc7bc0cde5edc9f0203f35f8a98aff6d75975357733a429364ed3aca32acaf9f857ef751e0e246140eebdfc2b403b644e42c48922f7f6cdaa6a2ef9ddfa54fb83657492f9f9a2c8aa4831601f9b11663e94d968d8be6e121aee2c79156e44aaa650bb26083983a76cc5883538d4794855ded1":"8f":"6f6b349b2c11a941882de0d6bd0dfde68d596c1f0b85d15cf94d651f99e1527e829d95fec5ffac32da6c5367785e735f126e1f2a326e8edcd6192452ce0ef7a11c541feb6b7b81bcb8c15a5db04ab407e8776426227ec335c2840c2a909d7914b158754dde8980dbdf607d63f0b9778f81df82836529b2e27f4a81a390bdbf848ee16817fa80d745bf93626ad0e19930fcde46a034a25f168c14e006a7d4e3cb2fce48797b5b2edb0a6c4995cf1ec0dc32d218a4b52d929ff1fa50b63af9b2c0e7045bbb7f7a0f976d1da8a2617294a67cd0f763e5bc50e1037ba5b49a02f3b1b5b6509bb0e2cfd67ff49da0e6fec01c06a219cb943151fa095bf5dda27ada" PSA key agreement: FFDH RFC7919 3072 key + HKDF-SHA256: read 256+0 -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_3072 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"c60a421e82deb778eb468760296ee4faa0b58ef058966fc457e8015185bb6c500677bf5a5a88bd8dedb5307ccc3c980a2bbe9a439c6b0c7af6c961e5b9c06f47212fc0e726da2f5bdd3542fba74e1dc2294caa1f363d942a92a391acd84aecd045a4a318db00785129ba171b31651b0e930eb8110a642dd63ef5ae1bb8c6e3b3971507c4057530d51ca14182e884974e20723dbfdd5778fa0ec78fbab26811c097f0dd291ccd7a6967caf5163fa04ba921448e1d3ec8de4ff3bc87dfdc35e53ba1bd4310fc9c98f68332ea0483ec051900e438fa3e5bcbf901771c740114922a7d9a74257befca7f9b62b2991ef6c58dbb1e516bb1ee18c8709f134ab7bb2077ec03356279a46f2978e6a89df22b0120223f6996c290607e98ecf14c36e2db62e80575329f4787ddc7b72856cbb0c4fa2dec9b391698832f559cbef49979c72e63cb3dad5d948f1c00219b47359fa75ec3fd352aa0223773e246c2fce492200b3a6e213e5e30d69cf3f56af43b0c09c0d647784b2f209c4fd1abb74b035d1ad4":"c9185bfe9b6379e0cbded54f23ed487b2a692c697cd1de74c739264ffb26a8d48aca7169c2b8716f493777e79e1a4517f79af50666e57fa821b5982a37aaf92d00805dc92df7afcd60256442264ff368e15012b847f85c7b4c3eacc4bf5c0c49f3018f19ec09a82c11c30cfcd60b07dd59e262e0387cd6473e2ec926af0bbf8d91f7b2dd6564cb5971dfaccf12c044f7c423f4e7309268925a03b51dde987906b40236046d2515e6be4524b27ee7675f2f58be2d2177f1624dab1118d265b8221969dc34686155d6c15390fd42c394ca2f7a3f403364a507b0a8c105c2f1022d321cf5621dfa7a28185856a26e952dc14ee4763fd1ea27b94284880fd86e2f1a6215aa3bff98bbe1b93d397a20647edcb38f043b9dd06f81c62e4caf74dae77b511977c07ccaac5fee2529e867b36bfa2e1488186bab1c7990fcd4c30ce7c9c536f6c3c2b9d2ac4065a4fa7577ff86dbb2df8eed95713e85457b4a52251aefe1bb1b4c8eda66002eeda7d28af37f00673dba3f9f57d1a416abdbeccf75a7a102":"d9f28018a351a7483e40752ef75085e44eddc029a61f8702e4f33a0ff6d5153696a01ce519e7489f19abb13417800e9daed64bb366e08c706b75025d57c4a1e29717d8d2f28ec23a59ea667863b9ab0e8e5a01140df46df7f36aed84852f9b09bb0a8552a2454c936b50f1a9db290a039336e431bf3b58eeb1b6ca7eaac7dfca12a5cec02a648807cf14a112fc47ca1201133a39e0d361308a76aa313ca1e7d5118e27c7f2ee4aac78b29eccb8888ef1cf6a389df7ae25daef1c8c89184d1cce78a7d61831920b43b08122996090a0e790070d002a56227be45a06c070632e832901a71b3515c77439b094321da0b4b5f37ecdbec3a9f6f8a1635c5beec73dc6":"" PSA key agreement: FFDH RFC7919 3072 key + HKDF-SHA256: read 255+1 -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_3072 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"c60a421e82deb778eb468760296ee4faa0b58ef058966fc457e8015185bb6c500677bf5a5a88bd8dedb5307ccc3c980a2bbe9a439c6b0c7af6c961e5b9c06f47212fc0e726da2f5bdd3542fba74e1dc2294caa1f363d942a92a391acd84aecd045a4a318db00785129ba171b31651b0e930eb8110a642dd63ef5ae1bb8c6e3b3971507c4057530d51ca14182e884974e20723dbfdd5778fa0ec78fbab26811c097f0dd291ccd7a6967caf5163fa04ba921448e1d3ec8de4ff3bc87dfdc35e53ba1bd4310fc9c98f68332ea0483ec051900e438fa3e5bcbf901771c740114922a7d9a74257befca7f9b62b2991ef6c58dbb1e516bb1ee18c8709f134ab7bb2077ec03356279a46f2978e6a89df22b0120223f6996c290607e98ecf14c36e2db62e80575329f4787ddc7b72856cbb0c4fa2dec9b391698832f559cbef49979c72e63cb3dad5d948f1c00219b47359fa75ec3fd352aa0223773e246c2fce492200b3a6e213e5e30d69cf3f56af43b0c09c0d647784b2f209c4fd1abb74b035d1ad4":"c9185bfe9b6379e0cbded54f23ed487b2a692c697cd1de74c739264ffb26a8d48aca7169c2b8716f493777e79e1a4517f79af50666e57fa821b5982a37aaf92d00805dc92df7afcd60256442264ff368e15012b847f85c7b4c3eacc4bf5c0c49f3018f19ec09a82c11c30cfcd60b07dd59e262e0387cd6473e2ec926af0bbf8d91f7b2dd6564cb5971dfaccf12c044f7c423f4e7309268925a03b51dde987906b40236046d2515e6be4524b27ee7675f2f58be2d2177f1624dab1118d265b8221969dc34686155d6c15390fd42c394ca2f7a3f403364a507b0a8c105c2f1022d321cf5621dfa7a28185856a26e952dc14ee4763fd1ea27b94284880fd86e2f1a6215aa3bff98bbe1b93d397a20647edcb38f043b9dd06f81c62e4caf74dae77b511977c07ccaac5fee2529e867b36bfa2e1488186bab1c7990fcd4c30ce7c9c536f6c3c2b9d2ac4065a4fa7577ff86dbb2df8eed95713e85457b4a52251aefe1bb1b4c8eda66002eeda7d28af37f00673dba3f9f57d1a416abdbeccf75a7a102":"d9f28018a351a7483e40752ef75085e44eddc029a61f8702e4f33a0ff6d5153696a01ce519e7489f19abb13417800e9daed64bb366e08c706b75025d57c4a1e29717d8d2f28ec23a59ea667863b9ab0e8e5a01140df46df7f36aed84852f9b09bb0a8552a2454c936b50f1a9db290a039336e431bf3b58eeb1b6ca7eaac7dfca12a5cec02a648807cf14a112fc47ca1201133a39e0d361308a76aa313ca1e7d5118e27c7f2ee4aac78b29eccb8888ef1cf6a389df7ae25daef1c8c89184d1cce78a7d61831920b43b08122996090a0e790070d002a56227be45a06c070632e832901a71b3515c77439b094321da0b4b5f37ecdbec3a9f6f8a1635c5beec73d":"c6" PSA key agreement: FFDH RFC7919 3072 key + HKDF-SHA256: read 1+255 -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_3072 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"c60a421e82deb778eb468760296ee4faa0b58ef058966fc457e8015185bb6c500677bf5a5a88bd8dedb5307ccc3c980a2bbe9a439c6b0c7af6c961e5b9c06f47212fc0e726da2f5bdd3542fba74e1dc2294caa1f363d942a92a391acd84aecd045a4a318db00785129ba171b31651b0e930eb8110a642dd63ef5ae1bb8c6e3b3971507c4057530d51ca14182e884974e20723dbfdd5778fa0ec78fbab26811c097f0dd291ccd7a6967caf5163fa04ba921448e1d3ec8de4ff3bc87dfdc35e53ba1bd4310fc9c98f68332ea0483ec051900e438fa3e5bcbf901771c740114922a7d9a74257befca7f9b62b2991ef6c58dbb1e516bb1ee18c8709f134ab7bb2077ec03356279a46f2978e6a89df22b0120223f6996c290607e98ecf14c36e2db62e80575329f4787ddc7b72856cbb0c4fa2dec9b391698832f559cbef49979c72e63cb3dad5d948f1c00219b47359fa75ec3fd352aa0223773e246c2fce492200b3a6e213e5e30d69cf3f56af43b0c09c0d647784b2f209c4fd1abb74b035d1ad4":"c9185bfe9b6379e0cbded54f23ed487b2a692c697cd1de74c739264ffb26a8d48aca7169c2b8716f493777e79e1a4517f79af50666e57fa821b5982a37aaf92d00805dc92df7afcd60256442264ff368e15012b847f85c7b4c3eacc4bf5c0c49f3018f19ec09a82c11c30cfcd60b07dd59e262e0387cd6473e2ec926af0bbf8d91f7b2dd6564cb5971dfaccf12c044f7c423f4e7309268925a03b51dde987906b40236046d2515e6be4524b27ee7675f2f58be2d2177f1624dab1118d265b8221969dc34686155d6c15390fd42c394ca2f7a3f403364a507b0a8c105c2f1022d321cf5621dfa7a28185856a26e952dc14ee4763fd1ea27b94284880fd86e2f1a6215aa3bff98bbe1b93d397a20647edcb38f043b9dd06f81c62e4caf74dae77b511977c07ccaac5fee2529e867b36bfa2e1488186bab1c7990fcd4c30ce7c9c536f6c3c2b9d2ac4065a4fa7577ff86dbb2df8eed95713e85457b4a52251aefe1bb1b4c8eda66002eeda7d28af37f00673dba3f9f57d1a416abdbeccf75a7a102":"d9":"f28018a351a7483e40752ef75085e44eddc029a61f8702e4f33a0ff6d5153696a01ce519e7489f19abb13417800e9daed64bb366e08c706b75025d57c4a1e29717d8d2f28ec23a59ea667863b9ab0e8e5a01140df46df7f36aed84852f9b09bb0a8552a2454c936b50f1a9db290a039336e431bf3b58eeb1b6ca7eaac7dfca12a5cec02a648807cf14a112fc47ca1201133a39e0d361308a76aa313ca1e7d5118e27c7f2ee4aac78b29eccb8888ef1cf6a389df7ae25daef1c8c89184d1cce78a7d61831920b43b08122996090a0e790070d002a56227be45a06c070632e832901a71b3515c77439b094321da0b4b5f37ecdbec3a9f6f8a1635c5beec73dc6" PSA key agreement: FFDH RFC7919 4096 key + HKDF-SHA256: read 256+0 -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_4096 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"f085888f40e34d91c989fadcb9c3e8be8f4a270d75b90d78c9b3d7569e09662b7767d90112a4a339bc42e661bd0e464b26ba4eb07dee300dfdc38373ec17a5a4e86f3f4b5ae6c9700f8381ac93b564bc0b1ce64e03bb825aa21a8e87e572ccb13a5a7b2942e4b91a321c5b5cf87b8bad4042c5b8ba971870061f7bb0869e57205bd64ed41026d5093227eb9fc4abca6160376b9b9ebbf431b6cc7a362726f553ffcca07ab3fed69a60c1a3d6d7caf989c57dad04eae71dc7e5da1bd6a65d3f4509959f61741ad91b6bdc98c0cae835cea940048d325f1db5e6217b8a0c977741511c967330819115d325a6da3ac003b66364e52351b34de0e954d5df7301ac0c2772c461872b72c9c3bc810789d16d22f57fd57338487ff66fd01434fa08a57eb7b089686cda86c9dc9220e11409c5ecd7b2988c151ee24e19a5c5685b4824c60a29ee363e75f783d97a57cda08a9e2152769957163272b3d5e82cdcda71300566356c411dc01a2c24507693c819755568ea461b755e89e9ab150e243ae97d5878f58ba87be9a6bab3726e962f92e2305999cafd65aa32f486ccf2edea46ab4b4cd7e3130f2e69102e6a4d7104db2f9a66d0ddb4faa3ae34b3bac6007bdfc66541bc3f45db3eb730ba80e102850604fd64e3cf047825246264ad8e1e716aa44a99275aab9ebf0b26f703af7460a8e502088a311d7c571bf0905031ea6561a928":"f614318e0c2cc96ef5b9cb576e411c7319f9ac4caa626307c110018ff7e5082894147a1989166983f181ffa0ed062d7561af3ad26ef7339faedbcc6d41d3b53bb71f21de285c83af911a9dfc68e6efe5e067b36a5e761dea0b243e5d9af351aea1cd22841062c6beaeac0e66138c9562e3efc922bddb2f2709075ee4356337597fe9bb16c5b21de3017d06a18e98b606931c6a1d96f60fd22c920dbf18210178f844c9c0646a779db31eed21c29dff3556fe6f608c6db80e86229fa05117c624094a7d0c106718e9534de55b469ed03dd545c80b2134f10a073fa1d6b366f46727f630685ca916c84d28417b1753af57248445f81573de06bfb17bf6f3f6e5e72723390719e881d54ce3a76a79e4c3cd78f293f5ca90ca31038c4ae0f6df379177a96ceb0e55a85669335dc634f67d138c40b58474dffa4695c017ff75db55b37d9627836fad1813a9dd13e61ad99b96a488cb49348e1e75aefbad5eac288387381e6d7908c16b42c8f071c24b518feb1b4d38a538e4346e0b88c526125ae5b2fcf8e0f42608f5c5ef47b6b225122d5b6c94c2cf42767ff3df1f29461d72b7fe4eb2273c857d18daf33ed0cce043a5c389d116ba02a9ba5c8140d11c52249019749417950f444529a635592b137d30ee6f15fee89695d99e5f322d2e94c00d43d24aa63e0e68c27566d19e211f7f24e1cb72940cc9dd0b0cf34f69f03ee32be7":"01ef64db547f29894000820395bbe27406c2c6482207d6bd3f517802b02726478627a4d965c9f062626ec5b6bea63abdfa71f6de07509edf1240d420d4f0ae3d439bfa6758d6831335688b5d78082f394ed26d171426ef7649363a951a789c463afe76d1cd55f58b4b7ab2db2ee8091e7b1f3148b2352fde97b9928bf417047e9eff62ad76ab117ba9fb35605a71973be36e71a4d2aec600255a75eba63983bd0750d5080d380d00d91248470b9850d3e8e5bb464732ddb838427c1685e337694774229a0d4ffec532220e75aa289bc9c62c0621851c4c4e7325a3eb02bd195ceb855dec066ed250238ee546fa45aa00661bbb8dddc006a40c976243af58de87":"" PSA key agreement: FFDH RFC7919 4096 key + HKDF-SHA256: read 255+1 -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_4096 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"f085888f40e34d91c989fadcb9c3e8be8f4a270d75b90d78c9b3d7569e09662b7767d90112a4a339bc42e661bd0e464b26ba4eb07dee300dfdc38373ec17a5a4e86f3f4b5ae6c9700f8381ac93b564bc0b1ce64e03bb825aa21a8e87e572ccb13a5a7b2942e4b91a321c5b5cf87b8bad4042c5b8ba971870061f7bb0869e57205bd64ed41026d5093227eb9fc4abca6160376b9b9ebbf431b6cc7a362726f553ffcca07ab3fed69a60c1a3d6d7caf989c57dad04eae71dc7e5da1bd6a65d3f4509959f61741ad91b6bdc98c0cae835cea940048d325f1db5e6217b8a0c977741511c967330819115d325a6da3ac003b66364e52351b34de0e954d5df7301ac0c2772c461872b72c9c3bc810789d16d22f57fd57338487ff66fd01434fa08a57eb7b089686cda86c9dc9220e11409c5ecd7b2988c151ee24e19a5c5685b4824c60a29ee363e75f783d97a57cda08a9e2152769957163272b3d5e82cdcda71300566356c411dc01a2c24507693c819755568ea461b755e89e9ab150e243ae97d5878f58ba87be9a6bab3726e962f92e2305999cafd65aa32f486ccf2edea46ab4b4cd7e3130f2e69102e6a4d7104db2f9a66d0ddb4faa3ae34b3bac6007bdfc66541bc3f45db3eb730ba80e102850604fd64e3cf047825246264ad8e1e716aa44a99275aab9ebf0b26f703af7460a8e502088a311d7c571bf0905031ea6561a928":"f614318e0c2cc96ef5b9cb576e411c7319f9ac4caa626307c110018ff7e5082894147a1989166983f181ffa0ed062d7561af3ad26ef7339faedbcc6d41d3b53bb71f21de285c83af911a9dfc68e6efe5e067b36a5e761dea0b243e5d9af351aea1cd22841062c6beaeac0e66138c9562e3efc922bddb2f2709075ee4356337597fe9bb16c5b21de3017d06a18e98b606931c6a1d96f60fd22c920dbf18210178f844c9c0646a779db31eed21c29dff3556fe6f608c6db80e86229fa05117c624094a7d0c106718e9534de55b469ed03dd545c80b2134f10a073fa1d6b366f46727f630685ca916c84d28417b1753af57248445f81573de06bfb17bf6f3f6e5e72723390719e881d54ce3a76a79e4c3cd78f293f5ca90ca31038c4ae0f6df379177a96ceb0e55a85669335dc634f67d138c40b58474dffa4695c017ff75db55b37d9627836fad1813a9dd13e61ad99b96a488cb49348e1e75aefbad5eac288387381e6d7908c16b42c8f071c24b518feb1b4d38a538e4346e0b88c526125ae5b2fcf8e0f42608f5c5ef47b6b225122d5b6c94c2cf42767ff3df1f29461d72b7fe4eb2273c857d18daf33ed0cce043a5c389d116ba02a9ba5c8140d11c52249019749417950f444529a635592b137d30ee6f15fee89695d99e5f322d2e94c00d43d24aa63e0e68c27566d19e211f7f24e1cb72940cc9dd0b0cf34f69f03ee32be7":"01ef64db547f29894000820395bbe27406c2c6482207d6bd3f517802b02726478627a4d965c9f062626ec5b6bea63abdfa71f6de07509edf1240d420d4f0ae3d439bfa6758d6831335688b5d78082f394ed26d171426ef7649363a951a789c463afe76d1cd55f58b4b7ab2db2ee8091e7b1f3148b2352fde97b9928bf417047e9eff62ad76ab117ba9fb35605a71973be36e71a4d2aec600255a75eba63983bd0750d5080d380d00d91248470b9850d3e8e5bb464732ddb838427c1685e337694774229a0d4ffec532220e75aa289bc9c62c0621851c4c4e7325a3eb02bd195ceb855dec066ed250238ee546fa45aa00661bbb8dddc006a40c976243af58de":"87" PSA key agreement: FFDH RFC7919 4096 key + HKDF-SHA256: read 1+255 -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_4096 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"f085888f40e34d91c989fadcb9c3e8be8f4a270d75b90d78c9b3d7569e09662b7767d90112a4a339bc42e661bd0e464b26ba4eb07dee300dfdc38373ec17a5a4e86f3f4b5ae6c9700f8381ac93b564bc0b1ce64e03bb825aa21a8e87e572ccb13a5a7b2942e4b91a321c5b5cf87b8bad4042c5b8ba971870061f7bb0869e57205bd64ed41026d5093227eb9fc4abca6160376b9b9ebbf431b6cc7a362726f553ffcca07ab3fed69a60c1a3d6d7caf989c57dad04eae71dc7e5da1bd6a65d3f4509959f61741ad91b6bdc98c0cae835cea940048d325f1db5e6217b8a0c977741511c967330819115d325a6da3ac003b66364e52351b34de0e954d5df7301ac0c2772c461872b72c9c3bc810789d16d22f57fd57338487ff66fd01434fa08a57eb7b089686cda86c9dc9220e11409c5ecd7b2988c151ee24e19a5c5685b4824c60a29ee363e75f783d97a57cda08a9e2152769957163272b3d5e82cdcda71300566356c411dc01a2c24507693c819755568ea461b755e89e9ab150e243ae97d5878f58ba87be9a6bab3726e962f92e2305999cafd65aa32f486ccf2edea46ab4b4cd7e3130f2e69102e6a4d7104db2f9a66d0ddb4faa3ae34b3bac6007bdfc66541bc3f45db3eb730ba80e102850604fd64e3cf047825246264ad8e1e716aa44a99275aab9ebf0b26f703af7460a8e502088a311d7c571bf0905031ea6561a928":"f614318e0c2cc96ef5b9cb576e411c7319f9ac4caa626307c110018ff7e5082894147a1989166983f181ffa0ed062d7561af3ad26ef7339faedbcc6d41d3b53bb71f21de285c83af911a9dfc68e6efe5e067b36a5e761dea0b243e5d9af351aea1cd22841062c6beaeac0e66138c9562e3efc922bddb2f2709075ee4356337597fe9bb16c5b21de3017d06a18e98b606931c6a1d96f60fd22c920dbf18210178f844c9c0646a779db31eed21c29dff3556fe6f608c6db80e86229fa05117c624094a7d0c106718e9534de55b469ed03dd545c80b2134f10a073fa1d6b366f46727f630685ca916c84d28417b1753af57248445f81573de06bfb17bf6f3f6e5e72723390719e881d54ce3a76a79e4c3cd78f293f5ca90ca31038c4ae0f6df379177a96ceb0e55a85669335dc634f67d138c40b58474dffa4695c017ff75db55b37d9627836fad1813a9dd13e61ad99b96a488cb49348e1e75aefbad5eac288387381e6d7908c16b42c8f071c24b518feb1b4d38a538e4346e0b88c526125ae5b2fcf8e0f42608f5c5ef47b6b225122d5b6c94c2cf42767ff3df1f29461d72b7fe4eb2273c857d18daf33ed0cce043a5c389d116ba02a9ba5c8140d11c52249019749417950f444529a635592b137d30ee6f15fee89695d99e5f322d2e94c00d43d24aa63e0e68c27566d19e211f7f24e1cb72940cc9dd0b0cf34f69f03ee32be7":"01":"ef64db547f29894000820395bbe27406c2c6482207d6bd3f517802b02726478627a4d965c9f062626ec5b6bea63abdfa71f6de07509edf1240d420d4f0ae3d439bfa6758d6831335688b5d78082f394ed26d171426ef7649363a951a789c463afe76d1cd55f58b4b7ab2db2ee8091e7b1f3148b2352fde97b9928bf417047e9eff62ad76ab117ba9fb35605a71973be36e71a4d2aec600255a75eba63983bd0750d5080d380d00d91248470b9850d3e8e5bb464732ddb838427c1685e337694774229a0d4ffec532220e75aa289bc9c62c0621851c4c4e7325a3eb02bd195ceb855dec066ed250238ee546fa45aa00661bbb8dddc006a40c976243af58de87" PSA key agreement: FFDH RFC7919 6144 key + HKDF-SHA256: read 256+0 -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_6144 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"bbaec0a6c20e67aa77bd9db1f682b20227d3e17944ccf9ea639e437202309c29dc876a8d209e81e59e1d7584284089c4ffb3356e28acca6c94164752e7e331cee7fccdb3d08604a5faaf91c02cab4ea6ad2926e28d1dee9fadd437b2b8a5116c689869c0972529e4c362aaa8427c95f42d8a60c1f38f9f672c837a097bcd1a8c068c11a33ce36517915dae1ba47e2646aef079e6c84b9656991ef0f6ceb9f7f95c97e7232cc5c41c0335aed99169133702cb8d95ef1e9eb5af583f3469a77277243fe61f16dd5b4f9f4972e3d30050f289f891daf8146ff87cf2845c419dfe2ca0525c5e2e8fc6566d7118fadaf0103b24319061f862e2584e5fba1063d55365b78379820d335ee924ac0871ceb3a2a339fba250011371b53426bab5f48e9704b7a9e77d14d5f6cafcfbdb45463e6935be31bc87eafd9b6d228a5b76c2baa6364f450a4ac557dd07ed4b1a13f5603e2b3bb270e831f0f2950f52c52d866fdaeb748a4cbb6f20b332795fffb8cf77a34ef75d8105973f1fdada6a3b050a28c12268104a8f1cce9a86ebce1749a97e9e5f00608229799aa5b7a356fca7b8bb5c7829cb18a136836bb37f5165deb89b33f0b69c473236025bc649d382d008fbc7c8c84390b9d86b173e45fa1e162e0eabd7914f2ec4c26d5350be064fc0d68bf16446188dd4a76ac1267a63b764070b48342a884891eeddbba95257348764c646aef160523af105a719aedb041a28b81516dbe89e80592f687eb341aff447a4165ac145889ae3e8a14c948c82b581b35d8f7d1c4f5e0f838773a472ad0025b1ca0b1c8bfe58c42079194b9aa9c5a1139472e7f917655a3ae297c9a8e3bfa6e108242a5ac01b92a9e94d7b51fbe2732d68f1ec5c12607add5e9bddbe5a4837e9fa16a66b5d83456df4f9febb14158dc5ea467b7cc288fe58f28cade38fa3d4c8864c3cb93bda6d39ad28f7dab8b8c0be34f675d268d82ba6a2e22ba49a5e7de5d08edae35ec17d1419288719a4f82dfb7aad6f7b68c4216c69b83af7438771622e48381841d1fcb6081d41b1b84eae37912b34dc8df1794bb47ad87f94d9c841aa98":"31b48495f611fd0205994fc523bfbc6b72949417f28392d30c1c98878bde0ca467ab6d6fe58522df9749154f95c9683f9590c295cd2b62ff9c59f2a71aaa3f7cb72761740cdcac8994c3623e8c07e2991dac60c2ccba818623013467cfca64f9a3b58523d4a4982571365db08aa9de048303c2a48d1c02c9aafc2ecd6eaae1c5bce8314503d0711d755b59134cbfc773250690121f58fc5171ea34fe88e753d5ab3da23e0557aa326b408c2f55aad2b6f40504509c2203f353bcb17e7b2c61fdcba04c3f8c136ef5d14c38ded6ff0455f59f3052b52b2d45f76a2c3b4b09af388a57ebd9d33393853b83b8033b6973cf662907e62380b66b4ce04b82ab8fcd35f40083a330587e27daa0f84c21fc5d04af03104785f85cb880ae61024cf6cfd1dc14149fdff6653968458fb5761cf2cbf8263e915099eb209d1d149bd7a5b4e48b108f07a1f7c17aa4cbf7b3aa25075956f93f127d46b6392834e7781e46f0e2d1ba14ce2f2d91f9db106bf94c7110ace1bf6105cd9351031e0ec7b52a599ae41256581c1379be5882c352c750709c1b8d37cd8d1442ae5547db0f5a1371eca211f028428572a0fcc4c0852ec1f9be4de14a32536087f520cdeaf54c52b203bb6ff0008b2099fb0e1dff4547563a71db416c5b97ef8e7677d8edd15a2ae75dc64b817117fe5e0478cfa1a18e15cb44cfcc990c5f01127b3906187c18562c876631a046a70015e84b6c553be23168e572cedb5912a6505ff8bb65722cc0e9556e967600711b8d8a8e414811c9809aa3e15f680fdbb2b2297e414824fda530b501b278c35f3f0f0ac61da3262de7b8aa44e31544c593c8521f8ce4921b8d7df7d7382c97718efd03650caa5620bc0e6fb9753dfe26c78b0b6a3231391b9324ee6b7c81b45e7e90e5573ab6cb263b114d78eaba7eb2bc668dd57b6eef126abcdf8355656beac58ddbaeb0551a4083fd5a2bd0e405d35737b7c3c6f0f0190403c13b57e3ef7b6b76206725758523ef98e4053fb8e05147a74577b61b0935dc5eb699945d3290e78bcc9015c9c3210ffed7d6e96c6c8202e46ad37155d07f3e8c2d9a":"105d324ec021d57640dee474c442f3a25390de6ff13175f70fad977003bd78fcdfeda87d2a5cc8447b9729990b11e7949c6ebb37a2d3c2fa69a85d79d216a6a489c8c5186576c112ca94c1bce156b819fb010a4168e8c91e777b87dceb0de4f1828c45297e3b513f4ff57bfb874a7c0d3cd709332922394bcddbc0bf959668810ce1ec8dbff662ea620b9ee7186cdde9845185ea87ded242fbffb7f526d875b6b1dbd09a4008b4d2c1034621a75efd6140c7d6fc883d79f7c3b7f7ae21b74e62a9c26f682c9dd48cacdc7f0c4ec5eb32a5c505aa5949d4008ece502bca5612f84ae73164acd2d3399cc9aee5cf615de62dd31c63a407f5c988b5c61a124ce08c":"" PSA key agreement: FFDH RFC7919 6144 key + HKDF-SHA256: read 255+1 -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_6144 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"bbaec0a6c20e67aa77bd9db1f682b20227d3e17944ccf9ea639e437202309c29dc876a8d209e81e59e1d7584284089c4ffb3356e28acca6c94164752e7e331cee7fccdb3d08604a5faaf91c02cab4ea6ad2926e28d1dee9fadd437b2b8a5116c689869c0972529e4c362aaa8427c95f42d8a60c1f38f9f672c837a097bcd1a8c068c11a33ce36517915dae1ba47e2646aef079e6c84b9656991ef0f6ceb9f7f95c97e7232cc5c41c0335aed99169133702cb8d95ef1e9eb5af583f3469a77277243fe61f16dd5b4f9f4972e3d30050f289f891daf8146ff87cf2845c419dfe2ca0525c5e2e8fc6566d7118fadaf0103b24319061f862e2584e5fba1063d55365b78379820d335ee924ac0871ceb3a2a339fba250011371b53426bab5f48e9704b7a9e77d14d5f6cafcfbdb45463e6935be31bc87eafd9b6d228a5b76c2baa6364f450a4ac557dd07ed4b1a13f5603e2b3bb270e831f0f2950f52c52d866fdaeb748a4cbb6f20b332795fffb8cf77a34ef75d8105973f1fdada6a3b050a28c12268104a8f1cce9a86ebce1749a97e9e5f00608229799aa5b7a356fca7b8bb5c7829cb18a136836bb37f5165deb89b33f0b69c473236025bc649d382d008fbc7c8c84390b9d86b173e45fa1e162e0eabd7914f2ec4c26d5350be064fc0d68bf16446188dd4a76ac1267a63b764070b48342a884891eeddbba95257348764c646aef160523af105a719aedb041a28b81516dbe89e80592f687eb341aff447a4165ac145889ae3e8a14c948c82b581b35d8f7d1c4f5e0f838773a472ad0025b1ca0b1c8bfe58c42079194b9aa9c5a1139472e7f917655a3ae297c9a8e3bfa6e108242a5ac01b92a9e94d7b51fbe2732d68f1ec5c12607add5e9bddbe5a4837e9fa16a66b5d83456df4f9febb14158dc5ea467b7cc288fe58f28cade38fa3d4c8864c3cb93bda6d39ad28f7dab8b8c0be34f675d268d82ba6a2e22ba49a5e7de5d08edae35ec17d1419288719a4f82dfb7aad6f7b68c4216c69b83af7438771622e48381841d1fcb6081d41b1b84eae37912b34dc8df1794bb47ad87f94d9c841aa98":"31b48495f611fd0205994fc523bfbc6b72949417f28392d30c1c98878bde0ca467ab6d6fe58522df9749154f95c9683f9590c295cd2b62ff9c59f2a71aaa3f7cb72761740cdcac8994c3623e8c07e2991dac60c2ccba818623013467cfca64f9a3b58523d4a4982571365db08aa9de048303c2a48d1c02c9aafc2ecd6eaae1c5bce8314503d0711d755b59134cbfc773250690121f58fc5171ea34fe88e753d5ab3da23e0557aa326b408c2f55aad2b6f40504509c2203f353bcb17e7b2c61fdcba04c3f8c136ef5d14c38ded6ff0455f59f3052b52b2d45f76a2c3b4b09af388a57ebd9d33393853b83b8033b6973cf662907e62380b66b4ce04b82ab8fcd35f40083a330587e27daa0f84c21fc5d04af03104785f85cb880ae61024cf6cfd1dc14149fdff6653968458fb5761cf2cbf8263e915099eb209d1d149bd7a5b4e48b108f07a1f7c17aa4cbf7b3aa25075956f93f127d46b6392834e7781e46f0e2d1ba14ce2f2d91f9db106bf94c7110ace1bf6105cd9351031e0ec7b52a599ae41256581c1379be5882c352c750709c1b8d37cd8d1442ae5547db0f5a1371eca211f028428572a0fcc4c0852ec1f9be4de14a32536087f520cdeaf54c52b203bb6ff0008b2099fb0e1dff4547563a71db416c5b97ef8e7677d8edd15a2ae75dc64b817117fe5e0478cfa1a18e15cb44cfcc990c5f01127b3906187c18562c876631a046a70015e84b6c553be23168e572cedb5912a6505ff8bb65722cc0e9556e967600711b8d8a8e414811c9809aa3e15f680fdbb2b2297e414824fda530b501b278c35f3f0f0ac61da3262de7b8aa44e31544c593c8521f8ce4921b8d7df7d7382c97718efd03650caa5620bc0e6fb9753dfe26c78b0b6a3231391b9324ee6b7c81b45e7e90e5573ab6cb263b114d78eaba7eb2bc668dd57b6eef126abcdf8355656beac58ddbaeb0551a4083fd5a2bd0e405d35737b7c3c6f0f0190403c13b57e3ef7b6b76206725758523ef98e4053fb8e05147a74577b61b0935dc5eb699945d3290e78bcc9015c9c3210ffed7d6e96c6c8202e46ad37155d07f3e8c2d9a":"105d324ec021d57640dee474c442f3a25390de6ff13175f70fad977003bd78fcdfeda87d2a5cc8447b9729990b11e7949c6ebb37a2d3c2fa69a85d79d216a6a489c8c5186576c112ca94c1bce156b819fb010a4168e8c91e777b87dceb0de4f1828c45297e3b513f4ff57bfb874a7c0d3cd709332922394bcddbc0bf959668810ce1ec8dbff662ea620b9ee7186cdde9845185ea87ded242fbffb7f526d875b6b1dbd09a4008b4d2c1034621a75efd6140c7d6fc883d79f7c3b7f7ae21b74e62a9c26f682c9dd48cacdc7f0c4ec5eb32a5c505aa5949d4008ece502bca5612f84ae73164acd2d3399cc9aee5cf615de62dd31c63a407f5c988b5c61a124ce0":"8c" PSA key agreement: FFDH RFC7919 6144 key + HKDF-SHA256: read 1+255 -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_DH_RFC7919_6144 key_agreement_output:PSA_ALG_KEY_AGREEMENT(PSA_ALG_FFDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):"bbaec0a6c20e67aa77bd9db1f682b20227d3e17944ccf9ea639e437202309c29dc876a8d209e81e59e1d7584284089c4ffb3356e28acca6c94164752e7e331cee7fccdb3d08604a5faaf91c02cab4ea6ad2926e28d1dee9fadd437b2b8a5116c689869c0972529e4c362aaa8427c95f42d8a60c1f38f9f672c837a097bcd1a8c068c11a33ce36517915dae1ba47e2646aef079e6c84b9656991ef0f6ceb9f7f95c97e7232cc5c41c0335aed99169133702cb8d95ef1e9eb5af583f3469a77277243fe61f16dd5b4f9f4972e3d30050f289f891daf8146ff87cf2845c419dfe2ca0525c5e2e8fc6566d7118fadaf0103b24319061f862e2584e5fba1063d55365b78379820d335ee924ac0871ceb3a2a339fba250011371b53426bab5f48e9704b7a9e77d14d5f6cafcfbdb45463e6935be31bc87eafd9b6d228a5b76c2baa6364f450a4ac557dd07ed4b1a13f5603e2b3bb270e831f0f2950f52c52d866fdaeb748a4cbb6f20b332795fffb8cf77a34ef75d8105973f1fdada6a3b050a28c12268104a8f1cce9a86ebce1749a97e9e5f00608229799aa5b7a356fca7b8bb5c7829cb18a136836bb37f5165deb89b33f0b69c473236025bc649d382d008fbc7c8c84390b9d86b173e45fa1e162e0eabd7914f2ec4c26d5350be064fc0d68bf16446188dd4a76ac1267a63b764070b48342a884891eeddbba95257348764c646aef160523af105a719aedb041a28b81516dbe89e80592f687eb341aff447a4165ac145889ae3e8a14c948c82b581b35d8f7d1c4f5e0f838773a472ad0025b1ca0b1c8bfe58c42079194b9aa9c5a1139472e7f917655a3ae297c9a8e3bfa6e108242a5ac01b92a9e94d7b51fbe2732d68f1ec5c12607add5e9bddbe5a4837e9fa16a66b5d83456df4f9febb14158dc5ea467b7cc288fe58f28cade38fa3d4c8864c3cb93bda6d39ad28f7dab8b8c0be34f675d268d82ba6a2e22ba49a5e7de5d08edae35ec17d1419288719a4f82dfb7aad6f7b68c4216c69b83af7438771622e48381841d1fcb6081d41b1b84eae37912b34dc8df1794bb47ad87f94d9c841aa98":"31b48495f611fd0205994fc523bfbc6b72949417f28392d30c1c98878bde0ca467ab6d6fe58522df9749154f95c9683f9590c295cd2b62ff9c59f2a71aaa3f7cb72761740cdcac8994c3623e8c07e2991dac60c2ccba818623013467cfca64f9a3b58523d4a4982571365db08aa9de048303c2a48d1c02c9aafc2ecd6eaae1c5bce8314503d0711d755b59134cbfc773250690121f58fc5171ea34fe88e753d5ab3da23e0557aa326b408c2f55aad2b6f40504509c2203f353bcb17e7b2c61fdcba04c3f8c136ef5d14c38ded6ff0455f59f3052b52b2d45f76a2c3b4b09af388a57ebd9d33393853b83b8033b6973cf662907e62380b66b4ce04b82ab8fcd35f40083a330587e27daa0f84c21fc5d04af03104785f85cb880ae61024cf6cfd1dc14149fdff6653968458fb5761cf2cbf8263e915099eb209d1d149bd7a5b4e48b108f07a1f7c17aa4cbf7b3aa25075956f93f127d46b6392834e7781e46f0e2d1ba14ce2f2d91f9db106bf94c7110ace1bf6105cd9351031e0ec7b52a599ae41256581c1379be5882c352c750709c1b8d37cd8d1442ae5547db0f5a1371eca211f028428572a0fcc4c0852ec1f9be4de14a32536087f520cdeaf54c52b203bb6ff0008b2099fb0e1dff4547563a71db416c5b97ef8e7677d8edd15a2ae75dc64b817117fe5e0478cfa1a18e15cb44cfcc990c5f01127b3906187c18562c876631a046a70015e84b6c553be23168e572cedb5912a6505ff8bb65722cc0e9556e967600711b8d8a8e414811c9809aa3e15f680fdbb2b2297e414824fda530b501b278c35f3f0f0ac61da3262de7b8aa44e31544c593c8521f8ce4921b8d7df7d7382c97718efd03650caa5620bc0e6fb9753dfe26c78b0b6a3231391b9324ee6b7c81b45e7e90e5573ab6cb263b114d78eaba7eb2bc668dd57b6eef126abcdf8355656beac58ddbaeb0551a4083fd5a2bd0e405d35737b7c3c6f0f0190403c13b57e3ef7b6b76206725758523ef98e4053fb8e05147a74577b61b0935dc5eb699945d3290e78bcc9015c9c3210ffed7d6e96c6c8202e46ad37155d07f3e8c2d9a":"10":"5d324ec021d57640dee474c442f3a25390de6ff13175f70fad977003bd78fcdfeda87d2a5cc8447b9729990b11e7949c6ebb37a2d3c2fa69a85d79d216a6a489c8c5186576c112ca94c1bce156b819fb010a4168e8c91e777b87dceb0de4f1828c45297e3b513f4ff57bfb874a7c0d3cd709332922394bcddbc0bf959668810ce1ec8dbff662ea620b9ee7186cdde9845185ea87ded242fbffb7f526d875b6b1dbd09a4008b4d2c1034621a75efd6140c7d6fc883d79f7c3b7f7ae21b74e62a9c26f682c9dd48cacdc7f0c4ec5eb32a5c505aa5949d4008ece502bca5612f84ae73164acd2d3399cc9aee5cf615de62dd31c63a407f5c988b5c61a124ce08c" PSA generate random: 0 bytes @@ -7345,23 +7345,23 @@ PSA generate key: RSA, e=2 generate_key_rsa:PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS:"02":PSA_ERROR_INVALID_ARGUMENT PSA generate key: FFDH, 2048 bits, good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE:PSA_WANT_DH_RFC7919_2048 generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):2048:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_SUCCESS:0 PSA generate key: FFDH, 3072 bits, good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE:PSA_WANT_DH_RFC7919_3072 generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):3072:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_SUCCESS:0 PSA generate key: FFDH, 4096 bits, good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE:PSA_WANT_DH_RFC7919_4096 generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):4096:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_SUCCESS:0 PSA generate key: FFDH, 6144 bits, good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE:PSA_WANT_DH_RFC7919_6144 generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):6144:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_SUCCESS:0 PSA generate key: FFDH, 8192 bits, good -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE +depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE:PSA_WANT_DH_RFC7919_8192 generate_key:PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):8192:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:PSA_SUCCESS:0 PSA generate key: FFDH, 1024 bits, invalid bits From 1161b44981deb1d12203bb68453a42c61b0702b6 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 15:53:11 +0100 Subject: [PATCH 1390/1674] crypto_config_test_driver_extension: support accelaration of DH groups Signed-off-by: Valerio Setti --- .../crypto_config_test_driver_extension.h | 40 +++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h index 768a9a69f..dac07acd3 100644 --- a/tests/include/test/drivers/crypto_config_test_driver_extension.h +++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h @@ -192,6 +192,46 @@ #endif #endif +#if defined(PSA_WANT_DH_RFC7919_2048) +#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048) +#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_2048 +#else +#define MBEDTLS_PSA_ACCEL_DH_RFC7919_2048 +#endif +#endif + +#if defined(PSA_WANT_DH_RFC7919_3072) +#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072) +#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_3072 +#else +#define MBEDTLS_PSA_ACCEL_DH_RFC7919_3072 +#endif +#endif + +#if defined(PSA_WANT_DH_RFC7919_4096) +#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096) +#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_4096 +#else +#define MBEDTLS_PSA_ACCEL_DH_RFC7919_4096 +#endif +#endif + +#if defined(PSA_WANT_DH_RFC7919_6144) +#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144) +#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_6144 +#else +#define MBEDTLS_PSA_ACCEL_DH_RFC7919_6144 +#endif +#endif + +#if defined(PSA_WANT_DH_RFC7919_8192) +#if defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192) +#undef MBEDTLS_PSA_ACCEL_DH_RFC7919_8192 +#else +#define MBEDTLS_PSA_ACCEL_DH_RFC7919_8192 +#endif +#endif + #if defined(PSA_WANT_ALG_FFDH) #if defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) #undef MBEDTLS_PSA_ACCEL_ALG_FFDH From 78aa0bc1d93aae9c326c2fc20f90983f2798139a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 15:53:46 +0100 Subject: [PATCH 1391/1674] all.sh: fix tests with accelerated FFDH Explicitly accelerate also DH groups in those tests. Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 0b2a36aa3..d2c927327 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -907,6 +907,18 @@ helper_get_psa_curve_list () { echo "$loc_list" } +# Helper returning the list of supported DH groups from CRYPTO_CONFIG_H, +# without the "PSA_WANT_" prefix. This becomes handy for accelerating DH groups +# in the following helpers. +helper_get_psa_dh_group_list () { + loc_list="" + for item in $(sed -n 's/^#define PSA_WANT_\(DH_RFC7919_[0-9]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do + loc_list="$loc_list $item" + done + + echo "$loc_list" +} + # Get the list of uncommented PSA_WANT_KEY_TYPE_xxx_ from CRYPTO_CONFIG_H. This # is useful to easily get a list of key type symbols to accelerate. # The function accepts a single argument which is the key type: ECC, DH, RSA. @@ -2573,7 +2585,8 @@ component_test_psa_crypto_config_accel_ffdh () { # Algorithms and key types to accelerate loc_accel_list="ALG_FFDH \ - $(helper_get_psa_key_type_list "DH")" + $(helper_get_psa_key_type_list "DH") \ + $(helper_get_psa_dh_group_list)" # Configure # --------- @@ -3105,6 +3118,7 @@ config_psa_crypto_config_accel_ecc_ffdh_no_bignum() { # PSA sides, and also disable the key exchanges that depend on DHM. scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_FFDH scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*" + scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_DH_RFC7919_[0-9]*" scripts/config.py unset MBEDTLS_DHM_C scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED @@ -3159,7 +3173,8 @@ common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () { if [ "$test_target" = "ECC_DH" ]; then loc_accel_list="$loc_accel_list \ ALG_FFDH \ - $(helper_get_psa_key_type_list "DH")" + $(helper_get_psa_key_type_list "DH") \ + $(helper_get_psa_dh_group_list)" fi # Configure From 43ff242a8b0e2a6d7488e502eb70c55e31a057c4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 18 Jan 2024 08:42:38 +0100 Subject: [PATCH 1392/1674] changelog: fix typo Signed-off-by: Valerio Setti --- ChangeLog.d/8461.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/8461.txt b/ChangeLog.d/8461.txt index 459e47bd2..d6a65f070 100644 --- a/ChangeLog.d/8461.txt +++ b/ChangeLog.d/8461.txt @@ -1,4 +1,4 @@ Bugfix - * Fix unsupported PSA asymmetric encryption and dectryption + * Fix unsupported PSA asymmetric encryption and decryption (psa_asymmetric_[en|de]crypt) with opaque keys. Resolves #8461. From 4f34b155f52fa1015cfe3f1177ed5739e7d07dc7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 18 Jan 2024 08:44:13 +0100 Subject: [PATCH 1393/1674] test_driver_key_management: keep mbedtls_test_opaque_wrap_key() private Only mbedtls_test_opaque_unwrap_key() is actually needed by other test drivers to deal with opaque keys. mbedtls_test_opaque_wrap_key() can be kept private to test_driver_key_management.c. Signed-off-by: Valerio Setti --- tests/include/test/drivers/key_management.h | 4 ---- tests/src/drivers/test_driver_key_management.c | 2 +- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h index 9a68777ec..7b5c4c7bf 100644 --- a/tests/include/test/drivers/key_management.h +++ b/tests/include/test/drivers/key_management.h @@ -67,10 +67,6 @@ void mbedtls_test_transparent_free(void); psa_status_t mbedtls_test_opaque_init(void); void mbedtls_test_opaque_free(void); -psa_status_t mbedtls_test_opaque_wrap_key( - const uint8_t *key, size_t key_length, uint8_t *wrapped_key_buffer, - size_t wrapped_key_buffer_size, size_t *wrapped_key_buffer_length); - psa_status_t mbedtls_test_opaque_unwrap_key( const uint8_t *wrapped_key, size_t wrapped_key_length, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length); diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c index 4188c25c1..a3d532d51 100644 --- a/tests/src/drivers/test_driver_key_management.c +++ b/tests/src/drivers/test_driver_key_management.c @@ -125,7 +125,7 @@ static size_t mbedtls_test_opaque_get_base_size() * The argument wrapped_key_buffer_length is filled with the wrapped * key_size on success. * */ -psa_status_t mbedtls_test_opaque_wrap_key( +static psa_status_t mbedtls_test_opaque_wrap_key( const uint8_t *key, size_t key_length, uint8_t *wrapped_key_buffer, From 05754d8e85ca3cfa896fe59d28302e9dbabf7861 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 18 Jan 2024 09:47:00 +0100 Subject: [PATCH 1394/1674] ssl-opt: add DH groups requirements in test cases using FFDH Signed-off-by: Valerio Setti --- tests/ssl-opt.sh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 26c5a796f..fd2fc0a1b 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -13614,6 +13614,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_3072 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -13638,6 +13639,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_3072 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe3072,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE3072:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe3072" \ @@ -13656,6 +13658,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_4096 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -13680,6 +13683,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_4096 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe4096,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE4096:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe4096" \ @@ -13698,6 +13702,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_6144 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -13721,6 +13726,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_6144 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe6144,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE6144:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe6144" \ @@ -13739,6 +13745,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_8192 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -13763,6 +13770,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_8192 client_needs_more_time 4 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe8192,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE8192:+VERS-TLS1.3:%NO_TICKETS" \ From 18371ee08f8438f1412cae4739b0985fda7890e0 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 18 Jan 2024 09:49:39 +0100 Subject: [PATCH 1395/1674] generate_tls13_compat_tests: add DH group dependency when FFDH is used "tls13-compat.sh" is also updated in this commit using the python script. Signed-off-by: Valerio Setti --- tests/opt-testcases/tls13-compat.sh | 165 +++++++++++++++++++ tests/scripts/generate_tls13_compat_tests.py | 16 +- 2 files changed, 180 insertions(+), 1 deletion(-) diff --git a/tests/opt-testcases/tls13-compat.sh b/tests/opt-testcases/tls13-compat.sh index 1190a87ee..9cf2550a0 100755 --- a/tests/opt-testcases/tls13-compat.sh +++ b/tests/opt-testcases/tls13-compat.sh @@ -363,6 +363,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -380,6 +381,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -397,6 +399,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -415,6 +418,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_128_GCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -777,6 +781,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp256r1_sha256" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -794,6 +799,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp384r1_sha384" \ "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -811,6 +817,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp521r1_sha512" \ "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -829,6 +836,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_256_GCM_SHA384,ffdhe2048,rsa_pss_rsae_sha256" \ "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -1191,6 +1199,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -1208,6 +1217,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -1225,6 +1235,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -1243,6 +1254,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: CHACHA20_POLY1305_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -1605,6 +1617,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -1622,6 +1635,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -1639,6 +1653,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -1657,6 +1672,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_128_CCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -2019,6 +2035,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -2036,6 +2053,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -2053,6 +2071,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -2071,6 +2090,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: AES_128_CCM_8_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -2473,6 +2493,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -2492,6 +2513,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -2511,6 +2533,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -2531,6 +2554,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -2935,6 +2959,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -2954,6 +2979,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -2973,6 +2999,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -2993,6 +3020,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -3397,6 +3425,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -3416,6 +3445,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -3435,6 +3465,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -3455,6 +3486,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -3859,6 +3891,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -3878,6 +3911,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -3897,6 +3931,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -3917,6 +3952,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -4321,6 +4357,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -4340,6 +4377,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -4359,6 +4397,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -4379,6 +4418,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -4764,6 +4804,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -4782,6 +4823,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -4800,6 +4842,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -4819,6 +4862,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_128_GCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -5202,6 +5246,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -5220,6 +5265,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -5238,6 +5284,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -5257,6 +5304,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_256_GCM_SHA384,ffdhe2048,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -5640,6 +5688,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -5658,6 +5707,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -5676,6 +5726,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -5695,6 +5746,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: CHACHA20_POLY1305_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -6078,6 +6130,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -6096,6 +6149,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -6114,6 +6168,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -6133,6 +6188,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_128_CCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -6516,6 +6572,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -6534,6 +6591,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -6552,6 +6610,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -6571,6 +6630,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: AES_128_CCM_8_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -6996,6 +7056,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -7016,6 +7077,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -7036,6 +7098,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -7057,6 +7120,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -7482,6 +7546,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -7502,6 +7567,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -7522,6 +7588,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -7543,6 +7610,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_256_GCM_SHA384,ffdhe2048,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-256-GCM:+SHA384:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -7968,6 +8036,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -7988,6 +8057,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -8008,6 +8078,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -8029,6 +8100,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: CHACHA20_POLY1305_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+CHACHA20-POLY1305:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -8454,6 +8526,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -8474,6 +8547,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -8494,6 +8568,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -8515,6 +8590,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_128_CCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -8940,6 +9016,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -8960,6 +9037,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP384R1-SHA384:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -8980,6 +9058,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-ECDSA-SECP521R1-SHA512:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -9001,6 +9080,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: AES_128_CCM_8_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AES-128-CCM-8:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -9548,11 +9628,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -9574,11 +9656,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -9600,11 +9684,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -9627,12 +9713,14 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_128_GCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -10184,11 +10272,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp256r1_sha256" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -10210,11 +10300,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp384r1_sha384" \ "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -10236,11 +10328,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,ffdhe2048,ecdsa_secp521r1_sha512" \ "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -10263,12 +10357,14 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_256_GCM_SHA384,ffdhe2048,rsa_pss_rsae_sha256" \ "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -10820,11 +10916,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -10846,11 +10944,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -10872,11 +10972,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -10899,12 +11001,14 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: CHACHA20_POLY1305_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -11456,11 +11560,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -11482,11 +11588,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -11508,11 +11616,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -11535,12 +11645,14 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_128_CCM_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -12092,11 +12204,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp256r1_sha256" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048" \ @@ -12118,11 +12232,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp384r1_sha384" \ "$P_SRV crt_file=data_files/ecdsa_secp384r1.crt key_file=data_files/ecdsa_secp384r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 groups=ffdhe2048" \ @@ -12144,11 +12260,13 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,ffdhe2048,ecdsa_secp521r1_sha512" \ "$P_SRV crt_file=data_files/ecdsa_secp521r1.crt key_file=data_files/ecdsa_secp521r1.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 groups=ffdhe2048" \ @@ -12171,12 +12289,14 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: AES_128_CCM_8_SHA256,ffdhe2048,rsa_pss_rsae_sha256" \ "$P_SRV crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe2048" \ @@ -12258,6 +12378,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: HRR secp256r1 -> ffdhe2048" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -12333,6 +12454,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: HRR secp384r1 -> ffdhe2048" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -12408,6 +12530,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: HRR secp521r1 -> ffdhe2048" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -12483,6 +12606,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: HRR x25519 -> ffdhe2048" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -12558,6 +12682,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_openssl_tls1_3_with_ffdh run_test "TLS 1.3 O->m: HRR x448 -> ffdhe2048" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ @@ -12716,6 +12841,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -12801,6 +12927,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -12886,6 +13013,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -12971,6 +13099,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -13056,6 +13185,7 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_gnutls_tls1_3 requires_gnutls_next_no_ticket requires_gnutls_next_disable_tls13_compat @@ -13232,6 +13362,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: HRR secp256r1 -> ffdhe2048" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,ffdhe2048" \ @@ -13323,6 +13454,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: HRR secp384r1 -> ffdhe2048" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,ffdhe2048" \ @@ -13414,6 +13546,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: HRR secp521r1 -> ffdhe2048" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,ffdhe2048" \ @@ -13505,6 +13638,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: HRR x25519 -> ffdhe2048" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,ffdhe2048" \ @@ -13596,6 +13730,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: HRR x448 -> ffdhe2048" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups ffdhe2048 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,ffdhe2048" \ @@ -13615,6 +13750,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: HRR ffdhe2048 -> secp256r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp256r1" \ @@ -13634,6 +13770,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: HRR ffdhe2048 -> secp384r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-384 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp384r1" \ @@ -13653,6 +13790,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: HRR ffdhe2048 -> secp521r1" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups P-521 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp521r1" \ @@ -13672,6 +13810,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: HRR ffdhe2048 -> x25519" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X25519 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,x25519" \ @@ -13691,6 +13830,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->O: HRR ffdhe2048 -> x448" \ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -groups X448 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,x448" \ @@ -13792,6 +13932,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: HRR secp256r1 -> ffdhe2048" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,ffdhe2048" \ @@ -13893,6 +14034,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: HRR secp384r1 -> ffdhe2048" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,ffdhe2048" \ @@ -13994,6 +14136,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: HRR secp521r1 -> ffdhe2048" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,ffdhe2048" \ @@ -14095,6 +14238,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: HRR x25519 -> ffdhe2048" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,ffdhe2048" \ @@ -14196,6 +14340,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: HRR x448 -> ffdhe2048" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-FFDHE2048:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,ffdhe2048" \ @@ -14217,6 +14362,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: HRR ffdhe2048 -> secp256r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP256R1:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp256r1" \ @@ -14238,6 +14384,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: HRR ffdhe2048 -> secp384r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP384R1:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp384r1" \ @@ -14259,6 +14406,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: HRR ffdhe2048 -> secp521r1" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-SECP521R1:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp521r1" \ @@ -14280,6 +14428,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: HRR ffdhe2048 -> x25519" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X25519:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,x25519" \ @@ -14301,6 +14450,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->G: HRR ffdhe2048 -> x448" \ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+GROUP-X448:+VERS-TLS1.3:%NO_TICKETS" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,x448" \ @@ -14418,12 +14568,14 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: HRR secp256r1 -> ffdhe2048" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1,ffdhe2048" \ @@ -14544,12 +14696,14 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: HRR secp384r1 -> ffdhe2048" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1,ffdhe2048" \ @@ -14670,12 +14824,14 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: HRR secp521r1 -> ffdhe2048" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1,ffdhe2048" \ @@ -14796,12 +14952,14 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: HRR x25519 -> ffdhe2048" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519,ffdhe2048" \ @@ -14922,12 +15080,14 @@ requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: HRR x448 -> ffdhe2048" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448,ffdhe2048" \ @@ -14954,6 +15114,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: HRR ffdhe2048 -> secp256r1" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp256r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp256r1" \ @@ -14980,6 +15141,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: HRR ffdhe2048 -> secp384r1" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp384r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp384r1" \ @@ -15006,6 +15168,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: HRR ffdhe2048 -> secp521r1" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=secp521r1 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,secp521r1" \ @@ -15032,6 +15195,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: HRR ffdhe2048 -> x25519" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x25519 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,x25519" \ @@ -15058,6 +15222,7 @@ requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE requires_config_enabled PSA_WANT_ALG_ECDH requires_config_enabled PSA_WANT_ALG_FFDH +requires_config_enabled PSA_WANT_DH_RFC7919_2048 run_test "TLS 1.3 m->m: HRR ffdhe2048 -> x448" \ "$P_SRV crt_file=data_files/ecdsa_secp256r1.crt key_file=data_files/ecdsa_secp256r1.key debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=x448 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ "$P_CLI ca_file=data_files/test-ca2.crt debug_level=4 sig_algs=ecdsa_secp256r1_sha256 groups=ffdhe2048,x448" \ diff --git a/tests/scripts/generate_tls13_compat_tests.py b/tests/scripts/generate_tls13_compat_tests.py index fdb264d7b..8b28590b8 100755 --- a/tests/scripts/generate_tls13_compat_tests.py +++ b/tests/scripts/generate_tls13_compat_tests.py @@ -353,6 +353,19 @@ class MbedTLSBase(TLSProgram): ret += ["groups={named_groups}".format(named_groups=named_groups)] return ret + #pylint: disable=missing-function-docstring + def add_ffdh_group_requirements(self, requirement_list): + if 'ffdhe2048' in self._named_groups: + requirement_list.append('requires_config_enabled PSA_WANT_DH_RFC7919_2048') + if 'ffdhe3072' in self._named_groups: + requirement_list.append('requires_config_enabled PSA_WANT_DH_RFC7919_2048') + if 'ffdhe4096' in self._named_groups: + requirement_list.append('requires_config_enabled PSA_WANT_DH_RFC7919_2048') + if 'ffdhe6144' in self._named_groups: + requirement_list.append('requires_config_enabled PSA_WANT_DH_RFC7919_2048') + if 'ffdhe8192' in self._named_groups: + requirement_list.append('requires_config_enabled PSA_WANT_DH_RFC7919_2048') + def pre_checks(self): ret = ['requires_config_enabled MBEDTLS_DEBUG_C', 'requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED'] @@ -365,13 +378,14 @@ class MbedTLSBase(TLSProgram): 'requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT') ec_groups = ['secp256r1', 'secp384r1', 'secp521r1', 'x25519', 'x448'] - ffdh_groups = ['ffdhe2048'] + ffdh_groups = ['ffdhe2048', 'ffdhe3072', 'ffdhe4096', 'ffdhe6144', 'ffdhe8192'] if any(x in ec_groups for x in self._named_groups): ret.append('requires_config_enabled PSA_WANT_ALG_ECDH') if any(x in ffdh_groups for x in self._named_groups): ret.append('requires_config_enabled PSA_WANT_ALG_FFDH') + self.add_ffdh_group_requirements(ret) return ret From 491f7e5ac3f03e247571f3c5088619bf8a807051 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Mon, 8 Jan 2024 11:04:21 +0000 Subject: [PATCH 1396/1674] Define key_slot_mutex Signed-off-by: Ryan Everett --- library/psa_crypto_slot_management.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 8d7ff908e..2d24e6deb 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -23,10 +23,27 @@ #include #include #include "mbedtls/platform.h" +#if defined(MBEDTLS_THREADING_C) +#include "mbedtls/threading.h" +#endif typedef struct { psa_key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT]; uint8_t key_slots_initialized; + +#if defined(MBEDTLS_THREADING_C) + /* + * A mutex used to make the PSA subsystem thread safe. + * + * key_slot_mutex protects key_slots[i].registered_readers and + * key_slots[i].state for all valid i. + * + * This mutex must be held when any read from or write to a state or + * registered_readers field is performed, i.e. when calling functions: + * psa_key_slot_state_transition, psa_register_read, psa_unregister_read, + * psa_key_slot_has_readers and psa_wipe_key_slot. */ + mbedtls_threading_mutex_t MBEDTLS_PRIVATE(key_slot_mutex); +#endif } psa_global_data_t; static psa_global_data_t global_data; From 846889355c0863e4b16745c535e425b66050f4cc Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Mon, 8 Jan 2024 11:10:03 +0000 Subject: [PATCH 1397/1674] Initialize and free the key slot mutex Signed-off-by: Ryan Everett --- library/psa_crypto_slot_management.c | 17 ++++++++++++++++- library/psa_crypto_slot_management.h | 8 ++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 2d24e6deb..180aecb58 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -147,7 +147,14 @@ static psa_status_t psa_get_and_lock_key_slot_in_memory( psa_status_t psa_initialize_key_slots(void) { - /* Nothing to do: program startup and psa_wipe_all_key_slots() both +#if defined(MBEDTLS_THREADING_C) + /* Initialize the global key slot mutex. */ + if (!global_data.key_slots_initialized) { + mbedtls_mutex_init(&global_data.key_slot_mutex); + } +#endif + + /* Program startup and psa_wipe_all_key_slots() both * guarantee that the key slots are initialized to all-zero, which * means that all the key slots are in a valid, empty state. */ global_data.key_slots_initialized = 1; @@ -164,6 +171,14 @@ void psa_wipe_all_key_slots(void) slot->state = PSA_SLOT_PENDING_DELETION; (void) psa_wipe_key_slot(slot); } + +#if defined(MBEDTLS_THREADING_C) + /* Free the global key slot mutex. */ + if (global_data.key_slots_initialized) { + mbedtls_mutex_free(&global_data.key_slot_mutex); + } +#endif + global_data.key_slots_initialized = 0; } diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 0b0d7b320..01778f899 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -85,6 +85,10 @@ psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot); /** Initialize the key slot structures. + * If multi-threading is enabled then initialize the key slot mutex. + * This function is not thread-safe, + * if called by competing threads the key slot mutex may be initialized + * more than once. * * \retval #PSA_SUCCESS * Currently this function always succeeds. @@ -92,6 +96,10 @@ psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key, psa_status_t psa_initialize_key_slots(void); /** Delete all data from key slots in memory. + * If multi-threading is enabled then free the key slot mutex. + * This function is not thread-safe, + * if called by competing threads the key slot mutex may be freed + * more than once. * * This does not affect persistent storage. */ void psa_wipe_all_key_slots(void); From 0e3b677cf4600bec736020715f85909f4534c5dd Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Mon, 8 Jan 2024 11:11:39 +0000 Subject: [PATCH 1398/1674] Support PSA_ERROR_SERVICE_FAILURE To be returned in the case where mbedtls_mutex_lock and mbedtls_mutex_unlock fail. Signed-off-by: Ryan Everett --- include/psa/crypto_values.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 8d30bf0fb..90d98fdb7 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -279,6 +279,11 @@ * to read from a resource. */ #define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143) +/** This can be returned if a function can no longer operate correctly. + * For example, if an essential initialization operation failed or + * a mutex operation failed. */ +#define PSA_ERROR_SERVICE_FAILURE ((psa_status_t)-144) + /** The key identifier is not valid. See also :ref:\`key-handles\`. */ #define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136) From fb02d57de790dc4cc27b5f9a43c4433c13a5ed60 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Mon, 8 Jan 2024 11:13:03 +0000 Subject: [PATCH 1399/1674] Document the thread safety of the primitive key slot functions Signed-off-by: Ryan Everett --- library/psa_crypto_core.h | 4 ++++ library/psa_crypto_slot_management.h | 10 ++++++++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 1edd63e25..7b167248e 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -117,6 +117,8 @@ typedef struct { 0) /** Test whether a key slot has any registered readers. + * If multi-threading is enabled, the caller must hold the + * global key slot mutex. * * \param[in] slot The key slot to test. * @@ -195,6 +197,8 @@ static inline psa_key_slot_number_t psa_key_slot_get_slot_number( * * Persistent storage is not affected. * Sets the slot's state to PSA_SLOT_EMPTY. + * If multi-threading is enabled, the caller must hold the + * global key slot mutex. * * \param[in,out] slot The key slot to wipe. * diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 01778f899..fc46257f2 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -134,6 +134,9 @@ psa_status_t psa_reserve_free_key_slot(psa_key_id_t *volatile_key_id, * new state. If the state of the slot was not expected_state, the state is * unchanged. * + * If multi-threading is enabled, the caller must hold the + * global key slot mutex. + * * \param[in] slot The key slot. * \param[in] expected_state The current state of the slot. * \param[in] new_state The new state of the slot. @@ -157,7 +160,8 @@ static inline psa_status_t psa_key_slot_state_transition( /** Register as a reader of a key slot. * * This function increments the key slot registered reader counter by one. - * + * If multi-threading is enabled, the caller must hold the + * global key slot mutex. * \param[in] slot The key slot. * * \retval #PSA_SUCCESS @@ -182,7 +186,9 @@ static inline psa_status_t psa_register_read(psa_key_slot_t *slot) * This function decrements the key slot registered reader counter by one. * If the state of the slot is PSA_SLOT_PENDING_DELETION, * and there is only one registered reader (the caller), - * this function will call psa_wipe_key_slot(). + * this function will call psa_wipe_slot(). + * If multi-threading is enabled, the caller must hold the + * global key slot mutex. * * \note To ease the handling of errors in retrieving a key slot * a NULL input pointer is valid, and the function returns From d929106f361297a9a495545307f0e6183aa88b12 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 09:48:06 +0100 Subject: [PATCH 1400/1674] ssl_ciphersuites: move internal functions declarations to a private header Signed-off-by: Valerio Setti --- include/mbedtls/ssl_ciphersuites.h | 139 ------------------------- library/ssl_ciphersuites_internal.h | 154 ++++++++++++++++++++++++++++ library/ssl_misc.h | 1 + 3 files changed, 155 insertions(+), 139 deletions(-) create mode 100644 library/ssl_ciphersuites_internal.h diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 8cecbb625..f755ef304 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -463,18 +463,6 @@ const int *mbedtls_ssl_list_ciphersuites(void); const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(const char *ciphersuite_name); const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite_id); -#if defined(MBEDTLS_PK_C) -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info); -#if defined(MBEDTLS_USE_PSA_CRYPTO) -psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_ciphersuite_t *info); -psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage(const mbedtls_ssl_ciphersuite_t *info); -#endif -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info); -#endif - -int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info); -int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info); - static inline const char *mbedtls_ssl_ciphersuite_get_name(const mbedtls_ssl_ciphersuite_t *info) { return info->MBEDTLS_PRIVATE(name); @@ -482,133 +470,6 @@ static inline const char *mbedtls_ssl_ciphersuite_get_name(const mbedtls_ssl_cip size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen(const mbedtls_ssl_ciphersuite_t *info); -#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED) -static inline int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info) -{ - switch (info->MBEDTLS_PRIVATE(key_exchange)) { - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_PSK: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECJPAKE: - return 1; - - default: - return 0; - } -} -#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED) -static inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info) -{ - switch (info->MBEDTLS_PRIVATE(key_exchange)) { - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_PSK: - case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - return 1; - - default: - return 0; - } -} -#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info) -{ - switch (info->MBEDTLS_PRIVATE(key_exchange)) { - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - return 1; - - default: - return 0; - } -} -#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */ - -static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info) -{ - switch (info->MBEDTLS_PRIVATE(key_exchange)) { - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return 1; - - default: - return 0; - } -} - -static inline int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info) -{ - switch (info->MBEDTLS_PRIVATE(key_exchange)) { - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return 1; - - default: - return 0; - } -} - -#if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_dhe(const mbedtls_ssl_ciphersuite_t *info) -{ - switch (info->MBEDTLS_PRIVATE(key_exchange)) { - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_PSK: - return 1; - - default: - return 0; - } -} -#endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */ - -#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info) -{ - switch (info->MBEDTLS_PRIVATE(key_exchange)) { - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - return 1; - - default: - return 0; - } -} -#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */ - -#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_server_signature( - const mbedtls_ssl_ciphersuite_t *info) -{ - switch (info->MBEDTLS_PRIVATE(key_exchange)) { - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return 1; - - default: - return 0; - } -} -#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */ - #ifdef __cplusplus } #endif diff --git a/library/ssl_ciphersuites_internal.h b/library/ssl_ciphersuites_internal.h new file mode 100644 index 000000000..27ff72106 --- /dev/null +++ b/library/ssl_ciphersuites_internal.h @@ -0,0 +1,154 @@ +/** + * \file ssl_ciphersuites_internal.h + * + * \brief Internal part of the public "ssl_ciphersuites.h". + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ +#ifndef MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H +#define MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H + +#include "mbedtls/pk.h" + +#if defined(MBEDTLS_PK_C) +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info); +#if defined(MBEDTLS_USE_PSA_CRYPTO) +psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_ciphersuite_t *info); +psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage(const mbedtls_ssl_ciphersuite_t *info); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info); +#endif /* MBEDTLS_PK_C */ + +int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info); +int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info); + +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED) +static inline int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info) +{ + switch (info->MBEDTLS_PRIVATE(key_exchange)) { + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_DHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECJPAKE: + return 1; + + default: + return 0; + } +} +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED) +static inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info) +{ + switch (info->MBEDTLS_PRIVATE(key_exchange)) { + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_PSK: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + return 1; + + default: + return 0; + } +} +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) +static inline int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info) +{ + switch (info->MBEDTLS_PRIVATE(key_exchange)) { + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + return 1; + + default: + return 0; + } +} +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */ + +static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info) +{ + switch (info->MBEDTLS_PRIVATE(key_exchange)) { + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return 1; + + default: + return 0; + } +} + +static inline int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info) +{ + switch (info->MBEDTLS_PRIVATE(key_exchange)) { + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return 1; + + default: + return 0; + } +} + +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) +static inline int mbedtls_ssl_ciphersuite_uses_dhe(const mbedtls_ssl_ciphersuite_t *info) +{ + switch (info->MBEDTLS_PRIVATE(key_exchange)) { + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_DHE_PSK: + return 1; + + default: + return 0; + } +} +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */ + +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) +static inline int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info) +{ + switch (info->MBEDTLS_PRIVATE(key_exchange)) { + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: + return 1; + + default: + return 0; + } +} +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */ + +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED) +static inline int mbedtls_ssl_ciphersuite_uses_server_signature( + const mbedtls_ssl_ciphersuite_t *info) +{ + switch (info->MBEDTLS_PRIVATE(key_exchange)) { + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return 1; + + default: + return 0; + } +} +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */ + +#endif /* MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H */ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 96afe7628..7cbc6af60 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -44,6 +44,7 @@ #endif #include "mbedtls/pk.h" +#include "ssl_ciphersuites_internal.h" #include "pk_internal.h" #include "common.h" From a184fd0516b5a059d9e9a0ab3912345385ff9b72 Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Thu, 11 Jan 2024 10:05:00 +0000 Subject: [PATCH 1401/1674] programs/dh_client/server: Replaced mbedtls_sha1 with mbedtls_sha256 Signed-off-by: Minos Galanakis --- programs/pkey/dh_client.c | 16 ++++++++-------- programs/pkey/dh_server.c | 15 +++++++-------- 2 files changed, 15 insertions(+), 16 deletions(-) diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 0cb156268..d8fc86fa0 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -14,8 +14,7 @@ #if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) && \ - defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \ - defined(MBEDTLS_MD_CAN_SHA1) + defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) #include "mbedtls/net_sockets.h" #include "mbedtls/aes.h" #include "mbedtls/dhm.h" @@ -30,18 +29,19 @@ #define SERVER_NAME "localhost" #define SERVER_PORT "11999" +#define MBEDTLS_MD_CAN_SHA256_MAX_SIZE 32 #if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ - !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_SHA1_C) + !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) + int main(void) { mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_SHA1_C not defined.\n"); + "MBEDTLS_CTR_DRBG_C not defined.\n"); mbedtls_exit(0); } @@ -65,7 +65,7 @@ int main(void) unsigned char *p, *end; unsigned char buf[2048]; - unsigned char hash[32]; + unsigned char hash[MBEDTLS_MD_CAN_SHA256_MAX_SIZE]; const char *pers = "dh_client"; mbedtls_entropy_context entropy; @@ -187,13 +187,13 @@ int main(void) goto exit; } - if ((ret = mbedtls_sha1(buf, (int) (p - 2 - buf), hash)) != 0) { + if ((ret = mbedtls_sha256(buf, (int) (p - 2 - buf), hash, 0)) != 0) { mbedtls_printf(" failed\n ! mbedtls_sha1 returned %d\n\n", ret); goto exit; } if ((ret = mbedtls_rsa_pkcs1_verify(&rsa, MBEDTLS_MD_SHA256, - 32, hash, p)) != 0) { + MBEDTLS_MD_CAN_SHA256_MAX_SIZE, hash, p)) != 0) { mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret); goto exit; } diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index adddbf2fb..11c2b28c6 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -14,8 +14,7 @@ #if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) && \ - defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \ - defined(MBEDTLS_MD_CAN_SHA1) + defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) #include "mbedtls/net_sockets.h" #include "mbedtls/aes.h" #include "mbedtls/dhm.h" @@ -30,18 +29,18 @@ #define SERVER_PORT "11999" #define PLAINTEXT "==Hello there!==" +#define MBEDTLS_MD_CAN_SHA256_MAX_SIZE 32 #if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ - !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_SHA1_C) + !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) int main(void) { mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_SHA1_C not defined.\n"); + "MBEDTLS_CTR_DRBG_C not defined.\n"); mbedtls_exit(0); } #else @@ -57,7 +56,7 @@ int main(void) mbedtls_net_context listen_fd, client_fd; unsigned char buf[2048]; - unsigned char hash[32]; + unsigned char hash[MBEDTLS_MD_CAN_SHA256_MAX_SIZE]; unsigned char buf2[2]; const char *pers = "dh_server"; @@ -186,7 +185,7 @@ int main(void) /* * 5. Sign the parameters and send them */ - if ((ret = mbedtls_sha1(buf, n, hash)) != 0) { + if ((ret = mbedtls_sha256(buf, n, hash, 0)) != 0) { mbedtls_printf(" failed\n ! mbedtls_sha1 returned %d\n\n", ret); goto exit; } @@ -195,7 +194,7 @@ int main(void) buf[n + 1] = (unsigned char) (rsa.MBEDTLS_PRIVATE(len)); if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, NULL, NULL, MBEDTLS_MD_SHA256, - 32, hash, buf + n + 2)) != 0) { + MBEDTLS_MD_CAN_SHA256_MAX_SIZE, hash, buf + n + 2)) != 0) { mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret); goto exit; } From f4dfd1c8a5282ea0a9d0641d2fd6dd0649a5c92f Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Fri, 12 Jan 2024 16:06:15 +0000 Subject: [PATCH 1402/1674] programs/dh_client/server: Added entropy source to `mbedtls_rsa_pkcs1_sign()` Signed-off-by: Minos Galanakis --- programs/pkey/dh_server.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 11c2b28c6..7d7618be1 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -193,8 +193,9 @@ int main(void) buf[n] = (unsigned char) (rsa.MBEDTLS_PRIVATE(len) >> 8); buf[n + 1] = (unsigned char) (rsa.MBEDTLS_PRIVATE(len)); - if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, NULL, NULL, MBEDTLS_MD_SHA256, - MBEDTLS_MD_CAN_SHA256_MAX_SIZE, hash, buf + n + 2)) != 0) { + if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, mbedtls_ctr_drbg_random, &ctr_drbg, + MBEDTLS_MD_SHA256, MBEDTLS_MD_CAN_SHA256_MAX_SIZE, + hash, buf + n + 2)) != 0) { mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret); goto exit; } From b6a96195fb188d9e0e0bc4b4e2c70a78db116d03 Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Fri, 12 Jan 2024 14:34:14 +0000 Subject: [PATCH 1403/1674] programs_dh_client/server: Updated programs to use `mbedtls_rsa_get_len()` Signed-off-by: Minos Galanakis --- programs/pkey/dh_client.c | 16 +++++++++------- programs/pkey/dh_server.c | 7 ++++--- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index d8fc86fa0..774051c5d 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -66,6 +66,7 @@ int main(void) unsigned char *p, *end; unsigned char buf[2048]; unsigned char hash[MBEDTLS_MD_CAN_SHA256_MAX_SIZE]; + mbedtls_mpi N, E; const char *pers = "dh_client"; mbedtls_entropy_context entropy; @@ -78,6 +79,8 @@ int main(void) mbedtls_dhm_init(&dhm); mbedtls_aes_init(&aes); mbedtls_ctr_drbg_init(&ctr_drbg); + mbedtls_mpi_init(&N); + mbedtls_mpi_init(&E); /* * 1. Setup the RNG @@ -106,16 +109,13 @@ int main(void) } mbedtls_rsa_init(&rsa); - - if ((ret = mbedtls_mpi_read_file(&rsa.MBEDTLS_PRIVATE(N), 16, f)) != 0 || - (ret = mbedtls_mpi_read_file(&rsa.MBEDTLS_PRIVATE(E), 16, f)) != 0) { + if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 || + (ret = mbedtls_rsa_import(&rsa, &N, NULL, NULL, NULL, &E) != 0)) { mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret); fclose(f); goto exit; } - - rsa.MBEDTLS_PRIVATE(len) = (mbedtls_mpi_bitlen(&rsa.MBEDTLS_PRIVATE(N)) + 7) >> 3; - fclose(f); /* @@ -182,7 +182,7 @@ int main(void) p += 2; - if ((n = (size_t) (end - p)) != rsa.MBEDTLS_PRIVATE(len)) { + if ((n = (size_t) (end - p)) != mbedtls_rsa_get_len(&rsa)) { mbedtls_printf(" failed\n ! Invalid RSA signature size\n\n"); goto exit; } @@ -273,6 +273,8 @@ exit: mbedtls_dhm_free(&dhm); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); + mbedtls_mpi_free(&N); + mbedtls_mpi_free(&E); mbedtls_exit(exit_code); } diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 7d7618be1..0c6cebc10 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -190,8 +190,9 @@ int main(void) goto exit; } - buf[n] = (unsigned char) (rsa.MBEDTLS_PRIVATE(len) >> 8); - buf[n + 1] = (unsigned char) (rsa.MBEDTLS_PRIVATE(len)); + const size_t rsa_key_len = mbedtls_rsa_get_len(&rsa); + buf[n] = (unsigned char) (rsa_key_len >> 8); + buf[n + 1] = (unsigned char) (rsa_key_len); if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, mbedtls_ctr_drbg_random, &ctr_drbg, MBEDTLS_MD_SHA256, MBEDTLS_MD_CAN_SHA256_MAX_SIZE, @@ -200,7 +201,7 @@ int main(void) goto exit; } - buflen = n + 2 + rsa.MBEDTLS_PRIVATE(len); + buflen = n + 2 + rsa_key_len; buf2[0] = (unsigned char) (buflen >> 8); buf2[1] = (unsigned char) (buflen); From ee757d35dfaf370792408b7232d31783e9f94653 Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Fri, 12 Jan 2024 15:06:20 +0000 Subject: [PATCH 1404/1674] programs_rsa_encrypt/decrypt: Updated programs to use `mbedtls_rsa_get_len()` Signed-off-by: Minos Galanakis --- programs/pkey/rsa_decrypt.c | 2 +- programs/pkey/rsa_encrypt.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c index 76bfddf5c..a84af50d7 100644 --- a/programs/pkey/rsa_decrypt.c +++ b/programs/pkey/rsa_decrypt.c @@ -133,7 +133,7 @@ int main(int argc, char *argv[]) fclose(f); - if (i != rsa.MBEDTLS_PRIVATE(len)) { + if (i != mbedtls_rsa_get_len(&rsa)) { mbedtls_printf("\n ! Invalid RSA signature format\n\n"); goto exit; } diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index 4bbb54e7d..6538f8a99 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -126,7 +126,7 @@ int main(int argc, char *argv[]) goto exit; } - for (i = 0; i < rsa.MBEDTLS_PRIVATE(len); i++) { + for (i = 0; i < mbedtls_rsa_get_len(&rsa); i++) { mbedtls_fprintf(f, "%02X%s", buf[i], (i + 1) % 16 == 0 ? "\r\n" : " "); } From 992f0b8427d88dd3dd6e232406cc8271c3b32407 Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Fri, 12 Jan 2024 15:07:24 +0000 Subject: [PATCH 1405/1674] programs_rsa_rsa_sign: Updated program to use `mbedtls_rsa_get_len()` Signed-off-by: Minos Galanakis --- programs/pkey/rsa_sign.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index 9d8ebe39a..e14953bc3 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -131,7 +131,7 @@ int main(int argc, char *argv[]) goto exit; } - for (i = 0; i < rsa.MBEDTLS_PRIVATE(len); i++) { + for (i = 0; i < mbedtls_rsa_get_len(&rsa); i++) { mbedtls_fprintf(f, "%02X%s", buf[i], (i + 1) % 16 == 0 ? "\r\n" : " "); } From 6e92df12c272a6a8ba328e1de1f5290442345989 Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Fri, 12 Jan 2024 15:13:47 +0000 Subject: [PATCH 1406/1674] programs_rsa_rsa_verify: Updated program to use `mbedtls_rsa_get_len()` Signed-off-by: Minos Galanakis --- programs/pkey/rsa_verify.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index e7d72fd52..4a9af77fa 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -37,11 +37,14 @@ int main(int argc, char *argv[]) int exit_code = MBEDTLS_EXIT_FAILURE; size_t i; mbedtls_rsa_context rsa; + mbedtls_mpi N, E; unsigned char hash[32]; unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; char filename[512]; mbedtls_rsa_init(&rsa); + mbedtls_mpi_init(&N); + mbedtls_mpi_init(&E); if (argc != 2) { mbedtls_printf("usage: rsa_verify \n"); @@ -62,15 +65,13 @@ int main(int argc, char *argv[]) goto exit; } - if ((ret = mbedtls_mpi_read_file(&rsa.MBEDTLS_PRIVATE(N), 16, f)) != 0 || - (ret = mbedtls_mpi_read_file(&rsa.MBEDTLS_PRIVATE(E), 16, f)) != 0) { + if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 || + (ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 || + (ret = mbedtls_rsa_import(&rsa, &N, NULL, NULL, NULL, &E) != 0)) { mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret); fclose(f); goto exit; } - - rsa.MBEDTLS_PRIVATE(len) = (mbedtls_mpi_bitlen(&rsa.MBEDTLS_PRIVATE(N)) + 7) >> 3; - fclose(f); /* @@ -91,7 +92,7 @@ int main(int argc, char *argv[]) fclose(f); - if (i != rsa.MBEDTLS_PRIVATE(len)) { + if (i != mbedtls_rsa_get_len(&rsa)) { mbedtls_printf("\n ! Invalid RSA signature format\n\n"); goto exit; } @@ -124,6 +125,8 @@ int main(int argc, char *argv[]) exit: mbedtls_rsa_free(&rsa); + mbedtls_mpi_free(&N); + mbedtls_mpi_free(&E); mbedtls_exit(exit_code); } From 7c8448842dd461e69290c794e70662ab2e25c5f3 Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Mon, 15 Jan 2024 17:03:58 +0000 Subject: [PATCH 1407/1674] programs_dh_client/server: Updated to query digest size using `mbedtls_md_info_from_type()`. Signed-off-by: Minos Galanakis --- programs/pkey/dh_client.c | 13 +++++++++---- programs/pkey/dh_server.c | 14 ++++++++++---- 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 774051c5d..1b5ba407e 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -29,7 +29,6 @@ #define SERVER_NAME "localhost" #define SERVER_PORT "11999" -#define MBEDTLS_MD_CAN_SHA256_MAX_SIZE 32 #if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ @@ -60,12 +59,12 @@ int main(void) int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; - size_t n, buflen; + size_t n, buflen, mdlen; mbedtls_net_context server_fd; unsigned char *p, *end; unsigned char buf[2048]; - unsigned char hash[MBEDTLS_MD_CAN_SHA256_MAX_SIZE]; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; mbedtls_mpi N, E; const char *pers = "dh_client"; @@ -187,13 +186,19 @@ int main(void) goto exit; } + mdlen = mbedtls_md_get_size(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256)); + if (mdlen == 0) { + mbedtls_printf(" failed\n ! Invalid digest type\n\n"); + goto exit; + } + if ((ret = mbedtls_sha256(buf, (int) (p - 2 - buf), hash, 0)) != 0) { mbedtls_printf(" failed\n ! mbedtls_sha1 returned %d\n\n", ret); goto exit; } if ((ret = mbedtls_rsa_pkcs1_verify(&rsa, MBEDTLS_MD_SHA256, - MBEDTLS_MD_CAN_SHA256_MAX_SIZE, hash, p)) != 0) { + mdlen, hash, p)) != 0) { mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret); goto exit; } diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 0c6cebc10..11c28fb51 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -29,7 +29,6 @@ #define SERVER_PORT "11999" #define PLAINTEXT "==Hello there!==" -#define MBEDTLS_MD_CAN_SHA256_MAX_SIZE 32 #if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ @@ -52,11 +51,11 @@ int main(void) int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; - size_t n, buflen; + size_t n, buflen, mdlen; mbedtls_net_context listen_fd, client_fd; unsigned char buf[2048]; - unsigned char hash[MBEDTLS_MD_CAN_SHA256_MAX_SIZE]; + unsigned char hash[MBEDTLS_MD_MAX_SIZE]; unsigned char buf2[2]; const char *pers = "dh_server"; @@ -185,6 +184,13 @@ int main(void) /* * 5. Sign the parameters and send them */ + + mdlen = mbedtls_md_get_size(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256)); + if (mdlen == 0) { + mbedtls_printf(" failed\n ! Invalid digest type\n\n"); + goto exit; + } + if ((ret = mbedtls_sha256(buf, n, hash, 0)) != 0) { mbedtls_printf(" failed\n ! mbedtls_sha1 returned %d\n\n", ret); goto exit; @@ -195,7 +201,7 @@ int main(void) buf[n + 1] = (unsigned char) (rsa_key_len); if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, mbedtls_ctr_drbg_random, &ctr_drbg, - MBEDTLS_MD_SHA256, MBEDTLS_MD_CAN_SHA256_MAX_SIZE, + MBEDTLS_MD_SHA256, mdlen, hash, buf + n + 2)) != 0) { mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret); goto exit; From b4f5076270c4636934aa1114d08ba19eca9b673d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 10:24:52 +0100 Subject: [PATCH 1408/1674] debug: move internal functions declarations to an internal header file Signed-off-by: Valerio Setti --- include/mbedtls/debug.h | 159 +---------------------- library/debug.c | 2 +- library/debug_internal.h | 172 +++++++++++++++++++++++++ library/ssl_client.c | 2 +- library/ssl_msg.c | 2 +- library/ssl_tls.c | 2 +- library/ssl_tls12_client.c | 2 +- library/ssl_tls12_server.c | 2 +- library/ssl_tls13_client.c | 2 +- library/ssl_tls13_generic.c | 2 +- library/ssl_tls13_keys.c | 2 +- library/ssl_tls13_server.c | 2 +- tests/suites/test_suite_debug.function | 2 +- 13 files changed, 184 insertions(+), 169 deletions(-) create mode 100644 library/debug_internal.h diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index 922e5bec5..424ed4b3f 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -149,165 +149,8 @@ extern "C" { */ void mbedtls_debug_set_threshold(int threshold); -/** - * \brief Print a message to the debug output. This function is always used - * through the MBEDTLS_SSL_DEBUG_MSG() macro, which supplies the ssl - * context, file and line number parameters. - * - * \param ssl SSL context - * \param level error level of the debug message - * \param file file the message has occurred in - * \param line line number the message has occurred at - * \param format format specifier, in printf format - * \param ... variables used by the format specifier - * - * \attention This function is intended for INTERNAL usage within the - * library only. - */ -void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *format, ...) MBEDTLS_PRINTF_ATTRIBUTE(5, 6); - -/** - * \brief Print the return value of a function to the debug output. This - * function is always used through the MBEDTLS_SSL_DEBUG_RET() macro, - * which supplies the ssl context, file and line number parameters. - * - * \param ssl SSL context - * \param level error level of the debug message - * \param file file the error has occurred in - * \param line line number the error has occurred in - * \param text the name of the function that returned the error - * \param ret the return code value - * - * \attention This function is intended for INTERNAL usage within the - * library only. - */ -void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, int ret); - -/** - * \brief Output a buffer of size len bytes to the debug output. This function - * is always used through the MBEDTLS_SSL_DEBUG_BUF() macro, - * which supplies the ssl context, file and line number parameters. - * - * \param ssl SSL context - * \param level error level of the debug message - * \param file file the error has occurred in - * \param line line number the error has occurred in - * \param text a name or label for the buffer being dumped. Normally the - * variable or buffer name - * \param buf the buffer to be outputted - * \param len length of the buffer - * - * \attention This function is intended for INTERNAL usage within the - * library only. - */ -void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level, - const char *file, int line, const char *text, - const unsigned char *buf, size_t len); - -#if defined(MBEDTLS_BIGNUM_C) -/** - * \brief Print a MPI variable to the debug output. This function is always - * used through the MBEDTLS_SSL_DEBUG_MPI() macro, which supplies the - * ssl context, file and line number parameters. - * - * \param ssl SSL context - * \param level error level of the debug message - * \param file file the error has occurred in - * \param line line number the error has occurred in - * \param text a name or label for the MPI being output. Normally the - * variable name - * \param X the MPI variable - * - * \attention This function is intended for INTERNAL usage within the - * library only. - */ -void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_mpi *X); -#endif - -#if defined(MBEDTLS_ECP_LIGHT) -/** - * \brief Print an ECP point to the debug output. This function is always - * used through the MBEDTLS_SSL_DEBUG_ECP() macro, which supplies the - * ssl context, file and line number parameters. - * - * \param ssl SSL context - * \param level error level of the debug message - * \param file file the error has occurred in - * \param line line number the error has occurred in - * \param text a name or label for the ECP point being output. Normally the - * variable name - * \param X the ECP point - * - * \attention This function is intended for INTERNAL usage within the - * library only. - */ -void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_ecp_point *X); -#endif - -#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO) -/** - * \brief Print a X.509 certificate structure to the debug output. This - * function is always used through the MBEDTLS_SSL_DEBUG_CRT() macro, - * which supplies the ssl context, file and line number parameters. - * - * \param ssl SSL context - * \param level error level of the debug message - * \param file file the error has occurred in - * \param line line number the error has occurred in - * \param text a name or label for the certificate being output - * \param crt X.509 certificate structure - * - * \attention This function is intended for INTERNAL usage within the - * library only. - */ -void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mbedtls_x509_crt *crt); -#endif - -/* Note: the MBEDTLS_ECDH_C guard here is mandatory because this debug function - only works for the built-in implementation. */ -#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) && \ - defined(MBEDTLS_ECDH_C) -typedef enum { - MBEDTLS_DEBUG_ECDH_Q, - MBEDTLS_DEBUG_ECDH_QP, - MBEDTLS_DEBUG_ECDH_Z, -} mbedtls_debug_ecdh_attr; - -/** - * \brief Print a field of the ECDH structure in the SSL context to the debug - * output. This function is always used through the - * MBEDTLS_SSL_DEBUG_ECDH() macro, which supplies the ssl context, file - * and line number parameters. - * - * \param ssl SSL context - * \param level error level of the debug message - * \param file file the error has occurred in - * \param line line number the error has occurred in - * \param ecdh the ECDH context - * \param attr the identifier of the attribute being output - * - * \attention This function is intended for INTERNAL usage within the - * library only. - */ -void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level, - const char *file, int line, - const mbedtls_ecdh_context *ecdh, - mbedtls_debug_ecdh_attr attr); -#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED && - MBEDTLS_ECDH_C */ - #ifdef __cplusplus } #endif -#endif /* debug.h */ +#endif /* MBEDTLS_DEBUG_H */ diff --git a/library/debug.c b/library/debug.c index a9d58e55b..c36ed3c5c 100644 --- a/library/debug.c +++ b/library/debug.c @@ -11,7 +11,7 @@ #include "mbedtls/platform.h" -#include "mbedtls/debug.h" +#include "debug_internal.h" #include "mbedtls/error.h" #include diff --git a/library/debug_internal.h b/library/debug_internal.h new file mode 100644 index 000000000..4523b4633 --- /dev/null +++ b/library/debug_internal.h @@ -0,0 +1,172 @@ +/** + * \file debug_internal.h + * + * \brief Internal part of the public "debug.h". + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ +#ifndef MBEDTLS_DEBUG_INTERNAL_H +#define MBEDTLS_DEBUG_INTERNAL_H + +#include "mbedtls/debug.h" + +/** + * \brief Print a message to the debug output. This function is always used + * through the MBEDTLS_SSL_DEBUG_MSG() macro, which supplies the ssl + * context, file and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the message has occurred in + * \param line line number the message has occurred at + * \param format format specifier, in printf format + * \param ... variables used by the format specifier + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_print_msg(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *format, ...) MBEDTLS_PRINTF_ATTRIBUTE(5, 6); + +/** + * \brief Print the return value of a function to the debug output. This + * function is always used through the MBEDTLS_SSL_DEBUG_RET() macro, + * which supplies the ssl context, file and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the error has occurred in + * \param line line number the error has occurred in + * \param text the name of the function that returned the error + * \param ret the return code value + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_print_ret(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, int ret); + +/** + * \brief Output a buffer of size len bytes to the debug output. This function + * is always used through the MBEDTLS_SSL_DEBUG_BUF() macro, + * which supplies the ssl context, file and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the error has occurred in + * \param line line number the error has occurred in + * \param text a name or label for the buffer being dumped. Normally the + * variable or buffer name + * \param buf the buffer to be outputted + * \param len length of the buffer + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_print_buf(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, const char *text, + const unsigned char *buf, size_t len); + +#if defined(MBEDTLS_BIGNUM_C) +/** + * \brief Print a MPI variable to the debug output. This function is always + * used through the MBEDTLS_SSL_DEBUG_MPI() macro, which supplies the + * ssl context, file and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the error has occurred in + * \param line line number the error has occurred in + * \param text a name or label for the MPI being output. Normally the + * variable name + * \param X the MPI variable + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_print_mpi(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_mpi *X); +#endif + +#if defined(MBEDTLS_ECP_LIGHT) +/** + * \brief Print an ECP point to the debug output. This function is always + * used through the MBEDTLS_SSL_DEBUG_ECP() macro, which supplies the + * ssl context, file and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the error has occurred in + * \param line line number the error has occurred in + * \param text a name or label for the ECP point being output. Normally the + * variable name + * \param X the ECP point + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_print_ecp(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_ecp_point *X); +#endif + +#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_INFO) +/** + * \brief Print a X.509 certificate structure to the debug output. This + * function is always used through the MBEDTLS_SSL_DEBUG_CRT() macro, + * which supplies the ssl context, file and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the error has occurred in + * \param line line number the error has occurred in + * \param text a name or label for the certificate being output + * \param crt X.509 certificate structure + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_print_crt(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mbedtls_x509_crt *crt); +#endif + +/* Note: the MBEDTLS_ECDH_C guard here is mandatory because this debug function + only works for the built-in implementation. */ +#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED) && \ + defined(MBEDTLS_ECDH_C) +typedef enum { + MBEDTLS_DEBUG_ECDH_Q, + MBEDTLS_DEBUG_ECDH_QP, + MBEDTLS_DEBUG_ECDH_Z, +} mbedtls_debug_ecdh_attr; + +/** + * \brief Print a field of the ECDH structure in the SSL context to the debug + * output. This function is always used through the + * MBEDTLS_SSL_DEBUG_ECDH() macro, which supplies the ssl context, file + * and line number parameters. + * + * \param ssl SSL context + * \param level error level of the debug message + * \param file file the error has occurred in + * \param line line number the error has occurred in + * \param ecdh the ECDH context + * \param attr the identifier of the attribute being output + * + * \attention This function is intended for INTERNAL usage within the + * library only. + */ +void mbedtls_debug_printf_ecdh(const mbedtls_ssl_context *ssl, int level, + const char *file, int line, + const mbedtls_ecdh_context *ecdh, + mbedtls_debug_ecdh_attr attr); +#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_ANY_ENABLED && + MBEDTLS_ECDH_C */ + +#endif /* MBEDTLS_DEBUG_INTERNAL_H */ diff --git a/library/ssl_client.c b/library/ssl_client.c index d585ca524..6d988a837 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -12,7 +12,7 @@ #include -#include "mbedtls/debug.h" +#include "debug_internal.h" #include "mbedtls/error.h" #include "mbedtls/platform.h" diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 6579c9686..5753cf9f0 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -18,7 +18,7 @@ #include "mbedtls/ssl.h" #include "ssl_misc.h" -#include "mbedtls/debug.h" +#include "debug_internal.h" #include "mbedtls/error.h" #include "mbedtls/platform_util.h" #include "mbedtls/version.h" diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 8c1e37251..bd1380aa7 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -20,7 +20,7 @@ #include "ssl_debug_helpers.h" #include "ssl_misc.h" -#include "mbedtls/debug.h" +#include "debug_internal.h" #include "mbedtls/error.h" #include "mbedtls/platform_util.h" #include "mbedtls/version.h" diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 0c5af87f4..c3a803706 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -14,7 +14,7 @@ #include "mbedtls/ssl.h" #include "ssl_client.h" #include "ssl_misc.h" -#include "mbedtls/debug.h" +#include "debug_internal.h" #include "mbedtls/error.h" #include "mbedtls/constant_time.h" diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 5a9f6ca4e..f242faa1e 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -13,7 +13,7 @@ #include "mbedtls/ssl.h" #include "ssl_misc.h" -#include "mbedtls/debug.h" +#include "debug_internal.h" #include "mbedtls/error.h" #include "mbedtls/platform_util.h" #include "constant_time_internal.h" diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 5c668bdf2..86dd0ec59 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -11,7 +11,7 @@ #include -#include "mbedtls/debug.h" +#include "debug_internal.h" #include "mbedtls/error.h" #include "mbedtls/platform.h" diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 47fa65c18..202631fe6 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -12,7 +12,7 @@ #include #include "mbedtls/error.h" -#include "mbedtls/debug.h" +#include "debug_internal.h" #include "mbedtls/oid.h" #include "mbedtls/platform.h" #include "mbedtls/constant_time.h" diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 9b775ec95..d79e70c0e 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -13,7 +13,7 @@ #include #include "mbedtls/hkdf.h" -#include "mbedtls/debug.h" +#include "debug_internal.h" #include "mbedtls/error.h" #include "mbedtls/platform.h" diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 6e2866a11..29c9f6c6b 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -9,7 +9,7 @@ #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_PROTO_TLS1_3) -#include "mbedtls/debug.h" +#include "debug_internal.h" #include "mbedtls/error.h" #include "mbedtls/platform.h" #include "mbedtls/constant_time.h" diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index b9610406b..eeefc9597 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include "mbedtls/debug.h" +#include "debug_internal.h" #include "string.h" #include "mbedtls/pk.h" From 25b282ebfe5cb84e73d6194e83dc8d6c5d9a25e4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 10:55:32 +0100 Subject: [PATCH 1409/1674] x509: move internal functions declarations to a private header Signed-off-by: Valerio Setti --- include/mbedtls/pkcs7.h | 1 - include/mbedtls/x509.h | 197 +------------------ library/pkcs7.c | 2 +- library/ssl_misc.h | 1 + library/x509.c | 2 +- library/x509_create.c | 2 +- library/x509_crl.c | 1 + library/x509_crt.c | 1 + library/x509_csr.c | 1 + library/x509_internal.h | 213 +++++++++++++++++++++ library/x509write.c | 1 + library/x509write_crt.c | 1 + library/x509write_csr.c | 2 +- tests/suites/test_suite_pkcs7.function | 1 + tests/suites/test_suite_x509parse.function | 1 + tests/suites/test_suite_x509write.function | 1 + 16 files changed, 228 insertions(+), 200 deletions(-) create mode 100644 library/x509_internal.h diff --git a/include/mbedtls/pkcs7.h b/include/mbedtls/pkcs7.h index 70b25a9c6..e9b482208 100644 --- a/include/mbedtls/pkcs7.h +++ b/include/mbedtls/pkcs7.h @@ -41,7 +41,6 @@ #include "mbedtls/build_info.h" #include "mbedtls/asn1.h" -#include "mbedtls/x509.h" #include "mbedtls/x509_crt.h" /** diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index e2e06679b..be6361285 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -307,6 +307,7 @@ typedef struct mbedtls_x509_san_list { mbedtls_x509_san_list; /** \} name Structures for parsing X.509 certificates, CRLs and CSRs */ +/** \} addtogroup x509_module */ /** * \brief Store the certificate DN in printable form into buf; @@ -321,201 +322,7 @@ mbedtls_x509_san_list; */ int mbedtls_x509_dn_gets(char *buf, size_t size, const mbedtls_x509_name *dn); -/** - * \brief Return the next relative DN in an X509 name. - * - * \note Intended use is to compare function result to dn->next - * in order to detect boundaries of multi-valued RDNs. - * - * \param dn Current node in the X509 name - * - * \return Pointer to the first attribute-value pair of the - * next RDN in sequence, or NULL if end is reached. - */ -static inline mbedtls_x509_name *mbedtls_x509_dn_get_next( - mbedtls_x509_name *dn) -{ - while (dn->MBEDTLS_PRIVATE(next_merged) && dn->next != NULL) { - dn = dn->next; - } - return dn->next; -} - -/** - * \brief Store the certificate serial in printable form into buf; - * no more than size characters will be written. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param serial The X509 serial to represent - * - * \return The length of the string written (not including the - * terminated nul byte), or a negative error code. - */ -int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial); - -/** - * \brief Compare pair of mbedtls_x509_time. - * - * \param t1 mbedtls_x509_time to compare - * \param t2 mbedtls_x509_time to compare - * - * \return < 0 if t1 is before t2 - * 0 if t1 equals t2 - * > 0 if t1 is after t2 - */ -int mbedtls_x509_time_cmp(const mbedtls_x509_time *t1, const mbedtls_x509_time *t2); - -#if defined(MBEDTLS_HAVE_TIME_DATE) -/** - * \brief Fill mbedtls_x509_time with provided mbedtls_time_t. - * - * \param tt mbedtls_time_t to convert - * \param now mbedtls_x509_time to fill with converted mbedtls_time_t - * - * \return \c 0 on success - * \return A non-zero return value on failure. - */ -int mbedtls_x509_time_gmtime(mbedtls_time_t tt, mbedtls_x509_time *now); -#endif /* MBEDTLS_HAVE_TIME_DATE */ - -/** - * \brief Check a given mbedtls_x509_time against the system time - * and tell if it's in the past. - * - * \note Intended usage is "if( is_past( valid_to ) ) ERROR". - * Hence the return value of 1 if on internal errors. - * - * \param to mbedtls_x509_time to check - * - * \return 1 if the given time is in the past or an error occurred, - * 0 otherwise. - */ -int mbedtls_x509_time_is_past(const mbedtls_x509_time *to); - -/** - * \brief Check a given mbedtls_x509_time against the system time - * and tell if it's in the future. - * - * \note Intended usage is "if( is_future( valid_from ) ) ERROR". - * Hence the return value of 1 if on internal errors. - * - * \param from mbedtls_x509_time to check - * - * \return 1 if the given time is in the future or an error occurred, - * 0 otherwise. - */ -int mbedtls_x509_time_is_future(const mbedtls_x509_time *from); - -/** - * \brief This function parses an item in the SubjectAlternativeNames - * extension. Please note that this function might allocate - * additional memory for a subject alternative name, thus - * mbedtls_x509_free_subject_alt_name has to be called - * to dispose of this additional memory afterwards. - * - * \param san_buf The buffer holding the raw data item of the subject - * alternative name. - * \param san The target structure to populate with the parsed presentation - * of the subject alternative name encoded in \p san_buf. - * - * \note Supported GeneralName types, as defined in RFC 5280: - * "rfc822Name", "dnsName", "directoryName", - * "uniformResourceIdentifier" and "hardware_module_name" - * of type "otherName", as defined in RFC 4108. - * - * \note This function should be called on a single raw data of - * subject alternative name. For example, after successful - * certificate parsing, one must iterate on every item in the - * \c crt->subject_alt_names sequence, and pass it to - * this function. - * - * \warning The target structure contains pointers to the raw data of the - * parsed certificate, and its lifetime is restricted by the - * lifetime of the certificate. - * - * \return \c 0 on success - * \return #MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE for an unsupported - * SAN type. - * \return Another negative value for any other failure. - */ -int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf, - mbedtls_x509_subject_alternative_name *san); -/** - * \brief Unallocate all data related to subject alternative name - * - * \param san SAN structure - extra memory owned by this structure will be freed - */ -void mbedtls_x509_free_subject_alt_name(mbedtls_x509_subject_alternative_name *san); - -/** \} addtogroup x509_module */ - -/* - * Internal module functions. You probably do not want to use these unless you - * know you do. - */ -int mbedtls_x509_get_name(unsigned char **p, const unsigned char *end, - mbedtls_x509_name *cur); -int mbedtls_x509_get_alg_null(unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *alg); -int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *alg, mbedtls_x509_buf *params); -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) -int mbedtls_x509_get_rsassa_pss_params(const mbedtls_x509_buf *params, - mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, - int *salt_len); -#endif -int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig); -int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, - mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, - void **sig_opts); -int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end, - mbedtls_x509_time *t); -int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *serial); -int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end, - mbedtls_x509_buf *ext, int tag); -#if !defined(MBEDTLS_X509_REMOVE_INFO) -int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid, - mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, - const void *sig_opts); -#endif -int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name); int mbedtls_x509_string_to_names(mbedtls_asn1_named_data **head, const char *name); -int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, - int critical, const unsigned char *val, - size_t val_len); -int mbedtls_x509_write_extensions(unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first); -int mbedtls_x509_write_names(unsigned char **p, unsigned char *start, - mbedtls_asn1_named_data *first); -int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start, - const char *oid, size_t oid_len, - unsigned char *sig, size_t size, - mbedtls_pk_type_t pk_alg); -int mbedtls_x509_get_ns_cert_type(unsigned char **p, - const unsigned char *end, - unsigned char *ns_cert_type); -int mbedtls_x509_get_key_usage(unsigned char **p, - const unsigned char *end, - unsigned int *key_usage); -int mbedtls_x509_get_subject_alt_name(unsigned char **p, - const unsigned char *end, - mbedtls_x509_sequence *subject_alt_name); -int mbedtls_x509_get_subject_alt_name_ext(unsigned char **p, - const unsigned char *end, - mbedtls_x509_sequence *subject_alt_name); -int mbedtls_x509_info_subject_alt_name(char **buf, size_t *size, - const mbedtls_x509_sequence - *subject_alt_name, - const char *prefix); -int mbedtls_x509_info_cert_type(char **buf, size_t *size, - unsigned char ns_cert_type); -int mbedtls_x509_info_key_usage(char **buf, size_t *size, - unsigned int key_usage); - -int mbedtls_x509_write_set_san_common(mbedtls_asn1_named_data **extensions, - const mbedtls_x509_san_list *san_list); /** * \brief This function parses a CN string as an IP address. @@ -547,4 +354,4 @@ size_t mbedtls_x509_crt_parse_cn_inet_pton(const char *cn, void *dst); } #endif -#endif /* x509.h */ +#endif /* MBEDTLS_X509_H */ diff --git a/library/pkcs7.c b/library/pkcs7.c index 0869c2e07..3aac662ba 100644 --- a/library/pkcs7.c +++ b/library/pkcs7.c @@ -7,7 +7,7 @@ #include "mbedtls/build_info.h" #if defined(MBEDTLS_PKCS7_C) #include "mbedtls/pkcs7.h" -#include "mbedtls/x509.h" +#include "x509_internal.h" #include "mbedtls/asn1.h" #include "mbedtls/x509_crt.h" #include "mbedtls/x509_crl.h" diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 7cbc6af60..101b2046e 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -45,6 +45,7 @@ #include "mbedtls/pk.h" #include "ssl_ciphersuites_internal.h" +#include "x509_internal.h" #include "pk_internal.h" #include "common.h" diff --git a/library/x509.c b/library/x509.c index b7b71f33c..f97fb4458 100644 --- a/library/x509.c +++ b/library/x509.c @@ -19,7 +19,7 @@ #if defined(MBEDTLS_X509_USE_C) -#include "mbedtls/x509.h" +#include "x509_internal.h" #include "mbedtls/asn1.h" #include "mbedtls/error.h" #include "mbedtls/oid.h" diff --git a/library/x509_create.c b/library/x509_create.c index f7a17e712..839b5df22 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -9,7 +9,7 @@ #if defined(MBEDTLS_X509_CREATE_C) -#include "mbedtls/x509.h" +#include "x509_internal.h" #include "mbedtls/asn1write.h" #include "mbedtls/error.h" #include "mbedtls/oid.h" diff --git a/library/x509_crl.c b/library/x509_crl.c index fdbad238a..7901992e2 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -20,6 +20,7 @@ #if defined(MBEDTLS_X509_CRL_PARSE_C) #include "mbedtls/x509_crl.h" +#include "x509_internal.h" #include "mbedtls/error.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" diff --git a/library/x509_crt.c b/library/x509_crt.c index 4e7672e37..730f6ef99 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -22,6 +22,7 @@ #if defined(MBEDTLS_X509_CRT_PARSE_C) #include "mbedtls/x509_crt.h" +#include "x509_internal.h" #include "mbedtls/error.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" diff --git a/library/x509_csr.c b/library/x509_csr.c index 79b158964..813d64466 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -20,6 +20,7 @@ #if defined(MBEDTLS_X509_CSR_PARSE_C) #include "mbedtls/x509_csr.h" +#include "x509_internal.h" #include "mbedtls/error.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" diff --git a/library/x509_internal.h b/library/x509_internal.h new file mode 100644 index 000000000..e1be393b4 --- /dev/null +++ b/library/x509_internal.h @@ -0,0 +1,213 @@ +/** + * \file x509.h + * + * \brief Internal part of the public "x509.h". + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ +#ifndef MBEDTLS_X509_INTERNAL_H +#define MBEDTLS_X509_INTERNAL_H +#include "mbedtls/private_access.h" + +#include "mbedtls/build_info.h" + +#include "mbedtls/x509.h" +#include "mbedtls/asn1.h" +#include "mbedtls/pk.h" + +#if defined(MBEDTLS_RSA_C) +#include "mbedtls/rsa.h" +#endif + +/** + * \brief Return the next relative DN in an X509 name. + * + * \note Intended use is to compare function result to dn->next + * in order to detect boundaries of multi-valued RDNs. + * + * \param dn Current node in the X509 name + * + * \return Pointer to the first attribute-value pair of the + * next RDN in sequence, or NULL if end is reached. + */ +static inline mbedtls_x509_name *mbedtls_x509_dn_get_next( + mbedtls_x509_name *dn) +{ + while (dn->MBEDTLS_PRIVATE(next_merged) && dn->next != NULL) { + dn = dn->next; + } + return dn->next; +} + +/** + * \brief Store the certificate serial in printable form into buf; + * no more than size characters will be written. + * + * \param buf Buffer to write to + * \param size Maximum size of buffer + * \param serial The X509 serial to represent + * + * \return The length of the string written (not including the + * terminated nul byte), or a negative error code. + */ +int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial); + +/** + * \brief Compare pair of mbedtls_x509_time. + * + * \param t1 mbedtls_x509_time to compare + * \param t2 mbedtls_x509_time to compare + * + * \return < 0 if t1 is before t2 + * 0 if t1 equals t2 + * > 0 if t1 is after t2 + */ +int mbedtls_x509_time_cmp(const mbedtls_x509_time *t1, const mbedtls_x509_time *t2); + +#if defined(MBEDTLS_HAVE_TIME_DATE) +/** + * \brief Fill mbedtls_x509_time with provided mbedtls_time_t. + * + * \param tt mbedtls_time_t to convert + * \param now mbedtls_x509_time to fill with converted mbedtls_time_t + * + * \return \c 0 on success + * \return A non-zero return value on failure. + */ +int mbedtls_x509_time_gmtime(mbedtls_time_t tt, mbedtls_x509_time *now); +#endif /* MBEDTLS_HAVE_TIME_DATE */ + +/** + * \brief Check a given mbedtls_x509_time against the system time + * and tell if it's in the past. + * + * \note Intended usage is "if( is_past( valid_to ) ) ERROR". + * Hence the return value of 1 if on internal errors. + * + * \param to mbedtls_x509_time to check + * + * \return 1 if the given time is in the past or an error occurred, + * 0 otherwise. + */ +int mbedtls_x509_time_is_past(const mbedtls_x509_time *to); + +/** + * \brief Check a given mbedtls_x509_time against the system time + * and tell if it's in the future. + * + * \note Intended usage is "if( is_future( valid_from ) ) ERROR". + * Hence the return value of 1 if on internal errors. + * + * \param from mbedtls_x509_time to check + * + * \return 1 if the given time is in the future or an error occurred, + * 0 otherwise. + */ +int mbedtls_x509_time_is_future(const mbedtls_x509_time *from); + +/** + * \brief This function parses an item in the SubjectAlternativeNames + * extension. Please note that this function might allocate + * additional memory for a subject alternative name, thus + * mbedtls_x509_free_subject_alt_name has to be called + * to dispose of this additional memory afterwards. + * + * \param san_buf The buffer holding the raw data item of the subject + * alternative name. + * \param san The target structure to populate with the parsed presentation + * of the subject alternative name encoded in \p san_buf. + * + * \note Supported GeneralName types, as defined in RFC 5280: + * "rfc822Name", "dnsName", "directoryName", + * "uniformResourceIdentifier" and "hardware_module_name" + * of type "otherName", as defined in RFC 4108. + * + * \note This function should be called on a single raw data of + * subject alternative name. For example, after successful + * certificate parsing, one must iterate on every item in the + * \c crt->subject_alt_names sequence, and pass it to + * this function. + * + * \warning The target structure contains pointers to the raw data of the + * parsed certificate, and its lifetime is restricted by the + * lifetime of the certificate. + * + * \return \c 0 on success + * \return #MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE for an unsupported + * SAN type. + * \return Another negative value for any other failure. + */ +int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf, + mbedtls_x509_subject_alternative_name *san); +/** + * \brief Unallocate all data related to subject alternative name + * + * \param san SAN structure - extra memory owned by this structure will be freed + */ +void mbedtls_x509_free_subject_alt_name(mbedtls_x509_subject_alternative_name *san); + +int mbedtls_x509_get_name(unsigned char **p, const unsigned char *end, + mbedtls_x509_name *cur); +int mbedtls_x509_get_alg_null(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg); +int mbedtls_x509_get_alg(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *alg, mbedtls_x509_buf *params); +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) +int mbedtls_x509_get_rsassa_pss_params(const mbedtls_x509_buf *params, + mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, + int *salt_len); +#endif +int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig); +int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, + mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, + void **sig_opts); +int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end, + mbedtls_x509_time *t); +int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *serial); +int mbedtls_x509_get_ext(unsigned char **p, const unsigned char *end, + mbedtls_x509_buf *ext, int tag); +#if !defined(MBEDTLS_X509_REMOVE_INFO) +int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid, + mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, + const void *sig_opts); +#endif +int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name); +int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, size_t oid_len, + int critical, const unsigned char *val, + size_t val_len); +int mbedtls_x509_write_extensions(unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first); +int mbedtls_x509_write_names(unsigned char **p, unsigned char *start, + mbedtls_asn1_named_data *first); +int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start, + const char *oid, size_t oid_len, + unsigned char *sig, size_t size, + mbedtls_pk_type_t pk_alg); +int mbedtls_x509_get_ns_cert_type(unsigned char **p, + const unsigned char *end, + unsigned char *ns_cert_type); +int mbedtls_x509_get_key_usage(unsigned char **p, + const unsigned char *end, + unsigned int *key_usage); +int mbedtls_x509_get_subject_alt_name(unsigned char **p, + const unsigned char *end, + mbedtls_x509_sequence *subject_alt_name); +int mbedtls_x509_get_subject_alt_name_ext(unsigned char **p, + const unsigned char *end, + mbedtls_x509_sequence *subject_alt_name); +int mbedtls_x509_info_subject_alt_name(char **buf, size_t *size, + const mbedtls_x509_sequence + *subject_alt_name, + const char *prefix); +int mbedtls_x509_info_cert_type(char **buf, size_t *size, + unsigned char ns_cert_type); +int mbedtls_x509_info_key_usage(char **buf, size_t *size, + unsigned int key_usage); + +int mbedtls_x509_write_set_san_common(mbedtls_asn1_named_data **extensions, + const mbedtls_x509_san_list *san_list); + +#endif /* MBEDTLS_X509_INTERNAL_H */ diff --git a/library/x509write.c b/library/x509write.c index d434df507..4704900d3 100644 --- a/library/x509write.c +++ b/library/x509write.c @@ -8,6 +8,7 @@ #if defined(MBEDTLS_X509_CSR_WRITE_C) || defined(MBEDTLS_X509_CRT_WRITE_C) #include "mbedtls/x509_crt.h" +#include "x509_internal.h" #include "mbedtls/asn1write.h" #include "mbedtls/error.h" #include "mbedtls/oid.h" diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 44b6b1781..2a1a5e219 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -16,6 +16,7 @@ #if defined(MBEDTLS_X509_CRT_WRITE_C) #include "mbedtls/x509_crt.h" +#include "x509_internal.h" #include "mbedtls/asn1write.h" #include "mbedtls/error.h" #include "mbedtls/oid.h" diff --git a/library/x509write_csr.c b/library/x509write_csr.c index 254da69a9..0a3620257 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -14,7 +14,7 @@ #if defined(MBEDTLS_X509_CSR_WRITE_C) -#include "mbedtls/x509.h" +#include "x509_internal.h" #include "mbedtls/x509_csr.h" #include "mbedtls/asn1write.h" #include "mbedtls/error.h" diff --git a/tests/suites/test_suite_pkcs7.function b/tests/suites/test_suite_pkcs7.function index 65384a855..4c8bf233e 100644 --- a/tests/suites/test_suite_pkcs7.function +++ b/tests/suites/test_suite_pkcs7.function @@ -4,6 +4,7 @@ #include "mbedtls/x509.h" #include "mbedtls/x509_crt.h" #include "mbedtls/x509_crl.h" +#include "x509_internal.h" #include "mbedtls/oid.h" #include "sys/types.h" #include "sys/stat.h" diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index c2a2f556d..66477e0d1 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -4,6 +4,7 @@ #include "mbedtls/x509_crt.h" #include "mbedtls/x509_crl.h" #include "mbedtls/x509_csr.h" +#include "x509_internal.h" #include "mbedtls/pem.h" #include "mbedtls/oid.h" #include "mbedtls/base64.h" diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 503d9764c..765866bb2 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -2,6 +2,7 @@ #include "mbedtls/bignum.h" #include "mbedtls/x509_crt.h" #include "mbedtls/x509_csr.h" +#include "x509_internal.h" #include "mbedtls/pem.h" #include "mbedtls/oid.h" #include "mbedtls/rsa.h" From 639d5678b5466bff184b9fc3199fea2202d2dc73 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 17 Jan 2024 11:04:56 +0100 Subject: [PATCH 1410/1674] pk: move mbedtls_pk_load_file to pk_internal Signed-off-by: Valerio Setti --- include/mbedtls/pk.h | 8 -------- library/pk_internal.h | 4 ++++ library/x509_internal.h | 2 +- tests/suites/test_suite_pkwrite.function | 2 +- 4 files changed, 6 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 27768bd35..2fdcaefd3 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -1042,14 +1042,6 @@ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, const mbedtls_pk_context *key); #endif /* MBEDTLS_PK_WRITE_C */ -/* - * Internal module functions. You probably do not want to use these unless you - * know you do. - */ -#if defined(MBEDTLS_FS_IO) -int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n); -#endif - #if defined(MBEDTLS_USE_PSA_CRYPTO) /** * \brief Turn an EC or RSA key into an opaque one. diff --git a/library/pk_internal.h b/library/pk_internal.h index 025ee8b01..9cab6a5bb 100644 --- a/library/pk_internal.h +++ b/library/pk_internal.h @@ -144,4 +144,8 @@ MBEDTLS_STATIC_TESTABLE int mbedtls_pk_parse_key_pkcs8_encrypted_der( int (*f_rng)(void *, unsigned char *, size_t), void *p_rng); #endif +#if defined(MBEDTLS_FS_IO) +int mbedtls_pk_load_file(const char *path, unsigned char **buf, size_t *n); +#endif + #endif /* MBEDTLS_PK_INTERNAL_H */ diff --git a/library/x509_internal.h b/library/x509_internal.h index e1be393b4..15e097a15 100644 --- a/library/x509_internal.h +++ b/library/x509_internal.h @@ -15,7 +15,7 @@ #include "mbedtls/x509.h" #include "mbedtls/asn1.h" -#include "mbedtls/pk.h" +#include "pk_internal.h" #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function index 733909ebc..c7600903f 100644 --- a/tests/suites/test_suite_pkwrite.function +++ b/tests/suites/test_suite_pkwrite.function @@ -1,5 +1,5 @@ /* BEGIN_HEADER */ -#include "mbedtls/pk.h" +#include "pk_internal.h" #include "mbedtls/pem.h" #include "mbedtls/oid.h" #include "psa/crypto_sizes.h" From 558da2ffd3f414ba221d907fb026f716a29b5f09 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Fri, 19 Jan 2024 12:59:28 +0000 Subject: [PATCH 1411/1674] Move key_slot_mutex to threading.h Make this a global mutex so that we don't have to init and free it. Also rename the mutex to follow the convention Signed-off-by: Ryan Everett --- include/mbedtls/threading.h | 14 +++++++++++++ library/psa_crypto_slot_management.c | 31 +--------------------------- library/psa_crypto_slot_management.h | 10 +-------- library/threading.c | 9 ++++++++ 4 files changed, 25 insertions(+), 39 deletions(-) diff --git a/include/mbedtls/threading.h b/include/mbedtls/threading.h index b504233bd..b4e050241 100644 --- a/include/mbedtls/threading.h +++ b/include/mbedtls/threading.h @@ -100,6 +100,20 @@ extern mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex; extern mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex; #endif /* MBEDTLS_HAVE_TIME_DATE && !MBEDTLS_PLATFORM_GMTIME_R_ALT */ +#if defined(MBEDTLS_PSA_CRYPTO_C) +/* + * A mutex used to make the PSA subsystem thread safe. + * + * key_slot_mutex protects the registered_readers and + * state variable for all key slots in &global_data.key_slots. + * + * This mutex must be held when any read from or write to a state or + * registered_readers field is performed, i.e. when calling functions: + * psa_key_slot_state_transition(), psa_register_read(), psa_unregister_read(), + * psa_key_slot_has_readers() and psa_wipe_key_slot(). */ +extern mbedtls_threading_mutex_t mbedtls_threading_key_slot_mutex; +#endif + #endif /* MBEDTLS_THREADING_C */ #ifdef __cplusplus diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 180aecb58..47ace359d 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -30,20 +30,6 @@ typedef struct { psa_key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT]; uint8_t key_slots_initialized; - -#if defined(MBEDTLS_THREADING_C) - /* - * A mutex used to make the PSA subsystem thread safe. - * - * key_slot_mutex protects key_slots[i].registered_readers and - * key_slots[i].state for all valid i. - * - * This mutex must be held when any read from or write to a state or - * registered_readers field is performed, i.e. when calling functions: - * psa_key_slot_state_transition, psa_register_read, psa_unregister_read, - * psa_key_slot_has_readers and psa_wipe_key_slot. */ - mbedtls_threading_mutex_t MBEDTLS_PRIVATE(key_slot_mutex); -#endif } psa_global_data_t; static psa_global_data_t global_data; @@ -147,14 +133,7 @@ static psa_status_t psa_get_and_lock_key_slot_in_memory( psa_status_t psa_initialize_key_slots(void) { -#if defined(MBEDTLS_THREADING_C) - /* Initialize the global key slot mutex. */ - if (!global_data.key_slots_initialized) { - mbedtls_mutex_init(&global_data.key_slot_mutex); - } -#endif - - /* Program startup and psa_wipe_all_key_slots() both + /* Nothing to do: program startup and psa_wipe_all_key_slots() both * guarantee that the key slots are initialized to all-zero, which * means that all the key slots are in a valid, empty state. */ global_data.key_slots_initialized = 1; @@ -171,14 +150,6 @@ void psa_wipe_all_key_slots(void) slot->state = PSA_SLOT_PENDING_DELETION; (void) psa_wipe_key_slot(slot); } - -#if defined(MBEDTLS_THREADING_C) - /* Free the global key slot mutex. */ - if (global_data.key_slots_initialized) { - mbedtls_mutex_free(&global_data.key_slot_mutex); - } -#endif - global_data.key_slots_initialized = 0; } diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index fc46257f2..4c0721d3b 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -85,10 +85,6 @@ psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key, psa_key_slot_t **p_slot); /** Initialize the key slot structures. - * If multi-threading is enabled then initialize the key slot mutex. - * This function is not thread-safe, - * if called by competing threads the key slot mutex may be initialized - * more than once. * * \retval #PSA_SUCCESS * Currently this function always succeeds. @@ -96,10 +92,6 @@ psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key, psa_status_t psa_initialize_key_slots(void); /** Delete all data from key slots in memory. - * If multi-threading is enabled then free the key slot mutex. - * This function is not thread-safe, - * if called by competing threads the key slot mutex may be freed - * more than once. * * This does not affect persistent storage. */ void psa_wipe_all_key_slots(void); @@ -186,7 +178,7 @@ static inline psa_status_t psa_register_read(psa_key_slot_t *slot) * This function decrements the key slot registered reader counter by one. * If the state of the slot is PSA_SLOT_PENDING_DELETION, * and there is only one registered reader (the caller), - * this function will call psa_wipe_slot(). + * this function will call psa_wipe_key_slot(). * If multi-threading is enabled, the caller must hold the * global key slot mutex. * diff --git a/library/threading.c b/library/threading.c index 873b5077b..94404acb8 100644 --- a/library/threading.c +++ b/library/threading.c @@ -148,6 +148,9 @@ void mbedtls_threading_set_alt(void (*mutex_init)(mbedtls_threading_mutex_t *), #if defined(THREADING_USE_GMTIME) mbedtls_mutex_init(&mbedtls_threading_gmtime_mutex); #endif +#if defined(MBEDTLS_PSA_CRYPTO_C) + mbedtls_mutext_init(&mbedtls_threading_key_slot_mutex); +#endif } /* @@ -161,6 +164,9 @@ void mbedtls_threading_free_alt(void) #if defined(THREADING_USE_GMTIME) mbedtls_mutex_free(&mbedtls_threading_gmtime_mutex); #endif +#if defined(MBEDTLS_PSA_CRYPTO_C) + mbedtls_mutex_free(&mbedtls_threading_key_slot_mutex); +#endif } #endif /* MBEDTLS_THREADING_ALT */ @@ -176,5 +182,8 @@ mbedtls_threading_mutex_t mbedtls_threading_readdir_mutex MUTEX_INIT; #if defined(THREADING_USE_GMTIME) mbedtls_threading_mutex_t mbedtls_threading_gmtime_mutex MUTEX_INIT; #endif +#if defined(MBEDTLS_PSA_CRYPTO_C) +mbedtls_threading_mutex_t mbedtls_threading_key_slot_mutex MUTEX_INIT; +#endif #endif /* MBEDTLS_THREADING_C */ From 7aeacc1ec4b832b43c512067323156705e686fe2 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Fri, 19 Jan 2024 13:02:58 +0000 Subject: [PATCH 1412/1674] Add empty line in register_read comment Signed-off-by: Ryan Everett --- library/psa_crypto_slot_management.h | 1 + 1 file changed, 1 insertion(+) diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 4c0721d3b..002429b93 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -154,6 +154,7 @@ static inline psa_status_t psa_key_slot_state_transition( * This function increments the key slot registered reader counter by one. * If multi-threading is enabled, the caller must hold the * global key slot mutex. + * * \param[in] slot The key slot. * * \retval #PSA_SUCCESS From 63952b7de5f1ef0e18b9c7ada084a9a7a64d452b Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Fri, 19 Jan 2024 13:45:19 +0000 Subject: [PATCH 1413/1674] Fix typo Signed-off-by: Ryan Everett --- library/threading.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/threading.c b/library/threading.c index 94404acb8..c28290fb7 100644 --- a/library/threading.c +++ b/library/threading.c @@ -149,7 +149,7 @@ void mbedtls_threading_set_alt(void (*mutex_init)(mbedtls_threading_mutex_t *), mbedtls_mutex_init(&mbedtls_threading_gmtime_mutex); #endif #if defined(MBEDTLS_PSA_CRYPTO_C) - mbedtls_mutext_init(&mbedtls_threading_key_slot_mutex); + mbedtls_mutex_init(&mbedtls_threading_key_slot_mutex); #endif } From 69b5a860644510e0315b9ec65991d5e111e81f15 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 19 Jan 2024 14:02:08 +0000 Subject: [PATCH 1414/1674] Improve mbedtls_xor for IAR Signed-off-by: Dave Rodgman --- library/common.h | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/library/common.h b/library/common.h index e532777e7..5c73e8a66 100644 --- a/library/common.h +++ b/library/common.h @@ -191,21 +191,30 @@ inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned uint8x16_t x = veorq_u8(v1, v2); vst1q_u8(r + i, x); } + // This if statement helps some compilers (e.g., IAR) optimise out the byte-by-byte tail case + // where n is a constant multiple of 16. + // It makes no difference for others (e.g. recent gcc and clang) if n is a compile-time + // constant, and very little difference if n is not a compile-time constant. + if (n % 16 != 0) #elif defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_ARM64) /* This codepath probably only makes sense on architectures with 64-bit registers */ for (; (i + 8) <= n; i += 8) { uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i); mbedtls_put_unaligned_uint64(r + i, x); } + if (n % 8 != 0) #else for (; (i + 4) <= n; i += 4) { uint32_t x = mbedtls_get_unaligned_uint32(a + i) ^ mbedtls_get_unaligned_uint32(b + i); mbedtls_put_unaligned_uint32(r + i, x); } + if (n % 4 != 0) #endif #endif - for (; i < n; i++) { - r[i] = a[i] ^ b[i]; + { + for (; i < n; i++) { + r[i] = a[i] ^ b[i]; + } } } @@ -236,15 +245,23 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i); mbedtls_put_unaligned_uint64(r + i, x); } + // This if statement helps some compilers (e.g., IAR) optimise out the byte-by-byte tail case + // where n is a constant multiple of 8. + // It makes no difference for others (e.g. recent gcc and clang) if n is a compile-time + // constant, and very little difference if n is not a compile-time constant. + if (n % 8 != 0) #else for (; (i + 4) <= n; i += 4) { uint32_t x = mbedtls_get_unaligned_uint32(a + i) ^ mbedtls_get_unaligned_uint32(b + i); mbedtls_put_unaligned_uint32(r + i, x); } + if (n % 4 != 0) #endif #endif - for (; i < n; i++) { - r[i] = a[i] ^ b[i]; + { + for (; i < n; i++) { + r[i] = a[i] ^ b[i]; + } } } From 7d8c99abb08a9e0716cd9bb9747cffce1a7d235a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 19 Jan 2024 14:02:58 +0000 Subject: [PATCH 1415/1674] Move MBEDTLS_COMPILER_IS_GCC defn into alignment.h Signed-off-by: Dave Rodgman --- library/alignment.h | 8 ++++++++ library/common.h | 9 --------- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/library/alignment.h b/library/alignment.h index 9e1e044ec..219f4f0af 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -15,6 +15,14 @@ #include #include +#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \ + && !defined(__llvm__) && !defined(__INTEL_COMPILER) +/* Defined if the compiler really is gcc and not clang, etc */ +#define MBEDTLS_COMPILER_IS_GCC +#define MBEDTLS_GCC_VERSION \ + (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) +#endif + /* * Define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS for architectures where unaligned memory * accesses are known to be efficient. diff --git a/library/common.h b/library/common.h index 5c73e8a66..faefd64ea 100644 --- a/library/common.h +++ b/library/common.h @@ -27,15 +27,6 @@ #define MBEDTLS_HAVE_NEON_INTRINSICS #endif - -#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \ - && !defined(__llvm__) && !defined(__INTEL_COMPILER) -/* Defined if the compiler really is gcc and not clang, etc */ -#define MBEDTLS_COMPILER_IS_GCC -#define MBEDTLS_GCC_VERSION \ - (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) -#endif - /** Helper to define a function as static except when building invasive tests. * * If a function is only used inside its own source file and should be From db8915287e183e642254565f9058ace93aabcf8a Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Tue, 16 Jan 2024 13:32:31 +0000 Subject: [PATCH 1416/1674] programs_dh_client/server: Changed mdlen type to unsigned integer. Signed-off-by: Minos Galanakis --- programs/pkey/dh_client.c | 5 +++-- programs/pkey/dh_server.c | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index 1b5ba407e..e8469141a 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -59,7 +59,8 @@ int main(void) int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; - size_t n, buflen, mdlen; + unsigned int mdlen; + size_t n, buflen; mbedtls_net_context server_fd; unsigned char *p, *end; @@ -186,7 +187,7 @@ int main(void) goto exit; } - mdlen = mbedtls_md_get_size(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256)); + mdlen = (unsigned int) mbedtls_md_get_size(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256)); if (mdlen == 0) { mbedtls_printf(" failed\n ! Invalid digest type\n\n"); goto exit; diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index 11c28fb51..c08b0dc39 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -51,7 +51,8 @@ int main(void) int ret = 1; int exit_code = MBEDTLS_EXIT_FAILURE; - size_t n, buflen, mdlen; + unsigned int mdlen; + size_t n, buflen; mbedtls_net_context listen_fd, client_fd; unsigned char buf[2048]; @@ -185,7 +186,7 @@ int main(void) * 5. Sign the parameters and send them */ - mdlen = mbedtls_md_get_size(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256)); + mdlen = (unsigned int) mbedtls_md_get_size(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256)); if (mdlen == 0) { mbedtls_printf(" failed\n ! Invalid digest type\n\n"); goto exit; From 42151380aff54e6f76ee428a2bc57ec825bd3a6f Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Fri, 19 Jan 2024 13:36:57 +0000 Subject: [PATCH 1417/1674] programs_dh_client/server: Updated config guards. Adjusted to use `MBEDTLS_SHA256_C` instead of `MBEDTLS_MD_CAN_SHA256` since the former is being used in accelerated driver configurations. Signed-off-by: Minos Galanakis --- programs/pkey/dh_client.c | 11 +++++------ programs/pkey/dh_server.c | 10 +++++----- 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index e8469141a..165cee240 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -13,13 +13,13 @@ #if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) && \ + defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \ defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) #include "mbedtls/net_sockets.h" #include "mbedtls/aes.h" #include "mbedtls/dhm.h" #include "mbedtls/rsa.h" -#include "mbedtls/sha1.h" +#include "mbedtls/sha256.h" #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" @@ -32,15 +32,14 @@ #if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) - int main(void) { mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_SHA1_C not defined.\n"); mbedtls_exit(0); } @@ -194,7 +193,7 @@ int main(void) } if ((ret = mbedtls_sha256(buf, (int) (p - 2 - buf), hash, 0)) != 0) { - mbedtls_printf(" failed\n ! mbedtls_sha1 returned %d\n\n", ret); + mbedtls_printf(" failed\n ! mbedtls_sha256 returned %d\n\n", ret); goto exit; } diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index c08b0dc39..91bac0ef4 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -13,13 +13,13 @@ #if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) && \ + defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \ defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) #include "mbedtls/net_sockets.h" #include "mbedtls/aes.h" #include "mbedtls/dhm.h" #include "mbedtls/rsa.h" -#include "mbedtls/sha1.h" +#include "mbedtls/sha256.h" #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" @@ -32,14 +32,14 @@ #if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \ + !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) int main(void) { mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " "MBEDTLS_MD_CAN_SHA256 and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); + "MBEDTLS_CTR_DRBG_C and/or MBEDTLS_SHA1_C not defined.\n"); mbedtls_exit(0); } #else @@ -193,7 +193,7 @@ int main(void) } if ((ret = mbedtls_sha256(buf, n, hash, 0)) != 0) { - mbedtls_printf(" failed\n ! mbedtls_sha1 returned %d\n\n", ret); + mbedtls_printf(" failed\n ! mbedtls_sha256 returned %d\n\n", ret); goto exit; } From c581264977e2b0309697fddc4a345ba1c4d02544 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 19 Jan 2024 14:04:28 +0000 Subject: [PATCH 1418/1674] Fix unaligned access on old compilers Add an alternative implementation of unaligned access that is efficient for IAR and old versions of gcc. Signed-off-by: Dave Rodgman --- library/alignment.h | 74 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) diff --git a/library/alignment.h b/library/alignment.h index 219f4f0af..e7318c2ac 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -45,6 +45,46 @@ #define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS #endif +#if defined(__IAR_SYSTEMS_ICC__) && \ + (defined(MBEDTLS_ARCH_IS_ARM64) || defined(MBEDTLS_ARCH_IS_ARM32) \ + || defined(__ICCRX__) || defined(__ICCRL78__) || defined(__ICCRISCV__)) +#pragma language=save +#pragma language=extended +#define MBEDTLS_POP_IAR_LANGUAGE_PRAGMA +/* IAR recommend this technique for accessing unaligned data in + * https://www.iar.com/knowledge/support/technical-notes/compiler/accessing-unaligned-data + * This results in a single load / store instruction (if unaligned access is supported). + * According to that document, this is only supported on certain architectures. + */ + #define UINT_UNALIGNED +typedef uint16_t __packed mbedtls_uint16_unaligned_t; +typedef uint32_t __packed mbedtls_uint32_unaligned_t; +typedef uint64_t __packed mbedtls_uint64_unaligned_t; +#elif defined(MBEDTLS_COMPILER_IS_GCC) && (MBEDTLS_GCC_VERSION >= 40504) && \ + ((MBEDTLS_GCC_VERSION < 90300) || (!defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS))) +/* + * Old versions of gcc, depending on how the target is specified, may generate a branch to memcpy + * for calls like `memcpy(dest, src, 4)` rather than generating some LDR or LDRB instructions + * (similar for stores). + * Recent versions where unaligned access is not enabled also do this. + * + * For performance (and code size, in some cases), we want to avoid the branch and just generate + * some inline load/store instructions since the access is small and constant-size. + * + * The manual states: + * "The aligned attribute specifies a minimum alignment for the variable or structure field, + * measured in bytes." + * https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html + * + * Tested with several versions of GCC from 4.5.0 up to 9.3.0 + * We don't enable for older than 4.5.0 as this has not been tested. + */ + #define UINT_UNALIGNED +typedef uint16_t __attribute__((__aligned__(1))) mbedtls_uint16_unaligned_t; +typedef uint32_t __attribute__((__aligned__(1))) mbedtls_uint32_unaligned_t; +typedef uint64_t __attribute__((__aligned__(1))) mbedtls_uint64_unaligned_t; + #endif + /** * Read the unsigned 16 bits integer from the given address, which need not * be aligned. @@ -55,7 +95,12 @@ inline uint16_t mbedtls_get_unaligned_uint16(const void *p) { uint16_t r; +#if defined(UINT_UNALIGNED) + mbedtls_uint16_unaligned_t *p16 = (mbedtls_uint16_unaligned_t *) p; + r = *p16; +#else memcpy(&r, p, sizeof(r)); +#endif return r; } @@ -68,7 +113,12 @@ inline uint16_t mbedtls_get_unaligned_uint16(const void *p) */ inline void mbedtls_put_unaligned_uint16(void *p, uint16_t x) { +#if defined(UINT_UNALIGNED) + mbedtls_uint16_unaligned_t *p16 = (mbedtls_uint16_unaligned_t *) p; + *p16 = x; +#else memcpy(p, &x, sizeof(x)); +#endif } /** @@ -81,7 +131,12 @@ inline void mbedtls_put_unaligned_uint16(void *p, uint16_t x) inline uint32_t mbedtls_get_unaligned_uint32(const void *p) { uint32_t r; +#if defined(UINT_UNALIGNED) + mbedtls_uint32_unaligned_t *p32 = (mbedtls_uint32_unaligned_t *) p; + r = *p32; +#else memcpy(&r, p, sizeof(r)); +#endif return r; } @@ -94,7 +149,12 @@ inline uint32_t mbedtls_get_unaligned_uint32(const void *p) */ inline void mbedtls_put_unaligned_uint32(void *p, uint32_t x) { +#if defined(UINT_UNALIGNED) + mbedtls_uint32_unaligned_t *p32 = (mbedtls_uint32_unaligned_t *) p; + *p32 = x; +#else memcpy(p, &x, sizeof(x)); +#endif } /** @@ -107,7 +167,12 @@ inline void mbedtls_put_unaligned_uint32(void *p, uint32_t x) inline uint64_t mbedtls_get_unaligned_uint64(const void *p) { uint64_t r; +#if defined(UINT_UNALIGNED) + mbedtls_uint64_unaligned_t *p64 = (mbedtls_uint64_unaligned_t *) p; + r = *p64; +#else memcpy(&r, p, sizeof(r)); +#endif return r; } @@ -120,9 +185,18 @@ inline uint64_t mbedtls_get_unaligned_uint64(const void *p) */ inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x) { +#if defined(UINT_UNALIGNED) + mbedtls_uint64_unaligned_t *p64 = (mbedtls_uint64_unaligned_t *) p; + *p64 = x; +#else memcpy(p, &x, sizeof(x)); +#endif } +#if defined(MBEDTLS_POP_IAR_LANGUAGE_PRAGMA) +#pragma language=restore +#endif + /** Byte Reading Macros * * Given a multi-byte integer \p x, MBEDTLS_BYTE_n retrieves the n-th From 55b5dd2cfc3c751368ddf262d7fb1b8ba7540bdc Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 19 Jan 2024 14:06:52 +0000 Subject: [PATCH 1419/1674] Make unaligned accessors always inline Signed-off-by: Dave Rodgman --- library/alignment.h | 48 +++++++++++++++++++++++++++++++++++------ library/platform_util.c | 12 ----------- 2 files changed, 42 insertions(+), 18 deletions(-) diff --git a/library/alignment.h b/library/alignment.h index e7318c2ac..b61301922 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -85,6 +85,12 @@ typedef uint32_t __attribute__((__aligned__(1))) mbedtls_uint32_unaligned_t; typedef uint64_t __attribute__((__aligned__(1))) mbedtls_uint64_unaligned_t; #endif +/* + * We try to force mbedtls_(get|put)_unaligned_uintXX to be always inline, because this results + * in code that is both smaller and faster. IAR and gcc both benefit from this when optimising + * for size. + */ + /** * Read the unsigned 16 bits integer from the given address, which need not * be aligned. @@ -92,7 +98,12 @@ typedef uint64_t __attribute__((__aligned__(1))) mbedtls_uint64_unaligned_t; * \param p pointer to 2 bytes of data * \return Data at the given address */ -inline uint16_t mbedtls_get_unaligned_uint16(const void *p) +#if defined(__IAR_SYSTEMS_ICC__) +#pragma inline = forced +#elif defined(__GNUC__) +__attribute__((always_inline)) +#endif +static inline uint16_t mbedtls_get_unaligned_uint16(const void *p) { uint16_t r; #if defined(UINT_UNALIGNED) @@ -111,7 +122,12 @@ inline uint16_t mbedtls_get_unaligned_uint16(const void *p) * \param p pointer to 2 bytes of data * \param x data to write */ -inline void mbedtls_put_unaligned_uint16(void *p, uint16_t x) +#if defined(__IAR_SYSTEMS_ICC__) +#pragma inline = forced +#elif defined(__GNUC__) +__attribute__((always_inline)) +#endif +static inline void mbedtls_put_unaligned_uint16(void *p, uint16_t x) { #if defined(UINT_UNALIGNED) mbedtls_uint16_unaligned_t *p16 = (mbedtls_uint16_unaligned_t *) p; @@ -128,7 +144,12 @@ inline void mbedtls_put_unaligned_uint16(void *p, uint16_t x) * \param p pointer to 4 bytes of data * \return Data at the given address */ -inline uint32_t mbedtls_get_unaligned_uint32(const void *p) +#if defined(__IAR_SYSTEMS_ICC__) +#pragma inline = forced +#elif defined(__GNUC__) +__attribute__((always_inline)) +#endif +static inline uint32_t mbedtls_get_unaligned_uint32(const void *p) { uint32_t r; #if defined(UINT_UNALIGNED) @@ -147,7 +168,12 @@ inline uint32_t mbedtls_get_unaligned_uint32(const void *p) * \param p pointer to 4 bytes of data * \param x data to write */ -inline void mbedtls_put_unaligned_uint32(void *p, uint32_t x) +#if defined(__IAR_SYSTEMS_ICC__) +#pragma inline = forced +#elif defined(__GNUC__) +__attribute__((always_inline)) +#endif +static inline void mbedtls_put_unaligned_uint32(void *p, uint32_t x) { #if defined(UINT_UNALIGNED) mbedtls_uint32_unaligned_t *p32 = (mbedtls_uint32_unaligned_t *) p; @@ -164,7 +190,12 @@ inline void mbedtls_put_unaligned_uint32(void *p, uint32_t x) * \param p pointer to 8 bytes of data * \return Data at the given address */ -inline uint64_t mbedtls_get_unaligned_uint64(const void *p) +#if defined(__IAR_SYSTEMS_ICC__) +#pragma inline = forced +#elif defined(__GNUC__) +__attribute__((always_inline)) +#endif +static inline uint64_t mbedtls_get_unaligned_uint64(const void *p) { uint64_t r; #if defined(UINT_UNALIGNED) @@ -183,7 +214,12 @@ inline uint64_t mbedtls_get_unaligned_uint64(const void *p) * \param p pointer to 8 bytes of data * \param x data to write */ -inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x) +#if defined(__IAR_SYSTEMS_ICC__) +#pragma inline = forced +#elif defined(__GNUC__) +__attribute__((always_inline)) +#endif +static inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x) { #if defined(UINT_UNALIGNED) mbedtls_uint64_unaligned_t *p64 = (mbedtls_uint64_unaligned_t *) p; diff --git a/library/platform_util.c b/library/platform_util.c index 63643d26f..e79fc5c8e 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -226,18 +226,6 @@ extern inline void mbedtls_xor(unsigned char *r, const unsigned char *b, size_t n); -extern inline uint16_t mbedtls_get_unaligned_uint16(const void *p); - -extern inline void mbedtls_put_unaligned_uint16(void *p, uint16_t x); - -extern inline uint32_t mbedtls_get_unaligned_uint32(const void *p); - -extern inline void mbedtls_put_unaligned_uint32(void *p, uint32_t x); - -extern inline uint64_t mbedtls_get_unaligned_uint64(const void *p); - -extern inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x); - #if defined(MBEDTLS_HAVE_TIME) && !defined(MBEDTLS_PLATFORM_MS_TIME_ALT) #include From 18d90d75195fb56834360c42a4f06318afa3cccc Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 19 Jan 2024 14:08:04 +0000 Subject: [PATCH 1420/1674] Make mbedtls_xor always inline Signed-off-by: Dave Rodgman --- library/common.h | 18 +++++++++++++++++- library/platform_util.c | 9 --------- 2 files changed, 17 insertions(+), 10 deletions(-) diff --git a/library/common.h b/library/common.h index faefd64ea..760dff49e 100644 --- a/library/common.h +++ b/library/common.h @@ -158,6 +158,12 @@ static inline const unsigned char *mbedtls_buffer_offset_const( return p == NULL ? NULL : p + n; } +/* Always inline mbedtls_xor for similar reasons as mbedtls_xor_no_simd. */ +#if defined(__IAR_SYSTEMS_ICC__) +#pragma inline = forced +#elif defined(__GNUC__) +__attribute__((always_inline)) +#endif /** * Perform a fast block XOR operation, such that * r[i] = a[i] ^ b[i] where 0 <= i < n @@ -169,7 +175,10 @@ static inline const unsigned char *mbedtls_buffer_offset_const( * \param b Pointer to input (buffer of at least \p n bytes) * \param n Number of bytes to process. */ -inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned char *b, size_t n) +static inline void mbedtls_xor(unsigned char *r, + const unsigned char *a, + const unsigned char *b, + size_t n) { size_t i = 0; #if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS) @@ -209,6 +218,13 @@ inline void mbedtls_xor(unsigned char *r, const unsigned char *a, const unsigned } } +/* Always inline mbedtls_xor_no_simd as we see significant perf regressions when it does not get + * inlined (e.g., observed about 3x perf difference in gcm_mult_largetable with gcc 7 - 12) */ +#if defined(__IAR_SYSTEMS_ICC__) +#pragma inline = forced +#elif defined(__GNUC__) +__attribute__((always_inline)) +#endif /** * Perform a fast block XOR operation, such that * r[i] = a[i] ^ b[i] where 0 <= i < n diff --git a/library/platform_util.c b/library/platform_util.c index e79fc5c8e..9f5dcb874 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -217,15 +217,6 @@ struct tm *mbedtls_platform_gmtime_r(const mbedtls_time_t *tt, void (*mbedtls_test_hook_test_fail)(const char *, int, const char *); #endif /* MBEDTLS_TEST_HOOKS */ -/* - * Provide external definitions of some inline functions so that the compiler - * has the option to not inline them - */ -extern inline void mbedtls_xor(unsigned char *r, - const unsigned char *a, - const unsigned char *b, - size_t n); - #if defined(MBEDTLS_HAVE_TIME) && !defined(MBEDTLS_PLATFORM_MS_TIME_ALT) #include From 2143a4ad1fc79e3e601e078f86aafcb6fbabcc71 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 19 Jan 2024 14:08:17 +0000 Subject: [PATCH 1421/1674] Improve mbedtls_xor docs Signed-off-by: Dave Rodgman --- library/common.h | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/library/common.h b/library/common.h index 760dff49e..3b1c7e1e7 100644 --- a/library/common.h +++ b/library/common.h @@ -174,6 +174,14 @@ __attribute__((always_inline)) * \param a Pointer to input (buffer of at least \p n bytes) * \param b Pointer to input (buffer of at least \p n bytes) * \param n Number of bytes to process. + * + * \note Depending on the situation, it may be faster to use either mbedtls_xor or + * mbedtls_xor_no_simd (these are functionally equivalent). + * If the result is used immediately after the xor operation in non-SIMD code (e.g, in + * AES-CBC), there may be additional latency to transfer the data from SIMD to scalar + * registers, and in this case, mbedtls_xor_no_simd may be faster. In other cases where + * the result is not used immediately (e.g., in AES-CTR), mbedtls_xor may be faster. + * For targets without SIMD support, they will behave the same. */ static inline void mbedtls_xor(unsigned char *r, const unsigned char *a, @@ -238,6 +246,14 @@ __attribute__((always_inline)) * \param a Pointer to input (buffer of at least \p n bytes) * \param b Pointer to input (buffer of at least \p n bytes) * \param n Number of bytes to process. + * + * \note Depending on the situation, it may be faster to use either mbedtls_xor or + * mbedtls_xor_no_simd (these are functionally equivalent). + * If the result is used immediately after the xor operation in non-SIMD code (e.g, in + * AES-CBC), there may be additional latency to transfer the data from SIMD to scalar + * registers, and in this case, mbedtls_xor_no_simd may be faster. In other cases where + * the result is not used immediately (e.g., in AES-CTR), mbedtls_xor may be faster. + * For targets without SIMD support, they will behave the same. */ static inline void mbedtls_xor_no_simd(unsigned char *r, const unsigned char *a, From 7470557855e5eecb74064a7e1773995e03bd622a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 19 Jan 2024 14:29:32 +0000 Subject: [PATCH 1422/1674] Add changelog entry Signed-off-by: Dave Rodgman --- ChangeLog.d/iar-gcc-perf.txt | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 ChangeLog.d/iar-gcc-perf.txt diff --git a/ChangeLog.d/iar-gcc-perf.txt b/ChangeLog.d/iar-gcc-perf.txt new file mode 100644 index 000000000..fb0fbb10d --- /dev/null +++ b/ChangeLog.d/iar-gcc-perf.txt @@ -0,0 +1,2 @@ +Features + * Improve performance for gcc (versions older than 9.3.0) and IAR. From 00b4eeb0b3b8569ee371dd91a0a6fac6ebc0ee34 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 19 Jan 2024 16:06:41 +0000 Subject: [PATCH 1423/1674] Improve comments Signed-off-by: Dave Rodgman --- library/common.h | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/library/common.h b/library/common.h index 3b1c7e1e7..2eb917037 100644 --- a/library/common.h +++ b/library/common.h @@ -158,7 +158,7 @@ static inline const unsigned char *mbedtls_buffer_offset_const( return p == NULL ? NULL : p + n; } -/* Always inline mbedtls_xor for similar reasons as mbedtls_xor_no_simd. */ +/* Always inline mbedtls_xor() for similar reasons as mbedtls_xor_no_simd(). */ #if defined(__IAR_SYSTEMS_ICC__) #pragma inline = forced #elif defined(__GNUC__) @@ -175,12 +175,12 @@ __attribute__((always_inline)) * \param b Pointer to input (buffer of at least \p n bytes) * \param n Number of bytes to process. * - * \note Depending on the situation, it may be faster to use either mbedtls_xor or - * mbedtls_xor_no_simd (these are functionally equivalent). + * \note Depending on the situation, it may be faster to use either mbedtls_xor() or + * mbedtls_xor_no_simd() (these are functionally equivalent). * If the result is used immediately after the xor operation in non-SIMD code (e.g, in * AES-CBC), there may be additional latency to transfer the data from SIMD to scalar - * registers, and in this case, mbedtls_xor_no_simd may be faster. In other cases where - * the result is not used immediately (e.g., in AES-CTR), mbedtls_xor may be faster. + * registers, and in this case, mbedtls_xor_no_simd() may be faster. In other cases where + * the result is not used immediately (e.g., in AES-CTR), mbedtls_xor() may be faster. * For targets without SIMD support, they will behave the same. */ static inline void mbedtls_xor(unsigned char *r, @@ -199,10 +199,10 @@ static inline void mbedtls_xor(unsigned char *r, uint8x16_t x = veorq_u8(v1, v2); vst1q_u8(r + i, x); } - // This if statement helps some compilers (e.g., IAR) optimise out the byte-by-byte tail case - // where n is a constant multiple of 16. - // It makes no difference for others (e.g. recent gcc and clang) if n is a compile-time - // constant, and very little difference if n is not a compile-time constant. + /* This if statement helps some compilers (e.g., IAR) optimise out the byte-by-byte tail case + * where n is a constant multiple of 16. + * It makes no difference for others (e.g. recent gcc and clang) if n is a compile-time + * constant, and very little difference if n is not a compile-time constant. */ if (n % 16 != 0) #elif defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_ARM64) /* This codepath probably only makes sense on architectures with 64-bit registers */ @@ -226,7 +226,7 @@ static inline void mbedtls_xor(unsigned char *r, } } -/* Always inline mbedtls_xor_no_simd as we see significant perf regressions when it does not get +/* Always inline mbedtls_xor_no_simd() as we see significant perf regressions when it does not get * inlined (e.g., observed about 3x perf difference in gcm_mult_largetable with gcc 7 - 12) */ #if defined(__IAR_SYSTEMS_ICC__) #pragma inline = forced @@ -237,7 +237,7 @@ __attribute__((always_inline)) * Perform a fast block XOR operation, such that * r[i] = a[i] ^ b[i] where 0 <= i < n * - * In some situations, this can perform better than mbedtls_xor (e.g., it's about 5% + * In some situations, this can perform better than mbedtls_xor() (e.g., it's about 5% * better in AES-CBC). * * \param r Pointer to result (buffer of at least \p n bytes). \p r @@ -247,12 +247,12 @@ __attribute__((always_inline)) * \param b Pointer to input (buffer of at least \p n bytes) * \param n Number of bytes to process. * - * \note Depending on the situation, it may be faster to use either mbedtls_xor or - * mbedtls_xor_no_simd (these are functionally equivalent). + * \note Depending on the situation, it may be faster to use either mbedtls_xor() or + * mbedtls_xor_no_simd() (these are functionally equivalent). * If the result is used immediately after the xor operation in non-SIMD code (e.g, in * AES-CBC), there may be additional latency to transfer the data from SIMD to scalar - * registers, and in this case, mbedtls_xor_no_simd may be faster. In other cases where - * the result is not used immediately (e.g., in AES-CTR), mbedtls_xor may be faster. + * registers, and in this case, mbedtls_xor_no_simd() may be faster. In other cases where + * the result is not used immediately (e.g., in AES-CTR), mbedtls_xor() may be faster. * For targets without SIMD support, they will behave the same. */ static inline void mbedtls_xor_no_simd(unsigned char *r, @@ -268,10 +268,10 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i); mbedtls_put_unaligned_uint64(r + i, x); } - // This if statement helps some compilers (e.g., IAR) optimise out the byte-by-byte tail case - // where n is a constant multiple of 8. - // It makes no difference for others (e.g. recent gcc and clang) if n is a compile-time - // constant, and very little difference if n is not a compile-time constant. + /* This if statement helps some compilers (e.g., IAR) optimise out the byte-by-byte tail case + * where n is a constant multiple of 16. + * It makes no difference for others (e.g. recent gcc and clang) if n is a compile-time + * constant, and very little difference if n is not a compile-time constant. */ if (n % 8 != 0) #else for (; (i + 4) <= n; i += 4) { From 336efeec50cc237a7c1e03a0744d3188a7f805fd Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 19 Jan 2024 16:38:53 +0000 Subject: [PATCH 1424/1674] Move MBEDTLS_COMPILER_IS_GCC & MBEDTLS_GCC_VERSION into build_info Signed-off-by: Dave Rodgman --- include/mbedtls/build_info.h | 8 ++++++++ library/alignment.h | 8 +------- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 7a70e2543..c0b724c83 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -83,6 +83,14 @@ #endif #endif +#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \ + && !defined(__llvm__) && !defined(__INTEL_COMPILER) +/* Defined if the compiler really is gcc and not clang, etc */ +#define MBEDTLS_COMPILER_IS_GCC +#define MBEDTLS_GCC_VERSION \ + (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) +#endif + #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) #define _CRT_SECURE_NO_DEPRECATE 1 #endif diff --git a/library/alignment.h b/library/alignment.h index b61301922..26f15261c 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -15,13 +15,7 @@ #include #include -#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \ - && !defined(__llvm__) && !defined(__INTEL_COMPILER) -/* Defined if the compiler really is gcc and not clang, etc */ -#define MBEDTLS_COMPILER_IS_GCC -#define MBEDTLS_GCC_VERSION \ - (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) -#endif +#include "mbedtls/build_info.h" /* * Define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS for architectures where unaligned memory From 075f8797ac35925089116959c98366ccd2cb00e6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 19 Jan 2024 16:48:42 +0000 Subject: [PATCH 1425/1674] Remove include of build_info.h Signed-off-by: Dave Rodgman --- library/alignment.h | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/alignment.h b/library/alignment.h index 26f15261c..248f29bc7 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -15,8 +15,6 @@ #include #include -#include "mbedtls/build_info.h" - /* * Define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS for architectures where unaligned memory * accesses are known to be efficient. From 297c6089159e0a8c0195ca18777ce904b83fedcd Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 19 Jan 2024 08:15:33 +0100 Subject: [PATCH 1426/1674] tls13: cli: Fix setting of early data transform Fix setting of early data transform when we do not send dummy CCS for middlebox compatibility. Signed-off-by: Ronald Cron --- library/ssl_tls13_client.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index a3d33a34f..76f0f1896 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1236,10 +1236,6 @@ int mbedtls_ssl_tls13_finalize_client_hello(mbedtls_ssl_context *ssl) const mbedtls_ssl_ciphersuite_t *ciphersuite_info; if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED) { -#if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE) - mbedtls_ssl_handshake_set_state( - ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO); -#endif MBEDTLS_SSL_DEBUG_MSG( 1, ("Set hs psk for early data when writing the first psk")); @@ -1294,6 +1290,15 @@ int mbedtls_ssl_tls13_finalize_client_hello(mbedtls_ssl_context *ssl) return ret; } +#if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE) + mbedtls_ssl_handshake_set_state( + ssl, MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO); +#else + MBEDTLS_SSL_DEBUG_MSG( + 1, ("Switch to early data keys for outbound traffic")); + mbedtls_ssl_set_outbound_transform( + ssl, ssl->handshake->transform_earlydata); +#endif } #endif /* MBEDTLS_SSL_EARLY_DATA */ return 0; @@ -3067,19 +3072,19 @@ int mbedtls_ssl_tls13_handshake_client_step(mbedtls_ssl_context *ssl) } break; +#if defined(MBEDTLS_SSL_EARLY_DATA) case MBEDTLS_SSL_CLIENT_CCS_AFTER_CLIENT_HELLO: ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl); if (ret == 0) { mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO); -#if defined(MBEDTLS_SSL_EARLY_DATA) MBEDTLS_SSL_DEBUG_MSG( 1, ("Switch to early data keys for outbound traffic")); mbedtls_ssl_set_outbound_transform( ssl, ssl->handshake->transform_earlydata); -#endif } break; +#endif /* MBEDTLS_SSL_EARLY_DATA */ #endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) From 77abfe67db1ff1bdae3ff1c93e7878e8ee0826f8 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 15 Jan 2024 11:17:31 +0100 Subject: [PATCH 1427/1674] ssl_helpers.c: Add ticket write/parse test functions Add ticket write/parse test functions as defined by mbedtls_ssl_ticket_write/parse_t. They are intended to be used in negative testing involving tickets. Signed-off-by: Ronald Cron --- tests/include/test/ssl_helpers.h | 10 ++++++++++ tests/src/test_helpers/ssl_helpers.c | 30 ++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+) diff --git a/tests/include/test/ssl_helpers.h b/tests/include/test/ssl_helpers.h index d03c62414..1f41966d6 100644 --- a/tests/include/test/ssl_helpers.h +++ b/tests/include/test/ssl_helpers.h @@ -589,6 +589,16 @@ int mbedtls_test_tweak_tls13_certificate_msg_vector_len( int *expected_result, mbedtls_ssl_chk_buf_ptr_args *args); #endif /* MBEDTLS_TEST_HOOKS */ +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +int mbedtls_test_ticket_write( + void *p_ticket, const mbedtls_ssl_session *session, + unsigned char *start, const unsigned char *end, + size_t *tlen, uint32_t *ticket_lifetime); + +int mbedtls_test_ticket_parse(void *p_ticket, mbedtls_ssl_session *session, + unsigned char *buf, size_t len); +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + #define ECJPAKE_TEST_PWD "bla" #if defined(MBEDTLS_USE_PSA_CRYPTO) diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 2368a7654..b13d7e38b 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -2419,4 +2419,34 @@ int mbedtls_test_tweak_tls13_certificate_msg_vector_len( return 0; } #endif /* MBEDTLS_TEST_HOOKS */ + +/* Functions for session ticket tests */ +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +int mbedtls_test_ticket_write( + void *p_ticket, const mbedtls_ssl_session *session, + unsigned char *start, const unsigned char *end, + size_t *tlen, uint32_t *lifetime) +{ + int ret; + ((void) p_ticket); + + if ((ret = mbedtls_ssl_session_save(session, start, end - start, + tlen)) != 0) { + return ret; + } + + /* Maximum ticket lifetime as defined in RFC 8446 */ + *lifetime = 7 * 24 * 3600; + + return 0; +} + +int mbedtls_test_ticket_parse(void *p_ticket, mbedtls_ssl_session *session, + unsigned char *buf, size_t len) +{ + ((void) p_ticket); + + return mbedtls_ssl_session_load(session, buf, len); +} +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ #endif /* MBEDTLS_SSL_TLS_C */ From d903a86e52f21a65b45fa27699aabfe2d9a8cd81 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 15 Jan 2024 15:57:17 +0100 Subject: [PATCH 1428/1674] tests: tls13: Add session resume with ticket unit test This aims to provide a basis for negative testing around TLS 1.3 ticket, replacing eventually the negative tests done in ssl-opt.sh using the dummy_ticket option. Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.data | 3 + tests/suites/test_suite_ssl.function | 93 ++++++++++++++++++++++++++++ 2 files changed, 96 insertions(+) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index de998e3ff..37895f0b7 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -3270,3 +3270,6 @@ ssl_ecjpake_set_password:1 Test Elliptic curves' info parsing elliptic_curve_get_properties + +TLS 1.3 resume session with ticket +tls13_resume_session_with_ticket diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 8a03d1b97..9ca2058b4 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3519,3 +3519,96 @@ exit: MD_OR_USE_PSA_DONE(); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_SSL_SESSION_TICKETS */ +void tls13_resume_session_with_ticket() +{ + int ret = -1; + unsigned char buf[64]; + mbedtls_test_ssl_endpoint client_ep, server_ep; + mbedtls_test_handshake_test_options client_options; + mbedtls_test_handshake_test_options server_options; + mbedtls_ssl_session saved_session; + + /* + * Test set-up + */ + mbedtls_platform_zeroize(&client_ep, sizeof(client_ep)); + mbedtls_platform_zeroize(&server_ep, sizeof(server_ep)); + mbedtls_test_init_handshake_options(&client_options); + mbedtls_test_init_handshake_options(&server_options); + mbedtls_ssl_session_init(&saved_session); + + MD_OR_USE_PSA_INIT(); + + client_options.pk_alg = MBEDTLS_PK_ECDSA; + ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT, + &client_options, NULL, NULL, NULL, + NULL); + TEST_EQUAL(ret, 0); + + server_options.pk_alg = MBEDTLS_PK_ECDSA; + ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER, + &server_options, NULL, NULL, NULL, + NULL); + mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf, + mbedtls_test_ticket_write, + mbedtls_test_ticket_parse, + NULL); + TEST_EQUAL(ret, 0); + + ret = mbedtls_test_mock_socket_connect(&(client_ep.socket), + &(server_ep.socket), 1024); + TEST_EQUAL(ret, 0); + + /* + * Run initial handshake: ephemeral key exchange mode, certificate with + * RSA key, signed with PKCS15, verified with PKCS21. Then, get the ticket + * sent by the server at the end of its handshake sequence. + */ + TEST_ASSERT(mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_HANDSHAKE_OVER) == 0); + + do { + ret = mbedtls_ssl_read(&(client_ep.ssl), buf, sizeof(buf)); + } while (ret != MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET); + + /* + * Save client session and reset the SSL context of the two endpoints. + */ + ret = mbedtls_ssl_get_session(&(client_ep.ssl), &saved_session); + TEST_EQUAL(ret, 0); + + ret = mbedtls_ssl_session_reset(&(client_ep.ssl)); + TEST_EQUAL(ret, 0); + + ret = mbedtls_ssl_session_reset(&(server_ep.ssl)); + TEST_EQUAL(ret, 0); + + /* + * Set saved session on client side and handshake using the ticket + * included in that session. + */ + + ret = mbedtls_ssl_set_session(&(client_ep.ssl), &saved_session); + TEST_EQUAL(ret, 0); + + TEST_ASSERT(mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_HANDSHAKE_WRAPUP) == 0); + + TEST_EQUAL(server_ep.ssl.handshake->resume, 1); + TEST_EQUAL(server_ep.ssl.handshake->new_session_tickets_count, 1); + TEST_EQUAL(server_ep.ssl.handshake->key_exchange_mode, + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL); + +exit: + mbedtls_test_ssl_endpoint_free(&client_ep, NULL); + mbedtls_test_ssl_endpoint_free(&server_ep, NULL); + mbedtls_test_free_handshake_options(&client_options); + mbedtls_test_free_handshake_options(&server_options); + mbedtls_ssl_session_free(&saved_session); + MD_OR_USE_PSA_DONE(); +} +/* END_CASE */ From ec3408d70769163b890ac7bc0c628dde8cc9ae7a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 16 Jan 2024 17:50:40 +0100 Subject: [PATCH 1429/1674] tests: ssl: Move setting of debug callback Move the setting of the debug callback to the endpoint initialization function. That way, no need to repeat it in various testing scenarios. Signed-off-by: Ronald Cron --- tests/src/test_helpers/ssl_helpers.c | 39 ++++++++++++++++------------ 1 file changed, 23 insertions(+), 16 deletions(-) diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index b13d7e38b..51957463c 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -841,6 +841,23 @@ int mbedtls_test_ssl_endpoint_init( } #endif +#if defined(MBEDTLS_DEBUG_C) +#if defined(MBEDTLS_SSL_SRV_C) + if (endpoint_type == MBEDTLS_SSL_IS_SERVER && + options->srv_log_fun != NULL) { + mbedtls_ssl_conf_dbg(&(ep->conf), options->srv_log_fun, + options->srv_log_obj); + } +#endif +#if defined(MBEDTLS_SSL_CLI_C) + if (endpoint_type == MBEDTLS_SSL_IS_CLIENT && + options->cli_log_fun != NULL) { + mbedtls_ssl_conf_dbg(&(ep->conf), options->cli_log_fun, + options->cli_log_obj); + } +#endif +#endif /* MBEDTLS_DEBUG_C */ + ret = mbedtls_test_ssl_endpoint_certificate_init(ep, options->pk_alg, options->opaque_alg, options->opaque_alg2, @@ -1977,6 +1994,12 @@ void mbedtls_test_ssl_perform_handshake( mbedtls_test_message_socket_init(&server_context); mbedtls_test_message_socket_init(&client_context); +#if defined(MBEDTLS_DEBUG_C) + if (options->cli_log_fun || options->srv_log_fun) { + mbedtls_debug_set_threshold(4); + } +#endif + /* Client side */ if (options->dtls != 0) { TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&client, @@ -2000,14 +2023,6 @@ void mbedtls_test_ssl_perform_handshake( set_ciphersuite(&client.conf, options->cipher, forced_ciphersuite); } -#if defined(MBEDTLS_DEBUG_C) - if (options->cli_log_fun) { - mbedtls_debug_set_threshold(4); - mbedtls_ssl_conf_dbg(&client.conf, options->cli_log_fun, - options->cli_log_obj); - } -#endif - /* Server side */ if (options->dtls != 0) { TEST_ASSERT(mbedtls_test_ssl_endpoint_init(&server, @@ -2072,14 +2087,6 @@ void mbedtls_test_ssl_perform_handshake( } #endif /* MBEDTLS_SSL_RENEGOTIATION */ -#if defined(MBEDTLS_DEBUG_C) - if (options->srv_log_fun) { - mbedtls_debug_set_threshold(4); - mbedtls_ssl_conf_dbg(&server.conf, options->srv_log_fun, - options->srv_log_obj); - } -#endif - TEST_ASSERT(mbedtls_test_mock_socket_connect(&(client.socket), &(server.socket), BUFFSIZE) == 0); From a8dd81b4dee78a4063f33e76702362740298813c Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 16 Jan 2024 17:50:52 +0100 Subject: [PATCH 1430/1674] tests: tls13: Add early data unit test This aims to provide a basis for negative testing around TLS 1.3 early data. Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.data | 3 + tests/suites/test_suite_ssl.function | 157 +++++++++++++++++++++++++++ 2 files changed, 160 insertions(+) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 37895f0b7..c06c0a746 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -3273,3 +3273,6 @@ elliptic_curve_get_properties TLS 1.3 resume session with ticket tls13_resume_session_with_ticket + +TLS 1.3 early data +tls13_early_data diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 9ca2058b4..a8982495d 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -12,6 +12,48 @@ #define SSL_MESSAGE_QUEUE_INIT { NULL, 0, 0, 0 } +#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C) && \ + defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_DEBUG_C) && \ + defined(MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE) && \ + defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) && \ + defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) && \ + defined(MBEDTLS_MD_CAN_SHA256) && \ + defined(MBEDTLS_ECP_HAVE_SECP256R1) && defined(MBEDTLS_ECP_HAVE_SECP384R1) && \ + defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) && defined(MBEDTLS_SSL_SESSION_TICKETS) +/* + * The implementation of the function should be based on + * mbedtls_ssl_write_early_data() eventually. The current version aims at + * removing the dependency on mbedtls_ssl_write_early_data() for the + * development and testing of reading early data. + */ +static int write_early_data(mbedtls_ssl_context *ssl, + unsigned char *buf, size_t len) +{ + int ret = mbedtls_ssl_get_max_out_record_payload(ssl); + + TEST_ASSERT(ret > 0); + TEST_ASSERT(len <= (size_t) ret); + + ret = mbedtls_ssl_flush_output(ssl); + TEST_EQUAL(ret, 0); + TEST_EQUAL(ssl->out_left, 0); + + ssl->out_msglen = len; + ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA; + if (len > 0) { + memcpy(ssl->out_msg, buf, len); + } + + ret = mbedtls_ssl_write_record(ssl, 1); + TEST_EQUAL(ret, 0); + + ret = len; + +exit: + return ret; +} +#endif + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -3612,3 +3654,118 @@ exit: MD_OR_USE_PSA_DONE(); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_SSL_EARLY_DATA:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_DEBUG_C:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_SSL_SESSION_TICKETS */ +void tls13_early_data() +{ + int ret = -1; + unsigned char buf[64]; + const char *early_data = "This is early data."; + size_t early_data_len = strlen(early_data); + mbedtls_test_ssl_endpoint client_ep, server_ep; + mbedtls_test_handshake_test_options client_options; + mbedtls_test_handshake_test_options server_options; + mbedtls_ssl_session saved_session; + mbedtls_test_ssl_log_pattern server_pattern = { NULL, 0 }; + + /* + * Test set-up + */ + mbedtls_platform_zeroize(&client_ep, sizeof(client_ep)); + mbedtls_platform_zeroize(&server_ep, sizeof(server_ep)); + mbedtls_test_init_handshake_options(&client_options); + mbedtls_test_init_handshake_options(&server_options); + mbedtls_ssl_session_init(&saved_session); + + MD_OR_USE_PSA_INIT(); + + client_options.pk_alg = MBEDTLS_PK_ECDSA; + ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT, + &client_options, NULL, NULL, NULL, + NULL); + TEST_EQUAL(ret, 0); + mbedtls_ssl_conf_early_data(&client_ep.conf, MBEDTLS_SSL_EARLY_DATA_ENABLED); + + server_options.pk_alg = MBEDTLS_PK_ECDSA; + server_options.srv_log_fun = mbedtls_test_ssl_log_analyzer; + server_options.srv_log_obj = &server_pattern; + server_pattern.pattern = early_data; + ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER, + &server_options, NULL, NULL, NULL, + NULL); + TEST_EQUAL(ret, 0); + mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf, + mbedtls_test_ticket_write, + mbedtls_test_ticket_parse, + NULL); + mbedtls_ssl_conf_early_data(&server_ep.conf, MBEDTLS_SSL_EARLY_DATA_ENABLED); + + ret = mbedtls_test_mock_socket_connect(&(client_ep.socket), + &(server_ep.socket), 1024); + TEST_EQUAL(ret, 0); + + /* + * Run initial handshake: ephemeral key exchange mode, certificate with + * RSA key, signed with PKCS15, verified with PKCS21. Then, get the ticket + * sent by the server at the end of its handshake sequence. + */ + TEST_ASSERT(mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_HANDSHAKE_OVER) == 0); + + do { + ret = mbedtls_ssl_read(&(client_ep.ssl), buf, sizeof(buf)); + } while (ret != MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET); + + /* + * Save client session and reset the SSL context of the two endpoints. + */ + ret = mbedtls_ssl_get_session(&(client_ep.ssl), &saved_session); + TEST_EQUAL(ret, 0); + + ret = mbedtls_ssl_session_reset(&(client_ep.ssl)); + TEST_EQUAL(ret, 0); + + ret = mbedtls_ssl_session_reset(&(server_ep.ssl)); + TEST_EQUAL(ret, 0); + + /* + * Set saved session on client side and start handshake using the ticket + * included in that session. + */ + + ret = mbedtls_ssl_set_session(&(client_ep.ssl), &saved_session); + TEST_EQUAL(ret, 0); + + mbedtls_debug_set_threshold(3); + + TEST_ASSERT(mbedtls_test_move_handshake_to_state( + &(client_ep.ssl), &(server_ep.ssl), + MBEDTLS_SSL_SERVER_HELLO) == 0); + + TEST_ASSERT(client_ep.ssl.early_data_status != + MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT); + TEST_EQUAL(server_pattern.counter, 0); + + ret = write_early_data(&(client_ep.ssl), (unsigned char *) early_data, + early_data_len); + TEST_EQUAL(ret, early_data_len); + + TEST_ASSERT(mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_CLIENT_FINISHED) == 0); + + TEST_EQUAL(server_ep.ssl.early_data_status, + MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED); + TEST_EQUAL(server_pattern.counter, 1); + +exit: + mbedtls_test_ssl_endpoint_free(&client_ep, NULL); + mbedtls_test_ssl_endpoint_free(&server_ep, NULL); + mbedtls_test_free_handshake_options(&client_options); + mbedtls_test_free_handshake_options(&server_options); + mbedtls_ssl_session_free(&saved_session); + mbedtls_debug_set_threshold(0); + MD_OR_USE_PSA_DONE(); +} +/* END_CASE */ From f8fdbb517457c5a90d9011a68467da7e8bdf7a22 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 22 Jan 2024 09:13:41 +0100 Subject: [PATCH 1431/1674] tests: tls13: Run early data test only in TLS 1.3 only config Temporary workaround to not run the early data test in Windows-2013 where there is an issue with mbedtls_vsnprintf(). Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.function | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index a8982495d..234181d76 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -12,7 +12,8 @@ #define SSL_MESSAGE_QUEUE_INIT { NULL, 0, 0, 0 } -#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C) && \ +#if (!defined(MBEDTLS_SSL_PROTO_TLS1_2)) && \ + defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C) && \ defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_DEBUG_C) && \ defined(MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE) && \ defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) && \ @@ -3655,7 +3656,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_EARLY_DATA:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_DEBUG_C:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_SSL_SESSION_TICKETS */ +/* BEGIN_CASE depends_on:!MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_EARLY_DATA:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_DEBUG_C:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_SSL_SESSION_TICKETS */ void tls13_early_data() { int ret = -1; From 3c129dd6aa54cd83cbeb8c7bb13f8c75752a00dc Mon Sep 17 00:00:00 2001 From: v1gnesh Date: Mon, 22 Jan 2024 15:59:49 +0530 Subject: [PATCH 1432/1674] Update entropy_poll.c Signed-off-by: v1gnesh --- library/entropy_poll.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/entropy_poll.c b/library/entropy_poll.c index de2e0387a..bd21e2d22 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -29,7 +29,7 @@ #if !defined(unix) && !defined(__unix__) && !defined(__unix) && \ !defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \ - !defined(__HAIKU__) && !defined(__midipix__) + !defined(__HAIKU__) && !defined(__midipix__) && !defined(__MVS__) #error \ "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in mbedtls_config.h" #endif From 6425a188dfeeb831c71d47a835006fce8dad08ce Mon Sep 17 00:00:00 2001 From: Antonio de Angelis Date: Mon, 22 Jan 2024 11:39:34 +0000 Subject: [PATCH 1433/1674] Add a client view of the multipart contexts In case MBEDTLS_PSA_CRYPTO_CLIENT is defined and MBEDTLS_PSA_CRYPTO_C is not, a client view of the multipart operation contexts is provided through an handle object that allows mapping to the corresponding service side data structures. Signed-off-by: Antonio de Angelis --- include/psa/crypto_platform.h | 10 ++++++++++ include/psa/crypto_struct.h | 21 ++++++++++++++++++++- 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index 4d0343547..a871ee124 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -89,4 +89,14 @@ typedef struct { } mbedtls_psa_external_random_context_t; #endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) +/** The type of the client handle used in context structures + * + * When a client view of the multipart context structures is required, + * this handle is used to keep a mapping with the service side of the + * context which contains the actual data. + */ +typedef uint32_t mbedtls_psa_client_handle_t; +#endif + #endif /* PSA_CRYPTO_PLATFORM_H */ diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 3a196182a..b43215ded 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -68,6 +68,9 @@ extern "C" { #include "psa/crypto_driver_contexts_primitives.h" struct psa_hash_operation_s { +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) + mbedtls_psa_client_handle_t handle; +#else /** Unique ID indicating which driver got assigned to do the * operation. Since driver contexts are driver-specific, swapping * drivers halfway through the operation is not supported. @@ -76,6 +79,7 @@ struct psa_hash_operation_s { * any driver (i.e. the driver context is not active, in use). */ unsigned int MBEDTLS_PRIVATE(id); psa_driver_hash_context_t MBEDTLS_PRIVATE(ctx); +#endif }; #define PSA_HASH_OPERATION_INIT { 0, { 0 } } @@ -86,6 +90,9 @@ static inline struct psa_hash_operation_s psa_hash_operation_init(void) } struct psa_cipher_operation_s { +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) + mbedtls_psa_client_handle_t handle; +#else /** Unique ID indicating which driver got assigned to do the * operation. Since driver contexts are driver-specific, swapping * drivers halfway through the operation is not supported. @@ -100,6 +107,7 @@ struct psa_cipher_operation_s { uint8_t MBEDTLS_PRIVATE(default_iv_length); psa_driver_cipher_context_t MBEDTLS_PRIVATE(ctx); +#endif }; #define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } } @@ -114,6 +122,9 @@ static inline struct psa_cipher_operation_s psa_cipher_operation_init(void) #include "psa/crypto_driver_contexts_composites.h" struct psa_mac_operation_s { +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) + mbedtls_psa_client_handle_t handle; +#else /** Unique ID indicating which driver got assigned to do the * operation. Since driver contexts are driver-specific, swapping * drivers halfway through the operation is not supported. @@ -124,6 +135,7 @@ struct psa_mac_operation_s { uint8_t MBEDTLS_PRIVATE(mac_size); unsigned int MBEDTLS_PRIVATE(is_sign) : 1; psa_driver_mac_context_t MBEDTLS_PRIVATE(ctx); +#endif }; #define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } } @@ -134,7 +146,9 @@ static inline struct psa_mac_operation_s psa_mac_operation_init(void) } struct psa_aead_operation_s { - +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) + mbedtls_psa_client_handle_t handle; +#else /** Unique ID indicating which driver got assigned to do the * operation. Since driver contexts are driver-specific, swapping * drivers halfway through the operation is not supported. @@ -156,6 +170,7 @@ struct psa_aead_operation_s { unsigned int MBEDTLS_PRIVATE(is_encrypt) : 1; psa_driver_aead_context_t MBEDTLS_PRIVATE(ctx); +#endif }; #define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, { 0 } } @@ -170,10 +185,14 @@ static inline struct psa_aead_operation_s psa_aead_operation_init(void) #include "psa/crypto_driver_contexts_key_derivation.h" struct psa_key_derivation_s { +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) + mbedtls_psa_client_handle_t handle; +#else psa_algorithm_t MBEDTLS_PRIVATE(alg); unsigned int MBEDTLS_PRIVATE(can_output_key) : 1; size_t MBEDTLS_PRIVATE(capacity); psa_driver_key_derivation_context_t MBEDTLS_PRIVATE(ctx); +#endif }; /* This only zeroes out the first byte in the union, the rest is unspecified. */ From d0b55edea39b3da311ecb384d7c4d49dd924feb3 Mon Sep 17 00:00:00 2001 From: v1gnesh Date: Mon, 22 Jan 2024 17:13:56 +0530 Subject: [PATCH 1434/1674] Create 8726.txt changelog entry Signed-off-by: v1gnesh --- ChangeLog.d/8726.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/8726.txt diff --git a/ChangeLog.d/8726.txt b/ChangeLog.d/8726.txt new file mode 100644 index 000000000..dc789b434 --- /dev/null +++ b/ChangeLog.d/8726.txt @@ -0,0 +1,3 @@ +Features + * Add platform support for z/OS. + From bf4b5ed7a4e02358cb008bb43c20f5f3c309b7c1 Mon Sep 17 00:00:00 2001 From: Chien Wong Date: Mon, 22 Jan 2024 20:43:54 +0800 Subject: [PATCH 1435/1674] Add back restriction on AD length of GCM Fixes: bd513bb53d80276431161e5a64a2ae61740c4e68 Signed-off-by: Chien Wong --- library/gcm.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/library/gcm.c b/library/gcm.c index c677ca4d7..b31003f83 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -354,9 +354,12 @@ int mbedtls_gcm_update_ad(mbedtls_gcm_context *ctx, { const unsigned char *p; size_t use_len, offset; + uint64_t new_add_len; - /* IV is limited to 2^64 bits, so 2^61 bytes */ - if ((uint64_t) add_len >> 61 != 0) { + /* AD is limited to 2^64 bits, ie 2^61 bytes + * Also check for possible overflow */ + new_add_len = ctx->add_len + add_len; + if (new_add_len < ctx->add_len || new_add_len >> 61 != 0) { return MBEDTLS_ERR_GCM_BAD_INPUT; } From 858bc65d7485b8af9c49e96d0cf0bf803606a120 Mon Sep 17 00:00:00 2001 From: Chien Wong Date: Mon, 22 Jan 2024 20:47:26 +0800 Subject: [PATCH 1436/1674] Add comment on impossible overflows Signed-off-by: Chien Wong --- library/gcm.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/gcm.c b/library/gcm.c index b31003f83..337145b71 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -542,6 +542,9 @@ int mbedtls_gcm_finish(mbedtls_gcm_context *ctx, (void) output_size; *output_length = 0; + /* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes + * and AD length is restricted to 2^64 bits, ie 2^61 bytes so neither of + * the two multiplications would overflow. */ orig_len = ctx->len * 8; orig_add_len = ctx->add_len * 8; From 90d18343ceb1e74c3284bcc0870d6f3d3914503e Mon Sep 17 00:00:00 2001 From: Antonio de Angelis Date: Mon, 22 Jan 2024 13:15:37 +0000 Subject: [PATCH 1437/1674] Update the initialization macros The initializatio macros need to be updated to support the case where the crypto client view of the structures is being initialized Signed-off-by: Antonio de Angelis --- include/psa/crypto_struct.h | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index b43215ded..cc7731abc 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -81,8 +81,11 @@ struct psa_hash_operation_s { psa_driver_hash_context_t MBEDTLS_PRIVATE(ctx); #endif }; - +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) +#define PSA_HASH_OPERATION_INIT { 0 } +#else #define PSA_HASH_OPERATION_INIT { 0, { 0 } } +#endif static inline struct psa_hash_operation_s psa_hash_operation_init(void) { const struct psa_hash_operation_s v = PSA_HASH_OPERATION_INIT; @@ -110,7 +113,11 @@ struct psa_cipher_operation_s { #endif }; +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) +#define PSA_CIPHER_OPERATION_INIT { 0 } +#else #define PSA_CIPHER_OPERATION_INIT { 0, 0, 0, 0, { 0 } } +#endif static inline struct psa_cipher_operation_s psa_cipher_operation_init(void) { const struct psa_cipher_operation_s v = PSA_CIPHER_OPERATION_INIT; @@ -138,7 +145,11 @@ struct psa_mac_operation_s { #endif }; +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) +#define PSA_MAC_OPERATION_INIT { 0 } +#else #define PSA_MAC_OPERATION_INIT { 0, 0, 0, { 0 } } +#endif static inline struct psa_mac_operation_s psa_mac_operation_init(void) { const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT; @@ -173,7 +184,11 @@ struct psa_aead_operation_s { #endif }; +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) +#define PSA_AEAD_OPERATION_INIT { 0 } +#else #define PSA_AEAD_OPERATION_INIT { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, { 0 } } +#endif static inline struct psa_aead_operation_s psa_aead_operation_init(void) { const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT; @@ -195,8 +210,12 @@ struct psa_key_derivation_s { #endif }; +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) +#define PSA_KEY_DERIVATION_OPERATION_INIT { 0 } +#else /* This only zeroes out the first byte in the union, the rest is unspecified. */ #define PSA_KEY_DERIVATION_OPERATION_INIT { 0, 0, 0, { 0 } } +#endif static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void) { From 1c7629c1c03fcc74781bc448d5b4d5d6ffd7219c Mon Sep 17 00:00:00 2001 From: Jonathan Winzig Date: Tue, 9 Jan 2024 15:19:42 +0100 Subject: [PATCH 1438/1674] Add tests for Issue #8687 Signed-off-by: Jonathan Winzig --- tests/suites/test_suite_x509write.data | 6 ++++++ tests/suites/test_suite_x509write.function | 21 +++++++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 0f190286b..f1d4e34a5 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -265,3 +265,9 @@ mbedtls_x509_string_to_names:"C=NL, 2.5.4.10.234.532=#0C084F6666737061726B, OU=P Check max serial length x509_set_serial_check: + +Check max extension length (Max-1) +x509_set_extension_length_check:0xFFFFFFFE + +Check max extension length (Max) +x509_set_extension_length_check:0xFFFFFFFF \ No newline at end of file diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index a7ed26295..7ec655727 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -750,3 +750,24 @@ exit: USE_PSA_DONE(); } /* END_CASE */ + +/* BEGIN_CASE */ +void x509_set_extension_length_check(int val_len) +{ + int ret = 0; + + mbedtls_x509write_csr ctx; + mbedtls_x509write_csr_init(&ctx); + + unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 }; + unsigned char *p = buf + sizeof(buf); + + ret = mbedtls_x509_set_extension(&(ctx.MBEDTLS_PRIVATE(extensions)), + MBEDTLS_OID_EXTENDED_KEY_USAGE, + MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE), + 0, + p, + val_len); + TEST_ASSERT(ret == MBEDTLS_ERR_X509_BAD_INPUT_DATA || ret == MBEDTLS_ERR_X509_ALLOC_FAILED); +} +/* END_CASE */ From 63b5e216f8fcaff0f6b87bb05ffd5631158ac3c4 Mon Sep 17 00:00:00 2001 From: Jonathan Winzig Date: Tue, 9 Jan 2024 15:20:03 +0100 Subject: [PATCH 1439/1674] Fix Issue #8687 Signed-off-by: Jonathan Winzig --- library/x509_create.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/x509_create.c b/library/x509_create.c index 5e732d67f..2c17cb10c 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -380,6 +380,10 @@ int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, { mbedtls_asn1_named_data *cur; + if (0xFFFFFFFF == (uint32_t) val_len) { + return MBEDTLS_ERR_X509_BAD_INPUT_DATA; + } + if ((cur = mbedtls_asn1_store_named_data(head, oid, oid_len, NULL, val_len + 1)) == NULL) { return MBEDTLS_ERR_X509_ALLOC_FAILED; From a0c9448beaa6df9d4305c6d85fc659f10eb4ee80 Mon Sep 17 00:00:00 2001 From: Jonathan Winzig Date: Tue, 9 Jan 2024 16:41:10 +0100 Subject: [PATCH 1440/1674] Update fix to be more platform-independent Co-authored-by: David Horstmann Signed-off-by: Jonathan Winzig --- library/x509_create.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/x509_create.c b/library/x509_create.c index 2c17cb10c..751ee08ed 100644 --- a/library/x509_create.c +++ b/library/x509_create.c @@ -380,7 +380,7 @@ int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, { mbedtls_asn1_named_data *cur; - if (0xFFFFFFFF == (uint32_t) val_len) { + if (val_len > (SIZE_MAX - 1)) { return MBEDTLS_ERR_X509_BAD_INPUT_DATA; } From 93f5240ae594a5f88907a57264a1a73ee1886189 Mon Sep 17 00:00:00 2001 From: Jonathan Winzig Date: Tue, 9 Jan 2024 16:47:12 +0100 Subject: [PATCH 1441/1674] Add missing newline at the end of test_suite_x509write.data Signed-off-by: Jonathan Winzig --- tests/suites/test_suite_x509write.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index f1d4e34a5..6aa0dadb6 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -270,4 +270,4 @@ Check max extension length (Max-1) x509_set_extension_length_check:0xFFFFFFFE Check max extension length (Max) -x509_set_extension_length_check:0xFFFFFFFF \ No newline at end of file +x509_set_extension_length_check:0xFFFFFFFF From 144bfde1cd10ab6e1647628fe10ead0057395648 Mon Sep 17 00:00:00 2001 From: Jonathan Winzig Date: Tue, 9 Jan 2024 17:39:42 +0100 Subject: [PATCH 1442/1674] Update test-data to use SIZE_MAX Co-authored-by: David Horstmann Signed-off-by: Jonathan Winzig --- tests/suites/test_suite_x509write.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index 6aa0dadb6..e41de849b 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -270,4 +270,4 @@ Check max extension length (Max-1) x509_set_extension_length_check:0xFFFFFFFE Check max extension length (Max) -x509_set_extension_length_check:0xFFFFFFFF +x509_set_extension_length_check:SIZE_MAX From acd35a55c849ea0de8ffac164801cc75f286a7bd Mon Sep 17 00:00:00 2001 From: Jonathan Winzig Date: Tue, 9 Jan 2024 17:47:10 +0100 Subject: [PATCH 1443/1674] Remove unneeded testcase Signed-off-by: Jonathan Winzig --- tests/suites/test_suite_x509write.data | 7 ++----- tests/suites/test_suite_x509write.function | 6 +++--- 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index e41de849b..f63ae2bea 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -266,8 +266,5 @@ mbedtls_x509_string_to_names:"C=NL, 2.5.4.10.234.532=#0C084F6666737061726B, OU=P Check max serial length x509_set_serial_check: -Check max extension length (Max-1) -x509_set_extension_length_check:0xFFFFFFFE - -Check max extension length (Max) -x509_set_extension_length_check:SIZE_MAX +Check max extension length +x509_set_extension_length_check: diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 7ec655727..11b5f2a02 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -752,7 +752,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void x509_set_extension_length_check(int val_len) +void x509_set_extension_length_check() { int ret = 0; @@ -767,7 +767,7 @@ void x509_set_extension_length_check(int val_len) MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE), 0, p, - val_len); - TEST_ASSERT(ret == MBEDTLS_ERR_X509_BAD_INPUT_DATA || ret == MBEDTLS_ERR_X509_ALLOC_FAILED); + SIZE_MAX); + TEST_ASSERT(MBEDTLS_ERR_X509_BAD_INPUT_DATA == ret); } /* END_CASE */ From af553bf719be37876abe20fbb057fb44b4a6a6e5 Mon Sep 17 00:00:00 2001 From: Jonathan Winzig Date: Tue, 9 Jan 2024 18:31:11 +0100 Subject: [PATCH 1444/1674] Add required dependency to the testcase Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com> Signed-off-by: Jonathan Winzig --- tests/suites/test_suite_x509write.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 11b5f2a02..c557ee00e 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -751,7 +751,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_WRITE_C */ void x509_set_extension_length_check() { int ret = 0; From 968a92865966b35334655e65547da5f288722769 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 16 Jan 2024 11:16:56 +0000 Subject: [PATCH 1445/1674] Add Changelog for #8687 Signed-off-by: Paul Elliott --- ChangeLog.d/fix_int_overflow_x509_extension | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 ChangeLog.d/fix_int_overflow_x509_extension diff --git a/ChangeLog.d/fix_int_overflow_x509_extension b/ChangeLog.d/fix_int_overflow_x509_extension new file mode 100644 index 000000000..2a679284f --- /dev/null +++ b/ChangeLog.d/fix_int_overflow_x509_extension @@ -0,0 +1,8 @@ +Security + * Fix a failure to validate input when writing x509 extensions lengths which + could result in an integer overflow, causing a zero-length buffer to be + allocated to hold the extension. The extension would then be copied into + the buffer, causing a heap buffer overflow. + + + From d6b096532c936390d9a085dedb6444cee069a3ba Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 21 Nov 2023 09:33:54 +0000 Subject: [PATCH 1446/1674] Make RSA unblinding constant flow Signed-off-by: Janos Follath --- library/rsa.c | 38 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 36 insertions(+), 2 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index db0b0f74f..32a26500e 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -28,6 +28,7 @@ #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" +#include "bignum_core.h" #include "rsa_alt_helpers.h" #include "mbedtls/oid.h" #include "mbedtls/platform_util.h" @@ -969,6 +970,40 @@ cleanup: return ret; } +/* + * Unblind + * T = T * Vf mod N + */ +int rsa_unblind(mbedtls_mpi* T, mbedtls_mpi* Vf, mbedtls_mpi* N) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + const mbedtls_mpi_uint mm = mbedtls_mpi_core_montmul_init(N->p); + const size_t nlimbs = N->n; + const size_t tlimbs = mbedtls_mpi_core_montmul_working_limbs(nlimbs); + mbedtls_mpi RR, M_T; + + mbedtls_mpi_init(&RR); + mbedtls_mpi_init(&M_T); + + MBEDTLS_MPI_CHK(mbedtls_mpi_core_get_mont_r2_unsafe(&RR, N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&M_T, tlimbs)); + + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(T, nlimbs)); + MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Vf, nlimbs)); + + // T = T * R mod N + mbedtls_mpi_core_to_mont_rep(T->p, T->p, N->p, nlimbs, mm, RR.p, M_T.p); + // T = T * Vf mod N + mbedtls_mpi_core_montmul(T->p, T->p, Vf->p, nlimbs, N->p, nlimbs, mm, M_T.p); + +cleanup: + + mbedtls_mpi_free(&RR); + mbedtls_mpi_free(&M_T); + + return ret; +} + /* * Exponent blinding supposed to prevent side-channel attacks using multiple * traces of measurements to recover the RSA key. The more collisions are there, @@ -1160,8 +1195,7 @@ int mbedtls_rsa_private(mbedtls_rsa_context *ctx, * Unblind * T = T * Vf mod N */ - MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&T, &T, &ctx->Vf)); - MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&T, &T, &ctx->N)); + MBEDTLS_MPI_CHK(rsa_unblind(&T, &ctx->Vf, &ctx->N)); /* Verify the result to prevent glitching attacks. */ MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&C, &T, &ctx->E, From 6bcbc925bfe6f56c2d9871e34126cde37181ee14 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 21 Nov 2023 09:46:43 +0000 Subject: [PATCH 1447/1674] Extend blinding to RSA result check Signed-off-by: Janos Follath --- library/rsa.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index 32a26500e..5b6bf404a 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1113,8 +1113,6 @@ int mbedtls_rsa_private(mbedtls_rsa_context *ctx, goto cleanup; } - MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&I, &T)); - /* * Blinding * T = T * Vi mod N @@ -1123,6 +1121,8 @@ int mbedtls_rsa_private(mbedtls_rsa_context *ctx, MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&T, &T, &ctx->Vi)); MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&T, &T, &ctx->N)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&I, &T)); + /* * Exponent blinding */ @@ -1191,12 +1191,6 @@ int mbedtls_rsa_private(mbedtls_rsa_context *ctx, MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&T, &TQ, &TP)); #endif /* MBEDTLS_RSA_NO_CRT */ - /* - * Unblind - * T = T * Vf mod N - */ - MBEDTLS_MPI_CHK(rsa_unblind(&T, &ctx->Vf, &ctx->N)); - /* Verify the result to prevent glitching attacks. */ MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&C, &T, &ctx->E, &ctx->N, &ctx->RN)); @@ -1205,6 +1199,12 @@ int mbedtls_rsa_private(mbedtls_rsa_context *ctx, goto cleanup; } + /* + * Unblind + * T = T * Vf mod N + */ + MBEDTLS_MPI_CHK(rsa_unblind(&T, &ctx->Vf, &ctx->N)); + olen = ctx->len; MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&T, output, olen)); From a865fc951ead31a8f85bbee5d7d11bfa1a28de27 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 21 Nov 2023 09:57:27 +0000 Subject: [PATCH 1448/1674] Add Changelog for the Marvin attack fix Signed-off-by: Janos Follath --- ChangeLog.d/fix-Marvin-attack.txt | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ChangeLog.d/fix-Marvin-attack.txt diff --git a/ChangeLog.d/fix-Marvin-attack.txt b/ChangeLog.d/fix-Marvin-attack.txt new file mode 100644 index 000000000..f729304ee --- /dev/null +++ b/ChangeLog.d/fix-Marvin-attack.txt @@ -0,0 +1,6 @@ +Security + * Fix a timing side channel in RSA private operations. This side channel + could be sufficient for a local attacker to recover the plaintext. It + requires the attecker to send a large number of messages for decryption. + For details, see "Everlasting ROBOT: the Marvin Attack", Hubert Kario. + Reported by Hubert Kario, Red Hat. From 100dcddfca3c10179bc55e3c3dd82b4a468c6809 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 21 Nov 2023 12:48:52 +0000 Subject: [PATCH 1449/1674] Make local function static Signed-off-by: Janos Follath --- library/rsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/rsa.c b/library/rsa.c index 5b6bf404a..2dc6dae8d 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -974,7 +974,7 @@ cleanup: * Unblind * T = T * Vf mod N */ -int rsa_unblind(mbedtls_mpi* T, mbedtls_mpi* Vf, mbedtls_mpi* N) +static int rsa_unblind(mbedtls_mpi* T, mbedtls_mpi* Vf, mbedtls_mpi* N) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_mpi_uint mm = mbedtls_mpi_core_montmul_init(N->p); From a62a554071a0599bb7522d08c4c605588715e508 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 21 Nov 2023 14:20:08 +0000 Subject: [PATCH 1450/1674] Fix style Signed-off-by: Janos Follath --- library/rsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/rsa.c b/library/rsa.c index 2dc6dae8d..97e7228da 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -974,7 +974,7 @@ cleanup: * Unblind * T = T * Vf mod N */ -static int rsa_unblind(mbedtls_mpi* T, mbedtls_mpi* Vf, mbedtls_mpi* N) +static int rsa_unblind(mbedtls_mpi *T, mbedtls_mpi *Vf, mbedtls_mpi *N) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_mpi_uint mm = mbedtls_mpi_core_montmul_init(N->p); From e6750b2a0bf750d35172bdef12c2dcfc28213207 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 27 Dec 2023 10:22:59 +0000 Subject: [PATCH 1451/1674] RSA: document Montgomery trick in unblind Signed-off-by: Janos Follath --- library/rsa.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index 97e7228da..f57909b71 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -991,9 +991,14 @@ static int rsa_unblind(mbedtls_mpi *T, mbedtls_mpi *Vf, mbedtls_mpi *N) MBEDTLS_MPI_CHK(mbedtls_mpi_grow(T, nlimbs)); MBEDTLS_MPI_CHK(mbedtls_mpi_grow(Vf, nlimbs)); - // T = T * R mod N + /* T = T * Vf mod N + * Reminder: montmul(A, B, N) = A * B * R^-1 mod N + * Usually both operands are multiplied by R mod N beforehand (by calling + * `to_mont_rep()` on them), yielding a result that's also * R mod N (aka + * "in the Montgomery domain"). Here we only multiply one operand by R mod + * N, so the result is directly what we want - no need to call + * `from_mont_rep()` on it. */ mbedtls_mpi_core_to_mont_rep(T->p, T->p, N->p, nlimbs, mm, RR.p, M_T.p); - // T = T * Vf mod N mbedtls_mpi_core_montmul(T->p, T->p, Vf->p, nlimbs, N->p, nlimbs, mm, M_T.p); cleanup: From 47ee7708123347a925aac44709e53a13d1c486e8 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 27 Dec 2023 10:33:00 +0000 Subject: [PATCH 1452/1674] RSA: remove unneeded temporaries Signed-off-by: Janos Follath --- library/rsa.c | 21 +++------------------ 1 file changed, 3 insertions(+), 18 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index f57909b71..111af680f 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1056,18 +1056,9 @@ int mbedtls_rsa_private(mbedtls_rsa_context *ctx, /* Temporaries holding the blinded exponents for * the mod p resp. mod q computation (if used). */ mbedtls_mpi DP_blind, DQ_blind; - - /* Pointers to actual exponents to be used - either the unblinded - * or the blinded ones, depending on the presence of a PRNG. */ - mbedtls_mpi *DP = &ctx->DP; - mbedtls_mpi *DQ = &ctx->DQ; #else /* Temporary holding the blinded exponent (if used). */ mbedtls_mpi D_blind; - - /* Pointer to actual exponent to be used - either the unblinded - * or the blinded one, depending on the presence of a PRNG. */ - mbedtls_mpi *D = &ctx->D; #endif /* MBEDTLS_RSA_NO_CRT */ /* Temporaries holding the initial input and the double @@ -1143,8 +1134,6 @@ int mbedtls_rsa_private(mbedtls_rsa_context *ctx, MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&D_blind, &P1, &Q1)); MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&D_blind, &D_blind, &R)); MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&D_blind, &D_blind, &ctx->D)); - - D = &D_blind; #else /* * DP_blind = ( P - 1 ) * R + DP @@ -1155,8 +1144,6 @@ int mbedtls_rsa_private(mbedtls_rsa_context *ctx, MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&DP_blind, &DP_blind, &ctx->DP)); - DP = &DP_blind; - /* * DQ_blind = ( Q - 1 ) * R + DQ */ @@ -1165,12 +1152,10 @@ int mbedtls_rsa_private(mbedtls_rsa_context *ctx, MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&DQ_blind, &Q1, &R)); MBEDTLS_MPI_CHK(mbedtls_mpi_add_mpi(&DQ_blind, &DQ_blind, &ctx->DQ)); - - DQ = &DQ_blind; #endif /* MBEDTLS_RSA_NO_CRT */ #if defined(MBEDTLS_RSA_NO_CRT) - MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&T, &T, D, &ctx->N, &ctx->RN)); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&T, &T, &D_blind, &ctx->N, &ctx->RN)); #else /* * Faster decryption using the CRT @@ -1179,8 +1164,8 @@ int mbedtls_rsa_private(mbedtls_rsa_context *ctx, * TQ = input ^ dQ mod Q */ - MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&TP, &T, DP, &ctx->P, &ctx->RP)); - MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&TQ, &T, DQ, &ctx->Q, &ctx->RQ)); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&TP, &T, &DP_blind, &ctx->P, &ctx->RP)); + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&TQ, &T, &DQ_blind, &ctx->Q, &ctx->RQ)); /* * T = (TP - TQ) * (Q^-1 mod P) mod P From b4b8f3df3b88fec865d4c2698b94b7f3c08229c1 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 27 Dec 2023 10:44:36 +0000 Subject: [PATCH 1453/1674] RSA: improve readability Signed-off-by: Janos Follath --- library/rsa.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index 111af680f..0ca0bfead 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -974,7 +974,7 @@ cleanup: * Unblind * T = T * Vf mod N */ -static int rsa_unblind(mbedtls_mpi *T, mbedtls_mpi *Vf, mbedtls_mpi *N) +static int rsa_unblind(mbedtls_mpi *T, mbedtls_mpi *Vf, const mbedtls_mpi *N) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const mbedtls_mpi_uint mm = mbedtls_mpi_core_montmul_init(N->p); @@ -1063,7 +1063,7 @@ int mbedtls_rsa_private(mbedtls_rsa_context *ctx, /* Temporaries holding the initial input and the double * checked result; should be the same in the end. */ - mbedtls_mpi I, C; + mbedtls_mpi input_blinded, check_result_blinded; if (f_rng == NULL) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; @@ -1098,8 +1098,8 @@ int mbedtls_rsa_private(mbedtls_rsa_context *ctx, mbedtls_mpi_init(&TP); mbedtls_mpi_init(&TQ); #endif - mbedtls_mpi_init(&I); - mbedtls_mpi_init(&C); + mbedtls_mpi_init(&input_blinded); + mbedtls_mpi_init(&check_result_blinded); /* End of MPI initialization */ @@ -1117,7 +1117,7 @@ int mbedtls_rsa_private(mbedtls_rsa_context *ctx, MBEDTLS_MPI_CHK(mbedtls_mpi_mul_mpi(&T, &T, &ctx->Vi)); MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(&T, &T, &ctx->N)); - MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&I, &T)); + MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&input_blinded, &T)); /* * Exponent blinding @@ -1182,9 +1182,9 @@ int mbedtls_rsa_private(mbedtls_rsa_context *ctx, #endif /* MBEDTLS_RSA_NO_CRT */ /* Verify the result to prevent glitching attacks. */ - MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&C, &T, &ctx->E, + MBEDTLS_MPI_CHK(mbedtls_mpi_exp_mod(&check_result_blinded, &T, &ctx->E, &ctx->N, &ctx->RN)); - if (mbedtls_mpi_cmp_mpi(&C, &I) != 0) { + if (mbedtls_mpi_cmp_mpi(&check_result_blinded, &input_blinded) != 0) { ret = MBEDTLS_ERR_RSA_VERIFY_FAILED; goto cleanup; } @@ -1222,8 +1222,8 @@ cleanup: mbedtls_mpi_free(&TP); mbedtls_mpi_free(&TQ); #endif - mbedtls_mpi_free(&C); - mbedtls_mpi_free(&I); + mbedtls_mpi_free(&check_result_blinded); + mbedtls_mpi_free(&input_blinded); if (ret != 0 && ret >= -0x007f) { return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_RSA_PRIVATE_FAILED, ret); From 16ab76bbe774806079e2d5cab0c4209a4f7b0602 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Wed, 27 Dec 2023 10:47:21 +0000 Subject: [PATCH 1454/1674] Fix typo Signed-off-by: Janos Follath --- ChangeLog.d/fix-Marvin-attack.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/fix-Marvin-attack.txt b/ChangeLog.d/fix-Marvin-attack.txt index f729304ee..017f7b1f8 100644 --- a/ChangeLog.d/fix-Marvin-attack.txt +++ b/ChangeLog.d/fix-Marvin-attack.txt @@ -1,6 +1,6 @@ Security * Fix a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It - requires the attecker to send a large number of messages for decryption. + requires the attacker to send a large number of messages for decryption. For details, see "Everlasting ROBOT: the Marvin Attack", Hubert Kario. Reported by Hubert Kario, Red Hat. From 393df9c99512337b403bbe80a3a3cee30f277fc6 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Fri, 29 Dec 2023 11:14:58 +0000 Subject: [PATCH 1455/1674] Add warning for PKCS 1.5 decryption Any timing variance dependant on the output of this function enables a Bleichenbacher attack. It is extremely difficult to use safely. In the Marvin attack paper (https://people.redhat.com/~hkario/marvin/marvin-attack-paper.pdf) the author suggests that implementations of PKCS 1.5 decryption that don't include a countermeasure should be considered inherently dangerous. They suggest that all libraries implement the same countermeasure, as implementing different countermeasures across libraries enables the Bleichenbacher attack as well. This is extremely fragile and therefore we don't implement it. The use of PKCS 1.5 in Mbed TLS implements the countermeasures recommended in the TLS standard (7.4.7.1 of RFC 5246) and is not vulnerable. Add a warning to PKCS 1.5 decryption to warn users about this. Signed-off-by: Janos Follath --- include/mbedtls/rsa.h | 9 +++++++++ include/psa/crypto_values.h | 7 +++++++ 2 files changed, 16 insertions(+) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index df665240d..be831f19d 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -684,6 +684,10 @@ int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx, * It is the generic wrapper for performing a PKCS#1 decryption * operation. * + * \warning When \p ctx->padding is set to #MBEDTLS_RSA_PKCS_V15, + * mbedtls_rsa_rsaes_pkcs1_v15_decrypt() is called, which is an + * inherently dangerous function (CWE-242). + * * \note The output buffer length \c output_max_len should be * as large as the size \p ctx->len of \p ctx->N (for example, * 128 Bytes if RSA-1024 is used) to be able to hold an @@ -720,6 +724,11 @@ int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx, * \brief This function performs a PKCS#1 v1.5 decryption * operation (RSAES-PKCS1-v1_5-DECRYPT). * + * \warning This is an inherently dangerous function (CWE-242). Unless + * it is used in a side channel free and safe way (eg. + * implementing the TLS protocol as per 7.4.7.1 of RFC 5246), + * the calling code is vulnerable. + * * \note The output buffer length \c output_max_len should be * as large as the size \p ctx->len of \p ctx->N, for example, * 128 Bytes if RSA-1024 is used, to be able to hold an diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 5e33f6bd5..a17879b94 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1736,6 +1736,13 @@ 0) /** RSA PKCS#1 v1.5 encryption. + * + * \warning Calling psa_asymmetric_decrypt() with this algorithm as a + * parameter is considered an inherently dangerous function + * (CWE-242). Unless it is used in a side channel free and safe + * way (eg. implementing the TLS protocol as per 7.4.7.1 of + * RFC 5246), the calling code is vulnerable. + * */ #define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t) 0x07000200) From 0d57f1034e2ebd1b29e1adb8620b1f0b16b6fe80 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Thu, 11 Jan 2024 14:24:02 +0000 Subject: [PATCH 1456/1674] Update Marvin fix Changelog entry Upon further consideration we think that a remote attacker close to the victim might be able to have precise enough timing information to exploit the side channel as well. Update the Changelog to reflect this. Signed-off-by: Janos Follath --- ChangeLog.d/fix-Marvin-attack.txt | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/ChangeLog.d/fix-Marvin-attack.txt b/ChangeLog.d/fix-Marvin-attack.txt index 017f7b1f8..763533c25 100644 --- a/ChangeLog.d/fix-Marvin-attack.txt +++ b/ChangeLog.d/fix-Marvin-attack.txt @@ -1,6 +1,8 @@ Security - * Fix a timing side channel in RSA private operations. This side channel - could be sufficient for a local attacker to recover the plaintext. It - requires the attacker to send a large number of messages for decryption. - For details, see "Everlasting ROBOT: the Marvin Attack", Hubert Kario. - Reported by Hubert Kario, Red Hat. + * Fix a timing side channel in private key RSA operations. This side channel + could be sufficient for an attacker to recover the plaintext. A local + attacker or a remote attacker who is close to the victim on the network + might have precise enough timing measurements to exploit this. It requires + the attacker to send a large number of messages for decryption. For + details, see "Everlasting ROBOT: the Marvin Attack", Hubert Kario. Reported + by Hubert Kario, Red Hat. From 6ba416968b0c14336141501b90ef9b34ec3a3eff Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 22 Jan 2024 15:40:12 +0000 Subject: [PATCH 1457/1674] Assemble Changelog Signed-off-by: Dave Rodgman --- ChangeLog | 15 +++++++++++++++ ChangeLog.d/fix-Marvin-attack.txt | 8 -------- ChangeLog.d/fix_int_overflow_x509_extension | 8 -------- 3 files changed, 15 insertions(+), 16 deletions(-) delete mode 100644 ChangeLog.d/fix-Marvin-attack.txt delete mode 100644 ChangeLog.d/fix_int_overflow_x509_extension diff --git a/ChangeLog b/ChangeLog index 28c45f718..28f2654b4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,20 @@ Mbed TLS ChangeLog (Sorted per branch, date) += Mbed TLS 3.5.2 branch released 2024-01-26 + +Security + * Fix a timing side channel in private key RSA operations. This side channel + could be sufficient for an attacker to recover the plaintext. A local + attacker or a remote attacker who is close to the victim on the network + might have precise enough timing measurements to exploit this. It requires + the attacker to send a large number of messages for decryption. For + details, see "Everlasting ROBOT: the Marvin Attack", Hubert Kario. Reported + by Hubert Kario, Red Hat. + * Fix a failure to validate input when writing x509 extensions lengths which + could result in an integer overflow, causing a zero-length buffer to be + allocated to hold the extension. The extension would then be copied into + the buffer, causing a heap buffer overflow. + = Mbed TLS 3.5.1 branch released 2023-11-06 Changes diff --git a/ChangeLog.d/fix-Marvin-attack.txt b/ChangeLog.d/fix-Marvin-attack.txt deleted file mode 100644 index 763533c25..000000000 --- a/ChangeLog.d/fix-Marvin-attack.txt +++ /dev/null @@ -1,8 +0,0 @@ -Security - * Fix a timing side channel in private key RSA operations. This side channel - could be sufficient for an attacker to recover the plaintext. A local - attacker or a remote attacker who is close to the victim on the network - might have precise enough timing measurements to exploit this. It requires - the attacker to send a large number of messages for decryption. For - details, see "Everlasting ROBOT: the Marvin Attack", Hubert Kario. Reported - by Hubert Kario, Red Hat. diff --git a/ChangeLog.d/fix_int_overflow_x509_extension b/ChangeLog.d/fix_int_overflow_x509_extension deleted file mode 100644 index 2a679284f..000000000 --- a/ChangeLog.d/fix_int_overflow_x509_extension +++ /dev/null @@ -1,8 +0,0 @@ -Security - * Fix a failure to validate input when writing x509 extensions lengths which - could result in an integer overflow, causing a zero-length buffer to be - allocated to hold the extension. The extension would then be copied into - the buffer, causing a heap buffer overflow. - - - From e23d6479cc5925fa6221d3ca010334ad18302f4e Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 22 Jan 2024 15:45:49 +0000 Subject: [PATCH 1458/1674] Bump version ./scripts/bump_version.sh --version 3.5.1 Signed-off-by: Dave Rodgman --- CMakeLists.txt | 2 +- doxygen/input/doc_mainpage.h | 2 +- doxygen/mbedtls.doxyfile | 2 +- include/mbedtls/build_info.h | 8 ++++---- library/CMakeLists.txt | 6 +++--- tests/suites/test_suite_version.data | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 87a41d75c..4321db8c5 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -377,7 +377,7 @@ if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL) write_basic_package_version_file( "cmake/MbedTLSConfigVersion.cmake" COMPATIBILITY SameMajorVersion - VERSION 3.5.1) + VERSION 3.5.2) install( FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfig.cmake" diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h index c391c59ce..17762d726 100644 --- a/doxygen/input/doc_mainpage.h +++ b/doxygen/input/doc_mainpage.h @@ -10,7 +10,7 @@ */ /** - * @mainpage Mbed TLS v3.5.1 API Documentation + * @mainpage Mbed TLS v3.5.2 API Documentation * * This documentation describes the internal structure of Mbed TLS. It was * automatically generated from specially formatted comment blocks in diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 89048f221..cbbb7597f 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -1,4 +1,4 @@ -PROJECT_NAME = "Mbed TLS v3.5.1" +PROJECT_NAME = "Mbed TLS v3.5.2" OUTPUT_DIRECTORY = ../apidoc/ FULL_PATH_NAMES = NO OPTIMIZE_OUTPUT_FOR_C = YES diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index c4fab1205..87e3c2ea1 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -26,16 +26,16 @@ */ #define MBEDTLS_VERSION_MAJOR 3 #define MBEDTLS_VERSION_MINOR 5 -#define MBEDTLS_VERSION_PATCH 1 +#define MBEDTLS_VERSION_PATCH 2 /** * The single version number has the following structure: * MMNNPP00 * Major version | Minor version | Patch version */ -#define MBEDTLS_VERSION_NUMBER 0x03050100 -#define MBEDTLS_VERSION_STRING "3.5.1" -#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.5.1" +#define MBEDTLS_VERSION_NUMBER 0x03050200 +#define MBEDTLS_VERSION_STRING "3.5.2" +#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 3.5.2" /* Macros for build-time platform detection */ diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index eeda06aee..fcd00a0ab 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -296,7 +296,7 @@ endif(USE_STATIC_MBEDTLS_LIBRARY) if(USE_SHARED_MBEDTLS_LIBRARY) set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR}) add_library(${mbedcrypto_target} SHARED ${src_crypto}) - set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.5.1 SOVERSION 15) + set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.5.2 SOVERSION 15) target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) if(TARGET ${everest_target}) @@ -308,11 +308,11 @@ if(USE_SHARED_MBEDTLS_LIBRARY) endif() add_library(${mbedx509_target} SHARED ${src_x509}) - set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.5.1 SOVERSION 6) + set_target_properties(${mbedx509_target} PROPERTIES VERSION 3.5.2 SOVERSION 6) target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) add_library(${mbedtls_target} SHARED ${src_tls}) - set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.5.1 SOVERSION 20) + set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.5.2 SOVERSION 20) target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) endif(USE_SHARED_MBEDTLS_LIBRARY) diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data index faa31662a..6290331c1 100644 --- a/tests/suites/test_suite_version.data +++ b/tests/suites/test_suite_version.data @@ -1,8 +1,8 @@ Check compile time library version -check_compiletime_version:"3.5.1" +check_compiletime_version:"3.5.2" Check runtime library version -check_runtime_version:"3.5.1" +check_runtime_version:"3.5.2" Check for MBEDTLS_VERSION_C check_feature:"MBEDTLS_VERSION_C":0 From fd49a46a36dff40be6ceff28bc500d6d541a532f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 23 Jan 2024 08:35:11 +0100 Subject: [PATCH 1459/1674] pkparse: rename RSA key and pubkey parsing functions Signed-off-by: Valerio Setti --- library/pkparse.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 5f95545af..4dd327640 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -764,9 +764,9 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, * publicExponent INTEGER -- e * } */ -static int pk_get_rsapubkey(unsigned char **p, - const unsigned char *end, - mbedtls_rsa_context *rsa) +static int mbedtls_rsa_pubkey_parse(mbedtls_rsa_context *rsa, + unsigned char **p, + const unsigned char *end) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -911,7 +911,7 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, #if defined(MBEDTLS_RSA_C) if (pk_alg == MBEDTLS_PK_RSA) { - ret = pk_get_rsapubkey(p, end, mbedtls_pk_rsa(*pk)); + ret = mbedtls_rsa_pubkey_parse(mbedtls_pk_rsa(*pk), p, end); } else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) @@ -976,9 +976,9 @@ static int asn1_get_nonzero_mpi(unsigned char **p, /* * Parse a PKCS#1 encoded private RSA key */ -static int pk_parse_key_pkcs1_der(mbedtls_rsa_context *rsa, - const unsigned char *key, - size_t keylen) +static int mbedtls_rsa_key_parse(mbedtls_rsa_context *rsa, + const unsigned char *key, + size_t keylen) { int ret, version; size_t len; @@ -1348,7 +1348,7 @@ static int pk_parse_key_pkcs8_unencrypted_der( #if defined(MBEDTLS_RSA_C) if (pk_alg == MBEDTLS_PK_RSA) { - if ((ret = pk_parse_key_pkcs1_der(mbedtls_pk_rsa(*pk), p, len)) != 0) { + if ((ret = mbedtls_rsa_key_parse(mbedtls_pk_rsa(*pk), p, len)) != 0) { mbedtls_pk_free(pk); return ret; } @@ -1538,8 +1538,8 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, if (ret == 0) { pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA); if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0 || - (ret = pk_parse_key_pkcs1_der(mbedtls_pk_rsa(*pk), - pem.buf, pem.buflen)) != 0) { + (ret = mbedtls_rsa_key_parse(mbedtls_pk_rsa(*pk), + pem.buf, pem.buflen)) != 0) { mbedtls_pk_free(pk); } @@ -1679,7 +1679,7 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA); if (mbedtls_pk_setup(pk, pk_info) == 0 && - pk_parse_key_pkcs1_der(mbedtls_pk_rsa(*pk), key, keylen) == 0) { + mbedtls_rsa_key_parse(mbedtls_pk_rsa(*pk), key, keylen) == 0) { return 0; } @@ -1754,7 +1754,7 @@ int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, return ret; } - if ((ret = pk_get_rsapubkey(&p, p + pem.buflen, mbedtls_pk_rsa(*ctx))) != 0) { + if ((ret = mbedtls_rsa_pubkey_parse(mbedtls_pk_rsa(*ctx), &p, p + pem.buflen)) != 0) { mbedtls_pk_free(ctx); } @@ -1801,7 +1801,7 @@ int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, } p = (unsigned char *) key; - ret = pk_get_rsapubkey(&p, p + keylen, mbedtls_pk_rsa(*ctx)); + ret = mbedtls_rsa_pubkey_parse(mbedtls_pk_rsa(*ctx), &p, p + keylen); if (ret == 0) { return ret; } From 429cd50ac8ce62351e26da900f7f610005fd929f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 23 Jan 2024 09:10:22 +0100 Subject: [PATCH 1460/1674] pkwrite: split pk_write_rsa_der() with a dedicated function for non-opaque RSA key Signed-off-by: Valerio Setti --- library/pkwrite.c | 185 +++++++++++++++++++++++----------------------- 1 file changed, 92 insertions(+), 93 deletions(-) diff --git a/library/pkwrite.c b/library/pkwrite.c index 1f0d3990e..89305250e 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -62,13 +62,12 @@ * publicExponent INTEGER -- e * } */ -static int pk_write_rsa_pubkey(unsigned char **p, unsigned char *start, - const mbedtls_pk_context *pk) +static int mbedtls_rsa_pubkey_write(unsigned char **p, unsigned char *start, + const mbedtls_rsa_context *rsa) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len = 0; mbedtls_mpi T; - mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); mbedtls_mpi_init(&T); @@ -100,16 +99,99 @@ end_of_export: return (int) len; } -static int pk_write_rsa_der(unsigned char **p, unsigned char *buf, - const mbedtls_pk_context *pk) +static int mbedtls_rsa_key_write(unsigned char **p, unsigned char *start, + const mbedtls_rsa_context *rsa) { size_t len = 0; int ret; + mbedtls_mpi T; /* Temporary holding the exported parameters */ + + /* + * Export the parameters one after another to avoid simultaneous copies. + */ + + mbedtls_mpi_init(&T); + + /* Export QP */ + if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export DQ */ + if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export DP */ + if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export Q */ + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, &T, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export P */ + if ((ret = mbedtls_rsa_export(rsa, NULL, &T, NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export D */ + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, &T, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export E */ + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export N */ + if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + +end_of_export: + + mbedtls_mpi_free(&T); + if (ret < 0) { + return ret; + } + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, start, 0)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + + return (int) len; +} + +static int pk_write_rsa_der(unsigned char **p, unsigned char *buf, + const mbedtls_pk_context *pk) +{ #if defined(MBEDTLS_USE_PSA_CRYPTO) if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) { uint8_t tmp[PSA_EXPORT_KEY_PAIR_MAX_SIZE]; - size_t tmp_len = 0; + size_t len = 0, tmp_len = 0; if (psa_export_key(pk->priv_id, tmp, sizeof(tmp), &tmp_len) != PSA_SUCCESS) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -118,94 +200,11 @@ static int pk_write_rsa_der(unsigned char **p, unsigned char *buf, memcpy(*p, tmp, tmp_len); len += tmp_len; mbedtls_platform_zeroize(tmp, sizeof(tmp)); - } else -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - { - mbedtls_mpi T; /* Temporary holding the exported parameters */ - mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); - /* - * Export the parameters one after another to avoid simultaneous copies. - */ - - mbedtls_mpi_init(&T); - - /* Export QP */ - if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export DQ */ - if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export DP */ - if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export Q */ - if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, - &T, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export P */ - if ((ret = mbedtls_rsa_export(rsa, NULL, &T, - NULL, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export D */ - if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, - NULL, &T, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export E */ - if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, - NULL, NULL, &T)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export N */ - if ((ret = mbedtls_rsa_export(rsa, &T, NULL, - NULL, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { - goto end_of_export; - } - len += ret; - -end_of_export: - - mbedtls_mpi_free(&T); - if (ret < 0) { - return ret; - } - - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 0)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, - buf, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE)); + return (int) len; } - - return (int) len; +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + return mbedtls_rsa_key_write(p, buf, mbedtls_pk_rsa(*pk)); } #endif /* MBEDTLS_RSA_C */ @@ -543,7 +542,7 @@ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, #if defined(MBEDTLS_RSA_C) if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { - MBEDTLS_ASN1_CHK_ADD(len, pk_write_rsa_pubkey(p, start, key)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_rsa_pubkey_write(p, start, mbedtls_pk_rsa(*key))); } else #endif #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) From 00b530e3957061a06663e1785dc923ee0b7e7c95 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 23 Jan 2024 09:36:34 +0000 Subject: [PATCH 1461/1674] Limit compiler hint to compilers that are known to benefit from it Signed-off-by: Dave Rodgman --- library/common.h | 50 ++++++++++++++++++++++++++++++++---------------- 1 file changed, 33 insertions(+), 17 deletions(-) diff --git a/library/common.h b/library/common.h index 2eb917037..937c80284 100644 --- a/library/common.h +++ b/library/common.h @@ -199,30 +199,40 @@ static inline void mbedtls_xor(unsigned char *r, uint8x16_t x = veorq_u8(v1, v2); vst1q_u8(r + i, x); } +#if defined(__IAR_SYSTEMS_ICC__) /* This if statement helps some compilers (e.g., IAR) optimise out the byte-by-byte tail case * where n is a constant multiple of 16. - * It makes no difference for others (e.g. recent gcc and clang) if n is a compile-time - * constant, and very little difference if n is not a compile-time constant. */ - if (n % 16 != 0) + * For other compilers (e.g. recent gcc and clang) it makes no difference if n is a compile-time + * constant, and is a very small perf regression if n is not a compile-time constant. */ + if (n % 16 == 0) { + return; + } +#endif #elif defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_ARM64) /* This codepath probably only makes sense on architectures with 64-bit registers */ for (; (i + 8) <= n; i += 8) { uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i); mbedtls_put_unaligned_uint64(r + i, x); } - if (n % 8 != 0) +#if defined(__IAR_SYSTEMS_ICC__) + if (n % 8 == 0) { + return; + } +#endif #else for (; (i + 4) <= n; i += 4) { uint32_t x = mbedtls_get_unaligned_uint32(a + i) ^ mbedtls_get_unaligned_uint32(b + i); mbedtls_put_unaligned_uint32(r + i, x); } - if (n % 4 != 0) +#if defined(__IAR_SYSTEMS_ICC__) + if (n % 4 == 0) { + return; + } #endif #endif - { - for (; i < n; i++) { - r[i] = a[i] ^ b[i]; - } +#endif + for (; i < n; i++) { + r[i] = a[i] ^ b[i]; } } @@ -268,23 +278,29 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i); mbedtls_put_unaligned_uint64(r + i, x); } +#if defined(__IAR_SYSTEMS_ICC__) /* This if statement helps some compilers (e.g., IAR) optimise out the byte-by-byte tail case * where n is a constant multiple of 16. - * It makes no difference for others (e.g. recent gcc and clang) if n is a compile-time - * constant, and very little difference if n is not a compile-time constant. */ - if (n % 8 != 0) + * For other compilers (e.g. recent gcc and clang) it makes no difference if n is a compile-time + * constant, and is a very small perf regression if n is not a compile-time constant. */ + if (n % 8 == 0) { + return; + } +#endif #else for (; (i + 4) <= n; i += 4) { uint32_t x = mbedtls_get_unaligned_uint32(a + i) ^ mbedtls_get_unaligned_uint32(b + i); mbedtls_put_unaligned_uint32(r + i, x); } - if (n % 4 != 0) +#if defined(__IAR_SYSTEMS_ICC__) + if (n % 4 == 0) { + return; + } #endif #endif - { - for (; i < n; i++) { - r[i] = a[i] ^ b[i]; - } +#endif + for (; i < n; i++) { + r[i] = a[i] ^ b[i]; } } From 468c02cf617234626c4008aae821f7245ec14117 Mon Sep 17 00:00:00 2001 From: v1gnesh Date: Tue, 23 Jan 2024 15:29:40 +0530 Subject: [PATCH 1462/1674] Update ChangeLog.d/8726.txt Co-authored-by: Janos Follath Signed-off-by: v1gnesh --- ChangeLog.d/8726.txt | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ChangeLog.d/8726.txt b/ChangeLog.d/8726.txt index dc789b434..c1e5a4015 100644 --- a/ChangeLog.d/8726.txt +++ b/ChangeLog.d/8726.txt @@ -1,3 +1,2 @@ Features - * Add platform support for z/OS. - + * Add partial platform support for z/OS. From c64280a2d71f6e88835787b2121857f063af7029 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 23 Jan 2024 10:03:22 +0000 Subject: [PATCH 1463/1674] Fix comment typo Signed-off-by: Dave Rodgman --- library/common.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/common.h b/library/common.h index 937c80284..3936ffdfe 100644 --- a/library/common.h +++ b/library/common.h @@ -280,7 +280,7 @@ static inline void mbedtls_xor_no_simd(unsigned char *r, } #if defined(__IAR_SYSTEMS_ICC__) /* This if statement helps some compilers (e.g., IAR) optimise out the byte-by-byte tail case - * where n is a constant multiple of 16. + * where n is a constant multiple of 8. * For other compilers (e.g. recent gcc and clang) it makes no difference if n is a compile-time * constant, and is a very small perf regression if n is not a compile-time constant. */ if (n % 8 == 0) { From 019c2a7817c702f5d7826bc14badf2a5c7a36c4d Mon Sep 17 00:00:00 2001 From: Chien Wong Date: Tue, 23 Jan 2024 21:38:06 +0800 Subject: [PATCH 1464/1674] Handle sizeof(size_t) > sizeof(uint64_t) Signed-off-by: Chien Wong --- library/gcm.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/library/gcm.c b/library/gcm.c index 337145b71..033cb5901 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -358,7 +358,12 @@ int mbedtls_gcm_update_ad(mbedtls_gcm_context *ctx, /* AD is limited to 2^64 bits, ie 2^61 bytes * Also check for possible overflow */ - new_add_len = ctx->add_len + add_len; +#if SIZE_MAX > 0xFFFFFFFFFFFFFFFFULL + if (add_len > 0xFFFFFFFFFFFFFFFFULL) { + return MBEDTLS_ERR_GCM_BAD_INPUT; + } +#endif + new_add_len = ctx->add_len + (uint64_t) add_len; if (new_add_len < ctx->add_len || new_add_len >> 61 != 0) { return MBEDTLS_ERR_GCM_BAD_INPUT; } From b328c449329e92fe4bbc92890f81dbc363c01ad4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 23 Jan 2024 10:48:45 +0100 Subject: [PATCH 1465/1674] pk/rsa: move RSA parse/write private/public key functions to rsa module These functions are meant to be used internally, so their prototype declaration is kept into rsa_internal.h. Signed-off-by: Valerio Setti --- library/pkparse.c | 252 +--------------------------- library/pkwrite.c | 136 +-------------- library/rsa.c | 373 +++++++++++++++++++++++++++++++++++++++++ library/rsa_internal.h | 43 +++++ 4 files changed, 422 insertions(+), 382 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 4dd327640..2708c8c75 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -28,6 +28,7 @@ /* Key types */ #if defined(MBEDTLS_RSA_C) #include "mbedtls/rsa.h" +#include "rsa_internal.h" #endif /* Extended formats */ @@ -757,68 +758,6 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ -#if defined(MBEDTLS_RSA_C) -/* - * RSAPublicKey ::= SEQUENCE { - * modulus INTEGER, -- n - * publicExponent INTEGER -- e - * } - */ -static int mbedtls_rsa_pubkey_parse(mbedtls_rsa_context *rsa, - unsigned char **p, - const unsigned char *end) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t len; - - if ((ret = mbedtls_asn1_get_tag(p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); - } - - if (*p + len != end) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); - } - - /* Import N */ - if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); - } - - if ((ret = mbedtls_rsa_import_raw(rsa, *p, len, NULL, 0, NULL, 0, - NULL, 0, NULL, 0)) != 0) { - return MBEDTLS_ERR_PK_INVALID_PUBKEY; - } - - *p += len; - - /* Import E */ - if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); - } - - if ((ret = mbedtls_rsa_import_raw(rsa, NULL, 0, NULL, 0, NULL, 0, - NULL, 0, *p, len)) != 0) { - return MBEDTLS_ERR_PK_INVALID_PUBKEY; - } - - *p += len; - - if (mbedtls_rsa_complete(rsa) != 0 || - mbedtls_rsa_check_pubkey(rsa) != 0) { - return MBEDTLS_ERR_PK_INVALID_PUBKEY; - } - - if (*p != end) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); - } - - return 0; -} -#endif /* MBEDTLS_RSA_C */ - /* Get a PK algorithm identifier * * AlgorithmIdentifier ::= SEQUENCE { @@ -944,195 +883,6 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, return ret; } -#if defined(MBEDTLS_RSA_C) -/* - * Wrapper around mbedtls_asn1_get_mpi() that rejects zero. - * - * The value zero is: - * - never a valid value for an RSA parameter - * - interpreted as "omitted, please reconstruct" by mbedtls_rsa_complete(). - * - * Since values can't be omitted in PKCS#1, passing a zero value to - * rsa_complete() would be incorrect, so reject zero values early. - */ -static int asn1_get_nonzero_mpi(unsigned char **p, - const unsigned char *end, - mbedtls_mpi *X) -{ - int ret; - - ret = mbedtls_asn1_get_mpi(p, end, X); - if (ret != 0) { - return ret; - } - - if (mbedtls_mpi_cmp_int(X, 0) == 0) { - return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; - } - - return 0; -} - -/* - * Parse a PKCS#1 encoded private RSA key - */ -static int mbedtls_rsa_key_parse(mbedtls_rsa_context *rsa, - const unsigned char *key, - size_t keylen) -{ - int ret, version; - size_t len; - unsigned char *p, *end; - - mbedtls_mpi T; - mbedtls_mpi_init(&T); - - p = (unsigned char *) key; - end = p + keylen; - - /* - * This function parses the RSAPrivateKey (PKCS#1) - * - * RSAPrivateKey ::= SEQUENCE { - * version Version, - * modulus INTEGER, -- n - * publicExponent INTEGER, -- e - * privateExponent INTEGER, -- d - * prime1 INTEGER, -- p - * prime2 INTEGER, -- q - * exponent1 INTEGER, -- d mod (p-1) - * exponent2 INTEGER, -- d mod (q-1) - * coefficient INTEGER, -- (inverse of q) mod p - * otherPrimeInfos OtherPrimeInfos OPTIONAL - * } - */ - if ((ret = mbedtls_asn1_get_tag(&p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); - } - - end = p + len; - - if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); - } - - if (version != 0) { - return MBEDTLS_ERR_PK_KEY_INVALID_VERSION; - } - - /* Import N */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_rsa_import(rsa, &T, NULL, NULL, - NULL, NULL)) != 0) { - goto cleanup; - } - - /* Import E */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_rsa_import(rsa, NULL, NULL, NULL, - NULL, &T)) != 0) { - goto cleanup; - } - - /* Import D */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_rsa_import(rsa, NULL, NULL, NULL, - &T, NULL)) != 0) { - goto cleanup; - } - - /* Import P */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_rsa_import(rsa, NULL, &T, NULL, - NULL, NULL)) != 0) { - goto cleanup; - } - - /* Import Q */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_rsa_import(rsa, NULL, NULL, &T, - NULL, NULL)) != 0) { - goto cleanup; - } - -#if !defined(MBEDTLS_RSA_NO_CRT) && !defined(MBEDTLS_RSA_ALT) - /* - * The RSA CRT parameters DP, DQ and QP are nominally redundant, in - * that they can be easily recomputed from D, P and Q. However by - * parsing them from the PKCS1 structure it is possible to avoid - * recalculating them which both reduces the overhead of loading - * RSA private keys into memory and also avoids side channels which - * can arise when computing those values, since all of D, P, and Q - * are secret. See https://eprint.iacr.org/2020/055 for a - * description of one such attack. - */ - - /* Import DP */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_mpi_copy(&rsa->DP, &T)) != 0) { - goto cleanup; - } - - /* Import DQ */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_mpi_copy(&rsa->DQ, &T)) != 0) { - goto cleanup; - } - - /* Import QP */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_mpi_copy(&rsa->QP, &T)) != 0) { - goto cleanup; - } - -#else - /* Verify existence of the CRT params */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0) { - goto cleanup; - } -#endif - - /* rsa_complete() doesn't complete anything with the default - * implementation but is still called: - * - for the benefit of alternative implementation that may want to - * pre-compute stuff beyond what's provided (eg Montgomery factors) - * - as is also sanity-checks the key - * - * Furthermore, we also check the public part for consistency with - * mbedtls_pk_parse_pubkey(), as it includes size minima for example. - */ - if ((ret = mbedtls_rsa_complete(rsa)) != 0 || - (ret = mbedtls_rsa_check_pubkey(rsa)) != 0) { - goto cleanup; - } - - if (p != end) { - ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); - } - -cleanup: - - mbedtls_mpi_free(&T); - - if (ret != 0) { - /* Wrap error code if it's coming from a lower level */ - if ((ret & 0xff80) == 0) { - ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); - } else { - ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; - } - - mbedtls_rsa_free(rsa); - } - - return ret; -} -#endif /* MBEDTLS_RSA_C */ - #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) /* * Parse a SEC1 encoded private EC key diff --git a/library/pkwrite.c b/library/pkwrite.c index 89305250e..91529eb75 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -32,6 +32,9 @@ #if defined(MBEDTLS_PEM_WRITE_C) #include "mbedtls/pem.h" #endif +#if defined(MBEDTLS_RSA_C) +#include "rsa_internal.h" +#endif #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa/crypto.h" @@ -56,135 +59,6 @@ * Internal functions for RSA keys. ******************************************************************************/ #if defined(MBEDTLS_RSA_C) -/* - * RSAPublicKey ::= SEQUENCE { - * modulus INTEGER, -- n - * publicExponent INTEGER -- e - * } - */ -static int mbedtls_rsa_pubkey_write(unsigned char **p, unsigned char *start, - const mbedtls_rsa_context *rsa) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t len = 0; - mbedtls_mpi T; - - mbedtls_mpi_init(&T); - - /* Export E */ - if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export N */ - if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - -end_of_export: - - mbedtls_mpi_free(&T); - if (ret < 0) { - return ret; - } - - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE)); - - return (int) len; -} - -static int mbedtls_rsa_key_write(unsigned char **p, unsigned char *start, - const mbedtls_rsa_context *rsa) -{ - size_t len = 0; - int ret; - - mbedtls_mpi T; /* Temporary holding the exported parameters */ - - /* - * Export the parameters one after another to avoid simultaneous copies. - */ - - mbedtls_mpi_init(&T); - - /* Export QP */ - if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export DQ */ - if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export DP */ - if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export Q */ - if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, &T, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export P */ - if ((ret = mbedtls_rsa_export(rsa, NULL, &T, NULL, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export D */ - if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, &T, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export E */ - if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export N */ - if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - -end_of_export: - - mbedtls_mpi_free(&T); - if (ret < 0) { - return ret; - } - - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, start, 0)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE)); - - return (int) len; -} - static int pk_write_rsa_der(unsigned char **p, unsigned char *buf, const mbedtls_pk_context *pk) { @@ -204,7 +78,7 @@ static int pk_write_rsa_der(unsigned char **p, unsigned char *buf, return (int) len; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - return mbedtls_rsa_key_write(p, buf, mbedtls_pk_rsa(*pk)); + return mbedtls_rsa_key_write(mbedtls_pk_rsa(*pk), buf, p); } #endif /* MBEDTLS_RSA_C */ @@ -542,7 +416,7 @@ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, #if defined(MBEDTLS_RSA_C) if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_rsa_pubkey_write(p, start, mbedtls_pk_rsa(*key))); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_rsa_pubkey_write(mbedtls_pk_rsa(*key), start, p)); } else #endif #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) diff --git a/library/rsa.c b/library/rsa.c index 2b9f85b73..a18c4b1b0 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -31,6 +31,7 @@ #include "rsa_alt_helpers.h" #include "rsa_internal.h" #include "mbedtls/oid.h" +#include "mbedtls/asn1write.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" #include "constant_time_internal.h" @@ -659,6 +660,378 @@ size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx) return ctx->len; } +/* + * Wrapper around mbedtls_asn1_get_mpi() that rejects zero. + * + * The value zero is: + * - never a valid value for an RSA parameter + * - interpreted as "omitted, please reconstruct" by mbedtls_rsa_complete(). + * + * Since values can't be omitted in PKCS#1, passing a zero value to + * rsa_complete() would be incorrect, so reject zero values early. + */ +static int asn1_get_nonzero_mpi(unsigned char **p, + const unsigned char *end, + mbedtls_mpi *X) +{ + int ret; + + ret = mbedtls_asn1_get_mpi(p, end, X); + if (ret != 0) { + return ret; + } + + if (mbedtls_mpi_cmp_int(X, 0) == 0) { + return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + + return 0; +} + +/* + * Parse a PKCS#1 encoded private RSA key + */ +int mbedtls_rsa_key_parse(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen) +{ + int ret, version; + size_t len; + unsigned char *p, *end; + + mbedtls_mpi T; + mbedtls_mpi_init(&T); + + p = (unsigned char *) key; + end = p + keylen; + + /* + * This function parses the RSAPrivateKey (PKCS#1) + * + * RSAPrivateKey ::= SEQUENCE { + * version Version, + * modulus INTEGER, -- n + * publicExponent INTEGER, -- e + * privateExponent INTEGER, -- d + * prime1 INTEGER, -- p + * prime2 INTEGER, -- q + * exponent1 INTEGER, -- d mod (p-1) + * exponent2 INTEGER, -- d mod (q-1) + * coefficient INTEGER, -- (inverse of q) mod p + * otherPrimeInfos OtherPrimeInfos OPTIONAL + * } + */ + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } + + end = p + len; + + if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } + + if (version != 0) { + return MBEDTLS_ERR_PK_KEY_INVALID_VERSION; + } + + /* Import N */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, &T, NULL, NULL, + NULL, NULL)) != 0) { + goto cleanup; + } + + /* Import E */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, NULL, NULL, + NULL, &T)) != 0) { + goto cleanup; + } + + /* Import D */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, NULL, NULL, + &T, NULL)) != 0) { + goto cleanup; + } + + /* Import P */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, &T, NULL, + NULL, NULL)) != 0) { + goto cleanup; + } + + /* Import Q */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, NULL, &T, + NULL, NULL)) != 0) { + goto cleanup; + } + +#if !defined(MBEDTLS_RSA_NO_CRT) && !defined(MBEDTLS_RSA_ALT) + /* + * The RSA CRT parameters DP, DQ and QP are nominally redundant, in + * that they can be easily recomputed from D, P and Q. However by + * parsing them from the PKCS1 structure it is possible to avoid + * recalculating them which both reduces the overhead of loading + * RSA private keys into memory and also avoids side channels which + * can arise when computing those values, since all of D, P, and Q + * are secret. See https://eprint.iacr.org/2020/055 for a + * description of one such attack. + */ + + /* Import DP */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_mpi_copy(&rsa->DP, &T)) != 0) { + goto cleanup; + } + + /* Import DQ */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_mpi_copy(&rsa->DQ, &T)) != 0) { + goto cleanup; + } + + /* Import QP */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_mpi_copy(&rsa->QP, &T)) != 0) { + goto cleanup; + } + +#else + /* Verify existence of the CRT params */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0) { + goto cleanup; + } +#endif + + /* rsa_complete() doesn't complete anything with the default + * implementation but is still called: + * - for the benefit of alternative implementation that may want to + * pre-compute stuff beyond what's provided (eg Montgomery factors) + * - as is also sanity-checks the key + * + * Furthermore, we also check the public part for consistency with + * mbedtls_pk_parse_pubkey(), as it includes size minima for example. + */ + if ((ret = mbedtls_rsa_complete(rsa)) != 0 || + (ret = mbedtls_rsa_check_pubkey(rsa)) != 0) { + goto cleanup; + } + + if (p != end) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + +cleanup: + + mbedtls_mpi_free(&T); + + if (ret != 0) { + /* Wrap error code if it's coming from a lower level */ + if ((ret & 0xff80) == 0) { + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + } else { + ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + } + + mbedtls_rsa_free(rsa); + } + + return ret; +} + +/* + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER -- e + * } + */ +int mbedtls_rsa_pubkey_parse(mbedtls_rsa_context *rsa, unsigned char **p, + const unsigned char *end) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t len; + + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + } + + if (*p + len != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + + /* Import N */ + if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + } + + if ((ret = mbedtls_rsa_import_raw(rsa, *p, len, NULL, 0, NULL, 0, + NULL, 0, NULL, 0)) != 0) { + return MBEDTLS_ERR_PK_INVALID_PUBKEY; + } + + *p += len; + + /* Import E */ + if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + } + + if ((ret = mbedtls_rsa_import_raw(rsa, NULL, 0, NULL, 0, NULL, 0, + NULL, 0, *p, len)) != 0) { + return MBEDTLS_ERR_PK_INVALID_PUBKEY; + } + + *p += len; + + if (mbedtls_rsa_complete(rsa) != 0 || + mbedtls_rsa_check_pubkey(rsa) != 0) { + return MBEDTLS_ERR_PK_INVALID_PUBKEY; + } + + if (*p != end) { + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + } + + return 0; +} + +int mbedtls_rsa_key_write(const mbedtls_rsa_context *rsa, unsigned char *start, + unsigned char **p) +{ + size_t len = 0; + int ret; + + mbedtls_mpi T; /* Temporary holding the exported parameters */ + + /* + * Export the parameters one after another to avoid simultaneous copies. + */ + + mbedtls_mpi_init(&T); + + /* Export QP */ + if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export DQ */ + if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export DP */ + if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export Q */ + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, &T, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export P */ + if ((ret = mbedtls_rsa_export(rsa, NULL, &T, NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export D */ + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, &T, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export E */ + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export N */ + if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + +end_of_export: + + mbedtls_mpi_free(&T); + if (ret < 0) { + return ret; + } + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, start, 0)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + + return (int) len; +} + +/* + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER -- e + * } + */ +int mbedtls_rsa_pubkey_write(const mbedtls_rsa_context *rsa, unsigned char *start, + unsigned char **p) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t len = 0; + mbedtls_mpi T; + + mbedtls_mpi_init(&T); + + /* Export E */ + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export N */ + if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + +end_of_export: + + mbedtls_mpi_free(&T); + if (ret < 0) { + return ret; + } + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + + return (int) len; +} #if defined(MBEDTLS_GENPRIME) diff --git a/library/rsa_internal.h b/library/rsa_internal.h index 4081ac639..dee787f33 100644 --- a/library/rsa_internal.h +++ b/library/rsa_internal.h @@ -16,6 +16,49 @@ #include "mbedtls/rsa.h" +/** + * \brief + * + * \param rsa + * \param key + * \param keylen + * \return int + */ +int mbedtls_rsa_key_parse(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen); + +/** + * \brief + * + * \param rsa + * \param p + * \param end + * \return int + */ +int mbedtls_rsa_pubkey_parse(mbedtls_rsa_context *rsa, unsigned char **p, + const unsigned char *end); + +/** + * \brief + * + * \param p + * \param start + * \param rsa + * \return int + */ +int mbedtls_rsa_key_write(const mbedtls_rsa_context *rsa, unsigned char *start, + unsigned char **p); + +/** + * \brief + * + * \param p + * \param start + * \param rsa + * \return int + */ +int mbedtls_rsa_pubkey_write(const mbedtls_rsa_context *rsa, unsigned char *start, + unsigned char **p); + #if defined(MBEDTLS_PKCS1_V21) /** * \brief This function is analogue to \c mbedtls_rsa_rsassa_pss_sign(). From 8e6093dd9f54f1278ee4df1472376ef2e5d01386 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 23 Jan 2024 15:19:07 +0100 Subject: [PATCH 1466/1674] test_suite_rsa: add some basic testing of new parse/write priv/pub keys Signed-off-by: Valerio Setti --- tests/suites/test_suite_rsa.data | 12 +++++++++++ tests/suites/test_suite_rsa.function | 31 ++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 0a60f314e..de5e5699a 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -615,3 +615,15 @@ rsa_pkcs1_encrypt_bad_rng:"4E636AF98E40F3ADCFCCB698F4E80B9F":MBEDTLS_RSA_PKCS_V1 RSA Selftest depends_on:MBEDTLS_SELF_TEST rsa_selftest: + +RSA parse/write PKCS#1 private key - 1024 bits +rsa_import_pkcs1_key:0:"3082025d020100028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb702030100010281801e97247066217ff6303881341a259c4bcd3e147f87f1a714045e80a06b541847e2ce54a78801d21b302fd33f616d6ed7cfa8a262ef5e23257a1642b5fc5a61577f7dba2324e687a10b25751c78996e72d5a8c3bc4e33e4a2a96b2b44b6685e85c37200a34381269250b59f65468ea4288713c4ae3e0e064e524a53a5d7e1ec91024100cbd11d9aad72bfb8db4e6bc7c6910661b3f38fbfa368d6dba0cd6c9aa3a716c03fa374bf8b2e7ba73a216d6ded9468fbaa3d130ee376190cc41ef30419a7da1d024100c7c0e189209483f36ee00a67474960c6ddf0d3a63ca0c76955fe9f358435a5e5318c35397c4245042e0dfabf8decedfd36e4d211349b8ecc4c1baac83f30d4e3024008e692f2644cb48eb01516a3dcca0c8b4bbe81328f424ecfbc8ffc042ccd6932f014854eb017519315f8cbbc973979f4339503360d3ce50f27a96a576d7f65090241009c9b4ef74870c7a6b215ba7250446a385fc6b0d8d30da669a23f172948f71a923f2f528738316894a75ad46d1be3568ec05bd38a23b995d1fc1570e6c00c13cb0241008716c9fa7d2295f34f5849b7c593d1adcec72556ed1044cd79c868c890620b143874a8208a65b7c5e235ccaae4c2492107af513fb2cbb682a3e8119af028f7a8" + +RSA parse/write PKCS#1 public key - 1024 bits +rsa_import_pkcs1_key:1:"308189028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001" + +RSA parse/write PKCS#1 private key - 2048 bits +rsa_import_pkcs1_key:0:"308204a40201000282010100dcabfd25f3b7d67155e5c2520518570e95754ef883a973f94b2b0fb2d7ad733a3b0976c6314770eaf728304ee61e0dfe91811fc4a8219fbc3687cb3cfca54b58804d1ed4de985dc827374cb31b7b23225e130858d6b812dee6a356a8f8d211ba0930d0ec38193cee0a186f4a760cc3aa40e1d04fe4a14506ed279a9080aedd2676a4026bcb1ee24b2c00853bffcc04b5fb3e542626c2b2c54a62f3d6e01df95544fdf85c22cc0846275cb9cdfe73876e94e532ced0bca9876de74ff1edc9c8ac89aa8586aa34ca6f44c972d1e73aaddae168a5e67ec69cd14f206155e6e1161e7aa6754e947d5d26ee5f8789598a79ea4ff0263e2b8bf90641320771955007d102030100010282010100d25c964f769d3aad0210ac04da5c90a9136b27e41a47108a86d0beff6341330640bf4dddb39e82134b97a12da58ae3165988f94ad4687148cfc6f5c4e6a7804316d3eddf496f807f4c7b17ffe9e3a1e3a2408c857bf32ff2137584284242a7a96c1780229f7bd7aca82d10f2afc48d4620e1e35e35fa52be3e97b16dad6e84dbdfab4e7e21c7c2e5e5cd1c936f6c221e806bd14afa77b3eefc62e984aa2d391da408aaec0dbd2eade3023ebac77e3416cd67491d60053d317c6c8665be5c33961c379309d37d0a653d1859a6abfe195644d474739dbc44f62e623505f9460d9d8defafb12f4149d5baaf798f1345f565430cd7c096c24ca8d02d13fe90c20c5102818100f116cfdbfc0d5b3528cbfada1b21d4292ff188d41a4b22e658a9e29f610adf5fcb3329b0f567ba5029195fd648d06cc2174638f2f18ff0e0251e283e0a0b1f792751925efb617af3405083245c673dae77edc811fd668769d28ac1bee36261658a32f56a5e1b9b9e4f4fa7da55adeeb08c92f1de89f6186bd9c6d1e721638d2d02818100ea51e8798225e4ee77aa08e2f5ee0f8b847edd4c34d9bf7b8cf339b61d5bd22d504c5ab5f17572850f39018736474a449186e783dfda35da95902c8eaaec4bebb8ab6c057c678f37cd53fc1a12e5ace83d2a44d72195d565b3e8c12f89f2523fe37e52adbafde783be361fcd1f021aaaabf860febd8c5726c7089622ccca73b50281807d8248b7d76204a78a13970650b5adc3bb67dcb9beee7abebc4dc4e3001c2ee9a9d97accdb1523137431f78890e3a09af28ee63ae3b2f1cd5ec57261c9ccbc97cff651630d2f5458aa94bf910061e6e49b1eb8d754ba39a8c7a8e0f04564041c5e73e4fb78fe9a673216dfe57451563fa70f20c79fbef43bc166160463877609028180693b0fa44206b2a145ac5f014e60f32a3cfe9c73b4e8754e0f26cc2c35531f38aa6f1fedc5da70ebc0c261255003041f771b96ad6ac29c9ce5be31c4808e4e2a366d05be10f89121065d49428c6a0914e32330774ce5f5480f5be02671551a0b07279c09d9885d8894cbc9cc5cb89d3138b9fb156c1ab2a8ff89a3a34d453e6102818100aff57dd813fd064d8d1a5e8c7ea7e534dff6963a9b5b1c4da12219268c0500288901bbd36edb8071679bcd9d0d8deacfaa52e4b3659f4a69a5c5322f104524f83eb4b94bf6f02b5ad7c2ccd9bc5688f4e18ff2a70ae7638a83f2f87d8ecc9e0eebf2283f809670c8a0b79e1a576a6c9c04d4d71b75647c818a23873cdc0d77bf" + +RSA parse/write PKCS#1 public key - 2048 bits +rsa_import_pkcs1_key:1:"3082010a0282010100dcabfd25f3b7d67155e5c2520518570e95754ef883a973f94b2b0fb2d7ad733a3b0976c6314770eaf728304ee61e0dfe91811fc4a8219fbc3687cb3cfca54b58804d1ed4de985dc827374cb31b7b23225e130858d6b812dee6a356a8f8d211ba0930d0ec38193cee0a186f4a760cc3aa40e1d04fe4a14506ed279a9080aedd2676a4026bcb1ee24b2c00853bffcc04b5fb3e542626c2b2c54a62f3d6e01df95544fdf85c22cc0846275cb9cdfe73876e94e532ced0bca9876de74ff1edc9c8ac89aa8586aa34ca6f44c972d1e73aaddae168a5e67ec69cd14f206155e6e1161e7aa6754e947d5d26ee5f8789598a79ea4ff0263e2b8bf90641320771955007d10203010001" diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 37bed6dcd..315d4f6bb 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -1,6 +1,7 @@ /* BEGIN_HEADER */ #include "mbedtls/rsa.h" #include "rsa_alt_helpers.h" +#include "rsa_internal.h" /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -1371,6 +1372,36 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void rsa_import_pkcs1_key(int is_public, data_t *input) +{ + mbedtls_rsa_context rsa_ctx; + unsigned char *input_start = input->x; + unsigned char *input_end = input->x + input->len; + unsigned char *output_buf = NULL; + unsigned char *output_start; + unsigned char *output_end; + + TEST_CALLOC(output_buf, input->len); + output_start = output_buf; + output_end = output_buf + input->len; + + mbedtls_rsa_init(&rsa_ctx); + + if (is_public) { + TEST_EQUAL(mbedtls_rsa_pubkey_parse(&rsa_ctx, &input_start, input_end), 0); + TEST_EQUAL(mbedtls_rsa_pubkey_write(&rsa_ctx, output_start, &output_end), input->len); + } else { + TEST_EQUAL(mbedtls_rsa_key_parse(&rsa_ctx, input->x, input->len), 0); + TEST_EQUAL(mbedtls_rsa_key_write(&rsa_ctx, output_start, &output_end), input->len); + } + +exit: + mbedtls_free(output_buf); + mbedtls_rsa_free(&rsa_ctx); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void rsa_selftest() { From b054e449c9fa3af059cac13f5028855d401e9a3c Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 23 Jan 2024 16:12:27 +0100 Subject: [PATCH 1467/1674] test_suite_psa_crypto: remove tests for importing an RSA key in PEM format This feature was an unofficial extension which was never documented. Now that we are removing the PK dependency in order to use only functions from RSA module, PEM support is unavailable. Therefore we explicitly remove it. Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto.data | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index eda6f5d8c..45cb83980 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -496,16 +496,6 @@ PSA import/export RSA keypair: policy forbids export (sign), opaque depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:PSA_CRYPTO_DRIVER_TEST import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ):1024:0:PSA_ERROR_NOT_PERMITTED:1 -# Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS -# extension which we may drop in the future. -PSA import/export RSA public key: import PEM -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PEM_PARSE_C -import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d413047435371475349623344514542415155414134474e4144434269514b4267514376425830356275685074312f6274634b7850482f6c706c53710a69714a4843315165346636777353306c7835635255784a4a34524b574b41517475376242494e46454e5354765441357548596c57377249486576456a536433750a355553447641624378686c497a514b7941756557727232553036664c2b466e43775947634d6b79344b357a545474346d4f69712f2f6b637a384865476e6f5a670a3939614454615539615137336d46397277774944415141420a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d0a00":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:0:PSA_SUCCESS:0 - -PSA import/export RSA keypair: import PEM -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT:MBEDTLS_PEM_PARSE_C -import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:1024:0:PSA_SUCCESS:0 - PSA import/export FFDH RFC7919 2048 key pair: good depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT import_export:"2A45292441157B3C25572F76A5CDF960A7BDBF06731D783C5BF8920FB94CCC3D5DCCF86A3CB66B4E3AEDD23106222458ACF3F72C753CB67C2E19AD399566866FEBC16C3B4DC72773B4709047AE1AEC2D9107C2041B06B86A8F604465B26E0E753D6B10772798B3797232D950A36F2D4B33B04B36DE73AC6B8A7365015DF5745A1F892728B0CA947702C36E3BC646E72E23E80C345DBB014B7F93B36C80B4051F9A716D19B980861E86D62977466565462FBD3C1BB4EFD630DCCBEB351A7FA95602B7FE23903C7C7DC999950493BEC028AC42346858FAD969452DCF1DE9AD445F7F928D63B75FA86E8C1D722AB242D91995D3545A1791D72B0F384E74B45C7C01":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0:2048:0:PSA_SUCCESS:1 From 7b7ffd3bb9cf91d944b00d13d75cd69dd357452d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 23 Jan 2024 16:14:18 +0100 Subject: [PATCH 1468/1674] psa_crypt_rsa: remove dependency from the PK module Use new functions from the RSA module to parse and write private and public keys in PKCS#1 format. Signed-off-by: Valerio Setti --- library/psa_crypto_rsa.c | 48 ++++++++++++++-------------------------- 1 file changed, 16 insertions(+), 32 deletions(-) diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 7b58ea22a..7da6012c9 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -24,8 +24,7 @@ #include #include -#include -#include "pk_wrap.h" +#include "rsa_internal.h" #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \ @@ -62,50 +61,40 @@ psa_status_t mbedtls_psa_rsa_load_representation( mbedtls_rsa_context **p_rsa) { psa_status_t status; - mbedtls_pk_context ctx; size_t bits; - mbedtls_pk_init(&ctx); + + *p_rsa = mbedtls_calloc(1, sizeof(mbedtls_rsa_context)); + if (*p_rsa == NULL) { + return PSA_ERROR_INSUFFICIENT_MEMORY; + } + mbedtls_rsa_init(*p_rsa); /* Parse the data. */ if (PSA_KEY_TYPE_IS_KEY_PAIR(type)) { - status = mbedtls_to_psa_error( - mbedtls_pk_parse_key(&ctx, data, data_length, NULL, 0, - mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE)); + status = mbedtls_to_psa_error(mbedtls_rsa_key_parse(*p_rsa, data, data_length)); } else { - status = mbedtls_to_psa_error( - mbedtls_pk_parse_public_key(&ctx, data, data_length)); + unsigned char *p = (unsigned char *) data; + unsigned char *end = (unsigned char *) (data + data_length); + status = mbedtls_to_psa_error(mbedtls_rsa_pubkey_parse(*p_rsa, &p, end)); } if (status != PSA_SUCCESS) { goto exit; } - /* We have something that the pkparse module recognizes. If it is a - * valid RSA key, store it. */ - if (mbedtls_pk_get_type(&ctx) != MBEDTLS_PK_RSA) { - status = PSA_ERROR_INVALID_ARGUMENT; - goto exit; - } - /* The size of an RSA key doesn't have to be a multiple of 8. Mbed TLS * supports non-byte-aligned key sizes, but not well. For example, * mbedtls_rsa_get_len() returns the key size in bytes, not in bits. */ - bits = PSA_BYTES_TO_BITS(mbedtls_rsa_get_len(mbedtls_pk_rsa(ctx))); + bits = PSA_BYTES_TO_BITS(mbedtls_rsa_get_len(*p_rsa)); if (bits > PSA_VENDOR_RSA_MAX_KEY_BITS) { status = PSA_ERROR_NOT_SUPPORTED; goto exit; } - status = psa_check_rsa_key_byte_aligned(mbedtls_pk_rsa(ctx)); + status = psa_check_rsa_key_byte_aligned(*p_rsa); if (status != PSA_SUCCESS) { goto exit; } - /* Copy out the pointer to the RSA context, and reset the PK context - * such that pk_free doesn't free the RSA context we just grabbed. */ - *p_rsa = mbedtls_pk_rsa(ctx); - ctx.pk_info = NULL; - exit: - mbedtls_pk_free(&ctx); return status; } #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || @@ -168,20 +157,15 @@ psa_status_t mbedtls_psa_rsa_export_key(psa_key_type_t type, size_t *data_length) { int ret; - mbedtls_pk_context pk; - uint8_t *pos = data + data_size; - - mbedtls_pk_init(&pk); - pk.pk_info = &mbedtls_rsa_info; - pk.pk_ctx = rsa; + uint8_t *end = data + data_size; /* PSA Crypto API defines the format of an RSA key as a DER-encoded * representation of the non-encrypted PKCS#1 RSAPrivateKey for a * private key and of the RFC3279 RSAPublicKey for a public key. */ if (PSA_KEY_TYPE_IS_KEY_PAIR(type)) { - ret = mbedtls_pk_write_key_der(&pk, data, data_size); + ret = mbedtls_rsa_key_write(rsa, data, &end); } else { - ret = mbedtls_pk_write_pubkey(&pos, data, &pk); + ret = mbedtls_rsa_pubkey_write(rsa, data, &end); } if (ret < 0) { From d6d6a76e46526a396bc2fb4a2b0ab239b26db5d6 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Tue, 23 Jan 2024 18:24:21 +0000 Subject: [PATCH 1469/1674] Add ..._GOTO_RETURN macro Signed-off-by: Ryan Everett --- library/psa_crypto_core.h | 47 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 7b167248e..85eeb1a6d 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -20,6 +20,9 @@ #include "psa/crypto.h" #include "psa/crypto_se_driver.h" +#if defined(MBEDTLS_THREADING_C) +#include "mbedtls/threading.h" +#endif /** * Tell if PSA is ready for this hash. @@ -111,6 +114,50 @@ typedef struct { } key; } psa_key_slot_t; +typedef enum { + PSA_MUTEX_LOCK = 0, + PSA_MUTEX_UNLOCK, +} psa_mutex_operation_t; + +/** If threading is enabled: perform a lock or unlock operation on the + * key slot mutex. + * Call with parameter PSA_MUTEX_LOCK to perform a lock operation. + * Call with parameter PSA_MUTEX_UNLOCK to perform an unlock operation. + * Returns PSA_ERROR_SERVICE_FAILURE if the operation fails + * and status was PSA_SUCCESS. + * If threading is not enabled, do nothing. + * + * Assumptions: + * psa_status_t status exists. + * op is PSA_MUTEX_LOCK or PSA_MUTEX_UNLOCK. + */ +#if defined(MBEDTLS_THREADING_C) +#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_RETURN(op) \ + do \ + { \ + if (op == PSA_MUTEX_LOCK) { \ + if (mbedtls_mutex_lock( \ + &mbedtls_threading_key_slot_mutex) != 0) { \ + if (status == PSA_SUCCESS) { \ + return PSA_ERROR_SERVICE_FAILURE; \ + } \ + return status; \ + } \ + } \ + if (op == PSA_MUTEX_UNLOCK) { \ + if (mbedtls_mutex_unlock( \ + &mbedtls_threading_key_slot_mutex) != 0) { \ + if (status == PSA_SUCCESS) { \ + return PSA_ERROR_SERVICE_FAILURE; \ + } \ + return status; \ + } \ + } \ + } while (0); +#else +#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_RETURN(op) do { } while (0) +#endif + /* A mask of key attribute flags used only internally. * Currently there aren't any. */ #define PSA_KA_MASK_INTERNAL_ONLY ( \ From 90afb132e067b57a2bbc12c986ac5112e91fc201 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Tue, 23 Jan 2024 18:24:36 +0000 Subject: [PATCH 1470/1674] Add ..._GOTO_EXIT macro Signed-off-by: Ryan Everett --- library/psa_crypto_core.h | 40 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 85eeb1a6d..8b5ac26c6 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -158,6 +158,46 @@ typedef enum { #define PSA_KEY_SLOT_MUTEX_LOCKFUNC_RETURN(op) do { } while (0) #endif +/** If threading is enabled: perform a lock or unlock operation on the + * key slot mutex. + * Call with parameter PSA_MUTEX_LOCK to perform a lock operation. + * Call with parameter PSA_MUTEX_UNLOCK to perform an unlock operation. + * This will goto the exit label if the operation fails, + * setting status to PSA_SERVICE_FAILURE if status was PSA_SUCCESS. + * If threading is not enabled, do nothing. + * + * Assumptions: + * psa_status_t status exists. + * Label exit: exists. + * op is PSA_MUTEX_LOCK or PSA_MUTEX_UNLOCK. + */ +#if defined(MBEDTLS_THREADING_C) +#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_GOTO_EXIT(op) \ + do \ + { \ + if (op == PSA_MUTEX_LOCK) { \ + if (mbedtls_mutex_lock( \ + &mbedtls_threading_key_slot_mutex) != 0) { \ + if (status == PSA_SUCCESS) { \ + status = PSA_ERROR_SERVICE_FAILURE; \ + } \ + goto exit; \ + } \ + } \ + if (op == PSA_MUTEX_UNLOCK) { \ + if (mbedtls_mutex_unlock( \ + &mbedtls_threading_key_slot_mutex) != 0) { \ + if (status == PSA_SUCCESS) { \ + status = PSA_ERROR_SERVICE_FAILURE; \ + } \ + goto exit; \ + } \ + } \ + } while (0); +#else +#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_GOTO_EXIT(op) do { } while (0) +#endif + /* A mask of key attribute flags used only internally. * Currently there aren't any. */ #define PSA_KA_MASK_INTERNAL_ONLY ( \ From 0b17255da123b0b8717534d25c1c1adcb9ba5cab Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Jan 2024 14:11:26 +0100 Subject: [PATCH 1471/1674] Introduce mbedtls_pk_get_psa_attributes Follow the specification in https://github.com/Mbed-TLS/mbedtls/pull/8657 as of dd77343381161e09a63b4694001da3957e27d3a7, i.e. https://github.com/Mbed-TLS/mbedtls/blob/dd77343381161e09a63b4694001da3957e27d3a7/docs/architecture/psa-migration/psa-legacy-bridges.md#api-to-create-a-psa-key-from-a-pk-context This commit introduces the function declaration, its documentation, the definition without the interesting parts and a negative unit test function. Subsequent commits will add RSA, ECC and PK_OPAQUE support. Signed-off-by: Gilles Peskine --- include/mbedtls/pk.h | 116 +++++++++++++++++++++++++++- library/pk.c | 26 ++++++- tests/suites/test_suite_pk.data | 5 ++ tests/suites/test_suite_pk.function | 62 +++++++++++++++ 4 files changed, 207 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 27768bd35..a43b94955 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -28,7 +28,7 @@ #include "mbedtls/ecdsa.h" #endif -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) #include "psa/crypto.h" #endif @@ -484,6 +484,120 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, psa_key_usage_t usage); #endif /* MBEDTLS_USE_PSA_CRYPTO */ +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) +/** + * \brief Determine valid PSA attributes that can be used to + * import a key into PSA. + * + * The attributes determined by this function are suitable + * for calling mbedtls_pk_import_into_psa() to create + * a PSA key with the same key material. + * + * The typical flow of operations involving this function is + * ``` + * psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + * int ret = mbedtls_pk_get_psa_attributes(pk, &attributes); + * if (ret != 0) ...; // error handling omitted + * // Tweak attributes if desired + * psa_key_id_t key_id = 0; + * ret = mbedtls_pk_import_into_psa(pk, &attributes, &key_id); + * if (ret != 0) ...; // error handling omitted + * ``` + * + * \note This function does not support RSA-alt contexts + * (set up with mbedtls_pk_setup_rsa_alt()). + * + * \param[in] pk The PK context to use. It must have been set up. + * It can either contain a key pair or just a public key. + * \param usage A single `PSA_KEY_USAGE_xxx` flag among the following: + * - #PSA_KEY_USAGE_DECRYPT: \p pk must contain a + * key pair. The output \p attributes will contain a + * key pair type, and the usage policy will allow + * #PSA_KEY_USAGE_ENCRYPT as well as + * #PSA_KEY_USAGE_DECRYPT. + * - #PSA_KEY_USAGE_DERIVE: \p pk must contain a + * key pair. The output \p attributes will contain a + * key pair type. + * - #PSA_KEY_USAGE_ENCRYPT: The output + * \p attributes will contain a public key type. + * - #PSA_KEY_USAGE_SIGN_HASH: \p pk must contain a + * key pair. The output \p attributes will contain a + * key pair type, and the usage policy will allow + * #PSA_KEY_USAGE_VERIFY_HASH as well as + * #PSA_KEY_USAGE_SIGN_HASH. + * - #PSA_KEY_USAGE_SIGN_MESSAGE: \p pk must contain a + * key pair. The output \p attributes will contain a + * key pair type, and the usage policy will allow + * #PSA_KEY_USAGE_VERIFY_MESSAGE as well as + * #PSA_KEY_USAGE_SIGN_MESSAGE. + * - #PSA_KEY_USAGE_VERIFY_HASH: The output + * \p attributes will contain a public key type. + * - #PSA_KEY_USAGE_VERIFY_MESSAGE: The output + * \p attributes will contain a public key type. + * \param[out] attributes + * On success, valid attributes to import the key into PSA. + * - The lifetime and key identifier are unchanged. If the + * attribute structure was initialized or reset before + * calling this function, this will result in a volatile + * key. Call psa_set_key_identifier() before or after this + * function if you wish to create a persistent key. Call + * psa_set_key_lifetime() before or after this function if + * you wish to import the key in a secure element. + * - The key type and bit-size are determined by the contents + * of the PK context. If the PK context contains a key + * pair, the key type can be either a key pair type or + * the corresponding public key type, depending on + * \p usage. If the PK context contains a public key, + * the key type is a public key type. + * - The key's policy is determined by the key type and + * the \p usage parameter. The usage always allows + * \p usage, exporting and copying the key, and + * possibly other permissions as documented for the + * \p usage parameter. + * The permitted algorithm is determined as follows + * based on the #mbedtls_pk_type_t type of \p pk, + * the chosen \p usage and other factors: + * - #MBEDTLS_PK_RSA with whose underlying + * #mbedtls_rsa_context has the padding mode + * #MBEDTLS_RSA_PKCS_V15: + * #PSA_ALG_RSA_PKCS1V15_SIGN(#PSA_ALG_ANY_HASH) + * if \p usage is SIGN/VERIFY, and + * #PSA_ALG_RSA_PKCS1V15_CRYPT + * if \p usage is ENCRYPT/DECRYPT. + * - #MBEDTLS_PK_RSA with whose underlying + * #mbedtls_rsa_context has the padding mode + * #MBEDTLS_RSA_PKCS_V21 and the digest type + * corresponding to the PSA algorithm \c hash: + * #PSA_ALG_RSA_PSS_ANY_SALT(#PSA_ALG_ANY_HASH) + * if \p usage is SIGN/VERIFY, and + * #PSA_ALG_RSA_OAEP(\c hash) + * if \p usage is ENCRYPT/DECRYPT. + * - #MBEDTLS_PK_RSA_ALT: not supported. + * - #MBEDTLS_PK_ECDSA or #MBEDTLS_PK_ECKEY + * if \p usage is SIGN/VERIFY: + * #PSA_ALG_DETERMINISTIC_ECDSA(#PSA_ALG_ANY_HASH) + * if #MBEDTLS_ECDSA_DETERMINISTIC is enabled, + * otherwise #PSA_ALG_ECDSA(#PSA_ALG_ANY_HASH). + * - #MBEDTLS_PK_ECKEY_DH or #MBEDTLS_PK_ECKEY + * if \p usage is DERIVE: + * #PSA_ALG_ECDH. + * - #MBEDTLS_PK_OPAQUE: same as the algorithm policy + * set for the underlying PSA key, except that + * sign/decrypt flags are removed if the type is + * set to a public key type. + * Note that the enrollment algorithm set with + * psa_set_key_enrollment_algorithm() is not copied. + * + * \return 0 on success. + * #MBEDTLS_ERR_PK_TYPE_MISMATCH if \p pk does not contain + * a key of the type identified in \p attributes. + * Another error code on other failures. + */ +int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, + psa_key_usage_t usage, + psa_key_attributes_t *attributes); +#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ + /** * \brief Verify signature (including padding if relevant). * diff --git a/library/pk.c b/library/pk.c index 61ac0dfab..bde561a1e 100644 --- a/library/pk.c +++ b/library/pk.c @@ -29,7 +29,7 @@ #include "mbedtls/ecdsa.h" #endif -#if defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) #include "psa_util_internal.h" #include "md_psa.h" #endif @@ -378,6 +378,30 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, } #endif /* MBEDTLS_USE_PSA_CRYPTO */ +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) +int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, + psa_key_usage_t usage, + psa_key_attributes_t *attributes) +{ + mbedtls_pk_type_t pk_type = mbedtls_pk_get_type(pk); + + switch (pk_type) { +#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) + case MBEDTLS_PK_RSA_ALT: + return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; +#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ + + default: + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + + usage |= PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY; + psa_set_key_usage_flags(attributes, usage); + + return 0; +} +#endif + /* * Helper for mbedtls_pk_sign and mbedtls_pk_verify */ diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index af1e20c46..e8ffff43f 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -680,3 +680,8 @@ pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSA:MBEDTLS_MD_SHA512 PSA wrapped sign ext: RSA2048, PK_RSASSA_PSS, MD_SHA512 depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512:MBEDTLS_RSA_C pk_psa_wrap_sign_ext:MBEDTLS_PK_RSA:2048:MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA512 + +PSA attributes for pk: NONE (bad) +pk_get_psa_attributes_fail:MBEDTLS_PK_NONE:0:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_BAD_INPUT_DATA + +# There is a (negative) test for pk_type=MBEDTLS_PK_RSA_ALT in pk_rsa_alt(). diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 226598c72..0ac84a2f8 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -162,6 +162,33 @@ size_t mbedtls_rsa_key_len_func(void *ctx) } #endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_PSA_CRYPTO_C) +static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair, + mbedtls_pk_context *pk, psa_key_type_t *psa_type) +{ + int ok = 0; + + if (pk_type == MBEDTLS_PK_NONE) { + return 1; + } + TEST_EQUAL(mbedtls_pk_setup(pk, mbedtls_pk_info_from_type(pk_type)), 0); + + switch (pk_type) { + default: + TEST_FAIL("Unknown PK type in test data"); + break; + } + + if (!want_pair) { + *psa_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(*psa_type); + } + ok = 1; + +exit: + return ok; +} +#endif + #if defined(MBEDTLS_USE_PSA_CRYPTO) /* @@ -1263,6 +1290,14 @@ void pk_rsa_alt() TEST_ASSERT(mbedtls_pk_get_type(&alt) == MBEDTLS_PK_RSA_ALT); TEST_ASSERT(strcmp(mbedtls_pk_get_name(&alt), "RSA-alt") == 0); +#if defined(MBEDTLS_PSA_CRYPTO_C) + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&alt, + PSA_KEY_USAGE_ENCRYPT, + &attributes), + MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE); +#endif /* MBEDTLS_PSA_CRYPTO_C */ + /* Test signature */ #if SIZE_MAX > UINT_MAX TEST_ASSERT(mbedtls_pk_sign(&alt, MBEDTLS_MD_NONE, hash, SIZE_MAX, @@ -1569,3 +1604,30 @@ exit: PSA_DONE(); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ +void pk_get_psa_attributes_fail(int pk_type, int from_pair, + int usage_arg, + int expected_ret) +{ + mbedtls_pk_context pk; + mbedtls_pk_init(&pk); + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_usage_t usage = usage_arg; + + MD_OR_USE_PSA_INIT(); + + psa_key_type_t expected_psa_type; + if (!pk_setup_for_type(pk_type, from_pair, &pk, &expected_psa_type)) { + goto exit; + } + + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&pk, usage, &attributes), + expected_ret); + +exit: + mbedtls_pk_free(&pk); + psa_reset_key_attributes(&attributes); + MD_OR_USE_PSA_DONE(); +} +/* END_CASE */ From 1f97e73114a37bab4655100890680592cdba8204 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Jan 2024 14:14:24 +0100 Subject: [PATCH 1472/1674] mbedtls_pk_get_psa_attributes: force enrollment algorithm off This avoids a possible gotcha when if the application code reuses an existing attribute structure. Signed-off-by: Gilles Peskine --- library/pk.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/pk.c b/library/pk.c index bde561a1e..706d5d38c 100644 --- a/library/pk.c +++ b/library/pk.c @@ -397,6 +397,12 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, usage |= PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY; psa_set_key_usage_flags(attributes, usage); +#if defined(MBEDTLS_PSA_CRYPTO_C) + /* Assume that we have all Mbed TLS attributes. When + * MBEDTLS_PSA_CRYPTO_CLIENT is enabled but not MBEDTLS_PSA_CRYPTO_C, + * we only assume standard PSA functions. */ + psa_set_key_enrollment_algorithm(attributes, PSA_ALG_NONE); +#endif return 0; } From 6ea18361dfcedd70e8cf3e2bb9925b0cfd73428e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Jan 2024 14:16:27 +0100 Subject: [PATCH 1473/1674] mbedtls_pk_get_psa_attributes: RSA support Add code and unit tests for MBEDTLS_PK_RSA in mbedtls_pk_get_psa_attributes(). Signed-off-by: Gilles Peskine --- library/pk.c | 64 ++++++++++++ tests/suites/test_suite_pk.data | 104 +++++++++++++++++++ tests/suites/test_suite_pk.function | 149 ++++++++++++++++++++++++++++ 3 files changed, 317 insertions(+) diff --git a/library/pk.c b/library/pk.c index 706d5d38c..1485bd76e 100644 --- a/library/pk.c +++ b/library/pk.c @@ -379,6 +379,27 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, #endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) +#if defined(MBEDTLS_RSA_C) +static psa_algorithm_t psa_algorithm_for_rsa(const mbedtls_rsa_context *rsa, + int want_crypt) +{ + if (mbedtls_rsa_get_padding_mode(rsa) == MBEDTLS_RSA_PKCS_V21) { + if (want_crypt) { + mbedtls_md_type_t md_type = mbedtls_rsa_get_md_alg(rsa); + return PSA_ALG_RSA_OAEP(mbedtls_md_psa_alg_from_type(md_type)); + } else { + return PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH); + } + } else { + if (want_crypt) { + return PSA_ALG_RSA_PKCS1V15_CRYPT; + } else { + return PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH); + } + } +} +#endif /* MBEDTLS_RSA_C */ + int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, psa_key_usage_t usage, psa_key_attributes_t *attributes) @@ -386,6 +407,49 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, mbedtls_pk_type_t pk_type = mbedtls_pk_get_type(pk); switch (pk_type) { +#if defined(MBEDTLS_RSA_C) + case MBEDTLS_PK_RSA: + int want_crypt = 0; + int want_private = 0; + switch (usage) { + case PSA_KEY_USAGE_SIGN_MESSAGE: + usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; + want_private = 1; + break; + case PSA_KEY_USAGE_SIGN_HASH: + usage |= PSA_KEY_USAGE_VERIFY_HASH; + want_private = 1; + break; + case PSA_KEY_USAGE_DECRYPT: + usage |= PSA_KEY_USAGE_ENCRYPT; + want_private = 1; + want_crypt = 1; + break; + case PSA_KEY_USAGE_VERIFY_MESSAGE: + case PSA_KEY_USAGE_VERIFY_HASH: + break; + case PSA_KEY_USAGE_ENCRYPT: + want_crypt = 1; + break; + default: + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } + /* Detect the presence of a private key in a way that works both + * in CRT and non-CRT configurations. */ + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); + int has_private = (mbedtls_rsa_check_privkey(rsa) == 0); + if (want_private && !has_private) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } + psa_set_key_type(attributes, (want_private ? + PSA_KEY_TYPE_RSA_KEY_PAIR : + PSA_KEY_TYPE_RSA_PUBLIC_KEY)); + psa_set_key_bits(attributes, mbedtls_mpi_bitlen(&rsa->N)); + psa_set_key_algorithm(attributes, + psa_algorithm_for_rsa(rsa, want_crypt)); + break; +#endif /* MBEDTLS_RSA_C */ + #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) case MBEDTLS_PK_RSA_ALT: return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index e8ffff43f..bc0de71b2 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -685,3 +685,107 @@ PSA attributes for pk: NONE (bad) pk_get_psa_attributes_fail:MBEDTLS_PK_NONE:0:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_BAD_INPUT_DATA # There is a (negative) test for pk_type=MBEDTLS_PK_RSA_ALT in pk_rsa_alt(). + +PSA attributes for pk: RSA v15 pair DECRYPT +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_DECRYPT:1:PSA_ALG_RSA_PKCS1V15_CRYPT + +PSA attributes for pk: RSA v21 SHA-256 pair DECRYPT +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 +pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_SHA256:1:PSA_KEY_USAGE_DECRYPT:1:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) + +PSA attributes for pk: RSA v21 SHA-512 pair DECRYPT +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512 +pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_SHA512:1:PSA_KEY_USAGE_DECRYPT:1:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512) + +PSA attributes for pk: RSA v15 pair->public ENCRYPT +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_ENCRYPT:0:PSA_ALG_RSA_PKCS1V15_CRYPT + +PSA attributes for pk: RSA v21 SHA-256 pair->public ENCRYPT +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 +pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_SHA256:1:PSA_KEY_USAGE_ENCRYPT:0:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) + +PSA attributes for pk: RSA v21 SHA-512 pair->public ENCRYPT +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512 +pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_SHA512:1:PSA_KEY_USAGE_ENCRYPT:0:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512) + +PSA attributes for pk: RSA v15 public ENCRYPT +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_ENCRYPT:0:PSA_ALG_RSA_PKCS1V15_CRYPT + +PSA attributes for pk: RSA v21 SHA-256 public ENCRYPT +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 +pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_SHA256:0:PSA_KEY_USAGE_ENCRYPT:0:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) + +PSA attributes for pk: RSA v21 SHA-512 public ENCRYPT +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512 +pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_SHA512:0:PSA_KEY_USAGE_ENCRYPT:0:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512) + +PSA attributes for pk: RSA v15 public DECRYPT (bad) +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: RSA v15 pair SIGN_MESSAGE +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_SIGN_MESSAGE:1:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) + +PSA attributes for pk: RSA v21 SHA-256 pair SIGN_MESSAGE +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_NONE:1:PSA_KEY_USAGE_SIGN_MESSAGE:1:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH) + +PSA attributes for pk: RSA v15 pair SIGN_HASH +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_SIGN_HASH:1:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) + +PSA attributes for pk: RSA v21 SHA-256 pair SIGN_HASH +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_NONE:1:PSA_KEY_USAGE_SIGN_HASH:1:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH) + +PSA attributes for pk: RSA v15 pair->public VERIFY_MESSAGE +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) + +PSA attributes for pk: RSA v21 SHA-256 pair->public VERIFY_MESSAGE +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_NONE:1:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH) + +PSA attributes for pk: RSA v15 pair->public VERIFY_HASH +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) + +PSA attributes for pk: RSA v21 SHA-256 pair->public VERIFY_HASH +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_NONE:1:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH) + +PSA attributes for pk: RSA v15 public VERIFY_MESSAGE +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) + +PSA attributes for pk: RSA v21 SHA-256 public VERIFY_MESSAGE +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_NONE:0:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH) + +PSA attributes for pk: RSA v15 public VERIFY_HASH +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) + +PSA attributes for pk: RSA v21 SHA-256 public VERIFY_HASH +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_NONE:0:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH) + +PSA attributes for pk: RSA v15 public SIGN_MESSAGE (bad) +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: RSA v15 public SIGN_HASH (bad) +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: RSA v15 pair DERIVE (bad) +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: RSA v15 public DERIVE (bad) +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 0ac84a2f8..d6902b4d0 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -174,6 +174,30 @@ static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair, TEST_EQUAL(mbedtls_pk_setup(pk, mbedtls_pk_info_from_type(pk_type)), 0); switch (pk_type) { +#if defined(MBEDTLS_RSA_C) + case MBEDTLS_PK_RSA: + { + *psa_type = PSA_KEY_TYPE_RSA_KEY_PAIR; + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); + if (want_pair) { + TEST_EQUAL(mbedtls_rsa_gen_key( + rsa, + mbedtls_test_rnd_std_rand, NULL, + MBEDTLS_RSA_GEN_KEY_MIN_BITS, 65537), 0); + } else { + unsigned char N[PSA_BITS_TO_BYTES(MBEDTLS_RSA_GEN_KEY_MIN_BITS)] = { 0xff }; + N[sizeof(N) - 1] = 0x03; + const unsigned char E[1] = {0x03}; + TEST_EQUAL(mbedtls_rsa_import_raw(rsa, + N, sizeof(N), + NULL, 0, NULL, 0, NULL, 0, + E, sizeof(E)), 0); + TEST_EQUAL(mbedtls_rsa_complete(rsa), 0); + } + break; + } +#endif /* MBEDTLS_RSA_C */ + default: TEST_FAIL("Unknown PK type in test data"); break; @@ -1605,6 +1629,131 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ +void pk_get_psa_attributes(int pk_type, int from_pair, + int usage_arg, + int to_pair, int expected_alg) +{ + mbedtls_pk_context pk; + mbedtls_pk_init(&pk); + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_key_usage_t usage = usage_arg; + + MD_OR_USE_PSA_INIT(); + + psa_key_type_t expected_psa_type = 0; + if (!pk_setup_for_type(pk_type, from_pair, &pk, &expected_psa_type)) { + goto exit; + } + if (!to_pair) { + expected_psa_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(expected_psa_type); + } + + psa_key_lifetime_t lifetime = PSA_KEY_LIFETIME_VOLATILE; //TODO: diversity + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; //TODO: diversity + psa_set_key_id(&attributes, key_id); + psa_set_key_lifetime(&attributes, lifetime); + + psa_key_usage_t expected_usage = usage; + /* Usage implied universally */ + if (expected_usage & PSA_KEY_USAGE_SIGN_HASH) { + expected_usage |= PSA_KEY_USAGE_SIGN_MESSAGE; + } + if (expected_usage & PSA_KEY_USAGE_VERIFY_HASH) { + expected_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; + } + /* Usage implied by mbedtls_pk_get_psa_attributes() */ + if (expected_usage & PSA_KEY_USAGE_SIGN_HASH) { + expected_usage |= PSA_KEY_USAGE_VERIFY_HASH; + } + if (expected_usage & PSA_KEY_USAGE_SIGN_MESSAGE) { + expected_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; + } + if (expected_usage & PSA_KEY_USAGE_DECRYPT) { + expected_usage |= PSA_KEY_USAGE_ENCRYPT; + } + expected_usage |= PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY; + + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&pk, usage, &attributes), 0); + + TEST_EQUAL(psa_get_key_lifetime(&attributes), lifetime); + TEST_ASSERT(mbedtls_svc_key_id_equal(psa_get_key_id(&attributes), + key_id)); + TEST_EQUAL(psa_get_key_type(&attributes), expected_psa_type); + TEST_EQUAL(psa_get_key_bits(&attributes), + mbedtls_pk_get_bitlen(&pk)); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), expected_usage); + TEST_EQUAL(psa_get_key_algorithm(&attributes), expected_alg); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), PSA_ALG_NONE); + +exit: + mbedtls_pk_free(&pk); + psa_reset_key_attributes(&attributes); + MD_OR_USE_PSA_DONE(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 */ +void pk_rsa_v21_get_psa_attributes(int md_type, int from_pair, + int usage_arg, + int to_pair, int expected_alg) +{ + mbedtls_pk_context pk; + mbedtls_pk_init(&pk); + psa_key_usage_t usage = usage_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + MD_OR_USE_PSA_INIT(); + + psa_key_type_t expected_psa_type = 0; + if (!pk_setup_for_type(MBEDTLS_PK_RSA, from_pair, &pk, &expected_psa_type)) { + goto exit; + } + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(pk); + TEST_EQUAL(mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V21, md_type), 0); + if (!to_pair) { + expected_psa_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(expected_psa_type); + } + + psa_key_usage_t expected_usage = usage; + /* Usage implied universally */ + if (expected_usage & PSA_KEY_USAGE_SIGN_HASH) { + expected_usage |= PSA_KEY_USAGE_SIGN_MESSAGE; + } + if (expected_usage & PSA_KEY_USAGE_VERIFY_HASH) { + expected_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; + } + /* Usage implied by mbedtls_pk_get_psa_attributes() */ + if (expected_usage & PSA_KEY_USAGE_SIGN_HASH) { + expected_usage |= PSA_KEY_USAGE_VERIFY_HASH; + } + if (expected_usage & PSA_KEY_USAGE_SIGN_MESSAGE) { + expected_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; + } + if (expected_usage & PSA_KEY_USAGE_DECRYPT) { + expected_usage |= PSA_KEY_USAGE_ENCRYPT; + } + expected_usage |= PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY; + + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&pk, usage, &attributes), 0); + + TEST_EQUAL(psa_get_key_lifetime(&attributes), PSA_KEY_LIFETIME_VOLATILE); + TEST_ASSERT(mbedtls_svc_key_id_equal(psa_get_key_id(&attributes), + MBEDTLS_SVC_KEY_ID_INIT)); + TEST_EQUAL(psa_get_key_type(&attributes), expected_psa_type); + TEST_EQUAL(psa_get_key_bits(&attributes), + mbedtls_pk_get_bitlen(&pk)); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), expected_usage); + TEST_EQUAL(psa_get_key_algorithm(&attributes), expected_alg); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), PSA_ALG_NONE); + +exit: + mbedtls_pk_free(&pk); + psa_reset_key_attributes(&attributes); + MD_OR_USE_PSA_DONE(); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C */ void pk_get_psa_attributes_fail(int pk_type, int from_pair, int usage_arg, From ace7c7721ef30ae1bf1e218f1ff69720277f2f9d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Jan 2024 17:47:54 +0100 Subject: [PATCH 1474/1674] mbedtls_pk_get_psa_attributes: ECC support Add code and unit tests for MBEDTLS_PK_ECxxx in mbedtls_pk_get_psa_attributes(). This commit only supports built-in ECC (MBEDTLS_ECP_C). A subsequent commit will handle driver-only ECC. Signed-off-by: Gilles Peskine --- library/pk.c | 72 ++++++++++-- tests/suites/test_suite_pk.data | 168 ++++++++++++++++++++++++++++ tests/suites/test_suite_pk.function | 30 ++++- 3 files changed, 262 insertions(+), 8 deletions(-) diff --git a/library/pk.c b/library/pk.c index 1485bd76e..432fbcff6 100644 --- a/library/pk.c +++ b/library/pk.c @@ -406,22 +406,28 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, { mbedtls_pk_type_t pk_type = mbedtls_pk_get_type(pk); + psa_key_usage_t more_usage = usage; + if (usage == PSA_KEY_USAGE_SIGN_MESSAGE) { + more_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; + } else if (usage == PSA_KEY_USAGE_SIGN_HASH) { + more_usage |= PSA_KEY_USAGE_VERIFY_HASH; + } else if (usage == PSA_KEY_USAGE_DECRYPT) { + more_usage |= PSA_KEY_USAGE_ENCRYPT; + } + more_usage |= PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY; + switch (pk_type) { #if defined(MBEDTLS_RSA_C) case MBEDTLS_PK_RSA: + { int want_crypt = 0; int want_private = 0; switch (usage) { case PSA_KEY_USAGE_SIGN_MESSAGE: - usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; - want_private = 1; - break; case PSA_KEY_USAGE_SIGN_HASH: - usage |= PSA_KEY_USAGE_VERIFY_HASH; want_private = 1; break; case PSA_KEY_USAGE_DECRYPT: - usage |= PSA_KEY_USAGE_ENCRYPT; want_private = 1; want_crypt = 1; break; @@ -448,8 +454,61 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, psa_set_key_algorithm(attributes, psa_algorithm_for_rsa(rsa, want_crypt)); break; + } #endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + case MBEDTLS_PK_ECKEY: + case MBEDTLS_PK_ECKEY_DH: + case MBEDTLS_PK_ECDSA: + { + int sign_ok = (pk_type != MBEDTLS_PK_ECKEY_DH); + int derive_ok = (pk_type != MBEDTLS_PK_ECDSA); + mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk); + int has_private = (ec->d.n != 0); + size_t bits = 0; + psa_ecc_family_t family = + mbedtls_ecc_group_to_psa(ec->grp.id, &bits); + int want_private = 0; + psa_algorithm_t alg = 0; + switch (usage) { + case PSA_KEY_USAGE_SIGN_MESSAGE: + case PSA_KEY_USAGE_SIGN_HASH: + want_private = 1; + /* FALLTHROUGH */ + case PSA_KEY_USAGE_VERIFY_MESSAGE: + case PSA_KEY_USAGE_VERIFY_HASH: + if (!sign_ok) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + alg = PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH); +#else + alg = PSA_ALG_ECDSA(PSA_ALG_ANY_HASH); +#endif + break; + case PSA_KEY_USAGE_DERIVE: + want_private = 1; + alg = PSA_ALG_ECDH; + if (!derive_ok) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } + break; + default: + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } + if (want_private && !has_private) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } + psa_set_key_type(attributes, (want_private ? + PSA_KEY_TYPE_ECC_KEY_PAIR(family) : + PSA_KEY_TYPE_ECC_PUBLIC_KEY(family))); + psa_set_key_bits(attributes, bits); + psa_set_key_algorithm(attributes, alg); + break; + } +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ + #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) case MBEDTLS_PK_RSA_ALT: return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; @@ -459,8 +518,7 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } - usage |= PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY; - psa_set_key_usage_flags(attributes, usage); + psa_set_key_usage_flags(attributes, more_usage); #if defined(MBEDTLS_PSA_CRYPTO_C) /* Assume that we have all Mbed TLS attributes. When * MBEDTLS_PSA_CRYPTO_CLIENT is enabled but not MBEDTLS_PSA_CRYPTO_C, diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index bc0de71b2..f0903e33c 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -789,3 +789,171 @@ pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_ PSA attributes for pk: RSA v15 public DERIVE (bad) depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY pair DECRYPT (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY_DH pair DECRYPT (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECDSA pair DECRYPT (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY public DECRYPT (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY_DH public DECRYPT (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECDSA public DECRYPT (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY pair ENCRYPT (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY_DH pair ENCRYPT (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECDSA pair ENCRYPT (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY public ENCRYPT (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY_DH public ENCRYPT (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECDSA public ENCRYPT (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY pair DERIVE +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_DERIVE:1:PSA_ALG_ECDH + +PSA attributes for pk: ECKEY_DH pair DERIVE +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_DERIVE:1:PSA_ALG_ECDH + +PSA attributes for pk: ECDSA pair DERIVE (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY public DERIVE (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY_DH public DERIVE (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECDSA public DERIVE (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY pair SIGN_MESSAGE +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_SIGN_MESSAGE:1:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) + +PSA attributes for pk: ECDSA pair SIGN_MESSAGE +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_SIGN_MESSAGE:1:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) + +PSA attributes for pk: ECKEY pair SIGN_HASH +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_SIGN_HASH:1:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) + +PSA attributes for pk: ECDSA pair SIGN_HASH +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_SIGN_HASH:1:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) + +PSA attributes for pk: ECKEY pair->public VERIFY_MESSAGE +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) + +PSA attributes for pk: ECDSA pair->public VERIFY_MESSAGE +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) + +PSA attributes for pk: ECKEY pair->public VERIFY_HASH +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) + +PSA attributes for pk: ECDSA pair->public VERIFY_HASH +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) + +PSA attributes for pk: ECKEY public VERIFY_MESSAGE +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) + +PSA attributes for pk: ECDSA public VERIFY_MESSAGE +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) + +PSA attributes for pk: ECKEY public VERIFY_HASH +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) + +PSA attributes for pk: ECDSA public VERIFY_HASH +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) + +PSA attributes for pk: ECKEY public SIGN_MESSAGE (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECDSA public SIGN_MESSAGE (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY public SIGN_HASH (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECDSA public SIGN_HASH (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY_DH pair SIGN_MESSAGE (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY_DH pair SIGN_HASH (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY_DH pair VERIFY_MESSAGE (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_VERIFY_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY_DH pair VERIFY_HASH (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_VERIFY_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY_DH public SIGN_MESSAGE (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY_DH public SIGN_HASH (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY_DH public VERIFY_MESSAGE (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_VERIFY_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: ECKEY_DH public VERIFY_HASH (bad) +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_VERIFY_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index d6902b4d0..90c5044d2 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -187,7 +187,7 @@ static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair, } else { unsigned char N[PSA_BITS_TO_BYTES(MBEDTLS_RSA_GEN_KEY_MIN_BITS)] = { 0xff }; N[sizeof(N) - 1] = 0x03; - const unsigned char E[1] = {0x03}; + const unsigned char E[1] = { 0x03 }; TEST_EQUAL(mbedtls_rsa_import_raw(rsa, N, sizeof(N), NULL, 0, NULL, 0, NULL, 0, @@ -198,6 +198,23 @@ static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair, } #endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) + case MBEDTLS_PK_ECKEY: + case MBEDTLS_PK_ECKEY_DH: + case MBEDTLS_PK_ECDSA: + { + mbedtls_ecp_group_id grp_id = mbedtls_ecp_grp_id_list()[0]; + size_t bits; + *psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR(mbedtls_ecc_group_to_psa(grp_id, &bits)); + TEST_EQUAL(pk_genkey(pk, grp_id), 0); + if (!want_pair) { + mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk); + mbedtls_mpi_free(&ec->d); + } + break; + } +#endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ + default: TEST_FAIL("Unknown PK type in test data"); break; @@ -1674,6 +1691,17 @@ void pk_get_psa_attributes(int pk_type, int from_pair, } expected_usage |= PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY; +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) + /* When the resulting algorithm is ECDSA, the compile-time configuration + * can cause it to be either deterministic or randomized ECDSA. + * Rather than have two near-identical sets of test data depending on + * the configuration, always use randomized in the test data and + * tweak the expected result here. */ + if (expected_alg == PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)) { + expected_alg = PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH); + } +#endif + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&pk, usage, &attributes), 0); TEST_EQUAL(psa_get_key_lifetime(&attributes), lifetime); From 94e3a873ce061b51f54746629ad9ce529fa5222e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 18 Jan 2024 19:23:39 +0100 Subject: [PATCH 1475/1674] mbedtls_pk_get_psa_attributes: test bad usage value Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.data | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index f0903e33c..ee348a34b 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -686,6 +686,36 @@ pk_get_psa_attributes_fail:MBEDTLS_PK_NONE:0:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ # There is a (negative) test for pk_type=MBEDTLS_PK_RSA_ALT in pk_rsa_alt(). +# Bad usage due to not specifying sign/crypt/derive. +PSA attributes for pk: RSA usage=0 (bad) +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:0:MBEDTLS_ERR_PK_TYPE_MISMATCH + +# Bad usage due to not specifying sign/crypt/derive. +PSA attributes for pk: RSA usage=EXPORT (bad) +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_EXPORT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +# This usage could make sense, but is not currently supported. +PSA attributes for pk: RSA usage=DECRYPT|EXPORT (bad) +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:MBEDTLS_ERR_PK_TYPE_MISMATCH + +# Bad usage due to not specifying more than one of sign/crypt/derive. +PSA attributes for pk: RSA usage=DECRYPT|SIGN_MESSAGE (bad) +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH + +# This usage could make sense, but is not currently supported. +PSA attributes for pk: RSA usage=SIGN_MESSAGE|SIGN_HASH (bad) +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH + +# This usage could make sense, but is not currently supported. +PSA attributes for pk: RSA usage=SIGN_MESSAGE|VERIFY_MESSAGE (bad) +depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH + PSA attributes for pk: RSA v15 pair DECRYPT depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 pk_get_psa_attributes:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_DECRYPT:1:PSA_ALG_RSA_PKCS1V15_CRYPT From 758d8c7631ce0d9a737a586add0e6c26f0872e5c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 22 Jan 2024 20:53:21 +0100 Subject: [PATCH 1476/1674] mbedtls_pk_get_psa_attributes: support MBEDTLS_PK_OPAQUE Signed-off-by: Gilles Peskine --- library/pk.c | 52 +++++++++++++ tests/suites/test_suite_pk.data | 114 ++++++++++++++++++++++++++++ tests/suites/test_suite_pk.function | 54 +++++++++++++ 3 files changed, 220 insertions(+) diff --git a/library/pk.c b/library/pk.c index 432fbcff6..783b48866 100644 --- a/library/pk.c +++ b/library/pk.c @@ -514,6 +514,58 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + case MBEDTLS_PK_OPAQUE: + { + psa_key_attributes_t old_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + status = psa_get_key_attributes(pk->priv_id, &old_attributes); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + psa_key_type_t old_type = psa_get_key_type(&old_attributes); + switch (usage) { + case PSA_KEY_USAGE_SIGN_MESSAGE: + case PSA_KEY_USAGE_SIGN_HASH: + case PSA_KEY_USAGE_VERIFY_MESSAGE: + case PSA_KEY_USAGE_VERIFY_HASH: + if (!(PSA_KEY_TYPE_IS_ECC_KEY_PAIR(old_type) || + old_type == PSA_KEY_TYPE_RSA_KEY_PAIR)) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } + break; + case PSA_KEY_USAGE_DECRYPT: + case PSA_KEY_USAGE_ENCRYPT: + if (old_type != PSA_KEY_TYPE_RSA_KEY_PAIR) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } + break; + case PSA_KEY_USAGE_DERIVE: + if (!(PSA_KEY_TYPE_IS_ECC_KEY_PAIR(old_type))) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } + break; + break; + default: + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } + psa_key_type_t new_type = old_type; + /* Opaque keys are always key pairs, so we don't need a check + * on the input if the required usage is private. We just need + * to adjust the type correctly if the required usage is public. */ + if (usage == PSA_KEY_USAGE_VERIFY_MESSAGE || + usage == PSA_KEY_USAGE_VERIFY_HASH || + usage == PSA_KEY_USAGE_ENCRYPT) { + new_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(new_type); + } + more_usage = psa_get_key_usage_flags(&old_attributes); + psa_set_key_type(attributes, new_type); + psa_set_key_bits(attributes, psa_get_key_bits(&old_attributes)); + psa_set_key_algorithm(attributes, psa_get_key_algorithm(&old_attributes)); + break; + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + default: return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index ee348a34b..55350b67b 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -987,3 +987,117 @@ pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_VERIFY_MESSAGE:MB PSA attributes for pk: ECKEY_DH public VERIFY_HASH (bad) depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_VERIFY_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH + +PSA attributes for pk: opaque RSA pair, 0 & SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:0 + +PSA attributes for pk: opaque RSA pair, SIGN_MESSAGE & SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE + +PSA attributes for pk: opaque RSA pair, SIGN|VERIFY & SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE + +PSA attributes for pk: opaque RSA pair, SIGN|DECRYPT & SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_DECRYPT + +PSA attributes for pk: opaque RSA pair, SIGN|... & SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT + +# For a PK_OPAQUE key, mbedtls_pk_get_psa_attributes() ignores the input +# key's algorithm policy. Just this time, test with a few different algorithms. +PSA attributes for pk: opaque RSA pair, 0 & SIGN_HASH [0] +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:1:0 + +PSA attributes for pk: opaque RSA pair, 0 & SIGN_HASH [raw] +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_HASH:0:1:0 + +PSA attributes for pk: opaque RSA pair, 0 & SIGN_HASH [v15] +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_HASH:0:1:0 + +PSA attributes for pk: opaque RSA pair, 0 & SIGN_HASH [PSS] +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:0:1:0 + +PSA attributes for pk: opaque RSA pair, DECRYPT & DECRYPT +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_DECRYPT:0:1:PSA_KEY_USAGE_DECRYPT + +PSA attributes for pk: opaque RSA pair, DECRYPT|... & DECRYPT +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_DECRYPT:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT + +PSA attributes for pk: opaque RSA pair, ... & DERIVE (bad) +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 + +PSA attributes for pk: opaque RSA pair, ... & EXPORT (bad) +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_EXPORT:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 + +PSA attributes for pk: opaque RSA pair->public, 0 & VERIFY_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY_MESSAGE:0:0:0 + +PSA attributes for pk: opaque RSA pair->public, 0 & VERIFY_HASH +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY_HASH:0:0:0 + +PSA attributes for pk: opaque RSA pair->public, 0 & ENCRYPT +depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_ENCRYPT:0:0:0 + +PSA attributes for pk: opaque ECC pair, 0 & SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:0:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:0 + +PSA attributes for pk: opaque ECC pair, SIGN_MESSAGE & SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE + +PSA attributes for pk: opaque ECC pair, SIGN|VERIFY & SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE + +PSA attributes for pk: opaque ECC pair, SIGN|DECRYPT & SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_DECRYPT:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_DECRYPT + +PSA attributes for pk: opaque ECC pair, SIGN|... & SIGN_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT + +PSA attributes for pk: opaque ECC pair, 0 & SIGN_HASH +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:0:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_HASH:0:1:0 + +PSA attributes for pk: opaque ECC pair, ... & DERIVE +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_USAGE_DERIVE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DERIVE + +PSA attributes for pk: opaque ECC pair, ... & DECRYPT (bad) +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 + +PSA attributes for pk: opaque ECC pair, ... & EXPORT (bad) +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECDH:PSA_KEY_USAGE_EXPORT:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 + +PSA attributes for pk: opaque ECC pair->public, 0 & VERIFY_MESSAGE +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:0:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_VERIFY_MESSAGE:0:0:0 + +PSA attributes for pk: opaque ECC pair->public, 0 & VERIFY_HASH +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:0:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_VERIFY_HASH:0:0:0 + +PSA attributes for pk: opaque ECC pair->public, 0 & ENCRYPT (bad) +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:0:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH:0:0 diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 90c5044d2..930d015dd 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -1808,3 +1808,57 @@ exit: MD_OR_USE_PSA_DONE(); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */ +void pk_get_psa_attributes_opaque(int o_type_arg, int o_bits_arg, + int o_usage_arg, int o_alg_arg, + int usage_arg, + int expected_ret, + int to_pair, int expected_usage_arg) +{ + mbedtls_pk_context pk; + mbedtls_pk_init(&pk); + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t o_type = o_type_arg; + size_t bits = o_bits_arg; + psa_key_usage_t o_usage = o_usage_arg; + psa_algorithm_t alg = o_alg_arg; + psa_key_usage_t usage = usage_arg; + psa_key_usage_t expected_usage = expected_usage_arg; + + USE_PSA_INIT(); + + psa_set_key_type(&attributes, o_type); + psa_set_key_bits(&attributes, bits); + psa_set_key_usage_flags(&attributes, o_usage); + psa_set_key_algorithm(&attributes, alg); + psa_set_key_enrollment_algorithm(&attributes, 42); + //TODO: test with persistent key + PSA_ASSERT(psa_generate_key(&attributes, &key_id)); + TEST_EQUAL(mbedtls_pk_setup_opaque(&pk, key_id), 0); + + psa_key_type_t expected_psa_type = + to_pair ? o_type : PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(o_type); + + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&pk, usage, &attributes), + expected_ret); + + if (expected_ret == 0) { + TEST_EQUAL(psa_get_key_lifetime(&attributes), PSA_KEY_LIFETIME_VOLATILE); + TEST_ASSERT(mbedtls_svc_key_id_equal(psa_get_key_id(&attributes), + MBEDTLS_SVC_KEY_ID_INIT)); + TEST_EQUAL(psa_get_key_type(&attributes), expected_psa_type); + TEST_EQUAL(psa_get_key_bits(&attributes), bits); + TEST_EQUAL(psa_get_key_usage_flags(&attributes), expected_usage); + TEST_EQUAL(psa_get_key_algorithm(&attributes), alg); + TEST_EQUAL(psa_get_key_enrollment_algorithm(&attributes), PSA_ALG_NONE); + } + +exit: + mbedtls_pk_free(&pk); + psa_destroy_key(key_id); + psa_reset_key_attributes(&attributes); + USE_PSA_DONE(); +} +/* END_CASE */ From 7354f1e17870e528361f274aa4634441719e4b70 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jan 2024 11:06:02 +0100 Subject: [PATCH 1477/1674] Allow building with MBEDTLS_PK_USE_PSA_EC_DATA && MBEDTLS_ECP_C This isn't officially supported, but it's convenient to build the library this way for quick testing. Signed-off-by: Gilles Peskine --- library/ssl_tls12_client.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 0c5af87f4..b4b5781a1 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -2005,9 +2005,9 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } -#if defined(MBEDTLS_ECP_C) +#if !defined(MBEDTLS_PK_USE_PSA_EC_DATA) const mbedtls_ecp_keypair *peer_key = mbedtls_pk_ec_ro(*peer_pk); -#endif /* MBEDTLS_ECP_C */ +#endif /* !defined(MBEDTLS_PK_USE_PSA_EC_DATA) */ #if defined(MBEDTLS_USE_PSA_CRYPTO) uint16_t tls_id = 0; From f3dbc98d967289f9de9b5f89c2e187e6d6468a35 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jan 2024 11:05:34 +0100 Subject: [PATCH 1478/1674] mbedtls_pk_get_psa_attributes: support MBEDTLS_PK_USE_PSA_EC_DATA Signed-off-by: Gilles Peskine --- library/pk.c | 13 +++++++++++ tests/suites/test_suite_pk.function | 36 ++++++++++++++++++++--------- 2 files changed, 38 insertions(+), 11 deletions(-) diff --git a/library/pk.c b/library/pk.c index 783b48866..c34da9974 100644 --- a/library/pk.c +++ b/library/pk.c @@ -464,11 +464,24 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, { int sign_ok = (pk_type != MBEDTLS_PK_ECKEY_DH); int derive_ok = (pk_type != MBEDTLS_PK_ECDSA); +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + psa_key_attributes_t old_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + status = psa_get_key_attributes(pk->priv_id, &old_attributes); + if (status != PSA_SUCCESS) { + return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + } + psa_key_type_t old_type = psa_get_key_type(&old_attributes); + int has_private = PSA_KEY_TYPE_IS_KEY_PAIR(old_type); + size_t bits = psa_get_key_bits(&old_attributes); + psa_ecc_family_t family = PSA_KEY_TYPE_ECC_GET_FAMILY(old_type); +#else mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk); int has_private = (ec->d.n != 0); size_t bits = 0; psa_ecc_family_t family = mbedtls_ecc_group_to_psa(ec->grp.id, &bits); +#endif int want_private = 0; psa_algorithm_t alg = 0; switch (usage) { diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 930d015dd..e522ea747 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -111,7 +111,14 @@ static int pk_genkey(mbedtls_pk_context *pk, int curve_or_keybits) mbedtls_pk_get_type(pk) == MBEDTLS_PK_ECDSA) { int ret; -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + ret = pk_genkey_ec(pk, curve_or_keybits); + if (ret != 0) { + return ret; + } + + return 0; +#else ret = mbedtls_ecp_group_load(&mbedtls_pk_ec_rw(*pk)->grp, curve_or_keybits); if (ret != 0) { return ret; @@ -120,16 +127,7 @@ static int pk_genkey(mbedtls_pk_context *pk, int curve_or_keybits) &mbedtls_pk_ec_rw(*pk)->d, &mbedtls_pk_ec_rw(*pk)->Q, mbedtls_test_rnd_std_rand, NULL); -#endif /* MBEDTLS_ECP_C */ - -#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - ret = pk_genkey_ec(pk, curve_or_keybits); - if (ret != 0) { - return ret; - } - - return 0; -#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ +#endif /* MBEDTLS_ECP_C && !MBEDTLS_PK_USE_PSA_EC_DATA */ } #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ @@ -208,8 +206,24 @@ static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair, *psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR(mbedtls_ecc_group_to_psa(grp_id, &bits)); TEST_EQUAL(pk_genkey(pk, grp_id), 0); if (!want_pair) { +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + psa_key_attributes_t pub_attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_set_key_type(&pub_attributes, + PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(*psa_type)); + psa_set_key_usage_flags(&pub_attributes, + PSA_KEY_USAGE_EXPORT | + PSA_KEY_USAGE_COPY | + PSA_KEY_USAGE_VERIFY_MESSAGE | + PSA_KEY_USAGE_VERIFY_HASH); + psa_set_key_algorithm(&pub_attributes, PSA_ALG_ECDSA_ANY); + PSA_ASSERT(psa_destroy_key(pk->priv_id)); + PSA_ASSERT(psa_import_key(&pub_attributes, + pk->pub_raw, pk->pub_raw_len, + &pk->priv_id)); +#else mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk); mbedtls_mpi_free(&ec->d); +#endif } break; } From c09df2f24c85623a426501f0fa6ef659cb57fbd4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jan 2024 17:03:31 +0100 Subject: [PATCH 1479/1674] Unify want_private detection This commit makes the code arguably slightly simpler and fixes the build with clang -Wimplicit-fallthrough. No intended semantic change. Signed-off-by: Gilles Peskine --- library/pk.c | 23 ++++++++--------------- 1 file changed, 8 insertions(+), 15 deletions(-) diff --git a/library/pk.c b/library/pk.c index c34da9974..60891a07e 100644 --- a/library/pk.c +++ b/library/pk.c @@ -416,24 +416,23 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, } more_usage |= PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY; + int want_private = !(usage == PSA_KEY_USAGE_VERIFY_MESSAGE || + usage == PSA_KEY_USAGE_VERIFY_HASH || + usage == PSA_KEY_USAGE_ENCRYPT); + switch (pk_type) { #if defined(MBEDTLS_RSA_C) case MBEDTLS_PK_RSA: { - int want_crypt = 0; - int want_private = 0; + int want_crypt = 0; /* 0: encrypt/decrypt; 1: sign/verify */ switch (usage) { case PSA_KEY_USAGE_SIGN_MESSAGE: case PSA_KEY_USAGE_SIGN_HASH: - want_private = 1; - break; - case PSA_KEY_USAGE_DECRYPT: - want_private = 1; - want_crypt = 1; - break; case PSA_KEY_USAGE_VERIFY_MESSAGE: case PSA_KEY_USAGE_VERIFY_HASH: + /* Nothing to do. */ break; + case PSA_KEY_USAGE_DECRYPT: case PSA_KEY_USAGE_ENCRYPT: want_crypt = 1; break; @@ -482,13 +481,10 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, psa_ecc_family_t family = mbedtls_ecc_group_to_psa(ec->grp.id, &bits); #endif - int want_private = 0; psa_algorithm_t alg = 0; switch (usage) { case PSA_KEY_USAGE_SIGN_MESSAGE: case PSA_KEY_USAGE_SIGN_HASH: - want_private = 1; - /* FALLTHROUGH */ case PSA_KEY_USAGE_VERIFY_MESSAGE: case PSA_KEY_USAGE_VERIFY_HASH: if (!sign_ok) { @@ -501,7 +497,6 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, #endif break; case PSA_KEY_USAGE_DERIVE: - want_private = 1; alg = PSA_ALG_ECDH; if (!derive_ok) { return MBEDTLS_ERR_PK_TYPE_MISMATCH; @@ -566,9 +561,7 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, /* Opaque keys are always key pairs, so we don't need a check * on the input if the required usage is private. We just need * to adjust the type correctly if the required usage is public. */ - if (usage == PSA_KEY_USAGE_VERIFY_MESSAGE || - usage == PSA_KEY_USAGE_VERIFY_HASH || - usage == PSA_KEY_USAGE_ENCRYPT) { + if (!want_private) { new_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(new_type); } more_usage = psa_get_key_usage_flags(&old_attributes); From 51860149f4c3b1bf2d7f9be0b4de9304f41d0a61 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jan 2024 17:45:33 +0100 Subject: [PATCH 1480/1674] Allow context types with an ALT version to be linked in Doxygen In our tests, we run `tests/scripts/doxygen.sh`, which checks that `doxygen` runs without warnings after `scripts/config.py realfull`. In this configuration, alternative implementations such as `MBEDTLS_RSA_ALT` are enabled, which allows the documentation to contain references to the `MBEDTLS_xxx_ALT` symbol itself. However, this disables context types that alternative implementations must define in their header, such as `mbedtls_rsa_context`. See https://github.com/Mbed-TLS/mbedtls/issues/4518 As a partial fix, allow `tests/scripts/doxygen.sh` to see dummy definitions of the context type. This way, we can use both `#MBEDTLS_RSA_ALT` and `#mbedtls_rsa_context` cross-references in our documentation. This is not ideal, because `doxygen.sh` isn't testing for errors in the documentation of the affected context types, but it's cheap progress. Signed-off-by: Gilles Peskine --- doxygen/mbedtls.doxyfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 89048f221..b64c89202 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -6,7 +6,7 @@ EXTRACT_ALL = YES EXTRACT_PRIVATE = YES EXTRACT_STATIC = YES CASE_SENSE_NAMES = NO -INPUT = ../include input +INPUT = ../include input ../tests/include/alt-dummy FILE_PATTERNS = *.h RECURSIVE = YES EXCLUDE_SYMLINKS = YES From 55effd9456aef0648ceacc0812164a98d4d5ce29 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jan 2024 18:07:36 +0100 Subject: [PATCH 1481/1674] Fix the build with MBEDTLS_RSA_ALT Signed-off-by: Gilles Peskine --- library/pk.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pk.c b/library/pk.c index 60891a07e..191132553 100644 --- a/library/pk.c +++ b/library/pk.c @@ -449,7 +449,7 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, psa_set_key_type(attributes, (want_private ? PSA_KEY_TYPE_RSA_KEY_PAIR : PSA_KEY_TYPE_RSA_PUBLIC_KEY)); - psa_set_key_bits(attributes, mbedtls_mpi_bitlen(&rsa->N)); + psa_set_key_bits(attributes, mbedtls_pk_get_bitlen(pk)); psa_set_key_algorithm(attributes, psa_algorithm_for_rsa(rsa, want_crypt)); break; From cb05ce30e990f7e60c47b18af95cf21c8213a614 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Tue, 23 Jan 2024 19:25:10 +0000 Subject: [PATCH 1482/1674] Minor fixes to locking macros Signed-off-by: Ryan Everett --- library/psa_crypto_core.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 8b5ac26c6..0e9f83fae 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -144,7 +144,7 @@ typedef enum { return status; \ } \ } \ - if (op == PSA_MUTEX_UNLOCK) { \ + else if (op == PSA_MUTEX_UNLOCK) { \ if (mbedtls_mutex_unlock( \ &mbedtls_threading_key_slot_mutex) != 0) { \ if (status == PSA_SUCCESS) { \ @@ -163,7 +163,7 @@ typedef enum { * Call with parameter PSA_MUTEX_LOCK to perform a lock operation. * Call with parameter PSA_MUTEX_UNLOCK to perform an unlock operation. * This will goto the exit label if the operation fails, - * setting status to PSA_SERVICE_FAILURE if status was PSA_SUCCESS. + * setting status to PSA_ERROR_SERVICE_FAILURE if status was PSA_SUCCESS. * If threading is not enabled, do nothing. * * Assumptions: @@ -184,7 +184,7 @@ typedef enum { goto exit; \ } \ } \ - if (op == PSA_MUTEX_UNLOCK) { \ + else if (op == PSA_MUTEX_UNLOCK) { \ if (mbedtls_mutex_unlock( \ &mbedtls_threading_key_slot_mutex) != 0) { \ if (status == PSA_SUCCESS) { \ From 00f3085163a22318b3122c640cbf2b9bc2a2f5a1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jan 2024 20:25:34 +0100 Subject: [PATCH 1483/1674] Missing dependency for MBEDTLS_PK_ECDSA Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.data | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 55350b67b..8951e7217 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -829,7 +829,7 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECDSA pair DECRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY public DECRYPT (bad) @@ -841,7 +841,7 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECDSA public DECRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY pair ENCRYPT (bad) @@ -853,7 +853,7 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECDSA pair ENCRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY public ENCRYPT (bad) @@ -865,7 +865,7 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECDSA public ENCRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY pair DERIVE @@ -877,7 +877,7 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_DERIVE:1:PSA_ALG_ECDH PSA attributes for pk: ECDSA pair DERIVE (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY public DERIVE (bad) @@ -889,7 +889,7 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECDSA public DERIVE (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY pair SIGN_MESSAGE @@ -897,7 +897,7 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_SIGN_MESSAGE:1:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECDSA pair SIGN_MESSAGE -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_SIGN_MESSAGE:1:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECKEY pair SIGN_HASH @@ -905,7 +905,7 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_SIGN_HASH:1:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECDSA pair SIGN_HASH -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_SIGN_HASH:1:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECKEY pair->public VERIFY_MESSAGE @@ -913,7 +913,7 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECDSA pair->public VERIFY_MESSAGE -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECKEY pair->public VERIFY_HASH @@ -921,7 +921,7 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECDSA pair->public VERIFY_HASH -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECKEY public VERIFY_MESSAGE @@ -929,7 +929,7 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECDSA public VERIFY_MESSAGE -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECKEY public VERIFY_HASH @@ -937,7 +937,7 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECDSA public VERIFY_HASH -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECKEY public SIGN_MESSAGE (bad) @@ -945,7 +945,7 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECDSA public SIGN_MESSAGE (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY public SIGN_HASH (bad) @@ -953,7 +953,7 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECDSA public SIGN_HASH (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY_DH pair SIGN_MESSAGE (bad) From 64996c3be901c62636cfa2d88e92f2c31118bef5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 23 Jan 2024 20:25:47 +0100 Subject: [PATCH 1484/1674] Disable MBEDTLS_PSA_CRYPTO_CLIENT in no-PSA builds When building without PSA crypto functions, disable MBEDTLS_PSA_CRYPTO_CLIENT as well as MBEDTLS_PSA_CRYPTO_C. With just MBEDTLS_PSA_CRYPTO_CLIENT, PSA crypto API functions are supposed to exist at link time but be provided by a third party. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 44930d28b..13338d4cd 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1552,6 +1552,7 @@ component_test_full_no_cipher_no_psa_crypto () { scripts/config.py unset MBEDTLS_CMAC_C scripts/config.py unset MBEDTLS_NIST_KW_C scripts/config.py unset MBEDTLS_PSA_CRYPTO_C + scripts/config.py unset MBEDTLS_PSA_CRYPTO_CLIENT scripts/config.py unset MBEDTLS_SSL_TLS_C scripts/config.py unset MBEDTLS_SSL_TICKET_C # Disable features that depend on PSA_CRYPTO_C @@ -2430,11 +2431,12 @@ component_build_dhm_alt () { make CFLAGS='-Werror -Wall -Wextra -I../tests/include/alt-dummy' lib } -component_test_no_use_psa_crypto_full_cmake_asan() { - # full minus MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh - msg "build: cmake, full config minus MBEDTLS_USE_PSA_CRYPTO, ASan" +component_test_no_psa_crypto_full_cmake_asan() { + # full minus MBEDTLS_PSA_CRYPTO_C: run the same set of tests as basic-build-test.sh + msg "build: cmake, full config minus PSA crypto, ASan" scripts/config.py full scripts/config.py unset MBEDTLS_PSA_CRYPTO_C + scripts/config.py unset MBEDTLS_PSA_CRYPTO_CLIENT scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 scripts/config.py unset MBEDTLS_PSA_ITS_FILE_C @@ -2445,7 +2447,7 @@ component_test_no_use_psa_crypto_full_cmake_asan() { CC=$ASAN_CC cmake -D CMAKE_BUILD_TYPE:String=Asan . make - msg "test: main suites (full minus MBEDTLS_USE_PSA_CRYPTO)" + msg "test: main suites (full minus PSA crypto)" make test # Note: ssl-opt.sh has some test cases that depend on From daca7a3979c22da155ec9dce49ab1abf3b65d3a9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 24 Jan 2024 09:49:11 +0000 Subject: [PATCH 1485/1674] Update BRANCHES.md Signed-off-by: Dave Rodgman --- BRANCHES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/BRANCHES.md b/BRANCHES.md index c085b1616..b71247f3e 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -106,6 +106,6 @@ The following branches are currently maintained: - [`development`](https://github.com/Mbed-TLS/mbedtls/) - [`mbedtls-2.28`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-2.28) maintained until at least the end of 2024, see - . + . Users are urged to always use the latest version of a maintained branch. From dccfd3612dece912f4e0d7c59add685642154fae Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 23 Jan 2024 17:07:59 +0100 Subject: [PATCH 1486/1674] rsa: update return values of priv/pub parse/write functions The goal is to remove usage of PK return values in order to completely eliminate that dependency. This commit also updates pkparse and test_suite_x509parse to align with this change in return values. Signed-off-by: Valerio Setti --- library/pkparse.c | 3 +- library/rsa.c | 36 ++++++++-------------- tests/suites/test_suite_x509parse.data | 10 +++--- tests/suites/test_suite_x509parse.function | 1 + 4 files changed, 20 insertions(+), 30 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 2708c8c75..17df101f0 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -1556,8 +1556,7 @@ int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, return ret; } mbedtls_pk_free(ctx); - if (ret != (MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_UNEXPECTED_TAG))) { + if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { return ret; } #endif /* MBEDTLS_RSA_C */ diff --git a/library/rsa.c b/library/rsa.c index a18c4b1b0..4ff7afacf 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -682,7 +682,7 @@ static int asn1_get_nonzero_mpi(unsigned char **p, } if (mbedtls_mpi_cmp_int(X, 0) == 0) { - return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } return 0; @@ -721,17 +721,17 @@ int mbedtls_rsa_key_parse(mbedtls_rsa_context *rsa, const unsigned char *key, si */ if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + return ret; } end = p + len; if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); + return ret; } if (version != 0) { - return MBEDTLS_ERR_PK_KEY_INVALID_VERSION; + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } /* Import N */ @@ -823,8 +823,7 @@ int mbedtls_rsa_key_parse(mbedtls_rsa_context *rsa, const unsigned char *key, si } if (p != end) { - ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + ret = MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; } cleanup: @@ -832,13 +831,6 @@ cleanup: mbedtls_mpi_free(&T); if (ret != 0) { - /* Wrap error code if it's coming from a lower level */ - if ((ret & 0xff80) == 0) { - ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret); - } else { - ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT; - } - mbedtls_rsa_free(rsa); } @@ -859,46 +851,44 @@ int mbedtls_rsa_pubkey_parse(mbedtls_rsa_context *rsa, unsigned char **p, if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + return ret; } if (*p + len != end) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; } /* Import N */ if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + return ret; } if ((ret = mbedtls_rsa_import_raw(rsa, *p, len, NULL, 0, NULL, 0, NULL, 0, NULL, 0)) != 0) { - return MBEDTLS_ERR_PK_INVALID_PUBKEY; + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } *p += len; /* Import E */ if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + return ret; } if ((ret = mbedtls_rsa_import_raw(rsa, NULL, 0, NULL, 0, NULL, 0, NULL, 0, *p, len)) != 0) { - return MBEDTLS_ERR_PK_INVALID_PUBKEY; + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } *p += len; if (mbedtls_rsa_complete(rsa) != 0 || mbedtls_rsa_check_pubkey(rsa) != 0) { - return MBEDTLS_ERR_PK_INVALID_PUBKEY; + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } if (*p != end) { - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, - MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; } return 0; diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 261c220ee..6e201259c 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -1774,15 +1774,15 @@ x509parse_crt:"307d3068a0030201008204deadbeef300d06092a864886f70d01010b0500300c3 X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv internal bitstring length) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 -x509parse_crt:"308180306ba0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH +x509parse_crt:"308180306ba0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv internal bitstring tag) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 -x509parse_crt:"308180306ba0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400310000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +x509parse_crt:"308180306ba0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400310000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv RSA modulus) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 -x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0302ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0302ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv SubPubKeyInfo, total length mismatch) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 @@ -1790,11 +1790,11 @@ x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300 X509 CRT ASN1 (TBS, inv SubPubKeyInfo, check failed) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 -x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY +x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_RSA_BAD_INPUT_DATA X509 CRT ASN1 (TBS, inv SubPubKeyInfo, check failed, expanded length notation) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 -x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210fffffffffffffffffffffffffffffffe0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY +x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210fffffffffffffffffffffffffffffffe0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_RSA_BAD_INPUT_DATA # We expect an extension parsing error here because the IssuerID is optional. # Hence, if we find an ASN.1 tag doesn't match the IssuerID, we assume the diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index c2a2f556d..a54c165e1 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -9,6 +9,7 @@ #include "mbedtls/base64.h" #include "mbedtls/error.h" #include "mbedtls/pk.h" +#include "mbedtls/rsa.h" #include "string.h" #if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19 From 2ddabb34d60a4e5b674db573fb68228bd81ec913 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 23 Jan 2024 17:11:44 +0100 Subject: [PATCH 1487/1674] config_adjust_legacy: do not auto-enable PK when RSA is enabled in PSA Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_crypto.h | 9 --------- include/mbedtls/config_adjust_legacy_from_psa.h | 3 --- 2 files changed, 12 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 696266c6f..818a8c644 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -324,15 +324,6 @@ #define MBEDTLS_PSA_CRYPTO_CLIENT #endif /* MBEDTLS_PSA_CRYPTO_C */ -/* The PK wrappers need pk_write/pk_parse functions to format RSA key objects - * when they are dispatching to the PSA API. This happens under MBEDTLS_USE_PSA_CRYPTO, - * and even under just MBEDTLS_PSA_CRYPTO_C in psa_crypto_rsa.c. */ -#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_RSA_C) -#define MBEDTLS_PK_C -#define MBEDTLS_PK_WRITE_C -#define MBEDTLS_PK_PARSE_C -#endif - /* Helpers to state that each key is supported either on the builtin or PSA side. */ #if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || defined(PSA_WANT_ECC_SECP_R1_521) #define MBEDTLS_ECP_HAVE_SECP521R1 diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index 691fed6e5..e3980e95c 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -671,9 +671,6 @@ #define MBEDTLS_RSA_C #define MBEDTLS_BIGNUM_C #define MBEDTLS_OID_C -#define MBEDTLS_PK_PARSE_C -#define MBEDTLS_PK_WRITE_C -#define MBEDTLS_PK_C #define MBEDTLS_ASN1_PARSE_C #define MBEDTLS_ASN1_WRITE_C #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */ From c6d7f53adca48df0ca4e3894d09c89874cf30dc9 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 23 Jan 2024 17:12:35 +0100 Subject: [PATCH 1488/1674] all.sh: update common_test_psa_crypto_config_accel_ecc_some_curves() Do not disable RSA_C and related modules because now it does not automatically re-enable PK module. Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 6 ------ 1 file changed, 6 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 44930d28b..f0a0058c9 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2752,12 +2752,6 @@ common_test_psa_crypto_config_accel_ecc_some_curves () { scripts/config.py unset MBEDTLS_PK_C scripts/config.py unset MBEDTLS_PK_PARSE_C scripts/config.py unset MBEDTLS_PK_WRITE_C - # We need to disable RSA too or PK will be re-enabled. - scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_RSA_[0-9A-Z_a-z]*" - scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_ALG_RSA_[0-9A-Z_a-z]*" - scripts/config.py unset MBEDTLS_RSA_C - scripts/config.py unset MBEDTLS_PKCS1_V15 - scripts/config.py unset MBEDTLS_PKCS1_V21 # Disable modules that are accelerated - some will be re-enabled scripts/config.py unset MBEDTLS_ECDSA_C From 18dd00052e37f315f865e04861521c89e2b502bb Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 23 Jan 2024 17:59:10 +0100 Subject: [PATCH 1489/1674] pk_wrap: use RSA module functions to write priv/pub key in RSA wrappers Signed-off-by: Valerio Setti --- library/pk_wrap.c | 36 +++++++++++------------------------- 1 file changed, 11 insertions(+), 25 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index c23265022..ff8eeb14c 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -32,6 +32,7 @@ #if defined(MBEDTLS_RSA_C) #include "pkwrite.h" +#include "rsa_internal.h" #endif #if defined(MBEDTLS_PK_CAN_ECDSA_SOME) @@ -69,9 +70,9 @@ static int rsa_verify_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; - mbedtls_pk_context key; int key_len; unsigned char buf[MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES]; + unsigned char *p = buf + sizeof(buf); psa_algorithm_t psa_alg_md = PSA_ALG_RSA_PKCS1V15_SIGN(mbedtls_md_psa_alg_from_type(md_alg)); size_t rsa_len = mbedtls_rsa_get_len(rsa); @@ -86,11 +87,7 @@ static int rsa_verify_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, return MBEDTLS_ERR_RSA_VERIFY_FAILED; } - /* mbedtls_pk_write_pubkey_der() expects a full PK context; - * re-construct one to make it happy */ - key.pk_info = &mbedtls_rsa_info; - key.pk_ctx = rsa; - key_len = mbedtls_pk_write_pubkey_der(&key, buf, sizeof(buf)); + key_len = mbedtls_rsa_pubkey_write(rsa, buf, &p); if (key_len <= 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } @@ -172,14 +169,15 @@ int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t alg, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; - mbedtls_pk_context key; int key_len; unsigned char *buf = NULL; + unsigned char *p; + buf = mbedtls_calloc(1, MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES); if (buf == NULL) { return MBEDTLS_ERR_PK_ALLOC_FAILED; } - mbedtls_pk_info_t pk_info = mbedtls_rsa_info; + p = buf + MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES; *sig_len = mbedtls_rsa_get_len(rsa_ctx); if (sig_size < *sig_len) { @@ -187,11 +185,7 @@ int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t alg, return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; } - /* mbedtls_pk_write_key_der() expects a full PK context; - * re-construct one to make it happy */ - key.pk_info = &pk_info; - key.pk_ctx = rsa_ctx; - key_len = mbedtls_pk_write_key_der(&key, buf, MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES); + key_len = mbedtls_rsa_key_write(rsa_ctx, buf, &p); if (key_len <= 0) { mbedtls_free(buf); return MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -282,9 +276,9 @@ static int rsa_decrypt_wrap(mbedtls_pk_context *pk, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; - mbedtls_pk_context key; int key_len; unsigned char buf[MBEDTLS_PK_RSA_PRV_DER_MAX_BYTES]; + unsigned char *p = buf + sizeof(buf); ((void) f_rng); ((void) p_rng); @@ -299,11 +293,7 @@ static int rsa_decrypt_wrap(mbedtls_pk_context *pk, return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - /* mbedtls_pk_write_key_der() expects a full PK context; - * re-construct one to make it happy */ - key.pk_info = &mbedtls_rsa_info; - key.pk_ctx = rsa; - key_len = mbedtls_pk_write_key_der(&key, buf, sizeof(buf)); + key_len = mbedtls_rsa_key_write(rsa, buf, &p); if (key_len <= 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } @@ -368,9 +358,9 @@ static int rsa_encrypt_wrap(mbedtls_pk_context *pk, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; psa_status_t status; - mbedtls_pk_context key; int key_len; unsigned char buf[MBEDTLS_PK_RSA_PUB_DER_MAX_BYTES]; + unsigned char *p = buf + sizeof(buf); ((void) f_rng); ((void) p_rng); @@ -385,11 +375,7 @@ static int rsa_encrypt_wrap(mbedtls_pk_context *pk, return MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE; } - /* mbedtls_pk_write_pubkey_der() expects a full PK context; - * re-construct one to make it happy */ - key.pk_info = &mbedtls_rsa_info; - key.pk_ctx = rsa; - key_len = mbedtls_pk_write_pubkey_der(&key, buf, sizeof(buf)); + key_len = mbedtls_rsa_pubkey_write(rsa, buf, &p); if (key_len <= 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } From a5f36fcaae40c0b2b3723781cbde77095b485284 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 24 Jan 2024 10:49:02 +0100 Subject: [PATCH 1490/1674] rsa: write documentation of new functions for parse/writing RSA priv/pub keys Signed-off-by: Valerio Setti --- library/rsa.c | 16 ++++----- library/rsa_internal.h | 73 ++++++++++++++++++++++++++++++------------ 2 files changed, 60 insertions(+), 29 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index 4ff7afacf..e0c38c3bc 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -688,9 +688,6 @@ static int asn1_get_nonzero_mpi(unsigned char **p, return 0; } -/* - * Parse a PKCS#1 encoded private RSA key - */ int mbedtls_rsa_key_parse(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen) { int ret, version; @@ -837,18 +834,19 @@ cleanup: return ret; } -/* - * RSAPublicKey ::= SEQUENCE { - * modulus INTEGER, -- n - * publicExponent INTEGER -- e - * } - */ int mbedtls_rsa_pubkey_parse(mbedtls_rsa_context *rsa, unsigned char **p, const unsigned char *end) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; + /* + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER -- e + * } + */ + if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { return ret; diff --git a/library/rsa_internal.h b/library/rsa_internal.h index dee787f33..62972c634 100644 --- a/library/rsa_internal.h +++ b/library/rsa_internal.h @@ -17,44 +17,77 @@ #include "mbedtls/rsa.h" /** - * \brief + * \brief Parse a PKCS#1 (ASN.1) encoded private RSA key. * - * \param rsa - * \param key - * \param keylen - * \return int + * \param rsa The RSA context where parsed data will be stored. + * \param key The buffer that contains the key. + * \param keylen The length of the key buffer in bytes. + * + * \return 0 in success + * \return MBEDTLS_ERR_ASN1_xxx in case of ASN.1 parsing errors. + * \return MBEDTLS_ERR_RSA_BAD_INPUT_DATA in case of invalid version. */ int mbedtls_rsa_key_parse(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen); /** - * \brief + * \brief Parse a PKCS#1 (ASN.1) encoded public RSA key. * - * \param rsa - * \param p - * \param end - * \return int + * \param rsa The RSA context where parsed data will be stored. + * \param p Beginning of the buffer containing the key to be parsed. + * On successful return, the referenced pointer will be + * updated in order to point to the end of the parsed data. + * \param end End of the buffer containing the key to be parsed. + * + * \return 0 on success. + * \return MBEDTLS_ERR_ASN1_xxx in case of ASN.1 parsing errors. + * \return MBEDTLS_ERR_RSA_BAD_INPUT_DATA in case of importing or + * priv/pub validation errors. */ int mbedtls_rsa_pubkey_parse(mbedtls_rsa_context *rsa, unsigned char **p, const unsigned char *end); /** - * \brief + * \brief Write a PKCS#1 (ASN.1) encoded private RSA key. * - * \param p - * \param start - * \param rsa - * \return int + * \param rsa The RSA context which contains the data to be written. + * \param start Beginning of the buffer that will be filled with the + * private key. + * \param p End of the buffer that will be filled with the private key. + * On successful return, the referenced pointer will be + * updated in order to point to the beginning of written data. + * + * \return On success, the number of bytes written to the output buffer + * (i.e. a value > 0). + * \return MBEDTLS_ERR_RSA_BAD_INPUT_DATA is the RSA context does not + * cointain valid. + * \return MBEDTLS_ERR_ASN1_xxx in case of failure while writing to the + * output buffer. + * + * \note The output buffer is filled backward, i.e. starting from its + * end and moving toward its start. */ int mbedtls_rsa_key_write(const mbedtls_rsa_context *rsa, unsigned char *start, unsigned char **p); /** - * \brief + * \brief Parse a PKCS#1 (ASN.1) encoded public RSA key. * - * \param p - * \param start - * \param rsa - * \return int + * \param rsa The RSA context which contains the data to be written. + * \param start Beginning of the buffer that will be filled with the + * private key. + * \param p End of the buffer that will be filled with the private key. + * On successful return, the referenced pointer will be + * updated in order to point to the beginning of written data. + * + * \return On success, the number of bytes written to the output buffer + * (i.e. a value > 0). + * \return MBEDTLS_ERR_RSA_BAD_INPUT_DATA is the RSA context does not + * cointain valid. + * \return MBEDTLS_ERR_ASN1_xxx in case of failure while writing to the + * output buffer. + * + * \note The output buffer is filled backward, i.e. starting from its + * end and moving toward its start. */ int mbedtls_rsa_pubkey_write(const mbedtls_rsa_context *rsa, unsigned char *start, unsigned char **p); From 99ff1f505b706006c75c3d2047e7b19ed5f6ac81 Mon Sep 17 00:00:00 2001 From: Chien Wong Date: Wed, 24 Jan 2024 20:44:01 +0800 Subject: [PATCH 1491/1674] Add test cases on GCM AD, input, IV length Signed-off-by: Chien Wong --- tests/suites/test_suite_gcm.function | 107 ++++++++++++++++++++++++++ tests/suites/test_suite_gcm.misc.data | 12 +++ 2 files changed, 119 insertions(+) diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index 599c9266e..07a6e4593 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -153,6 +153,20 @@ exit: mbedtls_free(output); } +static void gcm_reset_ctx(mbedtls_gcm_context *ctx, const uint8_t *key, + size_t key_bits, const uint8_t *iv, size_t iv_len, + int starts_ret) +{ + int mode = MBEDTLS_GCM_ENCRYPT; + mbedtls_cipher_id_t valid_cipher = MBEDTLS_CIPHER_ID_AES; + + mbedtls_gcm_init(ctx); + TEST_EQUAL(mbedtls_gcm_setkey(ctx, valid_cipher, key, key_bits), 0); + TEST_EQUAL(starts_ret, mbedtls_gcm_starts(ctx, mode, iv, iv_len)); +exit: + /* empty */ +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -478,6 +492,99 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void gcm_invalid_iv_len(void) +{ + mbedtls_gcm_context ctx; + uint8_t b16[16] = { 0 }; + + gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, 0, MBEDTLS_ERR_GCM_BAD_INPUT); + mbedtls_gcm_free(&ctx); + +#if SIZE_MAX >= UINT64_MAX + gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, 1ULL << 61, MBEDTLS_ERR_GCM_BAD_INPUT); + mbedtls_gcm_free(&ctx); +#endif + + goto exit; /* To suppress error that exit is defined but not used */ +exit: + /* empty */ +} +/* END_CASE */ + +/* BEGIN_CASE */ +/* + * Test if GCM rejects total ad_len >= 2^61 bytes. + * Also test if GCM handles potential total ad_len overflow properly. + + * Only testable on platforms where sizeof(size_t) >= 8. + */ +void gcm_add_len_too_long(void) +{ +#if SIZE_MAX >= UINT64_MAX + mbedtls_gcm_context ctx; + uint8_t b16[16] = { 0 }; + + gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, sizeof(b16), 0); + TEST_EQUAL(mbedtls_gcm_update_ad(&ctx, b16, 1ULL << 61), + MBEDTLS_ERR_GCM_BAD_INPUT); + mbedtls_gcm_free(&ctx); + + gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, sizeof(b16), 0); + TEST_EQUAL(mbedtls_gcm_update_ad(&ctx, b16, 1), 0); + TEST_EQUAL(mbedtls_gcm_update_ad(&ctx, b16, (1ULL << 61) - 1), + MBEDTLS_ERR_GCM_BAD_INPUT); + mbedtls_gcm_free(&ctx); + + gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, sizeof(b16), 0); + TEST_EQUAL(mbedtls_gcm_update_ad(&ctx, b16, 1), 0); + TEST_EQUAL(mbedtls_gcm_update_ad(&ctx, b16, UINT64_MAX), MBEDTLS_ERR_GCM_BAD_INPUT); + +exit: + mbedtls_gcm_free(&ctx); +#endif +} +/* END_CASE */ + +/* BEGIN_CASE */ +/* + * Test if GCM rejects total input length > 2^36 - 32 bytes. + * Also test if GCM handles potential total input length overflow properly. + + * Only testable on platforms where sizeof(size_t) >= 8. + */ +void gcm_input_len_too_long(void) +{ +#if SIZE_MAX >= UINT64_MAX + mbedtls_gcm_context ctx; + uint8_t b16[16] = { 0 }; + size_t out_len; + uint64_t len_max = (1ULL << 36) - 32; + + gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, sizeof(b16), 0); + TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, len_max + 1, b16, len_max + 1, + &out_len), + MBEDTLS_ERR_GCM_BAD_INPUT); + mbedtls_gcm_free(&ctx); + + gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, sizeof(b16), 0); + TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, 1, b16, 1, &out_len), 0); + TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, len_max, b16, len_max, &out_len), + MBEDTLS_ERR_GCM_BAD_INPUT); + mbedtls_gcm_free(&ctx); + + gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, sizeof(b16), 0); + TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, 1, b16, 1, &out_len), 0); + TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, UINT64_MAX, b16, UINT64_MAX, + &out_len), + MBEDTLS_ERR_GCM_BAD_INPUT); + +exit: + mbedtls_gcm_free(&ctx); +#endif +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST:MBEDTLS_CCM_GCM_CAN_AES */ void gcm_selftest() { diff --git a/tests/suites/test_suite_gcm.misc.data b/tests/suites/test_suite_gcm.misc.data index f22b7a3b7..57f05caf5 100644 --- a/tests/suites/test_suite_gcm.misc.data +++ b/tests/suites/test_suite_gcm.misc.data @@ -1,2 +1,14 @@ GCM - Invalid parameters gcm_invalid_param: + +GCM - Invalid IV length +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +gcm_invalid_iv_len: + +GCM - Additional data length too long +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +gcm_add_len_too_long: + +GCM - Input length too long +depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +gcm_input_len_too_long: From 3877d4858b666b6596743a8fcfdb7b1c6ea54ec5 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 24 Jan 2024 13:26:26 +0000 Subject: [PATCH 1492/1674] Refactor macros Signed-off-by: Ryan Everett --- library/psa_crypto_core.h | 93 +++++++++++---------------------------- 1 file changed, 26 insertions(+), 67 deletions(-) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 0e9f83fae..dc376d7eb 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -114,88 +114,47 @@ typedef struct { } key; } psa_key_slot_t; -typedef enum { - PSA_MUTEX_LOCK = 0, - PSA_MUTEX_UNLOCK, -} psa_mutex_operation_t; +#if defined(MBEDTLS_THREADING_C) -/** If threading is enabled: perform a lock or unlock operation on the - * key slot mutex. - * Call with parameter PSA_MUTEX_LOCK to perform a lock operation. - * Call with parameter PSA_MUTEX_UNLOCK to perform an unlock operation. +/** Perform a mutex operation and return immediately upon failure. + * * Returns PSA_ERROR_SERVICE_FAILURE if the operation fails * and status was PSA_SUCCESS. - * If threading is not enabled, do nothing. * * Assumptions: * psa_status_t status exists. - * op is PSA_MUTEX_LOCK or PSA_MUTEX_UNLOCK. + * f is a mutex operation which returns 0 upon success. */ -#if defined(MBEDTLS_THREADING_C) -#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_RETURN(op) \ - do \ - { \ - if (op == PSA_MUTEX_LOCK) { \ - if (mbedtls_mutex_lock( \ - &mbedtls_threading_key_slot_mutex) != 0) { \ - if (status == PSA_SUCCESS) { \ - return PSA_ERROR_SERVICE_FAILURE; \ - } \ - return status; \ - } \ - } \ - else if (op == PSA_MUTEX_UNLOCK) { \ - if (mbedtls_mutex_unlock( \ - &mbedtls_threading_key_slot_mutex) != 0) { \ - if (status == PSA_SUCCESS) { \ - return PSA_ERROR_SERVICE_FAILURE; \ - } \ - return status; \ - } \ - } \ +#define PSA_THREADING_CHK_RET(f) \ + do \ + { \ + if ((f) != 0) { \ + if (status == PSA_SUCCESS) { \ + return PSA_ERROR_SERVICE_FAILURE; \ + } \ + return status; \ + } \ } while (0); -#else -#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_RETURN(op) do { } while (0) -#endif -/** If threading is enabled: perform a lock or unlock operation on the - * key slot mutex. - * Call with parameter PSA_MUTEX_LOCK to perform a lock operation. - * Call with parameter PSA_MUTEX_UNLOCK to perform an unlock operation. - * This will goto the exit label if the operation fails, - * setting status to PSA_ERROR_SERVICE_FAILURE if status was PSA_SUCCESS. - * If threading is not enabled, do nothing. +/** Perform a mutex operation and goto exit on failure. + * + * Sets status to PSA_ERROR_SERVICE_FAILURE if status was PSA_SUCCESS. * * Assumptions: * psa_status_t status exists. * Label exit: exists. - * op is PSA_MUTEX_LOCK or PSA_MUTEX_UNLOCK. + * f is a mutex operation which returns 0 upon success. */ -#if defined(MBEDTLS_THREADING_C) -#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_GOTO_EXIT(op) \ - do \ - { \ - if (op == PSA_MUTEX_LOCK) { \ - if (mbedtls_mutex_lock( \ - &mbedtls_threading_key_slot_mutex) != 0) { \ - if (status == PSA_SUCCESS) { \ - status = PSA_ERROR_SERVICE_FAILURE; \ - } \ - goto exit; \ - } \ - } \ - else if (op == PSA_MUTEX_UNLOCK) { \ - if (mbedtls_mutex_unlock( \ - &mbedtls_threading_key_slot_mutex) != 0) { \ - if (status == PSA_SUCCESS) { \ - status = PSA_ERROR_SERVICE_FAILURE; \ - } \ - goto exit; \ - } \ - } \ +#define PSA_THREADING_CHK_GOTO_EXIT(f) \ + do \ + { \ + if ((f) != 0) { \ + if (status == PSA_SUCCESS) { \ + status = PSA_ERROR_SERVICE_FAILURE; \ + } \ + goto exit; \ + } \ } while (0); -#else -#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_GOTO_EXIT(op) do { } while (0) #endif /* A mask of key attribute flags used only internally. From 667cad5b81a448c08daaebee6a96ce1bad833ee5 Mon Sep 17 00:00:00 2001 From: Antonio de Angelis Date: Wed, 24 Jan 2024 13:34:46 +0000 Subject: [PATCH 1493/1674] Put the id field at the end of the psa_key_attributes_s structure Putting the id at the of the psa_key_attributes_s structure allows for a more efficient marshalling of the parameters around a transport channel which provides separation between a client view and a service view of the key parameters. Signed-off-by: Antonio de Angelis --- include/psa/crypto_struct.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 3a196182a..606d282df 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -239,18 +239,17 @@ typedef struct { psa_key_type_t MBEDTLS_PRIVATE(type); psa_key_bits_t MBEDTLS_PRIVATE(bits); psa_key_lifetime_t MBEDTLS_PRIVATE(lifetime); - mbedtls_svc_key_id_t MBEDTLS_PRIVATE(id); psa_key_policy_t MBEDTLS_PRIVATE(policy); psa_key_attributes_flag_t MBEDTLS_PRIVATE(flags); + mbedtls_svc_key_id_t MBEDTLS_PRIVATE(id); } psa_core_key_attributes_t; #define PSA_CORE_KEY_ATTRIBUTES_INIT { PSA_KEY_TYPE_NONE, 0, \ PSA_KEY_LIFETIME_VOLATILE, \ - MBEDTLS_SVC_KEY_ID_INIT, \ - PSA_KEY_POLICY_INIT, 0 } + PSA_KEY_POLICY_INIT, 0, \ + MBEDTLS_SVC_KEY_ID_INIT } struct psa_key_attributes_s { - psa_core_key_attributes_t MBEDTLS_PRIVATE(core); #if defined(MBEDTLS_PSA_CRYPTO_SE_C) psa_key_slot_number_t MBEDTLS_PRIVATE(slot_number); #endif /* MBEDTLS_PSA_CRYPTO_SE_C */ @@ -268,12 +267,13 @@ struct psa_key_attributes_s { */ void *MBEDTLS_PRIVATE(domain_parameters); size_t MBEDTLS_PRIVATE(domain_parameters_size); + psa_core_key_attributes_t MBEDTLS_PRIVATE(core); }; #if defined(MBEDTLS_PSA_CRYPTO_SE_C) -#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0 } +#define PSA_KEY_ATTRIBUTES_INIT { 0, NULL, 0, PSA_CORE_KEY_ATTRIBUTES_INIT } #else -#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0 } +#define PSA_KEY_ATTRIBUTES_INIT { NULL, 0, PSA_CORE_KEY_ATTRIBUTES_INIT } #endif static inline struct psa_key_attributes_s psa_key_attributes_init(void) From b0498ef9955d378392701c5b14c83e47c644b9bc Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 24 Jan 2024 15:55:33 +0100 Subject: [PATCH 1494/1674] adjust_legacy_from_psa: use intermediate symbol to enable builtin support Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_from_psa.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index 3d2293d34..9e6163f2d 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -443,40 +443,40 @@ #if defined(PSA_WANT_DH_RFC7919_2048) #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 1 -#define MBEDTLS_DHM_C +#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 */ #endif /* PSA_WANT_DH_RFC7919_2048 */ #if defined(PSA_WANT_DH_RFC7919_3072) #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 1 -#define MBEDTLS_DHM_C +#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 */ #endif /* PSA_WANT_DH_RFC7919_3072 */ #if defined(PSA_WANT_DH_RFC7919_4096) #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 1 -#define MBEDTLS_DHM_C +#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 */ #endif /* PSA_WANT_DH_RFC7919_4096 */ #if defined(PSA_WANT_DH_RFC7919_6144) #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 1 -#define MBEDTLS_DHM_C +#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 */ #endif /* PSA_WANT_DH_RFC7919_6144 */ #if defined(PSA_WANT_DH_RFC7919_8192) #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 1 -#define MBEDTLS_DHM_C +#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 */ #endif /* PSA_WANT_DH_RFC7919_8192 */ #if defined(PSA_WANT_ALG_FFDH) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) || defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS) #define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1 #define MBEDTLS_BIGNUM_C #endif /* !MBEDTLS_PSA_ACCEL_ALG_FFDH */ From 724a2abf0105a2d623a15bf9e59400517dd35e99 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 24 Jan 2024 15:57:12 +0100 Subject: [PATCH 1495/1674] test_suite_psa_crypto: fix typo in description Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index b1bc67834..a8c38db01 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -546,7 +546,7 @@ PSA import/export FFDH RFC7919 8192 public key: good depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY:PSA_WANT_DH_RFC7919_8192 import_export:"3D1EB2C023E54A123420B9587F6985AFFCF6FE75A2F1768866CBAA10ABD5B7448409EFCE8786C0BD1D325FBAC47119A846C63103DAA8BC5FAF427C69D07AFE2FA0064A8BE9C33E30E6926A57850248EAAD8F0FA887452FF1467064DBE4041950CBFF55763AB58E1F2300C9B133E5D0FBD18604B93EC16BEA9CE340AC92B18DC188629A5D7FEC64601334CDBFEBD8126BE4743440C9A48F03F37298548C2EF226D44C296F440EB1E5F1128F203120ACE6C45D3CA992998CCF68C301CC4A32CF852FA4C2968C62D4016AF526FCD61A56F2BF479743D1EB62AD21120563BC1CE0D0791920BB89D82473F4DE75BCF6A728490F071899F683FCA10DCF6D9605749810A901F1FAAF96DC6AA0AF1CAFCF61E8A51E9E7A1BF5D9E5FDD6D63ED824CFD4016EF0782946F44E44B1B72B4CF9D4CE5E57A93EB738AEC084F02BBA52C385BCC013C720B0B98B78580AFFA84B0D204866B3FA39D73EECF1E0E6921D5484D929C1ADC7975741A308BCB060A43DF556F278F56CBDBDCE07F7CC8292FB27B3CDDB286E4B5A92552308DD8001F4BABC67C56B8DC6E5C4ED8FC4724A89441433EDD58C68E513E1940F5E6DB512574D7A37974E5739E28C03FECA3134AD8817E1A52BEBDCF2EE1F7DC66B09742005902A977DB0D617B8F6CFD75508F00225BE362D53BCA0AF4BE0D2DAD0A64054CA1204E31217F82D4F95315E54AEBF3BF98E2667A35A0017799C5479F369D8692317CABBB78C07D8314153D22110EA7617091ED755041A6E201F1FD76BC258DF84260369BBB2A1A13B5D266844A25E9A8F1D1279C349E0113CAAAB0A3D4510367E754980328B937CF7BEAABDBA39F4EA3CDE5C9BB6ECDA5BC44CC9EB6BEE6F2FF3698FA393DD4F85507415622CD7C0802240F7CE22F75F2DBA7CB7217352B34C57921B975BF2E73B6DA6A34C11192338C80B986AA3707DA64324056FE7EE2C0754045C7BC596B68FFCB501C186F89D618A76144C9CB35B59370D1D3E668F10A9EF6C851F6AD3FA9FA776E9391F3F143D7928F816EE4F56F756BF450E1B4F87A7B19EFB02850C45F6F7BCC87AA8FF27C474269EB53F3F1E28DD4D6BF1C6B16AD97F10418596D1A3EC5F664773FCA1E93743005C7230D5F8549DAEE3472418A648B91834BA7A19834B48D7E6DB57F7BD92887C366D78532A2497D9B9F35D598E79026F586D4DC1577FDA2B9DD5877A521EB9F3C87DFD77F5EC690519E04E702CE3A5203920A7B891F764CB0B2DDEE7EB01CC55EB45F1BECD4514540F10F03ABBA3E4D627DCEF89F1FADF26034C2D7C36E6776C7163D99BF5CADEFDB142A6CD631D3B58269F0116B1016633B7CD4752E2F636614ABDD27592734B8BFF08E155C350808C6072C42E46F2AEDD83EA6FFBF3EA5AA809B0F9DABF6CD8E2E0E1BC998AAAA0698F44B1819B0D7A19C2067F071A932D10F0281187":PSA_KEY_TYPE_DH_PUBLIC_KEY(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:8192:0:PSA_SUCCESS:1 -PSA import/export FFDH RFC7919 2048 key pair: export not permitterd +PSA import/export FFDH RFC7919 2048 key pair: export not permitted depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT:PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT:PSA_WANT_DH_RFC7919_2048 import_export:"2A45292441157B3C25572F76A5CDF960A7BDBF06731D783C5BF8920FB94CCC3D5DCCF86A3CB66B4E3AEDD23106222458ACF3F72C753CB67C2E19AD399566866FEBC16C3B4DC72773B4709047AE1AEC2D9107C2041B06B86A8F604465B26E0E753D6B10772798B3797232D950A36F2D4B33B04B36DE73AC6B8A7365015DF5745A1F892728B0CA947702C36E3BC646E72E23E80C345DBB014B7F93B36C80B4051F9A716D19B980861E86D62977466565462FBD3C1BB4EFD630DCCBEB351A7FA95602B7FE23903C7C7DC999950493BEC028AC42346858FAD969452DCF1DE9AD445F7F928D63B75FA86E8C1D722AB242D91995D3545A1791D72B0F384E74B45C7C01":PSA_KEY_TYPE_DH_KEY_PAIR(PSA_DH_FAMILY_RFC7919):0:PSA_ALG_FFDH:0:2048:0:PSA_ERROR_NOT_PERMITTED:1 From 75501f5ede68cbcc9651ed17c5eaee2bf31d6a00 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 8 Jan 2024 16:49:17 +0100 Subject: [PATCH 1496/1674] psa_util: add raw<->DER ECDSA conversion functions Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 36 +++++++ library/psa_util.c | 205 +++++++++++++++++++++++++++++++++++++ 2 files changed, 241 insertions(+) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 47724c633..912179ba8 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -176,6 +176,42 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa return (mbedtls_md_type_t) (psa_alg & PSA_ALG_HASH_MASK); } +#if defined(MBEDTLS_ASN1_WRITE_C) +/** Convert an ECDSA signature from raw format to DER ASN.1 one. + * + * \param raw Buffer that contains the signature in raw format. + * \param raw_len Length of raw buffer in bytes + * \param[out] der Buffer that will be filled with the converted DER + * output. It can overlap with raw buffer. + * \param der_size Size of the output der buffer in bytes. + * \param[out] der_len On success it contains the amount of valid data + * (in bytes) written to der buffer. It's undefined + * in case of failure. + * \param bits Size of each raw coordinate in bits. + */ +int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, + unsigned char *der, size_t der_size, size_t *der_len, + size_t bits); +#endif /* MBEDTLS_ASN1_WRITE_C */ + +#if defined(MBEDTLS_ASN1_PARSE_C) +/** Convert an ECDSA signature from DER ASN.1 format to raw. + * + * \param der Buffer that contains the signature in DER format. + * \param der_len Size of the der buffer in bytes. + * \param[out] raw Buffer that will be filled with the converted raw + * signature. It can overlap with der buffer. + * \param raw_size Size of the raw buffer in bytes. + * \param[out] raw_len On success it is updated with the amount of valid + * data (in bytes) written to raw buffer. It's undefined + * in case of failure. + * \param bits Size of each raw coordinate in bits. + */ +int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, + unsigned char *raw, size_t raw_size, size_t *raw_len, + size_t bits); +#endif /* MBEDTLS_ASN1_PARSE_C */ + /**@}*/ #endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/library/psa_util.c b/library/psa_util.c index 41586e262..2c35db010 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -40,6 +40,10 @@ #if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) #include #endif +#if defined(MBEDTLS_ASN1_WRITE_C) +#include +#include +#endif /* PSA_SUCCESS is kept at the top of each error table since * it's the most common status when everything functions properly. */ @@ -330,4 +334,205 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t family, } #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ +#if defined(MBEDTLS_ASN1_WRITE_C) +/* + * Convert a single raw coordinate to DER ASN.1 format. + * Note: this function is similar to mbedtls_asn1_write_mpi(), but it doesn't + * depend on BIGNUM_C. + * Note: this function fills der_buf backward. + */ +static int convert_raw_to_der_single_int(const unsigned char *raw_buf, size_t raw_len, + unsigned char *der_buf_start, + unsigned char *der_buf_end) +{ + unsigned char *p = der_buf_end; + int len = raw_len; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + /* Copy the raw coordinate to the end of der_buf. */ + if ((p - der_buf_start) < len) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + p -= len; + memcpy(p, raw_buf, len); + + /* ASN.1 DER encoding requires minimal length, so skip leading 0s. + * Provided input MPIs should not be 0, but as a failsafe measure, still + * detect that and return error in case. */ + while (*p == 0x00) { + ++p; + --len; + if (len == 0) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + } + + /* If MSb is 1, ASN.1 requires that we prepend a 0. */ + if (*p & 0x80) { + if ((p - der_buf_start) < 1) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + --p; + *p = 0x00; + ++len; + } + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, der_buf_start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, der_buf_start, MBEDTLS_ASN1_INTEGER)); + + return len; +} + +int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, + unsigned char *der, size_t der_size, size_t *der_len, + size_t bits) +{ + unsigned char r[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)]; + unsigned char s[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)]; + const size_t coordinate_len = PSA_BITS_TO_BYTES(bits); + size_t len = 0; + unsigned char *p = der + der_size; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + if (raw_len < 2 * coordinate_len) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + + /* Since raw and der buffers might overlap, dump r and s before starting + * the conversion. */ + memset(r, 0, sizeof(r)); + memcpy(r, raw, coordinate_len); + memset(s, 0, sizeof(s)); + memcpy(s, raw + coordinate_len, coordinate_len); + + /* der buffer will initially be written starting from its end so we pick s + * first and then r. */ + ret = convert_raw_to_der_single_int(s, coordinate_len, der, p); + if (ret < 0) { + return ret; + } + p -= ret; + len += ret; + + ret = convert_raw_to_der_single_int(r, coordinate_len, der, p); + if (ret < 0) { + return ret; + } + p -= ret; + len += ret; + + /* Add ASN.1 header (len + tag). */ + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, der, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, der, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + + /* memmove the content of der buffer to its beginnig. */ + memmove(der, p, len); + *der_len = len; + + return 0; +} +#endif /* MBEDTLS_ASN1_WRITE_C */ + +#if defined(MBEDTLS_ASN1_PARSE_C) +/* + * Convert a single integer from ASN.1 DER format to raw. + * Note: der and raw buffers are not overlapping here. + */ +static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, + unsigned char *raw, size_t raw_len, + size_t coordinate_size) +{ + unsigned char *p = der; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t unpadded_len, padding_len = 0; + + /* Get the length of ASN.1 element (i.e. the integer we need to parse). */ + ret = mbedtls_asn1_get_tag(&p, p + der_len, &unpadded_len, + MBEDTLS_ASN1_INTEGER); + if (ret != 0) { + return ret; + } + + /* Skip leading zeros */ + while (*p == 0x00) { + p++; + unpadded_len--; + /* It should never happen that the input number is all zeros. */ + if (unpadded_len == 0) { + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } + } + + if (raw_len < coordinate_size) { + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } + + if (unpadded_len < coordinate_size) { + padding_len = coordinate_size - unpadded_len; + memset(raw, 0x00, padding_len); + } + memcpy(raw + padding_len, p, unpadded_len); + p += unpadded_len; + + return (int) (p - der); +} + +int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, + unsigned char *raw, size_t raw_size, size_t *raw_len, + size_t bits) +{ + unsigned char raw_tmp[PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE]; + unsigned char *p = (unsigned char *) der; + size_t data_len; + size_t coordinate_size = PSA_BITS_TO_BYTES(bits); + int ret; + + /* The output raw buffer should be at least twice the size of a raw + * coordinate in order to store r and s. */ + if (raw_size < coordinate_size * 2) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + + /* Check that the provided input DER buffer has the right header. */ + ret = mbedtls_asn1_get_tag(&p, der + der_len, &data_len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); + if (ret != 0) { + return ret; + } + + memset(raw_tmp, 0, sizeof(raw_tmp)); + + /* Extract r */ + ret = convert_der_to_raw_single_int(p, data_len, raw_tmp, sizeof(raw_tmp), + coordinate_size); + if (ret < 0) { + return ret; + } + p += ret; + data_len -= ret; + + /* Extract s */ + ret = convert_der_to_raw_single_int(p, data_len, raw_tmp + coordinate_size, + sizeof(raw_tmp) - coordinate_size, + coordinate_size); + if (ret < 0) { + return ret; + } + p += ret; + data_len -= ret; + + /* Check that we consumed all the input der data. */ + if ((p - der) != (int) der_len) { + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } + + memcpy(raw, raw_tmp, 2 * coordinate_size); + *raw_len = 2 * coordinate_size; + + return 0; +} +#endif /* MBEDTLS_ASN1_PARSE_C */ + #endif /* MBEDTLS_PSA_CRYPTO_C */ From bd5b9c61fec431c305416cf851d2ac31ac69df6d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 8 Jan 2024 16:49:48 +0100 Subject: [PATCH 1497/1674] pk_wrap: use PSA util functions for ECDSA conversion instead of PK ones Signed-off-by: Valerio Setti --- library/pk_wrap.c | 175 ++++++---------------------------------------- 1 file changed, 21 insertions(+), 154 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index c23265022..9a29d929e 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -29,6 +29,7 @@ #if defined(MBEDTLS_USE_PSA_CRYPTO) #include "psa_util_internal.h" #include "psa/crypto.h" +#include "mbedtls/psa_util.h" #if defined(MBEDTLS_RSA_C) #include "pkwrite.h" @@ -536,66 +537,6 @@ static size_t eckey_get_bitlen(mbedtls_pk_context *pk) #if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) #if defined(MBEDTLS_USE_PSA_CRYPTO) -/* - * An ASN.1 encoded signature is a sequence of two ASN.1 integers. Parse one of - * those integers and convert it to the fixed-length encoding expected by PSA. - */ -static int extract_ecdsa_sig_int(unsigned char **from, const unsigned char *end, - unsigned char *to, size_t to_len) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t unpadded_len, padding_len; - - if ((ret = mbedtls_asn1_get_tag(from, end, &unpadded_len, - MBEDTLS_ASN1_INTEGER)) != 0) { - return ret; - } - - while (unpadded_len > 0 && **from == 0x00) { - (*from)++; - unpadded_len--; - } - - if (unpadded_len > to_len || unpadded_len == 0) { - return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; - } - - padding_len = to_len - unpadded_len; - memset(to, 0x00, padding_len); - memcpy(to + padding_len, *from, unpadded_len); - (*from) += unpadded_len; - - return 0; -} - -/* - * Convert a signature from an ASN.1 sequence of two integers - * to a raw {r,s} buffer. Note: the provided sig buffer must be at least - * twice as big as int_size. - */ -static int extract_ecdsa_sig(unsigned char **p, const unsigned char *end, - unsigned char *sig, size_t int_size) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t tmp_size; - - if ((ret = mbedtls_asn1_get_tag(p, end, &tmp_size, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { - return ret; - } - - /* Extract r */ - if ((ret = extract_ecdsa_sig_int(p, end, sig, int_size)) != 0) { - return ret; - } - /* Extract s */ - if ((ret = extract_ecdsa_sig_int(p, end, sig + int_size, int_size)) != 0) { - return ret; - } - - return 0; -} - /* Common helper for ECDSA verify using PSA functions. */ static int ecdsa_verify_psa(unsigned char *key, size_t key_len, psa_ecc_family_t curve, size_t curve_bits, @@ -607,6 +548,7 @@ static int ecdsa_verify_psa(unsigned char *key, size_t key_len, mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA_ANY; size_t signature_len = PSA_ECDSA_SIGNATURE_SIZE(curve_bits); + size_t converted_sig_len; unsigned char extracted_sig[PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE]; unsigned char *p; psa_status_t status; @@ -631,11 +573,15 @@ static int ecdsa_verify_psa(unsigned char *key, size_t key_len, } p = (unsigned char *) sig; - /* extract_ecdsa_sig's last parameter is the size - * of each integer to be parsed, so it's actually half - * the size of the signature. */ - if ((ret = extract_ecdsa_sig(&p, sig + sig_len, extracted_sig, - signature_len/2)) != 0) { + ret = mbedtls_ecdsa_der_to_raw(p, sig_len, extracted_sig, + sizeof(extracted_sig), &converted_sig_len, + curve_bits); + if (ret != 0) { + goto cleanup; + } + + if (converted_sig_len != signature_len) { + ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; goto cleanup; } @@ -646,10 +592,6 @@ static int ecdsa_verify_psa(unsigned char *key, size_t key_len, goto cleanup; } - if (p != sig + sig_len) { - ret = MBEDTLS_ERR_PK_SIG_LEN_MISMATCH; - goto cleanup; - } ret = 0; cleanup: @@ -751,90 +693,6 @@ static int ecdsa_verify_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, #if defined(MBEDTLS_PK_CAN_ECDSA_SIGN) #if defined(MBEDTLS_USE_PSA_CRYPTO) -/* - * Simultaneously convert and move raw MPI from the beginning of a buffer - * to an ASN.1 MPI at the end of the buffer. - * See also mbedtls_asn1_write_mpi(). - * - * p: pointer to the end of the output buffer - * start: start of the output buffer, and also of the mpi to write at the end - * n_len: length of the mpi to read from start - */ -static int asn1_write_mpibuf(unsigned char **p, unsigned char *start, - size_t n_len) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t len = 0; - - if ((size_t) (*p - start) < n_len) { - return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; - } - - len = n_len; - *p -= len; - memmove(*p, start, len); - - /* ASN.1 DER encoding requires minimal length, so skip leading 0s. - * Neither r nor s should be 0, but as a failsafe measure, still detect - * that rather than overflowing the buffer in case of a PSA error. */ - while (len > 0 && **p == 0x00) { - ++(*p); - --len; - } - - /* this is only reached if the signature was invalid */ - if (len == 0) { - return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; - } - - /* if the msb is 1, ASN.1 requires that we prepend a 0. - * Neither r nor s can be 0, so we can assume len > 0 at all times. */ - if (**p & 0x80) { - if (*p - start < 1) { - return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; - } - - *--(*p) = 0x00; - len += 1; - } - - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, - MBEDTLS_ASN1_INTEGER)); - - return (int) len; -} - -/* Transcode signature from PSA format to ASN.1 sequence. - * See ecdsa_signature_to_asn1 in ecdsa.c, but with byte buffers instead of - * MPIs, and in-place. - * - * [in/out] sig: the signature pre- and post-transcoding - * [in/out] sig_len: signature length pre- and post-transcoding - * [int] buf_len: the available size the in/out buffer - */ -static int pk_ecdsa_sig_asn1_from_psa(unsigned char *sig, size_t *sig_len, - size_t buf_len) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t len = 0; - const size_t rs_len = *sig_len / 2; - unsigned char *p = sig + buf_len; - - MBEDTLS_ASN1_CHK_ADD(len, asn1_write_mpibuf(&p, sig + rs_len, rs_len)); - MBEDTLS_ASN1_CHK_ADD(len, asn1_write_mpibuf(&p, sig, rs_len)); - - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, sig, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, sig, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE)); - - memmove(sig, p, len); - *sig_len = len; - - return 0; -} - /* Common helper for ECDSA sign using PSA functions. * Instead of extracting key's properties in order to check which kind of ECDSA * signature it supports, we try both deterministic and non-deterministic. @@ -845,6 +703,15 @@ static int ecdsa_sign_psa(mbedtls_svc_key_id_t key_id, mbedtls_md_type_t md_alg, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; psa_status_t status; + psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; + size_t key_bits = 0; + + status = psa_get_key_attributes(key_id, &key_attr); + if (status != PSA_SUCCESS) { + return PSA_PK_ECDSA_TO_MBEDTLS_ERR(status); + } + key_bits = psa_get_key_bits(&key_attr); + psa_reset_key_attributes(&key_attr); status = psa_sign_hash(key_id, PSA_ALG_DETERMINISTIC_ECDSA(mbedtls_md_psa_alg_from_type(md_alg)), @@ -863,7 +730,7 @@ static int ecdsa_sign_psa(mbedtls_svc_key_id_t key_id, mbedtls_md_type_t md_alg, } done: - ret = pk_ecdsa_sig_asn1_from_psa(sig, sig_len, sig_size); + ret = mbedtls_ecdsa_raw_to_der(sig, sig_size, sig, sig_size, sig_len, key_bits); return ret; } From aed21640bdc3a6a4c3ddbbfe7bbb24e60544ee8d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 8 Jan 2024 16:50:30 +0100 Subject: [PATCH 1498/1674] test_suite_psa_crypto_util: add test function and data for ECDSA conversion functions Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 71 +++++++++++++++++++ .../test_suite_psa_crypto_util.function | 44 ++++++++++++ 2 files changed, 115 insertions(+) create mode 100644 tests/suites/test_suite_psa_crypto_util.data create mode 100644 tests/suites/test_suite_psa_crypto_util.function diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data new file mode 100644 index 000000000..ce942c841 --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -0,0 +1,71 @@ +ECDSA Raw -> DER, 192bit, Success +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:192:"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":"303402180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":0 + +ECDSA Raw -> DER, 192bit, Raw data too short +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:192:"0101010101010101010101010101010101010101010101010202020202020202020202020202020202020202020202":"303402180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_INVALID_DATA + +ECDSA Raw -> DER, 192bit, DER buffer too small +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:192:"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":"30340218010101010101010101010101010101010101010101010101":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL + +ECDSA Raw -> DER, 192bit, Null r +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:192:"000000000000000000000000000000000000000000000000020202020202020202020202020202020202020202020202":"303402180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_INVALID_DATA + +ECDSA Raw -> DER, 192bit, Null s +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:192:"010101010101010101010101010101010101010101010101000000000000000000000000000000000000000000000000":"303402180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_INVALID_DATA + +ECDSA Raw -> DER, 192bit, r with MSb set +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:192:"810101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":"30350219008101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":0 + +ECDSA Raw -> DER, 192bit, s with MSb set +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:192:"010101010101010101010101010101010101010101010101820202020202020202020202020202020202020202020202":"30350218010101010101010101010101010101010101010101010101021900820202020202020202020202020202020202020202020202":0 + +ECDSA DER -> Raw, 192bit, Success +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"303402180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":0 + +ECDSA DER -> Raw, 192bit, Raw buffer too small +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"303402180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":"0101010101010101010101010101010101010101010101010202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL + +ECDSA DER -> Raw, 192bit, Wrong sequence tag +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"403402180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +ECDSA DER -> Raw, 192bit, Invalid sequence length +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"30FF02180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_INVALID_LENGTH + +ECDSA DER -> Raw, 192bit, Wrong integer tag +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"303401180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +ECDSA DER -> Raw, 192bit, Wrong r integer length (too small) +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"303402170101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +ECDSA DER -> Raw, 192bit, Wrong r integer length (too large) +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"303402190101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +ECDSA DER -> Raw, 192bit, Wrong s integer length (too small) +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"303402180101010101010101010101010101010101010101010101010217020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +ECDSA DER -> Raw, 192bit, Wrong s integer length (too large) +depends_on:PSA_WANT_ECC_SECP_R1_192 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"303402180101010101010101010101010101010101010101010101010219020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +ECDSA Raw -> DER, 256bit, Success +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"01010101010101010101010101010101010101010101010101010101010101010202020202020202020202020202020202020202020202020202020202020202":"30440220010101010101010101010101010101010101010101010101010101010101010102200202020202020202020202020202020202020202020202020202020202020202":0 + +ECDSA DER -> Raw, 256bit, Success +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440220010101010101010101010101010101010101010101010101010101010101010102200202020202020202020202020202020202020202020202020202020202020202":"01010101010101010101010101010101010101010101010101010101010101010202020202020202020202020202020202020202020202020202020202020202":0 diff --git a/tests/suites/test_suite_psa_crypto_util.function b/tests/suites/test_suite_psa_crypto_util.function new file mode 100644 index 000000000..2a990733f --- /dev/null +++ b/tests/suites/test_suite_psa_crypto_util.function @@ -0,0 +1,44 @@ +/* BEGIN_HEADER */ +#include +#include +#include +#include + +enum { + ECDSA_RAW_TO_DER = 0, + ECDSA_DER_TO_RAW, +}; +/* END_HEADER */ + +/* BEGIN_DEPENDENCIES + * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_ASN1_WRITE_C:MBEDTLS_ASN1_PARSE_C + * END_DEPENDENCIES + */ + +/* BEGIN_CASE */ +void ecdsa_raw_to_der(int direction, int key_bits, data_t *input, data_t *exp_result, int exp_ret) +{ + unsigned char *tmp_buf = NULL; + size_t tmp_buf_len = exp_result->len; + size_t ret_len; + + TEST_CALLOC(tmp_buf, tmp_buf_len); + + if (direction == ECDSA_RAW_TO_DER) { + TEST_EQUAL(mbedtls_ecdsa_raw_to_der(input->x, input->len, + tmp_buf, tmp_buf_len, &ret_len, + key_bits), exp_ret); + } else { + TEST_EQUAL(mbedtls_ecdsa_der_to_raw(input->x, input->len, + tmp_buf, tmp_buf_len, &ret_len, + key_bits), exp_ret); + } + + if (exp_ret == 0) { + ASSERT_COMPARE(exp_result->x, exp_result->len, tmp_buf, ret_len); + } + +exit: + mbedtls_free(tmp_buf); +} +/* END_CASE */ From 84890c9be29e58bc3b7b9d3ed187bc64fa56e450 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 9 Jan 2024 14:20:23 +0100 Subject: [PATCH 1499/1674] psa_util: improve description for ECDSA conversion functions Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 6 +++-- library/psa_util.c | 51 +++++++++++++++++++++++++++++++------- 2 files changed, 46 insertions(+), 11 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 912179ba8..ea0d5bb0d 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -177,7 +177,8 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa } #if defined(MBEDTLS_ASN1_WRITE_C) -/** Convert an ECDSA signature from raw format to DER ASN.1 one. +/** Convert an ECDSA signature from raw format (used by PSA APIs) to DER ASN.1 + * format (used by legacy crypto APIs). * * \param raw Buffer that contains the signature in raw format. * \param raw_len Length of raw buffer in bytes @@ -195,7 +196,8 @@ int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, #endif /* MBEDTLS_ASN1_WRITE_C */ #if defined(MBEDTLS_ASN1_PARSE_C) -/** Convert an ECDSA signature from DER ASN.1 format to raw. +/** Convert an ECDSA signature from DER ASN.1 format (used by legacy crypto + * APIs) to raw format (used by PSA APIs). * * \param der Buffer that contains the signature in DER format. * \param der_len Size of the der buffer in bytes. diff --git a/library/psa_util.c b/library/psa_util.c index 2c35db010..e16971bc5 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -335,11 +335,25 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t family, #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ #if defined(MBEDTLS_ASN1_WRITE_C) -/* - * Convert a single raw coordinate to DER ASN.1 format. - * Note: this function is similar to mbedtls_asn1_write_mpi(), but it doesn't - * depend on BIGNUM_C. - * Note: this function fills der_buf backward. +/** + * \brief Convert a single raw coordinate to DER ASN.1 format. The output der + * buffer is filled backward (i.e. starting from its end). + * + * \param raw_buf Buffer containing the raw coordinate to be + * converted. + * \param raw_len Length of raw_buf in bytes. + * \param der_buf_start Pointer to the beginning of the buffer which + * will be filled with the DER converted data. + * \param der_buf_end End of the buffer used to store the DER output. + * + * \return On success, the amount of data (in bytes) written to + * the DER buffer. + * \return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL if the provided der + * buffer is too small to contain all the converted data. + * \return MBEDTLS_ERR_ASN1_INVALID_DATA if the input raw + * coordinate is null (i.e. all zeros). + * + * \warning Raw and der buffer must not be overlapping. */ static int convert_raw_to_der_single_int(const unsigned char *raw_buf, size_t raw_len, unsigned char *der_buf_start, @@ -436,9 +450,28 @@ int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, #endif /* MBEDTLS_ASN1_WRITE_C */ #if defined(MBEDTLS_ASN1_PARSE_C) -/* - * Convert a single integer from ASN.1 DER format to raw. - * Note: der and raw buffers are not overlapping here. +/** + * \brief Convert a single integer from ASN.1 DER format to raw. + * + * \param der Buffer containing the DER integer value to be + * converted. + * \param der_len Length of the der buffer in bytes. + * \param raw Output buffer that will be filled with the + * converted data. This should be at least + * coordinate_size bytes. + * \param raw_len Size (in bytes) of the output raw buffer. + * \param coordinate_size Size (in bytes) of a single coordinate in raw + * format. + * + * \return On success, the amount of DER data parsed from the + * provided der buffer. + * \return MBEDTLS_ERR_ASN1_UNEXPECTED_TAG if the integer tag + * is missing in the der buffer. + * \return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH if the integer + * is null (i.e. all zeros) or if the output raw buffer + * is too small to contain the converted raw value. + * + * \warning Der and raw buffers must not be overlapping. */ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, unsigned char *raw, size_t raw_len, @@ -466,7 +499,7 @@ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, } if (raw_len < coordinate_size) { - return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + return ERR_ASN1_BUF_TOO_SMALL; } if (unpadded_len < coordinate_size) { From 5713c8a5ac38990dc3747dc10b50a3b54a35a0c6 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 9 Jan 2024 15:48:37 +0100 Subject: [PATCH 1500/1674] psa_util: minor code improvements Signed-off-by: Valerio Setti --- library/psa_util.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/library/psa_util.c b/library/psa_util.c index e16971bc5..c257d7593 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -414,9 +414,7 @@ int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, /* Since raw and der buffers might overlap, dump r and s before starting * the conversion. */ - memset(r, 0, sizeof(r)); memcpy(r, raw, coordinate_len); - memset(s, 0, sizeof(s)); memcpy(s, raw + coordinate_len, coordinate_len); /* der buffer will initially be written starting from its end so we pick s @@ -481,6 +479,10 @@ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t unpadded_len, padding_len = 0; + if (raw_len < coordinate_size) { + return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; + } + /* Get the length of ASN.1 element (i.e. the integer we need to parse). */ ret = mbedtls_asn1_get_tag(&p, p + der_len, &unpadded_len, MBEDTLS_ASN1_INTEGER); @@ -498,10 +500,6 @@ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, } } - if (raw_len < coordinate_size) { - return ERR_ASN1_BUF_TOO_SMALL; - } - if (unpadded_len < coordinate_size) { padding_len = coordinate_size - unpadded_len; memset(raw, 0x00, padding_len); @@ -557,7 +555,7 @@ int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, data_len -= ret; /* Check that we consumed all the input der data. */ - if ((p - der) != (int) der_len) { + if ((size_t) (p - der) != der_len) { return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; } From bda440f82da4fe20b7e3bfc0f0d9ae66fe8a9442 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 10 Jan 2024 08:16:50 +0100 Subject: [PATCH 1501/1674] test_suite_psa_crypto_util: increase the size of tested integers - Replace 192 case with 256 - Replace 256 case with 512 - Add 521 case Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 142 ++++++++++--------- 1 file changed, 76 insertions(+), 66 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index ce942c841..8598a4ef1 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -1,71 +1,81 @@ -ECDSA Raw -> DER, 192bit, Success -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:192:"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":"303402180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":0 - -ECDSA Raw -> DER, 192bit, Raw data too short -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:192:"0101010101010101010101010101010101010101010101010202020202020202020202020202020202020202020202":"303402180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_INVALID_DATA - -ECDSA Raw -> DER, 192bit, DER buffer too small -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:192:"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":"30340218010101010101010101010101010101010101010101010101":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL - -ECDSA Raw -> DER, 192bit, Null r -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:192:"000000000000000000000000000000000000000000000000020202020202020202020202020202020202020202020202":"303402180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_INVALID_DATA - -ECDSA Raw -> DER, 192bit, Null s -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:192:"010101010101010101010101010101010101010101010101000000000000000000000000000000000000000000000000":"303402180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_INVALID_DATA - -ECDSA Raw -> DER, 192bit, r with MSb set -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:192:"810101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":"30350219008101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":0 - -ECDSA Raw -> DER, 192bit, s with MSb set -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:192:"010101010101010101010101010101010101010101010101820202020202020202020202020202020202020202020202":"30350218010101010101010101010101010101010101010101010101021900820202020202020202020202020202020202020202020202":0 - -ECDSA DER -> Raw, 192bit, Success -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"303402180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":0 - -ECDSA DER -> Raw, 192bit, Raw buffer too small -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"303402180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":"0101010101010101010101010101010101010101010101010202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL - -ECDSA DER -> Raw, 192bit, Wrong sequence tag -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"403402180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -ECDSA DER -> Raw, 192bit, Invalid sequence length -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"30FF02180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_INVALID_LENGTH - -ECDSA DER -> Raw, 192bit, Wrong integer tag -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"303401180101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -ECDSA DER -> Raw, 192bit, Wrong r integer length (too small) -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"303402170101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -ECDSA DER -> Raw, 192bit, Wrong r integer length (too large) -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"303402190101010101010101010101010101010101010101010101010218020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG - -ECDSA DER -> Raw, 192bit, Wrong s integer length (too small) -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"303402180101010101010101010101010101010101010101010101010217020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH - -ECDSA DER -> Raw, 192bit, Wrong s integer length (too large) -depends_on:PSA_WANT_ECC_SECP_R1_192 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:192:"303402180101010101010101010101010101010101010101010101010219020202020202020202020202020202020202020202020202":"010101010101010101010101010101010101010101010101020202020202020202020202020202020202020202020202":MBEDTLS_ERR_ASN1_OUT_OF_DATA - ECDSA Raw -> DER, 256bit, Success depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"01010101010101010101010101010101010101010101010101010101010101010202020202020202020202020202020202020202020202020202020202020202":"30440220010101010101010101010101010101010101010101010101010101010101010102200202020202020202020202020202020202020202020202020202020202020202":0 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":0 + +ECDSA Raw -> DER, 256bit, Raw data too short +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA + +ECDSA Raw -> DER, 256bit, DER buffer too small +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"304402201111111111111111111111111111111111111111111111111111111111111111022022222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL + +ECDSA Raw -> DER, 256bit, Null r +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA + +ECDSA Raw -> DER, 256bit, Null s +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA + +ECDSA Raw -> DER, 256bit, r with MSb set +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"91111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"3045022100911111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":0 + +ECDSA Raw -> DER, 256bit, s with MSb set +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"1111111111111111111111111111111111111111111111111111111111111111A222222222222222222222222222222222222222222222222222222222222222":"304502201111111111111111111111111111111111111111111111111111111111111111022100A222222222222222222222222222222222222222222222222222222222222222":0 ECDSA DER -> Raw, 256bit, Success depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440220010101010101010101010101010101010101010101010101010101010101010102200202020202020202020202020202020202020202020202020202020202020202":"01010101010101010101010101010101010101010101010101010101010101010202020202020202020202020202020202020202020202020202020202020202":0 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":0 + +ECDSA DER -> Raw, 256bit, Raw buffer too small +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL + +ECDSA DER -> Raw, 256bit, Wrong sequence tag +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"40440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +ECDSA DER -> Raw, 256bit, Invalid sequence length +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30ff0220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_LENGTH + +ECDSA DER -> Raw, 256bit, Wrong integer tag +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440120111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +ECDSA DER -> Raw, 256bit, Wrong r integer length (too small) +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440219111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +ECDSA DER -> Raw, 256bit, Wrong r integer length (too large) +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440221111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +ECDSA DER -> Raw, 256bit, Wrong s integer length (too small) +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440220111111111111111111111111111111111111111111111111111111111111111102192222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +ECDSA DER -> Raw, 256bit, Wrong s integer length (too large) +depends_on:PSA_WANT_ECC_SECP_R1_256 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440220111111111111111111111111111111111111111111111111111111111111111102212222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +ECDSA Raw -> DER, 512bit, Success +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:512:"1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"308184024011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111024022222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 + +ECDSA DER -> Raw, 512bit, Success +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:512:"308184024011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111024022222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 + +# Bit length is rounded up to 528 to be multiple of 8 +ECDSA Raw -> DER, 521bit, Success +depends_on:PSA_WANT_ECC_SECP_R1_521 +ecdsa_raw_to_der:ECDSA_RAW_TO_DER:528:"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"30818802421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 + +# Bit length is rounded up to 528 to be multiple of 8 +ECDSA DER -> Raw, 521bit, Success +depends_on:PSA_WANT_ECC_SECP_R1_521 +ecdsa_raw_to_der:ECDSA_DER_TO_RAW:528:"30818802421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 From 99c0369d314ca613d4b721f96c8987560a60c220 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 10 Jan 2024 08:21:10 +0100 Subject: [PATCH 1502/1674] psa_util: add include asn1write.h in public header This is mandatory to have support for the error codes defined in the asn1write.h header file. Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 5 +++++ tests/suites/test_suite_psa_crypto_util.function | 2 -- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index ea0d5bb0d..87787f1e0 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -16,6 +16,11 @@ #include "psa/crypto.h" +/* ASN1 defines used in the ECDSA conversion functions. */ +#if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_ASN1_PARSE_C) +#include +#endif + #if defined(MBEDTLS_PSA_CRYPTO_C) /* Expose whatever RNG the PSA subsystem uses to applications using the diff --git a/tests/suites/test_suite_psa_crypto_util.function b/tests/suites/test_suite_psa_crypto_util.function index 2a990733f..bf1f88d8b 100644 --- a/tests/suites/test_suite_psa_crypto_util.function +++ b/tests/suites/test_suite_psa_crypto_util.function @@ -1,8 +1,6 @@ /* BEGIN_HEADER */ -#include #include #include -#include enum { ECDSA_RAW_TO_DER = 0, From c22e3ce8efd8a6f6c804ac1b28c17b0ea3bb4080 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 10 Jan 2024 08:46:59 +0100 Subject: [PATCH 1503/1674] psa_util: remove CRYPTO_C guard from ECDSA conversion functions Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 8 +++---- library/psa_util.c | 22 ++++++++++--------- .../test_suite_psa_crypto_util.function | 7 +----- 3 files changed, 17 insertions(+), 20 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 87787f1e0..93fb38d73 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -16,10 +16,10 @@ #include "psa/crypto.h" -/* ASN1 defines used in the ECDSA conversion functions. */ -#if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_ASN1_PARSE_C) +/* ASN1 defines used in the ECDSA conversion functions. + * Note: intentionally not adding MBEDTLS_ASN1_[PARSE|WRITE]_C guards here + * otherwise error codes would be unknown in test_suite_psa_crypto_util.data.*/ #include -#endif #if defined(MBEDTLS_PSA_CRYPTO_C) @@ -180,6 +180,7 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa { return (mbedtls_md_type_t) (psa_alg & PSA_ALG_HASH_MASK); } +#endif /* MBEDTLS_PSA_CRYPTO_C */ #if defined(MBEDTLS_ASN1_WRITE_C) /** Convert an ECDSA signature from raw format (used by PSA APIs) to DER ASN.1 @@ -221,5 +222,4 @@ int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, /**@}*/ -#endif /* MBEDTLS_PSA_CRYPTO_C */ #endif /* MBEDTLS_PSA_UTIL_H */ diff --git a/library/psa_util.c b/library/psa_util.c index c257d7593..ad5c9fb12 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -8,14 +8,20 @@ #include "common.h" +/* This is needed for MBEDTLS_ERR_XXX macros */ +#include + +#if defined(MBEDTLS_ASN1_WRITE_C) +#include +#include +#endif + +#include "psa_util_internal.h" + #if defined(MBEDTLS_PSA_CRYPTO_C) #include -#include "psa_util_internal.h" - -/* The following includes are needed for MBEDTLS_ERR_XXX macros */ -#include #if defined(MBEDTLS_MD_LIGHT) #include #endif @@ -40,10 +46,6 @@ #if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA) #include #endif -#if defined(MBEDTLS_ASN1_WRITE_C) -#include -#include -#endif /* PSA_SUCCESS is kept at the top of each error table since * it's the most common status when everything functions properly. */ @@ -334,6 +336,8 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t family, } #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ +#endif /* MBEDTLS_PSA_CRYPTO_C */ + #if defined(MBEDTLS_ASN1_WRITE_C) /** * \brief Convert a single raw coordinate to DER ASN.1 format. The output der @@ -565,5 +569,3 @@ int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, return 0; } #endif /* MBEDTLS_ASN1_PARSE_C */ - -#endif /* MBEDTLS_PSA_CRYPTO_C */ diff --git a/tests/suites/test_suite_psa_crypto_util.function b/tests/suites/test_suite_psa_crypto_util.function index bf1f88d8b..57cda0945 100644 --- a/tests/suites/test_suite_psa_crypto_util.function +++ b/tests/suites/test_suite_psa_crypto_util.function @@ -8,12 +8,7 @@ enum { }; /* END_HEADER */ -/* BEGIN_DEPENDENCIES - * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_ASN1_WRITE_C:MBEDTLS_ASN1_PARSE_C - * END_DEPENDENCIES - */ - -/* BEGIN_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_WRITE_C:MBEDTLS_ASN1_PARSE_C */ void ecdsa_raw_to_der(int direction, int key_bits, data_t *input, data_t *exp_result, int exp_ret) { unsigned char *tmp_buf = NULL; From 3f0809a99d3464ca105c75d75093a8e6cd9fffd8 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 10 Jan 2024 09:00:55 +0100 Subject: [PATCH 1504/1674] test_suite_psa_crypto_util: split ECDSA test function in two Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 40 ++++++++--------- .../test_suite_psa_crypto_util.function | 43 ++++++++++++------- 2 files changed, 47 insertions(+), 36 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 8598a4ef1..a8d34581c 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -1,81 +1,81 @@ ECDSA Raw -> DER, 256bit, Success depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":0 +ecdsa_raw_to_der:256:"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":0 ECDSA Raw -> DER, 256bit, Raw data too short depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA +ecdsa_raw_to_der:256:"111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA Raw -> DER, 256bit, DER buffer too small depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"304402201111111111111111111111111111111111111111111111111111111111111111022022222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL +ecdsa_raw_to_der:256:"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"304402201111111111111111111111111111111111111111111111111111111111111111022022222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ECDSA Raw -> DER, 256bit, Null r depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA +ecdsa_raw_to_der:256:"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA Raw -> DER, 256bit, Null s depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA +ecdsa_raw_to_der:256:"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA Raw -> DER, 256bit, r with MSb set depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"91111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"3045022100911111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":0 +ecdsa_raw_to_der:256:"91111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"3045022100911111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":0 ECDSA Raw -> DER, 256bit, s with MSb set depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:256:"1111111111111111111111111111111111111111111111111111111111111111A222222222222222222222222222222222222222222222222222222222222222":"304502201111111111111111111111111111111111111111111111111111111111111111022100A222222222222222222222222222222222222222222222222222222222222222":0 +ecdsa_raw_to_der:256:"1111111111111111111111111111111111111111111111111111111111111111A222222222222222222222222222222222222222222222222222222222222222":"304502201111111111111111111111111111111111111111111111111111111111111111022100A222222222222222222222222222222222222222222222222222222222222222":0 ECDSA DER -> Raw, 256bit, Success depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":0 +ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":0 ECDSA DER -> Raw, 256bit, Raw buffer too small depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL +ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ECDSA DER -> Raw, 256bit, Wrong sequence tag depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"40440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +ecdsa_der_to_raw:256:"40440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ECDSA DER -> Raw, 256bit, Invalid sequence length depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30ff0220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_LENGTH +ecdsa_der_to_raw:256:"30ff0220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_LENGTH ECDSA DER -> Raw, 256bit, Wrong integer tag depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440120111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +ecdsa_der_to_raw:256:"30440120111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ECDSA DER -> Raw, 256bit, Wrong r integer length (too small) depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440219111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +ecdsa_der_to_raw:256:"30440219111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ECDSA DER -> Raw, 256bit, Wrong r integer length (too large) depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440221111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +ecdsa_der_to_raw:256:"30440221111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ECDSA DER -> Raw, 256bit, Wrong s integer length (too small) depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440220111111111111111111111111111111111111111111111111111111111111111102192222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH +ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102192222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ECDSA DER -> Raw, 256bit, Wrong s integer length (too large) depends_on:PSA_WANT_ECC_SECP_R1_256 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:256:"30440220111111111111111111111111111111111111111111111111111111111111111102212222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_OUT_OF_DATA +ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102212222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_OUT_OF_DATA ECDSA Raw -> DER, 512bit, Success depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:512:"1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"308184024011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111024022222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 +ecdsa_raw_to_der:512:"1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"308184024011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111024022222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 ECDSA DER -> Raw, 512bit, Success depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:512:"308184024011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111024022222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 +ecdsa_der_to_raw:512:"308184024011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111024022222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 # Bit length is rounded up to 528 to be multiple of 8 ECDSA Raw -> DER, 521bit, Success depends_on:PSA_WANT_ECC_SECP_R1_521 -ecdsa_raw_to_der:ECDSA_RAW_TO_DER:528:"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"30818802421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 +ecdsa_raw_to_der:528:"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"30818802421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 # Bit length is rounded up to 528 to be multiple of 8 ECDSA DER -> Raw, 521bit, Success depends_on:PSA_WANT_ECC_SECP_R1_521 -ecdsa_raw_to_der:ECDSA_DER_TO_RAW:528:"30818802421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 +ecdsa_der_to_raw:528:"30818802421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 diff --git a/tests/suites/test_suite_psa_crypto_util.function b/tests/suites/test_suite_psa_crypto_util.function index 57cda0945..3c4976607 100644 --- a/tests/suites/test_suite_psa_crypto_util.function +++ b/tests/suites/test_suite_psa_crypto_util.function @@ -1,15 +1,10 @@ /* BEGIN_HEADER */ #include #include - -enum { - ECDSA_RAW_TO_DER = 0, - ECDSA_DER_TO_RAW, -}; /* END_HEADER */ -/* BEGIN_CASE depends_on:MBEDTLS_ASN1_WRITE_C:MBEDTLS_ASN1_PARSE_C */ -void ecdsa_raw_to_der(int direction, int key_bits, data_t *input, data_t *exp_result, int exp_ret) +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_WRITE_C */ +void ecdsa_raw_to_der(int key_bits, data_t *input, data_t *exp_result, int exp_ret) { unsigned char *tmp_buf = NULL; size_t tmp_buf_len = exp_result->len; @@ -17,15 +12,31 @@ void ecdsa_raw_to_der(int direction, int key_bits, data_t *input, data_t *exp_re TEST_CALLOC(tmp_buf, tmp_buf_len); - if (direction == ECDSA_RAW_TO_DER) { - TEST_EQUAL(mbedtls_ecdsa_raw_to_der(input->x, input->len, - tmp_buf, tmp_buf_len, &ret_len, - key_bits), exp_ret); - } else { - TEST_EQUAL(mbedtls_ecdsa_der_to_raw(input->x, input->len, - tmp_buf, tmp_buf_len, &ret_len, - key_bits), exp_ret); - } + TEST_EQUAL(mbedtls_ecdsa_raw_to_der(input->x, input->len, + tmp_buf, tmp_buf_len, &ret_len, + key_bits), exp_ret); + + if (exp_ret == 0) { + ASSERT_COMPARE(exp_result->x, exp_result->len, tmp_buf, ret_len); + } + +exit: + mbedtls_free(tmp_buf); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ +void ecdsa_der_to_raw(int key_bits, data_t *input, data_t *exp_result, int exp_ret) +{ + unsigned char *tmp_buf = NULL; + size_t tmp_buf_len = exp_result->len; + size_t ret_len; + + TEST_CALLOC(tmp_buf, tmp_buf_len); + + TEST_EQUAL(mbedtls_ecdsa_der_to_raw(input->x, input->len, + tmp_buf, tmp_buf_len, &ret_len, + key_bits), exp_ret); if (exp_ret == 0) { ASSERT_COMPARE(exp_result->x, exp_result->len, tmp_buf, ret_len); From 3ccb2b54236a096c6757521ecce458b5e84f4abe Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 10 Jan 2024 10:51:24 +0100 Subject: [PATCH 1505/1674] all.sh: add exception for ASN1_PARSE_C in check_test_dependencies There is no PSA equivalent to ASN1 legacy symbols. Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 44930d28b..41faaee47 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1059,11 +1059,16 @@ component_check_test_dependencies () { echo "!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" >> $expected # No PSA equivalent - used to skip decryption tests in PSA-ECB, CBC/XTS/NIST_KW/DES echo "!MBEDTLS_BLOCK_CIPHER_NO_DECRYPT" >> $expected - # This is used by import_rsa_made_up() in test_suite_psa_crypto in order - # to build a fake RSA key of the wanted size based on + # MBEDTLS_ASN1_WRITE_C is used by import_rsa_made_up() in test_suite_psa_crypto + # in order to build a fake RSA key of the wanted size based on # PSA_VENDOR_RSA_MAX_KEY_BITS. The legacy module is only used by # the test code and that's probably the most convenient way of achieving # the test's goal. + # + # Both MBEDTLS_ASN1_[PARSE|WRITE]_C are used in ECDSA conversion functions + # (in psa_util module) and, therefore, also in test_suite_psa_crypto_util. + # There is no PSA equivalent for these ASN1 symbols in PSA. + echo "MBEDTLS_ASN1_PARSE_C" >> $expected echo "MBEDTLS_ASN1_WRITE_C" >> $expected # No PSA equivalent - we should probably have one in the future. echo "MBEDTLS_ECP_RESTARTABLE" >> $expected From 86bae52c5500509d9837fff6f0d40e2cff980e2a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 10 Jan 2024 11:12:31 +0100 Subject: [PATCH 1506/1674] psa_util: skip leading zeros in der format with "if" instead of "while" This is possible because we know that DER format can have at most 1 leading zero. Signed-off-by: Valerio Setti --- library/psa_util.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_util.c b/library/psa_util.c index ad5c9fb12..e69ff6bb6 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -494,8 +494,8 @@ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, return ret; } - /* Skip leading zeros */ - while (*p == 0x00) { + /* Skip possible leading zero */ + if (*p == 0x00) { p++; unpadded_len--; /* It should never happen that the input number is all zeros. */ From a7b83a04ee9142f876c4703fbbdb5ee56c6566a9 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 10 Jan 2024 16:07:29 +0100 Subject: [PATCH 1507/1674] psa_util: add variable casting in convert_raw_to_der_single_int() Signed-off-by: Valerio Setti --- library/psa_util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_util.c b/library/psa_util.c index e69ff6bb6..ef9aff172 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -364,7 +364,7 @@ static int convert_raw_to_der_single_int(const unsigned char *raw_buf, size_t ra unsigned char *der_buf_end) { unsigned char *p = der_buf_end; - int len = raw_len; + int len = (int) raw_len; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; /* Copy the raw coordinate to the end of der_buf. */ From 31657ed70c80303d980c0d88ba5d0f1cca15fd4e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 11 Jan 2024 07:01:30 +0100 Subject: [PATCH 1508/1674] test_suite_psa_crypto_util: change curve type for 256bits tests Tests with 256 bits curve simply depends on any curve of that size, but they don't really care about which family is enabled. Here I replaced PSA_WANT_ECC_SECP_R1_256 with PSA_WANT_ECC_SECP_K1_256 because otherwise there were test disparities in the "analyze_driver_vs_reference_tfm_config" component of "analyze_outcomes.py". It looked simpler to change the curve type in the test suite's data rather than adding proper exceptions in "analyze_outcomes.py" Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 32 ++++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index a8d34581c..49848615c 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -1,65 +1,65 @@ ECDSA Raw -> DER, 256bit, Success -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_raw_to_der:256:"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":0 ECDSA Raw -> DER, 256bit, Raw data too short -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_raw_to_der:256:"111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA Raw -> DER, 256bit, DER buffer too small -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_raw_to_der:256:"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"304402201111111111111111111111111111111111111111111111111111111111111111022022222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ECDSA Raw -> DER, 256bit, Null r -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_raw_to_der:256:"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA Raw -> DER, 256bit, Null s -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_raw_to_der:256:"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA Raw -> DER, 256bit, r with MSb set -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_raw_to_der:256:"91111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"3045022100911111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":0 ECDSA Raw -> DER, 256bit, s with MSb set -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_raw_to_der:256:"1111111111111111111111111111111111111111111111111111111111111111A222222222222222222222222222222222222222222222222222222222222222":"304502201111111111111111111111111111111111111111111111111111111111111111022100A222222222222222222222222222222222222222222222222222222222222222":0 ECDSA DER -> Raw, 256bit, Success -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":0 ECDSA DER -> Raw, 256bit, Raw buffer too small -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ECDSA DER -> Raw, 256bit, Wrong sequence tag -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"40440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ECDSA DER -> Raw, 256bit, Invalid sequence length -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"30ff0220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_LENGTH ECDSA DER -> Raw, 256bit, Wrong integer tag -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"30440120111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ECDSA DER -> Raw, 256bit, Wrong r integer length (too small) -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"30440219111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ECDSA DER -> Raw, 256bit, Wrong r integer length (too large) -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"30440221111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ECDSA DER -> Raw, 256bit, Wrong s integer length (too small) -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102192222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ECDSA DER -> Raw, 256bit, Wrong s integer length (too large) -depends_on:PSA_WANT_ECC_SECP_R1_256 +depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102212222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_OUT_OF_DATA ECDSA Raw -> DER, 512bit, Success From 17105df3e776a79b2668c2fb960ef1f4dcb8171a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 11 Jan 2024 10:41:59 +0100 Subject: [PATCH 1509/1674] test_suite_psa_crypto_util: add comments to 512/521 bit size test cases Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 49848615c..45a3cb565 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -62,20 +62,24 @@ ECDSA DER -> Raw, 256bit, Wrong s integer length (too large) depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102212222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_OUT_OF_DATA +# 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. ECDSA Raw -> DER, 512bit, Success depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 ecdsa_raw_to_der:512:"1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"308184024011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111024022222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 +# 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. ECDSA DER -> Raw, 512bit, Success depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 ecdsa_der_to_raw:512:"308184024011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111024022222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 -# Bit length is rounded up to 528 to be multiple of 8 +# 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. +# Bit length is rounded up to 528 to be multiple of 8. ECDSA Raw -> DER, 521bit, Success depends_on:PSA_WANT_ECC_SECP_R1_521 ecdsa_raw_to_der:528:"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"30818802421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 -# Bit length is rounded up to 528 to be multiple of 8 +# 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. +# Bit length is rounded up to 528 to be multiple of 8. ECDSA DER -> Raw, 521bit, Success depends_on:PSA_WANT_ECC_SECP_R1_521 ecdsa_der_to_raw:528:"30818802421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 From f4d2dc2d772cef1baa7367996c45e9a0ae7e1be1 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 16 Jan 2024 10:57:48 +0100 Subject: [PATCH 1510/1674] psa_util: guard ECDSA conversion functions with proper (internal) symbol Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_crypto.h | 7 +++++++ include/mbedtls/psa_util.h | 4 ++++ library/psa_util.c | 4 ++++ tests/suites/test_suite_psa_crypto_util.function | 4 ++-- 4 files changed, 17 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 696266c6f..833f15268 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -400,6 +400,13 @@ #define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY #endif +/* psa_util file features some ECDSA conversion functions, to convert between + * legacy's ASN.1 DER format and PSA's raw one. */ +#if defined(MBEDTLS_ECDSA_C) || defined(MBEDTLS_PSA_CRYPTO_C) && \ + (defined(PSA_WANT_ALG_ECDSA) || defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)) +#define MBEDTLS_PSA_UTIL_HAVE_ECDSA +#endif + /* Some internal helpers to determine which keys are availble. */ #if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_AES_C)) || \ (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_AES)) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 93fb38d73..3bf05d183 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -182,6 +182,8 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa } #endif /* MBEDTLS_PSA_CRYPTO_C */ +#if defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) + #if defined(MBEDTLS_ASN1_WRITE_C) /** Convert an ECDSA signature from raw format (used by PSA APIs) to DER ASN.1 * format (used by legacy crypto APIs). @@ -220,6 +222,8 @@ int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, size_t bits); #endif /* MBEDTLS_ASN1_PARSE_C */ +#endif /* MBEDTLS_PSA_UTIL_HAVE_ECDSA */ + /**@}*/ #endif /* MBEDTLS_PSA_UTIL_H */ diff --git a/library/psa_util.c b/library/psa_util.c index ef9aff172..c78b6035d 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -338,6 +338,8 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t family, #endif /* MBEDTLS_PSA_CRYPTO_C */ +#if defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) + #if defined(MBEDTLS_ASN1_WRITE_C) /** * \brief Convert a single raw coordinate to DER ASN.1 format. The output der @@ -569,3 +571,5 @@ int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, return 0; } #endif /* MBEDTLS_ASN1_PARSE_C */ + +#endif /* MBEDTLS_PSA_UTIL_HAVE_ECDSA */ diff --git a/tests/suites/test_suite_psa_crypto_util.function b/tests/suites/test_suite_psa_crypto_util.function index 3c4976607..bfdafa7b3 100644 --- a/tests/suites/test_suite_psa_crypto_util.function +++ b/tests/suites/test_suite_psa_crypto_util.function @@ -3,7 +3,7 @@ #include /* END_HEADER */ -/* BEGIN_CASE depends_on:MBEDTLS_ASN1_WRITE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA:MBEDTLS_ASN1_WRITE_C */ void ecdsa_raw_to_der(int key_bits, data_t *input, data_t *exp_result, int exp_ret) { unsigned char *tmp_buf = NULL; @@ -25,7 +25,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ASN1_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA:MBEDTLS_ASN1_PARSE_C */ void ecdsa_der_to_raw(int key_bits, data_t *input, data_t *exp_result, int exp_ret) { unsigned char *tmp_buf = NULL; From 688f795cb38b86995051c3033b7aeb73f573ddf8 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 16 Jan 2024 09:18:40 +0100 Subject: [PATCH 1511/1674] asn1: use the new symbol to guard dependencies of ECDSA conversion functions Signed-off-by: Valerio Setti --- include/mbedtls/asn1.h | 5 +++-- include/mbedtls/asn1write.h | 5 +++-- include/mbedtls/psa_util.h | 4 ---- library/asn1parse.c | 5 +++-- library/asn1write.c | 5 +++-- library/psa_util.c | 4 ---- tests/suites/test_suite_psa_crypto_util.function | 4 ++-- 7 files changed, 14 insertions(+), 18 deletions(-) diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h index 3c3bfad9d..ff019f432 100644 --- a/include/mbedtls/asn1.h +++ b/include/mbedtls/asn1.h @@ -197,7 +197,8 @@ typedef struct mbedtls_asn1_named_data { } mbedtls_asn1_named_data; -#if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_CREATE_C) +#if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_CREATE_C) || \ + defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) /** * \brief Get the length of an ASN.1 element. * Updates the pointer to immediately behind the length. @@ -244,7 +245,7 @@ int mbedtls_asn1_get_len(unsigned char **p, int mbedtls_asn1_get_tag(unsigned char **p, const unsigned char *end, size_t *len, int tag); -#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C */ +#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C || MBEDTLS_PSA_UTIL_HAVE_ECDSA */ #if defined(MBEDTLS_ASN1_PARSE_C) /** diff --git a/include/mbedtls/asn1write.h b/include/mbedtls/asn1write.h index 7af4aba41..0c5a85ac2 100644 --- a/include/mbedtls/asn1write.h +++ b/include/mbedtls/asn1write.h @@ -36,7 +36,8 @@ extern "C" { #endif -#if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_X509_USE_C) +#if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_X509_USE_C) || \ + defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) /** * \brief Write a length field in ASN.1 format. * @@ -65,7 +66,7 @@ int mbedtls_asn1_write_len(unsigned char **p, const unsigned char *start, */ int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start, unsigned char tag); -#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C */ +#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C || MBEDTLS_PSA_UTIL_HAVE_ECDSA*/ #if defined(MBEDTLS_ASN1_WRITE_C) /** diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 3bf05d183..15e92e36f 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -184,7 +184,6 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa #if defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) -#if defined(MBEDTLS_ASN1_WRITE_C) /** Convert an ECDSA signature from raw format (used by PSA APIs) to DER ASN.1 * format (used by legacy crypto APIs). * @@ -201,9 +200,7 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, unsigned char *der, size_t der_size, size_t *der_len, size_t bits); -#endif /* MBEDTLS_ASN1_WRITE_C */ -#if defined(MBEDTLS_ASN1_PARSE_C) /** Convert an ECDSA signature from DER ASN.1 format (used by legacy crypto * APIs) to raw format (used by PSA APIs). * @@ -220,7 +217,6 @@ int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, unsigned char *raw, size_t raw_size, size_t *raw_len, size_t bits); -#endif /* MBEDTLS_ASN1_PARSE_C */ #endif /* MBEDTLS_PSA_UTIL_HAVE_ECDSA */ diff --git a/library/asn1parse.c b/library/asn1parse.c index c02b233ec..e33fdf71d 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -7,7 +7,8 @@ #include "common.h" -#if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_CREATE_C) +#if defined(MBEDTLS_ASN1_PARSE_C) || defined(MBEDTLS_X509_CREATE_C) || \ + defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) #include "mbedtls/asn1.h" #include "mbedtls/platform_util.h" @@ -73,7 +74,7 @@ int mbedtls_asn1_get_tag(unsigned char **p, return mbedtls_asn1_get_len(p, end, len); } -#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C */ +#endif /* MBEDTLS_ASN1_PARSE_C || MBEDTLS_X509_CREATE_C || MBEDTLS_PSA_UTIL_HAVE_ECDSA */ #if defined(MBEDTLS_ASN1_PARSE_C) int mbedtls_asn1_get_bool(unsigned char **p, diff --git a/library/asn1write.c b/library/asn1write.c index 114091d63..775a9ef53 100644 --- a/library/asn1write.c +++ b/library/asn1write.c @@ -7,7 +7,8 @@ #include "common.h" -#if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_X509_USE_C) +#if defined(MBEDTLS_ASN1_WRITE_C) || defined(MBEDTLS_X509_USE_C) || \ + defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) #include "mbedtls/asn1write.h" #include "mbedtls/error.h" @@ -62,7 +63,7 @@ int mbedtls_asn1_write_tag(unsigned char **p, const unsigned char *start, unsign return 1; } -#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C */ +#endif /* MBEDTLS_ASN1_WRITE_C || MBEDTLS_X509_USE_C || MBEDTLS_PSA_UTIL_HAVE_ECDSA */ #if defined(MBEDTLS_ASN1_WRITE_C) static int mbedtls_asn1_write_len_and_tag(unsigned char **p, diff --git a/library/psa_util.c b/library/psa_util.c index c78b6035d..9e21602f6 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -340,7 +340,6 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t family, #if defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) -#if defined(MBEDTLS_ASN1_WRITE_C) /** * \brief Convert a single raw coordinate to DER ASN.1 format. The output der * buffer is filled backward (i.e. starting from its end). @@ -451,9 +450,7 @@ int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, return 0; } -#endif /* MBEDTLS_ASN1_WRITE_C */ -#if defined(MBEDTLS_ASN1_PARSE_C) /** * \brief Convert a single integer from ASN.1 DER format to raw. * @@ -570,6 +567,5 @@ int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, return 0; } -#endif /* MBEDTLS_ASN1_PARSE_C */ #endif /* MBEDTLS_PSA_UTIL_HAVE_ECDSA */ diff --git a/tests/suites/test_suite_psa_crypto_util.function b/tests/suites/test_suite_psa_crypto_util.function index bfdafa7b3..8f0dd6cfc 100644 --- a/tests/suites/test_suite_psa_crypto_util.function +++ b/tests/suites/test_suite_psa_crypto_util.function @@ -3,7 +3,7 @@ #include /* END_HEADER */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA:MBEDTLS_ASN1_WRITE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA */ void ecdsa_raw_to_der(int key_bits, data_t *input, data_t *exp_result, int exp_ret) { unsigned char *tmp_buf = NULL; @@ -25,7 +25,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA:MBEDTLS_ASN1_PARSE_C */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA */ void ecdsa_der_to_raw(int key_bits, data_t *input, data_t *exp_result, int exp_ret) { unsigned char *tmp_buf = NULL; From 448377bec7c7d1a063c7bc6a0adeb8053659e97b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 16 Jan 2024 16:24:07 +0100 Subject: [PATCH 1512/1674] all.sh: remove MBEDTLS_ASN1_PARSE_C exception from check_test_dependencies() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 41faaee47..fddcc0153 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1065,10 +1065,9 @@ component_check_test_dependencies () { # the test code and that's probably the most convenient way of achieving # the test's goal. # - # Both MBEDTLS_ASN1_[PARSE|WRITE]_C are used in ECDSA conversion functions + # MBEDTLS_ASN1_WRITE_C is also used in ECDSA conversion functions # (in psa_util module) and, therefore, also in test_suite_psa_crypto_util. - # There is no PSA equivalent for these ASN1 symbols in PSA. - echo "MBEDTLS_ASN1_PARSE_C" >> $expected + # There is no PSA equivalent for this ASN1 symbols in PSA. echo "MBEDTLS_ASN1_WRITE_C" >> $expected # No PSA equivalent - we should probably have one in the future. echo "MBEDTLS_ECP_RESTARTABLE" >> $expected From 1533c3f660e009b333c9f1f47b4866769f3edde6 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 24 Jan 2024 11:24:20 +0100 Subject: [PATCH 1513/1674] test_suite_rsa: improve rsa_parse_write_pkcs1_key() adding more checks Signed-off-by: Valerio Setti --- tests/suites/test_suite_rsa.data | 8 ++++---- tests/suites/test_suite_rsa.function | 10 +++++++++- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index de5e5699a..92209c46f 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -617,13 +617,13 @@ depends_on:MBEDTLS_SELF_TEST rsa_selftest: RSA parse/write PKCS#1 private key - 1024 bits -rsa_import_pkcs1_key:0:"3082025d020100028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb702030100010281801e97247066217ff6303881341a259c4bcd3e147f87f1a714045e80a06b541847e2ce54a78801d21b302fd33f616d6ed7cfa8a262ef5e23257a1642b5fc5a61577f7dba2324e687a10b25751c78996e72d5a8c3bc4e33e4a2a96b2b44b6685e85c37200a34381269250b59f65468ea4288713c4ae3e0e064e524a53a5d7e1ec91024100cbd11d9aad72bfb8db4e6bc7c6910661b3f38fbfa368d6dba0cd6c9aa3a716c03fa374bf8b2e7ba73a216d6ded9468fbaa3d130ee376190cc41ef30419a7da1d024100c7c0e189209483f36ee00a67474960c6ddf0d3a63ca0c76955fe9f358435a5e5318c35397c4245042e0dfabf8decedfd36e4d211349b8ecc4c1baac83f30d4e3024008e692f2644cb48eb01516a3dcca0c8b4bbe81328f424ecfbc8ffc042ccd6932f014854eb017519315f8cbbc973979f4339503360d3ce50f27a96a576d7f65090241009c9b4ef74870c7a6b215ba7250446a385fc6b0d8d30da669a23f172948f71a923f2f528738316894a75ad46d1be3568ec05bd38a23b995d1fc1570e6c00c13cb0241008716c9fa7d2295f34f5849b7c593d1adcec72556ed1044cd79c868c890620b143874a8208a65b7c5e235ccaae4c2492107af513fb2cbb682a3e8119af028f7a8" +rsa_parse_write_pkcs1_key:0:"3082025d020100028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb702030100010281801e97247066217ff6303881341a259c4bcd3e147f87f1a714045e80a06b541847e2ce54a78801d21b302fd33f616d6ed7cfa8a262ef5e23257a1642b5fc5a61577f7dba2324e687a10b25751c78996e72d5a8c3bc4e33e4a2a96b2b44b6685e85c37200a34381269250b59f65468ea4288713c4ae3e0e064e524a53a5d7e1ec91024100cbd11d9aad72bfb8db4e6bc7c6910661b3f38fbfa368d6dba0cd6c9aa3a716c03fa374bf8b2e7ba73a216d6ded9468fbaa3d130ee376190cc41ef30419a7da1d024100c7c0e189209483f36ee00a67474960c6ddf0d3a63ca0c76955fe9f358435a5e5318c35397c4245042e0dfabf8decedfd36e4d211349b8ecc4c1baac83f30d4e3024008e692f2644cb48eb01516a3dcca0c8b4bbe81328f424ecfbc8ffc042ccd6932f014854eb017519315f8cbbc973979f4339503360d3ce50f27a96a576d7f65090241009c9b4ef74870c7a6b215ba7250446a385fc6b0d8d30da669a23f172948f71a923f2f528738316894a75ad46d1be3568ec05bd38a23b995d1fc1570e6c00c13cb0241008716c9fa7d2295f34f5849b7c593d1adcec72556ed1044cd79c868c890620b143874a8208a65b7c5e235ccaae4c2492107af513fb2cbb682a3e8119af028f7a8" RSA parse/write PKCS#1 public key - 1024 bits -rsa_import_pkcs1_key:1:"308189028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001" +rsa_parse_write_pkcs1_key:1:"308189028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001" RSA parse/write PKCS#1 private key - 2048 bits -rsa_import_pkcs1_key:0:"308204a40201000282010100dcabfd25f3b7d67155e5c2520518570e95754ef883a973f94b2b0fb2d7ad733a3b0976c6314770eaf728304ee61e0dfe91811fc4a8219fbc3687cb3cfca54b58804d1ed4de985dc827374cb31b7b23225e130858d6b812dee6a356a8f8d211ba0930d0ec38193cee0a186f4a760cc3aa40e1d04fe4a14506ed279a9080aedd2676a4026bcb1ee24b2c00853bffcc04b5fb3e542626c2b2c54a62f3d6e01df95544fdf85c22cc0846275cb9cdfe73876e94e532ced0bca9876de74ff1edc9c8ac89aa8586aa34ca6f44c972d1e73aaddae168a5e67ec69cd14f206155e6e1161e7aa6754e947d5d26ee5f8789598a79ea4ff0263e2b8bf90641320771955007d102030100010282010100d25c964f769d3aad0210ac04da5c90a9136b27e41a47108a86d0beff6341330640bf4dddb39e82134b97a12da58ae3165988f94ad4687148cfc6f5c4e6a7804316d3eddf496f807f4c7b17ffe9e3a1e3a2408c857bf32ff2137584284242a7a96c1780229f7bd7aca82d10f2afc48d4620e1e35e35fa52be3e97b16dad6e84dbdfab4e7e21c7c2e5e5cd1c936f6c221e806bd14afa77b3eefc62e984aa2d391da408aaec0dbd2eade3023ebac77e3416cd67491d60053d317c6c8665be5c33961c379309d37d0a653d1859a6abfe195644d474739dbc44f62e623505f9460d9d8defafb12f4149d5baaf798f1345f565430cd7c096c24ca8d02d13fe90c20c5102818100f116cfdbfc0d5b3528cbfada1b21d4292ff188d41a4b22e658a9e29f610adf5fcb3329b0f567ba5029195fd648d06cc2174638f2f18ff0e0251e283e0a0b1f792751925efb617af3405083245c673dae77edc811fd668769d28ac1bee36261658a32f56a5e1b9b9e4f4fa7da55adeeb08c92f1de89f6186bd9c6d1e721638d2d02818100ea51e8798225e4ee77aa08e2f5ee0f8b847edd4c34d9bf7b8cf339b61d5bd22d504c5ab5f17572850f39018736474a449186e783dfda35da95902c8eaaec4bebb8ab6c057c678f37cd53fc1a12e5ace83d2a44d72195d565b3e8c12f89f2523fe37e52adbafde783be361fcd1f021aaaabf860febd8c5726c7089622ccca73b50281807d8248b7d76204a78a13970650b5adc3bb67dcb9beee7abebc4dc4e3001c2ee9a9d97accdb1523137431f78890e3a09af28ee63ae3b2f1cd5ec57261c9ccbc97cff651630d2f5458aa94bf910061e6e49b1eb8d754ba39a8c7a8e0f04564041c5e73e4fb78fe9a673216dfe57451563fa70f20c79fbef43bc166160463877609028180693b0fa44206b2a145ac5f014e60f32a3cfe9c73b4e8754e0f26cc2c35531f38aa6f1fedc5da70ebc0c261255003041f771b96ad6ac29c9ce5be31c4808e4e2a366d05be10f89121065d49428c6a0914e32330774ce5f5480f5be02671551a0b07279c09d9885d8894cbc9cc5cb89d3138b9fb156c1ab2a8ff89a3a34d453e6102818100aff57dd813fd064d8d1a5e8c7ea7e534dff6963a9b5b1c4da12219268c0500288901bbd36edb8071679bcd9d0d8deacfaa52e4b3659f4a69a5c5322f104524f83eb4b94bf6f02b5ad7c2ccd9bc5688f4e18ff2a70ae7638a83f2f87d8ecc9e0eebf2283f809670c8a0b79e1a576a6c9c04d4d71b75647c818a23873cdc0d77bf" +rsa_parse_write_pkcs1_key:0:"308204a40201000282010100dcabfd25f3b7d67155e5c2520518570e95754ef883a973f94b2b0fb2d7ad733a3b0976c6314770eaf728304ee61e0dfe91811fc4a8219fbc3687cb3cfca54b58804d1ed4de985dc827374cb31b7b23225e130858d6b812dee6a356a8f8d211ba0930d0ec38193cee0a186f4a760cc3aa40e1d04fe4a14506ed279a9080aedd2676a4026bcb1ee24b2c00853bffcc04b5fb3e542626c2b2c54a62f3d6e01df95544fdf85c22cc0846275cb9cdfe73876e94e532ced0bca9876de74ff1edc9c8ac89aa8586aa34ca6f44c972d1e73aaddae168a5e67ec69cd14f206155e6e1161e7aa6754e947d5d26ee5f8789598a79ea4ff0263e2b8bf90641320771955007d102030100010282010100d25c964f769d3aad0210ac04da5c90a9136b27e41a47108a86d0beff6341330640bf4dddb39e82134b97a12da58ae3165988f94ad4687148cfc6f5c4e6a7804316d3eddf496f807f4c7b17ffe9e3a1e3a2408c857bf32ff2137584284242a7a96c1780229f7bd7aca82d10f2afc48d4620e1e35e35fa52be3e97b16dad6e84dbdfab4e7e21c7c2e5e5cd1c936f6c221e806bd14afa77b3eefc62e984aa2d391da408aaec0dbd2eade3023ebac77e3416cd67491d60053d317c6c8665be5c33961c379309d37d0a653d1859a6abfe195644d474739dbc44f62e623505f9460d9d8defafb12f4149d5baaf798f1345f565430cd7c096c24ca8d02d13fe90c20c5102818100f116cfdbfc0d5b3528cbfada1b21d4292ff188d41a4b22e658a9e29f610adf5fcb3329b0f567ba5029195fd648d06cc2174638f2f18ff0e0251e283e0a0b1f792751925efb617af3405083245c673dae77edc811fd668769d28ac1bee36261658a32f56a5e1b9b9e4f4fa7da55adeeb08c92f1de89f6186bd9c6d1e721638d2d02818100ea51e8798225e4ee77aa08e2f5ee0f8b847edd4c34d9bf7b8cf339b61d5bd22d504c5ab5f17572850f39018736474a449186e783dfda35da95902c8eaaec4bebb8ab6c057c678f37cd53fc1a12e5ace83d2a44d72195d565b3e8c12f89f2523fe37e52adbafde783be361fcd1f021aaaabf860febd8c5726c7089622ccca73b50281807d8248b7d76204a78a13970650b5adc3bb67dcb9beee7abebc4dc4e3001c2ee9a9d97accdb1523137431f78890e3a09af28ee63ae3b2f1cd5ec57261c9ccbc97cff651630d2f5458aa94bf910061e6e49b1eb8d754ba39a8c7a8e0f04564041c5e73e4fb78fe9a673216dfe57451563fa70f20c79fbef43bc166160463877609028180693b0fa44206b2a145ac5f014e60f32a3cfe9c73b4e8754e0f26cc2c35531f38aa6f1fedc5da70ebc0c261255003041f771b96ad6ac29c9ce5be31c4808e4e2a366d05be10f89121065d49428c6a0914e32330774ce5f5480f5be02671551a0b07279c09d9885d8894cbc9cc5cb89d3138b9fb156c1ab2a8ff89a3a34d453e6102818100aff57dd813fd064d8d1a5e8c7ea7e534dff6963a9b5b1c4da12219268c0500288901bbd36edb8071679bcd9d0d8deacfaa52e4b3659f4a69a5c5322f104524f83eb4b94bf6f02b5ad7c2ccd9bc5688f4e18ff2a70ae7638a83f2f87d8ecc9e0eebf2283f809670c8a0b79e1a576a6c9c04d4d71b75647c818a23873cdc0d77bf" RSA parse/write PKCS#1 public key - 2048 bits -rsa_import_pkcs1_key:1:"3082010a0282010100dcabfd25f3b7d67155e5c2520518570e95754ef883a973f94b2b0fb2d7ad733a3b0976c6314770eaf728304ee61e0dfe91811fc4a8219fbc3687cb3cfca54b58804d1ed4de985dc827374cb31b7b23225e130858d6b812dee6a356a8f8d211ba0930d0ec38193cee0a186f4a760cc3aa40e1d04fe4a14506ed279a9080aedd2676a4026bcb1ee24b2c00853bffcc04b5fb3e542626c2b2c54a62f3d6e01df95544fdf85c22cc0846275cb9cdfe73876e94e532ced0bca9876de74ff1edc9c8ac89aa8586aa34ca6f44c972d1e73aaddae168a5e67ec69cd14f206155e6e1161e7aa6754e947d5d26ee5f8789598a79ea4ff0263e2b8bf90641320771955007d10203010001" +rsa_parse_write_pkcs1_key:1:"3082010a0282010100dcabfd25f3b7d67155e5c2520518570e95754ef883a973f94b2b0fb2d7ad733a3b0976c6314770eaf728304ee61e0dfe91811fc4a8219fbc3687cb3cfca54b58804d1ed4de985dc827374cb31b7b23225e130858d6b812dee6a356a8f8d211ba0930d0ec38193cee0a186f4a760cc3aa40e1d04fe4a14506ed279a9080aedd2676a4026bcb1ee24b2c00853bffcc04b5fb3e542626c2b2c54a62f3d6e01df95544fdf85c22cc0846275cb9cdfe73876e94e532ced0bca9876de74ff1edc9c8ac89aa8586aa34ca6f44c972d1e73aaddae168a5e67ec69cd14f206155e6e1161e7aa6754e947d5d26ee5f8789598a79ea4ff0263e2b8bf90641320771955007d10203010001" diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 315d4f6bb..62f593e03 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -1373,7 +1373,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void rsa_import_pkcs1_key(int is_public, data_t *input) +void rsa_parse_write_pkcs1_key(int is_public, data_t *input) { mbedtls_rsa_context rsa_ctx; unsigned char *input_start = input->x; @@ -1388,13 +1388,21 @@ void rsa_import_pkcs1_key(int is_public, data_t *input) mbedtls_rsa_init(&rsa_ctx); + /* Parse the key and write it back to output_buf. */ if (is_public) { TEST_EQUAL(mbedtls_rsa_pubkey_parse(&rsa_ctx, &input_start, input_end), 0); + TEST_ASSERT(input_start == input_end); TEST_EQUAL(mbedtls_rsa_pubkey_write(&rsa_ctx, output_start, &output_end), input->len); } else { TEST_EQUAL(mbedtls_rsa_key_parse(&rsa_ctx, input->x, input->len), 0); TEST_EQUAL(mbedtls_rsa_key_write(&rsa_ctx, output_start, &output_end), input->len); } + /* This check holds because we alloacated an output buffer which is exactly + * large enough to contain the written data. */ + TEST_ASSERT(output_end == output_start); + + /* Check that the written key matches with the one provided in input. */ + TEST_MEMORY_COMPARE(output_buf, input->len, input->x, input->len); exit: mbedtls_free(output_buf); From 6def24ce73fb90d5706b290cce675f7bd0a0f4ba Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 24 Jan 2024 12:33:04 +0100 Subject: [PATCH 1514/1674] test_suite_[pkparse/rsa]: move RSA private key parsing tests Signed-off-by: Valerio Setti --- library/rsa_internal.h | 1 + tests/suites/test_suite_pkparse.data | 72 ---------------------------- tests/suites/test_suite_rsa.data | 54 +++++++++++++++++++++ tests/suites/test_suite_rsa.function | 13 +++++ 4 files changed, 68 insertions(+), 72 deletions(-) diff --git a/library/rsa_internal.h b/library/rsa_internal.h index 62972c634..6046850fc 100644 --- a/library/rsa_internal.h +++ b/library/rsa_internal.h @@ -15,6 +15,7 @@ #define MBEDTLS_RSA_INTERNAL_H #include "mbedtls/rsa.h" +#include "mbedtls/asn1.h" /** * \brief Parse a PKCS#1 (ASN.1) encoded private RSA key. diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index 638773587..762fd52a2 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -1120,78 +1120,6 @@ pk_parse_key:"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Key ASN1 (First tag not Sequence) pk_parse_key:"020100":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -Key ASN1 (RSAPrivateKey, incorrect version tag) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"300100":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, version tag missing) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"3000":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, invalid version) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"3003020101":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, correct version, incorrect tag) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"300402010000":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, correct format+values, minimal modulus size (128 bit)) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":0 - -Key ASN1 (RSAPrivateKey, correct format, modulus too small (127 bit)) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"30630201000211007c8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, correct format, modulus even) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857002030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, correct format, d == 0) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"30630201000211007c8ab070369ede72920e5a51523c8571020301000102110000000000000000000000000000000000020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, correct format, d == p == q == 0) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c8571020301000102110000000000000000000000000000000000020900000000000000000002090000000000000000000209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, correct values, trailing garbage) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"3064020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c00":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, correct values, n wrong tag) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"3063020100FF1100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, correct values, e wrong tag) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c8571FF030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, correct values, d wrong tag) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c85710203010001FF11009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, correct values, p wrong tag) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201FF0900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, correct values, q wrong tag) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61FF0900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, correct values, dp wrong tag) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a211FF09009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, correct values, dq wrong tag) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401FF0813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - -Key ASN1 (RSAPrivateKey, correct values, qp wrong tag) -depends_on:MBEDTLS_RSA_C -pk_parse_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b7221FF08052b93d01747a87c":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT - Key ASN1 (ECPrivateKey, empty parameters) depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_parse_key:"30070201010400a000":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 92209c46f..5d816104a 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -627,3 +627,57 @@ rsa_parse_write_pkcs1_key:0:"308204a40201000282010100dcabfd25f3b7d67155e5c252051 RSA parse/write PKCS#1 public key - 2048 bits rsa_parse_write_pkcs1_key:1:"3082010a0282010100dcabfd25f3b7d67155e5c2520518570e95754ef883a973f94b2b0fb2d7ad733a3b0976c6314770eaf728304ee61e0dfe91811fc4a8219fbc3687cb3cfca54b58804d1ed4de985dc827374cb31b7b23225e130858d6b812dee6a356a8f8d211ba0930d0ec38193cee0a186f4a760cc3aa40e1d04fe4a14506ed279a9080aedd2676a4026bcb1ee24b2c00853bffcc04b5fb3e542626c2b2c54a62f3d6e01df95544fdf85c22cc0846275cb9cdfe73876e94e532ced0bca9876de74ff1edc9c8ac89aa8586aa34ca6f44c972d1e73aaddae168a5e67ec69cd14f206155e6e1161e7aa6754e947d5d26ee5f8789598a79ea4ff0263e2b8bf90641320771955007d10203010001" + +RSA parse private key - incorrect version tag +rsa_parse_pkcs1_key:"300100":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +RSA parse private key - version tag missing +rsa_parse_pkcs1_key:"3000":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +RSA parse private key - invalid version +rsa_parse_pkcs1_key:"3003020101":MBEDTLS_ERR_RSA_BAD_INPUT_DATA + +RSA parse private key - correct version, incorrect tag +rsa_parse_pkcs1_key:"300402010000":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +RSA parse private key - correct format+values, minimal modulus size (128 bit) +rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":0 + +RSA parse private key - correct format, modulus too small (127 bit) +rsa_parse_pkcs1_key:"30630201000211007c8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED + +RSA parse private key - correct format, modulus even +rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c857002030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_RSA_BAD_INPUT_DATA + +RSA parse private key - correct format, d == 0 +rsa_parse_pkcs1_key:"30630201000211007c8ab070369ede72920e5a51523c8571020301000102110000000000000000000000000000000000020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_RSA_BAD_INPUT_DATA + +RSA parse private key - correct format, d == p == q == 0 +rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c8571020301000102110000000000000000000000000000000000020900000000000000000002090000000000000000000209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_RSA_BAD_INPUT_DATA + +RSA parse private key - correct values, trailing garbage +rsa_parse_pkcs1_key:"3064020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c00":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +RSA parse private key - correct values, n wrong tag +rsa_parse_pkcs1_key:"3063020100FF1100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +RSA parse private key - correct values, e wrong tag +rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c8571FF030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +RSA parse private key - correct values, d wrong tag +rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c85710203010001FF11009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +RSA parse private key - correct values, p wrong tag +rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201FF0900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +RSA parse private key - correct values, q wrong tag +rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61FF0900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +RSA parse private key - correct values, dp wrong tag +rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a211FF09009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +RSA parse private key - correct values, dq wrong tag +rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401FF0813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +RSA parse private key - correct values, qp wrong tag +rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b7221FF08052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 62f593e03..4fe15dd6b 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -1372,6 +1372,19 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void rsa_parse_pkcs1_key(data_t *input, int exp_ret_val) +{ + mbedtls_rsa_context rsa_ctx; + mbedtls_rsa_init(&rsa_ctx); + + TEST_EQUAL(mbedtls_rsa_key_parse(&rsa_ctx, input->x, input->len), exp_ret_val); + +exit: + mbedtls_rsa_free(&rsa_ctx); +} +/* END_CASE */ + /* BEGIN_CASE */ void rsa_parse_write_pkcs1_key(int is_public, data_t *input) { From 6d597f1967cb140686724f6cd1d69a988d801bc7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 24 Jan 2024 13:44:41 +0100 Subject: [PATCH 1515/1674] test_suite_rsa: extend rsa_parse_pkcs1_key adding tests for public key Signed-off-by: Valerio Setti --- tests/suites/test_suite_rsa.data | 66 ++++++++++++++++++++-------- tests/suites/test_suite_rsa.function | 11 ++++- 2 files changed, 57 insertions(+), 20 deletions(-) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 5d816104a..bd286814d 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -629,55 +629,85 @@ RSA parse/write PKCS#1 public key - 2048 bits rsa_parse_write_pkcs1_key:1:"3082010a0282010100dcabfd25f3b7d67155e5c2520518570e95754ef883a973f94b2b0fb2d7ad733a3b0976c6314770eaf728304ee61e0dfe91811fc4a8219fbc3687cb3cfca54b58804d1ed4de985dc827374cb31b7b23225e130858d6b812dee6a356a8f8d211ba0930d0ec38193cee0a186f4a760cc3aa40e1d04fe4a14506ed279a9080aedd2676a4026bcb1ee24b2c00853bffcc04b5fb3e542626c2b2c54a62f3d6e01df95544fdf85c22cc0846275cb9cdfe73876e94e532ced0bca9876de74ff1edc9c8ac89aa8586aa34ca6f44c972d1e73aaddae168a5e67ec69cd14f206155e6e1161e7aa6754e947d5d26ee5f8789598a79ea4ff0263e2b8bf90641320771955007d10203010001" RSA parse private key - incorrect version tag -rsa_parse_pkcs1_key:"300100":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +rsa_parse_pkcs1_key:0:"300100":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG RSA parse private key - version tag missing -rsa_parse_pkcs1_key:"3000":MBEDTLS_ERR_ASN1_OUT_OF_DATA +rsa_parse_pkcs1_key:0:"3000":MBEDTLS_ERR_ASN1_OUT_OF_DATA RSA parse private key - invalid version -rsa_parse_pkcs1_key:"3003020101":MBEDTLS_ERR_RSA_BAD_INPUT_DATA +rsa_parse_pkcs1_key:0:"3003020101":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA parse private key - correct version, incorrect tag -rsa_parse_pkcs1_key:"300402010000":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +rsa_parse_pkcs1_key:0:"300402010000":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG RSA parse private key - correct format+values, minimal modulus size (128 bit) -rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":0 +rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":0 RSA parse private key - correct format, modulus too small (127 bit) -rsa_parse_pkcs1_key:"30630201000211007c8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED +rsa_parse_pkcs1_key:0:"30630201000211007c8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED RSA parse private key - correct format, modulus even -rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c857002030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_RSA_BAD_INPUT_DATA +rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c857002030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA parse private key - correct format, d == 0 -rsa_parse_pkcs1_key:"30630201000211007c8ab070369ede72920e5a51523c8571020301000102110000000000000000000000000000000000020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_RSA_BAD_INPUT_DATA +rsa_parse_pkcs1_key:0:"30630201000211007c8ab070369ede72920e5a51523c8571020301000102110000000000000000000000000000000000020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA parse private key - correct format, d == p == q == 0 -rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c8571020301000102110000000000000000000000000000000000020900000000000000000002090000000000000000000209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_RSA_BAD_INPUT_DATA +rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c8571020301000102110000000000000000000000000000000000020900000000000000000002090000000000000000000209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA parse private key - correct values, trailing garbage -rsa_parse_pkcs1_key:"3064020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c00":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH +rsa_parse_pkcs1_key:0:"3064020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c00":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH RSA parse private key - correct values, n wrong tag -rsa_parse_pkcs1_key:"3063020100FF1100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +rsa_parse_pkcs1_key:0:"3063020100FF1100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG RSA parse private key - correct values, e wrong tag -rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c8571FF030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c8571FF030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG RSA parse private key - correct values, d wrong tag -rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c85710203010001FF11009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c85710203010001FF11009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG RSA parse private key - correct values, p wrong tag -rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201FF0900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201FF0900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG RSA parse private key - correct values, q wrong tag -rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61FF0900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61FF0900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG RSA parse private key - correct values, dp wrong tag -rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a211FF09009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a211FF09009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG RSA parse private key - correct values, dq wrong tag -rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401FF0813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401FF0813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG RSA parse private key - correct values, qp wrong tag -rsa_parse_pkcs1_key:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b7221FF08052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b7221FF08052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +RSA parse public key - wrong initial tag +rsa_parse_pkcs1_key:1:"318189028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +RSA parse public key - wrong modulus tag +rsa_parse_pkcs1_key:1:"308189038181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +RSA parse public key - wrong public exponent tag +rsa_parse_pkcs1_key:1:"308189028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70303010001":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +RSA parse public key - modulus 0 +rsa_parse_pkcs1_key:1:"3081890281810000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000203010001":MBEDTLS_ERR_RSA_BAD_INPUT_DATA + +RSA parse public key - public exponent 0 +rsa_parse_pkcs1_key:1:"308189028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203000000":MBEDTLS_ERR_RSA_BAD_INPUT_DATA + +RSA parse public key - wrong sequence length +rsa_parse_pkcs1_key:1:"308188028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +RSA parse public key - wrong modulus length +rsa_parse_pkcs1_key:1:"308189028180009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + +RSA parse public key - wrong public exponent length +rsa_parse_pkcs1_key:1:"308189028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70202010001":MBEDTLS_ERR_RSA_BAD_INPUT_DATA + +RSA parse public key - missing modulus +rsa_parse_pkcs1_key:1:"30050203010001":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +RSA parse public key - missing public exponent +rsa_parse_pkcs1_key:1:"308184028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb7":MBEDTLS_ERR_ASN1_OUT_OF_DATA diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 4fe15dd6b..71ca2b9ac 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -1373,12 +1373,19 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void rsa_parse_pkcs1_key(data_t *input, int exp_ret_val) +void rsa_parse_pkcs1_key(int is_public, data_t *input, int exp_ret_val) { mbedtls_rsa_context rsa_ctx; + unsigned char *start = input->x; + unsigned char *end = input->x + input->len; + mbedtls_rsa_init(&rsa_ctx); - TEST_EQUAL(mbedtls_rsa_key_parse(&rsa_ctx, input->x, input->len), exp_ret_val); + if (is_public) { + TEST_EQUAL(mbedtls_rsa_pubkey_parse(&rsa_ctx, &start, end), exp_ret_val); + } else { + TEST_EQUAL(mbedtls_rsa_key_parse(&rsa_ctx, input->x, input->len), exp_ret_val); + } exit: mbedtls_rsa_free(&rsa_ctx); From ea986472828ad935dddaa9fe481bcc7d9b482df6 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 24 Jan 2024 13:55:56 +0100 Subject: [PATCH 1516/1674] changelog: document RSA parse/write improvements Signed-off-by: Valerio Setti --- ChangeLog.d/8647.txt | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 ChangeLog.d/8647.txt diff --git a/ChangeLog.d/8647.txt b/ChangeLog.d/8647.txt new file mode 100644 index 000000000..cfd3a4b9f --- /dev/null +++ b/ChangeLog.d/8647.txt @@ -0,0 +1,7 @@ +Default behavior changes + * Importing of RSA keys in PEM format in PSA is officially unsupported + (this was previously undocumented). + +Features + * It is possible to enable RSA support in PSA (MBEDTLS_PSA_CRYPTO_C + + RSA_C) without enabling PK module (MBEDTLS_[PK|PK_WRITE|PK_PARSE]_C). From 9cd2e9ad1b0c198708694661fc0567cddf2c754a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jan 2024 13:40:09 +0100 Subject: [PATCH 1517/1674] mbedtls_pk_get_psa_attributes: require MBEDTLS_PSA_CRYPTO_C Ideally this and other pk functions would work with MBEDTLS_PSA_CRYPTO_CLIENT (i.e. whether PSA API functions are implemented locally or via client-server communication). However, at the moment, some helper functions are missing when MBEDTLS_PSA_CRYPTO_C is disabled, at least mbedtls_ecc_group_to_psa(). For the time being, don't provide mbedtls_pk_get_psa_attributes() when MBEDTLS_PSA_CRYPTO_C is disabled. We can improve later, looking generally at a group of functions to generalize, not mixed with delivering new APIs. Signed-off-by: Gilles Peskine --- include/mbedtls/pk.h | 4 ++-- library/pk.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index a43b94955..54ca9adc8 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -484,7 +484,7 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, psa_key_usage_t usage); #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) +#if defined(MBEDTLS_PSA_CRYPTO_C) /** * \brief Determine valid PSA attributes that can be used to * import a key into PSA. @@ -596,7 +596,7 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, psa_key_usage_t usage, psa_key_attributes_t *attributes); -#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ +#endif /* MBEDTLS_PSA_CRYPTO_C */ /** * \brief Verify signature (including padding if relevant). diff --git a/library/pk.c b/library/pk.c index 191132553..b629ce2e8 100644 --- a/library/pk.c +++ b/library/pk.c @@ -378,7 +378,7 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, } #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) +#if defined(MBEDTLS_PSA_CRYPTO_C) #if defined(MBEDTLS_RSA_C) static psa_algorithm_t psa_algorithm_for_rsa(const mbedtls_rsa_context *rsa, int want_crypt) @@ -586,7 +586,7 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, return 0; } -#endif +#endif /* MBEDTLS_PSA_CRYPTO_C */ /* * Helper for mbedtls_pk_sign and mbedtls_pk_verify From 2bd4ddc8e0c0a908aea046ff8f79547805e840cd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jan 2024 14:15:02 +0100 Subject: [PATCH 1518/1674] Implement pick-a-curve when ECP_LIGHT is disabled Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.function | 39 ++++++++++++++++++++++++++++- 1 file changed, 38 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index e522ea747..2a8a5f78c 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -160,6 +160,43 @@ size_t mbedtls_rsa_key_len_func(void *ctx) } #endif /* MBEDTLS_RSA_C */ +#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_PK_HAVE_ECC_KEYS) +static mbedtls_ecp_group_id ecc_pick_grp_id(void) +{ +#if defined(MBEDTLS_ECP_LIGHT) + return mbedtls_ecp_grp_id_list()[0]; +#elif defined(PSA_WANT_ECC_SECP_R1_192) + return MBEDTLS_ECP_DP_SECP192R1; +#elif defined(PSA_WANT_ECC_SECP_R1_224) + return MBEDTLS_ECP_DP_SECP224R1; +#elif defined(PSA_WANT_ECC_SECP_R1_256) + return MBEDTLS_ECP_DP_SECP256R1; +#elif defined(PSA_WANT_ECC_SECP_R1_384) + return MBEDTLS_ECP_DP_SECP384R1; +#elif defined(PSA_WANT_ECC_SECP_R1_521) + return MBEDTLS_ECP_DP_SECP521R1; +#elif defined(PSA_WANT_ECC_SECP_K1_192) + return MBEDTLS_ECP_DP_SECP192K1; +#elif defined(PSA_WANT_ECC_SECP_K1_224) + return MBEDTLS_ECP_DP_SECP224K1; +#elif defined(PSA_WANT_ECC_SECP_K1_256) + return MBEDTLS_ECP_DP_SECP256K1; +#elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) + return MBEDTLS_ECP_DP_BP256R1; +#elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) + return MBEDTLS_ECP_DP_BP384R1; +#elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) + return MBEDTLS_ECP_DP_BP512R1; +#elif defined(PSA_WANT_ECC_MONTGOMERY_255) + return MBEDTLS_ECP_DP_CURVE25519; +#elif defined(PSA_WANT_ECC_MONTGOMERY_448) + return MBEDTLS_ECP_DP_CURVE448; +#else + return 0; +#endif +} +#endif /* defined(MBEDTLS_PSA_CRYPTO_C) && defined(MBEDTLS_PK_HAVE_ECC_KEYS) */ + #if defined(MBEDTLS_PSA_CRYPTO_C) static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair, mbedtls_pk_context *pk, psa_key_type_t *psa_type) @@ -201,7 +238,7 @@ static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair, case MBEDTLS_PK_ECKEY_DH: case MBEDTLS_PK_ECDSA: { - mbedtls_ecp_group_id grp_id = mbedtls_ecp_grp_id_list()[0]; + mbedtls_ecp_group_id grp_id = ecc_pick_grp_id(); size_t bits; *psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR(mbedtls_ecc_group_to_psa(grp_id, &bits)); TEST_EQUAL(pk_genkey(pk, grp_id), 0); From 77faddf93b3fbe9601dcdb69fdc0e338d5f5133d Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 24 Jan 2024 10:50:17 +0100 Subject: [PATCH 1519/1674] Depend on legacy RSA key generation for test code In principle the RSA tests shouldn't depend on RSA key generation: they just need to operate on RSA keys. However they do need some method of creating an RSA key, and we're currently doing random generation. So depend on what the test code needs. Depend on the legacy RSA interface, since driver-only RSA isn't currently supported in the PK module. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.data | 96 ++++++++++++++--------------- tests/suites/test_suite_pk.function | 6 +- 2 files changed, 53 insertions(+), 49 deletions(-) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 8951e7217..e64f9b761 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -688,136 +688,136 @@ pk_get_psa_attributes_fail:MBEDTLS_PK_NONE:0:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ # Bad usage due to not specifying sign/crypt/derive. PSA attributes for pk: RSA usage=0 (bad) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:0:MBEDTLS_ERR_PK_TYPE_MISMATCH # Bad usage due to not specifying sign/crypt/derive. PSA attributes for pk: RSA usage=EXPORT (bad) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_EXPORT:MBEDTLS_ERR_PK_TYPE_MISMATCH # This usage could make sense, but is not currently supported. PSA attributes for pk: RSA usage=DECRYPT|EXPORT (bad) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:MBEDTLS_ERR_PK_TYPE_MISMATCH # Bad usage due to not specifying more than one of sign/crypt/derive. PSA attributes for pk: RSA usage=DECRYPT|SIGN_MESSAGE (bad) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH # This usage could make sense, but is not currently supported. PSA attributes for pk: RSA usage=SIGN_MESSAGE|SIGN_HASH (bad) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH # This usage could make sense, but is not currently supported. PSA attributes for pk: RSA usage=SIGN_MESSAGE|VERIFY_MESSAGE (bad) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: RSA v15 pair DECRYPT -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_DECRYPT:1:PSA_ALG_RSA_PKCS1V15_CRYPT PSA attributes for pk: RSA v21 SHA-256 pair DECRYPT -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_SHA256:1:PSA_KEY_USAGE_DECRYPT:1:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) PSA attributes for pk: RSA v21 SHA-512 pair DECRYPT -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512 pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_SHA512:1:PSA_KEY_USAGE_DECRYPT:1:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512) PSA attributes for pk: RSA v15 pair->public ENCRYPT -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_ENCRYPT:0:PSA_ALG_RSA_PKCS1V15_CRYPT PSA attributes for pk: RSA v21 SHA-256 pair->public ENCRYPT -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_SHA256:1:PSA_KEY_USAGE_ENCRYPT:0:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) PSA attributes for pk: RSA v21 SHA-512 pair->public ENCRYPT -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512 pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_SHA512:1:PSA_KEY_USAGE_ENCRYPT:0:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512) PSA attributes for pk: RSA v15 public ENCRYPT -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_ENCRYPT:0:PSA_ALG_RSA_PKCS1V15_CRYPT PSA attributes for pk: RSA v21 SHA-256 public ENCRYPT -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA256 pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_SHA256:0:PSA_KEY_USAGE_ENCRYPT:0:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256) PSA attributes for pk: RSA v21 SHA-512 public ENCRYPT -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_MD_CAN_SHA512 pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_SHA512:0:PSA_KEY_USAGE_ENCRYPT:0:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_512) PSA attributes for pk: RSA v15 public DECRYPT (bad) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: RSA v15 pair SIGN_MESSAGE -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_SIGN_MESSAGE:1:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) PSA attributes for pk: RSA v21 SHA-256 pair SIGN_MESSAGE -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21 pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_NONE:1:PSA_KEY_USAGE_SIGN_MESSAGE:1:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH) PSA attributes for pk: RSA v15 pair SIGN_HASH -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_SIGN_HASH:1:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) PSA attributes for pk: RSA v21 SHA-256 pair SIGN_HASH -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21 pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_NONE:1:PSA_KEY_USAGE_SIGN_HASH:1:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH) PSA attributes for pk: RSA v15 pair->public VERIFY_MESSAGE -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) PSA attributes for pk: RSA v21 SHA-256 pair->public VERIFY_MESSAGE -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21 pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_NONE:1:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH) PSA attributes for pk: RSA v15 pair->public VERIFY_HASH -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) PSA attributes for pk: RSA v21 SHA-256 pair->public VERIFY_HASH -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21 pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_NONE:1:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH) PSA attributes for pk: RSA v15 public VERIFY_MESSAGE -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) PSA attributes for pk: RSA v21 SHA-256 public VERIFY_MESSAGE -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21 pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_NONE:0:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH) PSA attributes for pk: RSA v15 public VERIFY_HASH -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH) PSA attributes for pk: RSA v21 SHA-256 public VERIFY_HASH -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21 pk_rsa_v21_get_psa_attributes:MBEDTLS_MD_NONE:0:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH) PSA attributes for pk: RSA v15 public SIGN_MESSAGE (bad) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: RSA v15 public SIGN_HASH (bad) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: RSA v15 pair DERIVE (bad) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: RSA v15 public DERIVE (bad) -depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY pair DECRYPT (bad) @@ -989,69 +989,69 @@ depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_VERIFY_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: opaque RSA pair, 0 & SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:0 PSA attributes for pk: opaque RSA pair, SIGN_MESSAGE & SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE PSA attributes for pk: opaque RSA pair, SIGN|VERIFY & SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA attributes for pk: opaque RSA pair, SIGN|DECRYPT & SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_DECRYPT PSA attributes for pk: opaque RSA pair, SIGN|... & SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT # For a PK_OPAQUE key, mbedtls_pk_get_psa_attributes() ignores the input # key's algorithm policy. Just this time, test with a few different algorithms. PSA attributes for pk: opaque RSA pair, 0 & SIGN_HASH [0] -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:1:0 PSA attributes for pk: opaque RSA pair, 0 & SIGN_HASH [raw] -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_HASH:0:1:0 PSA attributes for pk: opaque RSA pair, 0 & SIGN_HASH [v15] -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_HASH:0:1:0 PSA attributes for pk: opaque RSA pair, 0 & SIGN_HASH [PSS] -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:0:1:0 PSA attributes for pk: opaque RSA pair, DECRYPT & DECRYPT -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_DECRYPT:0:1:PSA_KEY_USAGE_DECRYPT PSA attributes for pk: opaque RSA pair, DECRYPT|... & DECRYPT -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_DECRYPT:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT PSA attributes for pk: opaque RSA pair, ... & DERIVE (bad) -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 PSA attributes for pk: opaque RSA pair, ... & EXPORT (bad) -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_EXPORT:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 PSA attributes for pk: opaque RSA pair->public, 0 & VERIFY_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY_MESSAGE:0:0:0 PSA attributes for pk: opaque RSA pair->public, 0 & VERIFY_HASH -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY_HASH:0:0:0 PSA attributes for pk: opaque RSA pair->public, 0 & ENCRYPT -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_ENCRYPT:0:0:0 PSA attributes for pk: opaque ECC pair, 0 & SIGN_MESSAGE diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 2a8a5f78c..cf0581c83 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -215,10 +215,14 @@ static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair, *psa_type = PSA_KEY_TYPE_RSA_KEY_PAIR; mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk); if (want_pair) { +#if defined(MBEDTLS_GENPRIME) TEST_EQUAL(mbedtls_rsa_gen_key( rsa, mbedtls_test_rnd_std_rand, NULL, MBEDTLS_RSA_GEN_KEY_MIN_BITS, 65537), 0); +#else + TEST_FAIL("I don't know how to create an RSA key pair in this configuration."); +#endif } else { unsigned char N[PSA_BITS_TO_BYTES(MBEDTLS_RSA_GEN_KEY_MIN_BITS)] = { 0xff }; N[sizeof(N) - 1] = 0x03; @@ -1772,7 +1776,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21 */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_GENPRIME */ void pk_rsa_v21_get_psa_attributes(int md_type, int from_pair, int usage_arg, int to_pair, int expected_alg) From 80edec5f847a2baaaa3173bd849cc8dac1a0b8d4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 25 Jan 2024 09:33:48 +0100 Subject: [PATCH 1520/1674] all.sh: remove MBEDTLS_PEM_PARSE_C exception from check_test_dependencies() Since we officially disabled support for importing of PEM formatted keys into PSA we removed dedicated tests from test_suite_psa_crypto. As a consequence MBEDTLS_PEM_PARSE_C is no more an exception for component_check_test_dependencies(). Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f0a0058c9..318df378a 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1069,9 +1069,6 @@ component_check_test_dependencies () { echo "MBEDTLS_ECP_RESTARTABLE" >> $expected # No PSA equivalent - needed by some init tests echo "MBEDTLS_ENTROPY_NV_SEED" >> $expected - # Used by two tests that are about an extension to the PSA standard; - # as such, no PSA equivalent. - echo "MBEDTLS_PEM_PARSE_C" >> $expected # Compare reality with expectation. # We want an exact match, to ensure the above list remains up-to-date. From 92c17c456c6cef1058598062b207c032d8b9fad3 Mon Sep 17 00:00:00 2001 From: Chien Wong Date: Thu, 25 Jan 2024 19:11:03 +0800 Subject: [PATCH 1521/1674] Use separate input/output buffer. Explain why error is expected Signed-off-by: Chien Wong --- tests/suites/test_suite_gcm.function | 43 ++++++++++++++++------------ 1 file changed, 25 insertions(+), 18 deletions(-) diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index 07a6e4593..e23d8d03d 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -493,15 +493,20 @@ exit: /* END_CASE */ /* BEGIN_CASE */ +/* NISP SP 800-38D, Section 5.2.1.1 requires that bit length of IV should + * satisfy 1 <= bit_len(IV) <= 2^64 - 1. */ void gcm_invalid_iv_len(void) { mbedtls_gcm_context ctx; uint8_t b16[16] = { 0 }; + // Invalid IV length 0 gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, 0, MBEDTLS_ERR_GCM_BAD_INPUT); mbedtls_gcm_free(&ctx); + // Only testable on platforms where sizeof(size_t) >= 8. #if SIZE_MAX >= UINT64_MAX + // Invalid IV length 2^61 gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, 1ULL << 61, MBEDTLS_ERR_GCM_BAD_INPUT); mbedtls_gcm_free(&ctx); #endif @@ -513,30 +518,31 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -/* - * Test if GCM rejects total ad_len >= 2^61 bytes. - * Also test if GCM handles potential total ad_len overflow properly. - - * Only testable on platforms where sizeof(size_t) >= 8. - */ void gcm_add_len_too_long(void) { + // Only testable on platforms where sizeof(size_t) >= 8. #if SIZE_MAX >= UINT64_MAX mbedtls_gcm_context ctx; uint8_t b16[16] = { 0 }; + /* NISP SP 800-38D, Section 5.2.1.1 requires that bit length of AD should + * be <= 2^64 - 1, ie < 2^64. This is the minimum invalid length in bytes. */ + uint64_t len_max = 1ULL << 61; gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, sizeof(b16), 0); - TEST_EQUAL(mbedtls_gcm_update_ad(&ctx, b16, 1ULL << 61), + // Feed AD that just exceeds the length limit + TEST_EQUAL(mbedtls_gcm_update_ad(&ctx, b16, len_max), MBEDTLS_ERR_GCM_BAD_INPUT); mbedtls_gcm_free(&ctx); gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, sizeof(b16), 0); + // Feed AD that just exceeds the length limit in two calls TEST_EQUAL(mbedtls_gcm_update_ad(&ctx, b16, 1), 0); - TEST_EQUAL(mbedtls_gcm_update_ad(&ctx, b16, (1ULL << 61) - 1), + TEST_EQUAL(mbedtls_gcm_update_ad(&ctx, b16, len_max - 1), MBEDTLS_ERR_GCM_BAD_INPUT); mbedtls_gcm_free(&ctx); gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, sizeof(b16), 0); + // Test if potential total AD length overflow is handled properly TEST_EQUAL(mbedtls_gcm_update_ad(&ctx, b16, 1), 0); TEST_EQUAL(mbedtls_gcm_update_ad(&ctx, b16, UINT64_MAX), MBEDTLS_ERR_GCM_BAD_INPUT); @@ -547,35 +553,36 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -/* - * Test if GCM rejects total input length > 2^36 - 32 bytes. - * Also test if GCM handles potential total input length overflow properly. - - * Only testable on platforms where sizeof(size_t) >= 8. - */ void gcm_input_len_too_long(void) { + // Only testable on platforms where sizeof(size_t) >= 8 #if SIZE_MAX >= UINT64_MAX mbedtls_gcm_context ctx; uint8_t b16[16] = { 0 }; + uint8_t out[1]; size_t out_len; + /* NISP SP 800-38D, Section 5.2.1.1 requires that bit length of input should + * be <= 2^39 - 256. This is the maximum valid length in bytes. */ uint64_t len_max = (1ULL << 36) - 32; gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, sizeof(b16), 0); - TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, len_max + 1, b16, len_max + 1, + // Feed input that just exceeds the length limit + TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, len_max + 1, out, len_max + 1, &out_len), MBEDTLS_ERR_GCM_BAD_INPUT); mbedtls_gcm_free(&ctx); gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, sizeof(b16), 0); - TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, 1, b16, 1, &out_len), 0); + // Feed input that just exceeds the length limit in two calls + TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, 1, out, 1, &out_len), 0); TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, len_max, b16, len_max, &out_len), MBEDTLS_ERR_GCM_BAD_INPUT); mbedtls_gcm_free(&ctx); gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, sizeof(b16), 0); - TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, 1, b16, 1, &out_len), 0); - TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, UINT64_MAX, b16, UINT64_MAX, + // Test if potential total input length overflow is handled properly + TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, 1, out, 1, &out_len), 0); + TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, UINT64_MAX, out, UINT64_MAX, &out_len), MBEDTLS_ERR_GCM_BAD_INPUT); From ef56795fd273b36a712dde7987a10fd54065ec79 Mon Sep 17 00:00:00 2001 From: Chien Wong Date: Thu, 25 Jan 2024 19:22:50 +0800 Subject: [PATCH 1522/1674] Fix 1 forgotten separate input/output buffer Signed-off-by: Chien Wong --- tests/suites/test_suite_gcm.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index e23d8d03d..dac2a5df2 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -575,7 +575,7 @@ void gcm_input_len_too_long(void) gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, sizeof(b16), 0); // Feed input that just exceeds the length limit in two calls TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, 1, out, 1, &out_len), 0); - TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, len_max, b16, len_max, &out_len), + TEST_EQUAL(mbedtls_gcm_update(&ctx, b16, len_max, out, len_max, &out_len), MBEDTLS_ERR_GCM_BAD_INPUT); mbedtls_gcm_free(&ctx); From 43643c471492a6524600ecbbd3b90db94b3db538 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 25 Jan 2024 13:21:59 +0100 Subject: [PATCH 1523/1674] Remove now-redundant guard fixup "mbedtls_pk_get_psa_attributes: require MBEDTLS_PSA_CRYPTO_C" Signed-off-by: Gilles Peskine --- library/pk.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/library/pk.c b/library/pk.c index b629ce2e8..3f2878738 100644 --- a/library/pk.c +++ b/library/pk.c @@ -577,12 +577,7 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, } psa_set_key_usage_flags(attributes, more_usage); -#if defined(MBEDTLS_PSA_CRYPTO_C) - /* Assume that we have all Mbed TLS attributes. When - * MBEDTLS_PSA_CRYPTO_CLIENT is enabled but not MBEDTLS_PSA_CRYPTO_C, - * we only assume standard PSA functions. */ psa_set_key_enrollment_algorithm(attributes, PSA_ALG_NONE); -#endif return 0; } From da2a33de0f2d0f7f179220d1a92f788d1459c3e3 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Thu, 25 Jan 2024 20:48:56 +0000 Subject: [PATCH 1524/1674] tests: fix `calloc()` argument list (`gcc-14` fix) `gcc-14` added a new `-Wcalloc-transposed-args` warning recently. It detected minor infelicity in `calloc()` API usage in `mbedtls`: In file included from /build/mbedtls/tests/include/test/ssl_helpers.h:19, from /build/mbedtls/tests/src/test_helpers/ssl_helpers.c:11: /build/mbedtls/tests/src/test_helpers/ssl_helpers.c: In function 'mbedtls_test_init_handshake_options': /build/mbedtls/tests/include/test/macros.h:128:46: error: 'calloc' sizes specified with 'sizeof' in the earlier argument and not in the later argument [-Werror=calloc-transposed-args] 128 | (pointer) = mbedtls_calloc(sizeof(*(pointer)), \ | ^ Signed-off-by: Sergei Trofimovich --- tests/include/test/macros.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h index 8de9c4d95..a73e06fca 100644 --- a/tests/include/test/macros.h +++ b/tests/include/test/macros.h @@ -125,8 +125,8 @@ do { \ TEST_ASSERT((pointer) == NULL); \ if ((item_count) != 0) { \ - (pointer) = mbedtls_calloc(sizeof(*(pointer)), \ - (item_count)); \ + (pointer) = mbedtls_calloc((item_count), \ + sizeof(*(pointer))); \ TEST_ASSERT((pointer) != NULL); \ } \ } while (0) @@ -155,8 +155,8 @@ #define TEST_CALLOC_NONNULL(pointer, item_count) \ do { \ TEST_ASSERT((pointer) == NULL); \ - (pointer) = mbedtls_calloc(sizeof(*(pointer)), \ - (item_count)); \ + (pointer) = mbedtls_calloc((item_count), \ + sizeof(*(pointer))); \ if (((pointer) == NULL) && ((item_count) == 0)) { \ (pointer) = mbedtls_calloc(1, 1); \ } \ @@ -175,8 +175,8 @@ do { \ TEST_ASSERT((pointer) == NULL); \ if ((item_count) != 0) { \ - (pointer) = mbedtls_calloc(sizeof(*(pointer)), \ - (item_count)); \ + (pointer) = mbedtls_calloc((item_count), \ + sizeof(*(pointer))); \ TEST_ASSUME((pointer) != NULL); \ } \ } while (0) From 1a54352f5a2abccf86f52108398fbc3f9126760b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 26 Jan 2024 09:35:18 +0100 Subject: [PATCH 1525/1674] psa_crypto_ffdh: move dhm.h inclusion to c file Signed-off-by: Valerio Setti --- library/psa_crypto_ffdh.c | 6 ++++++ library/psa_crypto_ffdh.h | 1 - 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto_ffdh.c b/library/psa_crypto_ffdh.c index 6cc086ef6..95b2a1eab 100644 --- a/library/psa_crypto_ffdh.c +++ b/library/psa_crypto_ffdh.c @@ -10,6 +10,12 @@ #if defined(MBEDTLS_PSA_CRYPTO_C) +/* This header is only needed because it defines + * MBEDTLS_DHM_RFC7919_FFDHExxxx_[P|G]_BIN symbols that are used in + * mbedtls_psa_ffdh_set_prime_generator(). A part from that, this module + * only uses bignum functions for arithmetic. */ +#include + #include #include "psa_crypto_core.h" #include "psa_crypto_ffdh.h" diff --git a/library/psa_crypto_ffdh.h b/library/psa_crypto_ffdh.h index baeb9286c..79accd15a 100644 --- a/library/psa_crypto_ffdh.h +++ b/library/psa_crypto_ffdh.h @@ -10,7 +10,6 @@ #define PSA_CRYPTO_FFDH_H #include -#include /** Perform a key agreement and return the FFDH shared secret. * From 48e4167cedda343e05645999564780164cf9eebe Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 26 Jan 2024 10:34:32 +0100 Subject: [PATCH 1526/1674] adjust_legacy_from_psa: improve pattern for enabling internal symbols Signed-off-by: Valerio Setti --- .../mbedtls/config_adjust_legacy_from_psa.h | 156 +++++------------- 1 file changed, 44 insertions(+), 112 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index 9e6163f2d..8888b2c1a 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -47,128 +47,56 @@ */ /* ECC: curves: is acceleration complete? */ -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) && \ - !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) +#if (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)) || \ + (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384)) || \ + (defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) && \ + !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512)) || \ + (defined(PSA_WANT_ECC_SECP_R1_192) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192)) || \ + (defined(PSA_WANT_ECC_SECP_R1_224) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224)) || \ + (defined(PSA_WANT_ECC_SECP_R1_256) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256)) || \ + (defined(PSA_WANT_ECC_SECP_R1_384) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384)) || \ + (defined(PSA_WANT_ECC_SECP_R1_521) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)) || \ + (defined(PSA_WANT_ECC_SECP_K1_192) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192)) || \ + (defined(PSA_WANT_ECC_SECP_K1_224) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224)) || \ + (defined(PSA_WANT_ECC_SECP_K1_256) && !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256)) #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES #endif -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) && \ - !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) +#if (defined(PSA_WANT_ECC_MONTGOMERY_255) && !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255)) || \ + (defined(PSA_WANT_ECC_MONTGOMERY_448) && !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448)) #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES -#endif - -#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) && \ - !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES -#endif - -#if defined(PSA_WANT_ECC_MONTGOMERY_255) && \ - !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES -#endif - -#if defined(PSA_WANT_ECC_MONTGOMERY_448) && \ - !defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES -#endif - -#if defined(PSA_WANT_ECC_SECP_R1_192) && \ - !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES -#endif - -#if defined(PSA_WANT_ECC_SECP_R1_224) && \ - !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES -#endif - -#if defined(PSA_WANT_ECC_SECP_R1_256) && \ - !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES -#endif - -#if defined(PSA_WANT_ECC_SECP_R1_384) && \ - !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES -#endif - -#if defined(PSA_WANT_ECC_SECP_R1_521) && \ - !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES -#endif - -#if defined(PSA_WANT_ECC_SECP_K1_192) && \ - !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES -#endif - -#if defined(PSA_WANT_ECC_SECP_K1_224) && \ - !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES -#endif - -#if defined(PSA_WANT_ECC_SECP_K1_256) && \ - !defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_WEIERSTRASS_CURVES #endif /* ECC: algs: is acceleration complete? */ -#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS -#endif - -#if defined(PSA_WANT_ALG_ECDH) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS -#endif - -#if defined(PSA_WANT_ALG_ECDSA) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS -#endif - -#if defined(PSA_WANT_ALG_JPAKE) && \ - !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE) +#if (defined(PSA_WANT_ALG_ECDH) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDH)) || \ + (defined(PSA_WANT_ALG_ECDSA) && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)) || \ + (defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) && \ + !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)) || \ + (defined(PSA_WANT_ALG_JPAKE) && !defined(MBEDTLS_PSA_ACCEL_ALG_JPAKE)) #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS #endif /* ECC: key types: is acceleration complete? */ -#if defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ - !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES +#if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \ + (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC)) #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC #endif -#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ - !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC -#endif - -#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) && \ - !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES -#endif - -#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) && \ - !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES -#endif - -#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) && \ - !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE) +#if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \ + (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC)) || \ + (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT)) || \ + (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)) || \ + (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE)) #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES #endif @@ -443,38 +371,42 @@ #if defined(PSA_WANT_DH_RFC7919_2048) #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 1 -#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 */ #endif /* PSA_WANT_DH_RFC7919_2048 */ #if defined(PSA_WANT_DH_RFC7919_3072) #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 1 -#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 */ #endif /* PSA_WANT_DH_RFC7919_3072 */ #if defined(PSA_WANT_DH_RFC7919_4096) #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 1 -#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 */ #endif /* PSA_WANT_DH_RFC7919_4096 */ #if defined(PSA_WANT_DH_RFC7919_6144) #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 1 -#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 */ #endif /* PSA_WANT_DH_RFC7919_6144 */ #if defined(PSA_WANT_DH_RFC7919_8192) #if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 1 -#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 */ #endif /* PSA_WANT_DH_RFC7919_8192 */ +/* Internal macro to state that there is at least 1 domain parameter which is builtin. */ +#if defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048) || \ + defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072) || \ + defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096) || \ + defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144) || \ + defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192) +#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS +#endif + #if defined(PSA_WANT_ALG_FFDH) #if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) || defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS) #define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1 From bcf0fc5119115a2d6502d3acd3121c7813a51b02 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 26 Jan 2024 14:53:28 +0100 Subject: [PATCH 1527/1674] adjust_legacy_crypto: add parenthesis to improve clarity Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_crypto.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index 833f15268..eb52d3f23 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -402,8 +402,8 @@ /* psa_util file features some ECDSA conversion functions, to convert between * legacy's ASN.1 DER format and PSA's raw one. */ -#if defined(MBEDTLS_ECDSA_C) || defined(MBEDTLS_PSA_CRYPTO_C) && \ - (defined(PSA_WANT_ALG_ECDSA) || defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)) +#if defined(MBEDTLS_ECDSA_C) || (defined(MBEDTLS_PSA_CRYPTO_C) && \ + (defined(PSA_WANT_ALG_ECDSA) || defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA))) #define MBEDTLS_PSA_UTIL_HAVE_ECDSA #endif From f8ce457fb606309c87ba5c2595eeb9d5a9ce6cf2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 26 Jan 2024 14:55:14 +0100 Subject: [PATCH 1528/1674] all.sh: fix comment in check_test_dependencies() MBEDTLS_ASN1_WRITE_C is no more required for ECDSA conversion functions. Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index fddcc0153..c4982b6cc 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1064,10 +1064,6 @@ component_check_test_dependencies () { # PSA_VENDOR_RSA_MAX_KEY_BITS. The legacy module is only used by # the test code and that's probably the most convenient way of achieving # the test's goal. - # - # MBEDTLS_ASN1_WRITE_C is also used in ECDSA conversion functions - # (in psa_util module) and, therefore, also in test_suite_psa_crypto_util. - # There is no PSA equivalent for this ASN1 symbols in PSA. echo "MBEDTLS_ASN1_WRITE_C" >> $expected # No PSA equivalent - we should probably have one in the future. echo "MBEDTLS_ECP_RESTARTABLE" >> $expected From c22bb7a0a461d2671e22df1665914414801087e8 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 26 Jan 2024 12:15:23 +0100 Subject: [PATCH 1529/1674] adjust_legacy_from_psa: optimize legacy enablement also for EC key types Signed-off-by: Valerio Setti --- .../mbedtls/config_adjust_legacy_from_psa.h | 48 +++++++++---------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index 8888b2c1a..22dde3a78 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -87,6 +87,13 @@ #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES_BASIC #endif +/* Special case: we don't support cooked key derivation in drivers yet */ +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE +#endif + +/* Note: the condition about key derivation is always true as DERIVE can't be + * accelerated yet */ #if (defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \ !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)) || \ (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC) && \ @@ -96,18 +103,9 @@ (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT) && \ !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)) || \ (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE) && \ - !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE)) -#define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES -#endif - -/* Special case: we don't support cooked key derivation in drivers yet */ -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) -#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE -#endif - -/* Note: the condition is always true as DERIVE can't be accelerated yet */ -#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) && \ - !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE)) || \ + (defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE)) #define MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_KEY_TYPES #endif @@ -314,8 +312,6 @@ defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \ defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1 -#define MBEDTLS_ECP_LIGHT -#define MBEDTLS_BIGNUM_C #endif /* missing accel */ #endif /* PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY */ @@ -324,8 +320,6 @@ defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) || \ defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_ALGS) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC 1 -#define MBEDTLS_ECP_LIGHT -#define MBEDTLS_BIGNUM_C #endif /* missing accel */ #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC */ @@ -333,8 +327,6 @@ #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT 1 -#define MBEDTLS_ECP_LIGHT -#define MBEDTLS_BIGNUM_C #endif /* missing accel */ #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT */ @@ -342,8 +334,6 @@ #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT 1 -#define MBEDTLS_ECP_C -#define MBEDTLS_BIGNUM_C #endif /* missing accel */ #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT */ @@ -351,8 +341,6 @@ #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_GENERATE) || \ defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE 1 -#define MBEDTLS_ECP_C -#define MBEDTLS_BIGNUM_C #endif /* missing accel */ #endif /* PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE */ @@ -361,11 +349,23 @@ #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE) || \ defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE 1 -#define MBEDTLS_ECP_LIGHT -#define MBEDTLS_BIGNUM_C #endif /* missing accel */ #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_DERIVE */ +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_DERIVE) +#define MBEDTLS_ECP_LIGHT +#define MBEDTLS_BIGNUM_C +#endif + +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_EXPORT) || \ + defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR_GENERATE) +#define MBEDTLS_ECP_C +#define MBEDTLS_BIGNUM_C +#endif + /* End of ECC section */ #if defined(PSA_WANT_DH_RFC7919_2048) From 0a6acf8db4b5c78272acf03dff08738d938331f1 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 26 Jan 2024 14:37:58 +0100 Subject: [PATCH 1530/1674] adjust_legacy_from_psa: use EC pattern for enabling builtin elements of DH Signed-off-by: Valerio Setti --- .../mbedtls/config_adjust_legacy_from_psa.h | 139 ++++++++++++------ 1 file changed, 93 insertions(+), 46 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index 22dde3a78..b27f6b9e3 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -368,52 +368,130 @@ /* End of ECC section */ +/* + * DH key types follow the same pattern used above for EC keys. They are defined + * by a triplet (curve, key_type, alg). A triplet is accelerated if all its + * component are accelerated, otherwise each component needs to be builtin. + */ + +/* DH: curves: is acceleration complete? */ +#if (defined(PSA_WANT_DH_RFC7919_2048) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048)) || \ + (defined(PSA_WANT_DH_RFC7919_3072) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072)) || \ + (defined(PSA_WANT_DH_RFC7919_4096) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096)) || \ + (defined(PSA_WANT_DH_RFC7919_6144) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144)) || \ + (defined(PSA_WANT_DH_RFC7919_8192) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192)) +#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_CURVES +#endif + +/* DH: algs: is acceleration complete? */ +#if defined(PSA_WANT_ALG_FFDH) && !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) +#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS +#endif + +/* DH: key types: is acceleration complete? */ +#if (defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY)) || \ + (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC)) || \ + (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT)) || \ + (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT)) || \ + (defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) && \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE)) +#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES +#endif + #if defined(PSA_WANT_DH_RFC7919_2048) -#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048) +#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 1 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048 */ #endif /* PSA_WANT_DH_RFC7919_2048 */ #if defined(PSA_WANT_DH_RFC7919_3072) -#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072) +#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 1 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072 */ #endif /* PSA_WANT_DH_RFC7919_3072 */ #if defined(PSA_WANT_DH_RFC7919_4096) -#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096) +#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 1 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096 */ #endif /* PSA_WANT_DH_RFC7919_4096 */ #if defined(PSA_WANT_DH_RFC7919_6144) -#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144) +#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 1 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144 */ #endif /* PSA_WANT_DH_RFC7919_6144 */ #if defined(PSA_WANT_DH_RFC7919_8192) -#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192) +#if !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) #define MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 1 #endif /* !MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192 */ #endif /* PSA_WANT_DH_RFC7919_8192 */ -/* Internal macro to state that there is at least 1 domain parameter which is builtin. */ -#if defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_2048) || \ - defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_3072) || \ - defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_4096) || \ - defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_6144) || \ - defined(MBEDTLS_PSA_BUILTIN_DH_RFC7919_8192) -#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS -#endif - #if defined(PSA_WANT_ALG_FFDH) -#if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) || defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_PARAMS) +#if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_CURVES) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) #define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1 #define MBEDTLS_BIGNUM_C #endif /* !MBEDTLS_PSA_ACCEL_ALG_FFDH */ #endif /* PSA_WANT_ALG_FFDH */ +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_CURVES) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT */ +#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT */ + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_CURVES) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT */ +#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT */ + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE */ +#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE */ + +#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_CURVES) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1 +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC */ +#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC */ + +#if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_CURVES) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) +#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1 +#define MBEDTLS_BIGNUM_C +#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY */ +#endif /* PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY */ + +/* End of DH section */ + #if defined(PSA_WANT_ALG_HKDF) #if !defined(MBEDTLS_PSA_ACCEL_ALG_HKDF) /* @@ -601,37 +679,6 @@ #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR_BASIC */ #endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC */ -#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 -#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT */ -#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT */ - -#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 -#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT */ -#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT */ - -#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_GENERATE 1 -#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_GENERATE */ -#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE */ - -#if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1 -#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC */ -#endif /* PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC */ - -#if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY) -#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1 -#define MBEDTLS_BIGNUM_C -#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY */ -#endif /* PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY */ - #if defined(PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY) #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1 From 2bec5df945585982d29aa44c6a04574468979ac2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 26 Jan 2024 14:39:28 +0100 Subject: [PATCH 1531/1674] psa_crypto_ffdh: fix typos Signed-off-by: Valerio Setti --- library/psa_crypto_ffdh.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_ffdh.c b/library/psa_crypto_ffdh.c index 95b2a1eab..0099d5f97 100644 --- a/library/psa_crypto_ffdh.c +++ b/library/psa_crypto_ffdh.c @@ -11,8 +11,8 @@ #if defined(MBEDTLS_PSA_CRYPTO_C) /* This header is only needed because it defines - * MBEDTLS_DHM_RFC7919_FFDHExxxx_[P|G]_BIN symbols that are used in - * mbedtls_psa_ffdh_set_prime_generator(). A part from that, this module + * MBEDTLS_DHM_RFC7919_FFDHEXXXX_[P|G]_BIN symbols that are used in + * mbedtls_psa_ffdh_set_prime_generator(). Apart from that, this module * only uses bignum functions for arithmetic. */ #include From cc0fd47531ffeffb3185db77a17ee113ce874ea6 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 29 Jan 2024 10:19:52 +0100 Subject: [PATCH 1532/1674] platform_util: remove declarations of MBEDTLS_INTERNAL_VALIDATE[_RET]() These macros end up as being always "empty", so they can be removed. Signed-off-by: Valerio Setti --- include/mbedtls/platform_util.h | 4 ---- 1 file changed, 4 deletions(-) diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h index cba02ab3d..1b371ef3f 100644 --- a/include/mbedtls/platform_util.h +++ b/include/mbedtls/platform_util.h @@ -23,10 +23,6 @@ extern "C" { #endif -/* Internal macros meant to be called only from within the library. */ -#define MBEDTLS_INTERNAL_VALIDATE_RET(cond, ret) do { } while (0) -#define MBEDTLS_INTERNAL_VALIDATE(cond) do { } while (0) - /* Internal helper macros for deprecating API constants. */ #if !defined(MBEDTLS_DEPRECATED_REMOVED) #if defined(MBEDTLS_DEPRECATED_WARNING) From 41f8f733a13fee5797d305a8196eedd404abd000 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 29 Jan 2024 11:44:40 +0100 Subject: [PATCH 1533/1674] test_psa_compliance: add exception for tests using wrong RSA pub key format Signed-off-by: Valerio Setti --- tests/scripts/test_psa_compliance.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index 0d56ddfd9..ed36befee 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -30,7 +30,12 @@ from mbedtls_dev import build_tree EXPECTED_FAILURES = { # psa_hash_suspend() and psa_hash_resume() are not supported. # - Tracked in issue #3274 - 262, 263 + 262, 263, + # PSA standard format for RSA public keys is a sequence of just n (modulus) + # and e (public exponent). However following tests rely on a format which + # also includes some metadata to identify the key as an RSA key, but this + # is not compliant with PSA standard. + 239, 240, 241, 242, 250, 251, } # We currently use a fork of ARM-software/psa-arch-tests, with a couple of downstream patches From a45a399a6b7418118fd441b4240b583ae3b60a32 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 29 Jan 2024 10:28:09 +0100 Subject: [PATCH 1534/1674] lib: remove NULL pointer checks performed with MBEDTLS_INTERNAL_VALIDATE[_RET] Symbols defined starting from MBEDTLS_INTERNAL_VALIDATE[_RET] are removed as well. Signed-off-by: Valerio Setti --- include/mbedtls/cipher.h | 10 ----- library/aria.c | 29 ------------- library/bignum.c | 93 ---------------------------------------- library/ecp_curves.c | 7 --- library/ecp_curves_new.c | 7 --- library/platform_util.c | 2 - 6 files changed, 148 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 815b5bb19..1dc31c9c2 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -678,7 +678,6 @@ int MBEDTLS_DEPRECATED mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx, static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0); if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) { return 0; } @@ -698,7 +697,6 @@ static inline unsigned int mbedtls_cipher_get_block_size( static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, MBEDTLS_MODE_NONE); if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) { return MBEDTLS_MODE_NONE; } @@ -719,7 +717,6 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0); if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) { return 0; } @@ -743,8 +740,6 @@ static inline int mbedtls_cipher_get_iv_size( static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET( - ctx != NULL, MBEDTLS_CIPHER_NONE); if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) { return MBEDTLS_CIPHER_NONE; } @@ -764,7 +759,6 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET(ctx != NULL, 0); if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) { return 0; } @@ -784,8 +778,6 @@ static inline const char *mbedtls_cipher_get_name( static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET( - ctx != NULL, MBEDTLS_KEY_LENGTH_NONE); if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) { return MBEDTLS_KEY_LENGTH_NONE; } @@ -805,8 +797,6 @@ static inline int mbedtls_cipher_get_key_bitlen( static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx) { - MBEDTLS_INTERNAL_VALIDATE_RET( - ctx != NULL, MBEDTLS_OPERATION_NONE); if (ctx->MBEDTLS_PRIVATE(cipher_info) == NULL) { return MBEDTLS_OPERATION_NONE; } diff --git a/library/aria.c b/library/aria.c index ba1257875..2c365982c 100644 --- a/library/aria.c +++ b/library/aria.c @@ -25,12 +25,6 @@ #include "mbedtls/platform_util.h" -/* Parameter validation macros */ -#define ARIA_VALIDATE_RET(cond) \ - MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ARIA_BAD_INPUT_DATA) -#define ARIA_VALIDATE(cond) \ - MBEDTLS_INTERNAL_VALIDATE(cond) - /* * modify byte order: ( A B C D ) -> ( B A D C ), i.e. swap pairs of bytes * @@ -363,8 +357,6 @@ int mbedtls_aria_setkey_enc(mbedtls_aria_context *ctx, int i; uint32_t w[4][4], *w2; - ARIA_VALIDATE_RET(ctx != NULL); - ARIA_VALIDATE_RET(key != NULL); if (keybits != 128 && keybits != 192 && keybits != 256) { return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA; @@ -418,8 +410,6 @@ int mbedtls_aria_setkey_dec(mbedtls_aria_context *ctx, const unsigned char *key, unsigned int keybits) { int i, j, k, ret; - ARIA_VALIDATE_RET(ctx != NULL); - ARIA_VALIDATE_RET(key != NULL); ret = mbedtls_aria_setkey_enc(ctx, key, keybits); if (ret != 0) { @@ -455,9 +445,6 @@ int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx, int i; uint32_t a, b, c, d; - ARIA_VALIDATE_RET(ctx != NULL); - ARIA_VALIDATE_RET(input != NULL); - ARIA_VALIDATE_RET(output != NULL); a = MBEDTLS_GET_UINT32_LE(input, 0); b = MBEDTLS_GET_UINT32_LE(input, 4); @@ -505,7 +492,6 @@ int mbedtls_aria_crypt_ecb(mbedtls_aria_context *ctx, /* Initialize context */ void mbedtls_aria_init(mbedtls_aria_context *ctx) { - ARIA_VALIDATE(ctx != NULL); memset(ctx, 0, sizeof(mbedtls_aria_context)); } @@ -531,13 +517,8 @@ int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx, unsigned char *output) { unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE]; - - ARIA_VALIDATE_RET(ctx != NULL); ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT || mode == MBEDTLS_ARIA_DECRYPT); - ARIA_VALIDATE_RET(length == 0 || input != NULL); - ARIA_VALIDATE_RET(length == 0 || output != NULL); - ARIA_VALIDATE_RET(iv != NULL); if (length % MBEDTLS_ARIA_BLOCKSIZE) { return MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH; @@ -587,14 +568,8 @@ int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx, { unsigned char c; size_t n; - - ARIA_VALIDATE_RET(ctx != NULL); ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT || mode == MBEDTLS_ARIA_DECRYPT); - ARIA_VALIDATE_RET(length == 0 || input != NULL); - ARIA_VALIDATE_RET(length == 0 || output != NULL); - ARIA_VALIDATE_RET(iv != NULL); - ARIA_VALIDATE_RET(iv_off != NULL); n = *iv_off; @@ -650,12 +625,8 @@ int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx, int c, i; size_t n; - ARIA_VALIDATE_RET(ctx != NULL); ARIA_VALIDATE_RET(length == 0 || input != NULL); ARIA_VALIDATE_RET(length == 0 || output != NULL); - ARIA_VALIDATE_RET(nonce_counter != NULL); - ARIA_VALIDATE_RET(stream_block != NULL); - ARIA_VALIDATE_RET(nc_off != NULL); n = *nc_off; /* An overly large value of n can lead to an unlimited diff --git a/library/bignum.c b/library/bignum.c index 1869137c4..6a80720ce 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -37,11 +37,6 @@ #include "mbedtls/platform.h" -#define MPI_VALIDATE_RET(cond) \ - MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_MPI_BAD_INPUT_DATA) -#define MPI_VALIDATE(cond) \ - MBEDTLS_INTERNAL_VALIDATE(cond) - /* * Compare signed values in constant time */ @@ -51,10 +46,6 @@ int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, { mbedtls_ct_condition_t different_sign, X_is_negative, Y_is_negative, result; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(Y != NULL); - MPI_VALIDATE_RET(ret != NULL); - if (X->n != Y->n) { return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } @@ -115,8 +106,6 @@ int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, unsigned char assign) { int ret = 0; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(Y != NULL); MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, Y->n)); @@ -149,8 +138,6 @@ int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X, { int ret = 0; int s; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(Y != NULL); if (X == Y) { return 0; @@ -179,8 +166,6 @@ cleanup: */ void mbedtls_mpi_init(mbedtls_mpi *X) { - MPI_VALIDATE(X != NULL); - X->s = 1; X->n = 0; X->p = NULL; @@ -210,7 +195,6 @@ void mbedtls_mpi_free(mbedtls_mpi *X) int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs) { mbedtls_mpi_uint *p; - MPI_VALIDATE_RET(X != NULL); if (nblimbs > MBEDTLS_MPI_MAX_LIMBS) { return MBEDTLS_ERR_MPI_ALLOC_FAILED; @@ -243,7 +227,6 @@ int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs) { mbedtls_mpi_uint *p; size_t i; - MPI_VALIDATE_RET(X != NULL); if (nblimbs > MBEDTLS_MPI_MAX_LIMBS) { return MBEDTLS_ERR_MPI_ALLOC_FAILED; @@ -312,8 +295,6 @@ int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y) { int ret = 0; size_t i; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(Y != NULL); if (X == Y) { return 0; @@ -355,8 +336,6 @@ cleanup: void mbedtls_mpi_swap(mbedtls_mpi *X, mbedtls_mpi *Y) { mbedtls_mpi T; - MPI_VALIDATE(X != NULL); - MPI_VALIDATE(Y != NULL); memcpy(&T, X, sizeof(mbedtls_mpi)); memcpy(X, Y, sizeof(mbedtls_mpi)); @@ -385,7 +364,6 @@ static inline mbedtls_mpi_uint mpi_sint_abs(mbedtls_mpi_sint z) int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MPI_VALIDATE_RET(X != NULL); MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, 1)); memset(X->p, 0, X->n * ciL); @@ -403,8 +381,6 @@ cleanup: */ int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos) { - MPI_VALIDATE_RET(X != NULL); - if (X->n * biL <= pos) { return 0; } @@ -420,7 +396,6 @@ int mbedtls_mpi_set_bit(mbedtls_mpi *X, size_t pos, unsigned char val) int ret = 0; size_t off = pos / biL; size_t idx = pos % biL; - MPI_VALIDATE_RET(X != NULL); if (val != 0 && val != 1) { return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; @@ -448,7 +423,6 @@ cleanup: size_t mbedtls_mpi_lsb(const mbedtls_mpi *X) { size_t i; - MBEDTLS_INTERNAL_VALIDATE_RET(X != NULL, 0); #if defined(__has_builtin) #if (MBEDTLS_MPI_UINT_MAX == UINT_MAX) && __has_builtin(__builtin_ctz) @@ -530,8 +504,6 @@ int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s) int sign = 1; mbedtls_mpi_uint d; mbedtls_mpi T; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(s != NULL); if (radix < 2 || radix > 16) { return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; @@ -634,8 +606,6 @@ int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix, size_t n; char *p; mbedtls_mpi T; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(olen != NULL); MPI_VALIDATE_RET(buflen == 0 || buf != NULL); if (radix < 2 || radix > 16) { @@ -726,9 +696,6 @@ int mbedtls_mpi_read_file(mbedtls_mpi *X, int radix, FILE *fin) */ char s[MBEDTLS_MPI_RW_BUFFER_SIZE]; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(fin != NULL); - if (radix < 2 || radix > 16) { return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } @@ -772,7 +739,6 @@ int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X, int radix, FILE * newline characters and '\0' */ char s[MBEDTLS_MPI_RW_BUFFER_SIZE]; - MPI_VALIDATE_RET(X != NULL); if (radix < 2 || radix > 16) { return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; @@ -843,8 +809,6 @@ int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf, size_t buf { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const size_t limbs = CHARS_TO_LIMBS(buflen); - - MPI_VALIDATE_RET(X != NULL); MPI_VALIDATE_RET(buflen == 0 || buf != NULL); /* Ensure that target MPI has exactly the necessary number of limbs */ @@ -887,7 +851,6 @@ int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t i; - MPI_VALIDATE_RET(X != NULL); i = mbedtls_mpi_bitlen(X) + count; @@ -908,7 +871,6 @@ cleanup: */ int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count) { - MPI_VALIDATE_RET(X != NULL); if (X->n != 0) { mbedtls_mpi_core_shift_r(X->p, X->n, count); } @@ -921,8 +883,6 @@ int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count) int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y) { size_t i, j; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(Y != NULL); for (i = X->n; i > 0; i--) { if (X->p[i - 1] != 0) { @@ -964,8 +924,6 @@ int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y) int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y) { size_t i, j; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(Y != NULL); for (i = X->n; i > 0; i--) { if (X->p[i - 1] != 0) { @@ -1016,7 +974,6 @@ int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z) { mbedtls_mpi Y; mbedtls_mpi_uint p[1]; - MPI_VALIDATE_RET(X != NULL); *p = mpi_sint_abs(z); Y.s = TO_SIGN(z); @@ -1035,9 +992,6 @@ int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi size_t j; mbedtls_mpi_uint *p; mbedtls_mpi_uint c; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(A != NULL); - MPI_VALIDATE_RET(B != NULL); if (X == B) { const mbedtls_mpi *T = A; A = X; B = T; @@ -1098,9 +1052,6 @@ int mbedtls_mpi_sub_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t n; mbedtls_mpi_uint carry; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(A != NULL); - MPI_VALIDATE_RET(B != NULL); for (n = B->n; n > 0; n--) { if (B->p[n - 1] != 0) { @@ -1152,9 +1103,6 @@ static int add_sub_mpi(mbedtls_mpi *X, int flip_B) { int ret, s; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(A != NULL); - MPI_VALIDATE_RET(B != NULL); s = A->s; if (A->s * B->s * flip_B < 0) { @@ -1203,8 +1151,6 @@ int mbedtls_mpi_add_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b { mbedtls_mpi B; mbedtls_mpi_uint p[1]; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(A != NULL); p[0] = mpi_sint_abs(b); B.s = TO_SIGN(b); @@ -1221,8 +1167,6 @@ int mbedtls_mpi_sub_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b { mbedtls_mpi B; mbedtls_mpi_uint p[1]; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(A != NULL); p[0] = mpi_sint_abs(b); B.s = TO_SIGN(b); @@ -1241,9 +1185,6 @@ int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi size_t i, j; mbedtls_mpi TA, TB; int result_is_zero = 0; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(A != NULL); - MPI_VALIDATE_RET(B != NULL); mbedtls_mpi_init(&TA); mbedtls_mpi_init(&TB); @@ -1300,9 +1241,6 @@ cleanup: */ int mbedtls_mpi_mul_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b) { - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(A != NULL); - size_t n = A->n; while (n > 0 && A->p[n - 1] == 0) { --n; @@ -1448,8 +1386,6 @@ int mbedtls_mpi_div_mpi(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, size_t i, n, t, k; mbedtls_mpi X, Y, Z, T1, T2; mbedtls_mpi_uint TP2[3]; - MPI_VALIDATE_RET(A != NULL); - MPI_VALIDATE_RET(B != NULL); if (mbedtls_mpi_cmp_int(B, 0) == 0) { return MBEDTLS_ERR_MPI_DIVISION_BY_ZERO; @@ -1572,7 +1508,6 @@ int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R, { mbedtls_mpi B; mbedtls_mpi_uint p[1]; - MPI_VALIDATE_RET(A != NULL); p[0] = mpi_sint_abs(b); B.s = TO_SIGN(b); @@ -1588,9 +1523,6 @@ int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R, int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - MPI_VALIDATE_RET(R != NULL); - MPI_VALIDATE_RET(A != NULL); - MPI_VALIDATE_RET(B != NULL); if (mbedtls_mpi_cmp_int(B, 0) < 0) { return MBEDTLS_ERR_MPI_NEGATIVE_VALUE; @@ -1618,8 +1550,6 @@ int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_s { size_t i; mbedtls_mpi_uint x, y, z; - MPI_VALIDATE_RET(r != NULL); - MPI_VALIDATE_RET(A != NULL); if (b == 0) { return MBEDTLS_ERR_MPI_DIVISION_BY_ZERO; @@ -1763,11 +1693,6 @@ int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi RR, T, W[(size_t) 1 << MBEDTLS_MPI_WINDOW_SIZE], WW, Apos; int neg; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(A != NULL); - MPI_VALIDATE_RET(E != NULL); - MPI_VALIDATE_RET(N != NULL); - if (mbedtls_mpi_cmp_int(N, 0) <= 0 || (N->p[0] & 1) == 0) { return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } @@ -2054,10 +1979,6 @@ int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B) size_t lz, lzt; mbedtls_mpi TA, TB; - MPI_VALIDATE_RET(G != NULL); - MPI_VALIDATE_RET(A != NULL); - MPI_VALIDATE_RET(B != NULL); - mbedtls_mpi_init(&TA); mbedtls_mpi_init(&TB); MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TA, A)); @@ -2168,9 +2089,6 @@ int mbedtls_mpi_fill_random(mbedtls_mpi *X, size_t size, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const size_t limbs = CHARS_TO_LIMBS(size); - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(f_rng != NULL); - /* Ensure that target MPI has exactly the necessary number of limbs */ MBEDTLS_MPI_CHK(mbedtls_mpi_resize_clear(X, limbs)); if (size == 0) { @@ -2214,9 +2132,6 @@ int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi G, TA, TU, U1, U2, TB, TV, V1, V2; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(A != NULL); - MPI_VALIDATE_RET(N != NULL); if (mbedtls_mpi_cmp_int(N, 1) <= 0) { return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; @@ -2372,9 +2287,6 @@ static int mpi_miller_rabin(const mbedtls_mpi *X, size_t rounds, size_t i, j, k, s; mbedtls_mpi W, R, T, A, RR; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(f_rng != NULL); - mbedtls_mpi_init(&W); mbedtls_mpi_init(&R); mbedtls_mpi_init(&T); mbedtls_mpi_init(&A); mbedtls_mpi_init(&RR); @@ -2462,8 +2374,6 @@ int mbedtls_mpi_is_prime_ext(const mbedtls_mpi *X, int rounds, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_mpi XX; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(f_rng != NULL); XX.s = 1; XX.n = X->n; @@ -2513,9 +2423,6 @@ int mbedtls_mpi_gen_prime(mbedtls_mpi *X, size_t nbits, int flags, mbedtls_mpi_uint r; mbedtls_mpi Y; - MPI_VALIDATE_RET(X != NULL); - MPI_VALIDATE_RET(f_rng != NULL); - if (nbits < 3 || nbits > MBEDTLS_MPI_MAX_BITS) { return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; } diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 577e23b7a..d295709d4 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -23,12 +23,6 @@ #if !defined(MBEDTLS_ECP_ALT) -/* Parameter validation macros based on platform_util.h */ -#define ECP_VALIDATE_RET(cond) \ - MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA) -#define ECP_VALIDATE(cond) \ - MBEDTLS_INTERNAL_VALIDATE(cond) - #define ECP_MPI_INIT(_p, _n) { .p = (mbedtls_mpi_uint *) (_p), .s = 1, .n = (_n) } #define ECP_MPI_INIT_ARRAY(x) \ @@ -4722,7 +4716,6 @@ cleanup: */ int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id) { - ECP_VALIDATE_RET(grp != NULL); mbedtls_ecp_group_free(grp); mbedtls_ecp_group_init(grp); diff --git a/library/ecp_curves_new.c b/library/ecp_curves_new.c index 4ee0f5800..035b23a1b 100644 --- a/library/ecp_curves_new.c +++ b/library/ecp_curves_new.c @@ -28,12 +28,6 @@ #if !defined(MBEDTLS_ECP_ALT) -/* Parameter validation macros based on platform_util.h */ -#define ECP_VALIDATE_RET(cond) \ - MBEDTLS_INTERNAL_VALIDATE_RET(cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA) -#define ECP_VALIDATE(cond) \ - MBEDTLS_INTERNAL_VALIDATE(cond) - #define ECP_MPI_INIT(_p, _n) { .p = (mbedtls_mpi_uint *) (_p), .s = 1, .n = (_n) } #define ECP_MPI_INIT_ARRAY(x) \ @@ -4764,7 +4758,6 @@ cleanup: */ int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id) { - ECP_VALIDATE_RET(grp != NULL); mbedtls_ecp_group_free(grp); mbedtls_ecp_group_init(grp); diff --git a/library/platform_util.c b/library/platform_util.c index 9f5dcb874..f84000434 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -93,8 +93,6 @@ static void *(*const volatile memset_func)(void *, int, size_t) = memset; void mbedtls_platform_zeroize(void *buf, size_t len) { - MBEDTLS_INTERNAL_VALIDATE(len == 0 || buf != NULL); - if (len > 0) { #if defined(MBEDTLS_PLATFORM_HAS_EXPLICIT_BZERO) explicit_bzero(buf, len); From ea3a6114e6fd8feada89ba550d563546aa521cc9 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 29 Jan 2024 10:37:14 +0100 Subject: [PATCH 1535/1674] aria: replace ARIA_VALIDATE_RET() with a simple "if" block Signed-off-by: Valerio Setti --- library/aria.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/library/aria.c b/library/aria.c index 2c365982c..a4d6c5062 100644 --- a/library/aria.c +++ b/library/aria.c @@ -517,8 +517,10 @@ int mbedtls_aria_crypt_cbc(mbedtls_aria_context *ctx, unsigned char *output) { unsigned char temp[MBEDTLS_ARIA_BLOCKSIZE]; - ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT || - mode == MBEDTLS_ARIA_DECRYPT); + + if ((mode != MBEDTLS_ARIA_ENCRYPT) && (mode != MBEDTLS_ARIA_DECRYPT)) { + return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA; + } if (length % MBEDTLS_ARIA_BLOCKSIZE) { return MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH; @@ -568,8 +570,10 @@ int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx, { unsigned char c; size_t n; - ARIA_VALIDATE_RET(mode == MBEDTLS_ARIA_ENCRYPT || - mode == MBEDTLS_ARIA_DECRYPT); + + if ((mode != MBEDTLS_ARIA_ENCRYPT) && (mode != MBEDTLS_ARIA_DECRYPT)) { + return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA; + } n = *iv_off; @@ -625,9 +629,6 @@ int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx, int c, i; size_t n; - ARIA_VALIDATE_RET(length == 0 || input != NULL); - ARIA_VALIDATE_RET(length == 0 || output != NULL); - n = *nc_off; /* An overly large value of n can lead to an unlimited * buffer overflow. Therefore, guard against this From 4e048f1749757d4ea83f8bab414fc47015119f8a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 29 Jan 2024 10:46:19 +0100 Subject: [PATCH 1536/1674] bignum: removing usage of MPI_VALIDATE_RET() Signed-off-by: Valerio Setti --- library/bignum.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 6a80720ce..d3d72ab74 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -606,7 +606,6 @@ int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix, size_t n; char *p; mbedtls_mpi T; - MPI_VALIDATE_RET(buflen == 0 || buf != NULL); if (radix < 2 || radix > 16) { return MBEDTLS_ERR_MPI_BAD_INPUT_DATA; @@ -809,7 +808,6 @@ int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf, size_t buf { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const size_t limbs = CHARS_TO_LIMBS(buflen); - MPI_VALIDATE_RET(buflen == 0 || buf != NULL); /* Ensure that target MPI has exactly the necessary number of limbs */ MBEDTLS_MPI_CHK(mbedtls_mpi_resize_clear(X, limbs)); From 9b9b5a52d95c476a66e441706a38e98631c6990e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 29 Jan 2024 16:53:03 +0100 Subject: [PATCH 1537/1674] psa_util: some code improvement to convert_der_to_raw_single_int() This commit also fixes test_suite_psa_crypto_util.data due to the change in one of the return values. Signed-off-by: Valerio Setti --- library/psa_util.c | 10 +++++++--- tests/suites/test_suite_psa_crypto_util.data | 2 +- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/library/psa_util.c b/library/psa_util.c index 9e21602f6..034987312 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -494,7 +494,7 @@ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, } /* Skip possible leading zero */ - if (*p == 0x00) { + if ((*p == 0x00) && (unpadded_len > 0)) { p++; unpadded_len--; /* It should never happen that the input number is all zeros. */ @@ -503,9 +503,13 @@ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, } } - if (unpadded_len < coordinate_size) { + if (unpadded_len > coordinate_size) { + /* Parsed number is longer than the maximum expected value. */ + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } else { padding_len = coordinate_size - unpadded_len; - memset(raw, 0x00, padding_len); + /* raw buffer was already zeroed in mbedtls_ecdsa_der_to_raw() so + * zero-padding operation is skipped here. */ } memcpy(raw + padding_len, p, unpadded_len); p += unpadded_len; diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 45a3cb565..40f639160 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -52,7 +52,7 @@ ecdsa_der_to_raw:256:"3044021911111111111111111111111111111111111111111111111111 ECDSA DER -> Raw, 256bit, Wrong r integer length (too large) depends_on:PSA_WANT_ECC_SECP_K1_256 -ecdsa_der_to_raw:256:"30440221111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +ecdsa_der_to_raw:256:"30440221111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA DER -> Raw, 256bit, Wrong s integer length (too small) depends_on:PSA_WANT_ECC_SECP_K1_256 From ee5238fcf4c25f046cd54a00680118e3da65f2b5 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 29 Jan 2024 17:34:07 +0100 Subject: [PATCH 1538/1674] suite_psa_crypto_util: add more testing for mbedtls_ecdsa_raw_to_der() A new test function is added, ecdsa_raw_to_der_incremental, that tests incremental output DER buffer sizes checking that only the correct one (tested at last) works correctly. Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 12 ++++++++++ .../test_suite_psa_crypto_util.function | 24 +++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 40f639160..4bb2044a5 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -83,3 +83,15 @@ ecdsa_raw_to_der:528:"1111111111111111111111111111111111111111111111111111111111 ECDSA DER -> Raw, 521bit, Success depends_on:PSA_WANT_ECC_SECP_R1_521 ecdsa_der_to_raw:528:"30818802421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 + +ECDSA Raw -> DER, 256bit, Incremental DER buffer sizes +depends_on:PSA_WANT_ECC_SECP_K1_256 +ecdsa_raw_to_der_incremental:256:"91111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"3045022100911111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222" + +ECDSA Raw -> DER, 512bit, Incremental DER buffer sizes +depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +ecdsa_raw_to_der_incremental:512:"9111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"30818502410091111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111024022222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222" + +ECDSA Raw -> DER, 521bit, Incremental DER buffer sizes +depends_on:PSA_WANT_ECC_SECP_R1_521 +ecdsa_raw_to_der_incremental:528:"911111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"3081890243009111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222" diff --git a/tests/suites/test_suite_psa_crypto_util.function b/tests/suites/test_suite_psa_crypto_util.function index 8f0dd6cfc..d1647d4b3 100644 --- a/tests/suites/test_suite_psa_crypto_util.function +++ b/tests/suites/test_suite_psa_crypto_util.function @@ -25,6 +25,30 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA */ +void ecdsa_raw_to_der_incremental(int key_bits, data_t *input, data_t *exp_result) +{ + unsigned char *tmp_buf = NULL; + size_t tmp_buf_len = exp_result->len; + size_t ret_len; + size_t i; + + TEST_CALLOC(tmp_buf, tmp_buf_len); + + for (i = 0; i < tmp_buf_len; i++) { + TEST_ASSERT(mbedtls_ecdsa_raw_to_der(input->x, input->len, + tmp_buf, i, &ret_len, + key_bits) != 0); + } + TEST_EQUAL(mbedtls_ecdsa_raw_to_der(input->x, input->len, + tmp_buf, i, &ret_len, + key_bits), 0); + +exit: + mbedtls_free(tmp_buf); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA */ void ecdsa_der_to_raw(int key_bits, data_t *input, data_t *exp_result, int exp_ret) { From 122c94fd269a0c0f3c047a1a9f7ca03489ab292b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 29 Jan 2024 18:02:03 +0100 Subject: [PATCH 1539/1674] psa_util: remove raw_len param from convert_der_to_raw_single_int() Signed-off-by: Valerio Setti --- library/psa_util.c | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/library/psa_util.c b/library/psa_util.c index 034987312..0c603b704 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -460,7 +460,6 @@ int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, * \param raw Output buffer that will be filled with the * converted data. This should be at least * coordinate_size bytes. - * \param raw_len Size (in bytes) of the output raw buffer. * \param coordinate_size Size (in bytes) of a single coordinate in raw * format. * @@ -475,17 +474,12 @@ int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, * \warning Der and raw buffers must not be overlapping. */ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, - unsigned char *raw, size_t raw_len, - size_t coordinate_size) + unsigned char *raw, size_t coordinate_size) { unsigned char *p = der; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t unpadded_len, padding_len = 0; - if (raw_len < coordinate_size) { - return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; - } - /* Get the length of ASN.1 element (i.e. the integer we need to parse). */ ret = mbedtls_asn1_get_tag(&p, p + der_len, &unpadded_len, MBEDTLS_ASN1_INTEGER); @@ -543,8 +537,7 @@ int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, memset(raw_tmp, 0, sizeof(raw_tmp)); /* Extract r */ - ret = convert_der_to_raw_single_int(p, data_len, raw_tmp, sizeof(raw_tmp), - coordinate_size); + ret = convert_der_to_raw_single_int(p, data_len, raw_tmp, coordinate_size); if (ret < 0) { return ret; } @@ -553,7 +546,6 @@ int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, /* Extract s */ ret = convert_der_to_raw_single_int(p, data_len, raw_tmp + coordinate_size, - sizeof(raw_tmp) - coordinate_size, coordinate_size); if (ret < 0) { return ret; From 7a795fd9515a27dd1d7e5cc4fe319526c46842b9 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 29 Jan 2024 18:08:42 +0100 Subject: [PATCH 1540/1674] suite_psa_crypto_util: add more test cases for DER->RAW - r with MSb set - Invalid r (only 1 zero byte) Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 4bb2044a5..49b491954 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -62,6 +62,14 @@ ECDSA DER -> Raw, 256bit, Wrong s integer length (too large) depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102212222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_OUT_OF_DATA +ECDSA DER -> Raw, 256bit, r with MSb set +depends_on:PSA_WANT_ECC_SECP_K1_256 +ecdsa_der_to_raw:256:"3045022100911111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"91111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":0 + +ECDSA DER -> Raw, 256bit, Invalid r (only 1 zero byte) +depends_on:PSA_WANT_ECC_SECP_K1_256 +ecdsa_der_to_raw:256:"302502010002202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + # 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. ECDSA Raw -> DER, 512bit, Success depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 From 307ce2cff5fa44decd481cd334c9206ad8e3725a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 30 Jan 2024 08:05:20 +0100 Subject: [PATCH 1541/1674] test_psa_compliance: use the last upstream release of psa-arch-tests Release: v23.06_API1.5_ADAC_EAC This fixes all the issues that were previously added as exceptions. Signed-off-by: Valerio Setti --- tests/scripts/test_psa_compliance.py | 23 +++-------------------- 1 file changed, 3 insertions(+), 20 deletions(-) diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index ed36befee..8d70cbca3 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -27,27 +27,10 @@ from mbedtls_dev import build_tree # The test numbers correspond to the numbers used by the console output of the test suite. # Test number 2xx corresponds to the files in the folder # psa-arch-tests/api-tests/dev_apis/crypto/test_c0xx -EXPECTED_FAILURES = { - # psa_hash_suspend() and psa_hash_resume() are not supported. - # - Tracked in issue #3274 - 262, 263, - # PSA standard format for RSA public keys is a sequence of just n (modulus) - # and e (public exponent). However following tests rely on a format which - # also includes some metadata to identify the key as an RSA key, but this - # is not compliant with PSA standard. - 239, 240, 241, 242, 250, 251, -} +EXPECTED_FAILURES = {} # type: dict -# We currently use a fork of ARM-software/psa-arch-tests, with a couple of downstream patches -# that allow it to build with Mbed TLS 3, and fixes a couple of issues in the compliance test suite. -# These fixes allow the tests numbered 216, 248 and 249 to complete successfully. -# -# Once all the fixes are upstreamed, this fork should be replaced with an upstream commit/tag. -# - Tracked in issue #5145 -# -# Web URL: https://github.com/bensze01/psa-arch-tests/tree/fixes-for-mbedtls-3 -PSA_ARCH_TESTS_REPO = 'https://github.com/bensze01/psa-arch-tests.git' -PSA_ARCH_TESTS_REF = 'fix-pr-5736' +PSA_ARCH_TESTS_REPO = 'https://github.com/ARM-software/psa-arch-tests.git' +PSA_ARCH_TESTS_REF = 'v23.06_API1.5_ADAC_EAC' #pylint: disable=too-many-branches,too-many-statements,too-many-locals def main(library_build_dir: str): From e0c13cffb30453877d7e1f280465d50da1671021 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Jan 2024 10:17:49 +0100 Subject: [PATCH 1542/1674] Update some msg descriptions Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 13338d4cd..aeeddd6b9 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2453,16 +2453,16 @@ component_test_no_psa_crypto_full_cmake_asan() { # Note: ssl-opt.sh has some test cases that depend on # MBEDTLS_ECP_RESTARTABLE && !MBEDTLS_USE_PSA_CRYPTO # This is the only component where those tests are not skipped. - msg "test: ssl-opt.sh (full minus MBEDTLS_USE_PSA_CRYPTO)" + msg "test: ssl-opt.sh (full minus PSA crypto)" tests/ssl-opt.sh - msg "test: compat.sh default (full minus MBEDTLS_USE_PSA_CRYPTO)" + msg "test: compat.sh default (full minus PSA crypto)" tests/compat.sh - msg "test: compat.sh NULL (full minus MBEDTLS_USE_PSA_CRYPTO)" + msg "test: compat.sh NULL (full minus PSA crypto)" tests/compat.sh -f 'NULL' - msg "test: compat.sh ARIA + ChachaPoly (full minus MBEDTLS_USE_PSA_CRYPTO)" + msg "test: compat.sh ARIA + ChachaPoly (full minus PSA crypto)" env OPENSSL="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' } From f8c2cd14896d0047926a3e242896ece3b580c0b1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Jan 2024 10:18:36 +0100 Subject: [PATCH 1543/1674] Update preprocessor guard comment Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index cf0581c83..23a7b2523 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -127,7 +127,7 @@ static int pk_genkey(mbedtls_pk_context *pk, int curve_or_keybits) &mbedtls_pk_ec_rw(*pk)->d, &mbedtls_pk_ec_rw(*pk)->Q, mbedtls_test_rnd_std_rand, NULL); -#endif /* MBEDTLS_ECP_C && !MBEDTLS_PK_USE_PSA_EC_DATA */ +#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */ } #endif /* MBEDTLS_PK_HAVE_ECC_KEYS */ From 3da3c0a0009dca7abd26c387d1754f8c56a431e6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Jan 2024 10:22:29 +0100 Subject: [PATCH 1544/1674] Always call psa_crypto_init when testing mbedtls_pk_get_psa_attributes mbedtls_pk_get_psa_attributes() actually works without having initialized the PSA subsystem, because it doesn't call any non-client PSA API functions. But the function is only useful in conjunction with the PSA API: it's meant to be followed by importing a key with the resulting attributes. We don't advertize it to work without an up-and-running PSA subsystem, and there's no need to test it without an up-and-running PSA subsystem as we were (accidentally) doing. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.function | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 23a7b2523..225ead484 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -1711,7 +1711,7 @@ void pk_get_psa_attributes(int pk_type, int from_pair, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_usage_t usage = usage_arg; - MD_OR_USE_PSA_INIT(); + PSA_INIT(); psa_key_type_t expected_psa_type = 0; if (!pk_setup_for_type(pk_type, from_pair, &pk, &expected_psa_type)) { @@ -1772,7 +1772,7 @@ void pk_get_psa_attributes(int pk_type, int from_pair, exit: mbedtls_pk_free(&pk); psa_reset_key_attributes(&attributes); - MD_OR_USE_PSA_DONE(); + PSA_DONE(); } /* END_CASE */ @@ -1786,7 +1786,7 @@ void pk_rsa_v21_get_psa_attributes(int md_type, int from_pair, psa_key_usage_t usage = usage_arg; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - MD_OR_USE_PSA_INIT(); + PSA_INIT(); psa_key_type_t expected_psa_type = 0; if (!pk_setup_for_type(MBEDTLS_PK_RSA, from_pair, &pk, &expected_psa_type)) { @@ -1833,7 +1833,7 @@ void pk_rsa_v21_get_psa_attributes(int md_type, int from_pair, exit: mbedtls_pk_free(&pk); psa_reset_key_attributes(&attributes); - MD_OR_USE_PSA_DONE(); + PSA_DONE(); } /* END_CASE */ @@ -1847,7 +1847,7 @@ void pk_get_psa_attributes_fail(int pk_type, int from_pair, psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_usage_t usage = usage_arg; - MD_OR_USE_PSA_INIT(); + PSA_INIT(); psa_key_type_t expected_psa_type; if (!pk_setup_for_type(pk_type, from_pair, &pk, &expected_psa_type)) { @@ -1860,7 +1860,7 @@ void pk_get_psa_attributes_fail(int pk_type, int from_pair, exit: mbedtls_pk_free(&pk); psa_reset_key_attributes(&attributes); - MD_OR_USE_PSA_DONE(); + PSA_DONE(); } /* END_CASE */ From 03aa9bc2268d2e5c00fccb3cfd18c498e23f79a6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Jan 2024 11:08:44 +0100 Subject: [PATCH 1545/1674] Switch pk_setup_for_type() to return MBEDTLS_ERR_xxx Use mbedtls return codes rather than a boolean "has test not failed?". Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.function | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 225ead484..3fa7c7a1c 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -6,6 +6,7 @@ #include "mbedtls/asn1.h" #include "mbedtls/base64.h" #include "mbedtls/ecp.h" +#include "mbedtls/error.h" #include "mbedtls/rsa.h" #include "pk_internal.h" @@ -201,10 +202,8 @@ static mbedtls_ecp_group_id ecc_pick_grp_id(void) static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair, mbedtls_pk_context *pk, psa_key_type_t *psa_type) { - int ok = 0; - if (pk_type == MBEDTLS_PK_NONE) { - return 1; + return 0; } TEST_EQUAL(mbedtls_pk_setup(pk, mbedtls_pk_info_from_type(pk_type)), 0); @@ -278,10 +277,10 @@ static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair, if (!want_pair) { *psa_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(*psa_type); } - ok = 1; + return 0; exit: - return ok; + return MBEDTLS_ERR_ERROR_GENERIC_ERROR; } #endif @@ -1714,9 +1713,8 @@ void pk_get_psa_attributes(int pk_type, int from_pair, PSA_INIT(); psa_key_type_t expected_psa_type = 0; - if (!pk_setup_for_type(pk_type, from_pair, &pk, &expected_psa_type)) { - goto exit; - } + TEST_EQUAL(pk_setup_for_type(pk_type, from_pair, + &pk, &expected_psa_type), 0); if (!to_pair) { expected_psa_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(expected_psa_type); } @@ -1789,9 +1787,8 @@ void pk_rsa_v21_get_psa_attributes(int md_type, int from_pair, PSA_INIT(); psa_key_type_t expected_psa_type = 0; - if (!pk_setup_for_type(MBEDTLS_PK_RSA, from_pair, &pk, &expected_psa_type)) { - goto exit; - } + TEST_EQUAL(pk_setup_for_type(MBEDTLS_PK_RSA, from_pair, + &pk, &expected_psa_type), 0); mbedtls_rsa_context *rsa = mbedtls_pk_rsa(pk); TEST_EQUAL(mbedtls_rsa_set_padding(rsa, MBEDTLS_RSA_PKCS_V21, md_type), 0); if (!to_pair) { @@ -1850,9 +1847,8 @@ void pk_get_psa_attributes_fail(int pk_type, int from_pair, PSA_INIT(); psa_key_type_t expected_psa_type; - if (!pk_setup_for_type(pk_type, from_pair, &pk, &expected_psa_type)) { - goto exit; - } + TEST_EQUAL(pk_setup_for_type(pk_type, from_pair, + &pk, &expected_psa_type), 0); TEST_EQUAL(mbedtls_pk_get_psa_attributes(&pk, usage, &attributes), expected_ret); From 2a6cb5c88104d92496365d77bbb0a91f803d2241 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=98rjan=20Malde?= Date: Fri, 26 Jan 2024 12:51:35 +0000 Subject: [PATCH 1546/1674] fix build for midipix MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Ørjan Malde --- library/entropy_poll.c | 2 +- library/platform_util.c | 11 ++++++----- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/library/entropy_poll.c b/library/entropy_poll.c index bd21e2d22..794ee03a8 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -5,7 +5,7 @@ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ -#if defined(__linux__) && !defined(_GNU_SOURCE) +#if defined(__linux__) || defined(__midipix__) && !defined(_GNU_SOURCE) /* Ensure that syscall() is available even when compiling with -std=c99 */ #define _GNU_SOURCE #endif diff --git a/library/platform_util.c b/library/platform_util.c index 9f5dcb874..eafb0aa91 100644 --- a/library/platform_util.c +++ b/library/platform_util.c @@ -151,10 +151,10 @@ void mbedtls_zeroize_and_free(void *buf, size_t len) #include #if !defined(_WIN32) && (defined(unix) || \ defined(__unix) || defined(__unix__) || (defined(__APPLE__) && \ - defined(__MACH__))) + defined(__MACH__)) || defined__midipix__) #include #endif /* !_WIN32 && (unix || __unix || __unix__ || - * (__APPLE__ && __MACH__)) */ + * (__APPLE__ && __MACH__) || __midipix__) */ #if !((defined(_POSIX_VERSION) && _POSIX_VERSION >= 200809L) || \ (defined(_POSIX_THREAD_SAFE_FUNCTIONS) && \ @@ -222,9 +222,10 @@ void (*mbedtls_test_hook_test_fail)(const char *, int, const char *); #include #if !defined(_WIN32) && \ (defined(unix) || defined(__unix) || defined(__unix__) || \ - (defined(__APPLE__) && defined(__MACH__)) || defined(__HAIKU__)) + (defined(__APPLE__) && defined(__MACH__)) || defined(__HAIKU__) || defined(__midipix__)) #include -#endif /* !_WIN32 && (unix || __unix || __unix__ || (__APPLE__ && __MACH__) || __HAIKU__) */ +#endif \ + /* !_WIN32 && (unix || __unix || __unix__ || (__APPLE__ && __MACH__) || __HAIKU__ || __midipix__) */ #if (defined(_POSIX_VERSION) && _POSIX_VERSION >= 199309L) || defined(__HAIKU__) mbedtls_ms_time_t mbedtls_ms_time(void) { @@ -232,7 +233,7 @@ mbedtls_ms_time_t mbedtls_ms_time(void) struct timespec tv; mbedtls_ms_time_t current_ms; -#if defined(__linux__) && defined(CLOCK_BOOTTIME) +#if defined(__linux__) && defined(CLOCK_BOOTTIME) || defined(__midipix__) ret = clock_gettime(CLOCK_BOOTTIME, &tv); #else ret = clock_gettime(CLOCK_MONOTONIC, &tv); From 9e4eeff6e0b3e1ab4d60517998d6137e153c4a27 Mon Sep 17 00:00:00 2001 From: Tom Cosgrove Date: Tue, 30 Jan 2024 13:51:18 +0000 Subject: [PATCH 1547/1674] Fix comment about verison of clang required for 'build_aes_armce' Signed-off-by: Tom Cosgrove --- tests/scripts/all.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 44930d28b..9e45e0fee 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -4750,7 +4750,7 @@ component_build_aes_aesce_armcc () { } support_build_aes_armce() { - # clang >= 4 is required to build with AES extensions + # clang >= 11 is required to build with AES extensions ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" [ "${ver}" -ge 11 ] } From d4c373a597ea27edcbcd2104e907315493605f68 Mon Sep 17 00:00:00 2001 From: Tom Cosgrove Date: Tue, 30 Jan 2024 13:56:38 +0000 Subject: [PATCH 1548/1674] Refactor all.sh clang version detection code Prevents a script failure when attempting to run build_aes_armce on a system without clang Signed-off-by: Tom Cosgrove --- tests/scripts/all.sh | 32 +++++++++++++------------------- 1 file changed, 13 insertions(+), 19 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 9e45e0fee..315a66b14 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -821,6 +821,14 @@ pre_generate_files() { fi } +clang_version() { + if command -v clang > /dev/null ; then + clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#' + else + echo 0 # report version 0 for "no clang" + fi +} + ################################################################ #### Helpers for components using libtestdriver1 ################################################################ @@ -4692,14 +4700,8 @@ component_test_aesni_m32 () { # ~ 60s } support_test_aesni_m32_clang() { - support_test_aesni_m32 && if command -v clang > /dev/null ; then - # clang >= 4 is required to build with target attributes - clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" - [[ "${clang_ver}" -ge 4 ]] - else - # clang not available - false - fi + # clang >= 4 is required to build with target attributes + support_test_aesni_m32 && [[ $(clang_version) -ge 4 ]] } component_test_aesni_m32_clang() { @@ -4751,8 +4753,7 @@ component_build_aes_aesce_armcc () { support_build_aes_armce() { # clang >= 11 is required to build with AES extensions - ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" - [ "${ver}" -ge 11 ] + [[ $(clang_version) -ge 11 ]] } component_build_aes_armce () { @@ -4807,15 +4808,8 @@ component_build_aes_armce () { } support_build_sha_armce() { - if command -v clang > /dev/null ; then - # clang >= 4 is required to build with SHA extensions - clang_ver="$(clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#')" - - [[ "${clang_ver}" -ge 4 ]] - else - # clang not available - false - fi + # clang >= 4 is required to build with SHA extensions + [[ $(clang_version) -ge 4 ]] } component_build_sha_armce () { From 78da7468ca64838cfd3405a819f59b970b2da3b2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 30 Jan 2024 15:08:40 +0100 Subject: [PATCH 1549/1674] psa_util: minor improvements to convert_der_to_raw_single_int() Signed-off-by: Valerio Setti --- library/psa_util.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/psa_util.c b/library/psa_util.c index 0c603b704..dfea36b90 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -459,7 +459,8 @@ int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, * \param der_len Length of the der buffer in bytes. * \param raw Output buffer that will be filled with the * converted data. This should be at least - * coordinate_size bytes. + * coordinate_size bytes and it must be zeroed before + * calling this function. * \param coordinate_size Size (in bytes) of a single coordinate in raw * format. * @@ -500,11 +501,10 @@ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, if (unpadded_len > coordinate_size) { /* Parsed number is longer than the maximum expected value. */ return MBEDTLS_ERR_ASN1_INVALID_DATA; - } else { - padding_len = coordinate_size - unpadded_len; - /* raw buffer was already zeroed in mbedtls_ecdsa_der_to_raw() so - * zero-padding operation is skipped here. */ } + padding_len = coordinate_size - unpadded_len; + /* raw buffer was already zeroed by the calling function so zero-padding + * operation is skipped here. */ memcpy(raw + padding_len, p, unpadded_len); p += unpadded_len; From 98e1931a0a7486a147ae64877ea1542690d99582 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 30 Jan 2024 15:46:02 +0100 Subject: [PATCH 1550/1674] test_suite_psa_crypto_util: alloc/free buffer inside loop in ecdsa_raw_to_der_incremental() Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.function | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_util.function b/tests/suites/test_suite_psa_crypto_util.function index d1647d4b3..9dc95b659 100644 --- a/tests/suites/test_suite_psa_crypto_util.function +++ b/tests/suites/test_suite_psa_crypto_util.function @@ -33,17 +33,19 @@ void ecdsa_raw_to_der_incremental(int key_bits, data_t *input, data_t *exp_resul size_t ret_len; size_t i; - TEST_CALLOC(tmp_buf, tmp_buf_len); - - for (i = 0; i < tmp_buf_len; i++) { + for (i = 1; i < tmp_buf_len; i++) { + TEST_CALLOC(tmp_buf, i); TEST_ASSERT(mbedtls_ecdsa_raw_to_der(input->x, input->len, tmp_buf, i, &ret_len, key_bits) != 0); + mbedtls_free(tmp_buf); + tmp_buf = NULL; } + + TEST_CALLOC(tmp_buf, i); TEST_EQUAL(mbedtls_ecdsa_raw_to_der(input->x, input->len, tmp_buf, i, &ret_len, key_bits), 0); - exit: mbedtls_free(tmp_buf); } From 252311d41e1e13de76c1a71875b3553f54210fbd Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 30 Jan 2024 15:50:28 +0100 Subject: [PATCH 1551/1674] test_suite_psa_crypto_util: add test with 0-length for r Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 49b491954..78f048ade 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -70,6 +70,10 @@ ECDSA DER -> Raw, 256bit, Invalid r (only 1 zero byte) depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"302502010002202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH +ECDSA DER -> Raw, 256bit, Invalid r (0-length) +depends_on:PSA_WANT_ECC_SECP_K1_256 +ecdsa_der_to_raw:256:"3025020002202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_OUT_OF_DATA + # 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. ECDSA Raw -> DER, 512bit, Success depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 From 36dee75368a0db0aa262f0dda0c53400b2ccd0f8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Jan 2024 16:15:17 +0100 Subject: [PATCH 1552/1674] Update ECDSA signature conversion based on experimentation Signed-off-by: Gilles Peskine --- docs/architecture/psa-migration/psa-legacy-bridges.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index fb0070597..e09d23c49 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -282,7 +282,7 @@ int mbedtls_pk_import_into_psa(const mbedtls_pk_context *pk, * It is an error if `usage` has more than one flag set, or has a usage that is incompatible with the key type. * `mbedtls_pk_get_psa_attributes` sets the algorithm usage policy based on information in the key object and on `usage`. * For an RSA key with the `MBEDTLS_RSA_PKCS_V15` padding mode, the algorithm policy is `PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH)` for a sign/verify usage, and `PSA_ALG_RSA_PKCS1V15_CRYPT` for an encrypt/decrypt usage. - * For an RSA key with the `MBEDTLS_RSA_PKCS_V15` padding mode, the algorithm policy is `PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH)` for a sign/verify usage, and `PSA_ALG_RSA_OAEP(hash)` for an encrypt/decrypt usage where `hash` is from the RSA key's parameters. (Note that `PSA_ALG_ANY_HASH` is only allowed in signature algorithms.) + * For an RSA key with the `MBEDTLS_RSA_PKCS_V21` padding mode, the algorithm policy is `PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_ANY_HASH)` for a sign/verify usage, and `PSA_ALG_RSA_OAEP(hash)` for an encrypt/decrypt usage where `hash` is from the RSA key's parameters. (Note that `PSA_ALG_ANY_HASH` is only allowed in signature algorithms.) * For an `MBEDTLS_PK_ECKEY` or `MBEDTLS_PK_ECDSA` with a sign/verify usage, the algorithm policy is `PSA_ALG_DETERMINISTIC_ECDSA` if `MBEDTLS_ECDSA_DETERMINISTIC` is enabled and `PSA_ALG_ECDSA` otherwise. In either case, the hash policy is `PSA_ALG_ANY_HASH`. * For an `MBEDTLS_PK_ECKEY` or `MBEDTLS_PK_ECDKEY_DH` with the usage `PSA_KEY_USAGE_DERIVE`, the algorithm is `PSA_ALG_ECDH`. * For a `MBEDTLS_PK_OPAQUE`, this function reads the attributes of the existing PK key and copies them (without overriding the lifetime and key identifier in `attributes`), then applies a public-key restriction if needed. @@ -331,7 +331,8 @@ Based on the [gap analysis](#signature-formats): ``` int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, - unsigned char *der, size_t der_size, size_t *der_len); + unsigned char *der, size_t der_size, size_t *der_len, + size_t bits); int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, unsigned char *raw, size_t raw_size, size_t *raw_len, size_t bits); @@ -339,5 +340,5 @@ int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, * These functions convert between the signature format used by `mbedtls_pk_{sign,verify}{,_ext}` and the signature format used by `psa_{sign,verify}_{hash,message}`. * The input and output buffers can overlap. - -[OPEN] Should these functions rely on the ASN.1 module? To be decided when implementing. +* The `bits` parameter is necessary in the DER-to-raw direction because the DER format lacks leading zeros, so something else needs to convey the size of (r,s). The `bits` parameter is not needed in the raw-to-DER direction, but [it can help catch errors](https://github.com/Mbed-TLS/mbedtls/pull/8681#discussion_r1445980971) and the information is readily available in practice. +* Should these functions rely on the ASN.1 module? We experimented [calling ASN.1 functions](https://github.com/Mbed-TLS/mbedtls/pull/8681), [reimplementing simpler ASN.1 functions](https://github.com/Mbed-TLS/mbedtls/pull/8696), and [providing the functions from the ASN.1 module](https://github.com/Mbed-TLS/mbedtls/pull/8703). Providing the functions from the ASN.1 module [won on a compromise of code size and simplicity](https://github.com/Mbed-TLS/mbedtls/issues/7765#issuecomment-1893670015). From cbb9caead4c4ba5d80d6cb01386518ef6d05eaaa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 16 Feb 2023 23:40:40 +0100 Subject: [PATCH 1553/1674] Changelog for building SHA-256 and 512 with old libc Linux/Aarch64: support SHA acceleration detection with older libc On Linux on aarch64 (64-bit ARMv8) processors, we use getauxval() to detect whether the runtime environment supports SHA-256 or SHA-512 acceleration. Some libc do not define the necessary HWCAP_xxx constants to analyze the result of getauxval(), either because they don't bother or because they're too old to recognize the values we need (for example, HWCAP_SHA2 appeared in Glibc 2.24 and HWCAP_SHA512 appeared in Glibc 2.27). In such cases, assume that the values are the same as in the kernel ABI and define the constants manually. Signed-off-by: Gilles Peskine Signed-off-by: Dave Rodgman --- ChangeLog.d/linux-aarch64-hwcap.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/linux-aarch64-hwcap.txt diff --git a/ChangeLog.d/linux-aarch64-hwcap.txt b/ChangeLog.d/linux-aarch64-hwcap.txt new file mode 100644 index 000000000..23af87824 --- /dev/null +++ b/ChangeLog.d/linux-aarch64-hwcap.txt @@ -0,0 +1,4 @@ +Bugfix + * On Linux on ARMv8, fix a build error with SHA-256 and SHA-512 + acceleration detection when the libc headers do not define the + corresponding constant. Reported by valord577. From 76e4c6352daf57645e19493c4566a949c0502198 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 30 Jan 2024 11:33:32 +0100 Subject: [PATCH 1554/1674] test_suite_aria: remove NOT_DEFINED dependency from aria_invalid_param() Signed-off-by: Valerio Setti --- tests/suites/test_suite_aria.function | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_aria.function b/tests/suites/test_suite_aria.function index f1748d114..a454ebaf7 100644 --- a/tests/suites/test_suite_aria.function +++ b/tests/suites/test_suite_aria.function @@ -16,7 +16,7 @@ * END_DEPENDENCIES */ -/* BEGIN_CASE depends_on:NOT_DEFINED */ +/* BEGIN_CASE */ void aria_invalid_param() { mbedtls_aria_context ctx; @@ -52,8 +52,10 @@ void aria_invalid_param() output)); #endif /* MBEDTLS_CIPHER_MODE_CFB */ +#if defined(MBEDTLS_CIPHER_MODE_CBC) || defined(MBEDTLS_CIPHER_MODE_CFB) exit: return; +#endif } /* END_CASE */ From 779a1a5b204141b9bf7174fb981d49a8d35096b0 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 30 Jan 2024 11:40:24 +0100 Subject: [PATCH 1555/1674] aria: remove leftover in comments Signed-off-by: Valerio Setti --- library/aria.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/library/aria.c b/library/aria.c index a4d6c5062..d9f84cc59 100644 --- a/library/aria.c +++ b/library/aria.c @@ -578,8 +578,7 @@ int mbedtls_aria_crypt_cfb128(mbedtls_aria_context *ctx, n = *iv_off; /* An overly large value of n can lead to an unlimited - * buffer overflow. Therefore, guard against this - * outside of parameter validation. */ + * buffer overflow. */ if (n >= MBEDTLS_ARIA_BLOCKSIZE) { return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA; } @@ -631,8 +630,7 @@ int mbedtls_aria_crypt_ctr(mbedtls_aria_context *ctx, n = *nc_off; /* An overly large value of n can lead to an unlimited - * buffer overflow. Therefore, guard against this - * outside of parameter validation. */ + * buffer overflow. */ if (n >= MBEDTLS_ARIA_BLOCKSIZE) { return MBEDTLS_ERR_ARIA_BAD_INPUT_DATA; } From f988f95b9a5b430cb81e9bb233161afd9a961ad6 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 30 Jan 2024 14:40:31 +0100 Subject: [PATCH 1556/1674] test_suite_bignum: add test function: mpi_zero_length_buffer_is_null() The goal is to test all the bignum's functions that accept a buffer and its length and verify that they do not crash if a NULL pointer is passed in as buffer and 0 length is specified. Signed-off-by: Valerio Setti --- tests/suites/test_suite_bignum.function | 20 ++++++++++++++++++++ tests/suites/test_suite_bignum.misc.data | 3 +++ 2 files changed, 23 insertions(+) diff --git a/tests/suites/test_suite_bignum.function b/tests/suites/test_suite_bignum.function index c90f1bbbb..2305f488c 100644 --- a/tests/suites/test_suite_bignum.function +++ b/tests/suites/test_suite_bignum.function @@ -143,6 +143,26 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mpi_zero_length_buffer_is_null() +{ + mbedtls_mpi X; + size_t olen; + + mbedtls_mpi_init(&X); + + /* Simply test that the following functions do not crash when a NULL buffer + * pointer and 0 length is passed. We don't care much about the return value. */ + TEST_EQUAL(mbedtls_mpi_read_binary(&X, NULL, 0), 0); + TEST_EQUAL(mbedtls_mpi_read_binary_le(&X, NULL, 0), 0); + TEST_EQUAL(mbedtls_mpi_write_string(&X, 16, NULL, 0, &olen), MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL); + TEST_EQUAL(mbedtls_mpi_write_binary(&X, NULL, 0), 0); + +exit: + mbedtls_mpi_free(&X); +} +/* END_CASE */ + /* BEGIN_CASE */ void mpi_read_binary(data_t *buf, char *input_A) { diff --git a/tests/suites/test_suite_bignum.misc.data b/tests/suites/test_suite_bignum.misc.data index 9d068f146..c53e42a8f 100644 --- a/tests/suites/test_suite_bignum.misc.data +++ b/tests/suites/test_suite_bignum.misc.data @@ -82,6 +82,9 @@ mpi_read_write_string:16:"":2:"0":4:0:0 Test mpi_write_string #10 (Negative hex with odd number of digits) mpi_read_write_string:16:"-1":16:"":3:0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL +Provide NULL buffer with 0 length +mpi_zero_length_buffer_is_null + Base test mbedtls_mpi_read_binary #1 mpi_read_binary:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"0941379D00FED1491FE15DF284DFDE4A142F68AA8D412023195CEE66883E6290FFE703F4EA5963BF212713CEE46B107C09182B5EDCD955ADAC418BF4918E2889AF48E1099D513830CEC85C26AC1E158B52620E33BA8692F893EFBB2F958B4424" From dae21d3808be93c30fda318b19657b4db6ad2b5d Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 30 Jan 2024 15:31:42 +0000 Subject: [PATCH 1557/1674] Support SHA-512 hwcap detection on old libc Signed-off-by: Dave Rodgman --- library/sha512.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/library/sha512.c b/library/sha512.c index 601125445..6dcea8da5 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -102,6 +102,14 @@ # if defined(__linux__) /* Our preferred method of detection is getauxval() */ # include +# if !defined(HWCAP_SHA512) +/* The same header that declares getauxval() should provide the HWCAP_xxx + * constants to analyze its return value. However, the libc may be too + * old to have the constant that we need. So if it's missing, assume that + * the value is the same one used by the Linux kernel ABI. + */ +# define HWCAP_SHA512 (1 << 21) +# endif # endif /* Use SIGILL on Unix, and fall back to it on Linux */ # include From 91372f5549ac16438993913d5a2a52373b33f3e8 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 30 Jan 2024 17:01:15 +0100 Subject: [PATCH 1558/1674] test_suite_rsa: add more test cases for RSA key parsing Signed-off-by: Valerio Setti --- tests/suites/test_suite_rsa.data | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index bd286814d..545e7ff4e 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -643,6 +643,9 @@ rsa_parse_pkcs1_key:0:"300402010000":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG RSA parse private key - correct format+values, minimal modulus size (128 bit) rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":0 +RSA parse private key - missing SEQUENCE +rsa_parse_pkcs1_key:0:"020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + RSA parse private key - correct format, modulus too small (127 bit) rsa_parse_pkcs1_key:0:"30630201000211007c8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_RSA_KEY_CHECK_FAILED @@ -682,6 +685,9 @@ rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c8571020301000 RSA parse private key - correct values, qp wrong tag rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b7221FF08052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +RSA parse public key - missing SEQUENCE +rsa_parse_pkcs1_key:1:"028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG + RSA parse public key - wrong initial tag rsa_parse_pkcs1_key:1:"318189028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG @@ -711,3 +717,6 @@ rsa_parse_pkcs1_key:1:"30050203010001":MBEDTLS_ERR_ASN1_OUT_OF_DATA RSA parse public key - missing public exponent rsa_parse_pkcs1_key:1:"308184028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb7":MBEDTLS_ERR_ASN1_OUT_OF_DATA + +RSA parse public key - correct values, trailing garbage +rsa_parse_pkcs1_key:1:"30818a028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb7020301000100":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH From a888645bb8f5ec8e43179d355243483205e501f7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 30 Jan 2024 17:35:49 +0100 Subject: [PATCH 1559/1674] test_suite_rsa: add test for key write with incremental output size Signed-off-by: Valerio Setti --- tests/suites/test_suite_rsa.data | 6 ++++ tests/suites/test_suite_rsa.function | 50 ++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 545e7ff4e..8a224d5ef 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -720,3 +720,9 @@ rsa_parse_pkcs1_key:1:"308184028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6 RSA parse public key - correct values, trailing garbage rsa_parse_pkcs1_key:1:"30818a028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb7020301000100":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +RSA priv key write - incremental output buffer size +rsa_key_write_incremental:0:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c" + +RSA priv public key write - incremental output buffer size +rsa_key_write_incremental:1:"308189028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001" diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 71ca2b9ac..44caacd6e 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -1430,6 +1430,56 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void rsa_key_write_incremental(int is_public, data_t *input) +{ + mbedtls_rsa_context rsa_ctx; + unsigned char *buf = NULL, *start, *end; + size_t i; + + mbedtls_rsa_init(&rsa_ctx); + + /* This is supposed to succeed as the real target of this test are the + * write attempt below. */ + if (is_public) { + start = input->x; + end = input->x + input->len; + TEST_EQUAL(mbedtls_rsa_pubkey_parse(&rsa_ctx, &start, end), 0); + } else { + TEST_EQUAL(mbedtls_rsa_key_parse(&rsa_ctx, input->x, input->len), 0); + } + + for (i = 1; i < input->len; i++) { + TEST_CALLOC(buf, i); + end = buf + i; + /* We don't care much about the return value as long as it fails. */ + if (is_public) { + TEST_ASSERT(mbedtls_rsa_pubkey_write(&rsa_ctx, buf, &end) != 0); + } else { + TEST_ASSERT(mbedtls_rsa_key_write(&rsa_ctx, buf, &end) != 0); + } + mbedtls_free(buf); + buf = NULL; + } + + /* Ensure with the correct output buffer size everything works as expected. */ + TEST_CALLOC(buf, i); + end = buf + i; + + if (is_public) { + TEST_ASSERT(mbedtls_rsa_pubkey_write(&rsa_ctx, buf, &end) != 0); + } else { + TEST_ASSERT(mbedtls_rsa_key_write(&rsa_ctx, buf, &end) > 0); + } + +exit: + if (buf != NULL) { + mbedtls_free(buf); + } + mbedtls_rsa_free(&rsa_ctx); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void rsa_selftest() { From efcc55500265c7a1a39a507cfbb0220aebefd689 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 31 Jan 2024 11:15:37 +0100 Subject: [PATCH 1560/1674] test_suite_psa_crypto_util: add test with 0-length s Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 78f048ade..46af1f16f 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -74,6 +74,10 @@ ECDSA DER -> Raw, 256bit, Invalid r (0-length) depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"3025020002202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_OUT_OF_DATA +ECDSA DER -> Raw, 256bit, Invalid s (0-length) +depends_on:PSA_WANT_ECC_SECP_K1_256 +ecdsa_der_to_raw:256:"3044022011111111111111111111111111111111111111111111111111111111111111110200":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_OUT_OF_DATA + # 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. ECDSA Raw -> DER, 512bit, Success depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 From 3122f4da50b401cc56374ad8891bfd782a506483 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 31 Jan 2024 11:16:46 +0100 Subject: [PATCH 1561/1674] psa_util: invert check order for leading zeros in convert_der_to_raw_single_int() Signed-off-by: Valerio Setti --- library/psa_util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_util.c b/library/psa_util.c index dfea36b90..be257e72e 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -489,7 +489,7 @@ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, } /* Skip possible leading zero */ - if ((*p == 0x00) && (unpadded_len > 0)) { + if ((unpadded_len > 0) && (*p == 0x00)) { p++; unpadded_len--; /* It should never happen that the input number is all zeros. */ From faf026c67cf8054b8be8a42091f700a1b1417744 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 31 Jan 2024 14:32:06 +0100 Subject: [PATCH 1562/1674] Explain purpose of test specific write/parse ticket functions Signed-off-by: Ronald Cron --- tests/src/test_helpers/ssl_helpers.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 51957463c..980c19218 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -2427,7 +2427,13 @@ int mbedtls_test_tweak_tls13_certificate_msg_vector_len( } #endif /* MBEDTLS_TEST_HOOKS */ -/* Functions for session ticket tests */ +/* + * Functions for tests based on tickets. Implementations of the + * write/parse ticket interfaces as defined by mbedtls_ssl_ticket_write/parse_t. + * Basically same implementations as in ticket.c without the encryption. That + * way we can tweak easily tickets characteristics to simulate misbehaving + * peers. + */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) int mbedtls_test_ticket_write( void *p_ticket, const mbedtls_ssl_session *session, From 095a3a5a299d5e7a2adab71bc2aa25d5f44606a0 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 31 Jan 2024 14:34:22 +0100 Subject: [PATCH 1563/1674] Fix PSA init and done macros in TLS unit tests Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.function | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 234181d76..65fed181b 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3582,7 +3582,7 @@ void tls13_resume_session_with_ticket() mbedtls_test_init_handshake_options(&server_options); mbedtls_ssl_session_init(&saved_session); - MD_OR_USE_PSA_INIT(); + PSA_INIT(); client_options.pk_alg = MBEDTLS_PK_ECDSA; ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT, @@ -3652,7 +3652,7 @@ exit: mbedtls_test_free_handshake_options(&client_options); mbedtls_test_free_handshake_options(&server_options); mbedtls_ssl_session_free(&saved_session); - MD_OR_USE_PSA_DONE(); + PSA_DONE(); } /* END_CASE */ @@ -3678,7 +3678,7 @@ void tls13_early_data() mbedtls_test_init_handshake_options(&server_options); mbedtls_ssl_session_init(&saved_session); - MD_OR_USE_PSA_INIT(); + PSA_INIT(); client_options.pk_alg = MBEDTLS_PK_ECDSA; ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT, @@ -3767,6 +3767,6 @@ exit: mbedtls_test_free_handshake_options(&server_options); mbedtls_ssl_session_free(&saved_session); mbedtls_debug_set_threshold(0); - MD_OR_USE_PSA_DONE(); + PSA_DONE(); } /* END_CASE */ From 5de9c6f295fcc4328c6c94af0aa217a1a43ae2d7 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 31 Jan 2024 14:45:16 +0100 Subject: [PATCH 1564/1674] Fix and add comments in ticket and early data test function Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.function | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 65fed181b..9b282dc53 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3606,8 +3606,9 @@ void tls13_resume_session_with_ticket() /* * Run initial handshake: ephemeral key exchange mode, certificate with - * RSA key, signed with PKCS15, verified with PKCS21. Then, get the ticket - * sent by the server at the end of its handshake sequence. + * SECP256R1 key, CA certificate with SECP384R1 key, ECDSA signature + * algorithm. Then, get the ticket sent by the server at the end of its + * handshake sequence. */ TEST_ASSERT(mbedtls_test_move_handshake_to_state( &(server_ep.ssl), &(client_ep.ssl), @@ -3637,6 +3638,11 @@ void tls13_resume_session_with_ticket() ret = mbedtls_ssl_set_session(&(client_ep.ssl), &saved_session); TEST_EQUAL(ret, 0); + /* + * Run the handshake up to MBEDTLS_SSL_HANDSHAKE_WRAPUP and not + * MBEDTLS_SSL_HANDSHAKE_OVER to preserve handshake data for the checks + * below. + */ TEST_ASSERT(mbedtls_test_move_handshake_to_state( &(server_ep.ssl), &(client_ep.ssl), MBEDTLS_SSL_HANDSHAKE_WRAPUP) == 0); @@ -3656,6 +3662,11 @@ exit: } /* END_CASE */ +/* + * The !MBEDTLS_SSL_PROTO_TLS1_2 dependency of tls13_early_data() below is + * a temporary workaround to not run the test in Windows-2013 where there is + * an issue with mbedtls_vsnprintf(). + */ /* BEGIN_CASE depends_on:!MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_EARLY_DATA:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_DEBUG_C:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_SSL_SESSION_TICKETS */ void tls13_early_data() { @@ -3707,8 +3718,9 @@ void tls13_early_data() /* * Run initial handshake: ephemeral key exchange mode, certificate with - * RSA key, signed with PKCS15, verified with PKCS21. Then, get the ticket - * sent by the server at the end of its handshake sequence. + * SECP256R1 key, CA certificate with SECP384R1 key, ECDSA signature + * algorithm. Then, get the ticket sent by the server at the end of its + * handshake sequence. */ TEST_ASSERT(mbedtls_test_move_handshake_to_state( &(server_ep.ssl), &(client_ep.ssl), From eb84534ee3e77dede536f13744d19a4b392831db Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 31 Jan 2024 14:48:23 +0100 Subject: [PATCH 1565/1674] Use TEST_EQUAL instead of TEST_ASSERT where possible Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.function | 30 ++++++++++++++-------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 9b282dc53..d26407e2d 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3610,9 +3610,9 @@ void tls13_resume_session_with_ticket() * algorithm. Then, get the ticket sent by the server at the end of its * handshake sequence. */ - TEST_ASSERT(mbedtls_test_move_handshake_to_state( - &(server_ep.ssl), &(client_ep.ssl), - MBEDTLS_SSL_HANDSHAKE_OVER) == 0); + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_HANDSHAKE_OVER), 0); do { ret = mbedtls_ssl_read(&(client_ep.ssl), buf, sizeof(buf)); @@ -3643,9 +3643,9 @@ void tls13_resume_session_with_ticket() * MBEDTLS_SSL_HANDSHAKE_OVER to preserve handshake data for the checks * below. */ - TEST_ASSERT(mbedtls_test_move_handshake_to_state( - &(server_ep.ssl), &(client_ep.ssl), - MBEDTLS_SSL_HANDSHAKE_WRAPUP) == 0); + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_HANDSHAKE_WRAPUP), 0); TEST_EQUAL(server_ep.ssl.handshake->resume, 1); TEST_EQUAL(server_ep.ssl.handshake->new_session_tickets_count, 1); @@ -3722,9 +3722,9 @@ void tls13_early_data() * algorithm. Then, get the ticket sent by the server at the end of its * handshake sequence. */ - TEST_ASSERT(mbedtls_test_move_handshake_to_state( - &(server_ep.ssl), &(client_ep.ssl), - MBEDTLS_SSL_HANDSHAKE_OVER) == 0); + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_HANDSHAKE_OVER), 0); do { ret = mbedtls_ssl_read(&(client_ep.ssl), buf, sizeof(buf)); @@ -3752,9 +3752,9 @@ void tls13_early_data() mbedtls_debug_set_threshold(3); - TEST_ASSERT(mbedtls_test_move_handshake_to_state( - &(client_ep.ssl), &(server_ep.ssl), - MBEDTLS_SSL_SERVER_HELLO) == 0); + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(client_ep.ssl), &(server_ep.ssl), + MBEDTLS_SSL_SERVER_HELLO), 0); TEST_ASSERT(client_ep.ssl.early_data_status != MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT); @@ -3764,9 +3764,9 @@ void tls13_early_data() early_data_len); TEST_EQUAL(ret, early_data_len); - TEST_ASSERT(mbedtls_test_move_handshake_to_state( - &(server_ep.ssl), &(client_ep.ssl), - MBEDTLS_SSL_CLIENT_FINISHED) == 0); + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_CLIENT_FINISHED), 0); TEST_EQUAL(server_ep.ssl.early_data_status, MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED); From 6823247376c67aaf52badb20c5bcad69bf3a53b4 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 31 Jan 2024 15:59:06 +0000 Subject: [PATCH 1566/1674] Fix compile warning in tests Signed-off-by: Dave Rodgman --- tests/suites/test_suite_gcm.function | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index dac2a5df2..0af4209f4 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -165,6 +165,7 @@ static void gcm_reset_ctx(mbedtls_gcm_context *ctx, const uint8_t *key, TEST_EQUAL(starts_ret, mbedtls_gcm_starts(ctx, mode, iv, iv_len)); exit: /* empty */ + return; } /* END_HEADER */ @@ -514,6 +515,7 @@ void gcm_invalid_iv_len(void) goto exit; /* To suppress error that exit is defined but not used */ exit: /* empty */ + return; } /* END_CASE */ From ba8e9addd9c968ae25fa251dc0c40459f9c555f9 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 1 Feb 2024 13:54:46 +0000 Subject: [PATCH 1567/1674] Fix test dependencies Signed-off-by: Dave Rodgman --- tests/suites/test_suite_gcm.misc.data | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_gcm.misc.data b/tests/suites/test_suite_gcm.misc.data index 57f05caf5..108630ee8 100644 --- a/tests/suites/test_suite_gcm.misc.data +++ b/tests/suites/test_suite_gcm.misc.data @@ -2,13 +2,13 @@ GCM - Invalid parameters gcm_invalid_param: GCM - Invalid IV length -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_CCM_GCM_CAN_AES gcm_invalid_iv_len: GCM - Additional data length too long -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_CCM_GCM_CAN_AES gcm_add_len_too_long: GCM - Input length too long -depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C +depends_on:MBEDTLS_GCM_C:MBEDTLS_CCM_GCM_CAN_AES gcm_input_len_too_long: From 2d73baf171560d27afef869cc960172b717ea7db Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 1 Feb 2024 15:25:17 +0100 Subject: [PATCH 1568/1674] psa_util: convert_der_to_raw_single_int: ensure the input DER integers have valid length Signed-off-by: Valerio Setti --- library/psa_util.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/psa_util.c b/library/psa_util.c index be257e72e..b13d83d47 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -492,10 +492,10 @@ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, if ((unpadded_len > 0) && (*p == 0x00)) { p++; unpadded_len--; - /* It should never happen that the input number is all zeros. */ - if (unpadded_len == 0) { - return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; - } + } + /* It should never happen that the input number has 0 length. */ + if (unpadded_len == 0) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; } if (unpadded_len > coordinate_size) { From 3ecb395fb93626e6250ee693b6eb0ce3eba0fe44 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 1 Feb 2024 15:26:24 +0100 Subject: [PATCH 1569/1674] test_suite_psa_crypto_util: fix tests for 0-length and one 0x00 byte for r and s Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 46af1f16f..9368d7939 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -68,15 +68,19 @@ ecdsa_der_to_raw:256:"3045022100911111111111111111111111111111111111111111111111 ECDSA DER -> Raw, 256bit, Invalid r (only 1 zero byte) depends_on:PSA_WANT_ECC_SECP_K1_256 -ecdsa_der_to_raw:256:"302502010002202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH +ecdsa_der_to_raw:256:"302502010002202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA + +ECDSA DER -> Raw, 256bit, Invalid s (only 1 zero byte) +depends_on:PSA_WANT_ECC_SECP_K1_256 +ecdsa_der_to_raw:256:"302502201111111111111111111111111111111111111111111111111111111111111111020100":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA DER -> Raw, 256bit, Invalid r (0-length) depends_on:PSA_WANT_ECC_SECP_K1_256 -ecdsa_der_to_raw:256:"3025020002202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_OUT_OF_DATA +ecdsa_der_to_raw:256:"3024020002202222222222222222222222222222222222222222222222222222222222222222":"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA -ECDSA DER -> Raw, 256bit, Invalid s (0-length) +ECDSA DER -> Raw, 256bit,Invalid s (0-length) depends_on:PSA_WANT_ECC_SECP_K1_256 -ecdsa_der_to_raw:256:"3044022011111111111111111111111111111111111111111111111111111111111111110200":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_OUT_OF_DATA +ecdsa_der_to_raw:256:"3024022011111111111111111111111111111111111111111111111111111111111111110200":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ASN1_INVALID_DATA # 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. ECDSA Raw -> DER, 512bit, Success @@ -110,4 +114,4 @@ ecdsa_raw_to_der_incremental:512:"9111111111111111111111111111111111111111111111 ECDSA Raw -> DER, 521bit, Incremental DER buffer sizes depends_on:PSA_WANT_ECC_SECP_R1_521 -ecdsa_raw_to_der_incremental:528:"911111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"3081890243009111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222" +ecdsa_raw_to_der_incremental:528:"911111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"3081890243009111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222" \ No newline at end of file From 9e520f7ea952b7c815c66f93e8743b45772abd12 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 1 Feb 2024 15:50:44 +0100 Subject: [PATCH 1570/1674] changelog: improve descriptions Signed-off-by: Valerio Setti --- ChangeLog.d/8647.txt | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/ChangeLog.d/8647.txt b/ChangeLog.d/8647.txt index cfd3a4b9f..44007e2c2 100644 --- a/ChangeLog.d/8647.txt +++ b/ChangeLog.d/8647.txt @@ -1,7 +1,10 @@ Default behavior changes - * Importing of RSA keys in PEM format in PSA is officially unsupported - (this was previously undocumented). + * psa_import_key() now only accepts RSA keys in the PSA standard formats. + The undocumented ability to import other formats (PKCS#8, SubjectPublicKey, + PEM) accepted by the pkparse module has been removed. Applications that + need these format can call mbedtls_pk_parse_{public,}key() followed by + mbedtls_pk_import_into_psa(). -Features - * It is possible to enable RSA support in PSA (MBEDTLS_PSA_CRYPTO_C + - RSA_C) without enabling PK module (MBEDTLS_[PK|PK_WRITE|PK_PARSE]_C). +Changes + * RSA support in PSA no longer auto-enables the pkparse and pkwrite modules, + saving code size when those are not otherwise enabled. From 52ed54b9490745b3daae5bc9acb99b5455654c34 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 1 Feb 2024 16:29:01 +0100 Subject: [PATCH 1571/1674] psa_crypto_rsa: remove unnecessary casting Signed-off-by: Valerio Setti --- library/psa_crypto_rsa.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 7da6012c9..cfa2da619 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -73,8 +73,8 @@ psa_status_t mbedtls_psa_rsa_load_representation( if (PSA_KEY_TYPE_IS_KEY_PAIR(type)) { status = mbedtls_to_psa_error(mbedtls_rsa_key_parse(*p_rsa, data, data_length)); } else { - unsigned char *p = (unsigned char *) data; - unsigned char *end = (unsigned char *) (data + data_length); + unsigned char *p = data; + unsigned char *end = (data + data_length); status = mbedtls_to_psa_error(mbedtls_rsa_pubkey_parse(*p_rsa, &p, end)); } if (status != PSA_SUCCESS) { From 149b0e7ca2e19bbc2d0aff72615e7727fdbd844c Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 5 Jan 2024 14:25:03 +0100 Subject: [PATCH 1572/1674] ssl.h: Fix comment Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 36295269a..3e6b1e605 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1843,7 +1843,7 @@ struct mbedtls_ssl_context { #if defined(MBEDTLS_SSL_EARLY_DATA) int MBEDTLS_PRIVATE(early_data_status); -#endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_CLI_C */ +#endif /** Callback to export key block and master secret */ mbedtls_ssl_export_keys_t *MBEDTLS_PRIVATE(f_export_keys); From 5d0ae9021f28e317cfe7a2a10852dacb163c5872 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 5 Jan 2024 14:20:35 +0100 Subject: [PATCH 1573/1674] tls13: srv: Refine early data status The main purpose is to know from the status if early data can be received of not and why. Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 24 ++++++++++++++++++++---- library/ssl_misc.h | 20 +++++++++++++++++++- library/ssl_tls.c | 10 ++++++++++ library/ssl_tls13_server.c | 3 +++ 4 files changed, 52 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3e6b1e605..f478a18eb 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1644,6 +1644,26 @@ struct mbedtls_ssl_context { */ mbedtls_ssl_protocol_version MBEDTLS_PRIVATE(tls_version); +#if defined(MBEDTLS_SSL_EARLY_DATA) + /** + * On client side, status of the negotiation of the use of early data. + * See the documentation of mbedtls_ssl_get_early_data_status() for more + * information. + * + * On server side, internal only, status of early data in the course of an + * handshake. One of MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN, + * #MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED, + * #MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED, + * MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED and + * MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED. + * + * Reset to #MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT or + * MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN, at the beginning of a new + * handshake. + */ + int MBEDTLS_PRIVATE(early_data_status); +#endif + unsigned MBEDTLS_PRIVATE(badmac_seen); /*!< records with a bad MAC received */ #if defined(MBEDTLS_X509_CRT_PARSE_C) @@ -1841,10 +1861,6 @@ struct mbedtls_ssl_context { * and #MBEDTLS_SSL_CID_DISABLED. */ #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -#if defined(MBEDTLS_SSL_EARLY_DATA) - int MBEDTLS_PRIVATE(early_data_status); -#endif - /** Callback to export key block and master secret */ mbedtls_ssl_export_keys_t *MBEDTLS_PRIVATE(f_export_keys); void *MBEDTLS_PRIVATE(p_export_keys); /*!< context for key export callback */ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 96afe7628..943940826 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2132,8 +2132,26 @@ int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, size_t *out_len); #if defined(MBEDTLS_SSL_SRV_C) -#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED \ +/* Additional internal early data status, server side only. */ +/* + * The server has not received the ClientHello yet, the status of early data + * is thus unknown. + */ +#define MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN \ MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT + +/* + * The server has received the ClientHello, it contained no early data + * extension. + */ +#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED 3 + +/* + * The server has received the early data extension, it has accepted early + * data and received the end of early data message from the client marking the + * end of early data reception. + */ +#define MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED 4 #endif /* MBEDTLS_SSL_SRV_C */ #endif /* MBEDTLS_SSL_EARLY_DATA */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 0bc18f126..72db821a6 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1098,6 +1098,16 @@ static int ssl_handshake_init(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_ALLOC_FAILED; } +#if defined(MBEDTLS_SSL_EARLY_DATA) +#if defined(MBEDTLS_SSL_SRV_C) + MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN == 0, + "MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN not equal to 0"); +#endif + MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT == 0, + "MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT not equal to 0"); + ssl->early_data_status = 0; +#endif + /* Initialize structures */ mbedtls_ssl_session_init(ssl->session_negotiate); ssl_handshake_params_init(ssl->handshake); diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 904bb5b6f..ff501c8a9 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3024,6 +3024,9 @@ static int ssl_tls13_process_end_of_early_data(mbedtls_ssl_context *ssl) MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_end_of_early_data( ssl, buf, buf + buf_len)); + ssl->early_data_status = + MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED; + MBEDTLS_SSL_DEBUG_MSG( 1, ("Switch to handshake keys for inbound traffic" "( K_recv = handshake )")); From 739a1d42469e9f65aa39ca1b5615a33eb58c961e Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 8 Dec 2022 21:10:25 +0800 Subject: [PATCH 1574/1674] tls: Add internal function ssl_read_application_data() The function will be used by mbedtls_ssl_read_early_data() as well. Signed-off-by: Jerry Yu Signed-off-by: Ronald Cron --- library/ssl_msg.c | 66 +++++++++++++++++++++++++++++++---------------- 1 file changed, 44 insertions(+), 22 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 6579c9686..e76976751 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -5647,13 +5647,54 @@ static int ssl_handle_hs_message_post_handshake(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_INTERNAL_ERROR; } +/* + * brief Read at most 'len' application data bytes from the input + * buffer. + * + * param ssl SSL context: + * - First byte of application data not read yet in the input + * buffer located at address `in_offt`. + * - The number of bytes of data not read yet is `in_msglen`. + * param buf buffer that will hold the data + * param len maximum number of bytes to read + * + * note The function updates the fields `in_offt` and `in_msglen` + * according to the number of bytes read. + * + * return The number of bytes read. + */ +static int ssl_read_application_data( + mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) +{ + size_t n = (len < ssl->in_msglen) ? len : ssl->in_msglen; + + if (len != 0) { + memcpy(buf, ssl->in_offt, n); + ssl->in_msglen -= n; + } + + /* Zeroising the plaintext buffer to erase unused application data + from the memory. */ + mbedtls_platform_zeroize(ssl->in_offt, n); + + if (ssl->in_msglen == 0) { + /* all bytes consumed */ + ssl->in_offt = NULL; + ssl->keep_current_message = 0; + } else { + /* more data available */ + ssl->in_offt += n; + } + + return (int) n; +} + /* * Receive application data decrypted from the SSL layer */ int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t n; if (ssl == NULL || ssl->conf == NULL) { return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; @@ -5817,30 +5858,11 @@ int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) #endif /* MBEDTLS_SSL_PROTO_DTLS */ } - n = (len < ssl->in_msglen) - ? len : ssl->in_msglen; - - if (len != 0) { - memcpy(buf, ssl->in_offt, n); - ssl->in_msglen -= n; - } - - /* Zeroising the plaintext buffer to erase unused application data - from the memory. */ - mbedtls_platform_zeroize(ssl->in_offt, n); - - if (ssl->in_msglen == 0) { - /* all bytes consumed */ - ssl->in_offt = NULL; - ssl->keep_current_message = 0; - } else { - /* more data available */ - ssl->in_offt += n; - } + ret = ssl_read_application_data(ssl, buf, len); MBEDTLS_SSL_DEBUG_MSG(2, ("<= read")); - return (int) n; + return ret; } /* From 6a5904db458b4eb0a673b33e6050524e172c1d9a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 6 Dec 2023 17:11:12 +0800 Subject: [PATCH 1575/1674] tls13: srv: Move early data size check placeholder Signed-off-by: Jerry Yu Signed-off-by: Ronald Cron --- library/ssl_tls13_server.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index ff501c8a9..3b560e799 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2911,6 +2911,13 @@ static int ssl_tls13_end_of_early_data_coordinate(mbedtls_ssl_context *ssl) if (ssl->in_msgtype == MBEDTLS_SSL_MSG_APPLICATION_DATA) { MBEDTLS_SSL_DEBUG_MSG(3, ("Received early data")); + /* RFC 8446 section 4.6.1 + * + * A server receiving more than max_early_data_size bytes of 0-RTT data + * SHOULD terminate the connection with an "unexpected_message" alert. + * + * TODO: Add received data size check here. + */ return SSL_GOT_EARLY_DATA; } @@ -2956,14 +2963,6 @@ static int ssl_tls13_process_early_application_data(mbedtls_ssl_context *ssl) ssl->in_msg[ssl->in_msglen] = 0; MBEDTLS_SSL_DEBUG_MSG(3, ("\n%s", ssl->in_msg)); - /* RFC 8446 section 4.6.1 - * - * A server receiving more than max_early_data_size bytes of 0-RTT data - * SHOULD terminate the connection with an "unexpected_message" alert. - * - * TODO: Add received data size check here. - */ - return 0; } From 032985c351020a1e82e485d8146d1bdb01404d58 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 6 Dec 2023 17:59:33 +0800 Subject: [PATCH 1576/1674] Add MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA error code Signed-off-by: Jerry Yu Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 46 +++++++++++++++++++++++++++++++++++-------- 1 file changed, 38 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index f478a18eb..22ceb3904 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -90,8 +90,17 @@ #define MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET -0x7B00 /** Not possible to read early data */ #define MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA -0x7B80 +/** + * Early data has been received as part of an on-going handshake. + * This error code can be returned only on server side. This error code can be + * returned by mbedtls_ssl_handshake(), mbedtls_ssl_handshake_step(), + * mbedtls_ssl_read() and mbedtls_ssl_write() if early data has been received + * as part of the handshake sequence they triggered. To read the early + * data, call mbedtls_ssl_read_early_data(). + */ +#define MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA -0x7C00 /** Not possible to write early data */ -#define MBEDTLS_ERR_SSL_CANNOT_WRITE_EARLY_DATA -0x7C00 +#define MBEDTLS_ERR_SSL_CANNOT_WRITE_EARLY_DATA -0x7C80 /* Error space gap */ /* Error space gap */ /* Error space gap */ @@ -4749,6 +4758,11 @@ int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl, * \return #MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED if DTLS is in use * and the client did not demonstrate reachability yet - in * this case you must stop using the context (see below). + * \return #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA if early data, as + * defined in RFC 8446 (TLS 1.3 specification), has been + * received as part of the handshake. This is server specific. + * You must call mbedtls_ssl_read_early_data() to read the + * early data before to resume the handshake. * \return Another SSL error code - in this case you must stop using * the context (see below). * @@ -4757,7 +4771,8 @@ int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl, * #MBEDTLS_ERR_SSL_WANT_READ, * #MBEDTLS_ERR_SSL_WANT_WRITE, * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS or + * #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA, * you must stop using the SSL context for reading or writing, * and either free it or call \c mbedtls_ssl_session_reset() * on it before re-using it for a new connection; the current @@ -4826,8 +4841,9 @@ static inline int mbedtls_ssl_is_handshake_over(mbedtls_ssl_context *ssl) * * \warning If this function returns something other than \c 0, * #MBEDTLS_ERR_SSL_WANT_READ, #MBEDTLS_ERR_SSL_WANT_WRITE, - * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, you must stop using + * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS, + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS or + * #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA, you must stop using * the SSL context for reading or writing, and either free it * or call \c mbedtls_ssl_session_reset() on it before * re-using it for a new connection; the current connection @@ -4895,6 +4911,12 @@ int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl); * \return #MBEDTLS_ERR_SSL_CLIENT_RECONNECT if we're at the server * side of a DTLS connection and the client is initiating a * new connection using the same source port. See below. + * \return #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA if early data, as + * defined in RFC 8446 (TLS 1.3 specification), has been + * received as part of an handshake triggered by the function. + * This is server specific. You must call + * mbedtls_ssl_read_early_data() to read the early data before + * to resume the reading of post handshake application data. * \return Another SSL error code - in this case you must stop using * the context (see below). * @@ -4903,8 +4925,9 @@ int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl); * #MBEDTLS_ERR_SSL_WANT_READ, * #MBEDTLS_ERR_SSL_WANT_WRITE, * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS, - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS or - * #MBEDTLS_ERR_SSL_CLIENT_RECONNECT, + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, + * #MBEDTLS_ERR_SSL_CLIENT_RECONNECT or + * #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA, * you must stop using the SSL context for reading or writing, * and either free it or call \c mbedtls_ssl_session_reset() * on it before re-using it for a new connection; the current @@ -4969,6 +4992,12 @@ int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len); * operation is in progress (see mbedtls_ecp_set_max_ops()) - * in this case you must call this function again to complete * the handshake when you're done attending other tasks. + * \return #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA if early data, as + * defined in RFC 8446 (TLS 1.3 specification), has been + * received as part of an handshake triggered by the function. + * This is server specific. You must call + * mbedtls_ssl_read_early_data() to read the early data before + * to resume the writing of application data. * \return Another SSL error code - in this case you must stop using * the context (see below). * @@ -4976,8 +5005,9 @@ int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len); * a non-negative value, * #MBEDTLS_ERR_SSL_WANT_READ, * #MBEDTLS_ERR_SSL_WANT_WRITE, - * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS or - * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS, + * #MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS, + * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS or + * #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA, * you must stop using the SSL context for reading or writing, * and either free it or call \c mbedtls_ssl_session_reset() * on it before re-using it for a new connection; the current From 3a04562ace1ba39667c80173fb4cfb74008bb922 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 8 Jan 2024 18:44:59 +0100 Subject: [PATCH 1577/1674] Update mbedtls_ssl_read_early_data() definition Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 22ceb3904..7f1bd8f16 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -5075,8 +5075,11 @@ int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl); #if defined(MBEDTLS_SSL_SRV_C) /** - * \brief Read at most 'len' application data bytes while performing - * the handshake (early data). + * \brief Read at most 'len' bytes of early data + * + * \note This API is server specific. + * + * \note Early data is defined in the TLS 1.3 specification, RFC 8446. * * \note This function behaves mainly as mbedtls_ssl_read(). The * specification of mbedtls_ssl_read() relevant to TLS 1.3 @@ -5084,10 +5087,19 @@ int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl); * function and the present documentation is restricted to the * differences with mbedtls_ssl_read(). * + * \note This function can be used in conjunction with + * mbedtls_ssl_handshake(), mbedtls_ssl_handshake_step(), + * mbedtls_ssl_read() and mbedtls_ssl_write() to read early + * data when these functions return + * #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA. + * * \param ssl SSL context * \param buf buffer that will hold the data * \param len maximum number of bytes to read * + * \note Unlike mbedtls_ssl_read(), this function does not return + * #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA. + * * \return One additional specific return value: * #MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA. * @@ -5112,11 +5124,6 @@ int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl); * \p ssl but this does not preclude for using it with * mbedtls_ssl_write(), mbedtls_ssl_read() or * mbedtls_ssl_handshake(). - * - * \note When a server wants to retrieve early data, it is expected - * that this function starts the handshake for the SSL context - * \p ssl. But this is not mandatory. - * */ int mbedtls_ssl_read_early_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len); From d9ca354dbd760f68c716b773dd2e844b8a22010f Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 6 Dec 2023 17:23:52 +0800 Subject: [PATCH 1578/1674] tls13: srv: Add mbedtls_ssl_read_early_data() API Signed-off-by: Jerry Yu Signed-off-by: Ronald Cron --- library/ssl_msg.c | 49 ++++++++++++++++++++++++++++++++++++++ library/ssl_tls13_server.c | 26 ++------------------ 2 files changed, 51 insertions(+), 24 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index e76976751..825ca8fe9 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -5865,6 +5865,55 @@ int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) return ret; } + +#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_EARLY_DATA) +int mbedtls_ssl_read_early_data(mbedtls_ssl_context *ssl, + unsigned char *buf, size_t len) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + const struct mbedtls_ssl_config *conf; + unsigned char *p = buf; + + if (ssl == NULL || ((conf = ssl->conf) == NULL)) { + return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; + } + + if ((!mbedtls_ssl_conf_is_tls13_enabled(conf)) || + (conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) || + (conf->early_data_enabled != MBEDTLS_SSL_EARLY_DATA_ENABLED)) { + return MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA; + } + + if (ssl->tls_version != MBEDTLS_SSL_VERSION_TLS1_3) { + return MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA; + } + + if ((ssl->early_data_status != MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN) && + (ssl->early_data_status != MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED)) { + return MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA; + } + + ret = mbedtls_ssl_handshake(ssl); + if (ret == MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA) { + if (ssl->in_offt == NULL) { + /* Set the reading pointer */ + ssl->in_offt = ssl->in_msg; + } + ret = ssl_read_application_data(ssl, p, len); + } else if (ret == 0) { + /* + * If the handshake is completed, return immediately that early data + * cannot be read anymore. This potentially saves another call to this + * API and when the function returns 0, it only means that zero byte + * of early data has been received. + */ + return MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA; + } + + return ret; +} +#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_EARLY_DATA */ + /* * Send application data to be encrypted by the SSL layer, taking care of max * fragment length and buffer size. diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 3b560e799..97ce5c276 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2943,29 +2943,6 @@ static int ssl_tls13_parse_end_of_early_data(mbedtls_ssl_context *ssl, return 0; } -MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_process_early_application_data(mbedtls_ssl_context *ssl) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - - if ((ret = mbedtls_ssl_read_record(ssl, 0)) != 0) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_read_record", ret); - return ret; - } - - /* - * Output early data - * - * For the time being, we print received data via debug message. - * - * TODO: Remove it when `mbedtls_ssl_read_early_data` is ready. - */ - ssl->in_msg[ssl->in_msglen] = 0; - MBEDTLS_SSL_DEBUG_MSG(3, ("\n%s", ssl->in_msg)); - - return 0; -} - /* * RFC 8446 section A.2 * @@ -3039,7 +3016,8 @@ static int ssl_tls13_process_end_of_early_data(mbedtls_ssl_context *ssl) ssl_tls13_prepare_for_handshake_second_flight(ssl); } else if (ret == SSL_GOT_EARLY_DATA) { - MBEDTLS_SSL_PROC_CHK(ssl_tls13_process_early_application_data(ssl)); + ret = MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA; + goto cleanup; } else { MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen")); ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; From 192e0f9b1d8f81044bb70b2c9b60f117b9e0cde2 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 16 Dec 2022 18:55:06 +0800 Subject: [PATCH 1579/1674] ssl_server2: Add read early data support Signed-off-by: Jerry Yu Signed-off-by: Ronald Cron --- programs/ssl/ssl_server2.c | 14 ++++++++++++++ tests/data_files/tls13_early_data.txt | 1 + 2 files changed, 15 insertions(+) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 598d38cac..48b2282c9 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1612,6 +1612,7 @@ int main(int argc, char *argv[]) #if defined(MBEDTLS_SSL_EARLY_DATA) int tls13_early_data_enabled = MBEDTLS_SSL_EARLY_DATA_DISABLED; #endif + #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) mbedtls_memory_buffer_alloc_init(alloc_buf, sizeof(alloc_buf)); #if defined(MBEDTLS_MEMORY_DEBUG) @@ -3450,6 +3451,19 @@ handshake: fflush(stdout); while ((ret = mbedtls_ssl_handshake(&ssl)) != 0) { +#if defined(MBEDTLS_SSL_EARLY_DATA) + if (ret == MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA) { + memset(buf, 0, opt.buffer_size); + ret = mbedtls_ssl_read_early_data(&ssl, buf, opt.buffer_size); + if (ret > 0) { + buf[ret] = '\0'; + mbedtls_printf(" %d early data bytes read\n\n%s\n", + ret, (char *) buf); + } + continue; + } +#endif /* MBEDTLS_SSL_EARLY_DATA */ + #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) if (ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS && ssl_async_keys.inject_error == SSL_ASYNC_INJECT_ERROR_CANCEL) { diff --git a/tests/data_files/tls13_early_data.txt b/tests/data_files/tls13_early_data.txt index 0c84b0720..95811fd39 100644 --- a/tests/data_files/tls13_early_data.txt +++ b/tests/data_files/tls13_early_data.txt @@ -1,3 +1,4 @@ EarlyData context: line 0 lf EarlyData context: line 1 lf +EarlyData context: line 2 lf EarlyData context: If it appears, that means early_data received. From 579bd4d46b3b253deea9fcfc8bd5826aad088b00 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 16 Nov 2023 15:37:10 +0800 Subject: [PATCH 1580/1674] Update early data test Signed-off-by: Jerry Yu Signed-off-by: Ronald Cron --- tests/opt-testcases/tls13-misc.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index c1682e3cf..b6894de81 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -506,4 +506,7 @@ run_test "TLS 1.3 G->m: EarlyData: feature is enabled, good." \ -s "Sent max_early_data_size=$EARLY_DATA_INPUT_LEN" \ -s "ClientHello: early_data(42) extension exists." \ -s "EncryptedExtensions: early_data(42) extension exists." \ - -s "$( tail -1 $EARLY_DATA_INPUT )" + -s "$( head -1 $EARLY_DATA_INPUT )" \ + -s "$( tail -1 $EARLY_DATA_INPUT )" \ + -s "200 early data bytes read" \ + -s "106 early data bytes read" From 7b6ee9482e71a47488278a7e1d68d8681f03e174 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 12 Jan 2024 10:29:55 +0100 Subject: [PATCH 1581/1674] tls13: srv: Reject early data in case of HRR Signed-off-by: Ronald Cron --- library/ssl_tls13_server.c | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 97ce5c276..6933d1a05 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1780,7 +1780,8 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_EARLY_DATA) -static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) +static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl, + int hrr_required) { mbedtls_ssl_handshake_params *handshake = ssl->handshake; @@ -1801,6 +1802,11 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) return; } + if (hrr_required) { + MBEDTLS_SSL_DEBUG_MSG(1, ("EarlyData: rejected, HRR required.")); + return; + } + if (!handshake->resume) { /* We currently support early data only in the case of PSKs established via a NewSessionTicket message thus in the case of a session @@ -1858,7 +1864,8 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl) /* Update the handshake state machine */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl) +static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl, + int hrr_required) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -1882,8 +1889,8 @@ static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl) } #if defined(MBEDTLS_SSL_EARLY_DATA) - /* There is enough information, update early data state. */ - ssl_tls13_update_early_data_status(ssl); + /* There is enough information, update early data status. */ + ssl_tls13_update_early_data_status(ssl, hrr_required); if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { ret = mbedtls_ssl_tls13_compute_early_transform(ssl); @@ -1893,6 +1900,8 @@ static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl) return ret; } } +#else + ((void) hrr_required); #endif /* MBEDTLS_SSL_EARLY_DATA */ return 0; @@ -1947,7 +1956,9 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl) return 0; } - MBEDTLS_SSL_PROC_CHK(ssl_tls13_postprocess_client_hello(ssl)); + MBEDTLS_SSL_PROC_CHK( + ssl_tls13_postprocess_client_hello(ssl, parse_client_hello_ret == + SSL_CLIENT_HELLO_HRR_REQUIRED)); if (SSL_CLIENT_HELLO_OK == parse_client_hello_ret) { mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_SERVER_HELLO); From 7d21cded3f0bf8fe7096f253585cf19547a5deb4 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 30 Jan 2024 14:37:55 +0100 Subject: [PATCH 1582/1674] ssl.h: Simplify guard MBEDTLS_SSL_EARLY_DATA implies MBEDTLS_SSL_PROTO_TLS1_3 thus MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_EARLY_DATA is equivalent to MBEDTLS_SSL_EARLY_DATA. Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 7f1bd8f16..610ed2711 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2018,7 +2018,7 @@ void mbedtls_ssl_conf_transport(mbedtls_ssl_config *conf, int transport); */ void mbedtls_ssl_conf_authmode(mbedtls_ssl_config *conf, int authmode); -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_EARLY_DATA) +#if defined(MBEDTLS_SSL_EARLY_DATA) /** * \brief Set the early data mode * Default: disabled on server and client @@ -2073,7 +2073,7 @@ void mbedtls_ssl_conf_max_early_data_size( mbedtls_ssl_config *conf, uint32_t max_early_data_size); #endif /* MBEDTLS_SSL_SRV_C */ -#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_EARLY_DATA */ +#endif /* MBEDTLS_SSL_EARLY_DATA */ #if defined(MBEDTLS_X509_CRT_PARSE_C) /** From 0883b8b625a5531f2fc8a61b6b0417f00f76f91e Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 30 Jan 2024 16:13:34 +0100 Subject: [PATCH 1583/1674] tls13: Introduce early_data_state SSL context field Introduce early_data_state SSL context field to distinguish better this internal state from the status values defined for the mbedtls_ssl_get_early_data_status() API. Distinguish also between the client and server states. Note that the client state are going to be documented and reworked as part of the implementation of mbedtls_ssl_write_early_data(). Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 61 ++++++++++++++++++++++++++++--------- library/ssl_debug_helpers.h | 5 +++ library/ssl_misc.h | 24 --------------- library/ssl_msg.c | 6 ++-- library/ssl_tls.c | 8 +---- library/ssl_tls13_client.c | 14 ++++----- library/ssl_tls13_server.c | 22 ++++++------- 7 files changed, 74 insertions(+), 66 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 610ed2711..bf3085291 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1621,6 +1621,49 @@ struct mbedtls_ssl_config { #endif }; +#if defined(MBEDTLS_SSL_EARLY_DATA) +enum mbedtls_ssl_cli_early_data_state { + MBEDTLS_SSL_CLI_EARLY_DATA_STATE_NOT_SENT, + MBEDTLS_SSL_CLI_EARLY_DATA_STATE_ACCEPTED, + MBEDTLS_SSL_CLI_EARLY_DATA_STATE_REJECTED +}; + +/* + * MBEDTLS_SSL_SRV_EARLY_DATA_STATE_WAITING_CH: + * The server is waiting for the ClientHello. + * + * MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING: + * The server has received a ClientHello indicating early data and has + * accepted them. It is now expecting early data and the end of early + * data message. + * + * MBEDTLS_SSL_SRV_EARLY_DATA_STATE_REJECTED: + * The server has received a ClientHello indicating early data and has + * rejected them. + * + * MBEDTLS_SSL_SRV_EARLY_DATA_STATE_NOT_RECEIVED: + * The server has received a ClientHello, no indication of early data. + * + * MBEDTLS_SSL_SRV_EARLY_DATA_STATE_EOED_RECEIVED + * The server has received the early data extension, it has accepted early + * data and received the end of early data message from the client marking + * the end of early data reception. + */ + +enum mbedtls_ssl_srv_early_data_state { + MBEDTLS_SSL_SRV_EARLY_DATA_STATE_WAITING_CH, + MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING, + MBEDTLS_SSL_SRV_EARLY_DATA_STATE_REJECTED, + MBEDTLS_SSL_SRV_EARLY_DATA_STATE_NOT_RECEIVED, + MBEDTLS_SSL_SRV_EARLY_DATA_STATE_EOED_RECEIVED +}; + +union mbedtls_ssl_early_data_state { + enum mbedtls_ssl_cli_early_data_state cli; + enum mbedtls_ssl_srv_early_data_state srv; +}; +#endif /* MBEDTLS_SSL_EARLY_DATA */ + struct mbedtls_ssl_context { const mbedtls_ssl_config *MBEDTLS_PRIVATE(conf); /*!< configuration information */ @@ -1655,22 +1698,10 @@ struct mbedtls_ssl_context { #if defined(MBEDTLS_SSL_EARLY_DATA) /** - * On client side, status of the negotiation of the use of early data. - * See the documentation of mbedtls_ssl_get_early_data_status() for more - * information. - * - * On server side, internal only, status of early data in the course of an - * handshake. One of MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN, - * #MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED, - * #MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED, - * MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED and - * MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED. - * - * Reset to #MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT or - * MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN, at the beginning of a new - * handshake. + * State of the sending (client side) or reception (server side) of early + * data. Reset to the initial state at the beginning of a new handshake. */ - int MBEDTLS_PRIVATE(early_data_status); + union mbedtls_ssl_early_data_state MBEDTLS_PRIVATE(early_data_state); #endif unsigned MBEDTLS_PRIVATE(badmac_seen); /*!< records with a bad MAC received */ diff --git a/library/ssl_debug_helpers.h b/library/ssl_debug_helpers.h index 2b0e73772..3410c9022 100644 --- a/library/ssl_debug_helpers.h +++ b/library/ssl_debug_helpers.h @@ -49,6 +49,11 @@ void mbedtls_ssl_print_ticket_flags(const mbedtls_ssl_context *ssl, unsigned int flags); #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ +#if defined(MBEDTLS_SSL_EARLY_DATA) +const char *mbedtls_ssl_cli_early_data_state_str(enum mbedtls_ssl_cli_early_data_state in); +const char *mbedtls_ssl_srv_early_data_state_str(enum mbedtls_ssl_srv_early_data_state in); +#endif + #define MBEDTLS_SSL_PRINT_EXTS(level, hs_msg_type, extensions_mask) \ mbedtls_ssl_print_extensions(ssl, level, __FILE__, __LINE__, \ hs_msg_type, extensions_mask, NULL) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 943940826..2a488bbdb 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2130,30 +2130,6 @@ int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, unsigned char *buf, const unsigned char *end, size_t *out_len); - -#if defined(MBEDTLS_SSL_SRV_C) -/* Additional internal early data status, server side only. */ -/* - * The server has not received the ClientHello yet, the status of early data - * is thus unknown. - */ -#define MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN \ - MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT - -/* - * The server has received the ClientHello, it contained no early data - * extension. - */ -#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED 3 - -/* - * The server has received the early data extension, it has accepted early - * data and received the end of early data message from the client marking the - * end of early data reception. - */ -#define MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED 4 -#endif /* MBEDTLS_SSL_SRV_C */ - #endif /* MBEDTLS_SSL_EARLY_DATA */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 825ca8fe9..c6ba1158d 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -5888,8 +5888,10 @@ int mbedtls_ssl_read_early_data(mbedtls_ssl_context *ssl, return MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA; } - if ((ssl->early_data_status != MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN) && - (ssl->early_data_status != MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED)) { + if ((ssl->early_data_state.srv != + MBEDTLS_SSL_SRV_EARLY_DATA_STATE_WAITING_CH) && + (ssl->early_data_state.srv != + MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING)) { return MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA; } diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 72db821a6..50a8cd209 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1099,13 +1099,7 @@ static int ssl_handshake_init(mbedtls_ssl_context *ssl) } #if defined(MBEDTLS_SSL_EARLY_DATA) -#if defined(MBEDTLS_SSL_SRV_C) - MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN == 0, - "MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN not equal to 0"); -#endif - MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT == 0, - "MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT not equal to 0"); - ssl->early_data_status = 0; + ssl->early_data_state.cli = 0; #endif /* Initialize structures */ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 76f0f1896..94bbfe85a 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1195,10 +1195,10 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, * `accepted` if the EncryptedExtension message contain an early data * indication extension. */ - ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED; + ssl->early_data_state.cli = MBEDTLS_SSL_CLI_EARLY_DATA_STATE_REJECTED; } else { MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write early_data extension")); - ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT; + ssl->early_data_state.cli = MBEDTLS_SSL_CLI_EARLY_DATA_STATE_NOT_SENT; } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -1235,7 +1235,7 @@ int mbedtls_ssl_tls13_finalize_client_hello(mbedtls_ssl_context *ssl) size_t psk_len; const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED) { + if (ssl->early_data_state.cli == MBEDTLS_SSL_CLI_EARLY_DATA_STATE_REJECTED) { MBEDTLS_SSL_DEBUG_MSG( 1, ("Set hs psk for early data when writing the first psk")); @@ -1916,7 +1916,7 @@ static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl) * cases we compute it here. */ #if defined(MBEDTLS_SSL_EARLY_DATA) - if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT || + if (ssl->early_data_state.cli == MBEDTLS_SSL_CLI_EARLY_DATA_STATE_NOT_SENT || handshake->key_exchange_mode == MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL) #endif @@ -2228,7 +2228,7 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; } - ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED; + ssl->early_data_state.cli = MBEDTLS_SSL_CLI_EARLY_DATA_STATE_ACCEPTED; } #endif @@ -2565,9 +2565,9 @@ static int ssl_tls13_process_server_finished(mbedtls_ssl_context *ssl) } #if defined(MBEDTLS_SSL_EARLY_DATA) - if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { + if (ssl->early_data_state.cli == MBEDTLS_SSL_CLI_EARLY_DATA_STATE_ACCEPTED) { mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_END_OF_EARLY_DATA); - } else if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED) { + } else if (ssl->early_data_state.cli == MBEDTLS_SSL_CLI_EARLY_DATA_STATE_REJECTED) { mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); } else #endif /* MBEDTLS_SSL_EARLY_DATA */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 6933d1a05..9fcea5821 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1780,8 +1780,8 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_EARLY_DATA) -static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl, - int hrr_required) +static void ssl_tls13_update_early_data_state(mbedtls_ssl_context *ssl, + int hrr_required) { mbedtls_ssl_handshake_params *handshake = ssl->handshake; @@ -1789,11 +1789,11 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl, MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) == 0) { MBEDTLS_SSL_DEBUG_MSG( 1, ("EarlyData: no early data extension received.")); - ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED; + ssl->early_data_state.srv = MBEDTLS_SSL_SRV_EARLY_DATA_STATE_NOT_RECEIVED; return; } - ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED; + ssl->early_data_state.srv = MBEDTLS_SSL_SRV_EARLY_DATA_STATE_REJECTED; if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_DISABLED) { MBEDTLS_SSL_DEBUG_MSG( @@ -1856,7 +1856,7 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl, return; } - ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED; + ssl->early_data_state.srv = MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING; } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -1890,9 +1890,9 @@ static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_EARLY_DATA) /* There is enough information, update early data status. */ - ssl_tls13_update_early_data_status(ssl, hrr_required); + ssl_tls13_update_early_data_state(ssl, hrr_required); - if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { + if (ssl->early_data_state.srv == MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING) { ret = mbedtls_ssl_tls13_compute_early_transform(ssl); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET( @@ -2541,7 +2541,7 @@ static int ssl_tls13_write_encrypted_extensions_body(mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_EARLY_DATA) - if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { + if (ssl->early_data_state.srv == MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING) { ret = mbedtls_ssl_tls13_write_early_data_ext( ssl, 0, p, end, &output_len); if (ret != 0) { @@ -2868,7 +2868,7 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) } #if defined(MBEDTLS_SSL_EARLY_DATA) - if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { + if (ssl->early_data_state.srv == MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING) { /* See RFC 8446 section A.2 for more information */ MBEDTLS_SSL_DEBUG_MSG( 1, ("Switch to early keys for inbound traffic. " @@ -3011,8 +3011,8 @@ static int ssl_tls13_process_end_of_early_data(mbedtls_ssl_context *ssl) MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_end_of_early_data( ssl, buf, buf + buf_len)); - ssl->early_data_status = - MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED; + ssl->early_data_state.srv = + MBEDTLS_SSL_SRV_EARLY_DATA_STATE_EOED_RECEIVED; MBEDTLS_SSL_DEBUG_MSG( 1, ("Switch to handshake keys for inbound traffic" From 2c4308958d613f47b33003beba0c087419c24895 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 30 Jan 2024 18:11:11 +0100 Subject: [PATCH 1584/1674] ssl.h: Fix comments Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index bf3085291..485ff57af 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -4793,7 +4793,7 @@ int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl, * defined in RFC 8446 (TLS 1.3 specification), has been * received as part of the handshake. This is server specific. * You must call mbedtls_ssl_read_early_data() to read the - * early data before to resume the handshake. + * early data before resuming the handshake. * \return Another SSL error code - in this case you must stop using * the context (see below). * @@ -4947,7 +4947,7 @@ int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl); * received as part of an handshake triggered by the function. * This is server specific. You must call * mbedtls_ssl_read_early_data() to read the early data before - * to resume the reading of post handshake application data. + * resuming the reading of post handshake application data. * \return Another SSL error code - in this case you must stop using * the context (see below). * @@ -5028,7 +5028,7 @@ int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len); * received as part of an handshake triggered by the function. * This is server specific. You must call * mbedtls_ssl_read_early_data() to read the early data before - * to resume the writing of application data. + * resuming the writing of application data. * \return Another SSL error code - in this case you must stop using * the context (see below). * From 44d70a5f2341b3664b8be81a37b94ee97773c4bc Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 30 Jan 2024 18:16:47 +0100 Subject: [PATCH 1585/1674] tls13: early data: Improve documentation Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 75 ++++++++++++++++++++++++++++++------------- 1 file changed, 52 insertions(+), 23 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 485ff57af..ccabbc239 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -92,11 +92,12 @@ #define MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA -0x7B80 /** * Early data has been received as part of an on-going handshake. - * This error code can be returned only on server side. This error code can be - * returned by mbedtls_ssl_handshake(), mbedtls_ssl_handshake_step(), - * mbedtls_ssl_read() and mbedtls_ssl_write() if early data has been received - * as part of the handshake sequence they triggered. To read the early - * data, call mbedtls_ssl_read_early_data(). + * This error code can be returned only on server side if and only if early + * data has been enabled by means of the mbedtls_ssl_conf_early_data() API. + * This error code can then be returned by mbedtls_ssl_handshake(), + * mbedtls_ssl_handshake_step(), mbedtls_ssl_read() or mbedtls_ssl_write() if + * early data has been received as part of the handshake sequence they + * triggered. To read the early data, call mbedtls_ssl_read_early_data(). */ #define MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA -0x7C00 /** Not possible to write early data */ @@ -2057,14 +2058,23 @@ void mbedtls_ssl_conf_authmode(mbedtls_ssl_config *conf, int authmode); * \param conf The SSL configuration to use. * \param early_data_enabled can be: * - * MBEDTLS_SSL_EARLY_DATA_DISABLED: early data functionality is disabled - * This is the default on client and server. + * MBEDTLS_SSL_EARLY_DATA_DISABLED: + * Early data functionality is disabled. This is the default on client and + * server. * - * MBEDTLS_SSL_EARLY_DATA_ENABLED: early data functionality is enabled and - * may be negotiated in the handshake. Application using - * early data functionality needs to be aware of the - * lack of replay protection of the early data application - * payloads. + * MBEDTLS_SSL_EARLY_DATA_ENABLED: + * Early data functionality is enabled and may be negotiated in the handshake. + * Application using early data functionality needs to be aware that the + * security properties for early data (also refered to as 0-RTT data) are + * weaker than those for other kinds of TLS data. See the documentation of + * mbedtls_ssl_write_early_data() and mbedtls_ssl_read_early_data() for more + * information. + * When early data functionality is enabled on server and only in that case, + * the call to one of the APIs that trigger or resume an handshake sequence, + * namely mbedtls_ssl_handshake(), mbedtls_ssl_handshake_step(), + * mbedtls_ssl_read() or mbedtls_ssl_write() may return with the error code + * MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA indicating that some early data have + * been received. To read the early data, call mbedtls_ssl_read_early_data(). * * \warning This interface is experimental and may change without notice. * @@ -4791,9 +4801,11 @@ int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl, * this case you must stop using the context (see below). * \return #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA if early data, as * defined in RFC 8446 (TLS 1.3 specification), has been - * received as part of the handshake. This is server specific. - * You must call mbedtls_ssl_read_early_data() to read the - * early data before resuming the handshake. + * received as part of the handshake. This is server specific + * and may occur only if the early data feature has been + * enabled on server (see mbedtls_ssl_conf_early_data() + * documentation). You must call mbedtls_ssl_read_early_data() + * to read the early data before resuming the handshake. * \return Another SSL error code - in this case you must stop using * the context (see below). * @@ -4944,10 +4956,11 @@ int mbedtls_ssl_renegotiate(mbedtls_ssl_context *ssl); * new connection using the same source port. See below. * \return #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA if early data, as * defined in RFC 8446 (TLS 1.3 specification), has been - * received as part of an handshake triggered by the function. - * This is server specific. You must call - * mbedtls_ssl_read_early_data() to read the early data before - * resuming the reading of post handshake application data. + * received as part of the handshake. This is server specific + * and may occur only if the early data feature has been + * enabled on server (see mbedtls_ssl_conf_early_data() + * documentation). You must call mbedtls_ssl_read_early_data() + * to read the early data before resuming the handshake. * \return Another SSL error code - in this case you must stop using * the context (see below). * @@ -5025,10 +5038,11 @@ int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len); * the handshake when you're done attending other tasks. * \return #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA if early data, as * defined in RFC 8446 (TLS 1.3 specification), has been - * received as part of an handshake triggered by the function. - * This is server specific. You must call - * mbedtls_ssl_read_early_data() to read the early data before - * resuming the writing of application data. + * received as part of the handshake. This is server specific + * and may occur only if the early data feature has been + * enabled on server (see mbedtls_ssl_conf_early_data() + * documentation). You must call mbedtls_ssl_read_early_data() + * to read the early data before resuming the handshake. * \return Another SSL error code - in this case you must stop using * the context (see below). * @@ -5111,6 +5125,21 @@ int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl); * \note This API is server specific. * * \note Early data is defined in the TLS 1.3 specification, RFC 8446. + * IMPORTANT NOTE from section 2.3 of the specification: + * + * The security properties for 0-RTT data are weaker than + * those for other kinds of TLS data. Specifically: + * - This data is not forward secret, as it is encrypted + * solely under keys derived using the offered PSK. + * - There are no guarantees of non-replay between connections. + * Protection against replay for ordinary TLS 1.3 1-RTT data + * is provided via the server's Random value, but 0-RTT data + * does not depend on the ServerHello and therefore has + * weaker guarantees. This is especially relevant if the + * data is authenticated either with TLS client + * authentication or inside the application protocol. The + * same warnings apply to any use of the + * early_exporter_master_secret. * * \note This function behaves mainly as mbedtls_ssl_read(). The * specification of mbedtls_ssl_read() relevant to TLS 1.3 From ed7d4bfda589684c59aaadc14e4bfdba07f7cd3d Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 31 Jan 2024 07:55:19 +0100 Subject: [PATCH 1586/1674] tls13: srv: Simplify mbedtls_ssl_read_early_data() API Do not progress the handshake in the API, just read early data if some has been detected by a previous call to mbedtls_ssl_handshake(), mbedtls_ssl_handshake_step(), mbedtls_ssl_read() or mbedtls_ssl_write(). Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 44 +++++++++----------------------------- library/ssl_msg.c | 42 ++++-------------------------------- library/ssl_tls13_server.c | 4 ++++ 3 files changed, 18 insertions(+), 72 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index ccabbc239..5644f08c8 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -5141,49 +5141,25 @@ int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl); * same warnings apply to any use of the * early_exporter_master_secret. * - * \note This function behaves mainly as mbedtls_ssl_read(). The - * specification of mbedtls_ssl_read() relevant to TLS 1.3 - * (thus not the parts specific to (D)TLS 1.2) applies to this - * function and the present documentation is restricted to the - * differences with mbedtls_ssl_read(). - * - * \note This function can be used in conjunction with + * \note This function is used in conjunction with * mbedtls_ssl_handshake(), mbedtls_ssl_handshake_step(), * mbedtls_ssl_read() and mbedtls_ssl_write() to read early * data when these functions return * #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA. * - * \param ssl SSL context + * \param ssl SSL context, it must have been initialized and set up. * \param buf buffer that will hold the data * \param len maximum number of bytes to read * - * \note Unlike mbedtls_ssl_read(), this function does not return + * \return The (positive) number of bytes read if successful. + * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA if input data is invalid. + * \return #MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA if it is not + * possible to read early data for the SSL context \p ssl. Note + * that this function is intended to be called for an SSL + * context \p ssl only after a call to mbedtls_ssl_handshake(), + * mbedtls_ssl_handshake_step(), mbedtls_ssl_read() or + * mbedtls_ssl_write() for \p ssl that has returned * #MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA. - * - * \return One additional specific return value: - * #MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA. - * - * #MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA is returned when it - * is not possible to read early data for the SSL context - * \p ssl. - * - * It may have been possible and it is not possible - * anymore because the server received the End of Early Data - * message or the maximum number of allowed early data for the - * PSK in use has been reached. - * - * It may never have been possible and will never be possible - * for the SSL context \p ssl because the use of early data - * is disabled for that context or more generally the context - * is not suitably configured to enable early data or the - * client does not use early data or the first call to the - * function was done while the handshake was already too - * advanced to gather and accept early data. - * - * It is not possible to read early data for the SSL context - * \p ssl but this does not preclude for using it with - * mbedtls_ssl_write(), mbedtls_ssl_read() or - * mbedtls_ssl_handshake(). */ int mbedtls_ssl_read_early_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len); diff --git a/library/ssl_msg.c b/library/ssl_msg.c index c6ba1158d..3547f6798 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -5865,54 +5865,20 @@ int mbedtls_ssl_read(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) return ret; } - #if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_EARLY_DATA) int mbedtls_ssl_read_early_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t len) { - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - const struct mbedtls_ssl_config *conf; - unsigned char *p = buf; - - if (ssl == NULL || ((conf = ssl->conf) == NULL)) { + if (ssl == NULL || (ssl->conf == NULL)) { return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } - if ((!mbedtls_ssl_conf_is_tls13_enabled(conf)) || - (conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) || - (conf->early_data_enabled != MBEDTLS_SSL_EARLY_DATA_ENABLED)) { + if ((ssl->state != MBEDTLS_SSL_END_OF_EARLY_DATA) || + (ssl->in_offt == NULL)) { return MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA; } - if (ssl->tls_version != MBEDTLS_SSL_VERSION_TLS1_3) { - return MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA; - } - - if ((ssl->early_data_state.srv != - MBEDTLS_SSL_SRV_EARLY_DATA_STATE_WAITING_CH) && - (ssl->early_data_state.srv != - MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING)) { - return MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA; - } - - ret = mbedtls_ssl_handshake(ssl); - if (ret == MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA) { - if (ssl->in_offt == NULL) { - /* Set the reading pointer */ - ssl->in_offt = ssl->in_msg; - } - ret = ssl_read_application_data(ssl, p, len); - } else if (ret == 0) { - /* - * If the handshake is completed, return immediately that early data - * cannot be read anymore. This potentially saves another call to this - * API and when the function returns 0, it only means that zero byte - * of early data has been received. - */ - return MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA; - } - - return ret; + return ssl_read_application_data(ssl, buf, len); } #endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_EARLY_DATA */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 9fcea5821..5b90dd5c7 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -2929,6 +2929,10 @@ static int ssl_tls13_end_of_early_data_coordinate(mbedtls_ssl_context *ssl) * * TODO: Add received data size check here. */ + if (ssl->in_offt == NULL) { + /* Set the reading pointer */ + ssl->in_offt = ssl->in_msg; + } return SSL_GOT_EARLY_DATA; } From 44ff9506ddb315d06f2c33ccf5fe3f0a2ee60014 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 1 Feb 2024 16:51:05 +0100 Subject: [PATCH 1587/1674] rsa: set parse/write functions out of !RSA_ALT guard Signed-off-by: Valerio Setti --- library/rsa.c | 665 +++++++++++++++++++++++++------------------------- 1 file changed, 332 insertions(+), 333 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index e0c38c3bc..b81039ceb 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -46,6 +46,338 @@ #include "mbedtls/platform.h" +int mbedtls_rsa_key_parse(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen) +{ + int ret, version; + size_t len; + unsigned char *p, *end; + + mbedtls_mpi T; + mbedtls_mpi_init(&T); + + p = (unsigned char *) key; + end = p + keylen; + + /* + * This function parses the RSAPrivateKey (PKCS#1) + * + * RSAPrivateKey ::= SEQUENCE { + * version Version, + * modulus INTEGER, -- n + * publicExponent INTEGER, -- e + * privateExponent INTEGER, -- d + * prime1 INTEGER, -- p + * prime2 INTEGER, -- q + * exponent1 INTEGER, -- d mod (p-1) + * exponent2 INTEGER, -- d mod (q-1) + * coefficient INTEGER, -- (inverse of q) mod p + * otherPrimeInfos OtherPrimeInfos OPTIONAL + * } + */ + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return ret; + } + + end = p + len; + + if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) { + return ret; + } + + if (version != 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } + + /* Import N */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, &T, NULL, NULL, + NULL, NULL)) != 0) { + goto cleanup; + } + + /* Import E */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, NULL, NULL, + NULL, &T)) != 0) { + goto cleanup; + } + + /* Import D */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, NULL, NULL, + &T, NULL)) != 0) { + goto cleanup; + } + + /* Import P */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, &T, NULL, + NULL, NULL)) != 0) { + goto cleanup; + } + + /* Import Q */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_rsa_import(rsa, NULL, NULL, &T, + NULL, NULL)) != 0) { + goto cleanup; + } + +#if !defined(MBEDTLS_RSA_NO_CRT) && !defined(MBEDTLS_RSA_ALT) + /* + * The RSA CRT parameters DP, DQ and QP are nominally redundant, in + * that they can be easily recomputed from D, P and Q. However by + * parsing them from the PKCS1 structure it is possible to avoid + * recalculating them which both reduces the overhead of loading + * RSA private keys into memory and also avoids side channels which + * can arise when computing those values, since all of D, P, and Q + * are secret. See https://eprint.iacr.org/2020/055 for a + * description of one such attack. + */ + + /* Import DP */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_mpi_copy(&rsa->DP, &T)) != 0) { + goto cleanup; + } + + /* Import DQ */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_mpi_copy(&rsa->DQ, &T)) != 0) { + goto cleanup; + } + + /* Import QP */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = mbedtls_mpi_copy(&rsa->QP, &T)) != 0) { + goto cleanup; + } + +#else + /* Verify existence of the CRT params */ + if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || + (ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0) { + goto cleanup; + } +#endif + + /* rsa_complete() doesn't complete anything with the default + * implementation but is still called: + * - for the benefit of alternative implementation that may want to + * pre-compute stuff beyond what's provided (eg Montgomery factors) + * - as is also sanity-checks the key + * + * Furthermore, we also check the public part for consistency with + * mbedtls_pk_parse_pubkey(), as it includes size minima for example. + */ + if ((ret = mbedtls_rsa_complete(rsa)) != 0 || + (ret = mbedtls_rsa_check_pubkey(rsa)) != 0) { + goto cleanup; + } + + if (p != end) { + ret = MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } + +cleanup: + + mbedtls_mpi_free(&T); + + if (ret != 0) { + mbedtls_rsa_free(rsa); + } + + return ret; +} + +int mbedtls_rsa_pubkey_parse(mbedtls_rsa_context *rsa, unsigned char **p, + const unsigned char *end) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t len; + + /* + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER -- e + * } + */ + + if ((ret = mbedtls_asn1_get_tag(p, end, &len, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { + return ret; + } + + if (*p + len != end) { + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } + + /* Import N */ + if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { + return ret; + } + + if ((ret = mbedtls_rsa_import_raw(rsa, *p, len, NULL, 0, NULL, 0, + NULL, 0, NULL, 0)) != 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } + + *p += len; + + /* Import E */ + if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { + return ret; + } + + if ((ret = mbedtls_rsa_import_raw(rsa, NULL, 0, NULL, 0, NULL, 0, + NULL, 0, *p, len)) != 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } + + *p += len; + + if (mbedtls_rsa_complete(rsa) != 0 || + mbedtls_rsa_check_pubkey(rsa) != 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } + + if (*p != end) { + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } + + return 0; +} + +int mbedtls_rsa_key_write(const mbedtls_rsa_context *rsa, unsigned char *start, + unsigned char **p) +{ + size_t len = 0; + int ret; + + mbedtls_mpi T; /* Temporary holding the exported parameters */ + + /* + * Export the parameters one after another to avoid simultaneous copies. + */ + + mbedtls_mpi_init(&T); + + /* Export QP */ + if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export DQ */ + if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export DP */ + if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export Q */ + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, &T, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export P */ + if ((ret = mbedtls_rsa_export(rsa, NULL, &T, NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export D */ + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, &T, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export E */ + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export N */ + if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + +end_of_export: + + mbedtls_mpi_free(&T); + if (ret < 0) { + return ret; + } + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, start, 0)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, + MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + + return (int) len; +} + +/* + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER -- e + * } + */ +int mbedtls_rsa_pubkey_write(const mbedtls_rsa_context *rsa, unsigned char *start, + unsigned char **p) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t len = 0; + mbedtls_mpi T; + + mbedtls_mpi_init(&T); + + /* Export E */ + if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + + /* Export N */ + if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 || + (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { + goto end_of_export; + } + len += ret; + +end_of_export: + + mbedtls_mpi_free(&T); + if (ret < 0) { + return ret; + } + + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_CONSTRUCTED | + MBEDTLS_ASN1_SEQUENCE)); + + return (int) len; +} #if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT) @@ -688,339 +1020,6 @@ static int asn1_get_nonzero_mpi(unsigned char **p, return 0; } -int mbedtls_rsa_key_parse(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen) -{ - int ret, version; - size_t len; - unsigned char *p, *end; - - mbedtls_mpi T; - mbedtls_mpi_init(&T); - - p = (unsigned char *) key; - end = p + keylen; - - /* - * This function parses the RSAPrivateKey (PKCS#1) - * - * RSAPrivateKey ::= SEQUENCE { - * version Version, - * modulus INTEGER, -- n - * publicExponent INTEGER, -- e - * privateExponent INTEGER, -- d - * prime1 INTEGER, -- p - * prime2 INTEGER, -- q - * exponent1 INTEGER, -- d mod (p-1) - * exponent2 INTEGER, -- d mod (q-1) - * coefficient INTEGER, -- (inverse of q) mod p - * otherPrimeInfos OtherPrimeInfos OPTIONAL - * } - */ - if ((ret = mbedtls_asn1_get_tag(&p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { - return ret; - } - - end = p + len; - - if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) { - return ret; - } - - if (version != 0) { - return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; - } - - /* Import N */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_rsa_import(rsa, &T, NULL, NULL, - NULL, NULL)) != 0) { - goto cleanup; - } - - /* Import E */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_rsa_import(rsa, NULL, NULL, NULL, - NULL, &T)) != 0) { - goto cleanup; - } - - /* Import D */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_rsa_import(rsa, NULL, NULL, NULL, - &T, NULL)) != 0) { - goto cleanup; - } - - /* Import P */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_rsa_import(rsa, NULL, &T, NULL, - NULL, NULL)) != 0) { - goto cleanup; - } - - /* Import Q */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_rsa_import(rsa, NULL, NULL, &T, - NULL, NULL)) != 0) { - goto cleanup; - } - -#if !defined(MBEDTLS_RSA_NO_CRT) && !defined(MBEDTLS_RSA_ALT) - /* - * The RSA CRT parameters DP, DQ and QP are nominally redundant, in - * that they can be easily recomputed from D, P and Q. However by - * parsing them from the PKCS1 structure it is possible to avoid - * recalculating them which both reduces the overhead of loading - * RSA private keys into memory and also avoids side channels which - * can arise when computing those values, since all of D, P, and Q - * are secret. See https://eprint.iacr.org/2020/055 for a - * description of one such attack. - */ - - /* Import DP */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_mpi_copy(&rsa->DP, &T)) != 0) { - goto cleanup; - } - - /* Import DQ */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_mpi_copy(&rsa->DQ, &T)) != 0) { - goto cleanup; - } - - /* Import QP */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = mbedtls_mpi_copy(&rsa->QP, &T)) != 0) { - goto cleanup; - } - -#else - /* Verify existence of the CRT params */ - if ((ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0 || - (ret = asn1_get_nonzero_mpi(&p, end, &T)) != 0) { - goto cleanup; - } -#endif - - /* rsa_complete() doesn't complete anything with the default - * implementation but is still called: - * - for the benefit of alternative implementation that may want to - * pre-compute stuff beyond what's provided (eg Montgomery factors) - * - as is also sanity-checks the key - * - * Furthermore, we also check the public part for consistency with - * mbedtls_pk_parse_pubkey(), as it includes size minima for example. - */ - if ((ret = mbedtls_rsa_complete(rsa)) != 0 || - (ret = mbedtls_rsa_check_pubkey(rsa)) != 0) { - goto cleanup; - } - - if (p != end) { - ret = MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; - } - -cleanup: - - mbedtls_mpi_free(&T); - - if (ret != 0) { - mbedtls_rsa_free(rsa); - } - - return ret; -} - -int mbedtls_rsa_pubkey_parse(mbedtls_rsa_context *rsa, unsigned char **p, - const unsigned char *end) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t len; - - /* - * RSAPublicKey ::= SEQUENCE { - * modulus INTEGER, -- n - * publicExponent INTEGER -- e - * } - */ - - if ((ret = mbedtls_asn1_get_tag(p, end, &len, - MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { - return ret; - } - - if (*p + len != end) { - return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; - } - - /* Import N */ - if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { - return ret; - } - - if ((ret = mbedtls_rsa_import_raw(rsa, *p, len, NULL, 0, NULL, 0, - NULL, 0, NULL, 0)) != 0) { - return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; - } - - *p += len; - - /* Import E */ - if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { - return ret; - } - - if ((ret = mbedtls_rsa_import_raw(rsa, NULL, 0, NULL, 0, NULL, 0, - NULL, 0, *p, len)) != 0) { - return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; - } - - *p += len; - - if (mbedtls_rsa_complete(rsa) != 0 || - mbedtls_rsa_check_pubkey(rsa) != 0) { - return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; - } - - if (*p != end) { - return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; - } - - return 0; -} - -int mbedtls_rsa_key_write(const mbedtls_rsa_context *rsa, unsigned char *start, - unsigned char **p) -{ - size_t len = 0; - int ret; - - mbedtls_mpi T; /* Temporary holding the exported parameters */ - - /* - * Export the parameters one after another to avoid simultaneous copies. - */ - - mbedtls_mpi_init(&T); - - /* Export QP */ - if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export DQ */ - if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export DP */ - if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export Q */ - if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, &T, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export P */ - if ((ret = mbedtls_rsa_export(rsa, NULL, &T, NULL, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export D */ - if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, &T, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export E */ - if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export N */ - if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - -end_of_export: - - mbedtls_mpi_free(&T); - if (ret < 0) { - return ret; - } - - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, start, 0)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, - MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE)); - - return (int) len; -} - -/* - * RSAPublicKey ::= SEQUENCE { - * modulus INTEGER, -- n - * publicExponent INTEGER -- e - * } - */ -int mbedtls_rsa_pubkey_write(const mbedtls_rsa_context *rsa, unsigned char *start, - unsigned char **p) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t len = 0; - mbedtls_mpi T; - - mbedtls_mpi_init(&T); - - /* Export E */ - if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - - /* Export N */ - if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 || - (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) { - goto end_of_export; - } - len += ret; - -end_of_export: - - mbedtls_mpi_free(&T); - if (ret < 0) { - return ret; - } - - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len)); - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE)); - - return (int) len; -} - #if defined(MBEDTLS_GENPRIME) /* From 135ebde273d57f23932650efc60a17af00a1b328 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 1 Feb 2024 17:00:29 +0100 Subject: [PATCH 1588/1674] rsa: rename parse/write functions in order to follow the standard format Signed-off-by: Valerio Setti --- library/pk_wrap.c | 8 ++++---- library/pkparse.c | 12 ++++++------ library/pkwrite.c | 4 ++-- library/psa_crypto_rsa.c | 8 ++++---- library/rsa.c | 8 ++++---- library/rsa_internal.h | 8 ++++---- tests/suites/test_suite_rsa.function | 24 ++++++++++++------------ 7 files changed, 36 insertions(+), 36 deletions(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index ff8eeb14c..f8ce09995 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -87,7 +87,7 @@ static int rsa_verify_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, return MBEDTLS_ERR_RSA_VERIFY_FAILED; } - key_len = mbedtls_rsa_pubkey_write(rsa, buf, &p); + key_len = mbedtls_rsa_write_pubkey(rsa, buf, &p); if (key_len <= 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } @@ -185,7 +185,7 @@ int mbedtls_pk_psa_rsa_sign_ext(psa_algorithm_t alg, return MBEDTLS_ERR_PK_BUFFER_TOO_SMALL; } - key_len = mbedtls_rsa_key_write(rsa_ctx, buf, &p); + key_len = mbedtls_rsa_write_key(rsa_ctx, buf, &p); if (key_len <= 0) { mbedtls_free(buf); return MBEDTLS_ERR_PK_BAD_INPUT_DATA; @@ -293,7 +293,7 @@ static int rsa_decrypt_wrap(mbedtls_pk_context *pk, return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - key_len = mbedtls_rsa_key_write(rsa, buf, &p); + key_len = mbedtls_rsa_write_key(rsa, buf, &p); if (key_len <= 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } @@ -375,7 +375,7 @@ static int rsa_encrypt_wrap(mbedtls_pk_context *pk, return MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE; } - key_len = mbedtls_rsa_pubkey_write(rsa, buf, &p); + key_len = mbedtls_rsa_write_pubkey(rsa, buf, &p); if (key_len <= 0) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } diff --git a/library/pkparse.c b/library/pkparse.c index 17df101f0..b2127b2e5 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -850,7 +850,7 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, #if defined(MBEDTLS_RSA_C) if (pk_alg == MBEDTLS_PK_RSA) { - ret = mbedtls_rsa_pubkey_parse(mbedtls_pk_rsa(*pk), p, end); + ret = mbedtls_rsa_parse_pubkey(mbedtls_pk_rsa(*pk), p, end); } else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) @@ -1098,7 +1098,7 @@ static int pk_parse_key_pkcs8_unencrypted_der( #if defined(MBEDTLS_RSA_C) if (pk_alg == MBEDTLS_PK_RSA) { - if ((ret = mbedtls_rsa_key_parse(mbedtls_pk_rsa(*pk), p, len)) != 0) { + if ((ret = mbedtls_rsa_parse_key(mbedtls_pk_rsa(*pk), p, len)) != 0) { mbedtls_pk_free(pk); return ret; } @@ -1288,7 +1288,7 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, if (ret == 0) { pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA); if ((ret = mbedtls_pk_setup(pk, pk_info)) != 0 || - (ret = mbedtls_rsa_key_parse(mbedtls_pk_rsa(*pk), + (ret = mbedtls_rsa_parse_key(mbedtls_pk_rsa(*pk), pem.buf, pem.buflen)) != 0) { mbedtls_pk_free(pk); } @@ -1429,7 +1429,7 @@ int mbedtls_pk_parse_key(mbedtls_pk_context *pk, pk_info = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA); if (mbedtls_pk_setup(pk, pk_info) == 0 && - mbedtls_rsa_key_parse(mbedtls_pk_rsa(*pk), key, keylen) == 0) { + mbedtls_rsa_parse_key(mbedtls_pk_rsa(*pk), key, keylen) == 0) { return 0; } @@ -1504,7 +1504,7 @@ int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, return ret; } - if ((ret = mbedtls_rsa_pubkey_parse(mbedtls_pk_rsa(*ctx), &p, p + pem.buflen)) != 0) { + if ((ret = mbedtls_rsa_parse_pubkey(mbedtls_pk_rsa(*ctx), &p, p + pem.buflen)) != 0) { mbedtls_pk_free(ctx); } @@ -1551,7 +1551,7 @@ int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, } p = (unsigned char *) key; - ret = mbedtls_rsa_pubkey_parse(mbedtls_pk_rsa(*ctx), &p, p + keylen); + ret = mbedtls_rsa_parse_pubkey(mbedtls_pk_rsa(*ctx), &p, p + keylen); if (ret == 0) { return ret; } diff --git a/library/pkwrite.c b/library/pkwrite.c index 91529eb75..b9ddcf1d8 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -78,7 +78,7 @@ static int pk_write_rsa_der(unsigned char **p, unsigned char *buf, return (int) len; } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - return mbedtls_rsa_key_write(mbedtls_pk_rsa(*pk), buf, p); + return mbedtls_rsa_write_key(mbedtls_pk_rsa(*pk), buf, p); } #endif /* MBEDTLS_RSA_C */ @@ -416,7 +416,7 @@ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, #if defined(MBEDTLS_RSA_C) if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { - MBEDTLS_ASN1_CHK_ADD(len, mbedtls_rsa_pubkey_write(mbedtls_pk_rsa(*key), start, p)); + MBEDTLS_ASN1_CHK_ADD(len, mbedtls_rsa_write_pubkey(mbedtls_pk_rsa(*key), start, p)); } else #endif #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index cfa2da619..0047a26bf 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -71,11 +71,11 @@ psa_status_t mbedtls_psa_rsa_load_representation( /* Parse the data. */ if (PSA_KEY_TYPE_IS_KEY_PAIR(type)) { - status = mbedtls_to_psa_error(mbedtls_rsa_key_parse(*p_rsa, data, data_length)); + status = mbedtls_to_psa_error(mbedtls_rsa_parse_key(*p_rsa, data, data_length)); } else { unsigned char *p = data; unsigned char *end = (data + data_length); - status = mbedtls_to_psa_error(mbedtls_rsa_pubkey_parse(*p_rsa, &p, end)); + status = mbedtls_to_psa_error(mbedtls_rsa_parse_pubkey(*p_rsa, &p, end)); } if (status != PSA_SUCCESS) { goto exit; @@ -163,9 +163,9 @@ psa_status_t mbedtls_psa_rsa_export_key(psa_key_type_t type, * representation of the non-encrypted PKCS#1 RSAPrivateKey for a * private key and of the RFC3279 RSAPublicKey for a public key. */ if (PSA_KEY_TYPE_IS_KEY_PAIR(type)) { - ret = mbedtls_rsa_key_write(rsa, data, &end); + ret = mbedtls_rsa_write_key(rsa, data, &end); } else { - ret = mbedtls_rsa_pubkey_write(rsa, data, &end); + ret = mbedtls_rsa_write_pubkey(rsa, data, &end); } if (ret < 0) { diff --git a/library/rsa.c b/library/rsa.c index b81039ceb..62b56cd25 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -46,7 +46,7 @@ #include "mbedtls/platform.h" -int mbedtls_rsa_key_parse(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen) +int mbedtls_rsa_parse_key(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen) { int ret, version; size_t len; @@ -192,7 +192,7 @@ cleanup: return ret; } -int mbedtls_rsa_pubkey_parse(mbedtls_rsa_context *rsa, unsigned char **p, +int mbedtls_rsa_parse_pubkey(mbedtls_rsa_context *rsa, unsigned char **p, const unsigned char *end) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -250,7 +250,7 @@ int mbedtls_rsa_pubkey_parse(mbedtls_rsa_context *rsa, unsigned char **p, return 0; } -int mbedtls_rsa_key_write(const mbedtls_rsa_context *rsa, unsigned char *start, +int mbedtls_rsa_write_key(const mbedtls_rsa_context *rsa, unsigned char *start, unsigned char **p) { size_t len = 0; @@ -342,7 +342,7 @@ end_of_export: * publicExponent INTEGER -- e * } */ -int mbedtls_rsa_pubkey_write(const mbedtls_rsa_context *rsa, unsigned char *start, +int mbedtls_rsa_write_pubkey(const mbedtls_rsa_context *rsa, unsigned char *start, unsigned char **p) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; diff --git a/library/rsa_internal.h b/library/rsa_internal.h index 6046850fc..7bbdc8c2b 100644 --- a/library/rsa_internal.h +++ b/library/rsa_internal.h @@ -28,7 +28,7 @@ * \return MBEDTLS_ERR_ASN1_xxx in case of ASN.1 parsing errors. * \return MBEDTLS_ERR_RSA_BAD_INPUT_DATA in case of invalid version. */ -int mbedtls_rsa_key_parse(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen); +int mbedtls_rsa_parse_key(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen); /** * \brief Parse a PKCS#1 (ASN.1) encoded public RSA key. @@ -44,7 +44,7 @@ int mbedtls_rsa_key_parse(mbedtls_rsa_context *rsa, const unsigned char *key, si * \return MBEDTLS_ERR_RSA_BAD_INPUT_DATA in case of importing or * priv/pub validation errors. */ -int mbedtls_rsa_pubkey_parse(mbedtls_rsa_context *rsa, unsigned char **p, +int mbedtls_rsa_parse_pubkey(mbedtls_rsa_context *rsa, unsigned char **p, const unsigned char *end); /** @@ -67,7 +67,7 @@ int mbedtls_rsa_pubkey_parse(mbedtls_rsa_context *rsa, unsigned char **p, * \note The output buffer is filled backward, i.e. starting from its * end and moving toward its start. */ -int mbedtls_rsa_key_write(const mbedtls_rsa_context *rsa, unsigned char *start, +int mbedtls_rsa_write_key(const mbedtls_rsa_context *rsa, unsigned char *start, unsigned char **p); /** @@ -90,7 +90,7 @@ int mbedtls_rsa_key_write(const mbedtls_rsa_context *rsa, unsigned char *start, * \note The output buffer is filled backward, i.e. starting from its * end and moving toward its start. */ -int mbedtls_rsa_pubkey_write(const mbedtls_rsa_context *rsa, unsigned char *start, +int mbedtls_rsa_write_pubkey(const mbedtls_rsa_context *rsa, unsigned char *start, unsigned char **p); #if defined(MBEDTLS_PKCS1_V21) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 44caacd6e..2cc9fc17e 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -1382,9 +1382,9 @@ void rsa_parse_pkcs1_key(int is_public, data_t *input, int exp_ret_val) mbedtls_rsa_init(&rsa_ctx); if (is_public) { - TEST_EQUAL(mbedtls_rsa_pubkey_parse(&rsa_ctx, &start, end), exp_ret_val); + TEST_EQUAL(mbedtls_rsa_parse_pubkey(&rsa_ctx, &start, end), exp_ret_val); } else { - TEST_EQUAL(mbedtls_rsa_key_parse(&rsa_ctx, input->x, input->len), exp_ret_val); + TEST_EQUAL(mbedtls_rsa_parse_key(&rsa_ctx, input->x, input->len), exp_ret_val); } exit: @@ -1410,12 +1410,12 @@ void rsa_parse_write_pkcs1_key(int is_public, data_t *input) /* Parse the key and write it back to output_buf. */ if (is_public) { - TEST_EQUAL(mbedtls_rsa_pubkey_parse(&rsa_ctx, &input_start, input_end), 0); + TEST_EQUAL(mbedtls_rsa_parse_pubkey(&rsa_ctx, &input_start, input_end), 0); TEST_ASSERT(input_start == input_end); - TEST_EQUAL(mbedtls_rsa_pubkey_write(&rsa_ctx, output_start, &output_end), input->len); + TEST_EQUAL(mbedtls_rsa_write_pubkey(&rsa_ctx, output_start, &output_end), input->len); } else { - TEST_EQUAL(mbedtls_rsa_key_parse(&rsa_ctx, input->x, input->len), 0); - TEST_EQUAL(mbedtls_rsa_key_write(&rsa_ctx, output_start, &output_end), input->len); + TEST_EQUAL(mbedtls_rsa_parse_key(&rsa_ctx, input->x, input->len), 0); + TEST_EQUAL(mbedtls_rsa_write_key(&rsa_ctx, output_start, &output_end), input->len); } /* This check holds because we alloacated an output buffer which is exactly * large enough to contain the written data. */ @@ -1444,9 +1444,9 @@ void rsa_key_write_incremental(int is_public, data_t *input) if (is_public) { start = input->x; end = input->x + input->len; - TEST_EQUAL(mbedtls_rsa_pubkey_parse(&rsa_ctx, &start, end), 0); + TEST_EQUAL(mbedtls_rsa_parse_pubkey(&rsa_ctx, &start, end), 0); } else { - TEST_EQUAL(mbedtls_rsa_key_parse(&rsa_ctx, input->x, input->len), 0); + TEST_EQUAL(mbedtls_rsa_parse_key(&rsa_ctx, input->x, input->len), 0); } for (i = 1; i < input->len; i++) { @@ -1454,9 +1454,9 @@ void rsa_key_write_incremental(int is_public, data_t *input) end = buf + i; /* We don't care much about the return value as long as it fails. */ if (is_public) { - TEST_ASSERT(mbedtls_rsa_pubkey_write(&rsa_ctx, buf, &end) != 0); + TEST_ASSERT(mbedtls_rsa_write_pubkey(&rsa_ctx, buf, &end) != 0); } else { - TEST_ASSERT(mbedtls_rsa_key_write(&rsa_ctx, buf, &end) != 0); + TEST_ASSERT(mbedtls_rsa_write_key(&rsa_ctx, buf, &end) != 0); } mbedtls_free(buf); buf = NULL; @@ -1467,9 +1467,9 @@ void rsa_key_write_incremental(int is_public, data_t *input) end = buf + i; if (is_public) { - TEST_ASSERT(mbedtls_rsa_pubkey_write(&rsa_ctx, buf, &end) != 0); + TEST_ASSERT(mbedtls_rsa_write_pubkey(&rsa_ctx, buf, &end) != 0); } else { - TEST_ASSERT(mbedtls_rsa_key_write(&rsa_ctx, buf, &end) > 0); + TEST_ASSERT(mbedtls_rsa_write_key(&rsa_ctx, buf, &end) > 0); } exit: From 201e643509f7ddb4a30805f48446c4712bb49dbd Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 1 Feb 2024 17:19:37 +0100 Subject: [PATCH 1589/1674] rsa: simplify mbedtls_rsa_parse_pubkey() input parameters In this way mbedtls_rsa_parse_pubkey() and mbedtls_rsa_parse_key() input parameter list is the same. Signed-off-by: Valerio Setti --- library/pkparse.c | 6 +-- library/psa_crypto_rsa.c | 4 +- library/rsa.c | 79 ++++++++++++++-------------- library/rsa_internal.h | 9 ++-- tests/suites/test_suite_rsa.function | 15 ++---- 5 files changed, 51 insertions(+), 62 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index b2127b2e5..a47815b84 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -850,7 +850,7 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, #if defined(MBEDTLS_RSA_C) if (pk_alg == MBEDTLS_PK_RSA) { - ret = mbedtls_rsa_parse_pubkey(mbedtls_pk_rsa(*pk), p, end); + ret = mbedtls_rsa_parse_pubkey(mbedtls_pk_rsa(*pk), *p, (size_t) (end - *p)); } else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) @@ -1504,7 +1504,7 @@ int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, return ret; } - if ((ret = mbedtls_rsa_parse_pubkey(mbedtls_pk_rsa(*ctx), &p, p + pem.buflen)) != 0) { + if ((ret = mbedtls_rsa_parse_pubkey(mbedtls_pk_rsa(*ctx), p, pem.buflen)) != 0) { mbedtls_pk_free(ctx); } @@ -1551,7 +1551,7 @@ int mbedtls_pk_parse_public_key(mbedtls_pk_context *ctx, } p = (unsigned char *) key; - ret = mbedtls_rsa_parse_pubkey(mbedtls_pk_rsa(*ctx), &p, p + keylen); + ret = mbedtls_rsa_parse_pubkey(mbedtls_pk_rsa(*ctx), p, keylen); if (ret == 0) { return ret; } diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 0047a26bf..4a574d1c7 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -73,9 +73,7 @@ psa_status_t mbedtls_psa_rsa_load_representation( if (PSA_KEY_TYPE_IS_KEY_PAIR(type)) { status = mbedtls_to_psa_error(mbedtls_rsa_parse_key(*p_rsa, data, data_length)); } else { - unsigned char *p = data; - unsigned char *end = (data + data_length); - status = mbedtls_to_psa_error(mbedtls_rsa_parse_pubkey(*p_rsa, &p, end)); + status = mbedtls_to_psa_error(mbedtls_rsa_parse_pubkey(*p_rsa, data, data_length)); } if (status != PSA_SUCCESS) { goto exit; diff --git a/library/rsa.c b/library/rsa.c index 62b56cd25..f4add9173 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -46,6 +46,34 @@ #include "mbedtls/platform.h" +/* + * Wrapper around mbedtls_asn1_get_mpi() that rejects zero. + * + * The value zero is: + * - never a valid value for an RSA parameter + * - interpreted as "omitted, please reconstruct" by mbedtls_rsa_complete(). + * + * Since values can't be omitted in PKCS#1, passing a zero value to + * rsa_complete() would be incorrect, so reject zero values early. + */ +static int asn1_get_nonzero_mpi(unsigned char **p, + const unsigned char *end, + mbedtls_mpi *X) +{ + int ret; + + ret = mbedtls_asn1_get_mpi(p, end, X); + if (ret != 0) { + return ret; + } + + if (mbedtls_mpi_cmp_int(X, 0) == 0) { + return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; + } + + return 0; +} + int mbedtls_rsa_parse_key(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen) { int ret, version; @@ -192,9 +220,10 @@ cleanup: return ret; } -int mbedtls_rsa_parse_pubkey(mbedtls_rsa_context *rsa, unsigned char **p, - const unsigned char *end) +int mbedtls_rsa_parse_pubkey(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen) { + unsigned char *p = (unsigned char *) key; + unsigned char *end = (unsigned char *) (key + keylen); int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; size_t len; @@ -205,45 +234,45 @@ int mbedtls_rsa_parse_pubkey(mbedtls_rsa_context *rsa, unsigned char **p, * } */ - if ((ret = mbedtls_asn1_get_tag(p, end, &len, + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) { return ret; } - if (*p + len != end) { + if (p + len != end) { return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; } /* Import N */ - if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { return ret; } - if ((ret = mbedtls_rsa_import_raw(rsa, *p, len, NULL, 0, NULL, 0, + if ((ret = mbedtls_rsa_import_raw(rsa, p, len, NULL, 0, NULL, 0, NULL, 0, NULL, 0)) != 0) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - *p += len; + p += len; /* Import E */ - if ((ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { + if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { return ret; } if ((ret = mbedtls_rsa_import_raw(rsa, NULL, 0, NULL, 0, NULL, 0, - NULL, 0, *p, len)) != 0) { + NULL, 0, p, len)) != 0) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - *p += len; + p += len; if (mbedtls_rsa_complete(rsa) != 0 || mbedtls_rsa_check_pubkey(rsa) != 0) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } - if (*p != end) { + if (p != end) { return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; } @@ -992,34 +1021,6 @@ size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx) return ctx->len; } -/* - * Wrapper around mbedtls_asn1_get_mpi() that rejects zero. - * - * The value zero is: - * - never a valid value for an RSA parameter - * - interpreted as "omitted, please reconstruct" by mbedtls_rsa_complete(). - * - * Since values can't be omitted in PKCS#1, passing a zero value to - * rsa_complete() would be incorrect, so reject zero values early. - */ -static int asn1_get_nonzero_mpi(unsigned char **p, - const unsigned char *end, - mbedtls_mpi *X) -{ - int ret; - - ret = mbedtls_asn1_get_mpi(p, end, X); - if (ret != 0) { - return ret; - } - - if (mbedtls_mpi_cmp_int(X, 0) == 0) { - return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; - } - - return 0; -} - #if defined(MBEDTLS_GENPRIME) /* diff --git a/library/rsa_internal.h b/library/rsa_internal.h index 7bbdc8c2b..acf14a2ff 100644 --- a/library/rsa_internal.h +++ b/library/rsa_internal.h @@ -34,18 +34,15 @@ int mbedtls_rsa_parse_key(mbedtls_rsa_context *rsa, const unsigned char *key, si * \brief Parse a PKCS#1 (ASN.1) encoded public RSA key. * * \param rsa The RSA context where parsed data will be stored. - * \param p Beginning of the buffer containing the key to be parsed. - * On successful return, the referenced pointer will be - * updated in order to point to the end of the parsed data. - * \param end End of the buffer containing the key to be parsed. + * \param key The buffer that contains the key. + * \param keylen The length of the key buffer in bytes. * * \return 0 on success. * \return MBEDTLS_ERR_ASN1_xxx in case of ASN.1 parsing errors. * \return MBEDTLS_ERR_RSA_BAD_INPUT_DATA in case of importing or * priv/pub validation errors. */ -int mbedtls_rsa_parse_pubkey(mbedtls_rsa_context *rsa, unsigned char **p, - const unsigned char *end); +int mbedtls_rsa_parse_pubkey(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen); /** * \brief Write a PKCS#1 (ASN.1) encoded private RSA key. diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 2cc9fc17e..357c6edc2 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -1376,13 +1376,11 @@ exit: void rsa_parse_pkcs1_key(int is_public, data_t *input, int exp_ret_val) { mbedtls_rsa_context rsa_ctx; - unsigned char *start = input->x; - unsigned char *end = input->x + input->len; mbedtls_rsa_init(&rsa_ctx); if (is_public) { - TEST_EQUAL(mbedtls_rsa_parse_pubkey(&rsa_ctx, &start, end), exp_ret_val); + TEST_EQUAL(mbedtls_rsa_parse_pubkey(&rsa_ctx, input->x, input->len), exp_ret_val); } else { TEST_EQUAL(mbedtls_rsa_parse_key(&rsa_ctx, input->x, input->len), exp_ret_val); } @@ -1396,8 +1394,6 @@ exit: void rsa_parse_write_pkcs1_key(int is_public, data_t *input) { mbedtls_rsa_context rsa_ctx; - unsigned char *input_start = input->x; - unsigned char *input_end = input->x + input->len; unsigned char *output_buf = NULL; unsigned char *output_start; unsigned char *output_end; @@ -1410,8 +1406,7 @@ void rsa_parse_write_pkcs1_key(int is_public, data_t *input) /* Parse the key and write it back to output_buf. */ if (is_public) { - TEST_EQUAL(mbedtls_rsa_parse_pubkey(&rsa_ctx, &input_start, input_end), 0); - TEST_ASSERT(input_start == input_end); + TEST_EQUAL(mbedtls_rsa_parse_pubkey(&rsa_ctx, input->x, input->len), 0); TEST_EQUAL(mbedtls_rsa_write_pubkey(&rsa_ctx, output_start, &output_end), input->len); } else { TEST_EQUAL(mbedtls_rsa_parse_key(&rsa_ctx, input->x, input->len), 0); @@ -1434,7 +1429,7 @@ exit: void rsa_key_write_incremental(int is_public, data_t *input) { mbedtls_rsa_context rsa_ctx; - unsigned char *buf = NULL, *start, *end; + unsigned char *buf = NULL, *end; size_t i; mbedtls_rsa_init(&rsa_ctx); @@ -1442,9 +1437,7 @@ void rsa_key_write_incremental(int is_public, data_t *input) /* This is supposed to succeed as the real target of this test are the * write attempt below. */ if (is_public) { - start = input->x; - end = input->x + input->len; - TEST_EQUAL(mbedtls_rsa_parse_pubkey(&rsa_ctx, &start, end), 0); + TEST_EQUAL(mbedtls_rsa_parse_pubkey(&rsa_ctx, input->x, input->len), 0); } else { TEST_EQUAL(mbedtls_rsa_parse_key(&rsa_ctx, input->x, input->len), 0); } From 5fe9f6699bef38d3af95ecb4cd222de318993078 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 1 Feb 2024 17:35:56 +0100 Subject: [PATCH 1590/1674] rsa_internal: update documentation for parse/write functions Signed-off-by: Valerio Setti --- library/rsa_internal.h | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/library/rsa_internal.h b/library/rsa_internal.h index acf14a2ff..4cb564efa 100644 --- a/library/rsa_internal.h +++ b/library/rsa_internal.h @@ -24,9 +24,11 @@ * \param key The buffer that contains the key. * \param keylen The length of the key buffer in bytes. * - * \return 0 in success - * \return MBEDTLS_ERR_ASN1_xxx in case of ASN.1 parsing errors. - * \return MBEDTLS_ERR_RSA_BAD_INPUT_DATA in case of invalid version. + * \return 0 on success. + * \return MBEDTLS_ERR_RSA_xxx in case of RSA internal failures while + * parsing data. + * \return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED if validity checks on the + * provided key fail. */ int mbedtls_rsa_parse_key(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen); @@ -39,8 +41,10 @@ int mbedtls_rsa_parse_key(mbedtls_rsa_context *rsa, const unsigned char *key, si * * \return 0 on success. * \return MBEDTLS_ERR_ASN1_xxx in case of ASN.1 parsing errors. - * \return MBEDTLS_ERR_RSA_BAD_INPUT_DATA in case of importing or - * priv/pub validation errors. + * \return MBEDTLS_ERR_RSA_xxx in case of RSA internal failures while + * parsing data. + * \return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED if validity checks on the + * provided key fail. */ int mbedtls_rsa_parse_pubkey(mbedtls_rsa_context *rsa, const unsigned char *key, size_t keylen); @@ -56,8 +60,8 @@ int mbedtls_rsa_parse_pubkey(mbedtls_rsa_context *rsa, const unsigned char *key, * * \return On success, the number of bytes written to the output buffer * (i.e. a value > 0). - * \return MBEDTLS_ERR_RSA_BAD_INPUT_DATA is the RSA context does not - * cointain valid. + * \return MBEDTLS_ERR_RSA_BAD_INPUT_DATA if the RSA context does not + * contain a valid key pair. * \return MBEDTLS_ERR_ASN1_xxx in case of failure while writing to the * output buffer. * @@ -79,8 +83,8 @@ int mbedtls_rsa_write_key(const mbedtls_rsa_context *rsa, unsigned char *start, * * \return On success, the number of bytes written to the output buffer * (i.e. a value > 0). - * \return MBEDTLS_ERR_RSA_BAD_INPUT_DATA is the RSA context does not - * cointain valid. + * \return MBEDTLS_ERR_RSA_BAD_INPUT_DATA if the RSA context does not + * contain a valid public key. * \return MBEDTLS_ERR_ASN1_xxx in case of failure while writing to the * output buffer. * From 56cfe2fab6e5c529be54256fa15c657952502323 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 1 Feb 2024 17:53:26 +0100 Subject: [PATCH 1591/1674] test_suite_rsa: improve rsa_parse_write_pkcs1_key() and rsa_key_write_incremental() Signed-off-by: Valerio Setti --- tests/suites/test_suite_rsa.function | 26 +++++++++++--------------- 1 file changed, 11 insertions(+), 15 deletions(-) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 357c6edc2..6d1a0f03c 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -1395,29 +1395,27 @@ void rsa_parse_write_pkcs1_key(int is_public, data_t *input) { mbedtls_rsa_context rsa_ctx; unsigned char *output_buf = NULL; - unsigned char *output_start; - unsigned char *output_end; - - TEST_CALLOC(output_buf, input->len); - output_start = output_buf; - output_end = output_buf + input->len; + unsigned char *output_end, *output_p; + size_t output_len; mbedtls_rsa_init(&rsa_ctx); + TEST_CALLOC(output_buf, input->len); + output_end = output_buf + input->len; + output_p = output_end; + /* Parse the key and write it back to output_buf. */ if (is_public) { TEST_EQUAL(mbedtls_rsa_parse_pubkey(&rsa_ctx, input->x, input->len), 0); - TEST_EQUAL(mbedtls_rsa_write_pubkey(&rsa_ctx, output_start, &output_end), input->len); + TEST_EQUAL(mbedtls_rsa_write_pubkey(&rsa_ctx, output_buf, &output_p), input->len); } else { TEST_EQUAL(mbedtls_rsa_parse_key(&rsa_ctx, input->x, input->len), 0); - TEST_EQUAL(mbedtls_rsa_write_key(&rsa_ctx, output_start, &output_end), input->len); + TEST_EQUAL(mbedtls_rsa_write_key(&rsa_ctx, output_buf, &output_p), input->len); } - /* This check holds because we alloacated an output buffer which is exactly - * large enough to contain the written data. */ - TEST_ASSERT(output_end == output_start); + output_len = output_end - output_p; /* Check that the written key matches with the one provided in input. */ - TEST_MEMORY_COMPARE(output_buf, input->len, input->x, input->len); + TEST_MEMORY_COMPARE(output_p, output_len, input->x, input->len); exit: mbedtls_free(output_buf); @@ -1466,9 +1464,7 @@ void rsa_key_write_incremental(int is_public, data_t *input) } exit: - if (buf != NULL) { - mbedtls_free(buf); - } + mbedtls_free(buf); mbedtls_rsa_free(&rsa_ctx); } /* END_CASE */ From 164537c4a65b66dcd57a0a2e074304c5ffb9cf03 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 1 Feb 2024 18:05:47 +0100 Subject: [PATCH 1592/1674] tls13: early data: Improve, add comments Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 5 +++-- library/ssl_msg.c | 4 ++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 5644f08c8..2aae32ea2 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2074,7 +2074,8 @@ void mbedtls_ssl_conf_authmode(mbedtls_ssl_config *conf, int authmode); * namely mbedtls_ssl_handshake(), mbedtls_ssl_handshake_step(), * mbedtls_ssl_read() or mbedtls_ssl_write() may return with the error code * MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA indicating that some early data have - * been received. To read the early data, call mbedtls_ssl_read_early_data(). + * been received. To read the early data, call mbedtls_ssl_read_early_data() + * before calling the original function again. * * \warning This interface is experimental and may change without notice. * @@ -5124,7 +5125,7 @@ int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl); * * \note This API is server specific. * - * \note Early data is defined in the TLS 1.3 specification, RFC 8446. + * \warning Early data is defined in the TLS 1.3 specification, RFC 8446. * IMPORTANT NOTE from section 2.3 of the specification: * * The security properties for 0-RTT data are weaker than diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 3547f6798..20501c940 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -5873,6 +5873,10 @@ int mbedtls_ssl_read_early_data(mbedtls_ssl_context *ssl, return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } + /* + * The server may receive early data only while waiting for the End of + * Early Data handshake message. + */ if ((ssl->state != MBEDTLS_SSL_END_OF_EARLY_DATA) || (ssl->in_offt == NULL)) { return MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA; From 3b9034544e7fd2f5dc634795c8c3996506de7a10 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 1 Feb 2024 18:11:05 +0100 Subject: [PATCH 1593/1674] Revert "tls13: Introduce early_data_state SSL context field" This reverts commit 0883b8b625a5531f2fc8a61b6b0417f00f76f91e. Due to the scope reduction of mbedtls_ssl_read_early_data() it is not necessary anymore to refine the usage of early_data_status/state rather the opposite. Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 61 +++++++++---------------------------- library/ssl_debug_helpers.h | 5 --- library/ssl_misc.h | 24 +++++++++++++++ library/ssl_tls.c | 8 ++++- library/ssl_tls13_client.c | 14 ++++----- library/ssl_tls13_server.c | 22 ++++++------- 6 files changed, 64 insertions(+), 70 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 2aae32ea2..635804d3a 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1622,49 +1622,6 @@ struct mbedtls_ssl_config { #endif }; -#if defined(MBEDTLS_SSL_EARLY_DATA) -enum mbedtls_ssl_cli_early_data_state { - MBEDTLS_SSL_CLI_EARLY_DATA_STATE_NOT_SENT, - MBEDTLS_SSL_CLI_EARLY_DATA_STATE_ACCEPTED, - MBEDTLS_SSL_CLI_EARLY_DATA_STATE_REJECTED -}; - -/* - * MBEDTLS_SSL_SRV_EARLY_DATA_STATE_WAITING_CH: - * The server is waiting for the ClientHello. - * - * MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING: - * The server has received a ClientHello indicating early data and has - * accepted them. It is now expecting early data and the end of early - * data message. - * - * MBEDTLS_SSL_SRV_EARLY_DATA_STATE_REJECTED: - * The server has received a ClientHello indicating early data and has - * rejected them. - * - * MBEDTLS_SSL_SRV_EARLY_DATA_STATE_NOT_RECEIVED: - * The server has received a ClientHello, no indication of early data. - * - * MBEDTLS_SSL_SRV_EARLY_DATA_STATE_EOED_RECEIVED - * The server has received the early data extension, it has accepted early - * data and received the end of early data message from the client marking - * the end of early data reception. - */ - -enum mbedtls_ssl_srv_early_data_state { - MBEDTLS_SSL_SRV_EARLY_DATA_STATE_WAITING_CH, - MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING, - MBEDTLS_SSL_SRV_EARLY_DATA_STATE_REJECTED, - MBEDTLS_SSL_SRV_EARLY_DATA_STATE_NOT_RECEIVED, - MBEDTLS_SSL_SRV_EARLY_DATA_STATE_EOED_RECEIVED -}; - -union mbedtls_ssl_early_data_state { - enum mbedtls_ssl_cli_early_data_state cli; - enum mbedtls_ssl_srv_early_data_state srv; -}; -#endif /* MBEDTLS_SSL_EARLY_DATA */ - struct mbedtls_ssl_context { const mbedtls_ssl_config *MBEDTLS_PRIVATE(conf); /*!< configuration information */ @@ -1699,10 +1656,22 @@ struct mbedtls_ssl_context { #if defined(MBEDTLS_SSL_EARLY_DATA) /** - * State of the sending (client side) or reception (server side) of early - * data. Reset to the initial state at the beginning of a new handshake. + * On client side, status of the negotiation of the use of early data. + * See the documentation of mbedtls_ssl_get_early_data_status() for more + * information. + * + * On server side, internal only, status of early data in the course of an + * handshake. One of MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN, + * #MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED, + * #MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED, + * MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED and + * MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED. + * + * Reset to #MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT or + * MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN, at the beginning of a new + * handshake. */ - union mbedtls_ssl_early_data_state MBEDTLS_PRIVATE(early_data_state); + int MBEDTLS_PRIVATE(early_data_status); #endif unsigned MBEDTLS_PRIVATE(badmac_seen); /*!< records with a bad MAC received */ diff --git a/library/ssl_debug_helpers.h b/library/ssl_debug_helpers.h index 3410c9022..2b0e73772 100644 --- a/library/ssl_debug_helpers.h +++ b/library/ssl_debug_helpers.h @@ -49,11 +49,6 @@ void mbedtls_ssl_print_ticket_flags(const mbedtls_ssl_context *ssl, unsigned int flags); #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(MBEDTLS_SSL_EARLY_DATA) -const char *mbedtls_ssl_cli_early_data_state_str(enum mbedtls_ssl_cli_early_data_state in); -const char *mbedtls_ssl_srv_early_data_state_str(enum mbedtls_ssl_srv_early_data_state in); -#endif - #define MBEDTLS_SSL_PRINT_EXTS(level, hs_msg_type, extensions_mask) \ mbedtls_ssl_print_extensions(ssl, level, __FILE__, __LINE__, \ hs_msg_type, extensions_mask, NULL) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 2a488bbdb..943940826 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2130,6 +2130,30 @@ int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, unsigned char *buf, const unsigned char *end, size_t *out_len); + +#if defined(MBEDTLS_SSL_SRV_C) +/* Additional internal early data status, server side only. */ +/* + * The server has not received the ClientHello yet, the status of early data + * is thus unknown. + */ +#define MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN \ + MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT + +/* + * The server has received the ClientHello, it contained no early data + * extension. + */ +#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED 3 + +/* + * The server has received the early data extension, it has accepted early + * data and received the end of early data message from the client marking the + * end of early data reception. + */ +#define MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED 4 +#endif /* MBEDTLS_SSL_SRV_C */ + #endif /* MBEDTLS_SSL_EARLY_DATA */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 50a8cd209..72db821a6 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1099,7 +1099,13 @@ static int ssl_handshake_init(mbedtls_ssl_context *ssl) } #if defined(MBEDTLS_SSL_EARLY_DATA) - ssl->early_data_state.cli = 0; +#if defined(MBEDTLS_SSL_SRV_C) + MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN == 0, + "MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN not equal to 0"); +#endif + MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT == 0, + "MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT not equal to 0"); + ssl->early_data_status = 0; #endif /* Initialize structures */ diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 94bbfe85a..76f0f1896 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1195,10 +1195,10 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, * `accepted` if the EncryptedExtension message contain an early data * indication extension. */ - ssl->early_data_state.cli = MBEDTLS_SSL_CLI_EARLY_DATA_STATE_REJECTED; + ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED; } else { MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write early_data extension")); - ssl->early_data_state.cli = MBEDTLS_SSL_CLI_EARLY_DATA_STATE_NOT_SENT; + ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT; } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -1235,7 +1235,7 @@ int mbedtls_ssl_tls13_finalize_client_hello(mbedtls_ssl_context *ssl) size_t psk_len; const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - if (ssl->early_data_state.cli == MBEDTLS_SSL_CLI_EARLY_DATA_STATE_REJECTED) { + if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED) { MBEDTLS_SSL_DEBUG_MSG( 1, ("Set hs psk for early data when writing the first psk")); @@ -1916,7 +1916,7 @@ static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl) * cases we compute it here. */ #if defined(MBEDTLS_SSL_EARLY_DATA) - if (ssl->early_data_state.cli == MBEDTLS_SSL_CLI_EARLY_DATA_STATE_NOT_SENT || + if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT || handshake->key_exchange_mode == MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL) #endif @@ -2228,7 +2228,7 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; } - ssl->early_data_state.cli = MBEDTLS_SSL_CLI_EARLY_DATA_STATE_ACCEPTED; + ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED; } #endif @@ -2565,9 +2565,9 @@ static int ssl_tls13_process_server_finished(mbedtls_ssl_context *ssl) } #if defined(MBEDTLS_SSL_EARLY_DATA) - if (ssl->early_data_state.cli == MBEDTLS_SSL_CLI_EARLY_DATA_STATE_ACCEPTED) { + if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_END_OF_EARLY_DATA); - } else if (ssl->early_data_state.cli == MBEDTLS_SSL_CLI_EARLY_DATA_STATE_REJECTED) { + } else if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED) { mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE); } else #endif /* MBEDTLS_SSL_EARLY_DATA */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 5b90dd5c7..4bdb7e7b8 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1780,8 +1780,8 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_EARLY_DATA) -static void ssl_tls13_update_early_data_state(mbedtls_ssl_context *ssl, - int hrr_required) +static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl, + int hrr_required) { mbedtls_ssl_handshake_params *handshake = ssl->handshake; @@ -1789,11 +1789,11 @@ static void ssl_tls13_update_early_data_state(mbedtls_ssl_context *ssl, MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) == 0) { MBEDTLS_SSL_DEBUG_MSG( 1, ("EarlyData: no early data extension received.")); - ssl->early_data_state.srv = MBEDTLS_SSL_SRV_EARLY_DATA_STATE_NOT_RECEIVED; + ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED; return; } - ssl->early_data_state.srv = MBEDTLS_SSL_SRV_EARLY_DATA_STATE_REJECTED; + ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED; if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_DISABLED) { MBEDTLS_SSL_DEBUG_MSG( @@ -1856,7 +1856,7 @@ static void ssl_tls13_update_early_data_state(mbedtls_ssl_context *ssl, return; } - ssl->early_data_state.srv = MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING; + ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED; } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -1890,9 +1890,9 @@ static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_EARLY_DATA) /* There is enough information, update early data status. */ - ssl_tls13_update_early_data_state(ssl, hrr_required); + ssl_tls13_update_early_data_status(ssl, hrr_required); - if (ssl->early_data_state.srv == MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING) { + if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { ret = mbedtls_ssl_tls13_compute_early_transform(ssl); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET( @@ -2541,7 +2541,7 @@ static int ssl_tls13_write_encrypted_extensions_body(mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_EARLY_DATA) - if (ssl->early_data_state.srv == MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING) { + if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { ret = mbedtls_ssl_tls13_write_early_data_ext( ssl, 0, p, end, &output_len); if (ret != 0) { @@ -2868,7 +2868,7 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) } #if defined(MBEDTLS_SSL_EARLY_DATA) - if (ssl->early_data_state.srv == MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING) { + if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { /* See RFC 8446 section A.2 for more information */ MBEDTLS_SSL_DEBUG_MSG( 1, ("Switch to early keys for inbound traffic. " @@ -3015,8 +3015,8 @@ static int ssl_tls13_process_end_of_early_data(mbedtls_ssl_context *ssl) MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_end_of_early_data( ssl, buf, buf + buf_len)); - ssl->early_data_state.srv = - MBEDTLS_SSL_SRV_EARLY_DATA_STATE_EOED_RECEIVED; + ssl->early_data_status = + MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED; MBEDTLS_SSL_DEBUG_MSG( 1, ("Switch to handshake keys for inbound traffic" From 78a38f607cdc4fc5292eefa6d6489a49bc9b1e58 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 1 Feb 2024 18:30:31 +0100 Subject: [PATCH 1594/1674] tls13: srv: Do not use early_data_status Due to the scope reduction for mbedtls_ssl_read_early_data(), on server as early data state variable we now only need a flag in the handshake context indicating if the server has accepted early data or not. Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 16 +++--------- library/ssl_misc.h | 28 +++------------------ library/ssl_tls.c | 10 ++------ library/ssl_tls13_server.c | 37 +++++++++++----------------- tests/suites/test_suite_ssl.function | 3 +-- 5 files changed, 26 insertions(+), 68 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 635804d3a..b0633609d 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1654,22 +1654,14 @@ struct mbedtls_ssl_context { */ mbedtls_ssl_protocol_version MBEDTLS_PRIVATE(tls_version); -#if defined(MBEDTLS_SSL_EARLY_DATA) +#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C) /** - * On client side, status of the negotiation of the use of early data. + * Status of the negotiation of the use of early data. * See the documentation of mbedtls_ssl_get_early_data_status() for more * information. * - * On server side, internal only, status of early data in the course of an - * handshake. One of MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN, - * #MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED, - * #MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED, - * MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED and - * MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED. - * - * Reset to #MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT or - * MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN, at the beginning of a new - * handshake. + * Reset to #MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT when the context is + * reset. */ int MBEDTLS_PRIVATE(early_data_status); #endif diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 943940826..c9632f97b 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -650,6 +650,10 @@ struct mbedtls_ssl_handshake_params { /* Flag indicating if a CertificateRequest message has been sent * to the client or not. */ uint8_t certificate_request_sent; +#if defined(MBEDTLS_SSL_EARLY_DATA) + /* Flag indicating if the server has accepted early data or not. */ + uint8_t early_data_accepted; +#endif #endif /* MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_SESSION_TICKETS) @@ -2130,30 +2134,6 @@ int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl, unsigned char *buf, const unsigned char *end, size_t *out_len); - -#if defined(MBEDTLS_SSL_SRV_C) -/* Additional internal early data status, server side only. */ -/* - * The server has not received the ClientHello yet, the status of early data - * is thus unknown. - */ -#define MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN \ - MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT - -/* - * The server has received the ClientHello, it contained no early data - * extension. - */ -#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED 3 - -/* - * The server has received the early data extension, it has accepted early - * data and received the end of early data message from the client marking the - * end of early data reception. - */ -#define MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED 4 -#endif /* MBEDTLS_SSL_SRV_C */ - #endif /* MBEDTLS_SSL_EARLY_DATA */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 72db821a6..c952add9b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1098,14 +1098,8 @@ static int ssl_handshake_init(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_ALLOC_FAILED; } -#if defined(MBEDTLS_SSL_EARLY_DATA) -#if defined(MBEDTLS_SSL_SRV_C) - MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN == 0, - "MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN not equal to 0"); -#endif - MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT == 0, - "MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT not equal to 0"); - ssl->early_data_status = 0; +#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C) + ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT; #endif /* Initialize structures */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 4bdb7e7b8..8bd70ef02 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1780,8 +1780,8 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_EARLY_DATA) -static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl, - int hrr_required) +static int ssl_tls13_is_early_data_accepted(mbedtls_ssl_context *ssl, + int hrr_required) { mbedtls_ssl_handshake_params *handshake = ssl->handshake; @@ -1789,22 +1789,19 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl, MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) == 0) { MBEDTLS_SSL_DEBUG_MSG( 1, ("EarlyData: no early data extension received.")); - ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED; - return; + return 0; } - ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED; - if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_DISABLED) { MBEDTLS_SSL_DEBUG_MSG( 1, ("EarlyData: rejected, feature disabled in server configuration.")); - return; + return 0; } if (hrr_required) { MBEDTLS_SSL_DEBUG_MSG(1, ("EarlyData: rejected, HRR required.")); - return; + return 0; } if (!handshake->resume) { @@ -1813,7 +1810,7 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl, resumption. */ MBEDTLS_SSL_DEBUG_MSG( 1, ("EarlyData: rejected, not a session resumption.")); - return; + return 0; } /* RFC 8446 4.2.10 @@ -1836,7 +1833,7 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ("EarlyData: rejected, the selected key in " "`pre_shared_key` is not the first one.")); - return; + return 0; } if (handshake->ciphersuite_info->id != @@ -1844,7 +1841,7 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ("EarlyData: rejected, the selected ciphersuite is not the one " "of the selected pre-shared key.")); - return; + return 0; } @@ -1853,11 +1850,10 @@ static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl, 1, ("EarlyData: rejected, early_data not allowed in ticket " "permission bits.")); - return; + return 0; } - ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED; - + return 1; } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -1889,10 +1885,10 @@ static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_EARLY_DATA) - /* There is enough information, update early data status. */ - ssl_tls13_update_early_data_status(ssl, hrr_required); + ssl->handshake->early_data_accepted = + ssl_tls13_is_early_data_accepted(ssl, hrr_required); - if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { + if (ssl->handshake->early_data_accepted) { ret = mbedtls_ssl_tls13_compute_early_transform(ssl); if (ret != 0) { MBEDTLS_SSL_DEBUG_RET( @@ -2541,7 +2537,7 @@ static int ssl_tls13_write_encrypted_extensions_body(mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_ALPN */ #if defined(MBEDTLS_SSL_EARLY_DATA) - if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { + if (ssl->handshake->early_data_accepted) { ret = mbedtls_ssl_tls13_write_early_data_ext( ssl, 0, p, end, &output_len); if (ret != 0) { @@ -2868,7 +2864,7 @@ static int ssl_tls13_write_server_finished(mbedtls_ssl_context *ssl) } #if defined(MBEDTLS_SSL_EARLY_DATA) - if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) { + if (ssl->handshake->early_data_accepted) { /* See RFC 8446 section A.2 for more information */ MBEDTLS_SSL_DEBUG_MSG( 1, ("Switch to early keys for inbound traffic. " @@ -3015,9 +3011,6 @@ static int ssl_tls13_process_end_of_early_data(mbedtls_ssl_context *ssl) MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_end_of_early_data( ssl, buf, buf + buf_len)); - ssl->early_data_status = - MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED; - MBEDTLS_SSL_DEBUG_MSG( 1, ("Switch to handshake keys for inbound traffic" "( K_recv = handshake )")); diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index d26407e2d..12b048f38 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3768,8 +3768,7 @@ void tls13_early_data() &(server_ep.ssl), &(client_ep.ssl), MBEDTLS_SSL_CLIENT_FINISHED), 0); - TEST_EQUAL(server_ep.ssl.early_data_status, - MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED); + TEST_EQUAL(server_ep.ssl.handshake->early_data_accepted, 1); TEST_EQUAL(server_pattern.counter, 1); exit: From 38dbab9f8d3adaba6ffb12769d420565d365e060 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 1 Feb 2024 19:31:56 +0100 Subject: [PATCH 1595/1674] tests: ssl: Adjust early data test Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.function | 28 ++++++++++------------------ 1 file changed, 10 insertions(+), 18 deletions(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 12b048f38..2d1a757e4 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -12,8 +12,7 @@ #define SSL_MESSAGE_QUEUE_INIT { NULL, 0, 0, 0 } -#if (!defined(MBEDTLS_SSL_PROTO_TLS1_2)) && \ - defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C) && \ +#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C) && \ defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_DEBUG_C) && \ defined(MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE) && \ defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) && \ @@ -3662,12 +3661,7 @@ exit: } /* END_CASE */ -/* - * The !MBEDTLS_SSL_PROTO_TLS1_2 dependency of tls13_early_data() below is - * a temporary workaround to not run the test in Windows-2013 where there is - * an issue with mbedtls_vsnprintf(). - */ -/* BEGIN_CASE depends_on:!MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_EARLY_DATA:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_DEBUG_C:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_SSL_SESSION_TICKETS */ +/* BEGIN_CASE depends_on:MBEDTLS_SSL_EARLY_DATA:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_DEBUG_C:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_SSL_SESSION_TICKETS */ void tls13_early_data() { int ret = -1; @@ -3678,7 +3672,6 @@ void tls13_early_data() mbedtls_test_handshake_test_options client_options; mbedtls_test_handshake_test_options server_options; mbedtls_ssl_session saved_session; - mbedtls_test_ssl_log_pattern server_pattern = { NULL, 0 }; /* * Test set-up @@ -3699,9 +3692,6 @@ void tls13_early_data() mbedtls_ssl_conf_early_data(&client_ep.conf, MBEDTLS_SSL_EARLY_DATA_ENABLED); server_options.pk_alg = MBEDTLS_PK_ECDSA; - server_options.srv_log_fun = mbedtls_test_ssl_log_analyzer; - server_options.srv_log_obj = &server_pattern; - server_pattern.pattern = early_data; ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER, &server_options, NULL, NULL, NULL, NULL); @@ -3750,15 +3740,12 @@ void tls13_early_data() ret = mbedtls_ssl_set_session(&(client_ep.ssl), &saved_session); TEST_EQUAL(ret, 0); - mbedtls_debug_set_threshold(3); - TEST_EQUAL(mbedtls_test_move_handshake_to_state( &(client_ep.ssl), &(server_ep.ssl), MBEDTLS_SSL_SERVER_HELLO), 0); TEST_ASSERT(client_ep.ssl.early_data_status != MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT); - TEST_EQUAL(server_pattern.counter, 0); ret = write_early_data(&(client_ep.ssl), (unsigned char *) early_data, early_data_len); @@ -3766,10 +3753,16 @@ void tls13_early_data() TEST_EQUAL(mbedtls_test_move_handshake_to_state( &(server_ep.ssl), &(client_ep.ssl), - MBEDTLS_SSL_CLIENT_FINISHED), 0); + MBEDTLS_SSL_CLIENT_FINISHED), MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA); TEST_EQUAL(server_ep.ssl.handshake->early_data_accepted, 1); - TEST_EQUAL(server_pattern.counter, 1); + TEST_EQUAL(mbedtls_ssl_read_early_data(&(server_ep.ssl), buf, sizeof(buf)), + early_data_len); + TEST_MEMORY_COMPARE(buf, early_data_len, early_data, early_data_len); + + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_HANDSHAKE_OVER), 0); exit: mbedtls_test_ssl_endpoint_free(&client_ep, NULL); @@ -3777,7 +3770,6 @@ exit: mbedtls_test_free_handshake_options(&client_options); mbedtls_test_free_handshake_options(&server_options); mbedtls_ssl_session_free(&saved_session); - mbedtls_debug_set_threshold(0); PSA_DONE(); } /* END_CASE */ From e208b25b7942c3c5ee2c092363d2d38ee4d913cc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Feb 2024 20:42:21 +0100 Subject: [PATCH 1596/1674] Minor documentation improvements Signed-off-by: Gilles Peskine --- include/mbedtls/pk.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 54ca9adc8..7b41321f0 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -554,17 +554,17 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, * \p usage, exporting and copying the key, and * possibly other permissions as documented for the * \p usage parameter. - * The permitted algorithm is determined as follows + * The permitted algorithm policy is determined as follows * based on the #mbedtls_pk_type_t type of \p pk, * the chosen \p usage and other factors: - * - #MBEDTLS_PK_RSA with whose underlying + * - #MBEDTLS_PK_RSA whose underlying * #mbedtls_rsa_context has the padding mode * #MBEDTLS_RSA_PKCS_V15: * #PSA_ALG_RSA_PKCS1V15_SIGN(#PSA_ALG_ANY_HASH) * if \p usage is SIGN/VERIFY, and * #PSA_ALG_RSA_PKCS1V15_CRYPT * if \p usage is ENCRYPT/DECRYPT. - * - #MBEDTLS_PK_RSA with whose underlying + * - #MBEDTLS_PK_RSA whose underlying * #mbedtls_rsa_context has the padding mode * #MBEDTLS_RSA_PKCS_V21 and the digest type * corresponding to the PSA algorithm \c hash: @@ -581,7 +581,7 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, * - #MBEDTLS_PK_ECKEY_DH or #MBEDTLS_PK_ECKEY * if \p usage is DERIVE: * #PSA_ALG_ECDH. - * - #MBEDTLS_PK_OPAQUE: same as the algorithm policy + * - #MBEDTLS_PK_OPAQUE: same as the primary algorithm * set for the underlying PSA key, except that * sign/decrypt flags are removed if the type is * set to a public key type. From 19411635a5bf6f3c45744b82855f1aa3380f8a50 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Feb 2024 20:42:28 +0100 Subject: [PATCH 1597/1674] Test enrollment algorithm for the non-OPAQUE case Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.function | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 3fa7c7a1c..0711a93a9 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -1723,6 +1723,7 @@ void pk_get_psa_attributes(int pk_type, int from_pair, mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; //TODO: diversity psa_set_key_id(&attributes, key_id); psa_set_key_lifetime(&attributes, lifetime); + psa_set_key_enrollment_algorithm(&attributes, 42); psa_key_usage_t expected_usage = usage; /* Usage implied universally */ From 7e353ba37a70961f5eb934c2d5be190ad654cf51 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Feb 2024 20:46:19 +0100 Subject: [PATCH 1598/1674] Create auxiliary function for repeated code Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.function | 68 ++++++++++++----------------- 1 file changed, 28 insertions(+), 40 deletions(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 0711a93a9..14d049dfc 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -135,6 +135,32 @@ static int pk_genkey(mbedtls_pk_context *pk, int curve_or_keybits) return -1; } +#if defined(MBEDTLS_PSA_CRYPTO_C) +static psa_key_usage_t pk_get_psa_attributes_implied_usage( + psa_key_usage_t expected_usage) +{ + /* Usage implied universally */ + if (expected_usage & PSA_KEY_USAGE_SIGN_HASH) { + expected_usage |= PSA_KEY_USAGE_SIGN_MESSAGE; + } + if (expected_usage & PSA_KEY_USAGE_VERIFY_HASH) { + expected_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; + } + /* Usage implied by mbedtls_pk_get_psa_attributes() */ + if (expected_usage & PSA_KEY_USAGE_SIGN_HASH) { + expected_usage |= PSA_KEY_USAGE_VERIFY_HASH; + } + if (expected_usage & PSA_KEY_USAGE_SIGN_MESSAGE) { + expected_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; + } + if (expected_usage & PSA_KEY_USAGE_DECRYPT) { + expected_usage |= PSA_KEY_USAGE_ENCRYPT; + } + expected_usage |= PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY; + return expected_usage; +} +#endif /* MBEDTLS_PSA_CRYPTO_C */ + #if defined(MBEDTLS_RSA_C) int mbedtls_rsa_decrypt_func(void *ctx, size_t *olen, const unsigned char *input, unsigned char *output, @@ -1724,26 +1750,7 @@ void pk_get_psa_attributes(int pk_type, int from_pair, psa_set_key_id(&attributes, key_id); psa_set_key_lifetime(&attributes, lifetime); psa_set_key_enrollment_algorithm(&attributes, 42); - - psa_key_usage_t expected_usage = usage; - /* Usage implied universally */ - if (expected_usage & PSA_KEY_USAGE_SIGN_HASH) { - expected_usage |= PSA_KEY_USAGE_SIGN_MESSAGE; - } - if (expected_usage & PSA_KEY_USAGE_VERIFY_HASH) { - expected_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; - } - /* Usage implied by mbedtls_pk_get_psa_attributes() */ - if (expected_usage & PSA_KEY_USAGE_SIGN_HASH) { - expected_usage |= PSA_KEY_USAGE_VERIFY_HASH; - } - if (expected_usage & PSA_KEY_USAGE_SIGN_MESSAGE) { - expected_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; - } - if (expected_usage & PSA_KEY_USAGE_DECRYPT) { - expected_usage |= PSA_KEY_USAGE_ENCRYPT; - } - expected_usage |= PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY; + psa_key_usage_t expected_usage = pk_get_psa_attributes_implied_usage(usage); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) /* When the resulting algorithm is ECDSA, the compile-time configuration @@ -1795,26 +1802,7 @@ void pk_rsa_v21_get_psa_attributes(int md_type, int from_pair, if (!to_pair) { expected_psa_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(expected_psa_type); } - - psa_key_usage_t expected_usage = usage; - /* Usage implied universally */ - if (expected_usage & PSA_KEY_USAGE_SIGN_HASH) { - expected_usage |= PSA_KEY_USAGE_SIGN_MESSAGE; - } - if (expected_usage & PSA_KEY_USAGE_VERIFY_HASH) { - expected_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; - } - /* Usage implied by mbedtls_pk_get_psa_attributes() */ - if (expected_usage & PSA_KEY_USAGE_SIGN_HASH) { - expected_usage |= PSA_KEY_USAGE_VERIFY_HASH; - } - if (expected_usage & PSA_KEY_USAGE_SIGN_MESSAGE) { - expected_usage |= PSA_KEY_USAGE_VERIFY_MESSAGE; - } - if (expected_usage & PSA_KEY_USAGE_DECRYPT) { - expected_usage |= PSA_KEY_USAGE_ENCRYPT; - } - expected_usage |= PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY; + psa_key_usage_t expected_usage = pk_get_psa_attributes_implied_usage(usage); TEST_EQUAL(mbedtls_pk_get_psa_attributes(&pk, usage, &attributes), 0); From ae2668be973fac1a437955c0e61fda636ee9a647 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Feb 2024 20:48:04 +0100 Subject: [PATCH 1599/1674] Don't use mbedtls_pk_ec in our own code Signed-off-by: Gilles Peskine --- library/pk.c | 2 +- tests/suites/test_suite_pk.function | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/library/pk.c b/library/pk.c index 3f2878738..696e7e507 100644 --- a/library/pk.c +++ b/library/pk.c @@ -475,7 +475,7 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, size_t bits = psa_get_key_bits(&old_attributes); psa_ecc_family_t family = PSA_KEY_TYPE_ECC_GET_FAMILY(old_type); #else - mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk); + const mbedtls_ecp_keypair *ec = mbedtls_pk_ec_ro(*pk); int has_private = (ec->d.n != 0); size_t bits = 0; psa_ecc_family_t family = diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 14d049dfc..706bb7086 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -287,7 +287,7 @@ static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair, pk->pub_raw, pk->pub_raw_len, &pk->priv_id)); #else - mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*pk); + mbedtls_ecp_keypair *ec = mbedtls_pk_ec_rw(*pk); mbedtls_mpi_free(&ec->d); #endif } From 0aad5f8f34bb6a6ecf2e30c6d01dde4c77944e30 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Feb 2024 20:49:46 +0100 Subject: [PATCH 1600/1674] Copypasta Signed-off-by: Gilles Peskine --- library/pk.c | 1 - 1 file changed, 1 deletion(-) diff --git a/library/pk.c b/library/pk.c index 696e7e507..c32294d43 100644 --- a/library/pk.c +++ b/library/pk.c @@ -553,7 +553,6 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, return MBEDTLS_ERR_PK_TYPE_MISMATCH; } break; - break; default: return MBEDTLS_ERR_PK_TYPE_MISMATCH; } From 2e54854d16ff84d8d2277134b1a14bd507f4a742 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Feb 2024 20:50:00 +0100 Subject: [PATCH 1601/1674] Copypasta Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index e64f9b761..204f58cc8 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -701,7 +701,7 @@ PSA attributes for pk: RSA usage=DECRYPT|EXPORT (bad) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_EXPORT:MBEDTLS_ERR_PK_TYPE_MISMATCH -# Bad usage due to not specifying more than one of sign/crypt/derive. +# Bad usage due to specifying more than one of sign/crypt/derive. PSA attributes for pk: RSA usage=DECRYPT|SIGN_MESSAGE (bad) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:1:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH From e2a77f21ea79063a1e9dd025447cf927283ff222 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Feb 2024 20:50:24 +0100 Subject: [PATCH 1602/1674] Use PSA_INIT with test that requires PSA USE_PSA_INIT is for test code that doesn't use PSA functions when USE_PSA_CRYPTO is disabled. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.function | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 706bb7086..7969d22b0 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -1867,7 +1867,7 @@ void pk_get_psa_attributes_opaque(int o_type_arg, int o_bits_arg, psa_key_usage_t usage = usage_arg; psa_key_usage_t expected_usage = expected_usage_arg; - USE_PSA_INIT(); + PSA_INIT(); psa_set_key_type(&attributes, o_type); psa_set_key_bits(&attributes, bits); @@ -1899,6 +1899,6 @@ exit: mbedtls_pk_free(&pk); psa_destroy_key(key_id); psa_reset_key_attributes(&attributes); - USE_PSA_DONE(); + PSA_DONE(); } /* END_CASE */ From e45d51f7b58deb9ad4e246d111b26af3bdfc8698 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Feb 2024 20:53:11 +0100 Subject: [PATCH 1603/1674] Clearer variable names Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.function | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 7969d22b0..3d7a1798d 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -1850,8 +1850,8 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */ -void pk_get_psa_attributes_opaque(int o_type_arg, int o_bits_arg, - int o_usage_arg, int o_alg_arg, +void pk_get_psa_attributes_opaque(int from_type_arg, int from_bits_arg, + int from_usage_arg, int from_alg_arg, int usage_arg, int expected_ret, int to_pair, int expected_usage_arg) @@ -1860,18 +1860,18 @@ void pk_get_psa_attributes_opaque(int o_type_arg, int o_bits_arg, mbedtls_pk_init(&pk); psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; - psa_key_type_t o_type = o_type_arg; - size_t bits = o_bits_arg; - psa_key_usage_t o_usage = o_usage_arg; - psa_algorithm_t alg = o_alg_arg; + psa_key_type_t from_type = from_type_arg; + size_t bits = from_bits_arg; + psa_key_usage_t from_usage = from_usage_arg; + psa_algorithm_t alg = from_alg_arg; psa_key_usage_t usage = usage_arg; psa_key_usage_t expected_usage = expected_usage_arg; PSA_INIT(); - psa_set_key_type(&attributes, o_type); + psa_set_key_type(&attributes, from_type); psa_set_key_bits(&attributes, bits); - psa_set_key_usage_flags(&attributes, o_usage); + psa_set_key_usage_flags(&attributes, from_usage); psa_set_key_algorithm(&attributes, alg); psa_set_key_enrollment_algorithm(&attributes, 42); //TODO: test with persistent key @@ -1879,7 +1879,7 @@ void pk_get_psa_attributes_opaque(int o_type_arg, int o_bits_arg, TEST_EQUAL(mbedtls_pk_setup_opaque(&pk, key_id), 0); psa_key_type_t expected_psa_type = - to_pair ? o_type : PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(o_type); + to_pair ? from_type : PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(from_type); TEST_EQUAL(mbedtls_pk_get_psa_attributes(&pk, usage, &attributes), expected_ret); From e8209752440abd4f2014e71e7a0aa018ad247db4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Feb 2024 21:00:33 +0100 Subject: [PATCH 1604/1674] Fix comment Signed-off-by: Gilles Peskine --- library/pk.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pk.c b/library/pk.c index c32294d43..80e30bea0 100644 --- a/library/pk.c +++ b/library/pk.c @@ -424,7 +424,7 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, #if defined(MBEDTLS_RSA_C) case MBEDTLS_PK_RSA: { - int want_crypt = 0; /* 0: encrypt/decrypt; 1: sign/verify */ + int want_crypt = 0; /* 0: sign/verify; 1: encrypt/decrypt */ switch (usage) { case PSA_KEY_USAGE_SIGN_MESSAGE: case PSA_KEY_USAGE_SIGN_HASH: From 793920c1ffc64660835d1257afbc9daf3d16eb58 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Feb 2024 21:26:54 +0100 Subject: [PATCH 1605/1674] mbedtls_pk_get_psa_attributes: opaque: require specified usage In the MBEDTLS_PK_OPAQUE, have mbedtls_pk_get_psa_attributes() require the specified usage to be enabled for the specified key. Otherwise the following call to mbedtls_pk_import_into_psa() is unlikely to result in a key with a useful policy, so the call to mbedtls_pk_get_psa_attributes() was probably an error. Adjust the existing test cases accordingly and add a few negative test cases. Signed-off-by: Gilles Peskine --- include/mbedtls/pk.h | 1 + library/pk.c | 3 ++ tests/suites/test_suite_pk.data | 60 +++++++++++++++++++-------------- 3 files changed, 38 insertions(+), 26 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 7b41321f0..f218558b4 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -585,6 +585,7 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, * set for the underlying PSA key, except that * sign/decrypt flags are removed if the type is * set to a public key type. + * The underlying key must allow \p usage. * Note that the enrollment algorithm set with * psa_set_key_enrollment_algorithm() is not copied. * diff --git a/library/pk.c b/library/pk.c index 80e30bea0..3b9c5376d 100644 --- a/library/pk.c +++ b/library/pk.c @@ -564,6 +564,9 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, new_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEY_PAIR(new_type); } more_usage = psa_get_key_usage_flags(&old_attributes); + if ((usage & more_usage) == 0) { + return MBEDTLS_ERR_PK_TYPE_MISMATCH; + } psa_set_key_type(attributes, new_type); psa_set_key_bits(attributes, psa_get_key_bits(&old_attributes)); psa_set_key_algorithm(attributes, psa_get_key_algorithm(&old_attributes)); diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 204f58cc8..0858163c9 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -988,9 +988,9 @@ PSA attributes for pk: ECKEY_DH public VERIFY_HASH (bad) depends_on:MBEDTLS_PK_HAVE_ECC_KEYS pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_VERIFY_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH -PSA attributes for pk: opaque RSA pair, 0 & SIGN_MESSAGE +PSA attributes for pk: opaque RSA pair, 0 & SIGN_MESSAGE (bad policy) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:0 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 PSA attributes for pk: opaque RSA pair, SIGN_MESSAGE & SIGN_MESSAGE depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME @@ -1008,23 +1008,31 @@ PSA attributes for pk: opaque RSA pair, SIGN|... & SIGN_MESSAGE depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT +PSA attributes for pk: opaque RSA pair, SIGN_MESSAGE & SIGN_HASH (bad policy) +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 + # For a PK_OPAQUE key, mbedtls_pk_get_psa_attributes() ignores the input # key's algorithm policy. Just this time, test with a few different algorithms. -PSA attributes for pk: opaque RSA pair, 0 & SIGN_HASH [0] +PSA attributes for pk: opaque RSA pair, SIGN_HASH & SIGN_HASH [0] depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:1:0 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_NONE:PSA_KEY_USAGE_SIGN_HASH:0:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE -PSA attributes for pk: opaque RSA pair, 0 & SIGN_HASH [raw] +PSA attributes for pk: opaque RSA pair, SIGN_HASH & SIGN_HASH [raw] depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_HASH:0:1:0 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_HASH:0:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE -PSA attributes for pk: opaque RSA pair, 0 & SIGN_HASH [v15] +PSA attributes for pk: opaque RSA pair, SIGN_HASH & SIGN_HASH [v15] depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_HASH:0:1:0 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN_HASH:0:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE -PSA attributes for pk: opaque RSA pair, 0 & SIGN_HASH [PSS] +PSA attributes for pk: opaque RSA pair, SIGN_HASH & SIGN_HASH [PSS] depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:0:1:0 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN_HASH:0:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE + +PSA attributes for pk: opaque RSA pair, 0 & DECRYPT (bad policy) +depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 PSA attributes for pk: opaque RSA pair, DECRYPT & DECRYPT depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME @@ -1042,21 +1050,21 @@ PSA attributes for pk: opaque RSA pair, ... & EXPORT (bad) depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_EXPORT:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 -PSA attributes for pk: opaque RSA pair->public, 0 & VERIFY_MESSAGE +PSA attributes for pk: opaque RSA pair->public, VERIFY_MESSAGE & VERIFY_MESSAGE depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY_MESSAGE:0:0:0 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY_MESSAGE:0:0:PSA_KEY_USAGE_VERIFY_MESSAGE -PSA attributes for pk: opaque RSA pair->public, 0 & VERIFY_HASH +PSA attributes for pk: opaque RSA pair->public, VERIFY_HASH & VERIFY_HASH depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY_HASH:0:0:0 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY_HASH:0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE -PSA attributes for pk: opaque RSA pair->public, 0 & ENCRYPT +PSA attributes for pk: opaque RSA pair->public, ENCRYPT & ENCRYPT depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_ENCRYPT:0:0:0 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_ENCRYPT:0:0:PSA_KEY_USAGE_ENCRYPT -PSA attributes for pk: opaque ECC pair, 0 & SIGN_MESSAGE +PSA attributes for pk: opaque ECC pair, 0 & SIGN_MESSAGE (bad policy) depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:0:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:0 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:0:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 PSA attributes for pk: opaque ECC pair, SIGN_MESSAGE & SIGN_MESSAGE depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 @@ -1074,9 +1082,9 @@ PSA attributes for pk: opaque ECC pair, SIGN|... & SIGN_MESSAGE depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT -PSA attributes for pk: opaque ECC pair, 0 & SIGN_HASH +PSA attributes for pk: opaque ECC pair, SIGN_HASH & SIGN_HASH depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:0:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_HASH:0:1:0 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_HASH:0:1:PSA_KEY_USAGE_SIGN_HASH PSA attributes for pk: opaque ECC pair, ... & DERIVE depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 @@ -1090,14 +1098,14 @@ PSA attributes for pk: opaque ECC pair, ... & EXPORT (bad) depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECDH:PSA_KEY_USAGE_EXPORT:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 -PSA attributes for pk: opaque ECC pair->public, 0 & VERIFY_MESSAGE +PSA attributes for pk: opaque ECC pair->public, VERIFY_MESSAGE & VERIFY_MESSAGE depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:0:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_VERIFY_MESSAGE:0:0:0 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_VERIFY_MESSAGE:0:0:PSA_KEY_USAGE_VERIFY_MESSAGE -PSA attributes for pk: opaque ECC pair->public, 0 & VERIFY_HASH +PSA attributes for pk: opaque ECC pair->public, VERIFY_HASH & VERIFY_HASH depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:0:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_VERIFY_HASH:0:0:0 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_VERIFY_HASH:0:0:PSA_KEY_USAGE_VERIFY_HASH -PSA attributes for pk: opaque ECC pair->public, 0 & ENCRYPT (bad) +PSA attributes for pk: opaque ECC pair->public, ENCRYPT & ENCRYPT (bad) depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:0:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH:0:0 +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH:0:0 From a1a7b0805758f28d3ddf3505ddba092028855782 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Feb 2024 21:32:29 +0100 Subject: [PATCH 1606/1674] Fix typo in dependency Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.data | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 0858163c9..3902d3dc3 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -1063,49 +1063,49 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME pk_get_psa_attributes_opaque:PSA_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_RSA_GEN_KEY_MIN_BITS:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_ENCRYPT:0:0:PSA_KEY_USAGE_ENCRYPT PSA attributes for pk: opaque ECC pair, 0 & SIGN_MESSAGE (bad policy) -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:0:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 PSA attributes for pk: opaque ECC pair, SIGN_MESSAGE & SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE PSA attributes for pk: opaque ECC pair, SIGN|VERIFY & SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE PSA attributes for pk: opaque ECC pair, SIGN|DECRYPT & SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_DECRYPT:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_DECRYPT PSA attributes for pk: opaque ECC pair, SIGN|... & SIGN_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_MESSAGE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT PSA attributes for pk: opaque ECC pair, SIGN_HASH & SIGN_HASH -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_HASH:0:1:PSA_KEY_USAGE_SIGN_HASH PSA attributes for pk: opaque ECC pair, ... & DERIVE -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_USAGE_DERIVE:0:1:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DERIVE PSA attributes for pk: opaque ECC pair, ... & DECRYPT (bad) -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 PSA attributes for pk: opaque ECC pair, ... & EXPORT (bad) -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECDH:PSA_KEY_USAGE_EXPORT:MBEDTLS_ERR_PK_TYPE_MISMATCH:1:0 PSA attributes for pk: opaque ECC pair->public, VERIFY_MESSAGE & VERIFY_MESSAGE -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_VERIFY_MESSAGE:0:0:PSA_KEY_USAGE_VERIFY_MESSAGE PSA attributes for pk: opaque ECC pair->public, VERIFY_HASH & VERIFY_HASH -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_VERIFY_HASH:0:0:PSA_KEY_USAGE_VERIFY_HASH PSA attributes for pk: opaque ECC pair->public, ENCRYPT & ENCRYPT (bad) -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_FAMILY_SECP_R1_256 +depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH:0:0 From 591e83d13969019b887a2499b92f722923cb3fe5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Feb 2024 21:33:44 +0100 Subject: [PATCH 1607/1674] Add missing implied usage Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 3902d3dc3..55146feaa 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -1084,7 +1084,7 @@ pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):2 PSA attributes for pk: opaque ECC pair, SIGN_HASH & SIGN_HASH depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_HASH:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_HASH:0:1:PSA_KEY_USAGE_SIGN_HASH +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_SIGN_HASH:0:1:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE PSA attributes for pk: opaque ECC pair, ... & DERIVE depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 @@ -1104,7 +1104,7 @@ pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):2 PSA attributes for pk: opaque ECC pair->public, VERIFY_HASH & VERIFY_HASH depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 -pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_VERIFY_HASH:0:0:PSA_KEY_USAGE_VERIFY_HASH +pk_get_psa_attributes_opaque:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_VERIFY_HASH:0:0:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE PSA attributes for pk: opaque ECC pair->public, ENCRYPT & ENCRYPT (bad) depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE:PSA_WANT_ECC_SECP_R1_256 From 5922cb9309ac0a22a066111b6183c5616b8fedd9 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 2 Feb 2024 09:21:25 +0100 Subject: [PATCH 1608/1674] pkparse: keep legacy PK error codes when RSA key parsing fails This helps in reverting the changes to test_suite_x509parse.data when the RSA key parsing fails. Signed-off-by: Valerio Setti --- library/pkparse.c | 9 +++++++++ tests/suites/test_suite_x509parse.data | 10 +++++----- 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index a47815b84..91d6eb59e 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -851,6 +851,15 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, #if defined(MBEDTLS_RSA_C) if (pk_alg == MBEDTLS_PK_RSA) { ret = mbedtls_rsa_parse_pubkey(mbedtls_pk_rsa(*pk), *p, (size_t) (end - *p)); + if (ret == 0) { + /* On success all the input has been consumed by the parsing function. */ + *p += end - *p; + } else if (ret & 0x7f) { + /* In case of ASN1 error codes add MBEDTLS_ERR_PK_INVALID_PUBKEY. */ + ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); + } else { + ret = MBEDTLS_ERR_PK_INVALID_PUBKEY; + } } else #endif /* MBEDTLS_RSA_C */ #if defined(MBEDTLS_PK_HAVE_ECC_KEYS) diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 6e201259c..261c220ee 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -1774,15 +1774,15 @@ x509parse_crt:"307d3068a0030201008204deadbeef300d06092a864886f70d01010b0500300c3 X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv internal bitstring length) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 -x509parse_crt:"308180306ba0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH +x509parse_crt:"308180306ba0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv internal bitstring tag) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 -x509parse_crt:"308180306ba0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400310000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +x509parse_crt:"308180306ba0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400310000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv RSA modulus) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 -x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0302ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG +x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0302ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRT ASN1 (TBS, inv SubPubKeyInfo, total length mismatch) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 @@ -1790,11 +1790,11 @@ x509parse_crt:"3081893074a0030201008204deadbeef300d06092a864886f70d01010b0500300 X509 CRT ASN1 (TBS, inv SubPubKeyInfo, check failed) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 -x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_RSA_BAD_INPUT_DATA +x509parse_crt:"3081873072a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY X509 CRT ASN1 (TBS, inv SubPubKeyInfo, check failed, expanded length notation) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 -x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210fffffffffffffffffffffffffffffffe0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_RSA_BAD_INPUT_DATA +x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210fffffffffffffffffffffffffffffffe0202ffff300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY # We expect an extension parsing error here because the IssuerID is optional. # Hence, if we find an ASN.1 tag doesn't match the IssuerID, we assume the From c701cb28350353d8ee293791368c411d372e0eff Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 2 Feb 2024 11:09:37 +0100 Subject: [PATCH 1609/1674] test_suite_rsa: improve rsa_key_write_incremental() Output buffer is tested from being 1 single byte up to twice what it is strictly required to contain the output data. Signed-off-by: Valerio Setti --- tests/suites/test_suite_rsa.function | 33 ++++++++++++++++++---------- 1 file changed, 21 insertions(+), 12 deletions(-) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 6d1a0f03c..2f700289a 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -1427,8 +1427,8 @@ exit: void rsa_key_write_incremental(int is_public, data_t *input) { mbedtls_rsa_context rsa_ctx; - unsigned char *buf = NULL, *end; - size_t i; + unsigned char *buf = NULL, *end, *p; + size_t i, written_data; mbedtls_rsa_init(&rsa_ctx); @@ -1440,27 +1440,36 @@ void rsa_key_write_incremental(int is_public, data_t *input) TEST_EQUAL(mbedtls_rsa_parse_key(&rsa_ctx, input->x, input->len), 0); } + /* Test with an output buffer smaller than required. */ for (i = 1; i < input->len; i++) { TEST_CALLOC(buf, i); end = buf + i; + p = end; /* We don't care much about the return value as long as it fails. */ if (is_public) { - TEST_ASSERT(mbedtls_rsa_write_pubkey(&rsa_ctx, buf, &end) != 0); + TEST_ASSERT(mbedtls_rsa_write_pubkey(&rsa_ctx, buf, &p) != 0); } else { - TEST_ASSERT(mbedtls_rsa_write_key(&rsa_ctx, buf, &end) != 0); + TEST_ASSERT(mbedtls_rsa_write_key(&rsa_ctx, buf, &p) != 0); } mbedtls_free(buf); buf = NULL; } - /* Ensure with the correct output buffer size everything works as expected. */ - TEST_CALLOC(buf, i); - end = buf + i; - - if (is_public) { - TEST_ASSERT(mbedtls_rsa_write_pubkey(&rsa_ctx, buf, &end) != 0); - } else { - TEST_ASSERT(mbedtls_rsa_write_key(&rsa_ctx, buf, &end) > 0); + /* Test with an output buffer equal or larger than what it is strictly required. */ + for (i = input->len; i < (2 * input->len); i++) { + TEST_CALLOC(buf, i); + end = buf + i; + p = end; + /* This time all write functions must succeed. */ + if (is_public) { + TEST_ASSERT(mbedtls_rsa_write_pubkey(&rsa_ctx, buf, &p) > 0); + } else { + TEST_ASSERT(mbedtls_rsa_write_key(&rsa_ctx, buf, &p) > 0); + } + written_data = (end - p); + TEST_MEMORY_COMPARE(p, written_data, input->x, input->len); + mbedtls_free(buf); + buf = NULL; } exit: From 684d78fcfa471109a3b9eeafbb18d8cdef8f8da2 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 2 Feb 2024 12:30:16 +0100 Subject: [PATCH 1610/1674] test_suite_rsa: improve key parsing tests for extra data 2 scenarios are taken into account: - syntactically valid extra data inside the SEQUENCE - extra data outside the SEQUENCE A single integer is used as extra data in both cases. Signed-off-by: Valerio Setti --- tests/suites/test_suite_rsa.data | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 8a224d5ef..f4bd60a67 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -658,8 +658,11 @@ rsa_parse_pkcs1_key:0:"30630201000211007c8ab070369ede72920e5a51523c8571020301000 RSA parse private key - correct format, d == p == q == 0 rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c8571020301000102110000000000000000000000000000000000020900000000000000000002090000000000000000000209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_RSA_BAD_INPUT_DATA -RSA parse private key - correct values, trailing garbage -rsa_parse_pkcs1_key:0:"3064020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c00":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH +RSA parse private key - correct values, extra integer inside the SEQUENCE +rsa_parse_pkcs1_key:0:"3066020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c020100":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +RSA parse private key - correct values, extra integer outside the SEQUENCE +rsa_parse_pkcs1_key:0:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c020100":0 RSA parse private key - correct values, n wrong tag rsa_parse_pkcs1_key:0:"3063020100FF1100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG @@ -718,8 +721,11 @@ rsa_parse_pkcs1_key:1:"30050203010001":MBEDTLS_ERR_ASN1_OUT_OF_DATA RSA parse public key - missing public exponent rsa_parse_pkcs1_key:1:"308184028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb7":MBEDTLS_ERR_ASN1_OUT_OF_DATA -RSA parse public key - correct values, trailing garbage -rsa_parse_pkcs1_key:1:"30818a028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb7020301000100":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH +RSA parse public key - correct values, extra integer inside the SEQUENCE +rsa_parse_pkcs1_key:1:"30818c028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001020100":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH + +RSA parse public key - correct values, extra integer outside the SEQUENCE +rsa_parse_pkcs1_key:1:"308189028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001":0 RSA priv key write - incremental output buffer size rsa_key_write_incremental:0:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c" From c9dd8611f8f4d10ddbfe823dfc7615acd957536d Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 2 Feb 2024 12:34:06 +0100 Subject: [PATCH 1611/1674] test_suite_psa_crypto_util: add missing new line at the end of file Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 9368d7939..c92b5fcc1 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -114,4 +114,4 @@ ecdsa_raw_to_der_incremental:512:"9111111111111111111111111111111111111111111111 ECDSA Raw -> DER, 521bit, Incremental DER buffer sizes depends_on:PSA_WANT_ECC_SECP_R1_521 -ecdsa_raw_to_der_incremental:528:"911111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"3081890243009111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222" \ No newline at end of file +ecdsa_raw_to_der_incremental:528:"911111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"3081890243009111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222" From cb3b4cae0a78460be0cadec7bc553d629e838e4c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 2 Feb 2024 13:12:39 +0100 Subject: [PATCH 1612/1674] Fix handling of ECC public keys under MBEDTLS_PK_USE_PSA_EC_DATA The test code to construct test keys and the implementation had matching errors: both assumed that there was a PSA public key object. Fix this. Signed-off-by: Gilles Peskine --- include/mbedtls/pk.h | 2 ++ library/pk.c | 14 +++++--------- tests/suites/test_suite_pk.function | 4 +--- 3 files changed, 8 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index f218558b4..13b960a87 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -253,6 +253,8 @@ typedef struct mbedtls_pk_context { * inside the ecp_keypair structure * - the following fields are used for all public key operations: signature * verify, key pair check and key write. + * - For a key pair, priv_id contains the private key. For a public key, + * priv_id is null. * Of course, when MBEDTLS_PK_USE_PSA_EC_DATA is not enabled, the legacy * ecp_keypair structure is used for storing the public key and performing * all the operations. diff --git a/library/pk.c b/library/pk.c index 3b9c5376d..d0869b822 100644 --- a/library/pk.c +++ b/library/pk.c @@ -464,16 +464,12 @@ int mbedtls_pk_get_psa_attributes(const mbedtls_pk_context *pk, int sign_ok = (pk_type != MBEDTLS_PK_ECKEY_DH); int derive_ok = (pk_type != MBEDTLS_PK_ECDSA); #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) - psa_key_attributes_t old_attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - status = psa_get_key_attributes(pk->priv_id, &old_attributes); - if (status != PSA_SUCCESS) { - return MBEDTLS_ERR_PK_BAD_INPUT_DATA; + psa_ecc_family_t family = pk->ec_family; + size_t bits = pk->ec_bits; + int has_private = 0; + if (pk->priv_id != MBEDTLS_SVC_KEY_ID_INIT) { + has_private = 1; } - psa_key_type_t old_type = psa_get_key_type(&old_attributes); - int has_private = PSA_KEY_TYPE_IS_KEY_PAIR(old_type); - size_t bits = psa_get_key_bits(&old_attributes); - psa_ecc_family_t family = PSA_KEY_TYPE_ECC_GET_FAMILY(old_type); #else const mbedtls_ecp_keypair *ec = mbedtls_pk_ec_ro(*pk); int has_private = (ec->d.n != 0); diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 3d7a1798d..efbe6b0c3 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -283,9 +283,7 @@ static int pk_setup_for_type(mbedtls_pk_type_t pk_type, int want_pair, PSA_KEY_USAGE_VERIFY_HASH); psa_set_key_algorithm(&pub_attributes, PSA_ALG_ECDSA_ANY); PSA_ASSERT(psa_destroy_key(pk->priv_id)); - PSA_ASSERT(psa_import_key(&pub_attributes, - pk->pub_raw, pk->pub_raw_len, - &pk->priv_id)); + pk->priv_id = MBEDTLS_SVC_KEY_ID_INIT; #else mbedtls_ecp_keypair *ec = mbedtls_pk_ec_rw(*pk); mbedtls_mpi_free(&ec->d); From d078386287b53486ec95fc400a7bcd1007b18f39 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 2 Feb 2024 13:13:34 +0100 Subject: [PATCH 1613/1674] Smoke tests for mbedtls_pk_get_psa_attributes after parsing We'll test more fully by adding a call to mbedtls_pk_import_into_psa() once that function is implemented. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pkparse.function | 82 +++++++++++++++++++++++- 1 file changed, 79 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function index d416b8724..14afef6e9 100644 --- a/tests/suites/test_suite_pkparse.function +++ b/tests/suites/test_suite_pkparse.function @@ -41,6 +41,33 @@ void pk_parse_keyfile_rsa(char *key_file, char *password, int result) TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA)); rsa = mbedtls_pk_rsa(ctx); TEST_EQUAL(mbedtls_rsa_check_privkey(rsa), 0); + +#if defined(MBEDTLS_PSA_CRYPTO_C) + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_SIGN_HASH, + &attributes), 0); + psa_reset_key_attributes(&attributes); + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_SIGN_MESSAGE, + &attributes), 0); + psa_reset_key_attributes(&attributes); + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_DECRYPT, + &attributes), 0); + psa_reset_key_attributes(&attributes); + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_VERIFY_HASH, + &attributes), 0); + psa_reset_key_attributes(&attributes); + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_VERIFY_MESSAGE, + &attributes), 0); + psa_reset_key_attributes(&attributes); + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_ENCRYPT, + &attributes), 0); +#endif } exit: @@ -68,6 +95,21 @@ void pk_parse_public_keyfile_rsa(char *key_file, int result) TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_RSA)); rsa = mbedtls_pk_rsa(ctx); TEST_EQUAL(mbedtls_rsa_check_pubkey(rsa), 0); + +#if defined(MBEDTLS_PSA_CRYPTO_C) + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_ENCRYPT, + &attributes), 0); + psa_reset_key_attributes(&attributes); + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_VERIFY_HASH, + &attributes), 0); + psa_reset_key_attributes(&attributes); + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_VERIFY_MESSAGE, + &attributes), 0); +#endif } exit: @@ -100,6 +142,17 @@ void pk_parse_public_keyfile_ec(char *key_file, int result) eckey = mbedtls_pk_ec_ro(ctx); TEST_EQUAL(mbedtls_ecp_check_pubkey(&eckey->grp, &eckey->Q), 0); #endif + +#if defined(MBEDTLS_PSA_CRYPTO_C) + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_VERIFY_HASH, + &attributes), 0); + psa_reset_key_attributes(&attributes); + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_VERIFY_MESSAGE, + &attributes), 0); +#endif } exit: @@ -124,11 +177,34 @@ void pk_parse_keyfile_ec(char *key_file, char *password, int result) if (res == 0) { TEST_ASSERT(mbedtls_pk_can_do(&ctx, MBEDTLS_PK_ECKEY)); -#if defined(MBEDTLS_ECP_C) +#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) + /* PSA keys are already checked on import so nothing to do here. */ +#else const mbedtls_ecp_keypair *eckey = mbedtls_pk_ec_ro(ctx); TEST_EQUAL(mbedtls_ecp_check_privkey(&eckey->grp, &eckey->d), 0); -#else - /* PSA keys are already checked on import so nothing to do here. */ +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_C) + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_SIGN_HASH, + &attributes), 0); + psa_reset_key_attributes(&attributes); + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_SIGN_MESSAGE, + &attributes), 0); + psa_reset_key_attributes(&attributes); + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_DERIVE, + &attributes), 0); + psa_reset_key_attributes(&attributes); + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_VERIFY_HASH, + &attributes), 0); + psa_reset_key_attributes(&attributes); + TEST_EQUAL(mbedtls_pk_get_psa_attributes(&ctx, + PSA_KEY_USAGE_VERIFY_MESSAGE, + &attributes), 0); #endif } From fc590dd3612466ab343db79490cc32355d5ec86a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 2 Feb 2024 13:46:02 +0100 Subject: [PATCH 1614/1674] changelog: fix typo Signed-off-by: Valerio Setti --- ChangeLog.d/8647.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/8647.txt b/ChangeLog.d/8647.txt index 44007e2c2..98326dc01 100644 --- a/ChangeLog.d/8647.txt +++ b/ChangeLog.d/8647.txt @@ -2,7 +2,7 @@ Default behavior changes * psa_import_key() now only accepts RSA keys in the PSA standard formats. The undocumented ability to import other formats (PKCS#8, SubjectPublicKey, PEM) accepted by the pkparse module has been removed. Applications that - need these format can call mbedtls_pk_parse_{public,}key() followed by + need these formats can call mbedtls_pk_parse_{public,}key() followed by mbedtls_pk_import_into_psa(). Changes From 6fb1be6cb1f8640446e68574fba8f8d5bc5f2459 Mon Sep 17 00:00:00 2001 From: Antonio de Angelis Date: Fri, 2 Feb 2024 14:05:32 +0000 Subject: [PATCH 1615/1674] Add comments in psa/crypto_struct.h for id layout Make sure the layout of psa_key_attributes_s is commented enough so that it does not accidentally get reorganized by mistake in the future. Signed-off-by: Antonio de Angelis --- include/psa/crypto_struct.h | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 606d282df..8216f28ba 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -241,6 +241,17 @@ typedef struct { psa_key_lifetime_t MBEDTLS_PRIVATE(lifetime); psa_key_policy_t MBEDTLS_PRIVATE(policy); psa_key_attributes_flag_t MBEDTLS_PRIVATE(flags); + /* This type has a different layout in the client view wrt the + * service view of the key id, i.e. in service view usually is + * expected to have MBEDTLS_SVC_KEY_ID_ENCODES_OWNER defined + * thus adding an owner field to the standard psa_key_id_t. For + * implementations with client/service separation, this means the + * object will be marshalled through a transport channel and + * interpreted differently at each side of the transport. Placing + * it at the end of structures allows to interpret the structure + * at the client without reorganizing the memory layout of the + * struct + */ mbedtls_svc_key_id_t MBEDTLS_PRIVATE(id); } psa_core_key_attributes_t; @@ -267,6 +278,12 @@ struct psa_key_attributes_s { */ void *MBEDTLS_PRIVATE(domain_parameters); size_t MBEDTLS_PRIVATE(domain_parameters_size); + /* With client/service separation, struct psa_key_attributes_s is + * marshalled through a transport channel between the client and + * service side implementation of the PSA Crypto APIs, thus having + * the mbedtls_svc_key_id_t id as the last field of this structure + * allows for a more efficient marshalling/unmarshalling of parameters + */ psa_core_key_attributes_t MBEDTLS_PRIVATE(core); }; From 4380a33bd3f1ed8a10cccb2fcceddc1d526854d5 Mon Sep 17 00:00:00 2001 From: Antonio de Angelis Date: Fri, 2 Feb 2024 14:21:24 +0000 Subject: [PATCH 1616/1674] Add a client view layout for interruptible hash and pake Add a client view layout (and update related initializers) for PSA sign/verify hash interruptible operation struct and PAKE operation struct Signed-off-by: Antonio de Angelis --- include/psa/crypto_extra.h | 8 ++++++++ include/psa/crypto_struct.h | 16 ++++++++++++++++ 2 files changed, 24 insertions(+) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index fc9bf4f0f..c67345bd2 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -1828,8 +1828,12 @@ psa_status_t psa_pake_abort(psa_pake_operation_t *operation); /** Returns a suitable initializer for a PAKE operation object of type * psa_pake_operation_t. */ +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) +#define PSA_PAKE_OPERATION_INIT { 0 } +#else #define PSA_PAKE_OPERATION_INIT { 0, PSA_ALG_NONE, 0, PSA_PAKE_OPERATION_STAGE_SETUP, \ { 0 }, { { 0 } } } +#endif struct psa_pake_cipher_suite_s { psa_algorithm_t algorithm; @@ -1957,6 +1961,9 @@ struct psa_jpake_computation_stage_s { ((round) == PSA_JPAKE_FIRST ? 2 : 1)) struct psa_pake_operation_s { +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) + mbedtls_psa_client_handle_t handle; +#else /** Unique ID indicating which driver got assigned to do the * operation. Since driver contexts are driver-specific, swapping * drivers halfway through the operation is not supported. @@ -1982,6 +1989,7 @@ struct psa_pake_operation_s { psa_driver_pake_context_t MBEDTLS_PRIVATE(ctx); psa_crypto_driver_pake_inputs_t MBEDTLS_PRIVATE(inputs); } MBEDTLS_PRIVATE(data); +#endif }; static inline struct psa_pake_cipher_suite_s psa_pake_cipher_suite_init(void) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index cc7731abc..26c93da7c 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -455,6 +455,9 @@ static inline size_t psa_get_key_bits( * \brief The context for PSA interruptible hash signing. */ struct psa_sign_hash_interruptible_operation_s { +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) + mbedtls_psa_client_handle_t handle; +#else /** Unique ID indicating which driver got assigned to do the * operation. Since driver contexts are driver-specific, swapping * drivers halfway through the operation is not supported. @@ -468,9 +471,14 @@ struct psa_sign_hash_interruptible_operation_s { unsigned int MBEDTLS_PRIVATE(error_occurred) : 1; uint32_t MBEDTLS_PRIVATE(num_ops); +#endif }; +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) +#define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0 } +#else #define PSA_SIGN_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 } +#endif static inline struct psa_sign_hash_interruptible_operation_s psa_sign_hash_interruptible_operation_init(void) @@ -485,6 +493,9 @@ psa_sign_hash_interruptible_operation_init(void) * \brief The context for PSA interruptible hash verification. */ struct psa_verify_hash_interruptible_operation_s { +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) + mbedtls_psa_client_handle_t handle; +#else /** Unique ID indicating which driver got assigned to do the * operation. Since driver contexts are driver-specific, swapping * drivers halfway through the operation is not supported. @@ -498,9 +509,14 @@ struct psa_verify_hash_interruptible_operation_s { unsigned int MBEDTLS_PRIVATE(error_occurred) : 1; uint32_t MBEDTLS_PRIVATE(num_ops); +#endif }; +#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) && !defined(MBEDTLS_PSA_CRYPTO_C) +#define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT { 0 } +#else #define PSA_VERIFY_HASH_INTERRUPTIBLE_OPERATION_INIT { 0, { 0 }, 0, 0 } +#endif static inline struct psa_verify_hash_interruptible_operation_s psa_verify_hash_interruptible_operation_init(void) From 5a198925286bf2a9ff849e5d23c930467e9c567f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 2 Feb 2024 13:59:51 +0100 Subject: [PATCH 1617/1674] pkparse: fix check for ASN1 errors in mbedtls_pk_parse_subpubkey() Signed-off-by: Valerio Setti --- library/pkparse.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/pkparse.c b/library/pkparse.c index 91d6eb59e..5a3d3b259 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -854,7 +854,8 @@ int mbedtls_pk_parse_subpubkey(unsigned char **p, const unsigned char *end, if (ret == 0) { /* On success all the input has been consumed by the parsing function. */ *p += end - *p; - } else if (ret & 0x7f) { + } else if ((ret <= MBEDTLS_ERR_ASN1_OUT_OF_DATA) && + (ret >= MBEDTLS_ERR_ASN1_BUF_TOO_SMALL)) { /* In case of ASN1 error codes add MBEDTLS_ERR_PK_INVALID_PUBKEY. */ ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret); } else { From f15e13ead7dc00a21a58a0830a82f214c3e1a77b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Fri, 2 Feb 2024 14:00:53 +0100 Subject: [PATCH 1618/1674] test_suite_x509parse: remove useless include of rsa.h Signed-off-by: Valerio Setti --- tests/suites/test_suite_x509parse.function | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index a54c165e1..c2a2f556d 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -9,7 +9,6 @@ #include "mbedtls/base64.h" #include "mbedtls/error.h" #include "mbedtls/pk.h" -#include "mbedtls/rsa.h" #include "string.h" #if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19 From 064dd2b87091704227e64e975beba56e3ee69bb3 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 8 Dec 2023 14:58:08 +0800 Subject: [PATCH 1619/1674] Adjust check order Signed-off-by: Jerry Yu --- tests/opt-testcases/tls13-misc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index b6894de81..4e6bf876d 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -502,8 +502,8 @@ run_test "TLS 1.3 G->m: EarlyData: feature is enabled, good." \ "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+GROUP-ALL:+KX-ALL \ -d 10 -r --earlydata $EARLY_DATA_INPUT " \ 0 \ - -s "NewSessionTicket: early_data(42) extension exists." \ -s "Sent max_early_data_size=$EARLY_DATA_INPUT_LEN" \ + -s "NewSessionTicket: early_data(42) extension exists." \ -s "ClientHello: early_data(42) extension exists." \ -s "EncryptedExtensions: early_data(42) extension exists." \ -s "$( head -1 $EARLY_DATA_INPUT )" \ From 4caf3ca08cb3b1b206477ce07a7a09fa14b7da4c Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 15 Nov 2023 16:13:47 +0800 Subject: [PATCH 1620/1674] tls13: srv: Add discard_early_data_record SSL field Add discard_early_data_record in SSL context for the record layer to know if it has to discard some potential early data record and how. Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 30 +++++++++++++++++++++ library/ssl_tls.c | 7 ++++- library/ssl_tls13_server.c | 54 ++++++++++++++++++-------------------- 3 files changed, 61 insertions(+), 30 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b0633609d..e0cd79d02 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -353,6 +353,26 @@ #define MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MIN 1000 #define MBEDTLS_SSL_DTLS_TIMEOUT_DFL_MAX 60000 +/* + * Whether early data record should be discarded or not and how. + * + * The client has indicated early data and the server has rejected them. + * The server has then to skip past early data by either: + * - attempting to deprotect received records using the handshake traffic + * key, discarding records which fail deprotection (up to the configured + * max_early_data_size). Once a record is deprotected successfully, + * it is treated as the start of the client's second flight and the + * server proceeds as with an ordinary 1-RTT handshake. + * - skipping all records with an external content type of + * "application_data" (indicating that they are encrypted), up to the + * configured max_early_data_size. This is the expected behavior if the + * server has sent an HelloRetryRequest message. The server ignores + * application data message before 2nd ClientHello. + */ +#define MBEDTLS_SSL_EARLY_DATA_NO_DISCARD 0 +#define MBEDTLS_SSL_EARLY_DATA_TRY_TO_DEPROTECT_AND_DISCARD 1 +#define MBEDTLS_SSL_EARLY_DATA_DISCARD 2 + /** * \name SECTION: Module settings * @@ -1782,6 +1802,16 @@ struct mbedtls_ssl_context { * within a single datagram. */ #endif /* MBEDTLS_SSL_PROTO_DTLS */ +#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) + /* + * One of: + * MBEDTLS_SSL_EARLY_DATA_NO_DISCARD + * MBEDTLS_SSL_EARLY_DATA_TRY_TO_DEPROTECT_AND_DISCARD + * MBEDTLS_SSL_EARLY_DATA_DISCARD + */ + uint8_t MBEDTLS_PRIVATE(discard_early_data_record); +#endif + /* * Record layer (outgoing data) */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index c952add9b..c2f874b45 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1098,9 +1098,14 @@ static int ssl_handshake_init(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_ALLOC_FAILED; } -#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C) +#if defined(MBEDTLS_SSL_EARLY_DATA) +#if defined(MBEDTLS_SSL_CLI_C) ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT; #endif +#if defined(MBEDTLS_SSL_SRV_C) + ssl->discard_early_data_record = MBEDTLS_SSL_EARLY_DATA_NO_DISCARD; +#endif +#endif /* MBEDTLS_SSL_EARLY_DATA */ /* Initialize structures */ mbedtls_ssl_session_init(ssl->session_negotiate); diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 8bd70ef02..6e87d7b9d 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1780,28 +1780,15 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_EARLY_DATA) -static int ssl_tls13_is_early_data_accepted(mbedtls_ssl_context *ssl, - int hrr_required) +static int ssl_tls13_check_early_data_requirements(mbedtls_ssl_context *ssl) { mbedtls_ssl_handshake_params *handshake = ssl->handshake; - if ((handshake->received_extensions & - MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) == 0) { - MBEDTLS_SSL_DEBUG_MSG( - 1, ("EarlyData: no early data extension received.")); - return 0; - } - if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_DISABLED) { MBEDTLS_SSL_DEBUG_MSG( 1, ("EarlyData: rejected, feature disabled in server configuration.")); - return 0; - } - - if (hrr_required) { - MBEDTLS_SSL_DEBUG_MSG(1, ("EarlyData: rejected, HRR required.")); - return 0; + return -1; } if (!handshake->resume) { @@ -1810,7 +1797,7 @@ static int ssl_tls13_is_early_data_accepted(mbedtls_ssl_context *ssl, resumption. */ MBEDTLS_SSL_DEBUG_MSG( 1, ("EarlyData: rejected, not a session resumption.")); - return 0; + return -1; } /* RFC 8446 4.2.10 @@ -1833,7 +1820,7 @@ static int ssl_tls13_is_early_data_accepted(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ("EarlyData: rejected, the selected key in " "`pre_shared_key` is not the first one.")); - return 0; + return -1; } if (handshake->ciphersuite_info->id != @@ -1841,7 +1828,7 @@ static int ssl_tls13_is_early_data_accepted(mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ("EarlyData: rejected, the selected ciphersuite is not the one " "of the selected pre-shared key.")); - return 0; + return -1; } @@ -1850,10 +1837,10 @@ static int ssl_tls13_is_early_data_accepted(mbedtls_ssl_context *ssl, 1, ("EarlyData: rejected, early_data not allowed in ticket " "permission bits.")); - return 0; + return -1; } - return 1; + return 0; } #endif /* MBEDTLS_SSL_EARLY_DATA */ @@ -1885,15 +1872,24 @@ static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_EARLY_DATA) - ssl->handshake->early_data_accepted = - ssl_tls13_is_early_data_accepted(ssl, hrr_required); - - if (ssl->handshake->early_data_accepted) { - ret = mbedtls_ssl_tls13_compute_early_transform(ssl); - if (ret != 0) { - MBEDTLS_SSL_DEBUG_RET( - 1, "mbedtls_ssl_tls13_compute_early_transform", ret); - return ret; + if (ssl->handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) { + ssl->handshake->early_data_accepted = 0; + if (!hrr_required) { + ssl->handshake->early_data_accepted = + (ssl_tls13_check_early_data_requirements(ssl) == 0); + } + if (ssl->handshake->early_data_accepted) { + ret = mbedtls_ssl_tls13_compute_early_transform(ssl); + if (ret != 0) { + MBEDTLS_SSL_DEBUG_RET( + 1, "mbedtls_ssl_tls13_compute_early_transform", ret); + return ret; + } + } else { + ssl->discard_early_data_record = + hrr_required ? + MBEDTLS_SSL_EARLY_DATA_DISCARD : + MBEDTLS_SSL_EARLY_DATA_TRY_TO_DEPROTECT_AND_DISCARD; } } #else From 2995d35ac344376acc5e18d3f39e1b6afc6917cb Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 18 Jan 2024 16:59:39 +0100 Subject: [PATCH 1621/1674] tls13: srv: Deprotect and discard early data records Signed-off-by: Ronald Cron --- library/ssl_msg.c | 39 ++++++++++++++++++ tests/suites/test_suite_ssl.data | 7 +++- tests/suites/test_suite_ssl.function | 61 ++++++++++++++++++++++------ 3 files changed, 93 insertions(+), 14 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 20501c940..bf9a8ca7c 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -3985,6 +3985,31 @@ static int ssl_prepare_record_content(mbedtls_ssl_context *ssl, rec)) != 0) { MBEDTLS_SSL_DEBUG_RET(1, "ssl_decrypt_buf", ret); +#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) + /* + * Although the server rejected early data, it might receive early + * data as long as it has not received the client Finished message. + * It is encrypted with early keys and should be ignored as stated + * in section 4.2.10 of RFC 8446: + * + * "Ignore the extension and return a regular 1-RTT response. The + * server then skips past early data by attempting to deprotect + * received records using the handshake traffic key, discarding + * records which fail deprotection (up to the configured + * max_early_data_size). Once a record is deprotected successfully, + * it is treated as the start of the client's second flight and the + * server proceeds as with an ordinary 1-RTT handshake." + */ + if ((old_msg_type == MBEDTLS_SSL_MSG_APPLICATION_DATA) && + (ssl->discard_early_data_record == + MBEDTLS_SSL_EARLY_DATA_TRY_TO_DEPROTECT_AND_DISCARD)) { + MBEDTLS_SSL_DEBUG_MSG( + 3, ("EarlyData: deprotect and discard app data records.")); + /* TODO: Add max_early_data_size check here. */ + ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; + } +#endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_SRV_C */ + #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) if (ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID && ssl->conf->ignore_unexpected_cid @@ -3997,6 +4022,20 @@ static int ssl_prepare_record_content(mbedtls_ssl_context *ssl, return ret; } +#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) + /* + * If the server were discarding protected records that it fails to + * deprotect because it has rejected early data, as we have just + * deprotected successfully a record, the server has to resume normal + * operation and fail the connection if the deprotection of a record + * fails. + */ + if (ssl->discard_early_data_record == + MBEDTLS_SSL_EARLY_DATA_TRY_TO_DEPROTECT_AND_DISCARD) { + ssl->discard_early_data_record = MBEDTLS_SSL_EARLY_DATA_NO_DISCARD; + } +#endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_SRV_C */ + if (old_msg_type != rec->type) { MBEDTLS_SSL_DEBUG_MSG(4, ("record type after decrypt (before %d): %d", old_msg_type, rec->type)); diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index c06c0a746..404818dfc 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -3274,5 +3274,8 @@ elliptic_curve_get_properties TLS 1.3 resume session with ticket tls13_resume_session_with_ticket -TLS 1.3 early data -tls13_early_data +TLS 1.3 early data, reference +tls13_early_data:"reference" + +TLS 1.3 early data, deprotect and discard +tls13_early_data:"deprotect and discard" diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 2d1a757e4..31a973b6f 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3662,9 +3662,10 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_EARLY_DATA:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_DEBUG_C:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_SSL_SESSION_TICKETS */ -void tls13_early_data() +void tls13_early_data(char *scenario_string) { int ret = -1; + int scenario = 0; unsigned char buf[64]; const char *early_data = "This is early data."; size_t early_data_len = strlen(early_data); @@ -3672,6 +3673,18 @@ void tls13_early_data() mbedtls_test_handshake_test_options client_options; mbedtls_test_handshake_test_options server_options; mbedtls_ssl_session saved_session; + mbedtls_test_ssl_log_pattern server_pattern = { NULL, 0 }; + + /* + * Determine scenario. + */ + if (strcmp(scenario_string, "reference") == 0) { + scenario = 0; + } else if (strcmp(scenario_string, "deprotect and discard") == 0) { + scenario = 1; + } else { + TEST_FAIL("Unknown scenario."); + } /* * Test set-up @@ -3692,15 +3705,17 @@ void tls13_early_data() mbedtls_ssl_conf_early_data(&client_ep.conf, MBEDTLS_SSL_EARLY_DATA_ENABLED); server_options.pk_alg = MBEDTLS_PK_ECDSA; + server_options.srv_log_fun = mbedtls_test_ssl_log_analyzer; + server_options.srv_log_obj = &server_pattern; ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER, &server_options, NULL, NULL, NULL, NULL); TEST_EQUAL(ret, 0); + mbedtls_ssl_conf_early_data(&server_ep.conf, MBEDTLS_SSL_EARLY_DATA_ENABLED); mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf, mbedtls_test_ticket_write, mbedtls_test_ticket_parse, NULL); - mbedtls_ssl_conf_early_data(&server_ep.conf, MBEDTLS_SSL_EARLY_DATA_ENABLED); ret = mbedtls_test_mock_socket_connect(&(client_ep.socket), &(server_ep.socket), 1024); @@ -3740,6 +3755,16 @@ void tls13_early_data() ret = mbedtls_ssl_set_session(&(client_ep.ssl), &saved_session); TEST_EQUAL(ret, 0); + switch (scenario) { + case 1: /* deprotect and discard */ + mbedtls_debug_set_threshold(3); + server_pattern.pattern = + "EarlyData: deprotect and discard app data records."; + mbedtls_ssl_conf_early_data(&server_ep.conf, + MBEDTLS_SSL_EARLY_DATA_DISABLED); + break; + } + TEST_EQUAL(mbedtls_test_move_handshake_to_state( &(client_ep.ssl), &(server_ep.ssl), MBEDTLS_SSL_SERVER_HELLO), 0); @@ -3751,18 +3776,29 @@ void tls13_early_data() early_data_len); TEST_EQUAL(ret, early_data_len); - TEST_EQUAL(mbedtls_test_move_handshake_to_state( - &(server_ep.ssl), &(client_ep.ssl), - MBEDTLS_SSL_CLIENT_FINISHED), MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA); + ret = mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_HANDSHAKE_WRAPUP); - TEST_EQUAL(server_ep.ssl.handshake->early_data_accepted, 1); - TEST_EQUAL(mbedtls_ssl_read_early_data(&(server_ep.ssl), buf, sizeof(buf)), - early_data_len); - TEST_MEMORY_COMPARE(buf, early_data_len, early_data, early_data_len); + switch (scenario) { + case 0: + TEST_EQUAL(ret, MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA); + TEST_EQUAL(server_ep.ssl.handshake->early_data_accepted, 1); + TEST_EQUAL(mbedtls_ssl_read_early_data(&(server_ep.ssl), + buf, sizeof(buf)), early_data_len); + TEST_MEMORY_COMPARE(buf, early_data_len, early_data, early_data_len); - TEST_EQUAL(mbedtls_test_move_handshake_to_state( - &(server_ep.ssl), &(client_ep.ssl), - MBEDTLS_SSL_HANDSHAKE_OVER), 0); + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_HANDSHAKE_WRAPUP), 0); + break; + + case 1: + TEST_EQUAL(ret, 0); + TEST_EQUAL(server_ep.ssl.handshake->early_data_accepted, 0); + TEST_EQUAL(server_pattern.counter, 1); + break; + } exit: mbedtls_test_ssl_endpoint_free(&client_ep, NULL); @@ -3770,6 +3806,7 @@ exit: mbedtls_test_free_handshake_options(&client_options); mbedtls_test_free_handshake_options(&server_options); mbedtls_ssl_session_free(&saved_session); + mbedtls_debug_set_threshold(0); PSA_DONE(); } /* END_CASE */ From 1483dc3bdedfc3279f84e4aa26427cf7e0c82851 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 19 Jan 2024 10:00:47 +0100 Subject: [PATCH 1622/1674] tls13: cli: Indicate early data only in first ClientHello Signed-off-by: Ronald Cron --- library/ssl_tls13_client.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 76f0f1896..2598bae75 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1182,7 +1182,8 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_EARLY_DATA) if (mbedtls_ssl_conf_tls13_is_some_psk_enabled(ssl) && ssl_tls13_early_data_has_valid_ticket(ssl) && - ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) { + ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED && + ssl->handshake->hello_retry_request_count == 0) { ret = mbedtls_ssl_tls13_write_early_data_ext( ssl, 0, p, end, &ext_len); From 263dbf71679c359be8549e111fcd0160a1ed1ed4 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 26 Oct 2022 10:51:27 +0800 Subject: [PATCH 1623/1674] tls13: srv: Do not allow early data indication in 2nd ClientHello Signed-off-by: Jerry Yu Signed-off-by: Ronald Cron --- library/ssl_tls13_server.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 6e87d7b9d..93748a6a2 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1533,6 +1533,12 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, unsigned int extension_type; size_t extension_data_len; const unsigned char *extension_data_end; + uint32_t allowed_exts = MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_CH; + + if (ssl->handshake->hello_retry_request_count > 0) { + /* Do not accept early data extension in 2nd ClientHello */ + allowed_exts &= ~MBEDTLS_SSL_EXT_MASK(EARLY_DATA); + } /* RFC 8446, section 4.2.11 * @@ -1560,7 +1566,7 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl, ret = mbedtls_ssl_tls13_check_received_extension( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, extension_type, - MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_CH); + allowed_exts); if (ret != 0) { return ret; } From f57d14bed4dbefb7419cbd439afeddcd096058d2 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Wed, 15 Nov 2023 16:40:09 +0800 Subject: [PATCH 1624/1674] Ignore early data app msg before 2nd client hello Signed-off-by: Jerry Yu Signed-off-by: Ronald Cron --- library/ssl_msg.c | 26 ++++++++++++++++++++++++++ tests/suites/test_suite_ssl.data | 3 +++ tests/suites/test_suite_ssl.function | 27 ++++++++++++++++++++++++--- 3 files changed, 53 insertions(+), 3 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index bf9a8ca7c..2fe084c4d 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -4109,6 +4109,32 @@ static int ssl_prepare_record_content(mbedtls_ssl_context *ssl, } +#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) + /* + * Although the server rejected early data because it needed to send an + * HelloRetryRequest message, it might receive early data as long as it has + * not received the client Finished message. + * The early data is encrypted with early keys and should be ignored as + * stated in section 4.2.10 of RFC 8446 (second case): + * + * "The server then ignores early data by skipping all records with an + * external content type of "application_data" (indicating that they are + * encrypted), up to the configured max_early_data_size. Ignore application + * data message before 2nd ClientHello when early_data was received in 1st + * ClientHello." + */ + if (ssl->discard_early_data_record == MBEDTLS_SSL_EARLY_DATA_DISCARD) { + if (rec->type == MBEDTLS_SSL_MSG_APPLICATION_DATA) { + MBEDTLS_SSL_DEBUG_MSG( + 3, ("EarlyData: Ignore application message before 2nd ClientHello")); + /* TODO: Add max_early_data_size check here. */ + return MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; + } else if (rec->type == MBEDTLS_SSL_MSG_HANDSHAKE) { + ssl->discard_early_data_record = MBEDTLS_SSL_EARLY_DATA_NO_DISCARD; + } + } +#endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_SRV_C */ + #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) { mbedtls_ssl_dtls_replay_update(ssl); diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 404818dfc..e5e4c1e00 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -3279,3 +3279,6 @@ tls13_early_data:"reference" TLS 1.3 early data, deprotect and discard tls13_early_data:"deprotect and discard" + +TLS 1.3 early data, discard after HRR +tls13_early_data:"discard after HRR" diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 31a973b6f..949356a1c 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3674,6 +3674,11 @@ void tls13_early_data(char *scenario_string) mbedtls_test_handshake_test_options server_options; mbedtls_ssl_session saved_session; mbedtls_test_ssl_log_pattern server_pattern = { NULL, 0 }; + uint16_t group_list[3] = { + MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, + MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, + MBEDTLS_SSL_IANA_TLS_GROUP_NONE + }; /* * Determine scenario. @@ -3682,6 +3687,8 @@ void tls13_early_data(char *scenario_string) scenario = 0; } else if (strcmp(scenario_string, "deprotect and discard") == 0) { scenario = 1; + } else if (strcmp(scenario_string, "discard after HRR") == 0) { + scenario = 2; } else { TEST_FAIL("Unknown scenario."); } @@ -3700,7 +3707,7 @@ void tls13_early_data(char *scenario_string) client_options.pk_alg = MBEDTLS_PK_ECDSA; ret = mbedtls_test_ssl_endpoint_init(&client_ep, MBEDTLS_SSL_IS_CLIENT, &client_options, NULL, NULL, NULL, - NULL); + group_list); TEST_EQUAL(ret, 0); mbedtls_ssl_conf_early_data(&client_ep.conf, MBEDTLS_SSL_EARLY_DATA_ENABLED); @@ -3709,7 +3716,7 @@ void tls13_early_data(char *scenario_string) server_options.srv_log_obj = &server_pattern; ret = mbedtls_test_ssl_endpoint_init(&server_ep, MBEDTLS_SSL_IS_SERVER, &server_options, NULL, NULL, NULL, - NULL); + group_list); TEST_EQUAL(ret, 0); mbedtls_ssl_conf_early_data(&server_ep.conf, MBEDTLS_SSL_EARLY_DATA_ENABLED); mbedtls_ssl_conf_session_tickets_cb(&server_ep.conf, @@ -3763,6 +3770,19 @@ void tls13_early_data(char *scenario_string) mbedtls_ssl_conf_early_data(&server_ep.conf, MBEDTLS_SSL_EARLY_DATA_DISABLED); break; + + case 2: /* discard after HRR */ + mbedtls_debug_set_threshold(3); + server_pattern.pattern = + "EarlyData: Ignore application message before 2nd ClientHello"; + mbedtls_ssl_conf_groups(&server_ep.conf, group_list + 1); + /* + * Need to reset again to reconstruct the group list in the + * handshake structure from the configured one. + */ + ret = mbedtls_ssl_session_reset(&(server_ep.ssl)); + TEST_EQUAL(ret, 0); + break; } TEST_EQUAL(mbedtls_test_move_handshake_to_state( @@ -3793,7 +3813,8 @@ void tls13_early_data(char *scenario_string) MBEDTLS_SSL_HANDSHAKE_WRAPUP), 0); break; - case 1: + case 1: /* Intentional fallthrough */ + case 2: TEST_EQUAL(ret, 0); TEST_EQUAL(server_ep.ssl.handshake->early_data_accepted, 0); TEST_EQUAL(server_pattern.counter, 1); From ae2d81c314c15350484c6188995a1bac9791f3ef Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 22 Jan 2024 09:13:41 +0100 Subject: [PATCH 1625/1674] tests: tls13: Run early data test only in TLS 1.3 only config Temporary workaround to not run the early data test in Windows-2013 where there is an issue with mbedtls_vsnprintf(). Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.function | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 949356a1c..807b5ab71 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -12,7 +12,8 @@ #define SSL_MESSAGE_QUEUE_INIT { NULL, 0, 0, 0 } -#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C) && \ +#if (!defined(MBEDTLS_SSL_PROTO_TLS1_2)) && \ + defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C) && \ defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_DEBUG_C) && \ defined(MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE) && \ defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED) && \ @@ -3661,7 +3662,12 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SSL_EARLY_DATA:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_DEBUG_C:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_SSL_SESSION_TICKETS */ +/* + * The !MBEDTLS_SSL_PROTO_TLS1_2 dependency of tls13_early_data() below is + * a temporary workaround to not run the test in Windows-2013 where there is + * an issue with mbedtls_vsnprintf(). + */ +/* BEGIN_CASE depends_on:!MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_EARLY_DATA:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_DEBUG_C:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_SSL_SESSION_TICKETS */ void tls13_early_data(char *scenario_string) { int ret = -1; From 12285c5c7c658a92cecc05a095e36d8d256d828a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 2 Feb 2024 17:52:41 +0000 Subject: [PATCH 1626/1674] Add calls to BLOCK_CIPHER_PSA_INIT / BLOCK_CIPHER_PSA_DONE Signed-off-by: Dave Rodgman --- tests/suites/test_suite_gcm.function | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index 0af4209f4..8bb7b8b8e 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -499,8 +499,11 @@ exit: void gcm_invalid_iv_len(void) { mbedtls_gcm_context ctx; + mbedtls_gcm_init(&ctx); uint8_t b16[16] = { 0 }; + BLOCK_CIPHER_PSA_INIT(); + // Invalid IV length 0 gcm_reset_ctx(&ctx, b16, sizeof(b16) * 8, b16, 0, MBEDTLS_ERR_GCM_BAD_INPUT); mbedtls_gcm_free(&ctx); @@ -514,8 +517,8 @@ void gcm_invalid_iv_len(void) goto exit; /* To suppress error that exit is defined but not used */ exit: - /* empty */ - return; + mbedtls_gcm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); } /* END_CASE */ @@ -525,7 +528,10 @@ void gcm_add_len_too_long(void) // Only testable on platforms where sizeof(size_t) >= 8. #if SIZE_MAX >= UINT64_MAX mbedtls_gcm_context ctx; + mbedtls_gcm_init(&ctx); uint8_t b16[16] = { 0 }; + BLOCK_CIPHER_PSA_INIT(); + /* NISP SP 800-38D, Section 5.2.1.1 requires that bit length of AD should * be <= 2^64 - 1, ie < 2^64. This is the minimum invalid length in bytes. */ uint64_t len_max = 1ULL << 61; @@ -550,6 +556,7 @@ void gcm_add_len_too_long(void) exit: mbedtls_gcm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); #endif } /* END_CASE */ @@ -563,6 +570,9 @@ void gcm_input_len_too_long(void) uint8_t b16[16] = { 0 }; uint8_t out[1]; size_t out_len; + mbedtls_gcm_init(&ctx); + BLOCK_CIPHER_PSA_INIT(); + /* NISP SP 800-38D, Section 5.2.1.1 requires that bit length of input should * be <= 2^39 - 256. This is the maximum valid length in bytes. */ uint64_t len_max = (1ULL << 36) - 32; @@ -590,6 +600,7 @@ void gcm_input_len_too_long(void) exit: mbedtls_gcm_free(&ctx); + BLOCK_CIPHER_PSA_DONE(); #endif } /* END_CASE */ From 13ab693c491b59d07436c6a26ce8ecf133646000 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 5 Feb 2024 08:48:39 +0100 Subject: [PATCH 1627/1674] rsa_internal: fix documentation for mbedtls_rsa_parse_key() Signed-off-by: Valerio Setti --- library/rsa_internal.h | 1 + 1 file changed, 1 insertion(+) diff --git a/library/rsa_internal.h b/library/rsa_internal.h index 4cb564efa..f79c3b712 100644 --- a/library/rsa_internal.h +++ b/library/rsa_internal.h @@ -25,6 +25,7 @@ * \param keylen The length of the key buffer in bytes. * * \return 0 on success. + * \return MBEDTLS_ERR_ASN1_xxx in case of ASN.1 parsing errors. * \return MBEDTLS_ERR_RSA_xxx in case of RSA internal failures while * parsing data. * \return MBEDTLS_ERR_RSA_KEY_CHECK_FAILED if validity checks on the From 45c33ed41ec2d89535aed1ac81d4345939e5c42a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 5 Feb 2024 09:04:10 +0100 Subject: [PATCH 1628/1674] test_suite_rsa: fix data for "extra integer outside the SEQUENCE" Signed-off-by: Valerio Setti --- tests/suites/test_suite_rsa.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index f4bd60a67..b404f00d2 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -725,7 +725,7 @@ RSA parse public key - correct values, extra integer inside the SEQUENCE rsa_parse_pkcs1_key:1:"30818c028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001020100":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH RSA parse public key - correct values, extra integer outside the SEQUENCE -rsa_parse_pkcs1_key:1:"308189028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001":0 +rsa_parse_pkcs1_key:1:"308189028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001020100":0 RSA priv key write - incremental output buffer size rsa_key_write_incremental:0:"3063020100021100cc8ab070369ede72920e5a51523c857102030100010211009a6318982a7231de1894c54aa4909201020900f3058fd8dc484d61020900d7770dbd8b78a2110209009471f14c26428401020813425f060c4b72210208052b93d01747a87c" From 864519793777dd9bfd416c3a60a272f6d0622934 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 5 Feb 2024 09:50:20 +0100 Subject: [PATCH 1629/1674] psa_util: fix documentation of ECDSA conversion functions Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 15e92e36f..b7b710f65 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -184,35 +184,33 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa #if defined(MBEDTLS_PSA_UTIL_HAVE_ECDSA) -/** Convert an ECDSA signature from raw format (used by PSA APIs) to DER ASN.1 - * format (used by legacy crypto APIs). +/** Convert an ECDSA signature from raw format to DER ASN.1 format. * * \param raw Buffer that contains the signature in raw format. - * \param raw_len Length of raw buffer in bytes + * \param raw_len Length of \p raw in bytes. * \param[out] der Buffer that will be filled with the converted DER * output. It can overlap with raw buffer. - * \param der_size Size of the output der buffer in bytes. + * \param der_size Size of \p der in bytes. * \param[out] der_len On success it contains the amount of valid data - * (in bytes) written to der buffer. It's undefined + * (in bytes) written to \p der. It's undefined * in case of failure. - * \param bits Size of each raw coordinate in bits. + * \param bits Size of each coordinate in bits. */ int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, unsigned char *der, size_t der_size, size_t *der_len, size_t bits); -/** Convert an ECDSA signature from DER ASN.1 format (used by legacy crypto - * APIs) to raw format (used by PSA APIs). +/** Convert an ECDSA signature from DER ASN.1 format to raw format. * * \param der Buffer that contains the signature in DER format. - * \param der_len Size of the der buffer in bytes. + * \param der_len Size of \p der in bytes. * \param[out] raw Buffer that will be filled with the converted raw * signature. It can overlap with der buffer. - * \param raw_size Size of the raw buffer in bytes. + * \param raw_size Size of \p raw in bytes. * \param[out] raw_len On success it is updated with the amount of valid - * data (in bytes) written to raw buffer. It's undefined + * data (in bytes) written to \p raw. It's undefined * in case of failure. - * \param bits Size of each raw coordinate in bits. + * \param bits Size of each coordinate in bits. */ int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, unsigned char *raw, size_t raw_size, size_t *raw_len, From 315e4afc0a6bc4e55340fe8de7891e076e277da5 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 5 Feb 2024 10:09:15 +0100 Subject: [PATCH 1630/1674] psa_util: change parameters order in ECDSA conversion functions Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 14 ++++++------- library/pk_wrap.c | 7 +++---- library/psa_util.c | 10 ++++------ .../test_suite_psa_crypto_util.function | 20 ++++++++----------- 4 files changed, 21 insertions(+), 30 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index b7b710f65..06732d8c5 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -186,6 +186,7 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa /** Convert an ECDSA signature from raw format to DER ASN.1 format. * + * \param bits Size of each coordinate in bits. * \param raw Buffer that contains the signature in raw format. * \param raw_len Length of \p raw in bytes. * \param[out] der Buffer that will be filled with the converted DER @@ -194,14 +195,13 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa * \param[out] der_len On success it contains the amount of valid data * (in bytes) written to \p der. It's undefined * in case of failure. - * \param bits Size of each coordinate in bits. */ -int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, - unsigned char *der, size_t der_size, size_t *der_len, - size_t bits); +int mbedtls_ecdsa_raw_to_der(size_t bits, const unsigned char *raw, size_t raw_len, + unsigned char *der, size_t der_size, size_t *der_len); /** Convert an ECDSA signature from DER ASN.1 format to raw format. * + * \param bits Size of each coordinate in bits. * \param der Buffer that contains the signature in DER format. * \param der_len Size of \p der in bytes. * \param[out] raw Buffer that will be filled with the converted raw @@ -210,11 +210,9 @@ int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, * \param[out] raw_len On success it is updated with the amount of valid * data (in bytes) written to \p raw. It's undefined * in case of failure. - * \param bits Size of each coordinate in bits. */ -int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, - unsigned char *raw, size_t raw_size, size_t *raw_len, - size_t bits); +int mbedtls_ecdsa_der_to_raw(size_t bits, const unsigned char *der, size_t der_len, + unsigned char *raw, size_t raw_size, size_t *raw_len); #endif /* MBEDTLS_PSA_UTIL_HAVE_ECDSA */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 9a29d929e..c45fbd436 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -573,9 +573,8 @@ static int ecdsa_verify_psa(unsigned char *key, size_t key_len, } p = (unsigned char *) sig; - ret = mbedtls_ecdsa_der_to_raw(p, sig_len, extracted_sig, - sizeof(extracted_sig), &converted_sig_len, - curve_bits); + ret = mbedtls_ecdsa_der_to_raw(curve_bits, p, sig_len, extracted_sig, + sizeof(extracted_sig), &converted_sig_len); if (ret != 0) { goto cleanup; } @@ -730,7 +729,7 @@ static int ecdsa_sign_psa(mbedtls_svc_key_id_t key_id, mbedtls_md_type_t md_alg, } done: - ret = mbedtls_ecdsa_raw_to_der(sig, sig_size, sig, sig_size, sig_len, key_bits); + ret = mbedtls_ecdsa_raw_to_der(key_bits, sig, sig_size, sig, sig_size, sig_len); return ret; } diff --git a/library/psa_util.c b/library/psa_util.c index b13d83d47..2491f2e45 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -402,9 +402,8 @@ static int convert_raw_to_der_single_int(const unsigned char *raw_buf, size_t ra return len; } -int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, - unsigned char *der, size_t der_size, size_t *der_len, - size_t bits) +int mbedtls_ecdsa_raw_to_der(size_t bits, const unsigned char *raw, size_t raw_len, + unsigned char *der, size_t der_size, size_t *der_len) { unsigned char r[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)]; unsigned char s[PSA_BITS_TO_BYTES(PSA_VENDOR_ECC_MAX_CURVE_BITS)]; @@ -511,9 +510,8 @@ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, return (int) (p - der); } -int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, - unsigned char *raw, size_t raw_size, size_t *raw_len, - size_t bits) +int mbedtls_ecdsa_der_to_raw(size_t bits, const unsigned char *der, size_t der_len, + unsigned char *raw, size_t raw_size, size_t *raw_len) { unsigned char raw_tmp[PSA_VENDOR_ECDSA_SIGNATURE_MAX_SIZE]; unsigned char *p = (unsigned char *) der; diff --git a/tests/suites/test_suite_psa_crypto_util.function b/tests/suites/test_suite_psa_crypto_util.function index 9dc95b659..c102b0761 100644 --- a/tests/suites/test_suite_psa_crypto_util.function +++ b/tests/suites/test_suite_psa_crypto_util.function @@ -12,9 +12,8 @@ void ecdsa_raw_to_der(int key_bits, data_t *input, data_t *exp_result, int exp_r TEST_CALLOC(tmp_buf, tmp_buf_len); - TEST_EQUAL(mbedtls_ecdsa_raw_to_der(input->x, input->len, - tmp_buf, tmp_buf_len, &ret_len, - key_bits), exp_ret); + TEST_EQUAL(mbedtls_ecdsa_raw_to_der(key_bits, input->x, input->len, + tmp_buf, tmp_buf_len, &ret_len), exp_ret); if (exp_ret == 0) { ASSERT_COMPARE(exp_result->x, exp_result->len, tmp_buf, ret_len); @@ -35,17 +34,15 @@ void ecdsa_raw_to_der_incremental(int key_bits, data_t *input, data_t *exp_resul for (i = 1; i < tmp_buf_len; i++) { TEST_CALLOC(tmp_buf, i); - TEST_ASSERT(mbedtls_ecdsa_raw_to_der(input->x, input->len, - tmp_buf, i, &ret_len, - key_bits) != 0); + TEST_ASSERT(mbedtls_ecdsa_raw_to_der(key_bits, input->x, input->len, + tmp_buf, i, &ret_len) != 0); mbedtls_free(tmp_buf); tmp_buf = NULL; } TEST_CALLOC(tmp_buf, i); - TEST_EQUAL(mbedtls_ecdsa_raw_to_der(input->x, input->len, - tmp_buf, i, &ret_len, - key_bits), 0); + TEST_EQUAL(mbedtls_ecdsa_raw_to_der(key_bits, input->x, input->len, + tmp_buf, i, &ret_len), 0); exit: mbedtls_free(tmp_buf); } @@ -60,9 +57,8 @@ void ecdsa_der_to_raw(int key_bits, data_t *input, data_t *exp_result, int exp_r TEST_CALLOC(tmp_buf, tmp_buf_len); - TEST_EQUAL(mbedtls_ecdsa_der_to_raw(input->x, input->len, - tmp_buf, tmp_buf_len, &ret_len, - key_bits), exp_ret); + TEST_EQUAL(mbedtls_ecdsa_der_to_raw(key_bits, input->x, input->len, + tmp_buf, tmp_buf_len, &ret_len), exp_ret); if (exp_ret == 0) { ASSERT_COMPARE(exp_result->x, exp_result->len, tmp_buf, ret_len); From 6932e290572f2870f66003228b63d11044c49313 Mon Sep 17 00:00:00 2001 From: Antonio de Angelis Date: Mon, 5 Feb 2024 09:49:43 +0000 Subject: [PATCH 1631/1674] Correct the ENCODES_OWNER macro name in comment Signed-off-by: Antonio de Angelis --- include/psa/crypto_struct.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 8216f28ba..ca264e3ab 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -243,7 +243,7 @@ typedef struct { psa_key_attributes_flag_t MBEDTLS_PRIVATE(flags); /* This type has a different layout in the client view wrt the * service view of the key id, i.e. in service view usually is - * expected to have MBEDTLS_SVC_KEY_ID_ENCODES_OWNER defined + * expected to have MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined * thus adding an owner field to the standard psa_key_id_t. For * implementations with client/service separation, this means the * object will be marshalled through a transport channel and From 954ef4bbd5727a92113732e51622af374d2f736f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 5 Feb 2024 12:06:46 +0100 Subject: [PATCH 1632/1674] psa_util: improve convert_raw_to_der_single_int() Allow the function to support DER buffers than what it is nominally required by the provided coordinates. In other words let's ignore padding zeros in the raw number. Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 7 +++++- library/psa_util.c | 25 ++++++++++--------- tests/suites/test_suite_psa_crypto_util.data | 4 +++ .../test_suite_psa_crypto_util.function | 13 +++++++--- 4 files changed, 33 insertions(+), 16 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 06732d8c5..132c73f23 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -191,7 +191,12 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa * \param raw_len Length of \p raw in bytes. * \param[out] der Buffer that will be filled with the converted DER * output. It can overlap with raw buffer. - * \param der_size Size of \p der in bytes. + * \param der_size Size of \p der in bytes. Given \p bits parameter: + * * #MBEDTLS_ECDSA_MAX_SIG_LEN(\p bits) can be used + * to determine a large enough buffer for any + * \p raw input vector. + * * The minimum size might be smaller in case + * \p raw input vector contains padding zeros. * \param[out] der_len On success it contains the amount of valid data * (in bytes) written to \p der. It's undefined * in case of failure. diff --git a/library/psa_util.c b/library/psa_util.c index 2491f2e45..4e350c097 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -365,9 +365,21 @@ static int convert_raw_to_der_single_int(const unsigned char *raw_buf, size_t ra unsigned char *der_buf_end) { unsigned char *p = der_buf_end; - int len = (int) raw_len; + int len; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + /* ASN.1 DER encoding requires minimal length, so skip leading 0s. + * Provided input MPIs should not be 0, but as a failsafe measure, still + * detect that and return error in case. */ + while (*raw_buf == 0x00) { + ++raw_buf; + --raw_len; + if (raw_len == 0) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + } + len = (int) raw_len; + /* Copy the raw coordinate to the end of der_buf. */ if ((p - der_buf_start) < len) { return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL; @@ -375,17 +387,6 @@ static int convert_raw_to_der_single_int(const unsigned char *raw_buf, size_t ra p -= len; memcpy(p, raw_buf, len); - /* ASN.1 DER encoding requires minimal length, so skip leading 0s. - * Provided input MPIs should not be 0, but as a failsafe measure, still - * detect that and return error in case. */ - while (*p == 0x00) { - ++p; - --len; - if (len == 0) { - return MBEDTLS_ERR_ASN1_INVALID_DATA; - } - } - /* If MSb is 1, ASN.1 requires that we prepend a 0. */ if (*p & 0x80) { if ((p - der_buf_start) < 1) { diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index c92b5fcc1..606e56399 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -115,3 +115,7 @@ ecdsa_raw_to_der_incremental:512:"9111111111111111111111111111111111111111111111 ECDSA Raw -> DER, 521bit, Incremental DER buffer sizes depends_on:PSA_WANT_ECC_SECP_R1_521 ecdsa_raw_to_der_incremental:528:"911111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"3081890243009111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222" + +ECDSA Raw -> DER, 256bit, DER buffer of minimal length (1 byte per integer) +depends_on:PSA_WANT_ECC_SECP_K1_256 +ecdsa_raw_to_der_incremental:256:"00000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000002":"3006020101020102" diff --git a/tests/suites/test_suite_psa_crypto_util.function b/tests/suites/test_suite_psa_crypto_util.function index c102b0761..51f42a7bd 100644 --- a/tests/suites/test_suite_psa_crypto_util.function +++ b/tests/suites/test_suite_psa_crypto_util.function @@ -32,6 +32,7 @@ void ecdsa_raw_to_der_incremental(int key_bits, data_t *input, data_t *exp_resul size_t ret_len; size_t i; + /* Test with an output buffer smaller than required (expexted to fail). */ for (i = 1; i < tmp_buf_len; i++) { TEST_CALLOC(tmp_buf, i); TEST_ASSERT(mbedtls_ecdsa_raw_to_der(key_bits, input->x, input->len, @@ -39,10 +40,16 @@ void ecdsa_raw_to_der_incremental(int key_bits, data_t *input, data_t *exp_resul mbedtls_free(tmp_buf); tmp_buf = NULL; } + /* Test with an output buffer larger/equal than required (expexted to + * succeed). */ + for (i = tmp_buf_len; i < (2 * tmp_buf_len); i++) { + TEST_CALLOC(tmp_buf, i); + TEST_ASSERT(mbedtls_ecdsa_raw_to_der(key_bits, input->x, input->len, + tmp_buf, i, &ret_len) == 0); + mbedtls_free(tmp_buf); + tmp_buf = NULL; + } - TEST_CALLOC(tmp_buf, i); - TEST_EQUAL(mbedtls_ecdsa_raw_to_der(key_bits, input->x, input->len, - tmp_buf, i, &ret_len), 0); exit: mbedtls_free(tmp_buf); } From e01a2b03c63ef2fd087d850a6a006231417e5f71 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 5 Feb 2024 15:16:36 +0100 Subject: [PATCH 1633/1674] psa_util: update documentation for mbedtls_ecdsa_der_to_raw() Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 132c73f23..8868bc13a 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -211,7 +211,8 @@ int mbedtls_ecdsa_raw_to_der(size_t bits, const unsigned char *raw, size_t raw_l * \param der_len Size of \p der in bytes. * \param[out] raw Buffer that will be filled with the converted raw * signature. It can overlap with der buffer. - * \param raw_size Size of \p raw in bytes. + * \param raw_size Size of \p raw in bytes. Must be at least + * 2 * PSA_BITS_TO_BYTES(bits) bytes. * \param[out] raw_len On success it is updated with the amount of valid * data (in bytes) written to \p raw. It's undefined * in case of failure. From 2bd0ecdf4582ee04877c028c456ecf487d47dc9b Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 5 Feb 2024 15:25:15 +0100 Subject: [PATCH 1634/1674] psa_util: improve documentation for convert_raw_to_der_single_int() Signed-off-by: Valerio Setti --- library/psa_util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_util.c b/library/psa_util.c index 4e350c097..1bb02e907 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -346,7 +346,7 @@ mbedtls_ecp_group_id mbedtls_ecc_group_from_psa(psa_ecc_family_t family, * * \param raw_buf Buffer containing the raw coordinate to be * converted. - * \param raw_len Length of raw_buf in bytes. + * \param raw_len Length of raw_buf in bytes. This must be > 0. * \param der_buf_start Pointer to the beginning of the buffer which * will be filled with the DER converted data. * \param der_buf_end End of the buffer used to store the DER output. From 8334d00772c155c41eb1a735417fd98dfd0382ee Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 5 Feb 2024 15:35:26 +0100 Subject: [PATCH 1635/1674] psa_util: improve check of raw_len in mbedtls_ecdsa_raw_to_der() Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 3 ++- library/psa_util.c | 2 +- tests/suites/test_suite_psa_crypto_util.data | 8 ++++++++ 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 8868bc13a..a5f09a4f4 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -188,7 +188,8 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa * * \param bits Size of each coordinate in bits. * \param raw Buffer that contains the signature in raw format. - * \param raw_len Length of \p raw in bytes. + * \param raw_len Length of \p raw in bytes. This must be + * PSA_BITS_TO_BYTES(bits) bytes. * \param[out] der Buffer that will be filled with the converted DER * output. It can overlap with raw buffer. * \param der_size Size of \p der in bytes. Given \p bits parameter: diff --git a/library/psa_util.c b/library/psa_util.c index 1bb02e907..f3fcd1d8c 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -413,7 +413,7 @@ int mbedtls_ecdsa_raw_to_der(size_t bits, const unsigned char *raw, size_t raw_l unsigned char *p = der + der_size; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if (raw_len < 2 * coordinate_len) { + if ((raw_len < 2 * coordinate_len) || (raw_len > 2 * coordinate_len)) { return MBEDTLS_ERR_ASN1_INVALID_DATA; } diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 606e56399..580622f8c 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -26,6 +26,14 @@ ECDSA Raw -> DER, 256bit, s with MSb set depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_raw_to_der:256:"1111111111111111111111111111111111111111111111111111111111111111A222222222222222222222222222222222222222222222222222222222222222":"304502201111111111111111111111111111111111111111111111111111111111111111022100A222222222222222222222222222222222222222222222222222222222222222":0 +ECDSA Raw -> DER, 256bit, Invalid raw signature (1 byte shorter) +depends_on:PSA_WANT_ECC_SECP_K1_256 +ecdsa_raw_to_der:256:"111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA + +ECDSA Raw -> DER, 256bit, Invalid raw signature (1 byte longer) +depends_on:PSA_WANT_ECC_SECP_K1_256 +ecdsa_raw_to_der:256:"1111111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA + ECDSA DER -> Raw, 256bit, Success depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":0 From bec1d842ac2a38d37a30fee182a7246ead5c41c9 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 5 Feb 2024 15:50:02 +0100 Subject: [PATCH 1636/1674] psa_util: convert_der_to_raw_single_int() accepts also all zero integers These values are not mathematically valid as signature, but as for what it concerns with ECDSA conversion functions, 0 values in DER format should be translated to 0 values in raw format. Signed-off-by: Valerio Setti --- library/psa_util.c | 4 ---- tests/suites/test_suite_psa_crypto_util.data | 24 +++++++++++++------- 2 files changed, 16 insertions(+), 12 deletions(-) diff --git a/library/psa_util.c b/library/psa_util.c index f3fcd1d8c..0a77855b0 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -493,10 +493,6 @@ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, p++; unpadded_len--; } - /* It should never happen that the input number has 0 length. */ - if (unpadded_len == 0) { - return MBEDTLS_ERR_ASN1_INVALID_DATA; - } if (unpadded_len > coordinate_size) { /* Parsed number is longer than the maximum expected value. */ diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 580622f8c..f12a4bb72 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -74,21 +74,29 @@ ECDSA DER -> Raw, 256bit, r with MSb set depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"3045022100911111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"91111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":0 -ECDSA DER -> Raw, 256bit, Invalid r (only 1 zero byte) +ECDSA DER -> Raw, 256bit, Valid r all zeros depends_on:PSA_WANT_ECC_SECP_K1_256 -ecdsa_der_to_raw:256:"302502010002202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA +ecdsa_der_to_raw:256:"30440220000000000000000000000000000000000000000000000000000000000000000002202222222222222222222222222222222222222222222222222222222222222222":"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":0 -ECDSA DER -> Raw, 256bit, Invalid s (only 1 zero byte) +ECDSA DER -> Raw, 256bit, Valid s all zeros depends_on:PSA_WANT_ECC_SECP_K1_256 -ecdsa_der_to_raw:256:"302502201111111111111111111111111111111111111111111111111111111111111111020100":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA +ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102200000000000000000000000000000000000000000000000000000000000000000":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":0 -ECDSA DER -> Raw, 256bit, Invalid r (0-length) +ECDSA DER -> Raw, 256bit, Valid r only 1 zero byte depends_on:PSA_WANT_ECC_SECP_K1_256 -ecdsa_der_to_raw:256:"3024020002202222222222222222222222222222222222222222222222222222222222222222":"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA +ecdsa_der_to_raw:256:"302502010002202222222222222222222222222222222222222222222222222222222222222222":"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":0 -ECDSA DER -> Raw, 256bit,Invalid s (0-length) +ECDSA DER -> Raw, 256bit, Valid s only 1 zero byte depends_on:PSA_WANT_ECC_SECP_K1_256 -ecdsa_der_to_raw:256:"3024022011111111111111111111111111111111111111111111111111111111111111110200":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ASN1_INVALID_DATA +ecdsa_der_to_raw:256:"302502201111111111111111111111111111111111111111111111111111111111111111020100":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":0 + +ECDSA DER -> Raw, 256bit, Valid 0-length r +depends_on:PSA_WANT_ECC_SECP_K1_256 +ecdsa_der_to_raw:256:"3024020002202222222222222222222222222222222222222222222222222222222222222222":"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":0 + +ECDSA DER -> Raw, 256bit, Valid 0-length s +depends_on:PSA_WANT_ECC_SECP_K1_256 +ecdsa_der_to_raw:256:"3024022011111111111111111111111111111111111111111111111111111111111111110200":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":0 # 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. ECDSA Raw -> DER, 512bit, Success From 05c256fb3639d3ae3ca414d309851e45fdb36ca4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 5 Feb 2024 16:02:11 +0100 Subject: [PATCH 1637/1674] psa_util: minor performance improvement in mbedtls_ecdsa_der_to_raw() Signed-off-by: Valerio Setti --- library/psa_util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_util.c b/library/psa_util.c index 0a77855b0..7e79b1ce8 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -529,7 +529,7 @@ int mbedtls_ecdsa_der_to_raw(size_t bits, const unsigned char *der, size_t der_l return ret; } - memset(raw_tmp, 0, sizeof(raw_tmp)); + memset(raw_tmp, 0, 2 * coordinate_size); /* Extract r */ ret = convert_der_to_raw_single_int(p, data_len, raw_tmp, coordinate_size); From 091bdc416d5056554bb8963054357423165662b7 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 5 Feb 2024 16:17:44 +0100 Subject: [PATCH 1638/1674] psa_util: enhance checks on leading zeros in convert_der_to_raw_single_int() Signed-off-by: Valerio Setti --- library/psa_util.c | 10 ++++++++++ tests/suites/test_suite_psa_crypto_util.data | 12 ++++++++---- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/library/psa_util.c b/library/psa_util.c index 7e79b1ce8..674f21b9b 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -488,10 +488,20 @@ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, return ret; } + /* It's invalid to have MSb set without a leading 0x00 (leading 0x00 is + * checked below). */ + if ((*p & 0x80) != 0) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } + /* Skip possible leading zero */ if ((unpadded_len > 0) && (*p == 0x00)) { p++; unpadded_len--; + /* Only 1 leading zero is allowed, otherwise that's an error. */ + if (*p == 0x00) { + return MBEDTLS_ERR_ASN1_INVALID_DATA; + } } if (unpadded_len > coordinate_size) { diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index f12a4bb72..568f6c571 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -74,13 +74,13 @@ ECDSA DER -> Raw, 256bit, r with MSb set depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"3045022100911111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"91111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":0 -ECDSA DER -> Raw, 256bit, Valid r all zeros +ECDSA DER -> Raw, 256bit, Invalid r all zeros depends_on:PSA_WANT_ECC_SECP_K1_256 -ecdsa_der_to_raw:256:"30440220000000000000000000000000000000000000000000000000000000000000000002202222222222222222222222222222222222222222222222222222222222222222":"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":0 +ecdsa_der_to_raw:256:"30440220000000000000000000000000000000000000000000000000000000000000000002202222222222222222222222222222222222222222222222222222222222222222":"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA -ECDSA DER -> Raw, 256bit, Valid s all zeros +ECDSA DER -> Raw, 256bit, Invalid s all zeros depends_on:PSA_WANT_ECC_SECP_K1_256 -ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102200000000000000000000000000000000000000000000000000000000000000000":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":0 +ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102200000000000000000000000000000000000000000000000000000000000000000":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA DER -> Raw, 256bit, Valid r only 1 zero byte depends_on:PSA_WANT_ECC_SECP_K1_256 @@ -98,6 +98,10 @@ ECDSA DER -> Raw, 256bit, Valid 0-length s depends_on:PSA_WANT_ECC_SECP_K1_256 ecdsa_der_to_raw:256:"3024022011111111111111111111111111111111111111111111111111111111111111110200":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":0 +ECDSA DER -> Raw, 256bit, Invalid r: MSb set without leading zero +depends_on:PSA_WANT_ECC_SECP_K1_256 +ecdsa_der_to_raw:256:"30440220911111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA + # 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. ECDSA Raw -> DER, 512bit, Success depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 From 110126110da3316451f9ddf7d4f011973c6d1a17 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 5 Feb 2024 16:24:18 +0100 Subject: [PATCH 1639/1674] test_suite_psa_util: use more generic symbols for test case dependencies Use PSA_VENDOR_ECC_MAX_CURVE_BITS instead of a specific curve since what we care about is only bit-size not the curve itself. Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 68 ++++++++++---------- 1 file changed, 34 insertions(+), 34 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 568f6c571..69e4e19e9 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -1,141 +1,141 @@ ECDSA Raw -> DER, 256bit, Success -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":0 ECDSA Raw -> DER, 256bit, Raw data too short -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA Raw -> DER, 256bit, DER buffer too small -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"304402201111111111111111111111111111111111111111111111111111111111111111022022222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ECDSA Raw -> DER, 256bit, Null r -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA Raw -> DER, 256bit, Null s -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA Raw -> DER, 256bit, r with MSb set -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"91111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"3045022100911111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":0 ECDSA Raw -> DER, 256bit, s with MSb set -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"1111111111111111111111111111111111111111111111111111111111111111A222222222222222222222222222222222222222222222222222222222222222":"304502201111111111111111111111111111111111111111111111111111111111111111022100A222222222222222222222222222222222222222222222222222222222222222":0 ECDSA Raw -> DER, 256bit, Invalid raw signature (1 byte shorter) -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA Raw -> DER, 256bit, Invalid raw signature (1 byte longer) -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"1111111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA DER -> Raw, 256bit, Success -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":0 ECDSA DER -> Raw, 256bit, Raw buffer too small -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ECDSA DER -> Raw, 256bit, Wrong sequence tag -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"40440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ECDSA DER -> Raw, 256bit, Invalid sequence length -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30ff0220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_LENGTH ECDSA DER -> Raw, 256bit, Wrong integer tag -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440120111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ECDSA DER -> Raw, 256bit, Wrong r integer length (too small) -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440219111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ECDSA DER -> Raw, 256bit, Wrong r integer length (too large) -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440221111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA DER -> Raw, 256bit, Wrong s integer length (too small) -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102192222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ECDSA DER -> Raw, 256bit, Wrong s integer length (too large) -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102212222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_OUT_OF_DATA ECDSA DER -> Raw, 256bit, r with MSb set -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"3045022100911111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"91111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":0 ECDSA DER -> Raw, 256bit, Invalid r all zeros -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440220000000000000000000000000000000000000000000000000000000000000000002202222222222222222222222222222222222222222222222222222222222222222":"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA DER -> Raw, 256bit, Invalid s all zeros -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102200000000000000000000000000000000000000000000000000000000000000000":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA DER -> Raw, 256bit, Valid r only 1 zero byte -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"302502010002202222222222222222222222222222222222222222222222222222222222222222":"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":0 ECDSA DER -> Raw, 256bit, Valid s only 1 zero byte -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"302502201111111111111111111111111111111111111111111111111111111111111111020100":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":0 ECDSA DER -> Raw, 256bit, Valid 0-length r -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"3024020002202222222222222222222222222222222222222222222222222222222222222222":"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":0 ECDSA DER -> Raw, 256bit, Valid 0-length s -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"3024022011111111111111111111111111111111111111111111111111111111111111110200":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":0 ECDSA DER -> Raw, 256bit, Invalid r: MSb set without leading zero -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440220911111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA # 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. ECDSA Raw -> DER, 512bit, Success -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 512 ecdsa_raw_to_der:512:"1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"308184024011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111024022222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 # 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. ECDSA DER -> Raw, 512bit, Success -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 512 ecdsa_der_to_raw:512:"308184024011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111024022222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 # 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. # Bit length is rounded up to 528 to be multiple of 8. ECDSA Raw -> DER, 521bit, Success -depends_on:PSA_WANT_ECC_SECP_R1_521 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 521 ecdsa_raw_to_der:528:"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"30818802421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 # 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. # Bit length is rounded up to 528 to be multiple of 8. ECDSA DER -> Raw, 521bit, Success -depends_on:PSA_WANT_ECC_SECP_R1_521 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 521 ecdsa_der_to_raw:528:"30818802421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 ECDSA Raw -> DER, 256bit, Incremental DER buffer sizes -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der_incremental:256:"91111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"3045022100911111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222" ECDSA Raw -> DER, 512bit, Incremental DER buffer sizes -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 512 ecdsa_raw_to_der_incremental:512:"9111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"30818502410091111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111024022222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222" ECDSA Raw -> DER, 521bit, Incremental DER buffer sizes -depends_on:PSA_WANT_ECC_SECP_R1_521 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 521 ecdsa_raw_to_der_incremental:528:"911111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"3081890243009111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222" ECDSA Raw -> DER, 256bit, DER buffer of minimal length (1 byte per integer) -depends_on:PSA_WANT_ECC_SECP_K1_256 +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der_incremental:256:"00000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000002":"3006020101020102" From 31e2d83eeef6a4dc564b1791a5ab31ecc5a3c593 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 5 Feb 2024 16:45:57 +0100 Subject: [PATCH 1640/1674] tls13: srv: Improve coding Signed-off-by: Ronald Cron --- library/ssl_tls13_server.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 93748a6a2..5f6d1a18a 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1879,11 +1879,9 @@ static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_EARLY_DATA) if (ssl->handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) { - ssl->handshake->early_data_accepted = 0; - if (!hrr_required) { - ssl->handshake->early_data_accepted = - (ssl_tls13_check_early_data_requirements(ssl) == 0); - } + ssl->handshake->early_data_accepted = + (!hrr_required) && (ssl_tls13_check_early_data_requirements(ssl) == 0); + if (ssl->handshake->early_data_accepted) { ret = mbedtls_ssl_tls13_compute_early_transform(ssl); if (ret != 0) { From 71c6e65d83844da1bc15451743bc44a6db75eca4 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 5 Feb 2024 16:48:10 +0100 Subject: [PATCH 1641/1674] tls13: ssl_msg.c: Improve/add comments Signed-off-by: Ronald Cron --- library/ssl_msg.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 2fe084c4d..7af9fd2b4 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -4005,7 +4005,7 @@ static int ssl_prepare_record_content(mbedtls_ssl_context *ssl, MBEDTLS_SSL_EARLY_DATA_TRY_TO_DEPROTECT_AND_DISCARD)) { MBEDTLS_SSL_DEBUG_MSG( 3, ("EarlyData: deprotect and discard app data records.")); - /* TODO: Add max_early_data_size check here. */ + /* TODO: Add max_early_data_size check here, see issue 6347 */ ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; } #endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_SRV_C */ @@ -4019,6 +4019,10 @@ static int ssl_prepare_record_content(mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ + /* + * The decryption of the record failed, no reason to ignore it, + * return in error with the decryption error code. + */ return ret; } @@ -4127,7 +4131,7 @@ static int ssl_prepare_record_content(mbedtls_ssl_context *ssl, if (rec->type == MBEDTLS_SSL_MSG_APPLICATION_DATA) { MBEDTLS_SSL_DEBUG_MSG( 3, ("EarlyData: Ignore application message before 2nd ClientHello")); - /* TODO: Add max_early_data_size check here. */ + /* TODO: Add max_early_data_size check here, see issue 6347 */ return MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; } else if (rec->type == MBEDTLS_SSL_MSG_HANDSHAKE) { ssl->discard_early_data_record = MBEDTLS_SSL_EARLY_DATA_NO_DISCARD; From 1792bb44a0aac407b8d87b08eeba487e19ac854f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 5 Feb 2024 17:34:49 +0100 Subject: [PATCH 1642/1674] test_suite_psa_crypto_util: add more test cases Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 28 +++++++++++++++++--- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 69e4e19e9..7f3f5b50b 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -26,6 +26,18 @@ ECDSA Raw -> DER, 256bit, s with MSb set depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"1111111111111111111111111111111111111111111111111111111111111111A222222222222222222222222222222222222222222222222222222222222222":"304502201111111111111111111111111111111111111111111111111111111111111111022100A222222222222222222222222222222222222222222222222222222222222222":0 +ECDSA Raw -> DER, 256bit, both r and s with MSb set +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 +ecdsa_raw_to_der:256:"A111111111111111111111111111111111111111111111111111111111111111A222222222222222222222222222222222222222222222222222222222222222":"3046022100A111111111111111111111111111111111111111111111111111111111111111022100A222222222222222222222222222222222222222222222222222222222222222":0 + +ECDSA Raw -> DER, 256bit, r and s only 1 byte of data +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 +ecdsa_raw_to_der:256:"00000000000000000000000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000022":"3006020111020122":0 + +ECDSA Raw -> DER, 256bit, r and s only 1 byte of data with MSb set +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 +ecdsa_raw_to_der:256:"000000000000000000000000000000000000000000000000000000000000009100000000000000000000000000000000000000000000000000000000000000A2":"300802020091020200A2":0 + ECDSA Raw -> DER, 256bit, Invalid raw signature (1 byte shorter) depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA @@ -54,22 +66,26 @@ ECDSA DER -> Raw, 256bit, Wrong integer tag depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440120111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -ECDSA DER -> Raw, 256bit, Wrong r integer length (too small) +ECDSA DER -> Raw, 256bit, Wrong r integer length (1 byte smaller than the actual size) depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440219111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -ECDSA DER -> Raw, 256bit, Wrong r integer length (too large) +ECDSA DER -> Raw, 256bit, Wrong r integer length (1 byte larger than the actual size) depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440221111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA -ECDSA DER -> Raw, 256bit, Wrong s integer length (too small) +ECDSA DER -> Raw, 256bit, Wrong s integer length (1 byte smaller than the actual size) depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102192222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -ECDSA DER -> Raw, 256bit, Wrong s integer length (too large) +ECDSA DER -> Raw, 256bit, Wrong s integer length (1 byte larger than the actual size) depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102212222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_OUT_OF_DATA +ECDSA DER -> Raw, 256bit, r size 1 byte larger than allowed for output raw coordinate +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 +ecdsa_der_to_raw:256:"3045022111111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA + ECDSA DER -> Raw, 256bit, r with MSb set depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"3045022100911111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"91111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":0 @@ -118,6 +134,10 @@ ECDSA Raw -> DER, 521bit, Success depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 521 ecdsa_raw_to_der:528:"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"30818802421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 +ECDSA Raw -> DER, 521bit, Success (integers exactly 521 bits) +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 521 +ecdsa_raw_to_der:528:"011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111012222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"30818802420111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242012222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 + # 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. # Bit length is rounded up to 528 to be multiple of 8. ECDSA DER -> Raw, 521bit, Success From 0e60e93c12002b1aae6fb77e647b3cfdba64134e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 5 Feb 2024 17:59:42 +0100 Subject: [PATCH 1643/1674] test_suite_psa_crypto_util: improve ecdsa_der_to_raw() Check that the parsing always fails if the input is truncated. Signed-off-by: Valerio Setti --- .../test_suite_psa_crypto_util.function | 27 ++++++++++++++----- 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_util.function b/tests/suites/test_suite_psa_crypto_util.function index 51f42a7bd..fe811e062 100644 --- a/tests/suites/test_suite_psa_crypto_util.function +++ b/tests/suites/test_suite_psa_crypto_util.function @@ -58,20 +58,35 @@ exit: /* BEGIN_CASE depends_on:MBEDTLS_PSA_UTIL_HAVE_ECDSA */ void ecdsa_der_to_raw(int key_bits, data_t *input, data_t *exp_result, int exp_ret) { - unsigned char *tmp_buf = NULL; - size_t tmp_buf_len = exp_result->len; + unsigned char *in_buf = NULL; + size_t in_buf_len; + unsigned char *out_buf = NULL; + size_t out_buf_len = exp_result->len; size_t ret_len; - TEST_CALLOC(tmp_buf, tmp_buf_len); + TEST_CALLOC(out_buf, out_buf_len); + + /* Verify that parsing of truncated input always fails. */ + for (in_buf_len = 1; in_buf_len < input->len; in_buf_len++) { + /* We alloc a copy of input buffer with limited length so that sanitizers + * can detect overreads. */ + TEST_CALLOC(in_buf, in_buf_len); + memcpy(in_buf, input->x, in_buf_len); + TEST_ASSERT(mbedtls_ecdsa_der_to_raw(key_bits, in_buf, in_buf_len, + out_buf, out_buf_len, &ret_len) != 0); + mbedtls_free(in_buf); + in_buf = NULL; + } TEST_EQUAL(mbedtls_ecdsa_der_to_raw(key_bits, input->x, input->len, - tmp_buf, tmp_buf_len, &ret_len), exp_ret); + out_buf, out_buf_len, &ret_len), exp_ret); if (exp_ret == 0) { - ASSERT_COMPARE(exp_result->x, exp_result->len, tmp_buf, ret_len); + ASSERT_COMPARE(exp_result->x, exp_result->len, out_buf, ret_len); } exit: - mbedtls_free(tmp_buf); + mbedtls_free(in_buf); + mbedtls_free(out_buf); } /* END_CASE */ From 33327dab8564bff155ec067a281e0e961390e7bf Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 5 Feb 2024 17:46:41 +0100 Subject: [PATCH 1644/1674] tests: early data: Switch to mnemonics for test scenarios Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.data | 6 ++--- tests/suites/test_suite_ssl.function | 37 +++++++++++++--------------- 2 files changed, 20 insertions(+), 23 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index e5e4c1e00..86945cc7b 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -3275,10 +3275,10 @@ TLS 1.3 resume session with ticket tls13_resume_session_with_ticket TLS 1.3 early data, reference -tls13_early_data:"reference" +tls13_early_data:TEST_EARLY_DATA_REFERENCE TLS 1.3 early data, deprotect and discard -tls13_early_data:"deprotect and discard" +tls13_early_data:TEST_EARLY_DATA_DEPROTECT_AND_DISCARD TLS 1.3 early data, discard after HRR -tls13_early_data:"discard after HRR" +tls13_early_data:TEST_EARLY_DATA_DISCARD_AFTER_HRR diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 807b5ab71..cbb29b6fb 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -12,6 +12,11 @@ #define SSL_MESSAGE_QUEUE_INIT { NULL, 0, 0, 0 } +/* Mnemonics for the early data test scenarios */ +#define TEST_EARLY_DATA_REFERENCE 0 +#define TEST_EARLY_DATA_DEPROTECT_AND_DISCARD 1 +#define TEST_EARLY_DATA_DISCARD_AFTER_HRR 2 + #if (!defined(MBEDTLS_SSL_PROTO_TLS1_2)) && \ defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C) && \ defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_DEBUG_C) && \ @@ -3668,10 +3673,9 @@ exit: * an issue with mbedtls_vsnprintf(). */ /* BEGIN_CASE depends_on:!MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_EARLY_DATA:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SRV_C:MBEDTLS_DEBUG_C:MBEDTLS_TEST_AT_LEAST_ONE_TLS1_3_CIPHERSUITE:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED:MBEDTLS_MD_CAN_SHA256:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_VERIFY:MBEDTLS_SSL_SESSION_TICKETS */ -void tls13_early_data(char *scenario_string) +void tls13_early_data(int scenario) { int ret = -1; - int scenario = 0; unsigned char buf[64]; const char *early_data = "This is early data."; size_t early_data_len = strlen(early_data); @@ -3686,19 +3690,6 @@ void tls13_early_data(char *scenario_string) MBEDTLS_SSL_IANA_TLS_GROUP_NONE }; - /* - * Determine scenario. - */ - if (strcmp(scenario_string, "reference") == 0) { - scenario = 0; - } else if (strcmp(scenario_string, "deprotect and discard") == 0) { - scenario = 1; - } else if (strcmp(scenario_string, "discard after HRR") == 0) { - scenario = 2; - } else { - TEST_FAIL("Unknown scenario."); - } - /* * Test set-up */ @@ -3769,7 +3760,10 @@ void tls13_early_data(char *scenario_string) TEST_EQUAL(ret, 0); switch (scenario) { - case 1: /* deprotect and discard */ + case TEST_EARLY_DATA_REFERENCE: + break; + + case TEST_EARLY_DATA_DEPROTECT_AND_DISCARD: mbedtls_debug_set_threshold(3); server_pattern.pattern = "EarlyData: deprotect and discard app data records."; @@ -3777,7 +3771,7 @@ void tls13_early_data(char *scenario_string) MBEDTLS_SSL_EARLY_DATA_DISABLED); break; - case 2: /* discard after HRR */ + case TEST_EARLY_DATA_DISCARD_AFTER_HRR: mbedtls_debug_set_threshold(3); server_pattern.pattern = "EarlyData: Ignore application message before 2nd ClientHello"; @@ -3789,6 +3783,9 @@ void tls13_early_data(char *scenario_string) ret = mbedtls_ssl_session_reset(&(server_ep.ssl)); TEST_EQUAL(ret, 0); break; + + default: + TEST_FAIL("Unknown scenario."); } TEST_EQUAL(mbedtls_test_move_handshake_to_state( @@ -3807,7 +3804,7 @@ void tls13_early_data(char *scenario_string) MBEDTLS_SSL_HANDSHAKE_WRAPUP); switch (scenario) { - case 0: + case TEST_EARLY_DATA_REFERENCE: TEST_EQUAL(ret, MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA); TEST_EQUAL(server_ep.ssl.handshake->early_data_accepted, 1); TEST_EQUAL(mbedtls_ssl_read_early_data(&(server_ep.ssl), @@ -3819,8 +3816,8 @@ void tls13_early_data(char *scenario_string) MBEDTLS_SSL_HANDSHAKE_WRAPUP), 0); break; - case 1: /* Intentional fallthrough */ - case 2: + case TEST_EARLY_DATA_DEPROTECT_AND_DISCARD: /* Intentional fallthrough */ + case TEST_EARLY_DATA_DISCARD_AFTER_HRR: TEST_EQUAL(ret, 0); TEST_EQUAL(server_ep.ssl.handshake->early_data_accepted, 0); TEST_EQUAL(server_pattern.counter, 1); From fe329cea3fdcda1865c21e24b5fa3e5aef219eaa Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 6 Feb 2024 08:00:18 +0100 Subject: [PATCH 1645/1674] rsa: handle buffer length similarly in private and public key parsing Signed-off-by: Valerio Setti --- library/rsa.c | 8 +++++++- tests/suites/test_suite_rsa.data | 2 +- tests/suites/test_suite_x509parse.data | 2 +- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index f4add9173..b250e1d49 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -109,6 +109,10 @@ int mbedtls_rsa_parse_key(mbedtls_rsa_context *rsa, const unsigned char *key, si end = p + len; + if (end > (key + keylen)) { + return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; + } + if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) { return ret; } @@ -239,7 +243,9 @@ int mbedtls_rsa_parse_pubkey(mbedtls_rsa_context *rsa, const unsigned char *key, return ret; } - if (p + len != end) { + end = p + len; + + if (end > (key + keylen)) { return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; } diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index b404f00d2..b89d1583c 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -707,7 +707,7 @@ RSA parse public key - public exponent 0 rsa_parse_pkcs1_key:1:"308189028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203000000":MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSA parse public key - wrong sequence length -rsa_parse_pkcs1_key:1:"308188028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001":MBEDTLS_ERR_ASN1_LENGTH_MISMATCH +rsa_parse_pkcs1_key:1:"308188028181009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001":MBEDTLS_ERR_ASN1_OUT_OF_DATA RSA parse public key - wrong modulus length rsa_parse_pkcs1_key:1:"308189028180009f091e6968b474f76f0e9c237c1d895996ae704b4f6d706acec8d2daac6209bf524aa3f658d0283adba1077f6cbe92e425dcde52290b239cade91be86c88425434986806e85734e159768f3dfea932baaa9409d25bace8ee9dce0cdde0903207299de575ae60feccf0daf82334ab83638539b0da74072f253acea8afc8e66bb70203010001":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 261c220ee..b9ae20c56 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -1774,7 +1774,7 @@ x509parse_crt:"307d3068a0030201008204deadbeef300d06092a864886f70d01010b0500300c3 X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv internal bitstring length) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 -x509parse_crt:"308180306ba0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH +x509parse_crt:"308180306ba0030201008204deadbeef300d06092a864886f70d01010b0500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400300000300d06092a864886f70d01010b0500030200ff":"":MBEDTLS_ERR_PK_INVALID_PUBKEY + MBEDTLS_ERR_ASN1_OUT_OF_DATA X509 CRT ASN1 (TBS, inv SubPubKeyInfo, inv internal bitstring tag) depends_on:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256 From d4fc5d9d1c76a6cb978ceb4cc74ec62b111b0007 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 6 Feb 2024 08:42:42 +0100 Subject: [PATCH 1646/1674] psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der() The only real contraint on the raw buffer is that it is large enough to contain 2 coordinates. Larger buffers are therefore allowed and the extra data will simply be ignored. Note = trying to impose a strict sizing on the raw buffer causes several failures in test suites. This suggests that it is quite common to use larger buffer to store raw signatures. Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 2 +- library/psa_util.c | 2 +- tests/suites/test_suite_psa_crypto_util.data | 4 ---- 3 files changed, 2 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index a5f09a4f4..9294d29bb 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -188,7 +188,7 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa * * \param bits Size of each coordinate in bits. * \param raw Buffer that contains the signature in raw format. - * \param raw_len Length of \p raw in bytes. This must be + * \param raw_len Length of \p raw in bytes. This must be at least * PSA_BITS_TO_BYTES(bits) bytes. * \param[out] der Buffer that will be filled with the converted DER * output. It can overlap with raw buffer. diff --git a/library/psa_util.c b/library/psa_util.c index 674f21b9b..7ce5eea03 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -413,7 +413,7 @@ int mbedtls_ecdsa_raw_to_der(size_t bits, const unsigned char *raw, size_t raw_l unsigned char *p = der + der_size; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if ((raw_len < 2 * coordinate_len) || (raw_len > 2 * coordinate_len)) { + if (raw_len < 2 * coordinate_len) { return MBEDTLS_ERR_ASN1_INVALID_DATA; } diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 7f3f5b50b..f7e6ebace 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -42,10 +42,6 @@ ECDSA Raw -> DER, 256bit, Invalid raw signature (1 byte shorter) depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA -ECDSA Raw -> DER, 256bit, Invalid raw signature (1 byte longer) -depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 -ecdsa_raw_to_der:256:"1111111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA - ECDSA DER -> Raw, 256bit, Success depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":0 From c213a2e1e56b5734a6e1a07b7655df28739baf17 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 6 Feb 2024 10:49:14 +0100 Subject: [PATCH 1647/1674] adjust_legacy_from_psa: use groups instead of curves for DH Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_from_psa.h | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_from_psa.h b/include/mbedtls/config_adjust_legacy_from_psa.h index b27f6b9e3..56ec27691 100644 --- a/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/include/mbedtls/config_adjust_legacy_from_psa.h @@ -370,17 +370,17 @@ /* * DH key types follow the same pattern used above for EC keys. They are defined - * by a triplet (curve, key_type, alg). A triplet is accelerated if all its + * by a triplet (group, key_type, alg). A triplet is accelerated if all its * component are accelerated, otherwise each component needs to be builtin. */ -/* DH: curves: is acceleration complete? */ +/* DH: groups: is acceleration complete? */ #if (defined(PSA_WANT_DH_RFC7919_2048) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_2048)) || \ (defined(PSA_WANT_DH_RFC7919_3072) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_3072)) || \ (defined(PSA_WANT_DH_RFC7919_4096) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_4096)) || \ (defined(PSA_WANT_DH_RFC7919_6144) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_6144)) || \ (defined(PSA_WANT_DH_RFC7919_8192) && !defined(MBEDTLS_PSA_ACCEL_DH_RFC7919_8192)) -#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_CURVES +#define MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS #endif /* DH: algs: is acceleration complete? */ @@ -444,7 +444,7 @@ #if defined(PSA_WANT_ALG_FFDH) #if !defined(MBEDTLS_PSA_ACCEL_ALG_FFDH) || \ - defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_CURVES) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_KEY_TYPES) #define MBEDTLS_PSA_BUILTIN_ALG_FFDH 1 #define MBEDTLS_BIGNUM_C @@ -453,7 +453,7 @@ #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT) #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT) || \ - defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_CURVES) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_IMPORT 1 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_IMPORT */ @@ -461,7 +461,7 @@ #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT) #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT) || \ - defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_CURVES) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_EXPORT 1 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_EXPORT */ @@ -475,7 +475,7 @@ #if defined(PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC) #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC) || \ - defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_CURVES) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_KEY_PAIR_BASIC 1 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_KEY_PAIR_BASIC */ @@ -483,7 +483,7 @@ #if defined(PSA_WANT_KEY_TYPE_DH_PUBLIC_KEY) #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DH_PUBLIC_KEY) || \ - defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_CURVES) || \ + defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_GROUPS) || \ defined(MBEDTLS_PSA_DH_ACCEL_INCOMPLETE_ALGS) #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_DH_PUBLIC_KEY 1 #define MBEDTLS_BIGNUM_C From 4e9683e8180801a6d0c5326794263c32d62f1e71 Mon Sep 17 00:00:00 2001 From: Chien Wong Date: Thu, 28 Dec 2023 17:07:43 +0800 Subject: [PATCH 1648/1674] Reduce many unnecessary static memory consumption .data section of ssl_client1 becomes 320 bytes smaller on AMD64. Signed-off-by: Chien Wong --- library/ecp_curves.c | 14 +++++++------- library/sha3.c | 4 ++-- library/ssl_tls.c | 16 ++++++++-------- 3 files changed, 17 insertions(+), 17 deletions(-) diff --git a/library/ecp_curves.c b/library/ecp_curves.c index 577e23b7a..9a011bbfe 100644 --- a/library/ecp_curves.c +++ b/library/ecp_curves.c @@ -52,7 +52,7 @@ defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) /* For these curves, we build the group parameters dynamically. */ #define ECP_LOAD_GROUP -static mbedtls_mpi_uint mpi_one[] = { 1 }; +static const mbedtls_mpi_uint mpi_one[] = { 1 }; #endif /* @@ -4511,7 +4511,7 @@ static inline void ecp_mpi_set1(mbedtls_mpi *X) { X->s = 1; X->n = 1; - X->p = mpi_one; + X->p = (mbedtls_mpi_uint *) mpi_one; /* X->p will not be modified so the cast is safe */ } /* @@ -5318,7 +5318,7 @@ cleanup: */ #define P_KOBLITZ_MAX (256 / 8 / sizeof(mbedtls_mpi_uint)) // Max limbs in P #define P_KOBLITZ_R (8 / sizeof(mbedtls_mpi_uint)) // Limbs in R -static inline int ecp_mod_koblitz(mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p_limbs, +static inline int ecp_mod_koblitz(mbedtls_mpi *N, const mbedtls_mpi_uint *Rp, size_t p_limbs, size_t adjust, size_t shift, mbedtls_mpi_uint mask) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -5332,7 +5332,7 @@ static inline int ecp_mod_koblitz(mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p /* Init R */ R.s = 1; - R.p = Rp; + R.p = (mbedtls_mpi_uint *) Rp; /* R.p will not be modified so the cast is safe */ R.n = P_KOBLITZ_R; /* Common setup for M */ @@ -5403,7 +5403,7 @@ cleanup: */ static int ecp_mod_p192k1(mbedtls_mpi *N) { - static mbedtls_mpi_uint Rp[] = { + static const mbedtls_mpi_uint Rp[] = { MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00) }; @@ -5420,7 +5420,7 @@ static int ecp_mod_p192k1(mbedtls_mpi *N) */ static int ecp_mod_p224k1(mbedtls_mpi *N) { - static mbedtls_mpi_uint Rp[] = { + static const mbedtls_mpi_uint Rp[] = { MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00) }; @@ -5442,7 +5442,7 @@ static int ecp_mod_p224k1(mbedtls_mpi *N) */ static int ecp_mod_p256k1(mbedtls_mpi *N) { - static mbedtls_mpi_uint Rp[] = { + static const mbedtls_mpi_uint Rp[] = { MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00) }; diff --git a/library/sha3.c b/library/sha3.c index d90fefaea..f420a1249 100644 --- a/library/sha3.c +++ b/library/sha3.c @@ -37,7 +37,7 @@ mbedtls_sha3_family_functions; /* * List of supported SHA-3 families */ -static mbedtls_sha3_family_functions sha3_families[] = { +static const mbedtls_sha3_family_functions sha3_families[] = { { MBEDTLS_SHA3_224, 1152, 224 }, { MBEDTLS_SHA3_256, 1088, 256 }, { MBEDTLS_SHA3_384, 832, 384 }, @@ -180,7 +180,7 @@ void mbedtls_sha3_clone(mbedtls_sha3_context *dst, */ int mbedtls_sha3_starts(mbedtls_sha3_context *ctx, mbedtls_sha3_id id) { - mbedtls_sha3_family_functions *p = NULL; + const mbedtls_sha3_family_functions *p = NULL; for (p = sha3_families; p->id != MBEDTLS_SHA3_NONE; p++) { if (p->id == id) { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index ecfecf277..10c5f74b2 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -631,7 +631,7 @@ static const char *extension_name_table[] = { [MBEDTLS_SSL_EXT_ID_RECORD_SIZE_LIMIT] = "record_size_limit" }; -static unsigned int extension_type_table[] = { +static const unsigned int extension_type_table[] = { [MBEDTLS_SSL_EXT_ID_UNRECOGNIZED] = 0xff, [MBEDTLS_SSL_EXT_ID_SERVERNAME] = MBEDTLS_TLS_EXT_SERVERNAME, [MBEDTLS_SSL_EXT_ID_MAX_FRAGMENT_LENGTH] = MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH, @@ -3706,7 +3706,7 @@ int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl, (SSL_SERIALIZED_SESSION_CONFIG_ETM << SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT) | \ (SSL_SERIALIZED_SESSION_CONFIG_TICKET << SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT))) -static unsigned char ssl_serialized_session_header[] = { +static const unsigned char ssl_serialized_session_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, @@ -4431,7 +4431,7 @@ void mbedtls_ssl_session_free(mbedtls_ssl_session *session) (SSL_SERIALIZED_CONTEXT_CONFIG_ALPN << SSL_SERIALIZED_CONTEXT_CONFIG_ALPN_BIT) | \ 0u)) -static unsigned char ssl_serialized_context_header[] = { +static const unsigned char ssl_serialized_context_header[] = { MBEDTLS_VERSION_MAJOR, MBEDTLS_VERSION_MINOR, MBEDTLS_VERSION_PATCH, @@ -5049,7 +5049,7 @@ void mbedtls_ssl_config_init(mbedtls_ssl_config *conf) * See the documentation of mbedtls_ssl_conf_curves() for what we promise * about this list. */ -static uint16_t ssl_preset_default_groups[] = { +static const uint16_t ssl_preset_default_groups[] = { #if defined(MBEDTLS_ECP_HAVE_CURVE25519) MBEDTLS_SSL_IANA_TLS_GROUP_X25519, #endif @@ -5100,7 +5100,7 @@ static const int ssl_preset_suiteb_ciphersuites[] = { * - ssl_tls12_preset* is for TLS 1.2 use only. * - ssl_preset_* is for TLS 1.3 only or hybrid TLS 1.3/1.2 handshakes. */ -static uint16_t ssl_preset_default_sig_algs[] = { +static const uint16_t ssl_preset_default_sig_algs[] = { #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \ defined(MBEDTLS_MD_CAN_SHA256) && \ @@ -5195,7 +5195,7 @@ static uint16_t ssl_tls12_preset_default_sig_algs[] = { #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ /* NOTICE: see above */ -static uint16_t ssl_preset_suiteb_sig_algs[] = { +static const uint16_t ssl_preset_suiteb_sig_algs[] = { #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \ defined(MBEDTLS_MD_CAN_SHA256) && \ @@ -5236,7 +5236,7 @@ static uint16_t ssl_tls12_preset_suiteb_sig_algs[] = { #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */ -static uint16_t ssl_preset_suiteb_groups[] = { +static const uint16_t ssl_preset_suiteb_groups[] = { #if defined(MBEDTLS_ECP_HAVE_SECP256R1) MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, #endif @@ -5250,7 +5250,7 @@ static uint16_t ssl_preset_suiteb_groups[] = { /* Function for checking `ssl_preset_*_sig_algs` and `ssl_tls12_preset_*_sig_algs` * to make sure there are no duplicated signature algorithm entries. */ MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_check_no_sig_alg_duplication(uint16_t *sig_algs) +static int ssl_check_no_sig_alg_duplication(const uint16_t *sig_algs) { size_t i, j; int ret = 0; From 735ac3ec05f08392e8890632d9489f43f8778ea6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 6 Feb 2024 11:11:32 +0100 Subject: [PATCH 1649/1674] Fix builds with secp224k1 as the only curve Normally, if an elliptic curve is enabled in the legacy API then it's also enabled in the PSA API. In particular, if the legacy API has at least one curve then that curve also works with PSA. There is an exception with secp224k1 which PSA does not support. In a build with secp224k1 as the only legacy curve, MBEDTLS_PK_HAVE_ECC_KEYS is enabled (because you can use the curve through PK) but PSA does not support any elliptic curve, so we can't run PK-PSA bridge tests. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pk.data | 84 ++++++++++++++--------------- tests/suites/test_suite_pk.function | 24 +++++++++ 2 files changed, 66 insertions(+), 42 deletions(-) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 55146feaa..341495883 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -821,171 +821,171 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15 pk_get_psa_attributes_fail:MBEDTLS_PK_RSA:0:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY pair DECRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY_DH pair DECRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECDSA pair DECRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY public DECRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY_DH public DECRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECDSA public DECRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_DECRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY pair ENCRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY_DH pair ENCRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECDSA pair ENCRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY public ENCRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY_DH public ENCRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECDSA public ENCRYPT (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_ENCRYPT:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY pair DERIVE -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_DERIVE:1:PSA_ALG_ECDH PSA attributes for pk: ECKEY_DH pair DERIVE -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_DERIVE:1:PSA_ALG_ECDH PSA attributes for pk: ECDSA pair DERIVE (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY public DERIVE (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY_DH public DERIVE (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECDSA public DERIVE (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_DERIVE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY pair SIGN_MESSAGE -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_SIGN_MESSAGE:1:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECDSA pair SIGN_MESSAGE -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_SIGN_MESSAGE:1:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECKEY pair SIGN_HASH -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_SIGN_HASH:1:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECDSA pair SIGN_HASH -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_SIGN_HASH:1:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECKEY pair->public VERIFY_MESSAGE -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECDSA pair->public VERIFY_MESSAGE -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECKEY pair->public VERIFY_HASH -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes:MBEDTLS_PK_ECKEY:1:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECDSA pair->public VERIFY_HASH -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes:MBEDTLS_PK_ECDSA:1:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECKEY public VERIFY_MESSAGE -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECDSA public VERIFY_MESSAGE -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECKEY public VERIFY_HASH -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECDSA public VERIFY_HASH -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_VERIFY_HASH:0:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH) PSA attributes for pk: ECKEY public SIGN_MESSAGE (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECDSA public SIGN_MESSAGE (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY public SIGN_HASH (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY:0:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECDSA public SIGN_HASH (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_PK_CAN_ECDSA_SOME +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE:MBEDTLS_PK_CAN_ECDSA_SOME pk_get_psa_attributes_fail:MBEDTLS_PK_ECDSA:0:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY_DH pair SIGN_MESSAGE (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY_DH pair SIGN_HASH (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY_DH pair VERIFY_MESSAGE (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_VERIFY_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY_DH pair VERIFY_HASH (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:1:PSA_KEY_USAGE_VERIFY_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY_DH public SIGN_MESSAGE (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_SIGN_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY_DH public SIGN_HASH (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_SIGN_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY_DH public VERIFY_MESSAGE (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_VERIFY_MESSAGE:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: ECKEY_DH public VERIFY_HASH (bad) -depends_on:MBEDTLS_PK_HAVE_ECC_KEYS +depends_on:MBEDTLS_PK_HAVE_ECC_KEYS:MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE pk_get_psa_attributes_fail:MBEDTLS_PK_ECKEY_DH:0:PSA_KEY_USAGE_VERIFY_HASH:MBEDTLS_ERR_PK_TYPE_MISMATCH PSA attributes for pk: opaque RSA pair, 0 & SIGN_MESSAGE (bad policy) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 2dd35c8fd..257430702 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -36,6 +36,30 @@ #define MBEDTLS_TEST_PK_PSA_SIGN #endif +/* MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE is enabled when PSA supports + * at least one elliptic curve. This is distinct from + * PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY because that symbol can be enabled even + * when there are no curves. This happens in particular in a configuration + * with MBEDTLS_PSA_CRYPTO_CONFIG disabled and where the only legacy curve + * is secp224k1, which is not supported in PSA. */ +#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256) || \ + defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384) || \ + defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512) || \ + defined(PSA_WANT_ECC_MONTGOMERY_255) || \ + defined(PSA_WANT_ECC_MONTGOMERY_448) || \ + defined(PSA_WANT_ECC_SECP_K1_192) || \ + defined(PSA_WANT_ECC_SECP_K1_224) || \ + defined(PSA_WANT_ECC_SECP_K1_256) || \ + defined(PSA_WANT_ECC_SECP_R1_192) || \ + defined(PSA_WANT_ECC_SECP_R1_224) || \ + defined(PSA_WANT_ECC_SECP_R1_256) || \ + defined(PSA_WANT_ECC_SECP_R1_384) || \ + defined(PSA_WANT_ECC_SECP_R1_521) +#define MBEDTLS_TEST_PSA_ECC_AT_LEAST_ONE_CURVE +#endif +#endif + #if defined(MBEDTLS_PK_USE_PSA_EC_DATA) static int pk_genkey_ec(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id) { From d0a772740ec78c153b13a3337e2a4e40fbad341e Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 5 Feb 2024 17:57:05 +0100 Subject: [PATCH 1650/1674] tests: early data: Complete the handshake Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.function | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index cbb29b6fb..8687a4d6f 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -3810,10 +3810,6 @@ void tls13_early_data(int scenario) TEST_EQUAL(mbedtls_ssl_read_early_data(&(server_ep.ssl), buf, sizeof(buf)), early_data_len); TEST_MEMORY_COMPARE(buf, early_data_len, early_data, early_data_len); - - TEST_EQUAL(mbedtls_test_move_handshake_to_state( - &(server_ep.ssl), &(client_ep.ssl), - MBEDTLS_SSL_HANDSHAKE_WRAPUP), 0); break; case TEST_EARLY_DATA_DEPROTECT_AND_DISCARD: /* Intentional fallthrough */ @@ -3824,6 +3820,10 @@ void tls13_early_data(int scenario) break; } + TEST_EQUAL(mbedtls_test_move_handshake_to_state( + &(server_ep.ssl), &(client_ep.ssl), + MBEDTLS_SSL_HANDSHAKE_OVER), 0); + exit: mbedtls_test_ssl_endpoint_free(&client_ep, NULL); mbedtls_test_ssl_endpoint_free(&server_ep, NULL); From b327a1e706f4fbb113ed7f17edcdc23bfa8c5828 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 6 Feb 2024 11:21:26 +0000 Subject: [PATCH 1651/1674] Change unaligned access method for old gcc gcc bug https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94662 shows that __attribute__ aligned may be ignored. Signed-off-by: Dave Rodgman --- library/alignment.h | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/library/alignment.h b/library/alignment.h index 248f29bc7..8db550fa5 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -71,10 +71,10 @@ typedef uint64_t __packed mbedtls_uint64_unaligned_t; * Tested with several versions of GCC from 4.5.0 up to 9.3.0 * We don't enable for older than 4.5.0 as this has not been tested. */ - #define UINT_UNALIGNED -typedef uint16_t __attribute__((__aligned__(1))) mbedtls_uint16_unaligned_t; -typedef uint32_t __attribute__((__aligned__(1))) mbedtls_uint32_unaligned_t; -typedef uint64_t __attribute__((__aligned__(1))) mbedtls_uint64_unaligned_t; + #define UINT_UNALIGNED_UNION +typedef union { uint16_t x; } __attribute__((packed)) mbedtls_uint16_unaligned_t; +typedef union { uint32_t x; } __attribute__((packed)) mbedtls_uint32_unaligned_t; +typedef union { uint64_t x; } __attribute__((packed)) mbedtls_uint64_unaligned_t; #endif /* @@ -101,6 +101,9 @@ static inline uint16_t mbedtls_get_unaligned_uint16(const void *p) #if defined(UINT_UNALIGNED) mbedtls_uint16_unaligned_t *p16 = (mbedtls_uint16_unaligned_t *) p; r = *p16; +#elif defined(UINT_UNALIGNED_UNION) + mbedtls_uint16_unaligned_t *p16 = (mbedtls_uint16_unaligned_t *) p; + r = p16->x; #else memcpy(&r, p, sizeof(r)); #endif @@ -124,6 +127,9 @@ static inline void mbedtls_put_unaligned_uint16(void *p, uint16_t x) #if defined(UINT_UNALIGNED) mbedtls_uint16_unaligned_t *p16 = (mbedtls_uint16_unaligned_t *) p; *p16 = x; +#elif defined(UINT_UNALIGNED_UNION) + mbedtls_uint16_unaligned_t *p16 = (mbedtls_uint16_unaligned_t *) p; + p16->x = x; #else memcpy(p, &x, sizeof(x)); #endif @@ -147,6 +153,9 @@ static inline uint32_t mbedtls_get_unaligned_uint32(const void *p) #if defined(UINT_UNALIGNED) mbedtls_uint32_unaligned_t *p32 = (mbedtls_uint32_unaligned_t *) p; r = *p32; +#elif defined(UINT_UNALIGNED_UNION) + mbedtls_uint32_unaligned_t *p32 = (mbedtls_uint32_unaligned_t *) p; + r = p32->x; #else memcpy(&r, p, sizeof(r)); #endif @@ -170,6 +179,9 @@ static inline void mbedtls_put_unaligned_uint32(void *p, uint32_t x) #if defined(UINT_UNALIGNED) mbedtls_uint32_unaligned_t *p32 = (mbedtls_uint32_unaligned_t *) p; *p32 = x; +#elif defined(UINT_UNALIGNED_UNION) + mbedtls_uint32_unaligned_t *p32 = (mbedtls_uint32_unaligned_t *) p; + p32->x = x; #else memcpy(p, &x, sizeof(x)); #endif @@ -193,6 +205,9 @@ static inline uint64_t mbedtls_get_unaligned_uint64(const void *p) #if defined(UINT_UNALIGNED) mbedtls_uint64_unaligned_t *p64 = (mbedtls_uint64_unaligned_t *) p; r = *p64; +#elif defined(UINT_UNALIGNED_UNION) + mbedtls_uint64_unaligned_t *p64 = (mbedtls_uint64_unaligned_t *) p; + r = p64->x; #else memcpy(&r, p, sizeof(r)); #endif @@ -216,6 +231,9 @@ static inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x) #if defined(UINT_UNALIGNED) mbedtls_uint64_unaligned_t *p64 = (mbedtls_uint64_unaligned_t *) p; *p64 = x; +#elif defined(UINT_UNALIGNED_UNION) + mbedtls_uint64_unaligned_t *p64 = (mbedtls_uint64_unaligned_t *) p; + p64->x = x; #else memcpy(p, &x, sizeof(x)); #endif From ec9936d1223283d45d947ab1b6d7f1ea31594fe7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 6 Feb 2024 12:56:45 +0000 Subject: [PATCH 1652/1674] Improve gcc guards Signed-off-by: Dave Rodgman --- library/alignment.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/alignment.h b/library/alignment.h index 8db550fa5..65c5321da 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -53,7 +53,7 @@ typedef uint16_t __packed mbedtls_uint16_unaligned_t; typedef uint32_t __packed mbedtls_uint32_unaligned_t; typedef uint64_t __packed mbedtls_uint64_unaligned_t; #elif defined(MBEDTLS_COMPILER_IS_GCC) && (MBEDTLS_GCC_VERSION >= 40504) && \ - ((MBEDTLS_GCC_VERSION < 90300) || (!defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS))) + ((MBEDTLS_GCC_VERSION < 60300) || (!defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS))) /* * Old versions of gcc, depending on how the target is specified, may generate a branch to memcpy * for calls like `memcpy(dest, src, 4)` rather than generating some LDR or LDRB instructions From f4e8234f932faa0052b8d97ad9055e7922204aee Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 6 Feb 2024 12:57:03 +0000 Subject: [PATCH 1653/1674] Improve docs Signed-off-by: Dave Rodgman --- library/alignment.h | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/library/alignment.h b/library/alignment.h index 65c5321da..14a86cf37 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -55,20 +55,25 @@ typedef uint64_t __packed mbedtls_uint64_unaligned_t; #elif defined(MBEDTLS_COMPILER_IS_GCC) && (MBEDTLS_GCC_VERSION >= 40504) && \ ((MBEDTLS_GCC_VERSION < 60300) || (!defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS))) /* - * Old versions of gcc, depending on how the target is specified, may generate a branch to memcpy - * for calls like `memcpy(dest, src, 4)` rather than generating some LDR or LDRB instructions - * (similar for stores). - * Recent versions where unaligned access is not enabled also do this. + * gcc may generate a branch to memcpy for calls like `memcpy(dest, src, 4)` rather than + * generating some LDR or LDRB instructions (similar for stores). + * + * For versions of gcc < 5.4.0 this always happens. + * For gcc < 6.3.0, this happens at -O0 + * For all versions, this happens iff unaligned access is not supported. + * + * For gcc 4.x, this will generate byte-by-byte loads even if unaligned access is supported, which + * is correct but not optimal. * * For performance (and code size, in some cases), we want to avoid the branch and just generate * some inline load/store instructions since the access is small and constant-size. * * The manual states: - * "The aligned attribute specifies a minimum alignment for the variable or structure field, - * measured in bytes." - * https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html + * "The packed attribute specifies that a variable or structure field should have the smallest + * possible alignment—one byte for a variable" + * https://gcc.gnu.org/onlinedocs/gcc-4.5.4/gcc/Variable-Attributes.html * - * Tested with several versions of GCC from 4.5.0 up to 9.3.0 + * Tested with several versions of GCC from 4.5.0 up to 13.2.0 * We don't enable for older than 4.5.0 as this has not been tested. */ #define UINT_UNALIGNED_UNION From 22b934e6d2242c5d7c3b14f82ef99ecb62fb7de4 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 6 Feb 2024 12:57:16 +0000 Subject: [PATCH 1654/1674] Use struct not union Signed-off-by: Dave Rodgman --- library/alignment.h | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/library/alignment.h b/library/alignment.h index 14a86cf37..db835955b 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -76,10 +76,10 @@ typedef uint64_t __packed mbedtls_uint64_unaligned_t; * Tested with several versions of GCC from 4.5.0 up to 13.2.0 * We don't enable for older than 4.5.0 as this has not been tested. */ - #define UINT_UNALIGNED_UNION -typedef union { uint16_t x; } __attribute__((packed)) mbedtls_uint16_unaligned_t; -typedef union { uint32_t x; } __attribute__((packed)) mbedtls_uint32_unaligned_t; -typedef union { uint64_t x; } __attribute__((packed)) mbedtls_uint64_unaligned_t; + #define UINT_UNALIGNED_STRUCT +typedef struct { uint16_t x; } __attribute__((packed)) mbedtls_uint16_unaligned_t; +typedef struct { uint32_t x; } __attribute__((packed)) mbedtls_uint32_unaligned_t; +typedef struct { uint64_t x; } __attribute__((packed)) mbedtls_uint64_unaligned_t; #endif /* @@ -106,7 +106,7 @@ static inline uint16_t mbedtls_get_unaligned_uint16(const void *p) #if defined(UINT_UNALIGNED) mbedtls_uint16_unaligned_t *p16 = (mbedtls_uint16_unaligned_t *) p; r = *p16; -#elif defined(UINT_UNALIGNED_UNION) +#elif defined(UINT_UNALIGNED_STRUCT) mbedtls_uint16_unaligned_t *p16 = (mbedtls_uint16_unaligned_t *) p; r = p16->x; #else @@ -132,7 +132,7 @@ static inline void mbedtls_put_unaligned_uint16(void *p, uint16_t x) #if defined(UINT_UNALIGNED) mbedtls_uint16_unaligned_t *p16 = (mbedtls_uint16_unaligned_t *) p; *p16 = x; -#elif defined(UINT_UNALIGNED_UNION) +#elif defined(UINT_UNALIGNED_STRUCT) mbedtls_uint16_unaligned_t *p16 = (mbedtls_uint16_unaligned_t *) p; p16->x = x; #else @@ -158,7 +158,7 @@ static inline uint32_t mbedtls_get_unaligned_uint32(const void *p) #if defined(UINT_UNALIGNED) mbedtls_uint32_unaligned_t *p32 = (mbedtls_uint32_unaligned_t *) p; r = *p32; -#elif defined(UINT_UNALIGNED_UNION) +#elif defined(UINT_UNALIGNED_STRUCT) mbedtls_uint32_unaligned_t *p32 = (mbedtls_uint32_unaligned_t *) p; r = p32->x; #else @@ -184,7 +184,7 @@ static inline void mbedtls_put_unaligned_uint32(void *p, uint32_t x) #if defined(UINT_UNALIGNED) mbedtls_uint32_unaligned_t *p32 = (mbedtls_uint32_unaligned_t *) p; *p32 = x; -#elif defined(UINT_UNALIGNED_UNION) +#elif defined(UINT_UNALIGNED_STRUCT) mbedtls_uint32_unaligned_t *p32 = (mbedtls_uint32_unaligned_t *) p; p32->x = x; #else @@ -210,7 +210,7 @@ static inline uint64_t mbedtls_get_unaligned_uint64(const void *p) #if defined(UINT_UNALIGNED) mbedtls_uint64_unaligned_t *p64 = (mbedtls_uint64_unaligned_t *) p; r = *p64; -#elif defined(UINT_UNALIGNED_UNION) +#elif defined(UINT_UNALIGNED_STRUCT) mbedtls_uint64_unaligned_t *p64 = (mbedtls_uint64_unaligned_t *) p; r = p64->x; #else @@ -236,7 +236,7 @@ static inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x) #if defined(UINT_UNALIGNED) mbedtls_uint64_unaligned_t *p64 = (mbedtls_uint64_unaligned_t *) p; *p64 = x; -#elif defined(UINT_UNALIGNED_UNION) +#elif defined(UINT_UNALIGNED_STRUCT) mbedtls_uint64_unaligned_t *p64 = (mbedtls_uint64_unaligned_t *) p; p64->x = x; #else From eae7fce8296404563632062281c3dc7da32f43db Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 6 Feb 2024 14:40:59 +0100 Subject: [PATCH 1655/1674] add changelog Signed-off-by: Valerio Setti --- ChangeLog.d/8030.txt | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 ChangeLog.d/8030.txt diff --git a/ChangeLog.d/8030.txt b/ChangeLog.d/8030.txt new file mode 100644 index 000000000..d99c9e7e4 --- /dev/null +++ b/ChangeLog.d/8030.txt @@ -0,0 +1,7 @@ +Changes + * Extended PSA Crypto configurations options for FFDH by making it possible + to select only some of the parameters / groups, with the macros + PSA_WANT_DH_RFC7919_XXXX. You now need to defined the corresponding macro + for each size you want to support. Also, if you have an FFDH accelerator, + you'll need to define the appropriate MBEDTLS_PSA_ACCEL macros to signal + support for these domain parameters. From d09f96b829aedcddd5bb40681fca2c31ff20a591 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 6 Feb 2024 13:51:58 +0000 Subject: [PATCH 1656/1674] Improve docs Signed-off-by: Dave Rodgman --- library/alignment.h | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/library/alignment.h b/library/alignment.h index db835955b..fece47dc8 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -58,12 +58,15 @@ typedef uint64_t __packed mbedtls_uint64_unaligned_t; * gcc may generate a branch to memcpy for calls like `memcpy(dest, src, 4)` rather than * generating some LDR or LDRB instructions (similar for stores). * - * For versions of gcc < 5.4.0 this always happens. - * For gcc < 6.3.0, this happens at -O0 - * For all versions, this happens iff unaligned access is not supported. + * This is architecture dependent: x86-64 seems fine even with old gcc; 32-bit Arm + * is affected. To keep it simple, we enable for all architectures. * - * For gcc 4.x, this will generate byte-by-byte loads even if unaligned access is supported, which - * is correct but not optimal. + * For versions of gcc < 5.4.0 this issue always happens. + * For gcc < 6.3.0, this issue happens at -O0 + * For all versions, this issue happens iff unaligned access is not supported. + * + * For gcc 4.x, this implementation will generate byte-by-byte loads even if unaligned access is + * supported, which is correct but not optimal. * * For performance (and code size, in some cases), we want to avoid the branch and just generate * some inline load/store instructions since the access is small and constant-size. @@ -73,6 +76,9 @@ typedef uint64_t __packed mbedtls_uint64_unaligned_t; * possible alignment—one byte for a variable" * https://gcc.gnu.org/onlinedocs/gcc-4.5.4/gcc/Variable-Attributes.html * + * Previous implementations used __attribute__((__aligned__(1)), but had issues with a gcc bug: + * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94662 + * * Tested with several versions of GCC from 4.5.0 up to 13.2.0 * We don't enable for older than 4.5.0 as this has not been tested. */ From 94c5806a64aa68eac1af9ad25d3b4e302fdae2f4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 6 Feb 2024 15:49:06 +0100 Subject: [PATCH 1657/1674] suite_psa_crypto_util: make ecdsa_raw_to_der_incremental() more readable Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.function | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_util.function b/tests/suites/test_suite_psa_crypto_util.function index fe811e062..2d8915e54 100644 --- a/tests/suites/test_suite_psa_crypto_util.function +++ b/tests/suites/test_suite_psa_crypto_util.function @@ -28,12 +28,11 @@ exit: void ecdsa_raw_to_der_incremental(int key_bits, data_t *input, data_t *exp_result) { unsigned char *tmp_buf = NULL; - size_t tmp_buf_len = exp_result->len; size_t ret_len; size_t i; /* Test with an output buffer smaller than required (expexted to fail). */ - for (i = 1; i < tmp_buf_len; i++) { + for (i = 1; i < exp_result->len; i++) { TEST_CALLOC(tmp_buf, i); TEST_ASSERT(mbedtls_ecdsa_raw_to_der(key_bits, input->x, input->len, tmp_buf, i, &ret_len) != 0); @@ -42,7 +41,7 @@ void ecdsa_raw_to_der_incremental(int key_bits, data_t *input, data_t *exp_resul } /* Test with an output buffer larger/equal than required (expexted to * succeed). */ - for (i = tmp_buf_len; i < (2 * tmp_buf_len); i++) { + for (i = exp_result->len; i < (2 * exp_result->len); i++) { TEST_CALLOC(tmp_buf, i); TEST_ASSERT(mbedtls_ecdsa_raw_to_der(key_bits, input->x, input->len, tmp_buf, i, &ret_len) == 0); From e093281a8b51a3d89e61c99b7ac28c7bae47fbfa Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 6 Feb 2024 15:00:58 +0000 Subject: [PATCH 1658/1674] Pacify check-names Signed-off-by: Dave Rodgman --- library/alignment.h | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/library/alignment.h b/library/alignment.h index fece47dc8..a17001dd9 100644 --- a/library/alignment.h +++ b/library/alignment.h @@ -83,9 +83,15 @@ typedef uint64_t __packed mbedtls_uint64_unaligned_t; * We don't enable for older than 4.5.0 as this has not been tested. */ #define UINT_UNALIGNED_STRUCT -typedef struct { uint16_t x; } __attribute__((packed)) mbedtls_uint16_unaligned_t; -typedef struct { uint32_t x; } __attribute__((packed)) mbedtls_uint32_unaligned_t; -typedef struct { uint64_t x; } __attribute__((packed)) mbedtls_uint64_unaligned_t; +typedef struct { + uint16_t x; +} __attribute__((packed)) mbedtls_uint16_unaligned_t; +typedef struct { + uint32_t x; +} __attribute__((packed)) mbedtls_uint32_unaligned_t; +typedef struct { + uint64_t x; +} __attribute__((packed)) mbedtls_uint64_unaligned_t; #endif /* From 2b6a7b37f40c01f63497782525421026ee697f22 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 6 Feb 2024 16:21:44 +0100 Subject: [PATCH 1659/1674] suite_psa_crypto_util: use 521 bits data and bit-size instead of 528 Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index f7e6ebace..eb205b905 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -125,20 +125,14 @@ depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 512 ecdsa_der_to_raw:512:"308184024011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111024022222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 # 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. -# Bit length is rounded up to 528 to be multiple of 8. ECDSA Raw -> DER, 521bit, Success depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 521 -ecdsa_raw_to_der:528:"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"30818802421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 - -ECDSA Raw -> DER, 521bit, Success (integers exactly 521 bits) -depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 521 -ecdsa_raw_to_der:528:"011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111012222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"30818802420111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242012222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 +ecdsa_raw_to_der:521:"011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111012222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"30818802420111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242012222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 # 512/521 bit sizes are useful to test sequence's length encoded with 2 bytes. -# Bit length is rounded up to 528 to be multiple of 8. ECDSA DER -> Raw, 521bit, Success depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 521 -ecdsa_der_to_raw:528:"30818802421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 +ecdsa_der_to_raw:521:"30818802420111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242012222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111012222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":0 ECDSA Raw -> DER, 256bit, Incremental DER buffer sizes depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 @@ -150,7 +144,7 @@ ecdsa_raw_to_der_incremental:512:"9111111111111111111111111111111111111111111111 ECDSA Raw -> DER, 521bit, Incremental DER buffer sizes depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 521 -ecdsa_raw_to_der_incremental:528:"911111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"3081890243009111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222" +ecdsa_raw_to_der_incremental:521:"011111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111012222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222":"30818802420111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110242012222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222222" ECDSA Raw -> DER, 256bit, DER buffer of minimal length (1 byte per integer) depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 From 6269f3baf497e3a9b8d5e9d8d40d8a9c4af144f6 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 6 Feb 2024 16:55:18 +0100 Subject: [PATCH 1660/1674] Revert "psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der()" This reverts commit d4fc5d9d1c76a6cb978ceb4cc74ec62b111b0007. Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 2 +- library/psa_util.c | 2 +- tests/suites/test_suite_psa_crypto_util.data | 4 ++++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index 9294d29bb..a5f09a4f4 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -188,7 +188,7 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa * * \param bits Size of each coordinate in bits. * \param raw Buffer that contains the signature in raw format. - * \param raw_len Length of \p raw in bytes. This must be at least + * \param raw_len Length of \p raw in bytes. This must be * PSA_BITS_TO_BYTES(bits) bytes. * \param[out] der Buffer that will be filled with the converted DER * output. It can overlap with raw buffer. diff --git a/library/psa_util.c b/library/psa_util.c index 7ce5eea03..674f21b9b 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -413,7 +413,7 @@ int mbedtls_ecdsa_raw_to_der(size_t bits, const unsigned char *raw, size_t raw_l unsigned char *p = der + der_size; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if (raw_len < 2 * coordinate_len) { + if ((raw_len < 2 * coordinate_len) || (raw_len > 2 * coordinate_len)) { return MBEDTLS_ERR_ASN1_INVALID_DATA; } diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index eb205b905..1d170297b 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -42,6 +42,10 @@ ECDSA Raw -> DER, 256bit, Invalid raw signature (1 byte shorter) depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA +ECDSA Raw -> DER, 256bit, Invalid raw signature (1 byte longer) +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 +ecdsa_raw_to_der:256:"1111111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA + ECDSA DER -> Raw, 256bit, Success depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":0 From cf81f6997759decd200a8953cd9d3f46f3de447a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 6 Feb 2024 16:57:12 +0100 Subject: [PATCH 1661/1674] psa_util: smarter raw length check in mbedtls_ecdsa_raw_to_der() Signed-off-by: Valerio Setti --- library/psa_util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_util.c b/library/psa_util.c index 674f21b9b..970274e3f 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -413,7 +413,7 @@ int mbedtls_ecdsa_raw_to_der(size_t bits, const unsigned char *raw, size_t raw_l unsigned char *p = der + der_size; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - if ((raw_len < 2 * coordinate_len) || (raw_len > 2 * coordinate_len)) { + if (raw_len != (2 * coordinate_len)) { return MBEDTLS_ERR_ASN1_INVALID_DATA; } From bb76f80218fa679eff384a1dace645d5faa5774f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 6 Feb 2024 16:57:23 +0100 Subject: [PATCH 1662/1674] pk_wrap: use proper raw buffer length in ecdsa_sign_psa() Signed-off-by: Valerio Setti --- library/pk_wrap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index c45fbd436..d61a7cbad 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -729,7 +729,7 @@ static int ecdsa_sign_psa(mbedtls_svc_key_id_t key_id, mbedtls_md_type_t md_alg, } done: - ret = mbedtls_ecdsa_raw_to_der(key_bits, sig, sig_size, sig, sig_size, sig_len); + ret = mbedtls_ecdsa_raw_to_der(key_bits, sig, *sig_len, sig, sig_size, sig_len); return ret; } From 1810fd9ac8f78be06558b3cdfacc70a9b3ece362 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 6 Feb 2024 17:02:49 +0100 Subject: [PATCH 1663/1674] add changelog Signed-off-by: Valerio Setti --- ChangeLog.d/7765.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/7765.txt diff --git a/ChangeLog.d/7765.txt b/ChangeLog.d/7765.txt new file mode 100644 index 000000000..3dd6b5d30 --- /dev/null +++ b/ChangeLog.d/7765.txt @@ -0,0 +1,3 @@ +Features + * Add functions mbedtls_ecdsa_raw_to_der() and mbedtls_ecdsa_der_to_raw() to + convert ECDSA signatures between raw and DER (ASN.1) formats. From e053cb2f12ad05b58406a28724b362eeffd09cdb Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 6 Feb 2024 14:57:43 +0000 Subject: [PATCH 1664/1674] Stop platform test failures with GCC and TSAN Signed-off-by: Paul Elliott --- tests/include/test/helpers.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h index 7c962a283..47d4dcd45 100644 --- a/tests/include/test/helpers.h +++ b/tests/include/test/helpers.h @@ -23,6 +23,10 @@ #if defined(__SANITIZE_ADDRESS__) /* gcc -fsanitize=address */ # define MBEDTLS_TEST_HAVE_ASAN #endif +#if defined(__SANITIZE_THREAD__) /* gcc -fsanitize-thread */ +# define MBEDTLS_TEST_HAVE_TSAN +#endif + #if defined(__has_feature) # if __has_feature(address_sanitizer) /* clang -fsanitize=address */ # define MBEDTLS_TEST_HAVE_ASAN From 30a303f1a8b856cfd6d44ad89754a018e49fb479 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 6 Feb 2024 19:45:11 +0100 Subject: [PATCH 1665/1674] ECDSA signature conversion: put bits first Metadata, then inputs, then outputs. https://github.com/Mbed-TLS/mbedtls/pull/8703#discussion_r1474697136 Signed-off-by: Gilles Peskine --- .../architecture/psa-migration/psa-legacy-bridges.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index e09d23c49..ec3fcd0b1 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -330,12 +330,12 @@ Based on the [gap analysis](#signature-formats): [ACTION] [#7765](https://github.com/Mbed-TLS/mbedtls/issues/7765) Implement `mbedtls_ecdsa_raw_to_der` and `mbedtls_ecdsa_der_to_raw` as described below. ``` -int mbedtls_ecdsa_raw_to_der(const unsigned char *raw, size_t raw_len, - unsigned char *der, size_t der_size, size_t *der_len, - size_t bits); -int mbedtls_ecdsa_der_to_raw(const unsigned char *der, size_t der_len, - unsigned char *raw, size_t raw_size, size_t *raw_len, - size_t bits); +int mbedtls_ecdsa_raw_to_der(size_t bits, + const unsigned char *raw, size_t raw_len, + unsigned char *der, size_t der_size, size_t *der_len); +int mbedtls_ecdsa_der_to_raw(size_t bits, + const unsigned char *der, size_t der_len, + unsigned char *raw, size_t raw_size, size_t *raw_len); ``` * These functions convert between the signature format used by `mbedtls_pk_{sign,verify}{,_ext}` and the signature format used by `psa_{sign,verify}_{hash,message}`. From 447bbce8b4e7fd95388dc365b71c09202cb3d238 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 7 Feb 2024 08:02:03 +0100 Subject: [PATCH 1666/1674] rsa: remove unnecessary check in priv/pub key parsing Signed-off-by: Valerio Setti --- library/rsa.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index b250e1d49..c8ea980e0 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -107,12 +107,9 @@ int mbedtls_rsa_parse_key(mbedtls_rsa_context *rsa, const unsigned char *key, si return ret; } + /* mbedtls_asn1_get_tag() already ensures that len is valid (i.e. p+len <= end)*/ end = p + len; - if (end > (key + keylen)) { - return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; - } - if ((ret = mbedtls_asn1_get_int(&p, end, &version)) != 0) { return ret; } @@ -243,12 +240,9 @@ int mbedtls_rsa_parse_pubkey(mbedtls_rsa_context *rsa, const unsigned char *key, return ret; } + /* mbedtls_asn1_get_tag() already ensures that len is valid (i.e. p+len <= end)*/ end = p + len; - if (end > (key + keylen)) { - return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; - } - /* Import N */ if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_INTEGER)) != 0) { return ret; From 3f557ad59c3279c00258be0660723290e9ee20af Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 7 Feb 2024 11:22:16 +0100 Subject: [PATCH 1667/1674] Wording improvement Signed-off-by: Gilles Peskine --- docs/architecture/psa-migration/psa-legacy-bridges.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/architecture/psa-migration/psa-legacy-bridges.md b/docs/architecture/psa-migration/psa-legacy-bridges.md index ec3fcd0b1..912344e31 100644 --- a/docs/architecture/psa-migration/psa-legacy-bridges.md +++ b/docs/architecture/psa-migration/psa-legacy-bridges.md @@ -340,5 +340,5 @@ int mbedtls_ecdsa_der_to_raw(size_t bits, * These functions convert between the signature format used by `mbedtls_pk_{sign,verify}{,_ext}` and the signature format used by `psa_{sign,verify}_{hash,message}`. * The input and output buffers can overlap. -* The `bits` parameter is necessary in the DER-to-raw direction because the DER format lacks leading zeros, so something else needs to convey the size of (r,s). The `bits` parameter is not needed in the raw-to-DER direction, but [it can help catch errors](https://github.com/Mbed-TLS/mbedtls/pull/8681#discussion_r1445980971) and the information is readily available in practice. +* The `bits` parameter is necessary in the DER-to-raw direction because the DER format lacks leading zeros, so something else needs to convey the size of (r,s). The `bits` parameter is redundant in the raw-to-DER direction, but we have it anyway because [it helps catch errors](https://github.com/Mbed-TLS/mbedtls/pull/8681#discussion_r1445980971), and it isn't a burden on the caller because the information is readily available in practice. * Should these functions rely on the ASN.1 module? We experimented [calling ASN.1 functions](https://github.com/Mbed-TLS/mbedtls/pull/8681), [reimplementing simpler ASN.1 functions](https://github.com/Mbed-TLS/mbedtls/pull/8696), and [providing the functions from the ASN.1 module](https://github.com/Mbed-TLS/mbedtls/pull/8703). Providing the functions from the ASN.1 module [won on a compromise of code size and simplicity](https://github.com/Mbed-TLS/mbedtls/issues/7765#issuecomment-1893670015). From 2840523ae4829984a9b163876351ab5b5a3e3dfc Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 7 Feb 2024 10:42:22 +0000 Subject: [PATCH 1668/1674] Remind contributors not to force-push Signed-off-by: Dave Rodgman --- .github/pull_request_template.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index a07e8abd1..586536c0c 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -18,3 +18,10 @@ Please tick as appropriate and edit the reasons (e.g.: "backport: not needed bec Please refer to the [contributing guidelines](https://github.com/Mbed-TLS/mbedtls/blob/development/CONTRIBUTING.md), especially the checklist for PR contributors. + +Help make review efficient: +* Multiple simple commits + - please structure your PR into a series of small commits, each of which does one thing +* No force-push + - please do not force-push to update your PR - just add new commit(s) + - use `git merge` (or the GitHub web interface) to resolve conflicts - not `git rebase` From c1a4d1f09a93d25f3037a3d56afaff3990811d94 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 7 Feb 2024 11:04:14 +0000 Subject: [PATCH 1669/1674] Remove comments about rebasing vs merging; link to longer RTD document Signed-off-by: Dave Rodgman --- .github/pull_request_template.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 586536c0c..55b5964b5 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -24,4 +24,4 @@ Help make review efficient: - please structure your PR into a series of small commits, each of which does one thing * No force-push - please do not force-push to update your PR - just add new commit(s) - - use `git merge` (or the GitHub web interface) to resolve conflicts - not `git rebase` +* See our [Guidelines for Contributors](https://mbed-tls.readthedocs.io/en/latest/reviews/review-for-contributors/) for more details about the review process. From 2a6593bbb628d72a1c5be18c254ecff6e4f3961c Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Wed, 7 Feb 2024 11:05:47 +0000 Subject: [PATCH 1670/1674] Slightly soften force-push suggestion Signed-off-by: Dave Rodgman --- .github/pull_request_template.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 55b5964b5..9d30412fd 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -22,6 +22,6 @@ checklist for PR contributors. Help make review efficient: * Multiple simple commits - please structure your PR into a series of small commits, each of which does one thing -* No force-push +* Avoid force-push - please do not force-push to update your PR - just add new commit(s) * See our [Guidelines for Contributors](https://mbed-tls.readthedocs.io/en/latest/reviews/review-for-contributors/) for more details about the review process. From affba30833d7b38d22670ba389fe9b71aaf158a5 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 7 Feb 2024 15:03:33 +0100 Subject: [PATCH 1671/1674] psa_util: update documentation for mbedtls_ecdsa_raw_to_der() Signed-off-by: Valerio Setti --- include/mbedtls/psa_util.h | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index a5f09a4f4..984f03154 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -192,12 +192,13 @@ static inline mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa * PSA_BITS_TO_BYTES(bits) bytes. * \param[out] der Buffer that will be filled with the converted DER * output. It can overlap with raw buffer. - * \param der_size Size of \p der in bytes. Given \p bits parameter: - * * #MBEDTLS_ECDSA_MAX_SIG_LEN(\p bits) can be used - * to determine a large enough buffer for any - * \p raw input vector. - * * The minimum size might be smaller in case - * \p raw input vector contains padding zeros. + * \param der_size Size of \p der in bytes. It is enough if \p der_size + * is at least the size of the actual output. (The size + * of the output can vary depending on the presence of + * leading zeros in the data.) You can use + * #MBEDTLS_ECDSA_MAX_SIG_LEN(\p bits) to determine a + * size that is large enough for all signatures for a + * given value of \p bits. * \param[out] der_len On success it contains the amount of valid data * (in bytes) written to \p der. It's undefined * in case of failure. From ef07fa0fc3a6d0a7ebff1777978a7799678f0bd4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 7 Feb 2024 15:16:45 +0100 Subject: [PATCH 1672/1674] test_suite_psa_crypto_util: add more test for raw->der Signed-off-by: Valerio Setti --- tests/suites/test_suite_psa_crypto_util.data | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 1d170297b..86f63ab85 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -2,10 +2,6 @@ ECDSA Raw -> DER, 256bit, Success depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":0 -ECDSA Raw -> DER, 256bit, Raw data too short -depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 -ecdsa_raw_to_der:256:"111111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA - ECDSA Raw -> DER, 256bit, DER buffer too small depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"304402201111111111111111111111111111111111111111111111111111111111111111022022222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_BUF_TOO_SMALL @@ -38,14 +34,22 @@ ECDSA Raw -> DER, 256bit, r and s only 1 byte of data with MSb set depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"000000000000000000000000000000000000000000000000000000000000009100000000000000000000000000000000000000000000000000000000000000A2":"300802020091020200A2":0 -ECDSA Raw -> DER, 256bit, Invalid raw signature (1 byte shorter) +ECDSA Raw -> DER, 256bit, Invalid raw signature (r 1 byte shorter) depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA -ECDSA Raw -> DER, 256bit, Invalid raw signature (1 byte longer) +ECDSA Raw -> DER, 256bit, Invalid raw signature (r and s 1 byte shorter) +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 +ecdsa_raw_to_der:256:"1111111111111111111111111111111111111111111111111111111111111122222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA + +ECDSA Raw -> DER, 256bit, Invalid raw signature (r 1 byte longer) depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_raw_to_der:256:"1111111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA +ECDSA Raw -> DER, 256bit, Invalid raw signature (r and s 1 byte longer) +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 +ecdsa_raw_to_der:256:"111111111111111111111111111111111111111111111111111111111111111111222222222222222222222222222222222222222222222222222222222222222222":"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA + ECDSA DER -> Raw, 256bit, Success depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"30440220111111111111111111111111111111111111111111111111111111111111111102202222222222222222222222222222222222222222222222222222222222222222":"11111111111111111111111111111111111111111111111111111111111111112222222222222222222222222222222222222222222222222222222222222222":0 From bda577bb0bd003206c7234ced60950faaa8a7ef7 Mon Sep 17 00:00:00 2001 From: Paul Elliott Date: Tue, 6 Feb 2024 17:49:20 +0000 Subject: [PATCH 1673/1674] Fix confusing comment in ctr drbg thread test Make it clearer where the magic number chosen for entropy_len actually comes from, and why we chose this value. Signed-off-by: Paul Elliott --- tests/suites/test_suite_ctr_drbg.function | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function index 425c43ef1..63524f25a 100644 --- a/tests/suites/test_suite_ctr_drbg.function +++ b/tests/suites/test_suite_ctr_drbg.function @@ -354,7 +354,12 @@ void ctr_drbg_threads(data_t *expected_result, int reseed, int arg_thread_count) const size_t n_random_calls = thread_count * thread_random_reps + 1; - /* Based on the size of MBEDTLS_CTR_DRBG_ENTROPY_LEN for SHA512. */ + /* This is a known-answer test, and although tests use a mock entropy + * function the input entropy length will still affect the output. + * We therefore need to pick a fixed entropy length, rather than using the + * default entropy length (MBEDTLS_CTR_DRBG_ENTROPY_LEN). We've chosen to + * use the default value of MBEDTLS_CTR_DRBG_ENTROPY_LEN for SHA-512, + * as this was the value used when the expected answers were calculated. */ const size_t entropy_len = 48; AES_PSA_INIT(); @@ -367,8 +372,8 @@ void ctr_drbg_threads(data_t *expected_result, int reseed, int arg_thread_count) test_offset_idx = 0; - /* Need to do this, otherwise if we are forced into using SHA256 for - * whaever reason, output will differ. */ + /* Need to set a non-default fixed entropy len, to ensure same output across + * all configs - see above for details. */ mbedtls_ctr_drbg_set_entropy_len(&ctx, entropy_len); if (reseed == 0) { From 1910390b4a819d5eaa582ad4a57483b4278e473f Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 7 Feb 2024 16:16:58 +0100 Subject: [PATCH 1674/1674] psa_util: improve leading zeros check in convert_der_to_raw_single_int() Signed-off-by: Valerio Setti --- library/psa_util.c | 15 +++++++++------ tests/suites/test_suite_psa_crypto_util.data | 16 ++++++++++++---- 2 files changed, 21 insertions(+), 10 deletions(-) diff --git a/library/psa_util.c b/library/psa_util.c index 970274e3f..fd119bf3d 100644 --- a/library/psa_util.c +++ b/library/psa_util.c @@ -488,18 +488,21 @@ static int convert_der_to_raw_single_int(unsigned char *der, size_t der_len, return ret; } - /* It's invalid to have MSb set without a leading 0x00 (leading 0x00 is - * checked below). */ - if ((*p & 0x80) != 0) { + /* It's invalid to have: + * - unpadded_len == 0. + * - MSb set without a leading 0x00 (leading 0x00 is checked below). */ + if (((unpadded_len == 0) || (*p & 0x80) != 0)) { return MBEDTLS_ERR_ASN1_INVALID_DATA; } /* Skip possible leading zero */ - if ((unpadded_len > 0) && (*p == 0x00)) { + if (*p == 0x00) { p++; unpadded_len--; - /* Only 1 leading zero is allowed, otherwise that's an error. */ - if (*p == 0x00) { + /* It is not allowed to have more than 1 leading zero. + * Ignore the case in which unpadded_len = 0 because that's a 0 encoded + * in ASN.1 format (i.e. 020100). */ + if ((unpadded_len > 0) && (*p == 0x00)) { return MBEDTLS_ERR_ASN1_INVALID_DATA; } } diff --git a/tests/suites/test_suite_psa_crypto_util.data b/tests/suites/test_suite_psa_crypto_util.data index 86f63ab85..807007b5e 100644 --- a/tests/suites/test_suite_psa_crypto_util.data +++ b/tests/suites/test_suite_psa_crypto_util.data @@ -110,13 +110,21 @@ ECDSA DER -> Raw, 256bit, Valid s only 1 zero byte depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 ecdsa_der_to_raw:256:"302502201111111111111111111111111111111111111111111111111111111111111111020100":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":0 -ECDSA DER -> Raw, 256bit, Valid 0-length r +ECDSA DER -> Raw, 256bit, Invalid 0-length r depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 -ecdsa_der_to_raw:256:"3024020002202222222222222222222222222222222222222222222222222222222222222222":"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":0 +ecdsa_der_to_raw:256:"3024020002202222222222222222222222222222222222222222222222222222222222222222":"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA -ECDSA DER -> Raw, 256bit, Valid 0-length s +ECDSA DER -> Raw, 256bit, Invalid 0-length s depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 -ecdsa_der_to_raw:256:"3024022011111111111111111111111111111111111111111111111111111111111111110200":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":0 +ecdsa_der_to_raw:256:"3024022011111111111111111111111111111111111111111111111111111111111111110200":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ASN1_INVALID_DATA + +ECDSA DER -> Raw, 256bit, Invalid r 2 leading zeros +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 +ecdsa_der_to_raw:256:"3027020300000102202222222222222222222222222222222222222222222222222222222222222222":"00000000000000000000000000000000000000000000000000000000000000002222222222222222222222222222222222222222222222222222222222222222":MBEDTLS_ERR_ASN1_INVALID_DATA + +ECDSA DER -> Raw, 256bit, Invalid s 2 leading zeros +depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256 +ecdsa_der_to_raw:256:"3027022011111111111111111111111111111111111111111111111111111111111111110203000001":"11111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000":MBEDTLS_ERR_ASN1_INVALID_DATA ECDSA DER -> Raw, 256bit, Invalid r: MSb set without leading zero depends_on:PSA_VENDOR_ECC_MAX_CURVE_BITS >= 256